Yes he has. It wouldn't be following those procedures to say something like:
Dreamweaver makes a directory on your server that has the name _MMServerScripts that allows one to brute force passwords - for RDS or Administrator. And, as a lovely addition, you can search google for _MMServerScripts to find a bunch of vulnerable sites. That would be bad, as it would point out blaring holes in security. -----Original Message----- From: Mark A. Kruger - CFG [mailto:[EMAIL PROTECTED]] Sent: Monday, October 07, 2002 10:17 AM To: CF-Talk Subject: RE: CF 5 Hack I am following those procedures. I think I've been quite open about it. -mk -----Original Message----- From: Alex [mailto:[EMAIL PROTECTED]] Sent: Monday, October 07, 2002 12:00 PM To: CF-Talk Subject: Re: CF 5 Hack As a member of the CF community I suggest you follow proper ethical procedures. On Mon, 7 Oct 2002, Mark A. Kruger - CFG wrote: > Folks, > > We have a new client with a self-hosted server who has asked us to make some > emergency changes. He lost his previous developer and does not know where to > find him (.. and no - the site is not littlebopeep.com). He does not know > the cf administrator password and it's important that we get in to the > administrator. Short of re-installing, does anyone remember the hack to > reset the password? > > -mk > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm
