Netsparker 4.5.2 - 17th December 2015

FEATURES

* Added Windows 10 support
* Added the Scan Policy Optimizer
* Added automatic configuration of URL rewrite rules
* Added automated evidence collection to several confirmed vulnerabilities
* Added Korean language option for application user interface (currently in beta)
* Added support for detecting outdated versions of several popular JavaScript client-side libraries
* Added HIPAA compliance report template
* Added syntax highlighting for HTTP response viewer for responses like XML, JavaScript, CSS, etc.
* Added syntax highlighting for HTTP request viewer for request bodies like XML, JSON, etc.
* Added sessionStorage and localStorage support
* Added send to Team Foundation Server (TFS) and GitHub feature
* Added URL Rewrite knowledgebase node to list the URL patterns that have been discovered
* Added SSL knowledgebase node that shows several SSL related configurations on target web server
* Added CSS knowledgebase node
* Added Slowest Pages knowledgebase node
* Added no challenge option for basic authentication

NEW SECURITY CHECKS

* Added Windows Short File Name security checks
* Added several new backup file checks
* Added web.config pattern for LFI checks
* Added boot.ini pattern for LFI checks
* Added a signature which checks against a passive backdoor affecting vBulletin 4.x and 5.x versions
* Added a signature which checks against an error message generated by regexp function at MySQL database
* Added DAws web backdoor check
* Added MOF Web Shell backdoor check
* Added RoR database configuration file detection
* Added RoR version disclosure detection
* Added RoR out-of-date version detection
* Added RoR Stack Trace Disclosure
* Added RubyGems version disclosure detection
* Added RubyGems out-of-date version detection
* Added Ruby out-of-date version detection
* Added Python out-of-date version detection
* Added Perl out-of-date version detection
* Added RoR Development Mode Enabled detection
* Added Django version disclosure detection
* Added Django out-of-date version detection
* Added Django Development Mode Enabled detection
* Added PHPLiteAdmin detection
* Added phpMoAdmin detection
* Added DbNinja detection
* Added WeakNet Post-Exploitation PHP Execution Shell (WPES) detection
* Added Adminer detection
* Added Microsoft IIS Log File detection
* Added Laravel Configuration File detection
* Added Laravel Debug Mode Enabled detection
* Added Laravel Stack Trace Disclosure
* Added S/FTP Config File detection

IMPROVEMENTS

* Several performance improvements to reduce memory usage
* Improved credit card detection to eliminate false positives
* HTTP cookie handling code written from scratch to conform with the latest RFCs which modern browsers also follow
* SSL cipher support check code has been rewritten to support more cipher suites
* SSL checks are now made for target URLs even when protocol is HTTP
* Improved logging code to decrease the performance overhead
* Updated embedded chrome based browser engine to version 41
* Improved logging when an error occurs if Netsparker was started from command line with arguments
* Added more ignored parameters for ASP.NET web applications
* Improved JIRA send to action to support both old and new versions
* Added activity details for singular security checks (SSL, Heartbleed, etc.) on scan summary dashboard
* Improved authentication verifier to include keywords from alt and title attributes
* Improved scan policy versioning where new security checks are automatically included or excluded by default on existing scan policies
* Improved out-of-date vulnerability reporting on XML vulnerability list report to include references and affected versions elements
* Improved LFI pattern that matches win.ini files
* Improved XSS coverage by adding an attack pattern for email inputs which require an @ character
* Improved cookie vulnerability details to show all cookies that are not marked as Secure or HttpOnly
* Added descriptions for advanced settings
* Improved out-of-date vulnerability templates by including severity information of vulnerabilities for that version of software
* Improved out-of-date vulnerability reporting by increasing the severity of the vulnerability if that version of software contains an important vulnerability
* Increased static resource finder limit from 75 to 100
* Added several text parser settings to advanced settings
* Improved Ruby version disclosure detection
* Improved SQL injection vulnerability template by adding remedy information for more development environments
* Improved common directory checks by adding more known directory names
* Updated default user agent
* Improved the default Anti-CSRF token name list
* Improved database error messages vulnerability detection for Informix
* Added new XSS attack pattern for title tag in which JavaScript execution is not possible
* Improved XHTML attacks to check against XSS vulnerabilities
* Missing Content-Type vulnerability is not reported when status code returns 304
* Optimized confirmation of Boolean SQLi
* Added exploitation for Remote Code Evaluation via ASP vulnerability
* Revamped DOM based XSS vulnerability detail with a table showing XPath column
* Changed SQLi attack patterns specific to MSSQL database with shorter ones
* Improved SQLi attack pattern which causes a vulnerability in LIMIT clauses specific to MySQL database
* DOM simulation is turned off for hidden input types which causes a false-positive confirmed XSS vulnerability
* Improved the "Name" form value pattern to match more inputs
* Improved confirmation of Expression Language Injection vulnerability
* Improved Frame Injection vulnerability details
* Added .phtml extension to detect code execution via file upload
* Improved blind SQL injection detection on some INNER JOIN cases
* Improved external references section of "Remote Code Evaluation (PHP)" vulnerability
* Added retest support for several vulnerability types
* Improved import link user interface
* Improved CSRF engine
* Displaying installer links for cases where auto update fails or auto updating is not possible
* Improved Apache Tomcat detection patterns
* Improved the message on "Reset to Defaults" dialog
* Added severity column for Vulnerabilities List (CSV) report template
* Increased the number of sensitive comments reported
* Added exploitation support for "RCE via Perl" vulnerability
* Added project selection to FogBugz send to action
* Improved text parser improvements
* Added the total number of attack counts per parameter for current scan policy to scan policy editor dialog
* Added the passive engine names which are currently running to scan summary dashboard
* Added separate checks in scan policy for each supported web app fingerprint application

FIXES

* Fixed Extensive Security Checks policy to enable DOM simulation for open redirection
* Fixed Extensive Security Checks policy to enable Prepend Original Value for XSS security tests
* Fixed authentication verifier to omit empty keywords for keyword based authentication
* Fixed authentication verifier to omit keywords longer than 200 characters for keyword based authentication
* Fixed authentication verifier to omit keywords containing null bytes for keyword based authentication
* Fixed URL rewrite analysis to respect case sensitivity settings
* Fixed a form authentication issue which image submit elements were not clicked
* Fixed send to extension context menu which does not focus Extensions section when Options dialog is opened
* Fixed a form authentication verification issue which may crash when username and/or password is empty
* Fixed a manual crawling issue when proxy was left open when you start a regular scan after a manual crawling
* Fixed custom reporting sample code on user manual to match the latest reporting API
* Fixed an issue occurs when the HTTP response body starts with unicode BOM
* Fixed Open Redirect security checks where it should not perform DOM based checks if DOM checks are turned off
* Fixed fiddler logging where form authentication requests were not being captured
* Fixed static resource finder where it was not following a redirect if only the protocol portion of an URL changes
* Fixed Start a New Scan dialog where Schedule Scan dialog was always shown when you first try to schedule a scan
* Fixed DOM simulation hangs if a rogue JavaScript call enters an endless loop
* Fixed slow XSS highlights on some responses
* Fixed disk space detection on cases when there are no space left on disk where Netsparker documents folder resides
* Fixed the issue on Start a New Scan dialog where some check box values were not restored correctly
* Fixed a bug where Full-Url LFI attack which is specific to Ruby-on-Rails applications could not be confirmed
* Fixed a bug where XSS vulnerability could not be confirmed when injection occurs in the middle of a CSS style
* Fixed a bug where generated XSS exploit did not work due to incorrect encoding
* Fixed a bug where a false-positive file upload vulnerability was reported
* Fixed a bug where maximum amount of hard fails was preventing next scan making HTTP requests
* Fixed "Missing Content-Type" reporting issue where redirected responses should not be reported
* Fixed Set-Cookie response headers being merged issue on response viewers
* Fixed an issue where send failures were not being handled while making HTTP requests
* Fixed credit card reporting issue where the value specified in default form values section should not be reported
* Fixed the trimmed parameter name issue on controlled scan pane
* Fixed ignore vulnerability issue function where it was not working for comparison reports
* Fixed documentation for nginx vulnerability template that tells how to fix the issue
* Fixed HSTS support for form authentication HTTP requests
* Fixed a bug which prevents attacking from resuming when an existing session is imported
* Fixed the issue of HttpRequests.saz file being truncated when a scan is resumed after import
* Fixed fiddler log file saving issue where chunked response bodies were not being saved correctly
* Fixed a URI parsing issue where non-HTTP(S) protocols are ignored
* Fixed a DOM XSS scanner issue that crashes Netsparker when a long URL is parsed
* Fixed a bug where an attribute based attack could not be confirmed as XSS
* Fixed a bug where an injection with "javascript:" protocol for XSS attacks occurs after a new line
* Fixed a bug where exploitation goes into loop and causes an unresponsive UI for error based SQLi
* Fixed a bug where redirection happens relatively and reported as Open Redirect vulnerability
* Fixed an issue where importing links to an existing profile with imported links was failing
* Fixed generated report name issue where and extra .htm extension is added to report file if run from command line
* Fixed an unhandled ArgumentException raised from permanent XSS detection
* Fixed the issue that Netsparker hangs with a confirmation dialog upon scan completion when started with /auto command line parameter
* Fixed an issue where a Groovy RCE is reported as Perl RCE
* Fixed an issue where a scan started with Scan Imported Links option were attacking to links those are not imported
* Fixed an issue where retest request is started with the attacked value and causes a vulnerability creation in a different injection point
* Fixed a WSDL parsing issue where reference parameters were not handled
* Fixed a WSDL parsing issue where XML types were not handled
* Fixed a visual bug where "Security Check Groups" description text was clipped
* Fixed a bug where illegal characters were causing invalid XML reports
* Fixed an issue where RCE Perl exploitation could not be performed due to incorrect encoding
* Fixed an issue with auto complete input reporting where highlighting was not correct
* Fixed an issue with web app fingerprinting where pausing the scan was not pausing it
* Fixed an issue that occurs during form authentication with an HSTS site that performs redirects to an URL with http protocol
* Fixed a form authentication configuration issue where both keyword based and redirect based logout detection pattern could be configured
* Fixed a bug where the hash is reported incorrectly in a DOM based XSS vulnerability
* Fixed the misleading content in basic authentication over clear text vulnerability