본문 바로가기

업무이야기/Security

Fortinet FortiSandbox Shell mode

by 쫑콩아빠 2021. 1. 20.
728x90

FortiSandbox Shell mode

Then in cli, run 'fnsysctl shell', login with 'fsa_support/Support@FSA1’

cd /drive0/public/clean/20170623/04/2841/3404914715784600920

sandbox-jobs-move -e3404914715784600920.meta

strings 3404914715784600920.meta

tar -czvf kbbank.gz *

cp kbbank.gz /web/static/

https://FSA_IP/static/파일명

reset-bulidno

Please provide me more information as below ;

  1. Go to FortiView > File Scan Search and click button of customize. You can see menu of "Job View Setting". Then please enable Column Headers for "Job ID".
  2. Please export two type files for FSA as below ;

2-1. CLI of "sandbox-jobs-move -p -j[JOB ID]". It is example as below ;

Step1> # sandbox-jobs-move -p -j3429900306737006651
/Storage/clean/20170710/00/2754/3429900306737006651

Step2> #tar -czvf j3429900306737006651.gz /Storage/clean/20170710/00/2754/3429900306737006651
Step3> #cp j3429900306737006651.gz /web/static/
Step4> On web browser, https://FSA_IP/static/j3429900306737006651.gz

2-2. CLI of " cp /ramdisk/FortiSandboxGUI.db /web/static/"

Step1> On web browser, https://FSA_IP/static/FortiSandboxGUI.db

So, please export 6 job ID files and 1 fortisandboxGUI.db file and attach these files in this case.

 

728x90