Steps to install apache-solr under tomcat6 on Amazon Ec2 Linux AMI

Ensure Java 1.7 is installed and is default selected JAVA_HOME or install yum install java-1.7.0-openjdk.x86_64 yum install java-1.7.0-openjdk-devel.x86_64 alternatives –update java 1. cd /usr/local/src 2. mkdir RPMS 3. cd RPMS 4. wget http://mirrors.dotsrc.org/jpackage/6.0/generic/free/RPMS/jpackage-release-6-3.jpp6.noarch.rpm 5. yum localinstall jpackage-release-6-3.jpp6.noarch.rpm 6. yum install tomcat6 (may need –nogpgcheck flag for dependencies) 7. wget ftp://ftp.pbone.net/mirror/www.jpackage.org/jpackage/5.0/generic/free/RPMS/jakarta-poi-3.2-1.jpp5.noarch.rpm 8. yum localinstall jakarta-poi-3.2-1.jpp5.noarch.rpm 9. […]

Coldfusion CFIDE bitcoin mining exploit – URL attack vectors

The MinerD / m32.exe file, the MD5 HASH for the file confirms it to be a variant of miner daemon. (lightcoin / bitcoin mining daemon) 2014-03-13 08:20:44 W3SVC1313602513 XX.XXX.XXX.234 GET /CFIDE/administrator/enter.cfm – 443 – 193.0.202.101 WWW-Mechanize/1.73 200 0 0 2014-03-13 08:20:45 W3SVC1313602513 XX.XXX.XXX.234 GET /CFIDE/adminapi/base.cfc wsdl 443 – 193.0.202.101 WWW-Mechanize/1.73 200 0 0 2014-03-13 08:20:47 […]

Coldfusion CFIDE bitcoin mining exploit – PHP involved…

¬†An additional file related to the compromise found at /CFIDE/updates.cfm <html> <body> <!— Created by S?bastien Denis – 1.0 : 23-nov-2004 1.1 : 03-fev-2005 – new action: synchronize ============================================================================ The FileManager can be use as a common file manager or as a CFMODULE use inside an application. ============================================================================ Depending of the action (fuseaction attributes), the […]

Coldfusion CFIDE bitcoin mining exploit?

Just found the following 2 new directories on multiple windows server 2003 installations of coldfusion 9:{wwwroot}/CFIDE/m32 3/13/2014contains:libcurl-4.dlllibwinpthread-1.dllm32.exezlib1.dlland{wwwroot}/CFIDE/m64 3/17/2014contains:libcurl-4.dlllibwinpthread-1.dllm64.exezlib1.dllWhen running m32.exe it appears that it’s some type of wrapper for a bitcoin mining operation: C:\Inetpub\wwwroot\CFIDE\m32>m32.exe m32.exe: no URL supplied Try `minerd –help’ for more information. C:\Inetpub\wwwroot\CFIDE\m32>minerd –help ‘minerd’ is not recognized as an internal or external […]

Steps to install apache-solr under tomcat6 on CentOS 6.2

Steps to install apache-solr under tomcat6 on CentOS 6.21. cd /usr/local/src2. mkdir RPMS3. cd RPMS4. wget http://mirrors.dotsrc.org/jpackage/6.0/generic/free/RPMS/jpackage-release-6-3.jpp6.noarch.rpm5. yum localinstall jpackage-release-6-3.jpp6.noarch.rpm6. yum install tomcat67. wget ftp://ftp.pbone.net/mirror/www.jpackage.org/jpackage/5.0/generic/free/RPMS/jakarta-poi-3.2-1.jpp5.noarch.rpm8. yum localinstall jakarta-poi-3.2-1.jpp5.noarch.rpm9. yum install ant10. chkconfig –level 3 tomcat6 on11. chkconfig –level 4 tomcat6 on12. chkconfig –level 5 tomcat6 on13. chkconfig –level 6 tomcat6 on14. cd /usr/share15. wget http://mirrors.sonic.net/apache/lucene/solr/3.6.0/apache-solr-3.6.0.tgz16. […]

Coldfusion – Running the Application server separate from the Webserver with a Windows OS

Steps to create distributed coldfusion application server tied to a seperate IIS webserver:Install and configure CF9 standalone application server on application server machine.Install CF9 application server on webserver and configure it to use IIS, then stop and disable all codfusion services using the servicesadministration tool.On the Application server open the file C:\ColdFusion9\runtime\lib\security.properties and Add the internal and external IP addressesof […]