Commit Graph

6128 Commits

Author SHA1 Message Date
Miroslav Stampar
4e611133c6 Fixes #2747 2017-10-17 16:34:09 +02:00
Miroslav Stampar
5f25a77eab Adding support for vBulletin password hashes (Issue #1881) 2017-10-17 11:21:03 +02:00
Miroslav Stampar
ae3c013054 Minor update 2017-10-17 10:38:33 +02:00
Miroslav Stampar
7b0f1fd7fc Couple of patches and implementation for SHA256 (Issue #1881) 2017-10-16 15:15:44 +02:00
Miroslav Stampar
1f60dfc835 Minor patch for WAF mechanism 2017-10-16 11:42:11 +02:00
Miroslav Stampar
94579aa80d Minor patch (salt should be 32 bytes in length) 2017-10-13 15:53:45 +02:00
Miroslav Stampar
0f4d202db4 Implemented support for Joomla passwd (Issue #1881) 2017-10-13 15:37:16 +02:00
Miroslav Stampar
a1dd7363d4 Implemented support for Apache SHA1 (Issue #1881) 2017-10-13 15:19:50 +02:00
Miroslav Stampar
12b331170b Minor bug fix 2017-10-12 15:08:09 +02:00
Miroslav Stampar
3ca4b7c0a9 Update for #1881 (unix_md5_passwd and apache_md5_passwd) 2017-10-12 15:05:32 +02:00
Miroslav Stampar
8c6b761044 Replacing doc/COPYING to LICENSE 2017-10-11 14:50:46 +02:00
Miroslav Stampar
c768fe4617 Changing file permissions to remove execute bit 2017-10-11 14:16:48 +02:00
Miroslav Stampar
b7db28a89b Minor refactoring (unused imports) 2017-10-10 16:14:39 +02:00
Miroslav Stampar
94a337b2e3 Implementation for an Issue #1306 2017-10-10 16:08:13 +02:00
Miroslav Stampar
df135a5b0c Sponsorship update (link) 2017-10-10 14:27:10 +02:00
Miroslav Stampar
d8caf7818d Sponsorship update (bold text) 2017-10-10 14:20:56 +02:00
Miroslav Stampar
339dc7ce37 Sponsorship update 2017-10-10 13:46:45 +02:00
Miroslav Stampar
5df7abb0ee Fixes #2737 2017-10-10 11:04:17 +02:00
Miroslav Stampar
1f5f2aff0b Adding support for Bing (as a fallback) 2017-10-09 14:25:08 +02:00
Miroslav Stampar
8c88a095fb disconnect.me turned into a DuckDuckGo proxy 2017-10-09 14:07:27 +02:00
Miroslav Stampar
09ddb3bd8b Minor update for #2731 (--smoke-test failed) 2017-10-04 14:02:47 +02:00
Miroslav Stampar
f1c102a020 Minor touch for internal re-hashing purposes 2017-10-02 16:32:37 +02:00
Syed Afzal
ae972de8fc Added identification for waf NAXSI 2017-10-01 22:15:02 +05:30
Miroslav Stampar
62519eed04 Minor patch (breaking lines on longer outputs - 100%) 2017-09-26 13:18:37 +02:00
Miroslav Stampar
222fd856fa Implementation for #2709 2017-09-25 11:32:40 +02:00
Miroslav Stampar
db94d24db1 Initial support for #2709 (more work to be done) 2017-09-21 14:35:24 +02:00
Miroslav Stampar
116c1c8b5c Minor refactoring 2017-09-20 15:49:18 +02:00
Miroslav Stampar
afc2a42383 Revisiting regexes for DBMS errors 2017-09-20 15:28:33 +02:00
Miroslav Stampar
44664dd7d6 Minor update (based on user request) 2017-09-19 14:36:34 +02:00
Miroslav Stampar
35ba94b3a9 Fixes #2696 2017-09-17 23:56:48 +02:00
Miroslav Stampar
24c261d630 Minor patch 2017-09-17 23:12:57 +02:00
Miroslav Stampar
6a8ea0557c Minor update 2017-09-15 14:23:55 +02:00
Miroslav Stampar
721bf4d243 Minor update related to the #2695 2017-09-14 13:28:24 +02:00
Miroslav Stampar
7de63a7efb Fixes #2694 2017-09-12 10:32:22 +02:00
Miroslav Stampar
12f802c70f Minor text update 2017-09-11 10:41:50 +02:00
Miroslav Stampar
96ffb4b911 Fixes #2693 2017-09-11 10:38:19 +02:00
Miroslav Stampar
93cb879e5d Fixes #2692 2017-09-11 10:17:02 +02:00
Miroslav Stampar
f67f26cebd Minor update 2017-09-11 10:00:35 +02:00
Miroslav Stampar
942ac7733a Fixes #2691 2017-09-09 22:27:40 +02:00
Miroslav Stampar
2496db9d96 Update for #2690 2017-09-08 11:59:26 +02:00
Miroslav Stampar
a3249019d9 Patch for an Issue #2690 2017-09-08 11:43:10 +02:00
Miroslav Stampar
96f80879ff Fixes #2688 2017-09-06 23:41:56 +02:00
Miroslav Stampar
96b9950f96 Fixes #2684 2017-09-05 13:13:08 +02:00
Miroslav Stampar
30ea219228 Fixes #2604 2017-09-05 12:48:51 +02:00
Miroslav Stampar
7c41bc57e7 Fixes #2683 2017-09-05 10:51:58 +02:00
Miroslav Stampar
e609bd04ad Fixes #2678 2017-09-04 23:00:16 +02:00
Miroslav Stampar
511f2a6d12 Update for #2680 2017-09-04 17:16:00 +02:00
Miroslav Stampar
415ce05a2f Fixes #2677 2017-09-04 17:05:48 +02:00
Miroslav Stampar
06deda3223 Fixes #2672 2017-09-01 14:29:52 +02:00
Miroslav Stampar
d4170f11f0 Patch for #2654 2017-08-28 17:29:46 +02:00
Miroslav Stampar
cb2258fea4 Fixes #2603 2017-08-28 13:02:08 +02:00
Miroslav Stampar
c871cedae4 Adding hidden option '--force-dbms' to skip fingerprinting 2017-08-28 12:30:42 +02:00
Miroslav Stampar
3e4130c5e6 Update for #2665 2017-08-28 11:08:36 +02:00
Miroslav Stampar
a6c04a59cb Minor update 2017-08-23 14:10:11 +02:00
Miroslav Stampar
53eb44304f Proper patch for #2666 2017-08-23 14:08:40 +02:00
Miroslav Stampar
400339a884 Fixes #2665 2017-08-23 13:52:51 +02:00
Miroslav Stampar
8b0c50f25d Update related to the #2663 2017-08-23 13:17:37 +02:00
Miroslav Stampar
e42b63f51c Typo fix 2017-08-20 10:02:26 +02:00
Miroslav Stampar
b8f88a079a Fixes #2659 2017-08-20 10:00:04 +02:00
Miroslav Stampar
a761e1d165 Fixes #2656 2017-08-16 03:08:58 +02:00
Miroslav Stampar
5b6926ae05 Fixes #2654 2017-08-11 11:48:05 +02:00
Miroslav Stampar
e862da6d4e Update for an Issue #2653 2017-08-11 10:47:32 +02:00
Miroslav Stampar
1ac0704c09 Fixes #2651 2017-08-09 16:52:36 +02:00
Miroslav Stampar
b6b51bea9d Fixes #2649 2017-08-07 11:27:22 +02:00
Miroslav Stampar
672abe8416 Minor just in case update 2017-08-04 13:59:15 +02:00
Miroslav Stampar
fac6712a35 Implements #2647 (Basic authorization for sqlmapapi) 2017-08-04 13:37:49 +02:00
Miroslav Stampar
68ee1f361b Fixes #2640 2017-07-31 14:20:59 +02:00
Miroslav Stampar
62ae149464 Minor patch 2017-07-29 03:35:05 +02:00
Miroslav Stampar
f071c8500c Fixes #2634 2017-07-29 03:18:49 +02:00
Miroslav Stampar
5745d650f8 Fixes #2635 2017-07-29 02:42:20 +02:00
Miroslav Stampar
de8ea53d46 Fixes #2628 2017-07-28 00:37:33 +02:00
Miroslav Stampar
23081f83db Fixes #2626 2017-07-28 00:16:06 +02:00
Miroslav Stampar
4d56a806e8 Minor patch 2017-07-28 00:00:09 +02:00
Miroslav Stampar
1745bac0ab Fixes #2625 2017-07-26 00:54:29 +02:00
Miroslav Stampar
0f9c81965b Implementation on request 2017-07-26 00:24:13 +02:00
Miroslav Stampar
d12b65d38c Fixes #2624 2017-07-25 23:32:30 +02:00
Miroslav Stampar
38c70d9799 Minor update 2017-07-21 11:09:00 +02:00
Miroslav Stampar
a9a744fec6 Merge pull request #2620 from delvelabs/mark-steps-in-har
Fix HAR validation for HAR viewer
2017-07-21 11:07:16 +02:00
Louis-Philippe Huberdeau
3c5ee552f0 Make sure non-optional properties are present 2017-07-20 08:50:03 -04:00
Miroslav Stampar
8ca45695ab Minor update 2017-07-20 03:09:09 +02:00
Miroslav Stampar
bf40526785 Merge pull request #2618 from delvelabs/mark-steps-in-har
Mark steps in HAR file
2017-07-20 02:52:57 +02:00
Miroslav Stampar
9b41efcbe1 Minor patch 2017-07-20 02:50:34 +02:00
Miroslav Stampar
36f3fd72e6 Update for an Issue #2616 2017-07-20 02:41:47 +02:00
Louis-Philippe Huberdeau
facc54f60b Receiving some messages with a differerent header line 2017-07-19 15:40:07 -04:00
Louis-Philippe Huberdeau
4c7da11331 Make sure the comment is not set to None 2017-07-19 14:46:36 -04:00
Louis-Philippe Huberdeau
e21f67715c List is not a valid input type for timings, expecting object 2017-07-19 14:12:30 -04:00
Louis-Philippe Huberdeau
e38267a61e Include tracking properties in the HAR to identify which test the requests were associated to 2017-07-18 15:46:52 -04:00
Miroslav Stampar
7d147f613f Fixes #2611 2017-07-17 22:24:51 +02:00
Miroslav Stampar
591a60bbde Fixes #2606 2017-07-11 14:48:22 +02:00
Miroslav Stampar
3f40bf1101 Fixes #2387 2017-07-06 11:44:18 +02:00
Miroslav Stampar
d248317b89 Update for people that just download 'sqlmap.py' <- they exist 2017-07-05 16:42:54 +02:00
Miroslav Stampar
75fd878242 Minor patch 2017-07-05 15:41:53 +02:00
Miroslav Stampar
30378c8ae3 Minor patch 2017-07-05 15:27:29 +02:00
Miroslav Stampar
c9b3b47d6f Minor update 2017-07-05 14:07:21 +02:00
Miroslav Stampar
d038d027f9 Minor updates 2017-07-05 13:51:48 +02:00
Miroslav Stampar
c6577b80d9 Minor update 2017-07-05 13:35:02 +02:00
Miroslav Stampar
4a4fa07bdd Minor update 2017-07-05 12:35:48 +02:00
Miroslav Stampar
a4ebd5418f Patch for an Issue reported privately via email 2017-07-05 12:15:14 +02:00
Miroslav Stampar
ba369b73d3 Fixes #2601 2017-07-05 11:31:42 +02:00
Miroslav Stampar
614f290217 Update for #2597 2017-07-04 12:14:17 +02:00
Miroslav Stampar
1678b606a2 Update for #2597 2017-07-03 16:55:24 +02:00
Miroslav Stampar
aef5d6667f Merge pull request #2597 from delvelabs/generate-har
Generate HAR
2017-07-03 15:27:00 +02:00
Miroslav Stampar
b622c25f9d Fixes #2598 2017-07-03 14:17:11 +02:00
Miroslav Stampar
e07ff7168b Fixes #2599 2017-07-02 00:03:34 +02:00
Miroslav Stampar
ce48217ada Minor update 2017-07-01 23:46:28 +02:00
Louis-Philippe Huberdeau
b6969df52a Add missing httpVersion in request render, avoid encoding to base64 unless binary data is included 2017-06-29 10:14:20 -04:00
Miroslav Stampar
0e728aa73e Changing default encoding of sys.argv 2017-06-29 15:33:34 +02:00
Miroslav Stampar
f93c19ba9d Fixes #2596 2017-06-29 15:29:54 +02:00
Louis-Philippe Huberdeau
dd19527e9c Remove debug _raw entry from output 2017-06-29 09:00:02 -04:00
Miroslav Stampar
a42ddad9c1 Implements #2583 2017-06-29 14:57:35 +02:00
Miroslav Stampar
a2973296a2 Fixes #2595 2017-06-29 14:26:25 +02:00
Miroslav Stampar
0961f6a5e9 Fixes #2592 2017-06-23 23:46:25 +02:00
Louis-Philippe Huberdeau
fae965f8b6 Parse and build the response block 2017-06-23 13:28:22 -04:00
Louis-Philippe Huberdeau
0d756a8823 Parse request data and convert to HAR, include in injection data 2017-06-23 11:50:21 -04:00
Louis-Philippe Huberdeau
8df4cc3983 Adding initial hook to receive the request/response pairs 2017-06-23 09:44:33 -04:00
Miroslav Stampar
5ec44b8346 Minor refactoring 2017-06-19 23:06:05 +02:00
Miroslav Stampar
e2d3187a78 Fixes #2576 2017-06-18 15:00:12 +02:00
Miroslav Stampar
b4980778dd Fixes #2577 2017-06-18 14:07:48 +02:00
Miroslav Stampar
71457fea0e Fixes #2585 2017-06-18 13:19:11 +02:00
Miroslav Stampar
34281af3f6 Minor cleaning 2017-06-14 08:13:41 -04:00
Miroslav Stampar
7dbbf3ecf5 Fixes 'codewatchorg/sqlipy/issues/12' 2017-06-07 23:19:19 +02:00
Miroslav Stampar
c41c93a404 Fixes #2568 2017-06-07 22:43:28 +02:00
Miroslav Stampar
9a7343e9f7 Fixes #2566 2017-06-07 16:07:27 +02:00
Miroslav Stampar
e0401104f2 Minor update 2017-06-07 12:55:14 +02:00
Miroslav Stampar
9da8d55128 Implements #2557 2017-06-07 11:22:06 +02:00
Miroslav Stampar
864711b434 Minor improvement 2017-06-05 16:48:14 +02:00
Miroslav Stampar
996ad59126 Minor patch 2017-06-05 16:28:19 +02:00
Miroslav Stampar
6d48df2454 Fixes #2562 2017-06-05 10:38:05 +02:00
Miroslav Stampar
55a43a837b Minor update 2017-06-02 00:50:00 +02:00
Miroslav Stampar
eb26dd8984 Fixes #2556 2017-06-02 00:44:01 +02:00
Miroslav Stampar
b9b5d07336 Cleaning leftover 2017-05-30 11:41:42 +02:00
Miroslav Stampar
5f3235ef57 Fixes #2551 2017-05-30 11:40:06 +02:00
Miroslav Stampar
dfe42612be Fixes #2549 2017-05-29 10:57:27 +02:00
Miroslav Stampar
a0202f7bfd Fixes #2538 2017-05-26 16:08:30 +02:00
Miroslav Stampar
6dd9d5b2dd Fixes #2547 2017-05-26 14:34:32 +02:00
Miroslav Stampar
0864387885 Minor update 2017-05-26 14:25:22 +02:00
Miroslav Stampar
359bfb2704 Minor adjustment 2017-05-26 14:14:35 +02:00
Miroslav Stampar
644ea2e3aa Minor patch 2017-05-26 14:08:08 +02:00
Miroslav Stampar
071132cd56 Fixes #2543 2017-05-21 22:52:44 +02:00
Miroslav Stampar
4ce08dcfa3 Patch for an Issue #2536 2017-05-17 00:22:18 +02:00
Miroslav Stampar
2ca5ddce5f Fixes #2534 2017-05-15 17:03:05 +02:00
Miroslav Stampar
addb2445b7 Minor patch 2017-05-15 00:34:13 +02:00
Miroslav Stampar
4736a525b8 Fixes #2532 2017-05-13 17:28:28 +02:00
Miroslav Stampar
d3a08a2d22 Implementation for an Issue #2505 2017-05-07 23:12:42 +02:00
Miroslav Stampar
ee5b5cdcbc Fixes #2514 2017-05-04 15:50:34 +02:00
Miroslav Stampar
f3f2c81cec Minor patch (UTF8 used for HTTP params) 2017-05-04 15:45:15 +02:00
Miroslav Stampar
1e8df40981 Fixes #2499 2017-05-01 23:21:12 +02:00
Miroslav Stampar
389133654e Fixes #2508 2017-05-01 23:06:37 +02:00
Miroslav Stampar
347ce87e27 Fixes #2511 2017-05-01 22:53:12 +02:00
Miroslav Stampar
ff5a954980 Fixes #2508 2017-04-30 08:32:26 +02:00
Miroslav Stampar
1a8de2aee1 Fixes #2504 2017-04-27 13:18:29 +02:00
Miroslav Stampar
ab08273d82 Fixes #2501 2017-04-23 23:50:30 +02:00
Miroslav Stampar
fbb845ad7c Fixes #2500 2017-04-23 23:30:51 +02:00
Miroslav Stampar
15a1d55812 Fixes #2500 2017-04-23 23:14:05 +02:00
Miroslav Stampar
4643bd6517 Quick patch for #2498 2017-04-21 17:44:51 +02:00
Miroslav Stampar
1c5f01e2a2 Fixes #2487 2017-04-20 11:54:27 +02:00
Miroslav Stampar
ebbc68853d Fixes #2496 2017-04-20 10:48:04 +02:00
Miroslav Stampar
3140fd0ca6 Fixes #2495 2017-04-20 10:29:05 +02:00
Miroslav Stampar
5bcbf63ddb Fixes #2491 2017-04-19 16:13:31 +02:00
Miroslav Stampar
01fbda4bc9 Fixes #2490 2017-04-19 16:13:05 +02:00
Miroslav Stampar
ba22171a51 PEP 3113 cleanup 2017-04-19 14:56:32 +02:00
Miroslav Stampar
fc8eede952 Minor cleanup and one bug fix 2017-04-19 14:46:27 +02:00
Miroslav Stampar
c8a0c525fc Fixes #2489 2017-04-19 14:19:39 +02:00
Miroslav Stampar
46c7c28919 Implementation for an Issue #2485 2017-04-19 13:56:29 +02:00
Miroslav Stampar
81e3395975 Minor update 2017-04-19 13:35:36 +02:00
Miroslav Stampar
0340ecd38a Minor patch related to the #2487 2017-04-18 16:49:58 +02:00
Miroslav Stampar
2d05174545 Trivial update 2017-04-18 15:56:24 +02:00
Miroslav Stampar
5f2bb88037 Some code refactoring 2017-04-18 15:48:05 +02:00
Miroslav Stampar
65b02d4ab0 Minor update 2017-04-18 14:22:37 +02:00
Miroslav Stampar
ea58d29e2c Minor update 2017-04-18 14:11:23 +02:00
Miroslav Stampar
47e0fc36c7 Minor consistency update 2017-04-18 14:02:25 +02:00
Miroslav Stampar
7ebba5614a Moving brute from techniques to utils 2017-04-18 13:53:41 +02:00
Miroslav Stampar
686f53a7c6 Minor patch 2017-04-16 23:32:58 +02:00
Miroslav Stampar
67a3e8cd75 Minor patch 2017-04-14 13:19:00 +02:00
Miroslav Stampar
d9a931f77a Minor cleanup 2017-04-14 13:14:53 +02:00
Miroslav Stampar
0e206da7c0 Minor patches (pydiatra) 2017-04-14 13:08:51 +02:00
Miroslav Stampar
81e6dab965 New extra script 2017-04-14 12:54:33 +02:00
Miroslav Stampar
a702dafd03 Fixes #2481 2017-04-14 12:47:24 +02:00
Miroslav Stampar
36dfad192f Better link to user's manual 2017-04-13 12:47:14 +02:00
Miroslav Stampar
9436c43306 Mailing list is dead. Long live the mailing list 2017-04-13 12:40:37 +02:00
Miroslav Stampar
c198fd7939 Update for an Issue #13 2017-04-12 10:54:29 +02:00
Miroslav Stampar
1e092c4e8d Just in case update for an Issue #2474 2017-04-11 13:34:40 +02:00
Miroslav Stampar
1e310631ab Minor stability patch 2017-04-11 10:01:37 +02:00
Miroslav Stampar
47ee1a991f Update for an Issue #2472 2017-04-11 09:47:27 +02:00
Miroslav Stampar
9b3d229294 Fixes #2471 2017-04-10 19:21:22 +02:00
Miroslav Stampar
c74756c3bc Update regarding the #2467 2017-04-10 16:44:12 +02:00
Miroslav Stampar
1196a1b7f8 Fixes #405 2017-04-10 14:50:17 +02:00
Miroslav Stampar
c2262eda1a Update of smalldict.txt with 7 (small) more from SecLists 2017-04-07 16:30:36 +02:00
Miroslav Stampar
02eacc32c1 Minor cleanup 2017-04-07 16:30:02 +02:00
Miroslav Stampar
b1a112f72c Updating wordlist.zip file with 15 dicts from SecLists 2017-04-07 16:18:21 +02:00
Miroslav Stampar
464caf056b Minor update 2017-04-07 15:55:18 +02:00
Miroslav Stampar
44c85f8351 Reverting back the bottle.py revision because of numerous Python 2.6 incompatibilities 2017-04-07 15:10:28 +02:00
Miroslav Stampar
ad3283fd24 Another Python 2.6 patch 2017-04-07 15:05:54 +02:00
Miroslav Stampar
07208c45ef Patch of bottle.py for Python 2.6 2017-04-07 14:59:24 +02:00
Miroslav Stampar
751f423ae0 Adding latest revision of bottle.py 2017-04-07 14:55:25 +02:00
Miroslav Stampar
c124086021 Minor update for #1282 2017-04-07 14:46:41 +02:00
Miroslav Stampar
f285bc7459 Minor update 2017-04-07 14:30:52 +02:00
Miroslav Stampar
b4c4d3f72a Fixes latest Python 2.6 compatibility issues 2017-04-06 11:37:42 +02:00
Miroslav Stampar
cfe34f61b8 Implementation for an Issue #1895 2017-04-06 11:33:59 +02:00
Miroslav Stampar
c1c7ea33fe Minor update 2017-03-30 12:05:05 +02:00
Miroslav Stampar
4458a443ef Fixes #1664 2017-03-30 11:58:03 +02:00
Miroslav Stampar
16bd3a1f02 Fixes #2453 2017-03-30 11:42:34 +02:00
Miroslav Stampar
a358bc0a38 Minor update 2017-03-30 10:24:57 +02:00
Miroslav Stampar
aebae6e27b Added (heuristic) support for #1679 2017-03-30 10:16:35 +02:00
Miroslav Stampar
0a3e771b1b Fixes #2449 2017-03-28 15:22:53 +02:00
Miroslav Stampar
f82c0497fa Fixes #2447 2017-03-27 22:36:04 +02:00
Miroslav Stampar
715763885d Fixes #2306 2017-03-24 14:20:18 +01:00
Miroslav Stampar
4aae5d9a9d Fixes #2444 2017-03-19 21:34:47 +01:00
Miroslav Stampar
1bc583d358 Another patch related to the #2440 2017-03-17 09:43:45 +01:00
Miroslav Stampar
e506a390db Minor patch (prevent message spamming of multiple union column possibilities) 2017-03-15 16:18:20 +01:00
Miroslav Stampar
c5b4af8636 Dummy commit (to provoke rehash) 2017-03-15 16:07:52 +01:00
Miroslav Stampar
c29e47f72f Fixes #2440 2017-03-15 16:04:56 +01:00
Miroslav Stampar
60e8c725f9 Fixes #2437 2017-03-12 23:24:13 +01:00
Miroslav Stampar
5dba32b2e1 Fixes #2431 2017-03-12 09:52:37 +01:00
Miroslav Stampar
ef04c99069 No more dumb usage of '--dbms' 2017-03-06 12:53:04 +01:00
Miroslav Stampar
e2fb16c98c Fixes #2425 2017-03-06 12:05:58 +01:00
Miroslav Stampar
d2b16c5c91 Fixes #2422 2017-03-01 11:09:55 +01:00
Miroslav Stampar
9f0c42dde0 Minor leftover 2017-03-01 10:09:13 +01:00
Miroslav Stampar
78ca371162 Adding option --web-root (Issue #2419) 2017-03-01 10:07:26 +01:00
Miroslav Stampar
a35c976759 Proper implementation for an Issue #2418 2017-02-28 14:00:42 +01:00
Ekultek
71984fc452 updated IP address regex as to not provide false positive 2017-02-28 06:35:37 -06:00
Miroslav Stampar
a0a6702a4e Minor patch (reported via ML) 2017-02-28 13:16:19 +01:00
Miroslav Stampar
b18444f215 Issue #2417 (most probably -> most likely) 2017-02-27 22:14:52 +01:00
Miroslav Stampar
7ea524800a Taking couple of suggestions from #2417 2017-02-27 22:03:15 +01:00
Miroslav Stampar
7960045cf9 Fixes #2277 and #2300 2017-02-27 13:58:07 +01:00
Brie Carranza
1475ba441c Correct typo in basic.py 2017-02-26 09:05:36 -05:00
Miroslav Stampar
b2585cc8ea Patch for #2410 2017-02-25 07:58:59 +01:00
Miroslav Stampar
7b263327cc Update for #2410 2017-02-25 07:54:54 +01:00
Niklas Femerstrand
1b938c758f Adds option command to api client 2017-02-25 10:24:00 +07:00
Miroslav Stampar
5a08b71999 Minor update 2017-02-23 11:36:37 +01:00
Miroslav Stampar
4b420e7579 Removing Google PageRank as it is dead now 2017-02-23 11:33:39 +01:00
Miroslav Stampar
6b580a682a Minor update 2017-02-20 10:06:06 +01:00
Miroslav Stampar
d6e7c2acdc Minor touch 2017-02-19 01:48:12 +01:00
Tomahock
7fe1820ce4 Fix proxyFile regex to properly match an address with a - 2017-02-17 23:32:32 +00:00
Miroslav Stampar
98e449e38c Adding plus2fnconcat tamper script (Issue #2396) 2017-02-17 10:26:25 +01:00
Miroslav Stampar
9acf122ba6 Patch for an Issue #2396 2017-02-16 16:56:54 +01:00
Miroslav Stampar
2ed144ec85 Patch for wrong encoding reported privately via email 2017-02-16 15:52:07 +01:00
Miroslav Stampar
ec0c103952 Bug fix (reported privately) 2017-02-15 10:30:29 +01:00
Miroslav Stampar
a35d1e5373 Minor patch related to the email from ML 2017-02-14 13:14:35 +01:00
Miroslav Stampar
f5cf22a536 Update for an Issue #2377 2017-02-06 13:57:33 +01:00
Miroslav Stampar
38f16decef Update for an Issue #2384 2017-02-06 13:28:33 +01:00
Miroslav Stampar
15f86e85b1 Minor update for #2379 2017-02-06 12:03:18 +01:00
Miroslav Stampar
5217efc69b Fixes #2379 2017-02-06 12:01:46 +01:00
Miroslav Stampar
03bbf552ef Patch for an Issue #2382 2017-02-06 11:14:45 +01:00
Miroslav Stampar
664684ad8f Update for #2378 2017-02-03 23:04:38 +01:00
samogot
1c1f259df4 Update settings.py
fix - looking for any tag
2017-02-03 16:50:16 +02:00
samogot
6249823335 Minor parse-error extension
parse errors produced by Yii PHP Framework
2017-02-03 16:36:57 +02:00
Miroslav Stampar
bad3f80a1c Touch update 2017-01-31 14:18:36 +01:00
Miroslav Stampar
9851a5703a Fixes #2373 2017-01-31 14:00:12 +01:00
Miroslav Stampar
2a3014b606 Fixes #2367 2017-01-24 18:07:06 +01:00
Miroslav Stampar
16d5e22b72 Fixes #2358 2017-01-21 23:58:37 +01:00
Miroslav Stampar
a8a6dce38b Fixes #2366 2017-01-21 23:09:15 +01:00
Miroslav Stampar
f542e828d2 Fixes #2364 2017-01-20 13:11:12 +01:00
Miroslav Stampar
cf182882b1 Minor update 2017-01-18 10:40:39 +01:00
Miroslav Stampar
dd5ac6f1e7 Fixes #2357 2017-01-18 10:33:54 +01:00
Miroslav Stampar
1e7a453ff6 Fixes #2356 2017-01-18 10:19:23 +01:00
Miroslav Stampar
138aa6db65 Patch for an Issue #2351 2017-01-16 15:23:38 +01:00
Miroslav Stampar
121f0376ea Implementation for #2351 2017-01-16 14:29:23 +01:00
Miroslav Stampar
dfc684640a Proper implementation for #2347 2017-01-16 14:01:44 +01:00
Miroslav Stampar
104fbc80af Patch for #2348 2017-01-16 13:53:46 +01:00
Miroslav Stampar
cadba37059 Proper implementation for #2350 2017-01-16 13:44:46 +01:00
Miroslav Stampar
750d57ec96 Fixed bug reported privately via email 2017-01-13 14:41:41 +01:00
Miroslav Stampar
9a86365d92 Fixes #2333 2017-01-08 01:21:31 +01:00
Miroslav Stampar
f794d9d5a5 Fixes #2328 2017-01-02 15:26:32 +01:00
Miroslav Stampar
c29db43bfa Minor refactoring 2017-01-02 15:14:59 +01:00
Miroslav Stampar
e0eeed0a96 Minor update 2017-01-02 14:31:19 +01:00
Miroslav Stampar
55272f7a3b New version preparation 2017-01-02 14:19:18 +01:00
Miroslav Stampar
6ff07f01eb Fixes #2326 2016-12-31 13:39:22 +01:00
Miroslav Stampar
1c737d7515 Fixes #2322 2016-12-28 22:11:14 +01:00
Francisco Blas Izquierdo Riera (klondike)
025e9ac5b4
Fix the logic used for --param-exclude
The current logic will skip all existing parameters if no param-exclude is defined.
This breaks previous behaviour, makes it harder to use the tool and is quite confusing.

The new logic will always check the parameter is set before running any other checks instead of shortcircuit an empoty(always true) regexp.
2016-12-28 12:25:05 +01:00
Miroslav Stampar
89bbf5284c Adding new option --param-exclude on private request 2016-12-25 23:16:44 +01:00
Miroslav Stampar
44b00d629d Fixes #2312 2016-12-21 10:33:35 +01:00
Miroslav Stampar
afc3b30c41 Minor refactoring 2016-12-20 09:56:44 +01:00
Miroslav Stampar
17c556a63d Minor patches (and one bug from ML) 2016-12-20 09:53:44 +01:00
Miroslav Stampar
edc6f47758 Some refactoring 2016-12-19 23:47:39 +01:00
Miroslav Stampar
bb6e8fd4ce Minor bug fix (reported privately via email) 2016-12-15 16:09:09 +01:00
Miroslav Stampar
c54c2204a1 Fixes #2303 2016-12-12 10:47:05 +01:00
Miroslav Stampar
f7f33bef9f Minor patches 2016-12-09 23:19:03 +01:00
Miroslav Stampar
4bd7d81cea Patches #2300 2016-12-09 23:14:18 +01:00
Miroslav Stampar
f6815df5c3 Fixes #2302 2016-12-09 23:10:14 +01:00
Miroslav Stampar
42cea2e03c Better git clone (faster; without too much commit history) 2016-12-08 11:04:42 +01:00
Miroslav Stampar
52177065ca Patch for an Issue #2297 2016-12-06 15:43:09 +01:00
Miroslav Stampar
e74149970b Minor debug update 2016-12-03 22:06:18 +01:00
Miroslav Stampar
90b0ac37c8 New WAF script (AWS WAF) 2016-12-01 23:09:06 +01:00
Miroslav Stampar
63a74777f2 Minor update 2016-12-01 23:08:49 +01:00
Miroslav Stampar
4ac319b074 Adding new tamper script plus2concat (thank you Luka Pusic) 2016-12-01 22:28:07 +01:00
Miroslav Stampar
2a754eef1c Adding switch --ignore-redirects (Issue #2286) 2016-11-25 13:32:28 +01:00
Miroslav Stampar
4e1bdb0c70 Minor update 2016-11-25 12:34:13 +01:00
Miroslav Stampar
c35ba8b226 Fixes #2279 2016-11-17 22:34:10 +01:00
Miroslav Stampar
7e6879ec41 Minor patch for #2272 2016-11-11 13:46:41 +01:00
Miroslav Stampar
ea961678ee Fixes #2273 2016-11-11 10:28:50 +01:00
Miroslav Stampar
d4414e6631 Minor misspell 2016-11-11 10:21:57 +01:00
Miroslav Stampar
eb098f6527 Fixes #2268 2016-11-09 12:27:10 +01:00
Miroslav Stampar
5772d8904d Fixes #2266 2016-11-09 12:20:54 +01:00
Miroslav Stampar
7000373c4b Minor patch 2016-11-09 12:18:15 +01:00
Miroslav Stampar
a60c9b0dcc Minor patch 2016-11-09 11:29:08 +01:00
Miroslav Stampar
2eb7a1d264 Patch related to the #2265 2016-11-07 23:14:17 +01:00
Miroslav Stampar
13f0949f9e Another patch for #1596 2016-11-07 09:31:07 +01:00
Miroslav Stampar
076a42cbfe Patch related to the #1596 2016-11-07 09:28:00 +01:00
Miroslav Stampar
ce19525bc3 Fixes #2262 2016-11-05 22:36:58 +01:00
Miroslav Stampar
6da2e49100 Fixes #2261 2016-11-04 15:04:38 +01:00
Miroslav Stampar
1e44c4d669 Patch related to #2257 2016-11-02 12:04:21 +01:00
Miroslav Stampar
10097dd124 Fixes #2253 2016-10-29 00:13:04 +02:00
Miroslav Stampar
f4e36fc049 Patch for an Issue #2252 2016-10-28 11:52:48 +02:00
Miroslav Stampar
083ce111f0 Minor speed up 2016-10-26 22:33:04 +02:00
Hanno Heinrichs
2cc604e356 Fix several typos 2016-10-26 21:41:57 +02:00
Miroslav Stampar
044f05e772 Fixes #2246 2016-10-24 23:52:33 +02:00
Miroslav Stampar
6f343080e8 Fixes #2245 2016-10-24 23:33:49 +02:00
Miroslav Stampar
25c34c7728 Fixes #2244 2016-10-24 23:29:18 +02:00
Miroslav Stampar
d2bbe80455 Fixes #2243 2016-10-22 22:07:29 +02:00
Miroslav Stampar
0398cbdc76 Minor refactoring 2016-10-22 21:52:18 +02:00
Miroslav Stampar
e0149e1c5f Minor update 2016-10-21 13:05:45 +02:00
Miroslav Stampar
98c6d8f582 Merge pull request #2240 from lightos/master
Support for timeout param when using Websockets
2016-10-21 13:03:08 +02:00
Miroslav Stampar
d605b3af3c Revisiting banner xmls (Issue #2239) 2016-10-21 13:01:28 +02:00
Roberto Salgado
a6cbbc5ea9 Support for timeout param when using Websockets
A fix for the timeout parameter being ignored when using Web-sockets.
2016-10-20 12:13:39 -07:00
Miroslav Stampar
5c80e988ba Fixes #2238 2016-10-20 00:47:53 +02:00
Miroslav Stampar
10ffcb8b00 Fixes #2237 2016-10-20 00:19:16 +02:00
Miroslav Stampar
38d74cf61c Minor update 2016-10-19 13:07:25 +02:00
Miroslav Stampar
1db6953f08 Proper fix for #2236 2016-10-18 20:17:51 +02:00
Miroslav Stampar
d431c7d155 Fixes #2236 2016-10-18 20:07:19 +02:00
Miroslav Stampar
5ab4d54df0 Minor update of THIRD-PARTY.md 2016-10-18 13:49:29 +02:00
Miroslav Stampar
877d46e9f7 Fixes #2234 2016-10-18 13:46:56 +02:00
Miroslav Stampar
7e69cc112f Fixes #2235 2016-10-18 13:37:36 +02:00
Miroslav Stampar
5b14eecd25 Bug fix (reconnecting in case of timeouted direct connection) 2016-10-17 22:55:07 +02:00
Miroslav Stampar
24eaf55dc8 Removing bad decision for -d (user should be able to choose) 2016-10-17 22:32:23 +02:00
Miroslav Stampar
6be10b307d Minor patch 2016-10-17 22:02:41 +02:00
Miroslav Stampar
91ad71b1e0 Minor cosmetics 2016-10-17 12:36:42 +02:00
Miroslav Stampar
d6255de205 Fixes #2231 2016-10-17 12:33:07 +02:00
Miroslav Stampar
c293a6a25a Fixes #2229 and #2230 2016-10-15 09:53:12 +02:00
Miroslav Stampar
b1175017f9 Minor update regarding to the last commit 2016-10-15 00:54:32 +02:00
Miroslav Stampar
75c9f91f11 Fixes #2226 2016-10-15 00:51:35 +02:00
Miroslav Stampar
9ff2dcf1c1 Fixes #2228 2016-10-15 00:16:53 +02:00
Miroslav Stampar
6c4e9ae427 Updating SocksiPy to PySocks (updated fork) 2016-10-14 23:16:26 +02:00
Miroslav Stampar
748e94dcee Minor update for #2224 2016-10-13 23:25:46 +02:00
Miroslav Stampar
f389bd71c0 Implementation for an Issue #2224 2016-10-13 23:17:54 +02:00
Miroslav Stampar
1126ff86ce Fixes #2223 2016-10-13 23:07:11 +02:00
Miroslav Stampar
79377fedab Minor update 2016-10-13 23:06:04 +02:00
Miroslav Stampar
5d2972f362 Implementation for an Issue #2221 2016-10-11 17:33:36 +02:00
Miroslav Stampar
ae465bbaf8 Minor revert of leftover 2016-10-11 01:09:30 +02:00
Miroslav Stampar
1b95dd2d9d Fix for a bug reported privately by user (in some cases data has not been retrieved) 2016-10-11 01:07:31 +02:00
Miroslav Stampar
6130185ac6 Minor consistency update with the wiki 2016-10-11 00:35:39 +02:00
Miroslav Stampar
c92fde120d Implements #2220 2016-10-10 23:27:41 +02:00
Miroslav Stampar
7eab1bcbf9 Automating even more switch --tor 2016-10-10 14:19:44 +02:00
Miroslav Stampar
4c05307357 Disabling socket pre-connect in case of --tor, --proxy and --proxy-file 2016-10-10 01:57:55 +02:00
Miroslav Stampar
0037c28e9e Preventing obnoxious 'install git' on MacOS 2016-10-10 01:35:22 +02:00
Miroslav Stampar
2b279233b6 Fixes #2219 2016-10-09 14:19:40 +02:00
Miroslav Stampar
b51b80b174 Fix for a privately reported bug 2016-10-08 21:11:43 +02:00
Miroslav Stampar
e4b0ac9ae5 Minor update of common user columns 2016-10-07 14:48:05 +02:00
Miroslav Stampar
7f416846b7 Minor revisit of MsSQL error-based payloads 2016-10-06 23:50:32 +02:00
Miroslav Stampar
5b7254af96 Minor patch 2016-10-06 22:27:29 +02:00
Miroslav Stampar
c83d417298 Fixes #2212 2016-10-05 23:02:20 +02:00
Miroslav Stampar
b42dc6e7a5 Update of Oracle and PostgreSQL system databases/schemas 2016-10-05 17:58:35 +02:00
Miroslav Stampar
8124fe391d Bug fix for using --search in combination with -D CD 2016-10-05 17:43:57 +02:00
Miroslav Stampar
833ca4b640 Minor refactoring 2016-10-05 17:41:02 +02:00
Miroslav Stampar
3b244858f8 Adding performance_schema as one more of MySQL's system database 2016-10-05 17:33:24 +02:00
Miroslav Stampar
6107696e25 Minor patch (--help should display basic help) 2016-10-05 17:01:58 +02:00
Miroslav Stampar
af1c9c7fb2 Related to the last commit 2016-10-04 23:48:09 +02:00
Miroslav Stampar
06b54ab134 Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems) 2016-10-04 23:43:00 +02:00
Miroslav Stampar
fee5c7bd7c Adding two new payloads and minor cosmetics 2016-10-04 23:39:18 +02:00
Miroslav Stampar
fb8afc6add Adding a new payload (Oracle boolean based on error response) 2016-10-04 22:12:00 +02:00
Miroslav Stampar
6c372a09bd Minor update 2016-10-04 11:55:16 +02:00
Miroslav Stampar
171cf6f54d Minor fine tuning for SQLi heuristic check 2016-10-04 11:32:06 +02:00
Miroslav Stampar
029bb5554d Minor cleanup of user-agents 2016-10-04 10:48:10 +02:00
Miroslav Stampar
c69cb79d66 Fixes #2208 2016-10-04 10:39:28 +02:00
Miroslav Stampar
dc8301689e Implementation for an Issue #2204 2016-10-02 11:13:40 +02:00
Miroslav Stampar
d8dd37510c Fixes #2202 2016-10-01 21:02:40 +02:00
Miroslav Stampar
d1680b04f3 Minor code consistency update 2016-09-29 21:26:47 +02:00
Miroslav Stampar
102d4b4119 Bug fix for uploading files in case of web subdirectories 2016-09-29 21:14:28 +02:00
Miroslav Stampar
b3b49b3492 Minor patch for --parse-errors 2016-09-29 18:07:00 +02:00
Miroslav Stampar
7a89433251 Minor patch 2016-09-29 18:02:20 +02:00
Miroslav Stampar
ced6711128 Playing a bit with logo 2016-09-29 15:59:28 +02:00
Miroslav Stampar
bdf76f8d4d Revisiting user-agents (newer versions of mainstream browsers) 2016-09-29 15:21:32 +02:00
Miroslav Stampar
571ae174bd Minor language update 2016-09-29 14:55:43 +02:00
Miroslav Stampar
332726356c Minor language update 2016-09-29 14:03:46 +02:00
Miroslav Stampar
4ea9d3b884 Replacing generic concatenation || with CONCAT (far better choice) 2016-09-29 13:35:16 +02:00
Miroslav Stampar
3409953538 Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows) 2016-09-29 12:59:51 +02:00
Miroslav Stampar
3b3ab072e6 Adding short option(s) for setting verbosity (e.g. -vvv) 2016-09-29 11:19:25 +02:00
Miroslav Stampar
fef407e09c Making HTTP requests up to 20% smaller (fine tuning the request headers) 2016-09-29 10:44:00 +02:00
Miroslav Stampar
5afccce3c6 Minor patch 2016-09-28 16:56:47 +02:00
Miroslav Stampar
e439095593 Bug fix for MySQL's --os-pwn 2016-09-28 15:39:34 +02:00
Miroslav Stampar
e77126e847 Removing obsolete functionality 2016-09-28 15:00:26 +02:00
Miroslav Stampar
3ef01f0e31 Minor update 2016-09-28 14:48:33 +02:00
Miroslav Stampar
d36b5c0a4b Adding time-based blind (heavy query) payloads for Informix (Issue #552) 2016-09-28 10:30:09 +02:00
Miroslav Stampar
e5a758bdf4 Fixes #2192 2016-09-28 09:55:14 +02:00
Miroslav Stampar
617509869d Minor patch for Informix --parse-errors 2016-09-27 14:58:10 +02:00
Miroslav Stampar
5079c42788 Adding Informix parameter replacement payloads (Issue #552) 2016-09-27 14:39:17 +02:00
Miroslav Stampar
bc7ab01066 Bug fix for generic parameter replacement (CASE) 2016-09-27 14:29:18 +02:00
Miroslav Stampar
212c1ec1f2 Couple of fixes and some testing stuff 2016-09-27 14:03:59 +02:00
Miroslav Stampar
381deb68ff Implementation for an Issue #2137 2016-09-27 13:26:11 +02:00
Miroslav Stampar
ba0facb5eb Removal of unused imports 2016-09-27 11:23:31 +02:00
Miroslav Stampar
7151df16f6 Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs) 2016-09-27 11:21:12 +02:00
Miroslav Stampar
8994bf2dba Further dealing with time-based SQLi (Issue #1973) 2016-09-27 10:32:22 +02:00
Miroslav Stampar
09617c8243 Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973 2016-09-27 10:20:36 +02:00
Miroslav Stampar
556b4d289e Minor cosmetic patch (removing multiple same content '...appears...' messages) 2016-09-26 17:02:40 +02:00
Miroslav Stampar
978f56ad10 One more commit for #552 (--passwords) 2016-09-26 16:38:03 +02:00
Miroslav Stampar
aa0b97b562 Support for Informix --roles/--privileges (Issue #552) 2016-09-26 14:20:04 +02:00
Miroslav Stampar
df645d7d3d Update for column types (Issue #552) 2016-09-23 18:03:31 +02:00
Miroslav Stampar
035137ef4e Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used) 2016-09-23 17:38:14 +02:00
Miroslav Stampar
484d9a4825 Implementation of --dump for Informix (Issue #552) 2016-09-23 17:21:48 +02:00
Miroslav Stampar
65c305cff0 Fixes #2174 2016-09-23 15:41:12 +02:00