DefPack Exploitation Pack for CANVAS, is commercial CANVAS Exploitation Pack (CEP). Due to the product continuous update in nature, so we prepare this post for those who interest to know what is include inside. Latest update will be show on the top, while older update will be auto show below. This post will keep update and the post date will follow the latest date, so it will show one post date, rather than multiple post for hassle free reading in one post. This post is about CANVAS Exploitation Pack (CEP) DefPack, it need to be use with CANVAS Exploitation Testing Framework. Feel free to contact E-SPIN for product inquiry and support.
DefPack Exploitation Pack for CANVAS Product Overview
This is an attempt to provide pentesters with a most comprehensive collection (almost 100 exploits) of Defense software vulnerabilities illustrated in a one DefPack Exploits Package.
Antiviruses, IDS and IPS systems, Firewalls, Account Management systems, End-point protection software and more are targeted.
Defense Software is very special due to its wide usage and critical nature, so we think this pack is a “MUST HAVE” for security experts.
The pack contains mostly exploits for public vulnerabilities along with some 0days discovered GLEG.
The “DefPack” features:
- Critical value
Ability to test your defense software and to measure real threat
- Nicest public Defense software vulnerabilities coverage!
Including old and newly discovered bugs
- 0 Days exploits
We conduct our own in depth research and provide you with tools and sploits, which could be helpfull for Defense software pentesting.
- Weak points analyses
Some systems suffer from weaknesses like hardcoded passwords and etc. We provide tools to test such cases.
2020-Feb-29 Def 1.52 news:
– TP-Link TP-SG105E 1.0.0 – Unauthenticated Remote Reboot. public
– Huawei HG255 Directory Traversal. public
– Citrix Gateway Directory Traversal Vulnerability. public
– Aptina AR0130 960P 1.3MP Camera – Remote Configuration Disclosure. CVE-2019-20213
2020-Jan-28 1.51 Defpack updates:
– Bullwark Momentum Series JAWS 1.0 Directory Traversal. public
– NVMS 1000 network video monitoring Directory Traversal. public
2019-Dec-31 DefPack 1.50 network devices vulns:
– Moxa EDR-810 Information Disclosure. CVE-2019-10963
– Yealink VoIP Phone SIP-T38G Local File Inclusion. public
– V-SOL GPON/EPON OLT Platform 2.03 Configuration Download. public
2019-Dec-5 1.49 DefPack:
– ZTE ZXHN H108N info disclose. public
– XiongMai ip cameras Path Traversal. public
– Vivotek IP Cameras Credentials Leakage via Path Traversal
2019-Nov-1 1.48 Defpack:
– Jovision IP camera Credential Disclosure. public
– Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure. public
– Fibrehome HG110 Compromise of all configuration details Vulnerability. public
– Belkin Router N150 Path Traversal Vulnerability. public
2019-Sep-29 1.47 Defpack:
– Cisco RV300 RV320 Information Disclosure. CVE-2019-1653
– Cisco Video Surveillance Operations Manager DirTraversal. public
– Path Traversal in Gateway in Mirasys DVMS Workstation. CVE-2018-8727
– 3Com Intelligent Management Center vuln
2019-Sep-1 1.46 ver. of DefPack contains 3 modules:
– FortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure. [CVE-2018-13379] – SecuCON NVR Directory Traversal. [public] – Trend Micro Deep Discovery Inspector Commandline Injection. [public]
2019-Jul-29 1.45 DefPack:
ag_InstarVision_DoS_PoC – InstarVision Surveillance Center Denial of Service. [1Day] ag_InstarVision_v2x_DoS – InstarVision Deutschland GmbH Surveillance Center Denial of Service. [1Day] ag_yawcam_fd – Yawcam 0.6.0 – Directory Traversal Vulnerability. CVE listed
2019-Jul-24 1.44 ver. of DefPack contains 3 modules. List:
– AXIS M1125 Remote Command Execution. CVE-2015-8257
– Actiontec WEB6000Q WiFi Network Extender Denial of Service.
2019-Jun-3 1.43 ver. of DefPack contains 2 modules. List:
2019-May-21 1.42 ver. of DefPack contains 3 modules. List:
2019-Apr-16 1.41 ver. of DefPack contains 3 modules. List:
2019-Jan-7 1.38 ver. of DefPack contains 5 modules. List:
– Cisco RV110W Password Disclosure and OS Command Execute. [CVE-2014-0683], [CVE-2015-6396]
2018-Dec-12 1.37 ver. of DefPack contains 4 modules. List:
2018-Oct-26 1.36 ver. of DefPack contains 3 modules. List:
2018-Sep-26 1.35 ver. of DefPack contains 5 modules. List:
2018-Aug-27 1.34 ver. of DefPack contains 6 modules. List:
2018-Aug-10 1.33 ver. of DefPack contains 7 modules. List:
2018-Jun-26 1.32 ver. of DefPack contains 6 modules. List:
2018-May-25 1.31 ver. of DefPack contains 4 modules. List:
2018-May-2 1.30 ver. of DefPack contains 3 modules. List:
2018-Mar-26 1.29 ver. of DefPack contains 3 modules. List:
2018-Feb-28 1.28 ver. of DefPack contains 3 modules. List:
2018-Jan-29 1.27 ver. of DefPack contains 3 modules. List: