• Background
    • Awards
    • Biography
    • Resume
  • Blog
    • Articles
    • Cookie Policy
    • Galleries
      • Photo Gallery
      • Video Gallery
    • Glossary
  • Contact
    • Contact
    • Social Networks
  • IT
    • Downloads
      • Windows
    • Equipment
    • Hardware
    • Software
    • Testimonial
    • Information Technology
  • Projects
    • Business Projects
    • HackBook Projects
    • Hackintosh Projects
    • Website Projects
    • More Projects
  • Service Rates
    • Business Rates
    • Residential Rates

CFIDE/administrator

Tuesday, January 20, 2015 Articles, Tips Comments Off on CFIDE/administrator

It took me a few seconds to realize that hackers (actually Script Kiddies) were trying to get into a Adobe Cold Fusion server that I monitor. Unfortunately for them, they lack the ports information needing to find it on the server as it seems they were only trying port 80 (which is public) and alerted me to their actions.

If you have such a server, avoiding port 80 and port 8500 would be the sensible thing to do as those port are well known to everyone, including exploiters. Don’t think your server will be found? Well, I have bad news for you. Search Engines, like Google and Bing, will bring them right to your doorstep with a query of inurl:”/CFIDE/administrator/” and if you do not believe me, ask yourself, how did I locate this page?

http://domain.tld:8500/CFIDE/administrator/index.cfm
http://domain.tld:80/CFIDE/administrator/index.cfm

Index of /CFIDE/administrator

Parent Directory
Application.cfm
aboutcf.cfm
analyzer/
appinstaller/
archives/
cfadmin.css
cftags/
checkfile.cfm
classes/
components/
custommenu.xml
datasources/
debugging/
enter.cfm
entman/
eventgateway/
extensions/
favicon.ico
filedialog/
footer.cfm
forbidden.cfm
header.cfm
help/
homepage.cfm
images/
include/
index.cfm
j2eepackaging/
linkdirect.cfm
logging/
login.cfm
login_migration.cfm
logout.cfm
logviewer/
mail/
menu.js
monitor/
navserver.cfm
reports/
resources.cfm
scanner/
scheduler/
security/
settings/
setup/
sha1.js
skin/
solr/
styles.cfm
tools/
topnav.cfm
verity/
wizards/

The following two tabs change content below.
  • Bio
  • Latest Posts
facebook-profile-picture
My Twitter profileMy Facebook profileMy LinkedIn profileMy Pinterest profileMy YouTube channel

Stephan Pringle

Chief Executive Officer at Sipylus
About The Author: Stephan Pringle is an Information Technology Specialist. He covers hardware and software and provides tips for you to troubleshoot and repair issues on your own. In his spare time, he writes articles about the State of New York on his Hackintosh and HackBook and that has helped him to become the top contributor of the New York City section of Yahoo! Answers.
facebook-profile-picture
My Twitter profileMy Facebook profileMy LinkedIn profileMy Pinterest profileMy YouTube channel

Latest posts by Stephan Pringle (see all)

  • OneUpdater by VOMPT Limited - Sunday, November 3, 2019

Related posts:

  1. Port Scanning
  2. Ports
  3. Directory Index Filenames
  4. Welcome to nginx!
  5. csf.deny
  6. Domain Privacy
  7. No Access to WHM
  8. Index of /
  9. Fixing a 400 Bad Request
  10. No Access to cPanel
  11. No Access to Webmail
  12. Administrator
  13. Hide the Administrator Account
  14. No Signal
  15. Say Farewell to Orkut
  16. Weblogic Bridge Message
  17. Clean Home Page URL
  18. en-GB.xml
  19. Custom Short URLs for a Website
  20. Missing Tags & Categories in WordPress

Comments are closed.

Copyright © 1990-2019 Stephan Pringle. All rights reserved.

Stephan Pringle

IT Technical Support Specialist

  • Keyword Search

  • Translator

  • Topic Sponsor

  • Social Networks

    twitterfacebookgooglepluspinterestlinkedinxingmyspacebloggertumblrtypepadwordpressgowallaflickrsoundcloudspotifylastfmyoutubevimeodeviantartdribbbledeliciousdiggredditstumbleuponrssemailfriendfeedskype
By using this site, you agree to the Terms of Use