I have been able to successfully create a trojan that can be invoked only using Java reflection such as below and easily installed into a CFMX instance.
-Matt On Wednesday, September 3, 2003, at 12:35 PM, Jochem van Dieten wrote: > Matt Liotta wrote: >> Whether cfobject is enabled or not doesn't affect the insecurity of a >> CFMX installation for shared hosting. For example... >> >> <cfscript> >> badThing = CreateObject("java", "a.BadThing"); >> // is the same as... >> foo = ""; >> clazz = foo.getClass(); >> clazz = clazz.forName("a.badThing"); >> badThing = clazz.newInstance(); >> </cfscript> > > But that stills run in the Sandbox, because CF MX leverages the > security built in to Java. So that means that all restrictions on > the filesystem and ports still apply. > What I am wondering is whether you can use this mechanism to > either invoke a COM object or to access the runtime service or > the security service. And if you can invoke COM objects, whether > you still can after all JIntegra files have been removed. > > Jochem > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm