Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							805120ac52 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2012-07-14 11:01:30 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3c81f74823 
							
						 
					 
					
						
						
							
							Minor style update  
						
						
						
					 
					
						2012-07-13 12:22:37 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							162da75a04 
							
						 
					 
					
						
						
							
							modified homepage address  
						
						
						
					 
					
						2012-07-12 18:38:03 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e948e4d45b 
							
						 
					 
					
						
						
							
							Some more refactoring  
						
						
						
					 
					
						2012-07-06 17:18:22 +02:00 
						 
				 
			
				
					
						
							
							
								jekil 
							
						 
					 
					
						
						
						
						
							
						
						
							c39e5a85ba 
							
						 
					 
					
						
						
							
							Removed $id$ tags  
						
						
						
					 
					
						2012-06-27 20:56:43 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4ac3794e80 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-06-12 14:22:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							226547b7dc 
							
						 
					 
					
						
						
							
							minor fix for --skip-urlencode and custom post  
						
						
						
					 
					
						2012-05-28 09:04:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							09f2144485 
							
						 
					 
					
						
						
							
							full page read is not needed in DNS exfiltration mode  
						
						
						
					 
					
						2012-05-26 21:28:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c394610740 
							
						 
					 
					
						
						
							
							adding switch --skip-urlencode to skip URL encoding of POST data  
						
						
						
					 
					
						2012-05-24 23:30:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2538e2d5b4 
							
						 
					 
					
						
						
							
							fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring  
						
						
						
					 
					
						2012-05-22 09:33:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							12d32f58f2 
							
						 
					 
					
						
						
							
							fix for that SOAP reported bug  
						
						
						
					 
					
						2012-05-10 13:39:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							775134639d 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-04-20 20:33:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6ebb621228 
							
						 
					 
					
						
						
							
							adding support for (custom) POST injection (marking injection point with '*' in conf.data)  
						
						
						
					 
					
						2012-04-17 14:23:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							052d9455fe 
							
						 
					 
					
						
						
							
							warning user in cases of "User xyz already has more than 'max_user_connections' active connections"  
						
						
						
					 
					
						2012-04-12 09:44:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8c6eb4faa9 
							
						 
					 
					
						
						
							
							adding support for PgSQL DNS data exfiltration  
						
						
						
					 
					
						2012-04-07 14:06:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b2afa87e48 
							
						 
					 
					
						
						
							
							reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)  
						
						
						
					 
					
						2012-04-06 08:42:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2223c884e5 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2012-04-05 12:55:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e0994947e2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-04-04 23:37:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c89a4162e2 
							
						 
					 
					
						
						
							
							bug fix for --dns-domain with --technique=TS  
						
						
						
					 
					
						2012-04-04 18:01:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							637a8d8273 
							
						 
					 
					
						
						
							
							improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism  
						
						
						
					 
					
						2012-03-29 14:33:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0fc4288a7c 
							
						 
					 
					
						
						
							
							modifying redirection code for only two choices  
						
						
						
					 
					
						2012-03-18 17:27:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3505503a08 
							
						 
					 
					
						
						
							
							no need to return here  
						
						
						
					 
					
						2012-03-16 17:30:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							577caac4de 
							
						 
					 
					
						
						
							
							putting kb.negativeLogic setting to the safe place  
						
						
						
					 
					
						2012-03-16 09:17:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							209e795369 
							
						 
					 
					
						
						
							
							minor just in case update  
						
						
						
					 
					
						2012-03-16 09:02:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							adb5fff6b2 
							
						 
					 
					
						
						
							
							one more update related to the redirection mechanism  
						
						
						
					 
					
						2012-03-15 20:17:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ddd92476a8 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-03-15 15:58:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8dd570057b 
							
						 
					 
					
						
						
							
							minor fix (double traffic log for -t in case of HTTP error)  
						
						
						
					 
					
						2012-03-15 14:51:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7df755f37 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-03-15 12:55:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a8c9a47092 
							
						 
					 
					
						
						
							
							redirect logic rewritten from scratch  
						
						
						
					 
					
						2012-03-15 11:10:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							52a8b25ff4 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-03-14 14:31:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a7fbc55748 
							
						 
					 
					
						
						
							
							grammar fix  
						
						
						
					 
					
						2012-03-13 22:03:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							edfcddd3c3 
							
						 
					 
					
						
						
							
							minor fix for logging only cookies used by request (e.g. --load-cookies case)  
						
						
						
					 
					
						2012-03-13 10:58:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e6c610abab 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-03-13 09:14:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							48bcde478e 
							
						 
					 
					
						
						
							
							more general update  
						
						
						
					 
					
						2012-03-12 15:29:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1d0c8a7f44 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-03-12 15:19:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b3bd4144f5 
							
						 
					 
					
						
						
							
							removing of unused imports together with some general code refactoring  
						
						
						
					 
					
						2012-02-22 10:40:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dcf7277a0f 
							
						 
					 
					
						
						
							
							some more refactorings  
						
						
						
					 
					
						2012-02-16 14:42:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							85a4ef6593 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-08 12:00:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a7970d094a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-01 15:10:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8405ef59ac 
							
						 
					 
					
						
						
							
							some estetic updates  
						
						
						
					 
					
						2012-02-01 14:49:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							527ce070a3 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-01-16 10:04:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95f89ab63a 
							
						 
					 
					
						
						
							
							updating copyright date  
						
						
						
					 
					
						2012-01-11 14:59:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1d0b43b1a2 
							
						 
					 
					
						
						
							
							implemented mechanism for merging cookies by request  
						
						
						
					 
					
						2012-01-11 14:28:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							40398f358c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-01-05 14:55:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1f085a0241 
							
						 
					 
					
						
						
							
							now [SLEEPTIME] is changeable properly in vivo  
						
						
						
					 
					
						2012-01-05 14:45:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ea87c89c25 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-01-03 23:44:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							63bc4ce116 
							
						 
					 
					
						
						
							
							minor patch  
						
						
						
					 
					
						2011-12-30 14:11:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c20546dcaa 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-12-26 12:24:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							526aacb640 
							
						 
					 
					
						
						
							
							code cleanup  
						
						
						
					 
					
						2011-12-21 22:59:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95cd9e2af3 
							
						 
					 
					
						
						
							
							adding support for scanning Host header values (-p host)  
						
						
						
					 
					
						2011-12-20 12:52:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1b16b5e0f1 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-12-20 09:10:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c57941c102 
							
						 
					 
					
						
						
							
							minor beautification  
						
						
						
					 
					
						2011-12-15 23:33:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							563c0c1066 
							
						 
					 
					
						
						
							
							adding switch --tor-type  
						
						
						
					 
					
						2011-12-15 23:19:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e6820ebbd2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-12-14 10:26:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							364113441b 
							
						 
					 
					
						
						
							
							adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)  
						
						
						
					 
					
						2011-12-14 10:19:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0f5d48ff20 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-12-05 09:25:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9bc735963b 
							
						 
					 
					
						
						
							
							update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself))  
						
						
						
					 
					
						2011-12-04 22:42:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b03a5e8928 
							
						 
					 
					
						
						
							
							people don't know what's "standard deviation" and they are wrongly connecting it's value in seconds to the --time-sec value  
						
						
						
					 
					
						2011-12-01 13:30:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3cd8f47686 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-11-29 17:17:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d958c2fe48 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-11-28 11:21:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ba4234dc42 
							
						 
					 
					
						
						
							
							switching from HTTP proxy to SOCKS proxy for --tor (sick and tired of Polipo/Privoxy bull; either Tor flag is overwritten every here and there or they are putting all kinds of filter warnings)  
						
						
						
					 
					
						2011-11-23 21:17:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4fa24ec704 
							
						 
					 
					
						
						
							
							minor improvement  
						
						
						
					 
					
						2011-11-21 17:39:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							65b2b0ad87 
							
						 
					 
					
						
						
							
							adding switch --eval  
						
						
						
					 
					
						2011-11-21 16:41:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							df0b451389 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-11-20 23:17:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440b7efe55 
							
						 
					 
					
						
						
							
							minor optimization  
						
						
						
					 
					
						2011-11-20 20:14:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b888829d12 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-11-14 11:39:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ccbd93cc2e 
							
						 
					 
					
						
						
							
							fix for redirect/HOST header bug  
						
						
						
					 
					
						2011-11-11 11:28:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1061c06617 
							
						 
					 
					
						
						
							
							improvement of redirecting code  
						
						
						
					 
					
						2011-11-11 11:07:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e183437f0b 
							
						 
					 
					
						
						
							
							minor typo  
						
						
						
					 
					
						2011-11-10 10:30:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							62f8f8d36c 
							
						 
					 
					
						
						
							
							bug fix (thanks to zhen zhou)  
						
						
						
					 
					
						2011-11-10 10:22:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1486ed4be 
							
						 
					 
					
						
						
							
							adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request  
						
						
						
					 
					
						2011-10-25 09:53:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6d64f87190 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-10-24 00:46:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1f7d87c6a4 
							
						 
					 
					
						
						
							
							bug fix for --code (previously redirecting codes where not considered)  
						
						
						
					 
					
						2011-10-23 20:48:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							77e630d89e 
							
						 
					 
					
						
						
							
							replaced longer CHAR form of escaped MySQL strings with more compact hex form  
						
						
						
					 
					
						2011-10-23 20:19:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f0517d3f3 
							
						 
					 
					
						
						
							
							support for non-latin (e.g. cyrillic) URLs  
						
						
						
					 
					
						2011-10-23 17:02:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0db0571f35 
							
						 
					 
					
						
						
							
							minor patch  
						
						
						
					 
					
						2011-10-21 09:06:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dd0ed5f5da 
							
						 
					 
					
						
						
							
							adding redirect response to the traffic file  
						
						
						
					 
					
						2011-09-28 08:13:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e0f521cf9d 
							
						 
					 
					
						
						
							
							minor update regarding --randomize  
						
						
						
					 
					
						2011-08-29 13:08:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac00014c4a 
							
						 
					 
					
						
						
							
							implemented --randomize switch by request  
						
						
						
					 
					
						2011-08-29 12:50:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							75ec146224 
							
						 
					 
					
						
						
							
							minor beautification  
						
						
						
					 
					
						2011-08-17 21:17:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							702ed73a65 
							
						 
					 
					
						
						
							
							Added --code switch to match in boolean-based tests against the HTTP response code  
						
						
						
					 
					
						2011-08-12 16:48:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fff4c34e33 
							
						 
					 
					
						
						
							
							Search for --string and --regexp matches also in HTTP response headers  
						
						
						
					 
					
						2011-08-12 15:33:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5e5133b8e7 
							
						 
					 
					
						
						
							
							Should be fixed now  
						
						
						
					 
					
						2011-08-12 15:00:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1505cb2a80 
							
						 
					 
					
						
						
							
							typo  
						
						
						
					 
					
						2011-08-12 14:51:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							702ca22d54 
							
						 
					 
					
						
						
							
							Minor bug fix for URI injections  
						
						
						
					 
					
						2011-08-12 14:48:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							28bba9f5e6 
							
						 
					 
					
						
						
							
							More verbose warning message  
						
						
						
					 
					
						2011-08-12 13:47:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							10bdd90e60 
							
						 
					 
					
						
						
							
							minor speed optimizations (as a result of profiling)  
						
						
						
					 
					
						2011-08-12 13:40:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							02bfd05b20 
							
						 
					 
					
						
						
							
							more general approach  
						
						
						
					 
					
						2011-07-08 10:03:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ba2c06c9dc 
							
						 
					 
					
						
						
							
							quick fix  
						
						
						
					 
					
						2011-07-08 09:01:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aedcf8c8d7 
							
						 
					 
					
						
						
							
							Changed homepage address  
						
						
						
					 
					
						2011-07-07 20:10:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93b296e02c 
							
						 
					 
					
						
						
							
							few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")  
						
						
						
					 
					
						2011-07-06 05:44:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							75524c283d 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-06-27 21:59:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							831f083223 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-06-27 21:38:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e9286ddd5b 
							
						 
					 
					
						
						
							
							fix for a bug reported by g@brindi.si (UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position  
						
						... 
						
						
						
						47: ordinal not in range(128)) 
						
					 
					
						2011-06-24 19:24:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e76cb19e35 
							
						 
					 
					
						
						
							
							minor patch  
						
						
						
					 
					
						2011-06-22 09:11:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b16b92fe46 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-06-21 20:59:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2220afbdf5 
							
						 
					 
					
						
						
							
							fix by request  
						
						
						
					 
					
						2011-06-21 20:50:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bdb530da1f 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-06-19 10:11:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d5bc149636 
							
						 
					 
					
						
						
							
							made changes by buawig request (504 is treated as a classical timeout)  
						
						
						
					 
					
						2011-06-19 09:57:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0d8d6a4ace 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2011-06-08 16:08:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4a9640160e 
							
						 
					 
					
						
						
							
							more concise  
						
						
						
					 
					
						2011-06-08 14:35:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6b81eef65a 
							
						 
					 
					
						
						
							
							refactoring  
						
						
						
					 
					
						2011-06-08 14:30:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							75c12c5edb 
							
						 
					 
					
						
						
							
							fix for a bug reported by cclements@flatearth.net (TypeError: argument of type 'NoneType' is not iterable)  
						
						
						
					 
					
						2011-06-07 21:46:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a5a70f0895 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-05-28 18:21:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c11ea35d53 
							
						 
					 
					
						
						
							
							adding some user input for "refreshing" cases (like redirect ones)  
						
						
						
					 
					
						2011-05-27 22:42:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cf69809c3c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-05-27 16:26:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61b960f65f 
							
						 
					 
					
						
						
							
							minor update related to the last one  
						
						
						
					 
					
						2011-05-26 22:05:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							45caadbd4a 
							
						 
					 
					
						
						
							
							important update - finally found what was causing headache for UNION payloads in noticeable number of cases  
						
						
						
					 
					
						2011-05-26 21:54:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f2c999146 
							
						 
					 
					
						
						
							
							fix for a bug reported by mail@8dh.de (UnicodeDecodeError:  requestMsg += "\n%s" % requestHeaders)  
						
						
						
					 
					
						2011-05-26 13:47:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f774d8fea0 
							
						 
					 
					
						
						
							
							proper Tor settings (reverted r3915 and implemented it the right way)  
						
						
						
					 
					
						2011-05-24 11:06:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							915c206e3d 
							
						 
					 
					
						
						
							
							minor fix for socks proxy issues  
						
						
						
					 
					
						2011-05-24 09:47:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ad25bcc2be 
							
						 
					 
					
						
						
							
							better way for dealing with relative paths  
						
						
						
					 
					
						2011-05-24 05:26:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a536bf210f 
							
						 
					 
					
						
						
							
							improved redirection mechanism  
						
						
						
					 
					
						2011-05-23 23:20:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							40971aca94 
							
						 
					 
					
						
						
							
							fixing nasty bug caused by retrying counter  
						
						
						
					 
					
						2011-05-22 10:59:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							712e238f33 
							
						 
					 
					
						
						
							
							another minor fix  
						
						
						
					 
					
						2011-05-22 10:29:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2795aeff34 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-05-22 10:27:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							806e898694 
							
						 
					 
					
						
						
							
							no more CRITICAL drop outs in test mode - lots of reports were related to this  
						
						
						
					 
					
						2011-05-22 10:21:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9b2623514a 
							
						 
					 
					
						
						
							
							one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables  
						
						
						
					 
					
						2011-05-22 09:48:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2ea613b170 
							
						 
					 
					
						
						
							
							type correction and adding global flag kb.ignoreTimeout which could be useful  
						
						
						
					 
					
						2011-05-22 08:24:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							27f0e73cc9 
							
						 
					 
					
						
						
							
							refactoring of 'target' flag in connect.py  
						
						
						
					 
					
						2011-05-22 07:46:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							25fff8c135 
							
						 
					 
					
						
						
							
							changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux)  
						
						
						
					 
					
						2011-05-21 11:46:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							053c245114 
							
						 
					 
					
						
						
							
							few minor fixes  
						
						
						
					 
					
						2011-05-13 09:56:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a7d7be5ce0 
							
						 
					 
					
						
						
							
							bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host)  
						
						
						
					 
					
						2011-05-13 01:01:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0b2da2f9f5 
							
						 
					 
					
						
						
							
							minor beautification for --tor switch  
						
						
						
					 
					
						2011-05-12 05:46:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1dea609019 
							
						 
					 
					
						
						
							
							fix for a bug reported by David (UnicodeDecodeError: url = url + '?' + query)  
						
						
						
					 
					
						2011-05-10 12:51:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a64407d9db 
							
						 
					 
					
						
						
							
							minor bug fix for multithreading and lots of connection retries  
						
						
						
					 
					
						2011-05-10 12:40:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							22a1870c2c 
							
						 
					 
					
						
						
							
							adding some constraining to number of used threads on brute force switches together with a warning in case of connection exception(s) with --threads>1  
						
						
						
					 
					
						2011-05-10 12:32:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b324b99f6e 
							
						 
					 
					
						
						
							
							minor update of warning message  
						
						
						
					 
					
						2011-05-04 10:41:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1e6c2fea74 
							
						 
					 
					
						
						
							
							update regarding warning for --random-agent during connection timeout in connection test phase  
						
						
						
					 
					
						2011-05-03 10:05:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f56d135438 
							
						 
					 
					
						
						
							
							Minor code restyling  
						
						
						
					 
					
						2011-04-30 13:20:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b299912de4 
							
						 
					 
					
						
						
							
							fix for a bug reported by ahmed@isecur1ty.org (UnicodeDecodeError: 'ascii' codec can't decode byte 0x84 in position 396: ordinal not in range(128)) for multipartpost  
						
						
						
					 
					
						2011-04-29 16:56:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6bb4dce3aa 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-04-29 15:22:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							11ecd16099 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2011-04-21 10:08:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fc90974940 
							
						 
					 
					
						
						
							
							revert of last commit because of the situation in detection phase where payload is made at the starting point (can't change conf.timeSec in that phase)  
						
						
						
					 
					
						2011-04-19 14:50:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7abbd0c029 
							
						 
					 
					
						
						
							
							removing a leftover  
						
						
						
					 
					
						2011-04-19 14:29:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							96b5fede5a 
							
						 
					 
					
						
						
							
							automatic increasing of time delay on lagging connections  
						
						
						
					 
					
						2011-04-19 14:28:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7a06af9a92 
							
						 
					 
					
						
						
							
							added "lagging" critical message  
						
						
						
					 
					
						2011-04-19 10:37:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6463cad8c5 
							
						 
					 
					
						
						
							
							minor update for SOAP payloads  
						
						
						
					 
					
						2011-04-18 14:29:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a7366bf710 
							
						 
					 
					
						
						
							
							SOAP refactoring  
						
						
						
					 
					
						2011-04-17 21:39:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0387654166 
							
						 
					 
					
						
						
							
							update of copyright string (until year)  
						
						
						
					 
					
						2011-04-15 12:33:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							83feb097ef 
							
						 
					 
					
						
						
							
							greater flexibility for --batch when default is None  
						
						
						
					 
					
						2011-04-08 22:29:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e957c4400c 
							
						 
					 
					
						
						
							
							minor revisit of tampering script(s) functionality (urlencode one is removed as it's currently obsolete regarding the whole process of automatic urlencoding)  
						
						
						
					 
					
						2011-04-04 08:04:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							305115a68b 
							
						 
					 
					
						
						
							
							important improvement of data handling (POST data and header values)  
						
						
						
					 
					
						2011-04-03 15:02:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dd01d66f13 
							
						 
					 
					
						
						
							
							proper update regarding last commit  
						
						
						
					 
					
						2011-03-29 22:10:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							850328df6c 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2011-03-29 22:03:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9f707febf5 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-03-29 15:43:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d28ca5809b 
							
						 
					 
					
						
						
							
							adding support for meta HTML header 'refresh' - popular one amongst login pages (stumbled when tested blind injections on Mutillidae login page)  
						
						
						
					 
					
						2011-03-29 14:16:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ae53ad4c30 
							
						 
					 
					
						
						
							
							making an update for special case of timed out response  
						
						
						
					 
					
						2011-03-28 21:05:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b53c9a2599 
							
						 
					 
					
						
						
							
							minor fix and some refactoring  
						
						
						
					 
					
						2011-03-18 00:24:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9526f0c4c2 
							
						 
					 
					
						
						
							
							Minor layout adjustments  
						
						
						
					 
					
						2011-03-17 12:35:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e64f225e65 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-03-11 20:16:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2fd3f0d7b2 
							
						 
					 
					
						
						
							
							minor update (added comment)  
						
						
						
					 
					
						2011-03-11 20:07:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5eae525010 
							
						 
					 
					
						
						
							
							this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly)  
						
						
						
					 
					
						2011-03-11 19:57:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5c97f9a496 
							
						 
					 
					
						
						
							
							improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries)  
						
						
						
					 
					
						2011-03-09 09:36:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9856cb71de 
							
						 
					 
					
						
						
							
							redo of the last commit with comments added  
						
						
						
					 
					
						2011-02-28 18:58:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ade31b2cb0 
							
						 
					 
					
						
						
							
							removal of obsolete item  
						
						
						
					 
					
						2011-02-28 18:49:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							21041f8b90 
							
						 
					 
					
						
						
							
							further reflective value handling improvement  
						
						
						
					 
					
						2011-02-27 17:43:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							63b8156c00 
							
						 
					 
					
						
						
							
							some update (if header key is non-unicode comformant)  
						
						
						
					 
					
						2011-02-25 09:43:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aa88361ab1 
							
						 
					 
					
						
						
							
							incorporation of method for neutralization of reflective values  
						
						
						
					 
					
						2011-02-25 09:22:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f8eadf4fe 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-02-22 13:00:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dcad5410fe 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-02-22 12:54:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							17c39fe231 
							
						 
					 
					
						
						
							
							fix for that non-HTML stuff  
						
						
						
					 
					
						2011-02-22 11:32:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							60b05ff49f 
							
						 
					 
					
						
						
							
							Reflect new switch name  
						
						
						
					 
					
						2011-02-19 21:05:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							535eb9f3eb 
							
						 
					 
					
						
						
							
							implementation of referer feature  
						
						
						
					 
					
						2011-02-11 23:07:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							156d8cd99b 
							
						 
					 
					
						
						
							
							Directory restyling  
						
						
						
					 
					
						2011-02-08 00:15:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e4933f0c92 
							
						 
					 
					
						
						
							
							refactoring  
						
						
						
					 
					
						2011-02-03 23:25:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							402c1b622e 
							
						 
					 
					
						
						
							
							removing urlencode from UA  
						
						
						
					 
					
						2011-02-02 15:18:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6761933f75 
							
						 
					 
					
						
						
							
							Just.. cosmetics ;)  
						
						
						
					 
					
						2011-01-31 22:51:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							35b6d7278a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-31 22:50:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							60a2364f2b 
							
						 
					 
					
						
						
							
							now union technique parses headers too  
						
						
						
					 
					
						2011-01-31 12:41:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fc9c626f9e 
							
						 
					 
					
						
						
							
							minor refactoring (removed URL_ENCODE_PAYLOAD)  
						
						
						
					 
					
						2011-01-30 17:03:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8e74c571bc 
							
						 
					 
					
						
						
							
							centralization of urlencoding should be (only) in connect.py and we are from now on handling non-urlencoded data at other levels  
						
						
						
					 
					
						2011-01-27 19:44:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							81722b6881 
							
						 
					 
					
						
						
							
							major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values)  
						
						
						
					 
					
						2011-01-27 18:36:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							03413bd5e0 
							
						 
					 
					
						
						
							
							minor refactoring before a huge bug fix reported by Ahmed Shawky (we are falsely urlencoding ORIGINAL part of the injection payload)  
						
						
						
					 
					
						2011-01-27 16:55:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							430fd5cd63 
							
						 
					 
					
						
						
							
							minor fixes  
						
						
						
					 
					
						2011-01-25 16:05:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cab86871fe 
							
						 
					 
					
						
						
							
							fix for a bug reported by mhackmail@gmail.com (local variable 'code' referenced before assignment)  
						
						
						
					 
					
						2011-01-25 11:02:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4093599f38 
							
						 
					 
					
						
						
							
							added parseTargetUrl to redirect choice  
						
						
						
					 
					
						2011-01-24 14:45:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1fa8f0cba7 
							
						 
					 
					
						
						
							
							code reviewing part 2  
						
						
						
					 
					
						2011-01-15 12:53:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb9d7cdfaa 
							
						 
					 
					
						
						
							
							refactoring, code clearing and removal of obsolete switch --longest-common  
						
						
						
					 
					
						2011-01-14 14:37:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							06230e4d92 
							
						 
					 
					
						
						
							
							Minor code refactoring and cosmetics  
						
						
						
					 
					
						2011-01-11 21:46:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c86ec374e 
							
						 
					 
					
						
						
							
							Code refactoring and cosmetics  
						
						
						
					 
					
						2011-01-07 15:41:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							709a7d156b 
							
						 
					 
					
						
						
							
							fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...)  
						
						
						
					 
					
						2011-01-04 12:51:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d288c6d6e3 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-04 08:40:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							08ccbf2c1e 
							
						 
					 
					
						
						
							
							important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)  
						
						
						
					 
					
						2011-01-03 22:02:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							07129371bf 
							
						 
					 
					
						
						
							
							bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests)  
						
						
						
					 
					
						2011-01-03 13:04:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							da138c46c1 
							
						 
					 
					
						
						
							
							added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)  
						
						
						
					 
					
						2011-01-02 07:37:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ef27fd5ea1 
							
						 
					 
					
						
						
							
							there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) ( http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html ,  http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html )  
						
						
						
					 
					
						2011-01-01 15:20:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93838fb155 
							
						 
					 
					
						
						
							
							"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)  
						
						
						
					 
					
						2010-12-28 14:40:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f2373121d0 
							
						 
					 
					
						
						
							
							noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more)  
						
						
						
					 
					
						2010-12-26 14:36:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							569e060aab 
							
						 
					 
					
						
						
							
							important improvement  
						
						
						
					 
					
						2010-12-26 13:20:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b472b96f92 
							
						 
					 
					
						
						
							
							bug fix, refactoring and improved extractErrorMessage capabilities  
						
						
						
					 
					
						2010-12-25 10:16:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2c23a59ba5 
							
						 
					 
					
						
						
							
							fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)  
						
						
						
					 
					
						2010-12-24 12:13:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a09716a701 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-24 10:07:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cb17e61f35 
							
						 
					 
					
						
						
							
							bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959)  
						
						
						
					 
					
						2010-12-24 02:54:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							017ea9e686 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-23 14:06:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fc60215ed 
							
						 
					 
					
						
						
							
							lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.  
						
						
						
					 
					
						2010-12-22 19:12:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							250608660d 
							
						 
					 
					
						
						
							
							Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not)  
						
						
						
					 
					
						2010-12-22 13:41:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							385e208f38 
							
						 
					 
					
						
						
							
							code refactoring regarding standard output suppression and some threading issues  
						
						
						
					 
					
						2010-12-21 14:21:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6b37ddada4 
							
						 
					 
					
						
						
							
							removed some blank trailing spaces (with extra/shutils/blanks.sh)  
						
						
						
					 
					
						2010-12-21 10:31:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d554460aec 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-21 01:09:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							416755c0b7 
							
						 
					 
					
						
						
							
							minor adjustments  
						
						
						
					 
					
						2010-12-21 00:25:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							29001a4fce 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-20 23:21:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fd3e7ba1f 
							
						 
					 
					
						
						
							
							thread based data added  
						
						
						
					 
					
						2010-12-20 22:45:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c948bced61 
							
						 
					 
					
						
						
							
							should solve the problem with timeout problems in time-based payloads  
						
						
						
					 
					
						2010-12-20 16:45:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eaf8929085 
							
						 
					 
					
						
						
							
							more minor updates  
						
						
						
					 
					
						2010-12-20 10:48:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							108a96c6b4 
							
						 
					 
					
						
						
							
							some fixes  
						
						
						
					 
					
						2010-12-17 21:45:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7344a5fc3 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-11 21:28:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							435f48b8cc 
							
						 
					 
					
						
						
							
							polite cosmetics  
						
						
						
					 
					
						2010-12-10 15:28:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9230877d98 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2010-12-09 13:57:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							196131bbca 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-12-09 10:42:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3fd1c37d53 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-09 07:49:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							40fadf2f35 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-08 14:33:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							01cf1394a4 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-08 14:26:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							47bb31fb47 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-08 11:30:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ae2fa7f1a 
							
						 
					 
					
						
						
							
							update regarding time based payloads  
						
						
						
					 
					
						2010-12-08 11:26:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a4a63f5b1e 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-07 23:49:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							293ce18fed 
							
						 
					 
					
						
						
							
							two major bug fixes regarding time calculation (previously comparison was also a part of "delta", which screwed results in cases with large pages; other was a standard distribution based one)  
						
						
						
					 
					
						2010-12-07 23:32:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dc651d59ec 
							
						 
					 
					
						
						
							
							little mathematics here and there (used "Rules for normally distributed data")  
						
						
						
					 
					
						2010-12-07 19:19:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							294119d2ec 
							
						 
					 
					
						
						
							
							more advanced time technique(s)  
						
						
						
					 
					
						2010-12-07 16:04:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0dc630203f 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-07 13:34:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9e5f933ace 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-12-04 15:47:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5d37df6104 
							
						 
					 
					
						
						
							
							Ugly code to set the cookies when got them from a 302 redirect too  
						
						
						
					 
					
						2010-12-03 17:41:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e735f2960a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-29 15:25:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e3b24afe6 
							
						 
					 
					
						
						
							
							Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.  
						
						... 
						
						
						
						All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 
						
					 
					
						2010-11-28 18:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							253eafb643 
							
						 
					 
					
						
						
							
							paranoid cosmetics  
						
						
						
					 
					
						2010-11-24 12:03:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3d25071d06 
							
						 
					 
					
						
						
							
							another minor improvement regarding logging of http traffic  
						
						
						
					 
					
						2010-11-17 12:16:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3e569a1693 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-17 12:04:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3487429eac 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-11-16 14:41:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3640dbf745 
							
						 
					 
					
						
						
							
							fix for --parse-errors (on IIS HTTP error is raised which need to be processed)  
						
						
						
					 
					
						2010-11-16 14:33:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6232397129 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-16 10:52:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6ef3846400 
							
						 
					 
					
						
						
							
							update regarding error parsing (and reporting)  
						
						
						
					 
					
						2010-11-16 10:42:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							71cb982039 
							
						 
					 
					
						
						
							
							Another bug fix to --union-test  
						
						
						
					 
					
						2010-11-15 21:42:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06a872fc99 
							
						 
					 
					
						
						
							
							update/fix for an issue reported by nightman (IncompleteRead: IncompleteRead(1284 bytes read))  
						
						
						
					 
					
						2010-11-12 22:57:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							697b32554c 
							
						 
					 
					
						
						
							
							fix for a bug "ordinal not in range(128)" reported by bugtrace  
						
						
						
					 
					
						2010-11-12 11:48:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a14e4d9668 
							
						 
					 
					
						
						
							
							Referer does not have to be static, it's already a switch (--referer) so that user can specify it manually.  
						
						
						
					 
					
						2010-11-12 10:16:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fda8752dca 
							
						 
					 
					
						
						
							
							revert of some HTTP headers handling  
						
						
						
					 
					
						2010-11-08 13:26:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							78d7b17483 
							
						 
					 
					
						
						
							
							More replacements for refactoring.  
						
						... 
						
						
						
						Minor layout adjustments.
Alignment of conffile/optiondict/cmdline parameters. 
						
					 
					
						2010-11-08 12:36:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							875781bf97 
							
						 
					 
					
						
						
							
							another minor fix  
						
						
						
					 
					
						2010-11-08 11:55:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4a4a3051e5 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-11-08 11:39:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3de10e3a2 
							
						 
					 
					
						
						
							
							new option -t  
						
						
						
					 
					
						2010-11-08 11:22:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0d0e2a2228 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-08 09:49:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d551423379 
							
						 
					 
					
						
						
							
							further enum refactoring  
						
						
						
					 
					
						2010-11-08 09:44:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							862395ced1 
							
						 
					 
					
						
						
							
							further refactoring (all enumerations are now put into enums.py)  
						
						
						
					 
					
						2010-11-08 09:20:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8e44aa605a 
							
						 
					 
					
						
						
							
							refactoring regarding injection place (more left)  
						
						
						
					 
					
						2010-11-08 08:02:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b6da946883 
							
						 
					 
					
						
						
							
							Added one new verbose level, -v 3 now shows the full injected payload.  
						
						... 
						
						
						
						Fixed also -d verbose output. 
						
					 
					
						2010-11-07 22:34:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a96467b3e2 
							
						 
					 
					
						
						
							
							Refactoring  
						
						
						
					 
					
						2010-11-07 21:55:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d3e7e89e60 
							
						 
					 
					
						
						
							
							major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces  
						
						
						
					 
					
						2010-11-07 21:18:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							508b9cc763 
							
						 
					 
					
						
						
							
							dynamicity engine update  
						
						
						
					 
					
						2010-11-07 00:12:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ef1809464d 
							
						 
					 
					
						
						
							
							bug fix for that BadStatusLine ( http://bugs.python.org/issue8450 )  
						
						
						
					 
					
						2010-11-05 11:58:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6295a59a30 
							
						 
					 
					
						
						
							
							minor update/fix  
						
						
						
					 
					
						2010-11-05 11:39:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f7f4bf15b 
							
						 
					 
					
						
						
							
							minor debug update (probably temporary)  
						
						
						
					 
					
						2010-11-05 11:04:00 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b152b1a04d 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-11-03 22:07:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71d0b1bcd7 
							
						 
					 
					
						
						
							
							several bug fixes  
						
						
						
					 
					
						2010-11-03 21:51:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3eda4510e2 
							
						 
					 
					
						
						
							
							Properly encode the cookie  
						
						
						
					 
					
						2010-10-31 11:26:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3a48bee9b0 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2010-10-31 11:03:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8cf0ebde1e 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-10-29 23:00:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cbf38436f2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-29 16:15:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a38ac7ea9 
							
						 
					 
					
						
						
							
							important update regarding (Bug  #209 ) - probably more will be needed  
						
						
						
					 
					
						2010-10-29 16:11:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							895efd28a6 
							
						 
					 
					
						
						
							
							one more update regarding Bug  #205  
						
						
						
					 
					
						2010-10-28 23:22:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							788eb8fb50 
							
						 
					 
					
						
						
							
							update regarding Bug  #205  
						
						
						
					 
					
						2010-10-28 22:59:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							228ac0cde5 
							
						 
					 
					
						
						
							
							refactoring regarding --check-payload  
						
						
						
					 
					
						2010-10-25 18:38:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							378653a1ec 
							
						 
					 
					
						
						
							
							added IDS payload testing  
						
						
						
					 
					
						2010-10-25 15:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2668c95ef4 
							
						 
					 
					
						
						
							
							added default HTTP version used by httplib and urllib2  
						
						
						
					 
					
						2010-10-21 09:10:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8b8fff41fe 
							
						 
					 
					
						
						
							
							cosmetics (adding html parsed DBMS) regarding heuristic check  
						
						
						
					 
					
						2010-10-18 12:11:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							36bc410333 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-10-18 09:50:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							149837ebf5 
							
						 
					 
					
						
						
							
							added the same for proxy authorization header  
						
						
						
					 
					
						2010-10-18 09:02:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aaebb4336e 
							
						 
					 
					
						
						
							
							fix for Bug  #202  
						
						
						
					 
					
						2010-10-18 08:54:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dcb9c2103a 
							
						 
					 
					
						
						
							
							just in case update  
						
						
						
					 
					
						2010-10-15 11:20:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5f6d88a418 
							
						 
					 
					
						
						
							
							Minor comment  
						
						
						
					 
					
						2010-10-15 11:17:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f7f20b94f 
							
						 
					 
					
						
						
							
							sorry, cosmetics  
						
						
						
					 
					
						2010-10-14 23:18:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8b48833136 
							
						 
					 
					
						
						
							
							large commit with copyright header modifications  
						
						
						
					 
					
						2010-10-14 14:41:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							162d01abed 
							
						 
					 
					
						
						
							
							commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...)  
						
						
						
					 
					
						2010-10-14 11:06:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dc50543ea4 
							
						 
					 
					
						
						
							
							major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects)  
						
						
						
					 
					
						2010-10-13 23:01:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							36ef8ca575 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-10-13 22:42:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							02a14d4c45 
							
						 
					 
					
						
						
							
							added Referer (part of Feature  #37 )  
						
						
						
					 
					
						2010-10-13 22:08:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							34580f56fc 
							
						 
					 
					
						
						
							
							added --tamper option  
						
						
						
					 
					
						2010-10-12 22:45:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							43892cddbb 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-10-11 12:26:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fcad29bbf 
							
						 
					 
					
						
						
							
							new feature --forms (still unfinished)  
						
						
						
					 
					
						2010-10-10 18:56:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							adf2231edb 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-06 13:38:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cf17debf79 
							
						 
					 
					
						
						
							
							changed connection message priority to critical (when verbose=0 it's displayed too)  
						
						
						
					 
					
						2010-09-27 13:34:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							13bb3a6212 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-09-23 14:07:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							da8ae5578b 
							
						 
					 
					
						
						
							
							first commit regarding Feature  #144  
						
						
						
					 
					
						2010-09-22 11:56:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							975b96ae28 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2010-09-16 09:47:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1741801ade 
							
						 
					 
					
						
						
							
							implementation of HEAD/Range methods  
						
						
						
					 
					
						2010-09-16 09:32:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b745331974 
							
						 
					 
					
						
						
							
							added null connection check  
						
						
						
					 
					
						2010-09-16 08:43:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ecd6b573f7 
							
						 
					 
					
						
						
							
							added method parameter to the queryPage function  
						
						
						
					 
					
						2010-09-15 14:17:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							34a8cd75e3 
							
						 
					 
					
						
						
							
							added support for setting HTTP method manualy  
						
						
						
					 
					
						2010-09-15 12:45:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							436b7d82fb 
							
						 
					 
					
						
						
							
							fixed a bug reported by Marek Sarvas  
						
						
						
					 
					
						2010-08-22 08:52:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fea2414759 
							
						 
					 
					
						
						
							
							Display HTTP request in -v>=3 even if connection failed  
						
						
						
					 
					
						2010-06-10 14:42:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5bb8e154eb 
							
						 
					 
					
						
						
							
							Minor code improvements  
						
						
						
					 
					
						2010-06-10 14:15:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							36953221f8 
							
						 
					 
					
						
						
							
							few quick changes  
						
						
						
					 
					
						2010-06-10 11:34:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eaef068c90 
							
						 
					 
					
						
						
							
							major bug fix (different HTTP content charsets are now properly handled)  
						
						
						
					 
					
						2010-06-09 14:40:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e811101dce 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-05-28 23:39:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3db3c03c1 
							
						 
					 
					
						
						
							
							str() -> unicode()  
						
						
						
					 
					
						2010-05-28 13:05:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cda8da288c 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2010-05-21 12:18:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f6bffb61d3 
							
						 
					 
					
						
						
							
							minor adjustment  
						
						
						
					 
					
						2010-05-21 11:51:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							460a1ba872 
							
						 
					 
					
						
						
							
							fix for my imperfect calculations :)  
						
						
						
					 
					
						2010-05-21 11:41:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68e13c3872 
							
						 
					 
					
						
						
							
							periodical commit  
						
						
						
					 
					
						2010-05-21 09:35:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b8a5a54395 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-05-15 20:44:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4984ceac49 
							
						 
					 
					
						
						
							
							some code refactoring and minor speed up (jump prediction rule)  
						
						
						
					 
					
						2010-05-14 15:20:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5396f13bab 
							
						 
					 
					
						
						
							
							added CPU throttling for lowering sqlmap's CPU intensivity  
						
						
						
					 
					
						2010-05-13 15:19:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							44ea8f1861 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2010-05-06 11:00:58 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							147e14356d 
							
						 
					 
					
						
						
							
							Major bug fix (reported by Thierry Zoller)  
						
						
						
					 
					
						2010-05-06 10:52:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4928c684b3 
							
						 
					 
					
						
						
							
							one more thing  
						
						
						
					 
					
						2010-05-04 08:45:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							789dd6c66f 
							
						 
					 
					
						
						
							
							more quick fixes  
						
						
						
					 
					
						2010-05-04 08:43:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							af701cdaa2 
							
						 
					 
					
						
						
							
							better way to handle that last commit problem  
						
						
						
					 
					
						2010-05-04 08:36:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5bc07426e0 
							
						 
					 
					
						
						
							
							added exception handler around block reported by Thierry Zoller  
						
						
						
					 
					
						2010-05-04 08:03:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a1b1f960cc 
							
						 
					 
					
						
						
							
							Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function  
						
						
						
					 
					
						2010-04-23 16:34:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1aeaa5db47 
							
						 
					 
					
						
						
							
							implementation of Feature  #176  (Safe URL: avoid being kicked out after N unsuccessful requests)  
						
						
						
					 
					
						2010-04-16 12:44:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							63c70018ca 
							
						 
					 
					
						
						
							
							fix for that update (conf.cj) problem mentioned by shiftzwei@gmail.com  
						
						
						
					 
					
						2010-04-09 10:16:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5fdebb5d5b 
							
						 
					 
					
						
						
							
							Added support to directly connect also to Microsoft SQL Server database.  
						
						... 
						
						
						
						Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods. 
						
					 
					
						2010-03-31 10:50:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bfc12e93c5 
							
						 
					 
					
						
						
							
							ms access returns -1 for True  
						
						
						
					 
					
						2010-03-30 11:33:51 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a0290a257b 
							
						 
					 
					
						
						
							
							Added support to connect directly also to Oracle - see  #158  
						
						
						
					 
					
						2010-03-27 21:50:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1416cd0d86 
							
						 
					 
					
						
						
							
							Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see  #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).  
						
						... 
						
						
						
						Minor layout adjustments. 
						
					 
					
						2010-03-26 23:23:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8e57767c48 
							
						 
					 
					
						
						
							
							Fixes   #180  - properly url encode sqlmap payload in POST/Cookie too, like for GET  
						
						
						
					 
					
						2010-03-23 10:27:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							466df89c4a 
							
						 
					 
					
						
						
							
							Fixes   #178  and  #179  - proper handling of custom redirects  
						
						
						
					 
					
						2010-03-16 14:30:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b3353e05b 
							
						 
					 
					
						
						
							
							Revert last commit  
						
						
						
					 
					
						2010-03-16 13:56:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1dfe558d3d 
							
						 
					 
					
						
						
							
							Fix for Issue  #177  
						
						
						
					 
					
						2010-03-16 13:11:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							323cf2b7f2 
							
						 
					 
					
						
						
							
							Fixes   #177  - Don't exit at exception if in "multiple targets" mode (-l or -g)  
						
						
						
					 
					
						2010-03-16 12:14:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6d0ea86414 
							
						 
					 
					
						
						
							
							Fixes   #59  - proper customizable redirect (302 and 301)  
						
						
						
					 
					
						2010-03-15 14:24:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							156fdd96ef 
							
						 
					 
					
						
						
							
							Updated copyright  
						
						
						
					 
					
						2010-03-03 15:26:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a0f5c3d885 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-02-25 13:45:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3e152f8b20 
							
						 
					 
					
						
						
							
							minor code refactoring  
						
						
						
					 
					
						2010-02-25 13:33:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							28d5248c04 
							
						 
					 
					
						
						
							
							one more fix regarding localhost/global proxy issue  
						
						
						
					 
					
						2010-02-25 13:30:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							542b01993e 
							
						 
					 
					
						
						
							
							minor fix regarding exception handling of multi-part post handler  
						
						
						
					 
					
						2010-02-09 14:02:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c88e32f9d 
							
						 
					 
					
						
						
							
							bug fix for 404 program termination during shell upload attempt  
						
						
						
					 
					
						2010-02-03 16:16:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							98205cc488 
							
						 
					 
					
						
						
							
							another fix for Bug  #148  
						
						
						
					 
					
						2010-01-23 23:29:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							39652bfbf4 
							
						 
					 
					
						
						
							
							update regarding Unicode char logging (Bug  #148 )  
						
						
						
					 
					
						2010-01-23 15:36:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							574880ba73 
							
						 
					 
					
						
						
							
							Warn user of HTTP error codes in HTTP responses  
						
						
						
					 
					
						2010-01-19 10:27:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c18a5cb92f 
							
						 
					 
					
						
						
							
							Fixed a minor bug when displaying requested page in -v >= 3  
						
						
						
					 
					
						2010-01-16 21:47:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							26c7b74e65 
							
						 
					 
					
						
						
							
							changes regarding Data (GET/POST/Cookie) encoding (Bug  #129 )  
						
						
						
					 
					
						2010-01-14 18:05:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ce022a3b6e 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.  
						
						
						
					 
					
						2010-01-02 02:02:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9c620da0a5 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2009-12-31 12:34:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c1c14dabd9 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2009-12-21 11:21:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e4e081cdc6 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.  
						
						
						
					 
					
						2009-12-17 22:04:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c5d20b8a86 
							
						 
					 
					
						
						
							
							Initial support for ASP web backdoor functionality  
						
						
						
					 
					
						2009-05-06 12:14:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							58f3eee390 
							
						 
					 
					
						
						
							
							Updated Microsoft SQL Server XML signatures file and minor bug fix in connection library  
						
						
						
					 
					
						2009-04-28 11:11:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1d7de719b9 
							
						 
					 
					
						
						
							
							Almost done with web backdoor functionality  
						
						
						
					 
					
						2009-04-28 11:05:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							16b4530bbe 
							
						 
					 
					
						
						
							
							Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).  
						
						... 
						
						
						
						Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS. 
						
					 
					
						2009-04-27 23:05:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8c0ac767f4 
							
						 
					 
					
						
						
							
							Updated to sqlmap 0.7 release candidate 1  
						
						
						
					 
					
						2009-04-22 11:48:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a8d57bb031 
							
						 
					 
					
						
						
							
							Avoid DeprecationWarning with Python 2.6+  
						
						
						
					 
					
						2009-01-22 23:53:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5560f0b68a 
							
						 
					 
					
						
						
							
							Updated the copyright  
						
						
						
					 
					
						2009-01-12 21:35:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8d06975142 
							
						 
					 
					
						
						
							
							Major enhancement to make the comparison algorithm work properly also  
						
						... 
						
						
						
						on url not stables automatically by using the difflib SequenceMatcher
object: this changed a lot into the structure of the code, has to be
extensively beta-tested!
Please, do report bugs on sqlmap-users mailing list if you scout them.
Cheers,
Bernardo 
						
					 
					
						2008-12-20 01:54:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0d6632c22 
							
						 
					 
					
						
						
							
							Initial support to automatically work around the dynamic page at each refresh  
						
						... 
						
						
						
						(Major refactor to the comparison algorithm (True/False response)) 
						
					 
					
						2008-12-18 20:48:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c32ef9d751 
							
						 
					 
					
						
						
							
							Major bug fix to avoid tracebacks when multiple targets are specified and one  
						
						... 
						
						
						
						of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided. 
						
					 
					
						2008-12-18 20:38:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							38c9627700 
							
						 
					 
					
						
						
							
							Minor enhancemet to support also --regexp, --excl-str and --excl-reg  
						
						... 
						
						
						
						options rather than only --string when comparing HTTP responses page
content 
						
					 
					
						2008-12-05 15:34:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7f055924a7 
							
						 
					 
					
						
						
							
							sqlmap 0.6.3-rc4:  
						
						... 
						
						
						
						Minor enhancement to be able to specify the number of seconds before
timeout the connection, default is set to 10 seconds.
Minor improvement to retry the HTTP request up to three times in case
an exception is raised during the connection to the target url.
Minor bug fix to correctly catch connection exceptions and notify to
the user also if they occur within a thread.
Minor code restyling.
Updated documentation. 
						
					 
					
						2008-12-04 17:40:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b700485a1b 
							
						 
					 
					
						
						
							
							Minor adjustment, still to work on the cookie urlencoding/decoding  
						
						
						
					 
					
						2008-12-02 21:57:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							428612b431 
							
						 
					 
					
						
						
							
							Comment and layout adjustments  
						
						
						
					 
					
						2008-12-01 23:04:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9be844cf3e 
							
						 
					 
					
						
						
							
							Adapted the code to support a list of targets from a text file (Burp log file) or from a directory (WebScarab conversations folder) with command line option -l.  
						
						
						
					 
					
						2008-11-20 17:56:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							654aecedfe 
							
						 
					 
					
						
						
							
							Minor layout adjustments, minor fixes and updated changelog  
						
						
						
					 
					
						2008-11-17 00:00:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							84cbc60659 
							
						 
					 
					
						
						
							
							Major bug fix to correctly handle httplib.BadStatusLine exception.  
						
						... 
						
						
						
						Minor improvement to set by default in all HTTP requests the standard HTTP headers (Accept, Accept-Encoding, etc.)
Updated user's manual. 
						
					 
					
						2008-11-15 12:25:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0c5d3df546 
							
						 
					 
					
						
						
							
							sqlmap 0.6.3-rc1:  
						
						... 
						
						
						
						* Minor enhancement to be able to specify the number of seconds to wait between each HTTP request.
* Minor bug fix to handle session.error and session.timeout in HTTP requests.
* Updated documentation. 
						
					 
					
						2008-11-09 16:57:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9895338630 
							
						 
					 
					
						
						
							
							Major bug fix following the last commit  
						
						
						
					 
					
						2008-10-27 23:56:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							eb6e6f4d03 
							
						 
					 
					
						
						
							
							Major bug fix when the request is POST to also send the GET parameters in the request if they've been provided  
						
						
						
					 
					
						2008-10-27 15:42:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							016118ce7a 
							
						 
					 
					
						
						
							
							Some more fixes and adjustments before 0.6.1 release.  
						
						
						
					 
					
						2008-10-17 15:26:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1f3ffc8ef7 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2008-10-17 13:23:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							66136b48c0 
							
						 
					 
					
						
						
							
							Minor fixes.. should work also for Cookie now the % parsing  
						
						
						
					 
					
						2008-10-17 11:51:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a5b2366033 
							
						 
					 
					
						
						
							
							Implemented a better way to deal with % characters in parameters' value. Minor code restyle.  
						
						
						
					 
					
						2008-10-16 15:31:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							892a7b2f8a 
							
						 
					 
					
						
						
							
							propsets..  
						
						
						
					 
					
						2008-10-15 15:56:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8e3eb45510 
							
						 
					 
					
						
						
							
							After the storm, a restore..  
						
						
						
					 
					
						2008-10-15 15:38:22 +00:00