CVE Certified
GHDB

inurl:"Sites.dat"+"PASS="

prev next

Google search: inurl:"Sites.dat"+"PASS="

Hits: 2695

Submited: 2005-11-03

FlashFXP has the ability to import a Sites.dat file into its current Sites.dat file, using this search query you are able to find websites misconfigured to share the flashfxp folder and subsequently the Sites.dat file containing all custom sites the victim has in their sitelist. the passwords are not clear text but if you import the sites.dat into flashfxp you can connect to the ftps and it automatically sends the password. you can also set flashfxp to not hide passwords and it will show you what the password is when it connects.