| 
							
							
								 Miroslav Stampar | 9077eadf23 | update of doc/THANKS | 2011-05-26 08:22:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a397baa89a | fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches | 2011-05-26 08:17:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f3ed61af5f | bug fix when using inference and kb.pageEncoding is None (like in binary cases) | 2011-05-25 21:12:12 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5369657cd5 | fix for cases with retrieved binary files (preventing difflib nagging around comparison) | 2011-05-25 20:54:30 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a1fd2898a0 | added friendly tip message for url encoding GET and POST payloads | 2011-05-25 11:10:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0e480a9921 | adding SYS to the ORACLE_SYSTEM_DBS | 2011-05-25 10:55:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2f456bee75 | minor beautification | 2011-05-25 08:14:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8b7a3c5a6b | making it easier for totally dummy users | 2011-05-24 17:24:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bec2c04671 | helping dummy users | 2011-05-24 17:15:25 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a3466ff79c | serving everything for the users | 2011-05-24 16:34:08 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 69eb173eca | minor just in case patch | 2011-05-24 15:07:37 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0072c3af8e | fix for a bug reported by aboynes@gmail.com (for elt in self.a) | 2011-05-24 15:03:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f774d8fea0 | proper Tor settings (reverted r3915 and implemented it the right way) | 2011-05-24 11:06:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0486d1cdaa | minor module update | 2011-05-24 10:32:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 915c206e3d | minor fix for socks proxy issues | 2011-05-24 09:47:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0baf931669 | real generic comment is "-- " not "--" (MySQL doesn't support "--") | 2011-05-24 09:16:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ad25bcc2be | better way for dealing with relative paths | 2011-05-24 05:26:51 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a536bf210f | improved redirection mechanism | 2011-05-23 23:20:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 128a012121 | this was causing that --suffix trouble | 2011-05-23 19:59:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bfe8e51b7c | minor fix for retrieving stuff like "SELECT * FROM testdb..users" | 2011-05-23 19:45:40 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1067d43f14 | minor update | 2011-05-23 19:16:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2b12b18357 | incorporating metasploit patch from oliver.kuckertz@mologie.de | 2011-05-23 15:27:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4542d4535f | minor beautification | 2011-05-23 14:28:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 31b48ec11c | removing space left | 2011-05-23 14:18:33 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0ed03d474f | now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate | 2011-05-23 11:09:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 868fbe370b | minor beautification | 2011-05-23 10:39:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 171a4c389b | added MySQL >=4.1 <=5.0 error based WHERE/HAVING payload | 2011-05-23 06:24:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fb23beef6f | most elegant way i could think of to deal with "collation incompatibilities" issue on some MySQL/UNION cases (affected about 5% of all targets tested) | 2011-05-22 19:14:36 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4fdb6ac9b9 | adding useful info | 2011-05-22 15:30:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 48c20a62ac | minor nag fix | 2011-05-22 15:08:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 40971aca94 | fixing nasty bug caused by retrying counter | 2011-05-22 10:59:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 712e238f33 | another minor fix | 2011-05-22 10:29:25 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2795aeff34 | minor fix | 2011-05-22 10:27:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 806e898694 | no more CRITICAL drop outs in test mode - lots of reports were related to this | 2011-05-22 10:21:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7b52bbe3fb | reverting that ignoreTimeout for --tables (because of this and that) | 2011-05-22 09:59:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9b2623514a | one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables | 2011-05-22 09:48:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2ea613b170 | type correction and adding global flag kb.ignoreTimeout which could be useful | 2011-05-22 08:24:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 27f0e73cc9 | refactoring of 'target' flag in connect.py | 2011-05-22 07:46:09 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a58aaf2e1a | better format for results file (easier for sorting when lots of files) | 2011-05-22 07:02:36 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 25fff8c135 | changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux) | 2011-05-21 11:46:57 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 939e6541d0 | far safer way for dealing with error-based payloads on MySQL (no timeouts with .CHARACTER_SETS on testing platforms versus when used .TABLES) | 2011-05-19 23:36:51 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 126cdf9e19 | minor info update | 2011-05-19 23:28:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a034462c31 | fixing annoying timeouts for basic DBMS check (reference: http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html#function_timestampadd) | 2011-05-19 23:03:00 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5a979f7667 | minor bug fix for empty colList; also added "do you want to use LIKE" (LIKE is default) question when -C used | 2011-05-19 17:35:33 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9e5856caf8 | improvement for recognition of scalar vs multiple-row commands | 2011-05-19 16:45:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | db72428765 | minor update | 2011-05-19 15:57:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f40c6b2ce7 | added --cookie for maskSensitiveData too | 2011-05-19 15:42:59 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bd1b07fbc2 | one more parameter replace payload for MySQL and rising level of GENERATE_SERIES for PostgreSQL | 2011-05-19 06:32:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7f086916c0 | decent parameter replace payload for PostgreSQL (GENERATE_SERIES) | 2011-05-18 23:40:42 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e58d6d2e00 | removing (CBRT(LN(0)) because it's nothing special compared to standard 1/0; also, removing parameter replacement with returned value 1 as it doesn't have much sense in comparison to origvalue one (which is far more stable and usable) | 2011-05-18 23:20:02 +00:00 |  |