[Canvas] D2 Exploitation Pack 1.96, January 5, 2015
DSquare Security
sales at d2sec.com
Tue Jan 5 17:20:15 EST 2016
D2 Exploitation Pack 1.96 has been released with two new exploits and
two new tools.
This month we provide you a remote exploit for ManageEngine Desktop
Central and a client side exploit for Schneider Electric ProClima which
has been included in D2 Client Insider.
Also you can find a tool to extract urls from index page and another one
to export databases from a MongoDB server.
D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.
For sales inquiries and orders, please contact sales at d2sec.com
--
DSquare Security, LLC
http://www.d2sec.com
Changelog:
version 1.96 January 5, 2016
------------------------------
canvas_modules - Added :
- d2sec_desktopcentral3 : ManageEngine Desktop Central 9.0.0 FileUploadServlet File Upload Remote Code Execution Vulnerability (Web Exploit)
- d2sec_f1book : Schneider Electric ProClima F1BookView ActiveX Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_extracturl : Tool to extract and to test urls from a index webpage (Tools)
canvas_modules - Updated :
- d2sec_clientinsider updated with new exploit
d2sec_modules - Added:
- d2sec_mongodb_scraper : Tool to list and to export databases from MongoDB servers (Tools)
More information about the Canvas
mailing list