Sn1per Professional v9.1 SE Update Released!
Auto-Target Mode Selection
Burpsuite Professional Vulnerability Parser
Another major improvement in v9.1 is a new sc0pe parser for Burpsuite Professional. This will allow customers to automatically import all Burpsuite Professional vulnerabilities from new and previous scans directly into the Sn1per Professional v9.0 for improved vulnerability analytics and reporting.
Testing for HTTP 403 Forbidden Bypasses
A new tool called “DirDar” was added to help in testing for HTTP 403 “Forbidden” bypasses using a number of common techniques (ie. altering HTTP headers, appending common character sequences to the URL, etc.). DirDar comes enabled by default for all Sn1per ‘web’ based modes and can be disabled within the sniper.conf file by setting the “DIRDAR” variable to “0”.
Verbose Scan Notifications for Disabled Conf Options
In prior versions of Sn1per, it hasn’t been easy to tell which options are enabled or disabled when running scans. With Sn1per SE v9.1, customers will now see scan notifications with the exact setting name and a short message indicating that the setting is disabled in the current config.
URLScan.io Cached URL Retrieval
We added urlscan.io cached URL retrieval to automatically list all URL’s for the target website. This comes as yet another way to retrieve known URL’s from a target website which may lead to some interesting vulnerabilities being discovered. This will come enabled by default for all ‘web’ mode scans and can be enabled or disabled via the “URLSCANIO” setting.
Screenshots on No X GUI Installations (Docker/VPS)
As some may have noticed, there has been some graphic limitations with running Sn1per on installations with no X based GUI running (typically Docker and VPS installations). As a result, most common methods for retrieving web screenshots don’t work since they typically rely on running a headless web browser. After lots of research and testing, a solution was found to capture screenshots on these types of installations which can be enabled in the sniper.conf file by setting the “NO_X_GUI” setting to “1”.
CVE-2021-21972 – VMware vCenter Unauthorized RCE
In case you missed it, a critical Remote Code Execution (RCE) vulnerability in VMWare vCenter was recently disclosed which allows remote attackers to execute malicious code on both Windows and Linux based systems running vCenter client. To assist customers, we added a new sc0pe template to automatically detect this vulnerability and alert you.
In the past, typical Sn1per updates would involve re-installing and re-downloading ALL included programs, scripts and dependencies which could take some time depending on your bandwidth. With Sn1per Professional SE v9.1 onward, we will now be including differential updates to selectively update only the new additions and updated code to ease bandwidth and update times.
* v9.1 – Added DirDar tool to detect 403 errors and attempt bypass
* v9.1 – Added Static Analysis – Sensitive Information Disclosure sc0pe template
* v9.1 – Added SecretFinder static analysis tool
* v9.1 – Added xvfb screenshot tool for no X gui installations (see sniper.conf to enable)
* v9.1 – Added FFuf URL fuzzer to install.sh for Fuzzer Add-on dependency
* v9.1 – Added HTML reporting for webscan mode
* v9.1 – Fixed issue with carriage returns in conf
* v9.1 – Fixed issue with DNS resolution in ‘discover’ mode scans causing duplicate hosts
* v9.1 – Fixed issue with bruteforce running automatically due to changes in conf file
* v9.1 – Sanitized XSS payloads in spidered URL lists
* v9.1 – Updated default aux mode options in default sniper.conf
If you’re a current Sn1per Professional v9.0 customer, you have two options to upgrading the v9.1:
- From a ‘root’ terminal, run the ‘sniper -u’ command
- From the Sn1per Professional v9.0 Workspace Navigator, click the “Quick Commands” panel and run the “Update” option
NOTE: The update to the latest branch is “silent”, so no output will be displayed. To confirm the update was successful, simply run the ‘sniper’ command again or run ‘sniper -u’ to confirm the version was updated to v9.1 after.