Skip to main content
M
MyStudentsProgress
Participating Frequently
December 11, 2013
Question

CF9.02 CFIDE HACKED!!

  • December 11, 2013
  • 2 replies
  • 1659 views

It appears our CF9.02 ide has been "hacked", I have located a file that only exists on one of our servers date stamped with the date stamp of issues we are having it is located in ../CFIDE/debug/includes file name cf_debug_main.cfm , anyone else experience this? Or any clues as how this would have been placed here? Our firewall has all but port 80 and 443 locked down to this server from any ip address other than our office.

This topic has been closed for replies.

2 replies

M
MyStudentsProgressAuthor
Participating Frequently
May 12, 2015

Moderator please delete this thread.

pete_freitag
pete_freitag
Participating Frequently
December 11, 2013

There should be a file in that directory named cf_debug_main.js -- what are the contents of the cfm file?  Was the server patched with the latest security hotfixes? There is an exploit that could cause files to be uploaded under /CFIDE if not locked down properly, it was patched by Adobe just under a year ago.

M
MyStudentsProgressAuthor
Participating Frequently
December 11, 2013

Yes that .js file is there , this is a file that only exists on this server date stamped yesterday (we have 4 other servers all running same verison of CF) when the issues started. AFAIK I have latest patches on server I installed 9.02 in the http server logs there is calls specifically to that file -- it is encrypted so I can't view it's contents.

Firefly Community Gallery
Adobe Firefly

Remix with Firefly Community Gallery

Thousands of free creations to fall in love with and remix in Firefly.

Explore now
Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices