Death Merchant: Wall of Shame

Todays wall of shame contestant is http://www.foreclosuredata.com/index.cfm/fuseaction/properties.results/state/NJ/County/Morris. Lets not talk about why I was searching through for closures. This was for a friend.

I'm no expert but it looks like this ColdFusion build is ripe for being exploited - oh wait! I am!

The error occurred in D:\hshome\netcom3\foreclosuredata.com\_view\vProperties\dsp_propertySearchResults.cfm: line 146
Called from D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm: line 113
Called from D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm: line 86
Called from D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm: line 31
Called from D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm: line 1
Called from D:\hshome\netcom3\foreclosuredata.com\fusebox40.runtime.cfmx.cfm: line 203
Called from D:\hshome\netcom3\foreclosuredata.com\index.cfm: line 3

144 :                  
145 :               <cfelse>
146 :                <a href="#request.self#/fuseaction/properties.details/propertyId/#search.propertyId#/">Details...</a>    
147 :                </cfif>
148 :           </cfif>

Resources:

Check the ColdFusion documentation to verify that you are using the correct syntax.
Search the Knowledge Base to find a solution to your problem.

Browser	Mozilla/5.0 (X11; Linux i686) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.30 Safari/536.5
Remote Address	68.80.113.1
Referrer
Date/Time	24-Apr-12 10:01 PM

Stack Trace

at cfdsp_propertySearchResults2ecfm724571389.runPage(D:\hshome\netcom3\foreclosuredata.com\_view\vProperties\dsp_propertySearchResults.cfm:146) at cfparsed2eproperties2eresults2ecfm1779626156._factor9(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:113) at cfparsed2eproperties2eresults2ecfm1779626156._factor12(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:86) at cfparsed2eproperties2eresults2ecfm1779626156._factor21(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:31) at cfparsed2eproperties2eresults2ecfm1779626156.runPage(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:1) at cffusebox402eruntime2ecfmx2ecfm1174499663.runPage(D:\hshome\netcom3\foreclosuredata.com\fusebox40.runtime.cfmx.cfm:203) at cfindex2ecfm2088847812.runPage(D:\hshome\netcom3\foreclosuredata.com\index.cfm:3)

coldfusion.runtime.Cast$ComplexByteArrayException: ByteArray objects cannot be converted to strings.
 at coldfusion.runtime.Cast._String(Cast.java:672)
 at cfdsp_propertySearchResults2ecfm724571389.runPage(D:\hshome\netcom3\foreclosuredata.com\_view\vProperties\dsp_propertySearchResults.cfm:146)
 at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:152)
 at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:349)
 at coldfusion.runtime.CfJspPage._emptyTag(CfJspPage.java:1915)
 at cfparsed2eproperties2eresults2ecfm1779626156._factor9(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:113)
 at cfparsed2eproperties2eresults2ecfm1779626156._factor12(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:86)
 at cfparsed2eproperties2eresults2ecfm1779626156._factor21(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:31)
 at cfparsed2eproperties2eresults2ecfm1779626156.runPage(D:\hshome\netcom3\foreclosuredata.com\parsed\parsed.properties.results.cfm:1)
 at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:152)
 at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:349)
 at coldfusion.runtime.CfJspPage._emptyTag(CfJspPage.java:1915)
 at cffusebox402eruntime2ecfmx2ecfm1174499663.runPage(D:\hshome\netcom3\foreclosuredata.com\fusebox40.runtime.cfmx.cfm:203)
 at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:152)
 at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:349)
 at coldfusion.runtime.CfJspPage._emptyTag(CfJspPage.java:1915)
 at cfindex2ecfm2088847812.runPage(D:\hshome\netcom3\foreclosuredata.com\index.cfm:3)
 at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:152)
 at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:349)
 at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65)
 at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:225)
 at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:51)
 at coldfusion.filter.PathFilter.invoke(PathFilter.java:86)
 at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:69)
 at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)
 at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)
 at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)
 at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
 at coldfusion.filter.RequestThrottleFilter.invoke(RequestThrottleFilter.java:115)
 at coldfusion.CfmServlet.service(CfmServlet.java:107)
 at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:78)
 at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:91)
 at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)
 at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:257)
 at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:541)
 at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:204)
 at jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.java:318)
 at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:426)
 at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java:264)
 at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)

Death Merchant

Tuesday, April 24, 2012

Wall of Shame

No comments:

Post a Comment