View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000597Kali LinuxTool Upgrade Requestpublic2013-09-18 07:552014-01-08 22:10
Reportersaberzaid Assigned Todookie  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version1.0.7 
Summary0000597: Arachni v0.4.5.1-0.4.2
Description

There's a new version of Arachni, an Open Source, modular and
high-performance Web Application Security Scanner Framework written in Ruby.

Brief list of changes:

  • Optimized pattern matching to use less resources by grouping patterns to only
    be matched against the per-platform payloads. Bottom line, pattern matching
    operations have been greatly reduced overall and vulnerabilities can be used
    to fingerprint the remote platform.
  • Modules
    • Path traversal (path_traversal)
      • Updated to use more generic signatures.
      • Added dot-truncation for MS Windows payloads.
      • Moved non-traversal payloads to the file_inclusion module.
    • File inclusion (file_inclusion) — Extracted from path_traversal.
      • Uses common server-side files and errors to identify issues.
    • SQL Injection (sqli) — Added support for the following databases:
      • Firebird
      • SAP Max DB
      • Sybase
      • Frontbase
      • IngresDB
      • HSQLDB
      • MS Access
    • localstart_asp — Checks if localstart.asp is accessible.
  • Plugins — Added:
    • Uncommon headers (uncommon_headers) — Logs uncommon headers.

For more details about the new release please visit:
http://www.arachni-scanner.com/blog/arachni-0-4-5-1-0-4-2-release/

Download page: http://www.arachni-scanner.com/download/

Activities

fpalazzo

fpalazzo

2013-10-03 10:00

reporter   ~0000933

Version 0.4.5.2 is out.

The Framework v0.4.5.2 and WebUI v0.4.2.1 release of Arachni.

http://www.arachni-scanner.com/download/
dookie

dookie

2014-01-08 22:10

reporter   ~0001295

Upgraded in arachni_0.4.6-0.4.3-1kali0. It will be in the repos soon.

Thanks.

Issue History

Date Modified Username Field Change
2013-09-18 07:55 saberzaid New Issue
2013-10-03 10:00 fpalazzo Note Added: 0000933
2014-01-08 21:55 dookie Assigned To => dookie
2014-01-08 21:55 dookie Status new => assigned
2014-01-08 22:10 dookie Note Added: 0001295
2014-01-08 22:10 dookie Status assigned => resolved
2014-01-08 22:10 dookie Fixed in Version => 1.0.7
2014-01-08 22:10 dookie Resolution open => fixed
2021-05-31 13:37 rhertzog Category Tool Upgrade => Tool Upgrade Request