Breaking changes
Java Agent
- The command parameter in the ProcessBuilder hook changed to string type
- Replaced all alarm message with English ones
PHP agent
- Replaced all alarm message with English ones
New features
PHP agent
- Add support of PHP 7.0~7.2
- Add support of prepared SQL statement
- Fallbacked to v8 default platform
- Add monitoring of rename operations
Java agent
- Add monitoring of rename operations
Algorithm improvements
Command execution
- Add support of FreeMarker template command execution
SSRF
- Add detection of potentially dangerous protocol, e.g php://
- Add detection of 127.X.X.X in ssrf_userinput algorithm
Path traversal
- Fixed a
/../../detection bypass reported by @leesec
PHP stack validation
- Fixed a call_user_func false positive reported by @ezreal
SQL injection
- Add a global LRU cache to improve generic performance
- Add detection of INTO OUTFILE phrase
Bug fixes
PHP agent
- Add ~60 PHP test cases, multiple bugs fixed
- Fixed a expand_path issue on Windows