сканер Acunetix 14.7.220228146 (1st March 2022)

[c0d3x]

New features​

• The .NET IAST sensor (AcuSensor) can now be installed on .NET Core v3 and v5 on Windows (with the Kestrel server)
• The Acunetix scanner was updated to support routes for frameworks supported by the IAST sensors (AcuSensor)
• Added support for the Laravel framework in the PHP IAST sensor (AcuSensor)
• Added support for the CodeIgnitor framework in the PHP IAST sensor (AcuSensor)
• Added support for the Symphony framework in the PHP IAST sensor (AcuSensor)
• Added support for the ASP.NET MVC in the .NET Core IAST sensor (AcuSensor)
• Added support for Razor Pages in the .NET Core IAST sensor (AcuSensor)
• Added support for Web API in the .NET Framework and the .NET Core IAST sensors (AcuSensor)
• Added support for Spring MVC in the JAVA IAST sensor (AcuSensor)
• Added support for Spring Struts2 in the JAVA IAST sensor (AcuSensor)

New vulnerability checks​

Acunetix has been updated to detect the following vulnerabilities using IAST:

• LDAP Injection
• Unsafe Reflection of Untrusted Data
• XPath Injection
• Email Header Injection
• Deserialization of Untrusted Data
• MongoDB Injection
• Server-side template injection (SSTI)
• Server-side request forgery (SSRF)

Acunetix IAST (AcuSensor) has been updated to detect over 30 new server-side misconfigurations across all sensors:

• New check for Magento config file disclosure
• New check for BillQuick Web Suite SQL injection (CVE-2021-42258)
• New check for Apache Airflow experimental API auth bypass (CVE-2020-13927)
• New check for Apache Airflow default credentials
• New check for Apache Airflow exposed configuration
• New check for Apache Airflow unauthorized access vulnerability
• New check for GoCD information disclosure (CVE-2021-43287)
• New check for Grafana plugin directory traversal (CVE-2021-43798)
• New check for NodeBB arbitrary JSON file read (CVE-2021-43788)
• New check for ManageEngine Desktop Central deserialization RCE (CVE-2020–10189)
• New check for SolarWinds Orion API auth bypass (CVE-2020-10148)
• New check for Citrix ADC NetScaler local file inclusion (CVE-2020-8193)
• New check for VMware vCenter vcavbootstrap arbitrary file read
• New check for Pentaho API auth bypass (CVE-2021-31602)
• New check for Sonicwall SMA 100 unintended proxy (CVE-2021-20042)
• New check for VMware vCenter Log4Shell RCE
• New check for VMware Horizon Log4Shell RCE
• New check for MobileIron Log4Shell RCE
• New check for Ubiquiti Unifi Log4Shell RCE
• New check for Apache OFBiz Log4Shell RCE
• New check for Apache Struts2 Log4Shell RCE
• New check for Apache Solr Log4Shell RCE
• New check for Apache JSPWiki Log4Shell RCE
• New WordPress Core and WordPress plugins checks

Updates​

• IAST sensors (AcuSensor) capabilities have been updated to improve the detection of:
  • Arbitrary file creation
  • Directory traversal
  • SQL injection
  • Remote code execution
• Acunetix will start reporting if an old version of the IAST sensor (AcuSensor) is installed on the web application
• Considerable update to the handling of CSRF tokens
• The Vulnerabilities page now includes a unique vulnerability ID
• Multiple UI updates
• Multiple DeepScan updates

Fixes​

• Fixed an issue with GitLab issue types not showing in the UI
• Fixed an issue with Amazon AWS WAF export
• Fixed several scanner crashes
• Fixed an issue with .NET IAST AcuSensor not working on IIS prior to version 10
• Fixed an issue with Node.js IAST AcuSensor causing the web application to stop working
• Fixed an ordering issue in PDF comprehensive reports for multiple scans
• Fixed a timeout issue causing IAST data not to reach the Acunetix scanner

Качать тут: https://ufile.io/f/zd52b
Запасные линки:

acunetix_14.7.220228146.exe - AnonFiles

anonfiles.com

acunetix_14.7.220228146_x64.sh - AnonFiles

anonfiles.com

Кряк с инструкцией - https://mega.nz/folder/ESpHFaaQ#P9_TzzmBPgd-bYowdNjo3g/folder/ALxVjIyR

VT .EXE - https://www.virustotal.com/gui/file...d0dc50c5b163a8a7df73fa98350b9178ab6?nocache=1
VT .SH - https://www.virustotal.com/gui/file...746e50ccee1ab59b16abc29e332ac78f7d1?nocache=1
VT Кряк - https://www.virustotal.com/gui/file...1a2cf2f16a71dbde72d5d4b009cf211ac83?nocache=1

 

[sniffer]

Nice, i like it

 

[reeves]

Отлично, забрал !

 

[sharim]

sad for no reactions

 

[c0d3x]

Качать тут: https://ufile.io/f/zd52b
Запасные линки:
https://anonfiles.com/beX3x9L3xb/acunetix_14.7.220228146_exe
https://anonfiles.com/h9X2x3L1x1/acunetix_14.7.220228146_x64_sh

Кряк с инструкцией - https://mega.nz/folder/ESpHFaaQ#P9_TzzmBPgd-bYowdNjo3g/folder/ALxVjIyR

VT .EXE - https://www.virustotal.com/gui/file...d0dc50c5b163a8a7df73fa98350b9178ab6?nocache=1
VT .SH - https://www.virustotal.com/gui/file...746e50ccee1ab59b16abc29e332ac78f7d1?nocache=1
VT Кряк - https://www.virustotal.com/gui/file...1a2cf2f16a71dbde72d5d4b009cf211ac83?nocache=1

Для всех желающих, дабы не ломились в личку с просьбами.

 

[sharim]

Thanks

 

[localfix]

За линуксовый спасибо, а то на farfar не видел такого

 

[c0d3x]

От farfar не рекомендую качать ни чего. У него хэш-сумма всегда отличается от оригинальных файлов и на покойном raidforums его всегда обвиняли в склейках с каким то говном и отстуком файлов на какие то левые адреса. Я сливаю официальные билды потому что у меня легальная оф. лицензия.

 

[shakeflake]

Thanks for sharing.
I appreciate it and will use it.

 

[sssssshock]

Спасибо!

 

[sssssshock]

New features​

• The .NET IAST sensor (AcuSensor) can now be installed on .NET Core v3 and v5 on Windows (with the Kestrel server)
• The Acunetix scanner was updated to support routes for frameworks supported by the IAST sensors (AcuSensor)
• Added support for the Laravel framework in the PHP IAST sensor (AcuSensor)
• Added support for the CodeIgnitor framework in the PHP IAST sensor (AcuSensor)
• Added support for the Symphony framework in the PHP IAST sensor (AcuSensor)
• Added support for the ASP.NET MVC in the .NET Core IAST sensor (AcuSensor)
• Added support for Razor Pages in the .NET Core IAST sensor (AcuSensor)
• Added support for Web API in the .NET Framework and the .NET Core IAST sensors (AcuSensor)
• Added support for Spring MVC in the JAVA IAST sensor (AcuSensor)
• Added support for Spring Struts2 in the JAVA IAST sensor (AcuSensor)

New vulnerability checks​

Acunetix has been updated to detect the following vulnerabilities using IAST:

• LDAP Injection
• Unsafe Reflection of Untrusted Data
• XPath Injection
• Email Header Injection
• Deserialization of Untrusted Data
• MongoDB Injection
• Server-side template injection (SSTI)
• Server side request forgery (SSRF)

Acunetix IAST (AcuSensor) has been updated to detect over 30 new server-side misconfigurations across all sensors:

• New check for Magento config file disclosure
• New check for BillQuick Web Suite SQL injection ( CVE-2021-42258 )
• New check for Apache Airflow experimental API auth bypass ( CVE-2020-13927 )
• New check for Apache Airflow default credentials
• New check for Apache Airflow exposed configuration
• New check for Apache Airflow unauthorized access vulnerability
• New check for GoCD information disclosure ( CVE-2021-43287 )
• New check for Grafana plugin directory traversal ( CVE-2021-43798 )
• New check for NodeBB arbitrary JSON file read ( CVE-2021-43788 )
• New check for ManageEngine Desktop Central deserialization RCE ( CVE-2020–10189 )
• New check for SolarWinds Orion API auth bypass ( CVE-2020-10148 )
• New check for Citrix ADC NetScaler local file inclusion ( CVE-2020-8193 )
• New check for VMware vCenter vcavbootstrap arbitrary file read
• New check for Pentaho API auth bypass ( CVE-2021-31602 )
• New check for Sonicwall SMA 100 unintended proxy ( CVE-2021-20042 )
• New check for VMware vCenter Log4Shell RCE
• New check for VMware Horizon Log4Shell RCE
• New check for MobileIron Log4Shell RCE
• New check for Ubiquiti Unifi Log4Shell RCE
• New check for Apache OFBiz Log4Shell RCE
• New check for Apache Struts2 Log4Shell RCE
• New check for Apache Solr Log4Shell RCE
• New check for Apache JSPWiki Log4Shell RCE
• New WordPress Core and WordPress plugins checks

updates​

• IAST sensors (AcuSensor) capabilities have been updated to improve the detection of:
  • Arbitrary file creation
  • Directory traversal
  • SQL injection
  • Remote code execution
• Acunetix will start reporting if an old version of the IAST sensor (AcuSensor) is installed on the web application
• Considerable update to the handling of CSRF tokens
• The Vulnerabilities page now includes a unique vulnerability ID
• Multiple UI updates
• Multiple DeepScan updates

Fixes​

• Fixed an issue with GitLab issue types not showing in the UI
• Fixed an issue with Amazon AWS WAF export
• Fixed several scanner crashes
• Fixed an issue with .NET IAST AcuSensor not working on IIS prior to version 10
• Fixed an issue with Node.js IAST AcuSensor causing the web application to stop working
• Fixed an ordering issue in PDF comprehensive reports for multiple scans
• Fixed a timeout issue causing IAST data not to reach the Acunetix scanner

hidden content

New features​

• The .NET IAST sensor (AcuSensor) can now be installed on .NET Core v3 and v5 on Windows (with the Kestrel server)
• The Acunetix scanner was updated to support routes for frameworks supported by the IAST sensors (AcuSensor)
• Added support for the Laravel framework in the PHP IAST sensor (AcuSensor)
• Added support for the CodeIgnitor framework in the PHP IAST sensor (AcuSensor)
• Added support for the Symphony framework in the PHP IAST sensor (AcuSensor)
• Added support for the ASP.NET MVC in the .NET Core IAST sensor (AcuSensor)
• Added support for Razor Pages in the .NET Core IAST sensor (AcuSensor)
• Added support for Web API in the .NET Framework and the .NET Core IAST sensors (AcuSensor)
• Added support for Spring MVC in the JAVA IAST sensor (AcuSensor)
• Added support for Spring Struts2 in the JAVA IAST sensor (AcuSensor)

New vulnerability checks​

Acunetix has been updated to detect the following vulnerabilities using IAST:

• LDAP Injection
• Unsafe Reflection of Untrusted Data
• XPath Injection
• Email Header Injection
• Deserialization of Untrusted Data
• MongoDB Injection
• Server-side template injection (SSTI)
• Server side request forgery (SSRF)

Acunetix IAST (AcuSensor) has been updated to detect over 30 new server-side misconfigurations across all sensors:

• New check for Magento config file disclosure
• New check for BillQuick Web Suite SQL injection ( CVE-2021-42258 )
• New check for Apache Airflow experimental API auth bypass ( CVE-2020-13927 )
• New check for Apache Airflow default credentials
• New check for Apache Airflow exposed configuration
• New check for Apache Airflow unauthorized access vulnerability
• New check for GoCD information disclosure ( CVE-2021-43287 )
• New check for Grafana plugin directory traversal ( CVE-2021-43798 )
• New check for NodeBB arbitrary JSON file read ( CVE-2021-43788 )
• New check for ManageEngine Desktop Central deserialization RCE ( CVE-2020–10189 )
• New check for SolarWinds Orion API auth bypass ( CVE-2020-10148 )
• New check for Citrix ADC NetScaler local file inclusion ( CVE-2020-8193 )
• New check for VMware vCenter vcavbootstrap arbitrary file read
• New check for Pentaho API auth bypass ( CVE-2021-31602 )
• New check for Sonicwall SMA 100 unintended proxy ( CVE-2021-20042 )
• New check for VMware vCenter Log4Shell RCE
• New check for VMware Horizon Log4Shell RCE
• New check for MobileIron Log4Shell RCE
• New check for Ubiquiti Unifi Log4Shell RCE
• New check for Apache OFBiz Log4Shell RCE
• New check for Apache Struts2 Log4Shell RCE
• New check for Apache Solr Log4Shell RCE
• New check for Apache JSPWiki Log4Shell RCE
• New WordPress Core and WordPress plugins checks

updates​

• IAST sensors (AcuSensor) capabilities have been updated to improve the detection of:
  • Arbitrary file creation
  • Directory traversal
  • SQL injection
  • Remote code execution
• Acunetix will start reporting if an old version of the IAST sensor (AcuSensor) is installed on the web application
• Considerable update to the handling of CSRF tokens
• The Vulnerabilities page now includes a unique vulnerability ID
• Multiple UI updates
• Multiple DeepScan updates

Fixes​

• Fixed an issue with GitLab issue types not showing in the UI
• Fixed an issue with Amazon AWS WAF export
• Fixed several scanner crashes
• Fixed an issue with .NET IAST AcuSensor not working on IIS prior to version 10
• Fixed an issue with Node.js IAST AcuSensor causing the web application to stop working
• Fixed an ordering issue in PDF comprehensive reports for multiple scans
• Fixed a timeout issue causing IAST data not to reach the Acunetix scanner

Hidden content

почему я не вижу ссылки? у меня более 1 взаимодействия

 

[c0d3x]

почему я не вижу ссылки? у меня более 1 взаимодействия

Качать тут: https://ufile.io/f/zd52b
Запасные линки:
https://anonfiles.com/beX3x9L3xb/acunetix_14.7.220228146_exe
https://anonfiles.com/h9X2x3L1x1/acunetix_14.7.220228146_x64_sh

Кряк с инструкцией - https://mega.nz/folder/ESpHFaaQ#P9_TzzmBPgd-bYowdNjo3g/folder/ALxVjIyR

VT .EXE - https://www.virustotal.com/gui/file...d0dc50c5b163a8a7df73fa98350b9178ab6?nocache=1
VT .SH - https://www.virustotal.com/gui/file...746e50ccee1ab59b16abc29e332ac78f7d1?nocache=1
VT Кряк - https://www.virustotal.com/gui/file...1a2cf2f16a71dbde72d5d4b009cf211ac83?nocache=1

Для всех желающих, дабы не ломились в личку с просьбами.

 

[nexxxt]

Does the crack work for anyone?

 

[ConnectXSS]

почему 14 версия acunetix не все sql уязвимости находит?
на 1 чистой винде поставил 13 acunetix ,на другой 14,закинул одни и теже сайты на скан.
на 13 версии находит ,а на этой нет.
+если выбрать в профиле существующий Sql injection он вообще ищет wordpres хрени .ищет только тогда,когда рукми выбираешь Input scheme tests>SQL Injection да и так не все находит,как уже писал.
это кряк такой ?

 

[c0d3x]

это кряк такой ?

Кряк на работу софта ни как не влияет. Проверить это можно на http://testphp.vulnweb.com/ - должно детектить 19 sqli, с выключеным AcuSensor.

на 13 версии находит ,а на этой нет.

Что находит/не находит? Конкретику дай.

 

[c0d3x]

Does the crack work for anyone?

What a problem with a crack?

 

[MachineCase]

Отлично, Спасибо.

 

[nexxxt]

once cracking done.. all i get is this message in chrome

{
"code": 404,
"message": "Not Found",
"details": null
}

 

[nexxxt]

почему 14 версия acunetix не все sql уязвимости находит?
на 1 чистой винде поставил 13 acunetix ,на другой 14,закинул одни и теже сайты на скан.
на 13 версии находит ,а на этой нет.
+если выбрать в профиле существующий Sql injection он вообще ищет wordpres хрени .ищет только тогда,когда рукми выбираешь Input scheme tests>SQL Injection да и так не все находит,как уже писал.
это кряк такой ?

у меня был подобный опыт

 

[ConnectXSS]

у меня был подобный опыт

решилось?