MBot Posted February 13, 2024 at 12:02 PM Share Posted February 13, 2024 at 12:02 PM Unreferenced strings are allowed if their identifier start with _ (#1941) New command-line option --disable-console-logs for disabling the output of the console module (#1915) New command-line option --strict-escape that raises warnings on unknown escape sequences (#1880). Improve performance by avoiding the execution of rule conditions that can't match (#1927) Add callback message CALLBACK_MSG_TOO_SLOW_SCANNING for notifying about slow rules (#1921). Expose function RVA in pe.export_details(#1882). BUGFIX: Fix issues in the computation of imphash in pe module (#1944). Credits to the NSHC ThreatRecon team! BUGFIX: Fix multiple out-of-bound memory reads in dex module (#1949, #1951). BUGFIX: Fix memory alignment issues (#1930). BUGFIX: Some strings with the wide and ascii modifiers not matching as they should (#1933). BUGFIX: Some rules not matching when --fast-scan is used (4de3d57) BUGFIX: Properly list memory regions while scanning processes in Mac OS. (#2033) BUGFIX: RFC5652 countersignatures are now correctly parsed in pe module (#2034) BUGFIX: Fix potential DoS due to crashes in authenticode parser with malformed files (#2034). Credits to Bahaa Naamneh! BUGFIX: Fix SIGSEGV in magic module when libmagic returns null pointer (3342aa0) BUGFIX: Prevent infinite recursion while following symlinks (923368e) Thanks to: @mgoffin, @wxsBSD, @cblichmann, @secDre4mer, @vthib, @regeciovad, @kylereedmsft, @TommYDeeee, @humpalum, @metthalDownload Link to comment Share on other sites More sharing options...
Recommended Posts