OpenRASP project in April 2017, its original purpose was to provide a common security framework, and improve application protection capabilities for unknown vulnerabilities. Struts2 vulnerability is a typical series of unknown vulnerabilities. From the latest S2-001 to S2-057, wherein it is characterized in changing a request, perform a final statement or deserialize OGNL some way, then acquisition system privileges.
RASP protection engine running and internal applications, can solve this problem. Regardless of vulnerability, its ultimate purpose is: to perform system commands, upload webshell, drag library and so on. So we achieve such a security framework: detecting characteristics of the request is not dependent attack, but when the application performs the above key operation is performed for a self-defined logic checks whether there is an abnormality.
This release OpenRASP 1.1 version, a significant reduction in memory footprint, and repair problems QQ group user feedback.
Significant changes
General changes
- Google v8 upgrade to version 7.2
- The syntax interpreter replaced by the antlr4 flex, reduced memory footprint
PHP version
- Replace libstdc ++ to libc ++
- Pcre rely removal
- Binary package adds Thread Safety version
Java version
- Alternatively rhino is openrasp-v8
- SQL, SSRF detection logic to achieve JS
- Temporarily removing
JRockit JDKsupport, WebLogic 10.3.6 needs to be setJAVA_VENDOR=Sunto switch to Oracle JDK
Plug-in system
- Streamline console.log function, delete the relevant code color
- Reaching a test plug-stack filter out content com.baidu.openrasp
new features
General changes
- SQL abnormal increase password error monitoring
- Implement database connection detecting weak passwords
Java version
- XXE codes increase the safety switch, an external entity can be loaded directly prohibit
Bug fixes
General Repair
- After the plug-in update is successful, immediately issued a heartbeat, solve lag version information management background
- Alarm stack filter out content openrasp
Java version
- Repair checkpoint file upload problem of false positives, instead retested after the user uses the file
- Under repair Windows, openrasp.yml file encoding is not the right questions
- Fix the problem JBoss 12 or more can not be automatically installed
- Unable to get the problem solved JSP stack
- Xss fix the problem after following Tomcat interceptors will not jump
- After repairing a heart failure, the heart will never bug
- Tomcat 5 to resolve the following html injection function is not working properly
- Repair install does not restart, residual problems after uninstalling heartbeat thread
- PHP version and unified log.maxbackup logic configured to retain log yesterday and today at 1
Management background
- The repair detect duplicate upload plugin problem
- Home increasing the front-end cache invalidation settings
- Repair debug_level field is not a number of issues
- When the application below online host, not allowed to delete applications
- Repair applications in nosniff misspelled issue reinforcement, the user can save the configuration once repair