Go to Top

Release: v0.4.1.2

Hey folks,

A couple of weeks have gone by since v0.4.1.1 was released and now it’s time to send v0.4.1.2 out with some more bugfixes. The ChangeLog is unimpressive but that doesn’t hurt anyone. :)

  • HTTP
    • Updated custom 404 detection algorithm to use less memory.
    • cookie_string option is now decoded before being parsed into a Cookie object.
  • Cookie#expires_to_time bugfixed to return nil if expiry time is “0”.
  • Arachni::URI.cheap_parse — Updated to sanitize the encoding of each parameter name and value individually. [Issue #303]
  • Plugins
    • Proxy
      • Fixed regression caused by the Parser requiring the HTTP Response to include the original Request.
      • Fixed SSL interceptor behavior on redirects — now delegates everything to the user facing Proxy.
  • Modules
    • Audit
      • CSRF — Updated to mark forms with a detected nonce as safe.

In the meantime, I’ve been putting the finishing touches on the new and extra cool distributed crawler which will debut in v0.4.2 and will appear in the experimental branch (and subsequently in the nightlies) in a couple of weeks or so.

Then, I’ll get back to working on the new Rails WebUI, which the project desperately needs.

That’s all for now, cheers,

Tasos Laskos.

, ,

About Tasos Laskos

CEO of Sarosys LLC, founder and lead developer of Arachni.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.