Ask Your Question

Decrypt FTP login?

asked 2020-05-24 07:24:10 +0000

MimoiGaming gravatar image

Dear Community, if I record an FTP login that is done in a browser like Chrome, I can later read out the user name and password in Wireshark without any problems. But if the login is done in a program like FileZilla, the login and password will be encrypted. Is it possible to crack this encryption somehow?

Thanks in advance!

edit retag flag offensive close merge delete

1 Answer

Sort by ┬╗ oldest newest most voted

answered 2020-05-24 08:45:08 +0000

Guy Harris gravatar image

To quote the FileZilla home page:

Welcome to the homepage of FileZilla®, the free FTP solution. The FileZilla Client not only supports FTP, but also ''FTP over TLS (FTPS)'' and ''SFTP''. It is open source software distributed free of charge under the terms of the GNU General Public License.

(emphasis mine).

Chrome may be doing just boring old FTP, which does no encryption.

FileZilla may be doing FTP over TLS, which, just like HTTPS, encrypts the traffic, so just as everything will be encrypted with an HTTPS session, everything will be encrypted with an FTPS session.

It may also be doing SFTP, which is a protocol different from FTP (it's not, for example, FTP-over-SSH) that runs over SSH. Again, just as with anything else in an SSH session, it's all encrypted.

For FTP-over-TLS, Wireshark's TLS decryption mechanisms might be usable here, if you can get sufficient information.

For SFTP, Wireshark currently has no SSH decryption capabilities, so you'd be out of luck there unless some other program can decrypt it.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools



Asked: 2020-05-24 07:24:10 +0000

Seen: 1,011 times

Last updated: May 24 '20