Code being added to my web pages

Forum|Forum|12 years ago
January 27, 2014
1 reply
670 views

On two occasions, someone has managed to insert what appears to be malware code into one of my includes. I won't post the actual code, but it consists of a CFHTTP tag that references an IP address, and a CFOUTPUT tag that outputs the value of the CFHTTP. The site is not tied to a database, we only use CFINCLUDEs to simplify global edits (we're relatively new to ColdFusion). The site is hosted by one of Adobe's recommended CF hosting services. Any thoughts on how someone could be adding this code and what we can do to stop them?

This topic has been closed for replies.

Anit_Kumar

Community Manager

Hello Orogeny1,

Please make sure that you have applied the lockdown guide and server is fully patched. If still there is a security concern, then please send an email to psirt@adobe.com

Regards,

Anit Kumar

O

orogeny1Author

Participant

Thanks, I'm checking with the hosting service now. I'll let you know what they say.

C

CutterBl

Inspiring

This sounds like you've been the victim of a sql injection attack, or some other exploit. Make sure that you server is fully patched, that you are running your server in accordance with the Lockdown Guide, and that all of your queries are using queryparams (there is a queryparam scanner on RIAForge.org, I think)

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded