ConfigServer Services Blog

Changes:

• Added the following to Script Version Scanning:
  Joomla XCloner Ext, WP XCloner Ext
• Added new advanced PHP decoders
• Exploit fingerprint definitions database additions

Changes:

• Added the following to Script Version Scanning:
  CubeCart
• Fixed cxs Watch in DA where new account creation was not automatically detected
• HTTP::Tiny upgraded to v0.036

Changes:

• Added the following to Script Version Scanning:
• AbanteCart, AEF, b2evolution, CMS Made Simple, CodeIgnitor, Concrete5, Dotclear, e107, Elgg, Feng Office, HESK, Jcow CE, MODX Evolution, MODX Revolution, Noahs Classifieds, OSClass, ownCloud, Oxwall, Piwigo, Piwik, Seo Panel, Serendipity, StatusNet, TomatoCart, Xoops, ZenPhoto, Zikula
• Added the following popular WordPress extensions to Script Version Scanning:
  WP Sociable
  WP Share This
  WP WP Super Cache
  WP All In One WP Security & Firewall
  WP BulletProof Security
  WP FD Feedburner
  WP Google Adsense Plugin
  WP WordPress Simple Paypal Shopping Cart
  WP WordPress eShop
  WP WordPress s2Member
  WP UpdraftPlus
  WP BackUpWordPress
• Added the following popular Joomnla extensions to Script Version Scanning:
  Joomla Akeeba
  Joomla AllVideos
  Joomla CDN for Joomla
  Joomla Community Builder
  Joomla JEvents
  Joomla Jomsocial
  Joomla K2
  Joomla Kunena
  Joomla Phoca Gallery
  Joomla sh404SEF
  Joomla Simple Image Gallery
  Joomla Xmap
• Exploit fingerprint definitions database additions

Changes:

• Disable Script Version Scanning for web script scanning (cxscgi.sh) as it does not apply
• Perl module Storable added to the required list
• Added ten of the most popular WordPress extensions to Script Version Scanning:
  WP Akismet Ext v2
  WP Better WP Security Ext v3
  WP Contact Form 7 Ext v3
  WP Facebook Ext
  WP Google XML Sitemaps Ext v3
  WP Jetpack Ext v2
  WP NextGEN Gallery Ext v2
  WP Seo Ext
  WP W3 Total Cache Ext
  WP WooCommerce Ext v2
• Added ten of the most popular Joomla extensions to Script Version Scanning:
  Joomla Advanced Module Manager Ext v4
  Joomla JCE Ext v2
  Joomla RAntiSpam Ext v3
  Joomla Joomla LiveHelpNow Chat Ext v2
  Joomla Rapid Contact Ext
  Joomla Asynchronous Google Analytics Ext v2
  Joomla Google Maps Ext v3
  Joomla Sourcerer Ext v4
  Joomla Tabs Ext v3
  Joomla Modules Anywhere Ext v3
• Added the following to Script Version Scanning:
  OpenCart, Nucleus CMS, Open Classifieds, LimeSurvey, ClipBucket, WHMCS, Coppermine Photo Gallery
• Exploit fingerprint definitions database additions

Changes:

• Changed –options [s] to be –[no]sversionscan (Script Version Scanning) to make it independent of –[no]exploitscan, allowing a fast scan for old script installs. This option is enabled by default. Use –nosversionscan to disable
• Added the following to Script Version Scanning (see cxs POD):
  Typo3, Invision Power Board, WebCalendar, MyBB, Dolphin, SMF, OpenX Source, SugarCRM Community Edition, Contao CMS, PrestaShop, PHP-Fusion, phpPgAdmin, SquirrelMail, Roundcube, Kayako, osTicket
• Added new –soptions [a] for –[no]sversionscan to report all versions of found scripts, not just old versions
• Added new –soptions [d] for –[no]sversionscan to report the directory containing the script, not the trigger file
• Exploit fingerprint definitions database additions

Changes:

• UI button style modifications
• Added phpList, Moodle, Magento Community Edition and MediaWiki version checking to –options [s]
• Modified POD to screen wrap HTML code more effectively