Hack Your ColdFusion Server To Test For Vulnerability Issues

1. Browse URL, http://hackmycf.com/

2. Fill-in the form. By right, your email should be using the same domain. In this example, it is not.
Click Scan My Server.


3. Since the email doesn't match the server, the site provides you an alternative.


3.1) Login to your ColdFusion Server and create the html file.
I do not show the file name for security reason. It's a combination of alphanumeric characters as required by the previous step.


4) A scan is performed and the result is sent to the email you gave earlier.


5) Open your mailbox to check for the report email.
Go through the report and take action if necessary.




6) In addition to your own hack, it is also recommended that you read the ...

List of ColdFusion Security Issues & Vulnerabilities Detected

...here, http://foundeo.com/hack-my-cf/coldfusion-security-issues.cfm