Skip to main content
A
Anonymous
May 28, 2015
Question

Disabling CFEXECUTE without CF Administrator

  • May 28, 2015
  • 1 reply
  • 2280 views

I haven't touched ColdFusion in probably close to 5 years and I'm totally lost on how to manage the application server.  I have a friend who's server is getting hacked quite viciously right now.  They have uploaded a shell using a ColdFusion administrator exploit.  They have nicely hidden the shell, so I'm unable to locate it.  Previously I would search for all instances of CFEXECUTE in *.cfm pages and I would find it quickly and remove it.  I would like to disable CFEXECUTE all together, but the hackers have mangled the ColdFusion Administrator to the point that when I go to the security tab, I am redirected out of the Administrator all together.

Is there a configuration setting in an XML file perhaps that I can adjust to disable CFEXECUTE or is the setting in the ColdFusion Administrator the only option?

Thank you for any assistance anyone can offer.

This topic has been closed for replies.

1 reply

Anit_Kumar
Community Manager
Anit_KumarCommunity Manager
Community Manager
May 28, 2015

What is the version of ColdFusion in discussion here?

Regards,

Anit Kumar

A
Anonymous
May 28, 2015

This is ColdFusion 9.  The gentleman running the server wasn't well versed in security, so he did not have the latest hotfixes applied.  Since he brought me in for assistance, we have managed to apply the latest CF 9 updates/hotfixes, so we're at the latest CF 9 possible at this point.

Thanks,

Mike

Anit_Kumar
Community Manager
Anit_KumarCommunity Manager
Community Manager
May 28, 2015

Mike,

You can try the following to by pass login to CF Admin:-

1. Navigate to neo-security.xml at \ColdFusion9\lib.

2. Take a backup of the same and open it with notepad or any text editor.

3. Search for <var name='admin.security.enabled'><boolean value='false'/>

4. Change the "false" to "true" and save the file.

5. Restart ColdFusion 9 Application service.

Now you can login to CF Admin, with any password.

To disable any Tag, please enable Sandbox Security. Relevant doc: Adobe ColdFusion 9 * Using sandbox security

Once you have made all the necessary changes, please enable the Admin Security from CF Admin itself.

Regards,

Anit Kumar

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices