Version 0.40

中文说明

Breaking changes

Java Agent

• The command parameter in the ProcessBuilder hook changed to string type
• Replaced all alarm message with English ones

PHP agent

• Replaced all alarm message with English ones

New features

PHP agent

• Add support of PHP 7.0~7.2
• Add support of prepared SQL statement
• Fallbacked to v8 default platform
• Add monitoring of rename operations

Java agent

• Add monitoring of rename operations

Algorithm improvements

Command execution

• Add support of FreeMarker template command execution

SSRF

• Add detection of potentially dangerous protocol, e.g php://
• Add detection of 127.X.X.X in ssrf_userinput algorithm

Path traversal

• Fixed a /../../ detection bypass reported by @leesec

PHP stack validation

• Fixed a call_user_func false positive reported by @ezreal

SQL injection

• Add a global LRU cache to improve generic performance
• Add detection of INTO OUTFILE phrase

Bug fixes

PHP agent

• Add ~60 PHP test cases, multiple bugs fixed
• Fixed a expand_path issue on Windows