here's the code again incase pastebin killed that link http://pastebin.com/qvBTEP50
On Wed, Feb 22, 2012 at 11:12 AM, Dave Watts <dwa...@figleaf.com> wrote: > >> this code was somehow dropped into my friends cfide directory and ran, >> did lots of bad things, stole db passwords, changed his cf code, etc. >> >> http://pastebin.com/Jg2Cs0ch >> >> any idea how to protect from this kinda attack? >> thanks! > > I would recommend that you read the CF 9 Server Lockdown Guide: > > http://www.adobe.com/products/coldfusion/whitepapers/pdf/91025512_cf9_lockdownguide_wp_ue.pdf > > In this specific case, you shouldn't allow CF to write to any web > content directories by default, and you shouldn't allow file uploads > to any web content directories. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350029 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm