phf command execution vunerability

No explicit questions like "how do I hack xxx.com" please!
Post Reply
User avatar
bwhsh8r2
Newbie
Newbie
Posts: 1
Joined: 11 Apr 2006, 16:00
15

phf command execution vunerability

Post by bwhsh8r2 »

what programs can i use to exploit the phf command execution vunerability and or the Allaire ColdFusion 4.0x CFCACHE Vulnerability? any help would be grately appreciated.


thank you all who are more knowlagable than me and are willing to share their knowlage


max

User avatar
CommonStray
Forum Assassin
Forum Assassin
Posts: 1214
Joined: 20 Aug 2005, 16:00
16

Post by CommonStray »

The CFCACHE tag is a feature available in ColdFusion 4.x to perform template caching to increase page delivery performance by compiling and storing the output of CFML pages. When this tag is utilized in a .CFM page it creates several temporary files, including one that contains absolute filenames with directory path information, URL parameters and timestamps. In ColdFusion 4.0x, these files are stored in the same directory as the .CFM page, usually in a publicly accessible web document directory.

check out the Sans new and most widely used programs, Metasploit may be useful for what your wanting to do, also you may want to use Paros Proxy[/i]

Post Reply