Release v1.0.0-rainbow5

Bugfixes

• Replace random function for random string generation fixing a critical vulnerability (#1944). Thanks to Philipp Tekeser-Glasz from HvS-Consulting GmbH for finding and reporting this vulnerability. See security advisory at GHSA-g82f-3w53-p6x5
• Fixed bug that included errors where not added to response (#1752)
• Fix statement building in DBA on empty filters (#1760)
• Fixed bug in legacy agentbinary update (#1802)
• Added additional check to avoid log entries if a hash just was already cracked (#1858)

Enhancements

• Add hashtopolis- prefix to db Docker container name (#1572)
• Made responses smaller by not pretty printing the json (#1733)
• DBA mapping rework (#1762)
• Upgraded deprecated jwt library to maintained jwt library (#1785)
• Added index for timeCracked on Hash table (#1786)
• Added an improved CORS implementation(#1725)
• Implemented sparse fieldsets support on the backend (#1715)
• DBA migrations and postgres support (#1795)
• Made dockerfile smaller by using smaller slim base image (#1826)
• Refactored load.php into different use case startup parts (#1853)
• Added OAUTH authentication to backend (#1859)
• Added helper to retrieve files in the import directory (#1877)

Full Changelog: v1.0.0-rainbow4...v1.0.0-rainbow5

Release v0.14.7

Enhancements

• Add hashtopolis- prefix to db Docker container name (#1572)

Bugfixes

• Replace random function for random string generation fixing a critical vulnerability (#1944). Thanks to Philipp Tekeser-Glasz from HvS-Consulting GmbH for finding and reporting this vulnerability. See security advisory at GHSA-g82f-3w53-p6x5

Release v1.0.0-rainbow4

• Fixed status calculation in backend (#1716)
• Fixed upgrade of agentbinary to new binaryType (#1722)

Release v1.0.0-rainbow3

Enhancements

• No hard error when permission is missing from includes (#1627)

Bugfixes

• Only use the mask as subtask name in supertask import to avoid too long names (#1681)
• Fixed error in tests by removing deprecated {extension} from new confidence version (#1677)

Release v1.0.0-rainbow2

Enhancements

• Return cprogress from TaskExtraDetailHelper, required for frontend's Visual Graph component (#1674)

Bugfixes

• Fixed searchHashes helper to return the objects properly (#1662)

Release v1.0.0-rainbow

Enhancements

• Updated OpenAPI docs to latest API updates
• Improved version comparison to avoid update script issues
• Many more enhancements to improve functionality on new frontend

Bugfixes

• Fixed missing .htaccess to avoid access to install directory on docker setups
• Many more bugfixes to work correctly with the new frontend

Release v0.14.6

Bugfixes

• Fixed upate script v0.14.4 -> v0.14.5 where some hash types were incorrectly named due to double quotes and dollar signs in names

Release v0.14.5

Enhancements

• Include new agent compatible with hashcat 7.0.0+ (note 7.1.0 and 7.1.1 are not compatible due to an issue in hashcat, see hashcat/hashcat#4446)
• Added three more indexes in MySQL to improve the task view drastically (Note: these are not created on update due to performance issues, only on new installs)
• Added an additional multi-column index in MySQL on the chunk table to increase performance for agents getting tasks (Note: these are not created on update due to performance issues, only on new installs)

Release v0.14.4

Enhancements

• Use utf8mb4 as default encoding in order to support the full unicode range
• Log hashes when they are skipped. This way the administrator can detect when Hashcat rebuilds the hashes incorrectly

Bugfixes

• Fixed a bug where creating a new preprocessor would copy the configured limit command over the configured skip command

Release v0.14.3

Tech Preview New API

Release 0.14.3 comes with an update to the tech preview of the new API. Be aware, it is a preview, it contains bugs and it will change; To use it, please see https://github.com/hashtopolis/server/wiki/Installation.

Changes/Bugfixes on new UI:

• After updating a task, the tasks table is also updated
• Files can now be deleted via the context menu of the files-table
• Step sequence corrected according to agent registration
• Standardization of the headline styles and customization of the DarkTheme
• Selected preprocessor value is now processed correctly when creating new tasks
• Checkbox values on the config page are now displayed correctly
• New Help/Contact Menu
• The hashlists are now displayed correctly according to the tasks on the tasks page
• Encoding bug fixed, Unicode characters were displayed incorrectly

Bugfixes

• Fixed a bug in the user API where a hash in binary format did not return the plain text when cracked
• Increase the limit of the attack command length