Bernardo Damele
|
1c86ec374e
|
Code refactoring and cosmetics
|
2011-01-07 15:41:09 +00:00 |
|
Miroslav Stampar
|
cc9ca802bf
|
minor update
|
2011-01-06 08:54:50 +00:00 |
|
Miroslav Stampar
|
572f403069
|
update of one thing that was missing
|
2011-01-03 21:28:22 +00:00 |
|
Miroslav Stampar
|
6aa616bd0d
|
minor minor fix
|
2011-01-03 14:28:20 +00:00 |
|
Miroslav Stampar
|
92e4cdb241
|
raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic
|
2011-01-03 14:21:41 +00:00 |
|
Miroslav Stampar
|
3629c2737b
|
automatically turn on --text-only in case of heavily-dynamicity instead of critical exit
|
2011-01-03 11:06:49 +00:00 |
|
Miroslav Stampar
|
adc41181e6
|
some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one
|
2011-01-03 10:37:20 +00:00 |
|
Miroslav Stampar
|
5860b8942f
|
minor update
|
2011-01-03 09:16:42 +00:00 |
|
Miroslav Stampar
|
d19a8d53e4
|
minor update
|
2011-01-03 08:46:20 +00:00 |
|
Miroslav Stampar
|
8625494ff2
|
added one new quick check for multiple target(s) mode
|
2011-01-03 08:32:06 +00:00 |
|
Miroslav Stampar
|
5f9b6b2254
|
code refactoring
|
2011-01-02 16:51:21 +00:00 |
|
Miroslav Stampar
|
5c6c870db4
|
removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode
|
2011-01-02 08:43:38 +00:00 |
|
Miroslav Stampar
|
da138c46c1
|
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
|
2011-01-02 07:37:47 +00:00 |
|
Miroslav Stampar
|
ec4440108b
|
minor cosmetics
|
2011-01-02 07:09:04 +00:00 |
|
Miroslav Stampar
|
428e817a32
|
some refactoring
|
2011-01-01 23:57:27 +00:00 |
|
Miroslav Stampar
|
212035e64d
|
user can now choose if he wants to skip non-heuristic based DBMS tests
|
2011-01-01 23:38:11 +00:00 |
|
Miroslav Stampar
|
8a93cfd975
|
minor update
|
2011-01-01 22:43:15 +00:00 |
|
Miroslav Stampar
|
52e44df86c
|
minor update
|
2011-01-01 21:11:29 +00:00 |
|
Miroslav Stampar
|
942cbafba6
|
minor update
|
2011-01-01 20:19:55 +00:00 |
|
Miroslav Stampar
|
e4fd8b3f0c
|
(e) finally works as it should
|
2011-01-01 19:22:44 +00:00 |
|
Miroslav Stampar
|
15e6911fd8
|
fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')
|
2011-01-01 12:23:02 +00:00 |
|
Miroslav Stampar
|
91f665aaaa
|
bug fix for Ctrl+C
|
2010-12-31 15:00:19 +00:00 |
|
Miroslav Stampar
|
5db8ebbfa9
|
update of mysql comment versions
|
2010-12-31 12:42:12 +00:00 |
|
Miroslav Stampar
|
613242e298
|
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved)
|
2010-12-29 19:48:19 +00:00 |
|
Miroslav Stampar
|
8f32c740ff
|
code refactoring
|
2010-12-29 19:39:32 +00:00 |
|
Miroslav Stampar
|
6700cabc36
|
minor optimization
|
2010-12-29 19:01:29 +00:00 |
|
Miroslav Stampar
|
569e060aab
|
important improvement
|
2010-12-26 13:20:52 +00:00 |
|
Miroslav Stampar
|
2d115e0350
|
one more fix
|
2010-12-24 18:44:13 +00:00 |
|
Miroslav Stampar
|
edcf1a0872
|
few bug fixes
|
2010-12-24 18:40:48 +00:00 |
|
Miroslav Stampar
|
96a06351a1
|
minor fix (in testing phase raise404 should be set to False)
|
2010-12-24 12:36:00 +00:00 |
|
Miroslav Stampar
|
2c23a59ba5
|
fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)
|
2010-12-24 12:13:48 +00:00 |
|
Miroslav Stampar
|
aab14fa2d3
|
minor refactoring/cosmetics
|
2010-12-24 11:06:57 +00:00 |
|
Miroslav Stampar
|
23dc408901
|
prioritization of tests based on DBMS error messages and some comments in common.py
|
2010-12-24 10:55:41 +00:00 |
|
Miroslav Stampar
|
017ea9e686
|
update
|
2010-12-23 14:06:22 +00:00 |
|
Miroslav Stampar
|
73f33c1999
|
bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)
|
2010-12-23 11:28:13 +00:00 |
|
Miroslav Stampar
|
8fc60215ed
|
lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.
|
2010-12-22 19:12:46 +00:00 |
|
Bernardo Damele
|
5228f336da
|
Minor fix for ctrl+c during detection phase
|
2010-12-22 13:15:44 +00:00 |
|
Miroslav Stampar
|
08c88495d0
|
removed that ugly hack
|
2010-12-22 13:09:04 +00:00 |
|
Miroslav Stampar
|
d974a966b8
|
minor fix for end phase (Ctrl+C)
|
2010-12-21 23:55:55 +00:00 |
|
Miroslav Stampar
|
0e68248f60
|
minor update of heuristic check
|
2010-12-21 12:56:18 +00:00 |
|
Miroslav Stampar
|
16f1f4e13e
|
when doing dynamic checks there are cases when 404 can be raised (perfectly normal)
|
2010-12-21 11:04:49 +00:00 |
|
Bernardo Damele
|
ad6b528b33
|
Bit more verbose comment
|
2010-12-21 10:47:39 +00:00 |
|
Miroslav Stampar
|
416755c0b7
|
minor adjustments
|
2010-12-21 00:25:03 +00:00 |
|
Miroslav Stampar
|
e10670d9ac
|
added end detection phase choice into Ctrl+C list
|
2010-12-20 23:34:00 +00:00 |
|
Miroslav Stampar
|
b34fe5c334
|
no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout)
|
2010-12-20 22:49:48 +00:00 |
|
Miroslav Stampar
|
eaf8929085
|
more minor updates
|
2010-12-20 10:48:53 +00:00 |
|
Miroslav Stampar
|
fd00ff7a82
|
minor bug fix
|
2010-12-20 10:37:03 +00:00 |
|
Miroslav Stampar
|
e9f1ecb9e7
|
minor update
|
2010-12-20 10:32:58 +00:00 |
|
Miroslav Stampar
|
10a7a2dfb2
|
kids, don't use this at home
|
2010-12-20 10:13:14 +00:00 |
|
Miroslav Stampar
|
4cb83654dc
|
minor update
|
2010-12-18 16:28:21 +00:00 |
|