https://github.com/l4rm4nd/filezilla-password-decryptor
Python script to brute force the clear text password of FileZilla's XML file
https://github.com/l4rm4nd/filezilla-password-decryptor
Last synced: 6 months ago
JSON representation
Python script to brute force the clear text password of FileZilla's XML file
- Host: GitHub
- URL: https://github.com/l4rm4nd/filezilla-password-decryptor
- Owner: l4rm4nd
- Created: 2020-01-15T14:34:11.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2021-07-08T11:21:28.000Z (over 4 years ago)
- Last Synced: 2025-03-28T07:20:33.149Z (6 months ago)
- Language: Python
- Homepage:
- Size: 13.7 KB
- Stars: 6
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# FileZilla-Password-Decryptor
This Python script can be used to crack FileZilla passwords stored in a "FileZilla Server.xml" file. Extract the password and salt strings from the XML file into the Python script and use the --wordlist parameter to state your password list for the brute forcing attack. The script will then compute each SHA512 hash and compare it to your password hash. If a match has been calculated, the clear text password will be displayed.
Note: FileZilla's XML file escapes special characters for the SALT string. So you will need to unescape them first (e.g. with BurpSuite's Decoder, using "Smart Decode")! Then specify it in the Python script and escape all characters with a backslash that may break Python's string syntax.
```
& = &
< = <
' = '
" = "
> = >
# Example
Escaped: `!U3`CQ;a&3IzbXc/4Wpb\)OZ3TsXP;'Wx#^K"Tu_XX.K'o<'c&A:vItTX-M|Z0Y
Unescaped: `!U3`CQ;a&3IzbXc/4Wpb\)OZ3TsXP;'Wx#^K"Tu_XX.K'o<'c&A:vItTX-M|Z0Y
```
### Usage:
python decrypt.py --wordlist /path/to/password/wordlist
### Example:
python decrypt.py --wordlist /opt/wordlists/rockyou.txt