I have been able to successfully create a trojan that can be invoked
only using Java reflection such as below and easily installed into a
CFMX instance.
-Matt
On Wednesday, September 3, 2003, at 12:35 PM, Jochem van Dieten wrote:
> Matt Liotta wrote:
>> Whether cfobject is enabled or not doesn't affect the insecurity of a
>> CFMX installation for shared hosting. For example...
>>
>> <cfscript>
>> badThing = CreateObject("java", "a.BadThing");
>> // is the same as...
>> foo = "";
>> clazz = foo.getClass();
>> clazz = clazz.forName("a.badThing");
>> badThing = clazz.newInstance();
>> </cfscript>
>
> But that stills run in the Sandbox, because CF MX leverages the
> security built in to Java. So that means that all restrictions on
> the filesystem and ports still apply.
> What I am wondering is whether you can use this mechanism to
> either invoke a COM object or to access the runtime service or
> the security service. And if you can invoke COM objects, whether
> you still can after all JIntegra files have been removed.
>
> Jochem
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/lists.cfm?link=t:4
Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Your ad could be here. Monies from ads go to support these lists and provide more
resources for the community.
http://www.fusionauthority.com/ads.cfm
