>>It's daft to facilitate the [potentially dangerous thing] And I don't know if everyone knows why is was insecure to have the Administrator in a conventional place. I got my server hacked like many of us, and I checked in the logs how the guy had access to the administrator. I discovered that there used to be in the administrator an undocumented function allowing to enter in it BYPASSING the password protection. Apparently the hacker has discovered this function. Very clever indeed from the developpers! ;-)
Note: I know it is not a good idea to reveal hacking techniques, but this one is about 4 years old and if there still exist servers unprotected against it, they must have been haked a long time ago. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:358125 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
