"FileZilla is a fast and reliable FTP client and server with lots of useful features and an intuitive interface." The FileZilla client stores passwords using weak XOR substitution with static cypher key.
* FileZilla versions 2.2.14b and 2.2.15
FileZilla saves configuration settings in two different locations:
* In an XML file
* In the Windows registry
The method used to save configuration settings depends on the preferences used by the user during the installation of FileZilla. Either way, all configuration settings are stored in cleartext, EXCEPT for the password. However, the password is stored using very weak XOR "encryption" which can be easily reversed.
There exists a problem in the way the XOR encryption is implemented because the same cipher key is always used. This key is hard-coded, which means that anyone can analyze the source code of the application and find it. Of course, this wouldn't be so easy if FileZilla wasn't an open source application.
Once the key is known, an attacker can use it to decrypt the password back to its cleartext form. Because the XOR cryptographic algorithm used is symmetric, the same key is used for both, encrypting and decrypting.
As mentioned before, the rest of the configuration settings are all in cleartext. Some information that would be useful for an attacker includes hostname of the server to connect to, default port, and username.
If successfully exploited, this vulnerability will allow an attacker to access FTP (or SFTP) servers with the privileges of the user whose configuration settings were stolen from.
In practice, this vulnerability could be exploited after a machine has been compromised, or by fooling the user into executing malicious code. Such code could dump the configuration settings, decrypt the password/s and sends them all to the attacker.
It is common to see many popular trojans out there that exploit weak encryption vulnerabilities of this type. These trojans dump the credentials of popular applications such as Internet Explorer, VNC or even dialup connections. FileZilla could be the next added application in the list of all those trojans with password-dumping features.
This vulnerability is somehow similar to the one found by Conde Vampiro in VNC 3 back in 1999. It's similar because in both cases we find an open source application using a fixed cipher key to decrypt passwords. Thus, making trivial to find the key.
The XML configuration file is found at: %programfiles%\FileZilla\FileZilla.xml
The configuration settings are saved in the registry in: Hive: HKEY_CURRENT_USER
Key: Software\FileZilla\Site Manager\[site_name]\
Where [site_name] is the name given to the connection by the user.
The password is saved in the previous key as a value with the following properties: Value: Pass
Type: REG_SZ (string terminated in NULL)
The cipher key can be found in Crypt.cpp and its value is: FILEZILLA1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ
Choose "Use secure mode" during the installation (this disables FileZilla from saving passwords), lockdown your client machines where the FileZilla client is installed, or update to a patched version which fixes this issue (if available).
Description: this tool asks the user for the "encrypted" password and
computes the cleartext version of the password
Other info: compile as a Win32 console application project in Visual C++
Copyright (C) 2005 pagvac (Adrian Pastor)
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
//PRE: decimal values representing ASCII chars,
// every three digits becomes one ASCII char
// e.g.: 042040063063
//POST: ASCII chars are copied back to buff
// e.g.: *(??
// the length of the new string is returned
int digit2char(char buff)
char tmp_buff, ascii_buff[MAX_SIZE];
unsigned int i=0, j=0, n=0, len=(strlen(buff)/3);
//PRE: buffer containing ASCII chars of cypher
// (rather than their numberic ASCII value)
//POST:length of cleartext password is returned
unsigned int decrypt(char buff)
unsigned int i, pos, len;
unsigned int len=0,i=0;
printf("Enter cypher (encrypted password)\ne.g.: 120125125112000\n->");
printf("You didn't enter a valid cypher!\n");
printf("It should be a numeric value whose length is multiple of 3\n");
printf("Ending program in %d seconds...\n", SLEEP_TIME/1000);