1.19b - New ODBC POI added and Apache config file detection tightened up.
This commit is contained in:
parent
8199ba27af
commit
75e1b5ddd5
50
ChangeLog
50
ChangeLog
|
@ -1,8 +1,17 @@
|
|||
Version 1.19b:
|
||||
--------------
|
||||
|
||||
- New ODBC POI added.
|
||||
|
||||
- Apache config file detection tightened up.
|
||||
|
||||
Version 1.18b:
|
||||
--------------
|
||||
|
||||
- Fix a potential NULL ptr deref with malformed Set-Cookie.
|
||||
|
||||
- Another last-resort HTML detection pattern added.
|
||||
|
||||
Version 1.17b:
|
||||
--------------
|
||||
|
||||
|
@ -13,14 +22,15 @@ Version 1.16b:
|
|||
|
||||
- Fixed a typo introduced in 1.16 to index.html (d'oh).
|
||||
|
||||
- Further refinements to Makefile CFLAGS / LIBS / LDFLAGS.
|
||||
- Further refinements to Makefile CFLAGS / LIBS / LDFLAGS to keep
|
||||
package maintainers happy.
|
||||
|
||||
Version 1.15b:
|
||||
--------------
|
||||
|
||||
- Better documentation of why certain issues are not reported by skipfish.
|
||||
- Better documentation on why certain issues are not reported by skipfish.
|
||||
|
||||
- Another minor tweak to path mapping detection logic.
|
||||
- Another minor tweak to improve path mapping detection logic.
|
||||
|
||||
Version 1.14b:
|
||||
--------------
|
||||
|
@ -28,18 +38,19 @@ Version 1.14b:
|
|||
- Several new wordlist entries, courtesy of Glastopf Honeypot:
|
||||
http://glastopf.org/index.php
|
||||
|
||||
- A tweak to path mapping detection logic to detect certain path mappings.
|
||||
- A tweak to path mapping detection logic to detect certain path mappings
|
||||
that may result in crawl loops.
|
||||
|
||||
- Makefile now honors external LDFLAGS, CFLAGS.
|
||||
|
||||
- Some more documentation tweaks.
|
||||
- Some more documentation tweaks and rewrites.
|
||||
|
||||
- PUT detection logic.
|
||||
- PUT detection logic added.
|
||||
|
||||
Version 1.13b:
|
||||
--------------
|
||||
|
||||
- Improved password, file form detection.
|
||||
- Improved password, file form detection slightly.
|
||||
|
||||
Version 1.12b:
|
||||
--------------
|
||||
|
@ -51,27 +62,27 @@ Version 1.12b:
|
|||
Version 1.11b:
|
||||
--------------
|
||||
|
||||
- SIGWINCH support: you can now resize your window while scanning.
|
||||
- SIGWINCH support: you can now cleanly resize your window while scanning.
|
||||
|
||||
- Typo in report category name fixed.
|
||||
|
||||
- Terminal color fix for non-standard themes.
|
||||
- Terminal color fix (for users with non-standard color themes).
|
||||
|
||||
- Fixed icons license (GPL -> LGPL).
|
||||
- Corrected icons license (GPL -> LGPL).
|
||||
|
||||
- Fixed a typo in -b ffox headers.
|
||||
|
||||
- Fixed a potential NULL pointer crash in form parsing.
|
||||
- Fixed a potential NULL ptr deref when doing form parsing.
|
||||
|
||||
Version 1.10b:
|
||||
--------------
|
||||
|
||||
- Fix to extensions-only.wl.
|
||||
- Fix to extensions-only.wl (some bad keywords removed).
|
||||
|
||||
Version 1.09b:
|
||||
--------------
|
||||
|
||||
- Fix for a potential NULL pointer crash in probabilistic scan mode (<100%).
|
||||
- Fix for a potential NULL ptr deref in probabilistic scan mode (<100%).
|
||||
|
||||
Version 1.08b:
|
||||
--------------
|
||||
|
@ -81,30 +92,31 @@ Version 1.08b:
|
|||
Version 1.07b:
|
||||
--------------
|
||||
|
||||
- Several build fixes for FreeBSD, MacOS X.
|
||||
- Several build fixes for FreeBSD, MacOS X (-I, -L paths).
|
||||
|
||||
Version 1.06b:
|
||||
--------------
|
||||
|
||||
- Minor documentation updates.
|
||||
- Minor documentation updates, typos fixed, etc.
|
||||
|
||||
Version 1.05b:
|
||||
--------------
|
||||
|
||||
- Another workaround for FORTIFY_SOURCE on MacOS X.
|
||||
- A more robust workaround for FORTIFY_SOURCE (MacOS X).
|
||||
|
||||
Version 1.04b:
|
||||
--------------
|
||||
|
||||
- Workaround for *BSD systems with malloc J or Z options set
|
||||
by default.
|
||||
- Workaround for *BSD systems with malloc J or Z options set by default
|
||||
(0x5a5a5a5a deref after realloc()).
|
||||
|
||||
- A minor tweak to reject certain not-quite-URLs extracted from JS.
|
||||
|
||||
Version 1.01b:
|
||||
--------------
|
||||
|
||||
- Workaround for a glitch in FORTIFY_SOURCE on Linux.
|
||||
- Workaround for a glitch in FORTIFY_SOURCE on Linux (causing crash
|
||||
on startup).
|
||||
|
||||
Version 1.00b:
|
||||
--------------
|
||||
|
|
22
analysis.c
22
analysis.c
|
@ -2243,6 +2243,12 @@ static void check_for_stuff(struct http_request* req,
|
|||
return;
|
||||
}
|
||||
|
||||
if (inl_strcasestr(res->payload, (u8*)";database=") &&
|
||||
inl_strcasestr(res->payload, (u8*)";pwd=")) {
|
||||
problem(PROB_FILE_POI, req, res, (u8*)"ODBC connect string", req->pivot, 0);
|
||||
return;
|
||||
}
|
||||
|
||||
if (strstr((char*)sniffbuf, "<cross-domain-policy>")) {
|
||||
problem(PROB_FILE_POI, req, res, (u8*)
|
||||
"Flash cross-domain policy", req->pivot, 0);
|
||||
|
@ -2256,9 +2262,21 @@ static void check_for_stuff(struct http_request* req,
|
|||
}
|
||||
|
||||
if (inl_strcasestr(sniffbuf, (u8*)"\nAuthType ") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions ") ||
|
||||
(inl_strcasestr(sniffbuf, (u8*)"\nOptions ") && (
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions +") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions -") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions All") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions Exec") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions Follow") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions In") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions Mult") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nOptions Sym"))) ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\n<Directory ") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nRequire ")) {
|
||||
(inl_strcasestr(sniffbuf, (u8*)"\nRequire ") && (
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nRequire valid") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nRequire user") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nRequire group") ||
|
||||
inl_strcasestr(sniffbuf, (u8*)"\nRequire file")))) {
|
||||
problem(PROB_FILE_POI, req, res, (u8*)"Apache config file", req->pivot, 0);
|
||||
return;
|
||||
}
|
||||
|
|
2
config.h
2
config.h
|
@ -23,7 +23,7 @@
|
|||
#ifndef _HAVE_CONFIG_H
|
||||
#define _HAVE_CONFIG_H
|
||||
|
||||
#define VERSION "1.18b"
|
||||
#define VERSION "1.19b"
|
||||
|
||||
#define USE_COLOR 1 /* Use terminal colors */
|
||||
|
||||
|
|
|
@ -1383,7 +1383,7 @@ u8 parse_response(struct http_request* req, struct http_response* res,
|
|||
|
||||
if (!cval) { cval = val; val = 0; }
|
||||
|
||||
SET_CK(val, cval, &res->hdr);
|
||||
if (cval) SET_CK(val, cval, &res->hdr);
|
||||
|
||||
if (val) {
|
||||
|
||||
|
@ -1400,7 +1400,7 @@ u8 parse_response(struct http_request* req, struct http_response* res,
|
|||
/* Set cookie globally, but ignore obvious attempts to delete
|
||||
existing ones. */
|
||||
|
||||
if (!ignore_cookies && cval[0])
|
||||
if (!ignore_cookies && val && cval[0])
|
||||
SET_CK(val, cval, &global_http_par);
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue