• Background
    • Awards
    • Biography
    • Resume
  • Blog
    • Articles
    • Cookie Policy
    • Galleries
      • Photo Gallery
      • Video Gallery
    • Glossary
  • Contact
    • Contact
    • Social Networks
  • IT
    • Downloads
      • Windows
    • Equipment
    • Hardware
    • Software
    • Testimonial
    • Information Technology
  • Projects
    • Business Projects
    • HackBook Projects
    • Hackintosh Projects
    • Website Projects
    • More Projects
  • Service Rates
    • Business Rates
    • Residential Rates

CFIDE/administrator

Tuesday, January 20, 2015 Articles, Tips Comments Off on CFIDE/administrator

It took me a few seconds to realize that hackers (actually Script Kiddies from Algeria, Canada, Italy, and Morocco) were trying to get into an Adobe Cold Fusion server that I monitor for a client. Unfortunately for them, they lack the ports information needing to find it on the server as it seems the idiots were only trying port 80 (which is public) and alerted me to their actions.

If you have such a server, avoiding port 80 and port 8500 would be the sensible thing to do as those port are well known to everyone, including exploiters. Don’t think your server will be found? Well, I have bad news for you. Search Engines, like Google and Bing, will bring them right to your doorstep with a query of inurl:”/CFIDE/administrator/” and if you do not believe me, ask yourself, how did I locate this page?

https://www.youtube.com/watch?v=2xkKcSf87Ng

http://domain.tld:8500/CFIDE/administrator/index.cfm
http://domain.tld:80/CFIDE/administrator/index.cfm
http://domain.tld:80/CFIDE/ks.php

Index of /CFIDE/administrator

Parent Directory
Application.cfm
aboutcf.cfm
analyzer/
appinstaller/
archives/
cfadmin.css
cftags/
checkfile.cfm
classes/
components/
custommenu.xml
datasources/
debugging/
enter.cfm
entman/
eventgateway/
extensions/
favicon.ico
filedialog/
footer.cfm
forbidden.cfm
header.cfm
help/
homepage.cfm
images/
include/
index.cfm
j2eepackaging/
linkdirect.cfm
logging/
login.cfm
login_migration.cfm
logout.cfm
logviewer/
mail/
menu.js
monitor/
navserver.cfm
reports/
resources.cfm
scanner/
scheduler/
security/
settings/
setup/
sha1.js
skin/
solr/
styles.cfm
tools/
topnav.cfm
verity/
wizards/

The following two tabs change content below.
  • Bio
  • Latest Posts
facebook-profile-picture
My Twitter profileMy Facebook profileMy LinkedIn profileMy Pinterest profileMy YouTube channel

Stephan Pringle

Chief Executive Officer at Sipylus
About The Author: Stephan Pringle is an Information Technology Specialist. He covers hardware and software and provides tips for you to troubleshoot and repair issues on your own. In his spare time, he writes articles about the State of New York on his Hackintosh and HackBook and that has helped him to become the top contributor of the New York City section of Yahoo! Answers.
facebook-profile-picture
My Twitter profileMy Facebook profileMy LinkedIn profileMy Pinterest profileMy YouTube channel

Latest posts by Stephan Pringle (see all)

  • Configuration.xml - Friday, March 12, 2021

Related posts:

  1. Local Administrator
  2. Hide the Administrator Account
  3. Port Scanning
  4. Administrator Command Prompt
  5. Ports
  6. Directory Index Filenames
  7. Welcome to nginx!
  8. Microsoft Exchange on an iPhone
  9. Index of /
  10. Domain Extensions
  11. No Signal
  12. Components for Parallels Plesk Panel
  13. Uninstall Toolbars from Google Chrome
  14. Fixing a 400 Bad Request
  15. Apple Mobile Device Ethernet
  16. Network Printer on Windows XP
  17. Clean Home Page URL
  18. Disable Hotlinking
  19. Use an ASUS AIO as an External Monitor
  20. Use a Dell AIO as an External Monitor

Comments are closed.




Copyright © 1990-2020 Stephan Pringle. All rights reserved.

Stephan Pringle

IT Technical Support Specialist

  • Keyword Search

  • Translator

  • Topic Sponsor

I am always working to improve your experience on my website. Part of this involves using cookies to collect anonymous data for statistics and personalization. Learn more