Server Software and Configuration Services
New cxs v2.27
Changes:
- New –options [P]. This option will search standard web application configuration files for MySQL database passwords. It will then attempt to login via FTP on localhost with the username of the account being processed and the detected password (it will attempt up to two password hits per configuration file). If the login is successful, the option will trigger a match. See CLI documentation for more info
- Separated and highlighted advanced Exploit Scan options in the UI that can affect user data and/or produce false-positives in the vain hope it will stop some people just ticking everything and then wondering where their files have gone
- Added Net::FTP to the perl module requirements (this is a core perl module so should already be installed)
- New options –uidmin [uid] and –uidmax [uid] for the GENERIC install when used with –allusers. These have no effect on cPanel and DA
- Exploit regex definitions database additions
- Exploit fingerprint definitions database additions