Sn1per Professional v10.1 SE Update Released!
Sn1per Professional v10.1 Scan Engine (SE) update is now available for Sn1per Professional v10.0 customers with a ton of new features and improvements. This update is part of the Sn1per Professional SE development branch which is exclusively available only to Sn1per Professional v10.0 customers. If you are a previous customer (ie. Sn1per Professional v9.0 or less) or if you use the Community Edition available on Github, you will need to purchase a Sn1per Professional v10.0 license to download and receive scan engine updates.
New Vulnerability Templates
Several new vulnerability templates were added in v10.1 to detect the latest CVE’s and vulnerabilities in your environment. We also increased general vulnerability coverage by adding sc0pe templates for Apache Tomcat, Weak SSH Ciphers and SMB related vulnerabilities.
- Added VMware Workspace ONE Access freemarker SSTI (CVE-2022-22954) sc0pe template
- Added Apache Tomcat Spring4Shell compromised host detection sc0pe template
- Added Apache Tomcat Spring4Shell Remote Code Execution (CVE-2022-22965) sc0pe template
- Added nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE sc0pe template
- Updated Apache Tomcat detection sc0pe template
- Added Weak SSH Ciphers sc0pe template
- Added Anonymous SMB Login sc0pe template
- Added SMB readable, writable shares & user enumeration sc0pe templates
- Added Joomla Pre-Installation Check sc0pe template
- Added Login Form Found sc0pe template
Sn1per Professional Vulnerability Report Viewer
New Features
Sn1per Professional v10.1 also has several new “intelligent” scan features to automatically change scan behavior and options based on a target’s fingerprint. For instance, if Sn1per Professional detects a WAF (Web Application Firewall), it will automatically switch to “stealth” mode in order to avoid being blocked now. If Sn1per detects WordPress, it will automatically run WPScan. If it detects a brute forcable service such as FTP or SSH, it will automatically try to brute force these services. Together, these changes will add a more automated intelligence to Sn1per which will provide more meaningful scan data without direct user intervention.
- Added intelligent WAF detection (active & passive) with configurable scan profile (default: stealth mode) to avoid scans getting blocked. Must have WAF_CHECK=”1″ in your Sn1per configuration template.
- Added intelligent “Access Denied – 403” detection & auto-scan via DirDar
- Added intelligent WordPress detection & auto-scan via WPScan
- Added intelligent CMS detection & auto-scan via CMSMAP
- Added intelligent auto-bruteforce & auto-scan via BruteX. Must have AI_BRUTEFORCE=”1″ in your Sn1per configuration template.
- Added automatic reverse IP lookups for IP addresses
Sn1per Auto-Bruteforce Detection
Improved Static Scans
Another key feature added to v10.1 is the addition of Nuclei static scans. With this, Sn1per will automatically check all JavaScript files for secrets and vulnerabilities (ie. DOM XSS) and will import the results into the Sn1per Professional. This will give a good head start when sifting through JS files for vulnerabilities.
Sn1per Professional Static Vulnerability Scan Report
Fixes
- Fixed issue with OpenVAS socket permissions
- Fixed issue with SSLScan missing from Ubuntu 20.04 LTS
- Fixed issue with Dirsearch installation
- Fixed issue with Nuclei takeover scans not working
- Added Redis port 6389/tcp to default ports
- Added Redis port 1337/tcp to default ports
- Added Go 1.17+ support for all Go packages
Update Instructions
If you’re a current Sn1per Professional v10.0 customer, you have two options to upgrade:
- From a ‘root’ terminal, run the ‘sniper -u‘ command
- From the Sn1per Professional Workspace Navigator, click the “Quick Commands” panel and run the “Update” option
Sn1per Professional Update Panel
