Home
/
Documentation
/
16-Mar-2017
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
16 Mar 2017

16-Mar-2017

New Security Checks

  • New security check that detects insecure targets in Content Security Policy.
  • Added checks for exposure of trace.axd in ASP.NET applications.
  • New security check for Time Based Server-Side Request Forgery.
  • Added Markdown Injection attack pattern to XSS engine.
  • Added a Code Evaluation check for Apache Struts framework.

Improvements

  • Improved Boolean SQL Injection detection.
  • Updated the Local File Inclusion vulnerability classifications.
  • Improved Trace/Track security checks.
  • Improved coverage of XSS engine in redirects.
  • Added policy optimization support for SSRF security checks.
  • Added exploit generation support for "Cross-site Scripting via Remote File Inclusion" vulnerability.
  • Added a specialized parser to parse JavaScript responses better to reduce discovering incorrect links.
  • Improved form authentication logout detection by ignoring the responses of some attacks to prevent incorrect logout detections.
  • Added type ahead search box for Security Check Groups on Scan Policy Editor.
  • Added "Send to Request Builder" context menu item for activities on scan activity pane.
  • Added input validation for placeholder patterns on Custom URL rewrite grid.
  • Added scheduling support for Incremental Scan feature.
  • Added the number of crawled links next to scanned host names on sitemap tree.
  • Improved code generation for form authentication custom scripts.
  • Improved proxy options UI. Now proxy address inputs can be pasted along with user credentials and port.
  • Added VDB support to Blind & Boolean SQLi post exploitation.
  • Added an info message to Browser View tab that tells this view is a limited preview.
  • Added file parameter type support to Request Builder.
  • Added support for multiple report exporting to Scheduled Scans.
  • Added the number of vulnerability severities of current scan to status bar.
  • Added Copy URL and Copy as cURL context menu items to Imported Links grid.
  • Added pause scan button to interactive login dialog.
  • Improved sqlmap command generation by adding database server type parameter.
  • Start New Scan dialog is made resizable.
  • Added Search feature to Imported Links.
  • Added Cancel button for Request Builder.
  • Added support for checking Open Redirection vulnerability on Refresh response header.
  • Added the XPath information of the element that causes the DOM XSS vulnerability.
  • Added "Sub Path Max Dynamic Signatures" setting for Heuristic URL Rewrite detection.
  • Added database specific queries for the selected SQLi vulnerability on exploitation panel.
  • Added a JavaScript scan policy option to filter events that are attached to "document" by name to a constant set of mousedown, keyup etc. to reduce triggered event count during the simulation.
  • Added a JavaScript scan policy option to exclude HTML elements such as logout buttons from event simulation by CSS selectors.
  • Added finding vulnerabilities which sink into window.name capability for DOM XSS security checks.
  • Improved coverage of Local File Inclusion engine so that a vulnerability can be found in a full url attack.

Bug Fixes

  • Fixed several issues related to DOM parsing and simulation.
  • Fixed a NullReferenceException thrown by HTTP Methods checks.
  • Fixed a StackOverflowException caused by JSON responses with too many nested elements.
  • Fixed PoC generation during post exploitation for time based SQLi checks.
  • Fixed incorrect bearer token log message on verify dialog even when bearer token detection is disabled.
  • Fixed a NullReferenceException while confirming a Boolean SQLi vulnerability.
  • Fixed several issues related with splash screen to make sure it is hidden when the application is loaded.
  • Fixed a NullReferenceException thrown by logout detection while trying to close the application.
  • Fixed an issue where scan is paused when an additional host is unreachable.
  • Fixed an issue where the new link nodes added under an excluded branch on sitemap tree were not excluded.
  • Fixed the misleading message that is shown when a manual crawling scan is started, Form Authentication feature no more requires installing a certificate to your computer.
  • Fixed IndexOutOfRangeException thrown while trying to open Scan Policy Editor dialog if the UI language is set to Korean.
  • Fixed keyboard tab order on Form Authentication settings.
  • Fixed an issue where injection HTTP response displays an empty string because deserialized file does not contain the HTML response of the attack.
  • Fixed typos in CSP vulnerability templates.
  • Fixed the broken impacts table on Executive Summary Report PDF when the table spans 2 pages.
  • Fixed several issues related with report policy naming when the name is invalid or too long.
  • Fixed generated blank pages on PDF reports.
  • Fixed OperationCanceledException thrown during extra confirmation.
  • Fixed UI glitches on form authentication Custom Script dialog caused when splitters are resized.
  • Fixed several Request Builder issues.
  • Fixed Test Credentials button on basic authentication settings which does not send Authorization request header if Do Not Expect Challange check box is checked.
  • Fixed the ignored email are still reported on knowledge base issue.
  • Fixed a bug where double encoded attacks are not exploitable in browser when proof URL is clicked.
  • Fixed an issue where source code disclosure is reported in JS and CSS files.
  • Fixed an SQL exploitation issue where executing a SQL query which expects an integer result is no longer giving failure for PostgreSQL database.
  • Fixed a Text Parser issue where single quote characters were being captured as part of links.
  • Fixed the incorrect path disclosure caused by the Shellshock attack.
  • Fixed a TargetInvocationException thrown when a new license is trying to be loaded using Help > Load New License menu item.
  • Fixed missing SSRF proofs under Proofs knowledge base.
  • Fixed an ArgumentException thrown by DOM XSS checks when the web site is crawled using manual crawling mode.
  • Fixed incorrect encoded parameter names for multipart/form-data forms.
  • Fixed the incorrect auto update notification even when you have a more up-to-date version of the application.
  • Fixed the large right margin on Knowledge Base Report (PDF) summary page.
  • Fixed the splash screen that is shown in front of the trial popup message.
  • Fixed the performance issues of recrawling related to DOM XSS checks on web sites with lots of links.
  • Fixed the incorrect CR LF encoding issues on proof URLs.
  • Fixed a retest issue where all parameters of the link were being retested whereas only the vulnerable parameter must be retested.
  • Fixed the visual glitch occurs on Imported Links section upon importing new links.
  • Fixed DOM Parser clearInterval JavaScript function simulation.
  • Fixed an issue where stored XSS vulnerability is reported in an XHR response rather than in the page itself which makes XHR request.
  • Fixed an issue where Boolean SQLi vulnerability is missed due to crawled parameter value.
  • Fixed an issue where reflected XSS vulnerability is missed because the reflected payload is HTML encoded in an attribute.
  • Fixed an issue where Text Parser does not handle the same referenced JavaScript in different files.