On November 25, an archive containing about 6.7 GB of data (IP addresses, usernames, passwords) of 49,620 FortiGate VPN gateways affected by the CVE-2018-13379 vulnerability was made freely available.
Everyone wrote about it, but we are not interested in writing about what everyone writes. 🤷♂️ Therefore, according to our tradition, we took and analyzed the accounts from the uploaded files sslvpn_websession.
In total, there were 354,760 entries containing: IP, username (often an email address) and password. After clearing of garbage and duplicates, 197,021 entries remained.
The 10 most popular passwords (in parentheses, the place of the password, case-insensitive, in the top 100 passwords from all the leaks that we analyzed earlier
2️⃣ 123456 (1)
4️⃣ Password1 (29)
9️⃣ Password (5)
1️⃣0️⃣ [email protected]
of the interesting passwords that are not included in the top, you can mark the password Hello!. 🤣
10 most popular domains (the login part):
1️⃣ 0️⃣ acninc.com