-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathchangelog.txt
251 lines (184 loc) · 6.01 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
ai-bolit.php
------------
http://www.revisium.com/aibo/
Changes 20181107
- Added new 'sn' field in json report. It contains string identifier of found malware.
- Updated malware signatures
Changes 20181009
- Updated malware database
Changes 20180912
- Enhanced malware
- Bugfixes
Changes 20180830
- External malware db supported via --avdb= command line argument
Changes 20180709
- Added command line argument --listing=stdin to read listing of files to scan from stdin
- Added command line argument --json-stdout to print out json report directly to the stdout
- Improved malware snippets
- Removed obsolete report sections
- Updated malware DB
Changes 20180627
- Added --listing=... command line argument to scan the list of files loaded from specified file
- Added --no-html command line argument to suppress html report generation
- Removed obsolete report entries
- Updated malware DB
Changes 20180616
- Improved malicious snippet representation in the report
- Updated malware DB
Changes 20180511
- Added --deobfuscate parameter which enables auto-decode of obfuscated scripts
- Updated malware DB
Changes 20180501
- Updated malware DB
Changes 20180419
- Updated malware DB
Changes 20180402
- Fixed Drupal version checker
- Added Drupal vulnerability check (Drupageddon 2)
- Updated malware DB
Changes 20180325
- Fixed bug with source code notmalization
- Updated malware DB
- Added new command line parameter --user= which specifies the user id which the scanner will be running under.
Changes 20180211
- Updated malware DB
Changes 20180124
- Updated malware DB
Changes 20180122
- Updated malware DB
- Optimized signature database
Changes 20171210
- Updated malware DB
- Added dot (".") to the --scan= parameter in order to scan files without extensions
Changes 20171116
- Updated malware DB
Changes 20171030
- Updated malware DB
Changes 20171019
- Improved snippets of detected malware
- Updated malware DB
Changes 20171003
- Fixed deobfuscation bug
- Updated malware DB
Changes 20170930
- Updated malware DB
Changes 20170925
- Updated malware DB
Changes 20170904
- Updated malware DB
- Deobfuscation of the source code
Changes 20170820
- Updated malware DB
- Fixed signatures DB
Changes 20170811
- Updated malware DB
Changes 20170803
- Updated malware DB
Changes 20170703
- Fixed minor bug in several signatures
- Updated malware DB
Changes 20170626
- Improved singature optimization algo
- Updated malware DB
Changes 20170612
- Added --smart parameter in the command line
- Updated malware DB
Changes 20170605
- Added vulnerabilities to json report
- Updated malware DB
Changes 20170527
- New viruses signatures
Changes 20170519
- Fixed encoding in the report
Changes 20170504
- New virus signatures
- External php-handlers for AI-BOLIT integration
- Fixed plain text report
- External file to track the scanning progress
- New json-format scanning report
Changes 20170301
- Reworked singatures to reduce false positives
- Added virus signatures and new whitelist files
Changes 20170217
- Added Joomla PHPMailer vulnerability discover
- Fixed vBulletin version detection
- Scan speedup using smart scan
- Reduced amount of false positives
- Added virus signatures and new whitelist files
Changes 20170110
- Added virus signatures and new whitelist files
- PHPMailer vulnerability is detected
Changes 20161225
- Added virus signatures and new whitelist files
- Optimized and improved scanning process
Changes 20161127
- Added virus signatures and new whitelist files
Changes 20161119
- Added virus signatures and new whitelist files
- Fixed snippets in ai-bolit script
Changes 20161110
- Added virus signatures and new whitelist files
- Fixed vps_docroot.php script
Changes 20161011
- Added virus signatures and new whitelist files
Changes 20161024
- Added virus signatures and new whitelist files
Changes 20160817
- Added virus signatures and new whitelist files
- Some minor report cleanups
Changes in 20160720
- Added virus signatures and new whitelist files
Changes in 20160701
- Added virus signatures and new whitelist files
Changes in 20160503
- Added php7 and pht extensions in mandatory list to scan
- Added virus signatures and new whitelist files
Changes in 20160312
- Fixed sorting order in report
- Added virus signatures and new whitelist files
Changes in 20160305
- Added new command line argument --scan to scan particular extensions
- New whitelist approach to filter false-positives. Please ensure that your PHP.ini has short_open_tag=on (or launch scanner with the following command short_open_tag=on (php -d short_open_tag=on ai-bolit.php ...)
- Added new signatures
- Minor bugfixes
Changes in 20160227
- New whitelist approach to filter false-positives. Please ensure that your PHP.ini has short_open_tag=on (or launch scanner with the following command short_open_tag=on (php -d short_open_tag=on ai-bolit.php ...)
- added new signatures
Changes in 20160219
- fixed issue in whitelisting mechanism. Need to set short_open_tag=on while running ai-bolit (php -d short_open_tag=on ai-bolit.php ...)
- added new signatures of malware
- added new CMSes to whitelist database
Changes in 20160202
- added new whitelist
- added new malware signatures
- new scanner international version
...
Changes in 20130201
- new signatures added
- report is protected from SE indexing
- report file name includes randomly generated number against bruteforce protection
- added wordpress 3.5.1 into .aknown list
Changes in 20130122
- new signatures added
- added known files for instant cms and invision power board cms
- hidden files detection
- bugfix
Changes in 201301221
- flexible patterns to find shell and malicious code
- extended mechanism for exceptions
- console report now has a statistics
- bugfix
Changes in 20121106
- new signatures
- search "sensitive" files which are not in safe
- bugfix
Changes in 20121014
- added 170 new signatures
- symlinks are skipped
- php info added
- checn for php build version
- improved external include analysis
- report file renamed: AI-BOLIT-REPORT-<äàòà>_<âðåìÿ>.html
- improved scanning progress
...