Release v1.0.0-rainbow6

Bugfixes

• Fixed tusFileCleaning error (#1949)
• Catch a migration running error and prevent docker-entrypoint to continue further on failure (#1951)
• Fixed bug where PATCHING and POST was not checked for permissions (#1957)
• Fixed patch current user to change own user without permissions (#1958)
• Fixed bug in content length calculation (#1984)
• Parse comma in filter (#1985)
• Fixed creation of task by using correct parameter for cracker binary (#2012)
• fix user object argument for supertask builder helper (#2032)
• Fixed access issues where users could access chunk and hash info from other access groups they were not member of. Thanks to Mateo Hahn from the Red Team Ops of Bureau Veritas Cybersecurity for finding and reporting this issue. (#2031)
• Fix subtask loading where wrong use statement was used (#2036)
• Correct cracked count of task wrappers if needed (#2037)
• Made a taskwrapperview to be able to properly sort in the task view (#2034)

Enhancements

• Update the basic install manual according to the latest release (#1946)
• Update of the manual- - fixing style (#1947)
• Large Rework on Codebase (#1929)
• Made CrackerBinaryType.typeName unique (#1950)
• Improve IPv6 handling on about page (#1943)
• Removed taskExtraDetails endpoint (#1945)
• made classpath calls to usort consistent (#1952)
• Added helper for getting available tasks for agent (#1953)
• Api tokens (#1965)
• Removed not working transaction for updating hash length (#1979)
• Made it possible to update a single config (#1981)
• Better error message when login in with invalid user (#1991)
• Fixed class names by removing the package from the name (#1987)
• Updated nginx docs to recent syntax and status code 308 for redirect (#2003)
• Added a flag isActive to tasks api response to show whether a task is active (#2005)
• Check if the total hash count of a hashlist needs to be fixed (#2033)

Full Changelog: v1.0.0-rainbow5...v1.0.0-rainbow6

Release v0.14.8

Bugfixes

• Fixed access issues where users could access chunk and hash info from other access groups they were not member of. Thanks to Mateo Hahn from the Red Team Ops of Bureau Veritas Cybersecurity for finding and reporting this issue. (#2031)

Release v1.0.0-rainbow5

Bugfixes

• Replace random function for random string generation fixing a critical vulnerability (#1944). Thanks to Philipp Tekeser-Glasz from HvS-Consulting GmbH for finding and reporting this vulnerability. See security advisory at GHSA-g82f-3w53-p6x5
• Fixed bug that included errors where not added to response (#1752)
• Fix statement building in DBA on empty filters (#1760)
• Fixed bug in legacy agentbinary update (#1802)
• Added additional check to avoid log entries if a hash just was already cracked (#1858)

Enhancements

• Add hashtopolis- prefix to db Docker container name (#1572)
• Made responses smaller by not pretty printing the json (#1733)
• DBA mapping rework (#1762)
• Upgraded deprecated jwt library to maintained jwt library (#1785)
• Added index for timeCracked on Hash table (#1786)
• Added an improved CORS implementation(#1725)
• Implemented sparse fieldsets support on the backend (#1715)
• DBA migrations and postgres support (#1795)
• Made dockerfile smaller by using smaller slim base image (#1826)
• Refactored load.php into different use case startup parts (#1853)
• Added OAUTH authentication to backend (#1859)
• Added helper to retrieve files in the import directory (#1877)

Full Changelog: v1.0.0-rainbow4...v1.0.0-rainbow5

Release v0.14.7

Enhancements

• Add hashtopolis- prefix to db Docker container name (#1572)

Bugfixes

• Replace random function for random string generation fixing a critical vulnerability (#1944). Thanks to Philipp Tekeser-Glasz from HvS-Consulting GmbH for finding and reporting this vulnerability. See security advisory at GHSA-g82f-3w53-p6x5

Release v1.0.0-rainbow4

• Fixed status calculation in backend (#1716)
• Fixed upgrade of agentbinary to new binaryType (#1722)

Release v1.0.0-rainbow3

Enhancements

• No hard error when permission is missing from includes (#1627)

Bugfixes

• Only use the mask as subtask name in supertask import to avoid too long names (#1681)
• Fixed error in tests by removing deprecated {extension} from new confidence version (#1677)

Release v1.0.0-rainbow2

Enhancements

• Return cprogress from TaskExtraDetailHelper, required for frontend's Visual Graph component (#1674)

Bugfixes

• Fixed searchHashes helper to return the objects properly (#1662)

Release v1.0.0-rainbow

Enhancements

• Updated OpenAPI docs to latest API updates
• Improved version comparison to avoid update script issues
• Many more enhancements to improve functionality on new frontend

Bugfixes

• Fixed missing .htaccess to avoid access to install directory on docker setups
• Many more bugfixes to work correctly with the new frontend

Release v0.14.6

Bugfixes

• Fixed upate script v0.14.4 -> v0.14.5 where some hash types were incorrectly named due to double quotes and dollar signs in names

Release v0.14.5

Enhancements

• Include new agent compatible with hashcat 7.0.0+ (note 7.1.0 and 7.1.1 are not compatible due to an issue in hashcat, see hashcat/hashcat#4446)
• Added three more indexes in MySQL to improve the task view drastically (Note: these are not created on update due to performance issues, only on new installs)
• Added an additional multi-column index in MySQL on the chunk table to increase performance for agents getting tasks (Note: these are not created on update due to performance issues, only on new installs)