Quote:
Originally Posted by Rob
I used Filezilla for years until a bunch of my sites got exploited. They were injecting this little bullshit php redirect that caused my sites to red flag. After going 10 rounds with my host, I finally figured it found it. Filezilla was saving site passwords in a plain text file, and it was being exploited. I'm not sure if they still do it, if not, I'll switch back. But if they still do, then fuck that shit. I'm not playing that game again.
 |
Yes; Filezilla still does this saved FTP passwords are saved as plan text in an XML file.
Example of the XML in filezilla
<Server>
<Host>GFY.COM</Host>
<Port>21</Port>
<Protocol>0</Protocol>
<Type>0</Type>
<User>GFY</User>
<Pass>Plantextpassword</Pass>
<Logontype>1</Logontype>
<TimezoneOffset>0</TimezoneOffset>
<PasvMode>MODE_DEFAULT</PasvMode>
<MaximumMultipleConnections>0</MaximumMultipleConnections>
<EncodingType>Auto</EncodingType>
<BypassProxy>0</BypassProxy>
<Name>GFY.COM</Name>
<Comments />
<LocalDir />
<RemoteDir />
<SyncBrowsing>0</SyncBrowsing>GFY.COM
</Server>