[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Decompile .cfm file (ColdFusion 9)

Posted on 2010-11-27
11
Medium Priority
?
2,828 Views
Last Modified: 2012-05-10
Hi there,

I need to decompile a .cfm file (ColdFusion 9) to make changes to it, but i lost my backup files and i have no way of editing my current .cfm file. Is there a way to do this?

I greatly appreciate the help.
0
Comment
Question by:ITXX
  • 7
  • 4
11 Comments
 
LVL 52

Expert Comment

by:_agx_
ID: 34224130
Are you talking about an encrypted file or just a regular page compiled an cached in (ie C:\ColdFusion9\wwwroot\WEB-INF\cfclasses) ?  
0
 

Author Comment

by:ITXX
ID: 34224160
The file is encrypted, i had moved my entire backup to another drive and now the drive is unreadable (i tried to undelete files but no luck).
0
 
LVL 52

Expert Comment

by:_agx_
ID: 34224247
If they're your own files, and were psuedo-encrypted with cfencode, there's unofficial versions of the decrypt algorithm floating around the net.  I've never used them. So I can't tell you if they work or not ..

http://stackoverflow.com/questions/4221494/why-cf8-encoded-cfm-file-doesnt-work-in-cf9-server
0
Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

 
LVL 52

Accepted Solution

by:
_agx_ earned 1500 total points
ID: 34224252
... as stated in the link, cfencode doesn't really encrypt files. Just obfuscates.  If your files were really encrypted - by some other program- you may be out of luck.
0
 

Author Comment

by:ITXX
ID: 34224255
Ok, ill look in to that.

Thanks.
0
 

Author Closing Comment

by:ITXX
ID: 34224257
Not was i expecting, but pointed me in another direction.
0
 
LVL 52

Expert Comment

by:_agx_
ID: 34224265
And what were you expecting?

A) You never mentioned WHAT you used to "encrypt" these files. If you want a more specific answer you need to provide more details ...

B) Just for future reference, you'll find most people are suspicious when it comes to questions about decrypting anything.  I chose to give you the benefit of the doubt, that you're not doing anything illegal.  But many people wouldn't.  Some wouldn't even answer you at all
0
 
LVL 52

Expert Comment

by:_agx_
ID: 34224271
>> If you want a more specific answer you need to provide more details ...

.. and if they're your files, you should be able to tell us what was used to "encrypt" them ;-)

0
 

Author Comment

by:ITXX
ID: 34224275
It asked me to put in a comment when i graded the solution with a B, didnt think it would show here...

Anyway, the system im working on was developed by someone who basically got lost and never came back, (i had a backup, but its gone as well) now our organization has this non working system after paying thousands of dollars. The only way to fix it is to modify this particular file where i can have it point to where we need it to thats all

I guess ill have to have someone re-develop a brand new system for us if i cant have this file modified.
0
 
LVL 52

Expert Comment

by:_agx_
ID: 34224300
didnt think it would show here...

Well that certainly makes it better.   ;-)  Anyway, if you're not doing anything illegal. Then next time don't give up so easily.  Some questions are answered quickly. Others require several exchanges. But both sides need to participate.

i had a backup, but its gone as well

Not to sound unsympathetic, but that's why multiple backups are a must. But one has to make the best of the situation they're in.  Anyway, my point remains.  In order to "decrypt" anything .. you have to know what was used to encrypt it.  No way around it.  

All CF files are compiled into java byte code (ie .class files).  Those *can't* be easily reversed into plain CFML code.  But it doesn't seem like that's what you're talking about.  Aside from that, when it comes to CF code, the best guess is they were obfuscated with cfencode.   As I said, there are plenty of unofficial tools that will decrypt such a file. But since they're unofficial, and some from sources I can't verify, I won't post direct links to them.  Caveat emptor.

But again, if you don't know what was used to do the encryption,  you're stuck with basic trial and error.  It's like looking at an encrypted hex string and asking what algorithm should be used to decrypt it?  There's simply no way to tell..

0
 
LVL 52

Expert Comment

by:_agx_
ID: 34224336
Frankly the more I look at this question, it sounds a little suspicious.  Some of your comments suggest you may be trying to decrypt code purchased from another company, not something your company wrote itself.  If that's true, most companies that sell software explicitly prohibit that.  You may want to review the terms about the legality of doing this ...
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, Even though I have created this Tutorial on My personal Blog, Some people might not able to find my website, So here i am posting it again Today, from the topic it is very clear that i will be showing you here the very basic usage of how we …
CFGRID Custom Functionality Series -  Part 1 Hi Guys, I was once asked how it is possible to to add a hyperlink in the cfgrid and open the window to show the data. Now this is quite simple, I have to use the EXT JS library for this and I achiev…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses
Course of the Month20 days, 14 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question