WFTPD 3.25 Credential Disclosure

WFTPD 3.25 Credential Disclosure: Posted May 25, 2023; Authored by golem445; WFTPD version 3.25 leaves credentials accessible in wftpd.ini.; tags | exploit, info disclosure; SHA-256 | 84b7e59e7c79b2e7f54fe4511e8ee6e1626462eecb05c8c986d66ac424e88a4a; Download | Favorite | View

WFTPD 3.25 Credential Disclosure

# Exploit Title: WFTPD 3.25 - Unprotected Credential Storage
# Date: 04/01/2023
# Exploit Author: golem445
# Vendor Homepage: https://www.texis.com/
# Tested on: Windows 10
# CVE: CVE-2023-33263# 

#Description: 

Usernames and hashes are stored in an openly viewable wftpd.ini configuration file within the host WFTPD directory

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 66 files
Debian 23 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Jann Horn 2 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,168)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,977)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,004)
UNIX (9,477)
UnixWare (188)
Windows (6,784)
Other

WFTPD 3.25 Credential Disclosure

WFTPD 3.25 Credential Disclosure

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

WFTPD 3.25 Credential Disclosure

Share This

WFTPD 3.25 Credential Disclosure

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems