est. 1998 - v.19

Steps to install apache-solr under tomcat6 on Amazon Ec2 Linux AMI

Ensure Java 1.7 is installed and is default selected JAVA_HOME or install yum install java-1.7.0-openjdk.x86_64 yum install java-1.7.0-openjdk-devel.x86_64 alternatives –update java 1. cd /usr/local/src 2. mkdir RPMS 3. cd RPMS 4. wget 5. yum localinstall jpackage-release-6-3.jpp6.noarch.rpm 6. yum install tomcat6 (may need –nogpgcheck flag for dependencies) 7. wget 8. yum localinstall jakarta-poi-3.2-1.jpp5.noarch.rpm 9. yum install ant 10. chkconfig –level 3 tomcat6 on 11. chkconfig –level 4 tomcat6 on 12. chkconfig –level.. Read More

Coldfusion CFIDE bitcoin mining exploit – URL attack vectors

The MinerD / m32.exe file, the MD5 HASH for the file confirms it to be a variant of miner daemon. (lightcoin / bitcoin mining daemon) 2014-03-13 08:20:44 W3SVC1313602513 XX.XXX.XXX.234 GET /CFIDE/administrator/enter.cfm – 443 – WWW-Mechanize/1.73 200 0 0 2014-03-13 08:20:45 W3SVC1313602513 XX.XXX.XXX.234 GET /CFIDE/adminapi/base.cfc wsdl 443 – WWW-Mechanize/1.73 200 0 0 2014-03-13 08:20:47 W3SVC1313602513 XX.XXX.XXX.234 POST /CFIDE/adminapi/administrator.cfc method=login 443 – WWW-Mechanize/1.73 200 0 0 2014-03-13 08:20:49 W3SVC1313602513 XX.XXX.XXX.234 GET /CFIDE/administrator/settings/mappings.cfm.. Read More

Coldfusion CFIDE bitcoin mining exploit – PHP involved…

 An additional file related to the compromise found at /CFIDE/updates.cfm <html> <body> <!— Created by S?bastien Denis – 1.0 : 23-nov-2004 1.1 : 03-fev-2005 – new action: synchronize ============================================================================ The FileManager can be use as a common file manager or as a CFMODULE use inside an application. ============================================================================ Depending of the action (fuseaction attributes), the other attributes are… FUSEACTION OTHER ATTRIBUTES ============================================================================ PASSWORD If password is required to access the module. Display a.. Read More

Coldfusion CFIDE bitcoin mining exploit?

Just found the following 2 new directories on multiple windows server 2003 installations of coldfusion 9:{wwwroot}/CFIDE/m32 3/13/2014contains:libcurl-4.dlllibwinpthread-1.dllm32.exezlib1.dlland{wwwroot}/CFIDE/m64 3/17/2014contains:libcurl-4.dlllibwinpthread-1.dllm64.exezlib1.dllWhen running m32.exe it appears that it’s some type of wrapper for a bitcoin mining operation: C:\Inetpub\wwwroot\CFIDE\m32>m32.exe m32.exe: no URL supplied Try `minerd –help’ for more information. C:\Inetpub\wwwroot\CFIDE\m32>minerd –help ‘minerd’ is not recognized as an internal or external command, operable program or batch file. C:\Inetpub\wwwroot\CFIDE\m32>m32.exe minerd –help Usage: minerd [OPTIONS] Options: -a, –algo=ALGO specify the algorithm.. Read More

Steps to install apache-solr under tomcat6 on CentOS 6.2

Steps to install apache-solr under tomcat6 on CentOS 6.21. cd /usr/local/src2. mkdir RPMS3. cd RPMS4. wget yum localinstall jpackage-release-6-3.jpp6.noarch.rpm6. yum install tomcat67. wget yum localinstall jakarta-poi-3.2-1.jpp5.noarch.rpm9. yum install ant10. chkconfig –level 3 tomcat6 on11. chkconfig –level 4 tomcat6 on12. chkconfig –level 5 tomcat6 on13. chkconfig –level 6 tomcat6 on14. cd /usr/share15. wget tar xzvf apache-solr-3.6.0.tgz17. vi /usr/share/tomcat6/conf/Catalina/localhost/solr-example.xml <?xml version=”1.0″ encoding=”utf-8″?> <Context docBase=”/usr/share/apache-solr-3.6.0/example/solr/solr.war” debug=”0″ crossContext=”true”> <Environment name=”solr/home” type=”java.lang.String” value=”/usr/share/apache-s olr-3.6.0/example/solr” override=”true”.. Read More

Coldfusion – Running the Application server separate from the Webserver with a Windows OS

Steps to create distributed coldfusion application server tied to a seperate IIS webserver:Install and configure CF9 standalone application server on application server machine.Install CF9 application server on webserver and configure it to use IIS, then stop and disable all codfusion services using the servicesadministration tool.On the Application server open the file C:\ColdFusion9\runtime\lib\ and Add the internal and external IP addressesof the webserver here:jrun.trusted.hosts=, the application server open the file C:\ColdFusion9\runtime\servers\coldfusion\SERVER-INF\jrun.xmlLocate the configuration section for class=”jrun.servlet.jrpp.JRunProxyService” name=”ProxyService”> Ensure that the following.. Read More

Getting Your Windows Movie Maker WMV Movies Onto Your iPhone

I recently made a photo montage of my trip to China that I wanted to get onto my iPhone and through much trial and error, was finally successful. I had over 900 hi-res digital photos that I wanted to include in the video and I wanted pans, zooms, and smooth transitions. And I wanted music. I used Photo Story 3 (free from microsoft), Windows Movie Maker (free from MS), iTunes, (free from Apple),.. Read More

Implementing Compact Privacy Policies Under IIS

We have a client who runs an ecommerce package called storefront (we are in the process of moving them to AbleCommerce) A few weeks back, they began to hear customers complaining that they could not add items to their cart, or items in the cart would disappear. I traced this down to a cookie issue and updated default security settings in IE. The default security for the internet zone in IE 7.. Read More

Translate »