Escolar Documentos
Profissional Documentos
Cultura Documentos
1 Beta (RC 1)
----------------------
Sentry 2.0
----------
- Fixed bug when Specific Response is cleared in Proxy Analyzer. Defaults now
back to 401. (Eternal)
- Fixed bug with Reload Settings in Progression Frame. (Eternal)
- If using Header Key Phrases, you can now use Source Key Phrases also.
- Fixed minor bug when appending '/' at the end of URL's with '?' in them.
- Fixed bug when no POST Data was extracted with Refresh Session Data's GET
Request.
- Fixed bug when using Global Failure Key Phrases when Source Failure Key Phrases
was empty. (Psykodelik)
- Fixed graphical bug in About Box. (Psykodelik)
- Fixed My List Statistics bug. (Psykodelik)
- Made Blacklist multiselect.
- Fixed bug when sending Proxies To Blacklist in Analyzer and My List. Ports were
not trimmed. (Psykodelik)
- History is now linked with Progression Frame, so you can see your new hits when
you go to the History Frame
while a bruteforce session is being run.
- Upgraded History Saving. History is now saved when the Progression Frame is
freed. (Eternal)
- Upgraded Form Parsing Engine.
- Fixed nag screen about not building a correct header with POST Requests.
(chillerz)
- Fixed bug when sending a POST Request in HTTP Debugger and not filling out POST
Data. (chillerz)
- Fixed bug if User-Agent List file did not exist. (chillerz)
- Added Send To HTTP Debugger in My List and Proxy Analyzer.
- Fixed bug when an engine completed and you were not at the engine's frame, the
frame would never be freed.
This was the cause for the History Frame unable to be displayed.
- Fixed bug which caused a rare chance of changing a site without Sentry not
resetting some features (form data,
and wordlist position).
- Fixed bug which caused some redirects not to be followed.
- Added Send Proxies To Analyzer in My List Frame in Right Click Menu.
(splendidly_null)
- Added Load Settings From Snap Shot and Save Settings From Snap Shot.
- Fixed bug when saving wordlist to SnapShot if the wordlist's name contained a
'.'.
- Removed POST Data sanity check when exiting HTTP Header Frame.
- Fixed bug with POST Wizard when username or password fields had a value in
them. (sPlico)
- POST Wizard now automatically analyzes the site if the Form Data is blank.
(sPlico)
- POST Wizard now loads data from the previous time. (sPlico)
- Fixed bug with HTTP Basic Auth with HTTP Debugger. It didn't work because of a
RC 6+ change. (Psykodelik)
- Fixed bug when banning a proxy in Progression Frame when list was empty. It
added a blank line.
- Added button to reload engine settings on hover panel in Progression Frame. Now
you can change some settings
and press this button instead of stopping and starting the engine for the new
settings to take effect.
- Removed Popup Menu on Progression Listview and replaced the menu items with
buttons on the hover panel.
- Added a hover panel to Progression Frame. To activate this panel, move your
mouse to the right edge of the
Progression Listview.
- Implemented Form Engine.
- Added Debug Engine Form in Progression -> Right Click Progression ListView ->
Debug Engine.
- Added Horizontal Scroll Bars to the Keyword ListBoxes in Keywords Frame.
- Fixed bug when finding a banned keyword that was caused by the combo. It will
now only retry the combo 5
times until declaring it bad and moving on.
- Changed scope of Header Keywords. They can now be used in GET requests.
- Fixed bug when using History or Proxy Analyzer Engine and going to Progression
Frame and changing wordlist
position using the slider.
- Changed Resolve Host Before Attack to be unchecked as default. This can cause
some scripts to 403 every
attempt.
- Added Status Code in Retrying Bot message.
- Main Site ComboBox now has sorting enabled.
- Added dynamic bots to the Bruteforcer.
- Fixed bug with Snap Shots wordlist position. If you chose cancel, it still read
the Snap Shot wordlist
position.
- Fixed bug where Retrying bots or Fake Bots didn't update Statistics until the
bot completed.
- Added check in Settings -> HTTP Header: If user chooses POST Request without
entering POST Data, the
Form Wizard will be launched.
- Changed Follow Redirects intelligence. Now Sentry will only automatically
Follow Redirects if using GET
and any type of Source Keywords, otherwise it listens to the Follow Redirects
option.
- Added right click menu to Debug Popup Memo.
- Added Cookie and Referer parameters in Form Wizard if needed to retrieve Form
Data.
- Changed most of the History Menu Items (Edit XXX) to allow editing of multiple
sites. This way, you can
load a list of sites and edit all their failure keywords at the same time.
- Made clickable area longer in the OutlookBar Bar on the left side.
- List -> Wordlist: Replaced ListBox with a ListView to fix Win9x big wordlist
loading errors.
- Fixed bug in Proxy Analyzer that allowed you to start a Specific Site Test
without a site entered. (sPlico)
- Fix bug in Basic Auth. Engine that didn't count some 3xx (other than 302)
responses as redirects.
- Fixed infinite retry bug when After FingerPrint returned a 200 and the proxy
died before a 200 or 401
was returned. It will now try 5 retries, and if all 5 are errors, then the
current proxy is disabled and
the combo is retried from the beginning of the fake procedure.
- Added option to not display wordlist in ListBox. Hopefully this fixed the Win9x
big wordlist loading problems.
- Added Send Selected Proxies To My List and Send All Proxies To My List in Right
Click Menu in Proxy Analyzer.
- Added option to only send selected proxies to My List. (sPlico)
- Added OK button to Proxy Analyzer Options Dialog. (Flyer)
- Get External IP is now default to False so no network connections on program
open.
- Changed tooltip times to wait 10 seconds before closing. (Psykodelik)
- Added Send To History in Popup Menu to the Hits/Fakes/Redirects ListBox.
(Psykodelik)
- Fixed visual bug when maximizing Integration page. The Opera Help button was
out of position. (Psykodelik)
- Added Copy URL to Clipboard in Popup Menu to the Hits/Fakes/Redirects ListBox.
(Psykodelik)
- Added Show Popup Memo (if there is data in it) in Popup Menu in Progression
List. (Psykodelik)
- Added Open Debug.txt to Popup Menu in Progression List.
- Wordlist position is now reset intelligently depending on if you change your
site, like in Sentry 1.x.
- Sites now save in Main Site ComboBox.
- Added option Auto-Build Header in Settings -> HTTPHeader for GET and HEAD
requests. (Default is True)
- Upgraded intelligence of prompting when the user needs to build an HTTP Header.
- Fixed bug with Progression List not clearing on beginning of a new test.
(sPlico)
- Fixed Statistics Bug. It didn't keep track of Status Code replies.
- Fixed bug when trying to start a test when a wordlist was not being used.
- Moved Bots Slider and Wordlist Position Slider into Progression Frame.
- Implemented Wordlist Position Slider to work with the engine in Lists ->
Wordlist. I forgot this in RC 1.
- Fixed bug when beginning a test: Sentry started at the 2nd combo, not the first
one.
- When HTTP Debugger completes it now displays Status Code and Status Reply in
the StatusBar. (Psykodelik)
- Fixed bug when sorting sites by Site Name. It didn't account for emails in the
username. (Psykodelik)
- When displaying a Header from the OutlookBar that only has 1 page, this page is
automatically displayed. (sPlico)
- Fixed bug when BruteForcer engine was being initialized. It read the URL from
the INI File, not the ComboBox
on the Main Form. (Psykodelik)
- Rewritten from scratch. Nothing is the same as in previous 1.x versions. I left
the changelog in here to show a
complete history of Sentry.
- Made main Site combobox not alphabetical order anymore. It will put the last
tested site at the top of the list.
(theFarmer)
- Added agent randomizer. This is used by default. Also used in History Checker.
See below for details.
- Added option to assume a certain redirect is a fake. This is helpful if you
think/know the site redirects
to a certain member's URL or just want to see better your redirects that aren't
this path. This can be used
together with the other redirect options. (Used in Snap Shots) (Wolfman)
- Added option to not reactivate proxies banned for fake replies. Made it part of
the default settings. This is
good if you only want to ban fake proxies, and not all 200 reply proxies. (Used
in Snap Shots)
- Snapshots couldn't save if a ":" was present in the URL (because of a port
number).
- Changed both Manager Lists to Multi-Select. (theFarmer)
- Added option to Sort History by Image. Good if you want to put
hits/misses/redirects together.
- Fixed bug with writing to Debug file. There was no way to stop Sentry of doing
this in last version because it
was broken.
- Recoded the History Select code. Much more accurate and efficient now.
- Fixed bug with Limit Retry code. It didn't reset the count when you abort and
start a new test.
- Rewrote some of the Set Proxy code. In extreme cases, it could have caused
problems.
- Fixed graphical bug when resizing the form with "Check for Update" command
button.
- Fixed a bug with reactivating proxies.
- Turned off Hide Selection on History Listview. I don't know why I had it
enabled in the first place.
- Fixed bug with banning Fake proxies. Sentry used to ban the proxies it used
with Check Hits X Times, even though
they could still be good proxies.
- Sentry will now remember what directory you use when opening files with Proxy
Analyzer. (PhanTom)
- Fixed major bug when you do not have simultaneous testing checked and you have
sites in that list. Sentry only
tried the first combo. (WD40)
- Fixed Bug when not using "http://" infront of a site. It will now save
correctly. (ItalianGuy)
- Added Accept Language Field in HTTP Debugger.
- Fixed bug with loading proxies and having invalid integer with ports. (Sniper)
IMPORTANT: Read over all the changes in this file, and then if you need further
help, look at the program/manual.
Some help is already inside the program. The manual didn't get a full
update, because I didn't think
it was necessary.
- Turned AutoComplete off with the combobox for HTTP Debugger. (Falk0n)
- Added an Updater so you can always check to see if you are using the latest
version of Sentry.
- Fixed List Out of Bounds bug in History Checking.
- All Bots now default to 1 to prevent hammering on sites. (theFarmer)
- Fixed various bugs with limit Retry Engine.
- Removed Custom Hit Response, because defining Header Success Key Phrases is
much more effective and does the
same thing but in more detail.
- Made the textboxes for the length filter's to handle double digits. (wolverine)
- Made all listboxes (Key Phrases) multi-select.
- Made simultaneous listbox multi-select and it now sorts alphabetically.
(cobradiver)
- Put an option so you don't need to reset your wordlist every time you test a
new site. Sentry will auto-detect
it now (cobradiver)
- Fixed bad bug with Paste Proxies into My List. It didn't work, now it does.
- Added option to limit Retries and to limit them to an exact number. (theFarmer)
- If you get a hit and the exact hit is already in your history, it will not be
added, but the Time column
and proxy column will be updated.
- Fixed bug when all your proxies are banned and cannot be reactivated. It caused
an access violation error.
- Added Paste Proxies To My List. This uses the append option, so if you want to
append the pasted proxies,
then make sure you have Append to My List checked. (cobradiver)
- Fixed bad bug when you checked Filter Length and you had a combo at the end of
your wordlist that got
filtered. It caused a list out of bounds error. (vronique)
- Added option to Copy Proxy To Clipboard in the Hit list. (cobradiver)
- Fixed Copy to Clipboard in Hit ListBox to just copy the URL and not the proxy
information.
- Fixed bug with Defining a Failure Header Key Phrase. It didn't record hits.
- Added 2 options to not reactivate proxies (On 200 Response and on Bad Key
Phrase found). (Used in Snap Shots)
- Fixed bad bug when hits were done in simultaneous mode. Some routines added the
site from the combobox when in
fact, it could have been one of the sites from the simultaneous list.
- Added Retry Redirects X Times. Default is set to 0, because it is an advanced
option and rarely needed.
(Used in Snap Shots)
- Added more redirect protection, if a site is redirecting, I strongly suggest
you use GET Source Key Phrases,
unless you specify a redirect path as a hit.
- Added option to specify a redirect path as a hit. (Also used in Snap Shots)
- Added more options for History Saving (save SITE l: p: format and Detailed
History Saving).
- When loading a combo list, Sentry now deletes all trailing and leading spaces
on each combo.
- When a test ended, Sentry automatically aborted regardless of a combo needing a
retry. This is fixed except if
you click the abort button, combos will not be retried if they do. (You clicked
the abort button so don't blame
me)
- Moved Referer and Data To Post Fields to the Main Page in HTTP Debugger. These
options are the most common to
modify and this makes it easier.
- Added 3 new saving options under the history (Save Combos, Save URLs, Save Base
URLs)
- Made History Checking "select only", meaning you need to select the sites you
want to verify. ("a" selects
the entire list).
- Added Parse Proxy Key Phrase under Specific Site. (See Below)
- Moved Proxy Rotation and Ban Proxy options to the Proxy Options tab.
- Made a New tab Proxy -> Proxy Options (Deals with actual proxy options during a
test).
- Changed tab Proxy -> Options to Proxy -> Analyzer Options (Only deals with the
Proxy Analyzer).
- Fixed bad freezing bug with external ProxyJudge.
- Added a Horizontal Splitter in the progression tab. You can now resize the
Listview and the tabs at the bottom.
- Upgraded the GET Parsing engine so that you can now use Failure and Success Key
Phrases. Success Key Phrases have
priority over Failure Key Phrases.
- Added an option to abort a site after x hits. (Under Fake Tab, used in Snap
Shots also)
Note: This will abort when total hits equals X, so keep this in mind when doing
Simultaneous Sites
- Fixed a small memory problem with the internal judge.
- Added option to update My List after proxy analyzing completes.
- Added option to Delete Bad and Timeout Proxies Automatically after proxy
analyzing completes.
I decided to leave the Beta Readme as a part of the real readme, because this way
you can see how Sentry grew and
you might understand some more of the options by looking chronologically how they
have been added.
===================================================================================
=====================================
- Fixed very bad bug with retrieving IP Externally. It didn't clear the source
from the array which meant if you
tried to do a proxycheck afterwards, the source from that webpage would be
appended to the source of your first proxy, making it appear not anonymous
when infact it very well could be anonymous.
- Launch Base Site in Browser (the globe icon next to the site combobox) now
supports (http://members.somesite.com).
- Fixed bad bug with History (List out of bounds error). Was an error in the
proxy setting routine.
- Added option to Check Hits x times using the same proxy it got the hit with.
- Changed Edit Wordlist in Auto-Pilot to Open Dialog Box.
- Added load Proxies to My List option. Proxies are compared against Blacklist
and then loaded to My List.
- Fixed 2 bugs regarding the AutoPilot popup menu. If no jobs in list, then gave
a exception error.
- Fixed bug when loading Sentry, wordlist position didn't load right.
- Fixed bug with Wordlist from disk, you can now set a start position using the
wordlist position slider.
- Very bad bug in GET Engine, with failure key phrase used and content-length not
checked. No hits were
recorded.
- More fixes on Read Wordlist From Disk.
- Fixed a bug with adding proxies to the proxy analyzer. Some bad ports slipped
through.
- Fixed cosmetic bug with Internal ProxyJudge panel. There was a way you can make
it not dissapear and it
was not checked.
- Added option to save a list of URLs in Auto-Pilot.
- Added option to load a list of URLs with "Regular Settings" and your Current
Wordlist in Auto-Pilot.
Beta (RC 4) (Thanks�R@nge� for all your input and help) (04-6-03)
-----------
Beta (RC 3) (Special Thanks to Wolfman for his various inputs. Your help is
greatly appreciated :) (27-5-03)
-----------
- Added an option to reactivate all proxies when the active proxies equal or go
below x amount.
- Added an Internal ProxyJudge. Works the same as Proxyrama except for HTTPS and
Country Locator.
See below for more information. (Thanks Gaa Moa for your Open Source)
- Fixed Bug with Delete Gateway. If Gateway was blank, the proxy was deleted.
- History now saves on the fly to a file called "Logfile.log".
- Added a use No Proxy Option. This Option does not save.
- Fixed Bug with removing duplicates when a new wordlist is added to Wordlist
History.
- Added a Proxy Blacklist. This is used to compare whether a proxy should be
loaded into My List when you
click Update My List.
- Added a Page Viewer in the HTTP Debugger. It simply just displays in HTML the
source which the debugger
returned.
- Fixed HTTP Debugger when posting data. It didn't work correctly and caused an
error most of the time.
- Fixed bad bug with "Ban Proxy on 200 Reply". It banned all proxies because I
misplaced it in an if/then
statement.
- Fixed bug with calculating attempts when aborting. It missed the aborted
attempts.
- Fixed division by zero bug on very slow starting tests.
- Fixed Bad bug when aborting a test. Was a bug in the retry engine when test was
aborted and combos
that were going to be retried were passed as hits.
- Added an AboutBox Page
- Added a randomize function under Proxy Analyzer (Randomize them and then send
them to MyList)
- Added simple manipulation features.
- Changing wordlist position can now be done on the fly. (I though this was
already implemented until
I realized I forgot to do it when recoding some things for the wordlist from
disk option).
- Added Read wordlist from disk to save memory for big wordlists.
- Added a button that extracts proxies from clipboard to the analyzer.
- Added a reset button on the wordlist position panel.
- Sentry now automatically uses Get request method if you are using a fake
prevention that
requires this request method.