Skip to main content
Sign Up

FTP Credentials

Description

General

  • Documentation: https://tools.ietf.org/html/rfc959
  • Summary: File Transfer Protocol (FTP) is a network protocol designed for the transfer of files between a client and a server. This detector aims at finding FTP credentials in the form of variable assignments or a URI connection string.
  • IPs allowlist: This can be implemented on the server side.
  • Scopes: A given user can have a restricted access to some files and directories on the server.

Revoke the secret

A user credentials can be revoked or modified on the server side.

Check for suspicious activity

Logs can be stored and inspected on the server side.

Details for Username and password in ftp

  • Family: Other

  • Category: Data storage

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 5

  • Occurrences found for one million commits: 7.02

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions:
    - ^[aps]?cssc?~?$
    - ^lock$
    - ^storyboard(c|er)?~?$
    - ^xib$
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: false
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - ftp://

Examples

- text: |
    e-mail: trf at zju ftp://supernameHH:kjlrtq2017@givz.eju.edu.cn
    http://givz.eju.edu.cn/cgcourse TA-email: Evaluation  Assi
  connection_uri: ftp://supernameHH:kjlrtq2017@givz.eju.edu.cn
  username: supernameHH
  password: kjlrtq2017
  host: givz.eju.edu.cn
  scheme: ftp

- text: |
    e-mail: trf at zju ftp://supernameHH:$pwdStartingWithDollar2017@givz.eju.edu.cn
    http://givz.eju.edu.cn/cgcourse TA-email: Evaluation  Assi
  connection_uri: ftp://supernameHH:$pwdStartingWithDollar2017@givz.eju.edu.cn
  username: supernameHH
  password: $pwdStartingWithDollar2017
  host: givz.eju.edu.cn
  scheme: ftp

- text: |
    conn string sftp://supernameHH:kjlrtq2017@givz.eju.edu.cn:22
  connection_uri: sftp://supernameHH:kjlrtq2017@givz.eju.edu.cn:22
  username: supernameHH
  password: kjlrtq2017
  host: givz.eju.edu.cn
  port: '22'
  scheme: sftp

- text: |
    conn string sftp://supernameHH:kjlrtq2017@givz.eju.edu.cn:22/a/file/path
  connection_uri: sftp://supernameHH:kjlrtq2017@givz.eju.edu.cn:22/a
  database: a
  username: supernameHH
  password: kjlrtq2017
  host: givz.eju.edu.cn
  port: '22'
  scheme: sftp

- text: |
    conn string sftp://supernameHH:kjlrtq2017@givz.eju.edu.cn:22/a/file/path
  connection_uri: sftp://supernameHH:kjlrtq2017@givz.eju.edu.cn:22/a
  database: a
  username: supernameHH
  password: kjlrtq2017
  host: givz.eju.edu.cn
  port: '22'
  scheme: sftp

- text: |
    conn string sftp://anonymous:kjlrtq2017@givz.eju.edu.cn:22/my_db/file/path
  connection_uri: sftp://anonymous:kjlrtq2017@givz.eju.edu.cn:22/my_db
  database: my_db
  username: anonymous
  password: kjlrtq2017
  host: givz.eju.edu.cn
  port: '22'
  scheme: sftp

Details for Ftp credentials assignment

  • Family: Other

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 6.0

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions:
    - ^[aps]?cssc?~?$
    - ^lock$
    - ^storyboard(c|er)?~?$
    - ^xib$
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: false
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - ftp
- type: ContentWhitelistPreValidator
  patterns:
    - password
- type: ContentWhitelistPreValidator
  patterns:
    - user
- type: ContentWhitelistPreValidator
  patterns:
    - port
- type: ContentWhitelistPreValidator
  patterns:
    - '22'
    - '21'

Examples

- text: |
    sftp_config:
      host: '124.112.5.13'
      username: 'root'
      password: 'kjlrtq2017'
      port: 22
  host: 124.112.5.13
  username: root
  password: kjlrtq2017
  port: '22'

- text: |
    sftp_config:
      host: '124.112.5.13'
      username: 'iam-the-user'
      password: 'kjlrtq2017'
      port: 21
  host: 124.112.5.13
  username: iam-the-user
  password: kjlrtq2017
  port: '21'

- text: |
    sftp_config:
      host: '124.112.5.13'
      username: 'iam-the-user'
      password: 'kjlrtq2017-long3r.th@nusu@l'
      port: 21
  host: 124.112.5.13
  username: iam-the-user
  password: kjlrtq2017-long3r.th@nusu@l
  port: '21'

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

How can I help you ?