[Canvas] D2 Elliot, March 2014

DSquare Security sales at d2sec.com
Wed Mar 26 19:49:50 EDT 2014 

D2 Elliot has been updated with tons of new modules and features. With more
than 40 new web exploits you have now 370 exploits available in D2 Elliot. 
Payloads have been improved and dedicated OGNL payloads for Struts exploits 
have been developed.

In this update you will find new advanced modules called "Elliot Workflows". 
These modules are used for tools and complex exploitation like exploits 
chaining.

D2 Elliot Web Exploitation Framework is regularly updated with new exploits 
and tools to keep a high level of efficiency. If you need customized exploits 
or tools please contact us at info at d2sec.com 

For sales inquiries and orders, please contact sales at d2sec.com

--
DSquare Security, LLC
http://www.d2sec.com 


Changelog:

Exploits - Added:
 E-2 - Apache-Struts < 2.2.0 RCE Windows
 E-30 - Apache-Struts < 2.2.0 RCE Linux
 E-70 - Apache-Struts DebuggingInterceptor < 2.2.3.1 RCE Windows
 E-77 - Apache-Struts DebuggingInterceptor < 2.2.3.1 RCE Linux
 E-145 - Apache-Struts < 2.3.1.1 RCE Windows
 E-192 - Apache-Struts < 2.3.1.1 RCE Linux
 E-319 - Apache-Struts <= 2.3.14.1 RCE
 E-335 - Xibo 1.4.1 LFI
 E-336 - PineApp Mail-SeCure 3.70 livelog.html RCE
 E-337 - Sophos Web Protection Appliance 3.8.1 RCE
 E-338 - GLPI 0.84.1 RCE
 E-343 - SPIP ecran_securite connect Parameter RCE
 E-346 - Bilboplanet SQLi via auth
 E-347 - Pydio File Upload
 E-348 - Apache Roller OGNL Injection
 E-339 - Apache-Struts Showcase < 2.3.14.1 RCE Linux
 E-340 - Apache-Struts IncludeParams < 2.3.14.2 RCE Linux
 E-341 - Apache-Struts DefaultActionMapper < 2.3.15.1 RCE Linux
 E-342 - Apache-Struts ExceptionDelegator < 2.3.1.1 RCE Linux
 E-343 - HP PCM+ SNAC Registration Server UpdateCertificatesServlet File Upload
 E-344 - HP PCM+ SNAC Registration Server UpdateDomainControllerServlet File Upload
 E-345 - BigTree CMS 4.0 RC2 SQL Injection
 E-350 - Nuked-klaN 1.7.7 / SP4.4 SQL injection
 E-351 - Wordpress WP-FileManager 1.3.0 File Disclosure
 E-352 - Apache-Struts2 DevMode RCE Linux
 E-353 - Ginkgo CMS 5.0 SQL Injection
 E-354 - vBulletin 4.1.x RCE
 E-355 - HP SiteScope issueSiebelCmd 11.20 RCE
 E-356 - vBulletin 5.x Remote Administrator Injection
 E-357 - HP SiteScope runOMAgentCommand 11.20 RCE
 E-358 - TomatoCart 1.1.8 LFI
 E-359 - HP Intelligent Management Center BIMS UploadServlet File Upload
 E-361 - AdRotate library/clicktracker.php track Parameter SQL Injection
 E-362 - W3 Total Cache Plugin Remote Code Execution
 E-363 - Sophos Web Protection Appliance 3.7.8.1 File Disclosure
 E-364 - glFusion SQL Injection
 E-365 - Seportal 2.5 SQLi
 E-366 - vtiger CRM 5.4.0 SQLi
 E-367 - Joomla 3.2.1 SQL Injection
 E-368 - vtiger CRM 5.4.0 File Upload
 E-369 - appRain 3.0.2 SQL Injection
 E-370 - Sophos Web Protection Appliance 3.7.8.1 RCE

Workflows - Added:
 W-33 - SPIP usernames enumeration
 W-34 - Wordpress modules bruteforcer
 W-35 - Struts to RCE
 W-36 - Typo3 extensions bruteforcer

Payloads - Addes:
 P-53 - Ognl Blind Shell Command
 P-54 - Ognl Shell Command
 P-55 - Ognl File Upload
 P-56 - Ognl File Delete
 P-57 - Ognl Web Path Disclosure
 P-58 - Powershell based credentials dumper
 P-59 - PHP Upload Gate no alphanumeric

More information about the Canvas mailing list