| 
							
							
								 Bernardo Damele | db77f8b055 | Code cleanup | 2011-02-06 22:33:08 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | f3d6be7868 | Code cleanup | 2011-02-06 22:32:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ecaf5729fd | revert | 2011-02-06 22:14:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 078a2207cc | few reverts | 2011-02-06 22:10:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b9b2fe0e7c | little cleanup | 2011-02-06 21:52:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c4c2cf1d58 | can't stay as it is right now. temporary disabling. | 2011-02-06 21:17:41 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d2b96a66a2 | one more update regarding last few "unescape" related commits | 2011-02-06 20:23:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | caaac72029 | minor update regarding last commit | 2011-02-06 20:15:03 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 6191a7f26f | Major fix for a silent bug | 2011-02-06 15:53:43 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 1bc2ee2fbf | Updated | 2011-02-06 15:44:27 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 8980227d30 | Minor bug fix | 2011-02-06 15:32:16 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 2afc1e5021 | Layout adjustments | 2011-02-06 15:28:23 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | a5a648f4fe | Correctly handle --read-file and --write-file if neither stacked queries nor union query SQL injection has been detected. Support to read files on MySQL via error-based SQL injection technique will come as soon as we fix the MySQL/trim/error-based bug | 2011-02-06 15:23:27 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c44978862e | Minor reordering of what gets saved into the injection object | 2011-02-06 15:20:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5ecb75cc56 | minor update | 2011-02-06 15:14:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f754953c4f | reverting this one. spotted a major bug. dbms is not properly enforced at this moment, don't know why. if it was this would be properly encoded. | 2011-02-06 12:33:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 97f9c9d119 | bug fix (playing with wavsep i've realized that we are sending in this payload quoted 'string' (causing problems), while MD5 also accepts integer values | 2011-02-06 12:24:50 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 412a97b7fe | fix for a bug reported by ahmed@isecur1ty.org (TypeError: unsupported operand type(s) for -: 'float' and 'NoneType') | 2011-02-05 14:17:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4df8a03c04 | using OrderedDict to store parameters in order of appearance | 2011-02-04 18:07:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | acb986ae80 | minor refactoring | 2011-02-04 17:40:55 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | fec88f6a6d | Minor fix | 2011-02-04 15:57:53 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1e8eb27156 | update of doc/THANKS | 2011-02-04 14:07:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 09e88cfb19 | fix for a bug reported by zack.payton@executiveinstruments.com (object of type 'NoneType' has no len()) | 2011-02-04 14:05:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 14c87ec80d | minor fix | 2011-02-04 13:29:02 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f83f1a1e06 | minor just in case update | 2011-02-04 13:08:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c69b76776e | minor refactoring | 2011-02-04 13:04:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | accf4e6ce0 | one important fix (URI injection parameter '*' now can go anywhere) | 2011-02-04 12:43:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c19d481bb1 | little clean up | 2011-02-04 12:25:14 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 27601babb4 | Minor adjustments to levels of boundaries | 2011-02-04 11:57:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c229efba05 | revert | 2011-02-04 11:33:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d211def899 | minor adjustment (accepting strange new looking uri formats) | 2011-02-04 10:55:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1af418d444 | huge bug fix | 2011-02-04 10:18:26 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 76ab14f20f | revert of r3203 | 2011-02-04 09:30:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e4933f0c92 | refactoring | 2011-02-03 23:25:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9a1a28c804 | adding comments to filtering function | 2011-02-03 23:09:08 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1aecbe6b08 | minor refactoring (now at the most basic level at least junky <script> and <style> tags are removed for the sake of better blind based detection) | 2011-02-03 22:59:26 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 78d696fd4f | i believe that this one should be the first level 1 boundary | 2011-02-03 21:27:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e5f54644f0 | minor "statistical" update | 2011-02-03 16:59:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 3bd6e538f8 | more appropriate | 2011-02-03 16:48:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 64f18724ad | new default UNION test(s) ranges | 2011-02-03 16:26:35 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 3a13fd87fd | new UNION column detection is going into wild | 2011-02-03 16:16:38 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b56a77e573 | removing obsolete switches (--threshold, --excl-reg, --excl-str) | 2011-02-03 15:55:19 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 253a8d0679 | Minor bug fix | 2011-02-03 15:24:36 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a8fea8e4a8 | fix for a bug noticed when using --keep-alive --threads on IIS/MSSQL | 2011-02-03 15:09:53 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | b3859824d9 | Updated MySQL/Linux 64-bit shared object | 2011-02-03 15:03:00 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | f8556063c7 | Updated MySQL/Linux 32-bit shared object | 2011-02-03 15:02:30 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 06bb369da5 | GCC 4.3 makes Linux/MySQL shared objects smaller | 2011-02-03 14:59:31 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 12090a86bc | Done with PostgreSQL/Linux 64bit shared objects too | 2011-02-03 14:53:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0edb4ee314 | minor fix | 2011-02-03 13:28:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4bb7ffcb3a | minor update | 2011-02-03 13:18:43 +00:00 |  |