• Background
    • Awards
    • Biography
    • Resume
  • Blog
    • Articles
    • Cookie Policy
    • Galleries
      • Photo Gallery
      • Video Gallery
    • Glossary
  • Contact
    • Contact
    • Social Networks
  • IT
    • Downloads
      • Windows
    • Equipment
    • Hardware
    • Software
    • Testimonial
    • Information Technology
  • Projects
    • Business Projects
    • HackBook Projects
    • Hackintosh Projects
    • Website Projects
    • More Projects
  • Service Rates
    • Business Rates
    • Residential Rates

CFIDE/administrator

Tuesday, January 20, 2015 Articles, Tips Comments Off on CFIDE/administrator

It took me a few seconds to realize that hackers (actually Script Kiddies for Italy and Morocco) were trying to get into an Adobe Cold Fusion server that I monitor. Unfortunately for them, they lack the ports information needing to find it on the server as it seems they were only trying port 80 (which is public) and alerted me to their actions.

If you have such a server, avoiding port 80 and port 8500 would be the sensible thing to do as those port are well known to everyone, including exploiters. Don’t think your server will be found? Well, I have bad news for you. Search Engines, like Google and Bing, will bring them right to your doorstep with a query of inurl:”/CFIDE/administrator/” and if you do not believe me, ask yourself, how did I locate this page?

https://www.youtube.com/watch?v=2xkKcSf87Ng

http://domain.tld:8500/CFIDE/administrator/index.cfm
http://domain.tld:80/CFIDE/administrator/index.cfm
http://domain.tld:80/CFIDE/ks.php

Index of /CFIDE/administrator

Parent Directory
Application.cfm
aboutcf.cfm
analyzer/
appinstaller/
archives/
cfadmin.css
cftags/
checkfile.cfm
classes/
components/
custommenu.xml
datasources/
debugging/
enter.cfm
entman/
eventgateway/
extensions/
favicon.ico
filedialog/
footer.cfm
forbidden.cfm
header.cfm
help/
homepage.cfm
images/
include/
index.cfm
j2eepackaging/
linkdirect.cfm
logging/
login.cfm
login_migration.cfm
logout.cfm
logviewer/
mail/
menu.js
monitor/
navserver.cfm
reports/
resources.cfm
scanner/
scheduler/
security/
settings/
setup/
sha1.js
skin/
solr/
styles.cfm
tools/
topnav.cfm
verity/
wizards/

The following two tabs change content below.
  • Bio
  • Latest Posts
facebook-profile-picture
My Twitter profileMy Facebook profileMy LinkedIn profileMy Pinterest profileMy YouTube channel

Stephan Pringle

Chief Executive Officer at Sipylus
About The Author: Stephan Pringle is an Information Technology Specialist. He covers hardware and software and provides tips for you to troubleshoot and repair issues on your own. In his spare time, he writes articles about the State of New York on his Hackintosh and HackBook and that has helped him to become the top contributor of the New York City section of Yahoo! Answers.
facebook-profile-picture
My Twitter profileMy Facebook profileMy LinkedIn profileMy Pinterest profileMy YouTube channel

Latest posts by Stephan Pringle (see all)

  • Spoofed: Where are you? - Wednesday, November 6, 2019

Related posts:

  1. Administrator
  2. Hide the Administrator Account
  3. Port Scanning
  4. Administrator Command Prompt
  5. Ports
  6. Welcome to nginx!
  7. Directory Index Filenames
  8. Microsoft Exchange on an iPhone
  9. No Signal
  10. Index of /
  11. Domain Extensions
  12. Uninstall Toolbars from Google Chrome
  13. Components for Parallels Plesk Panel
  14. Fixing a 400 Bad Request
  15. Create an EFI Partition
  16. No Access to cPanel
  17. No Access to WHM
  18. No Access to Webmail
  19. Apple Mobile Device Ethernet
  20. Network Printer on Windows XP

Comments are closed.




Copyright © 1990-2020 Stephan Pringle. All rights reserved.

Stephan Pringle

IT Technical Support Specialist

  • Keyword Search

  • Translator

  • Topic Sponsor

  • Social Networks

    twitterfacebookgooglepluspinterestlinkedinxingmyspacebloggertumblrtypepadwordpressgowallaflickrsoundcloudspotifylastfmyoutubevimeodeviantartdribbbledeliciousdiggredditstumbleuponrssemailfriendfeedskype
By continuing to use this site, you are consenting to our use of cookies. Learn more