From f3f6a53fe0edf3a3229b3fdc52708c63b96dd876 Mon Sep 17 00:00:00 2001
From: Mazin Ahmed <mazin@mazinahmed.net>
Date: Wed, 8 Nov 2017 17:22:31 +0300
Subject: [PATCH] v1.4 Release.

---
 CHANGELOG.txt | 13 +++++++++++++
 bfac          | 25 ++++++++++++++++++-------
 setup.py      |  2 +-
 3 files changed, 32 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index c8c1797..ceaa29a 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -12,6 +12,19 @@
 
 ### Changelog:-
 
+* v1.4:
+  Additions/Features:-
+    [+] Added --proxy-file and --user-agents-file options.
+    [+] Improved console output.
+    [+] Added pattern for CVE-2017-12616.
+
+  Fixed Bugs:-
+    [*] Fixed a bug in proxying requests - Thanks Justin Kennedy @jstnkndy.
+
+  Known Bugs/Issues:-
+    None
+
+
 * v1.3:
   Additions/Features:-
     [+] BFAC now supports multithrading.
diff --git a/bfac b/bfac
index ed5f601..0784a3a 100755
--- a/bfac
+++ b/bfac
@@ -6,7 +6,7 @@
 #   An automated tool that checks for backup artifacts
 #   that may disclose the web-application's source code.
 # * Version:
-#   v1.3
+#   v1.4
 # * Homepage:
 #   https://github.com/mazen160/bfac
 # * Author:
@@ -59,7 +59,7 @@ def version():
     Returns current version.
     """
 
-    version = "1.3"
+    version = "1.4"
     return(version)
 
 
@@ -1126,11 +1126,19 @@ class ConsoleOutput:
                 sys.stdout.write('\033[1K')
                 sys.stdout.write('\033[0G')
 
-    def print_base_url(self, url):
+    def print_base_url(self, url,
+                       current_queue_counter=None, urls_queue_size=None):
         if self.console_output_check() == 1:
             return(1)
         with threading.Lock():
-            sys.stdout.write("%s URL: %s\n" % (symbols.info, url))
+            if urls_queue_size == 1:
+                sys.stdout.write("\n\n%s URL: %s\n" % (symbols.info, url))
+            else:
+                sys.stdout.write("\n\n%s [%s/%s] URL: %s\n" % (
+                    symbols.info,
+                    current_queue_counter,
+                    urls_queue_size,
+                    url))
             sys.stdout.flush()
 
     def testing_url_message(self,
@@ -1752,10 +1760,13 @@ def main():
     testedjar = queue.Queue()
     findings_queue = queue.Queue()
 
-    for url in URLs_list:
-        ConsoleOutput(notext=notext).print_base_url(url)
+    for url in enumerate(URLs_list):
+        ConsoleOutput(notext=notext).print_base_url(
+            url[1],
+            current_queue_counter=(url[0] + 1),
+            urls_queue_size=len(URLs_list))
         test_url(
-            url,
+            url[1],
             dvcs_test=dvcs_test,
             testing_level=testing_level,
             use_content_length_checks=use_content_length_checks,
diff --git a/setup.py b/setup.py
index ccffc37..e747f5f 100755
--- a/setup.py
+++ b/setup.py
@@ -15,7 +15,7 @@
 setup(
     name='bfac',
     packages=find_packages(),
-    version='1.3',
+    version='1.4',
     scripts=['bfac'],
     description="Advanced Backup-File Artifacts Testing for Web-Applications",
     long_description="An automated tool that checks for backup artifacts " +