60
tj093
3y

Today FileZilla saved my life by storing all site connection passwords in base64
Without it we'd have lost access to an old production server 👌

Comments
  • 2
    @ramen its how I found out a colleague's pw when he hooked me up with an xml file of connections 👀
  • 3
    FZ does indeed save it by base64, they didn't obfuscate it for a long time.. and now, they're even stating the obfuscator in the file itself...

    This is a huge security hole, when dealing with RATs etc. Even with base64 encoding.
  • 4
    Backdoor or exit door 🚪?
  • 2
    @African it's already the Suicide Window ;)
  • 1
    @xewl
    There's a fork exactly for that, fzs.
    And it doesn't bother you to update when you're opening the damn thing to use it.
  • 1
    @nbamaral worth looking into, cheers! (I only use it for quick uploads though)
Add Comment