On November 25, an archive containing about 6.7 GB of data (IP addresses, usernames, passwords) of 49,620 FortiGate VPN gateways affected by the CVE-2018-13379 vulnerability was made freely available.
Everyone wrote about it, but we are not interested in writing about what everyone writes. 🤷♂️ Therefore, according to our tradition, we took and analyzed the accounts from the uploaded files sslvpn_websession.
In total, there were 354,760 entries containing: IP, username (often an email address) and password. After clearing of garbage and duplicates, 197,021 entries remained.
The 10 most popular passwords (in parentheses, the place of the password, case-insensitive, in the top 100 passwords from all the leaks that we analyzed earlier
1️⃣ Temporal2020
2️⃣ 123456 (1)
4️⃣ Password1 (29)
5️⃣ Juzgado2020
6️⃣ asdf123.
7️⃣ Octubre2020
8️⃣ macaw777
9️⃣ Password (5)
1️⃣0️⃣ [email protected]
of the interesting passwords that are not included in the top, you can mark the password Hello!. 🤣
10 most popular domains (the login part):
1️⃣ cjf.gob.mx
2️⃣ cgi.com
3️⃣ magna.com
4️⃣ cendoj.ramajudicial.gov.co
5️⃣ rexel.com.cn
6️⃣ prenatalretailgroup.com
7️⃣ ol.na
8️⃣ telenav.cn
9️⃣ emilfrey.fr
1️⃣ 0️⃣ acninc.com
