Commit Graph

1115 Commits

Author SHA1 Message Date
Miroslav Stampar
725c3a6a95 Minor update 2014-10-28 14:08:06 +01:00
Miroslav Stampar
3b3b8d4ef2 Potential bug fix (escaping formatted regular expressions) 2014-10-28 14:02:55 +01:00
Miroslav Stampar
19aed90ae5 Implementation for an Issue #874 2014-10-27 00:37:46 +01:00
Miroslav Stampar
7fc9e82d28 Minor style update 2014-10-23 11:44:38 +02:00
Miroslav Stampar
34aed7cde0 Bug fix (now it's possible to use multiple parsed requests without mixing associated headers) 2014-10-22 13:49:29 +02:00
Miroslav Stampar
70215a95a1 Patch for an Issue #847 2014-10-07 13:02:47 +02:00
Miroslav Stampar
2ab4558859 Potential fix for an Issue #846 2014-10-07 11:49:53 +02:00
Miroslav Stampar
ddfec1c668 Initial patch for an Issue #846 2014-10-07 11:34:47 +02:00
Miroslav Stampar
fdef53aa67 Minor update of unhandled exception message 2014-10-01 14:23:45 +02:00
Miroslav Stampar
8c9014c39f Adding a dummy (auxiliary) XSS check 2014-10-01 13:31:48 +02:00
Miroslav Stampar
5b0732e9f9 Minor update for Issue #832 2014-09-16 15:17:50 +02:00
Miroslav Stampar
45f5548113 Minor update regarding shell history file 2014-09-16 08:58:25 +02:00
Miroslav Stampar
637d3cbaf7 Fix for cases when parameter name is urlencoded 2014-09-12 13:29:30 +02:00
Miroslav Stampar
112a0cb1ae Patch for output directory (using unicode for international support) 2014-09-03 21:49:30 +02:00
Miroslav Stampar
e501b2a80b Minor patch 2014-08-30 20:58:59 +02:00
Miroslav Stampar
03c8e7b7a2 Patch for an Issue #810 2014-08-30 17:13:02 +02:00
Miroslav Stampar
fce671c899 Patch for an Issue #801 2014-08-28 00:00:16 +02:00
Miroslav Stampar
2a268199d4 Patch for an Issue #798 2014-08-26 23:11:44 +02:00
Miroslav Stampar
decd092b2a Minor patch 2014-08-26 22:40:50 +02:00
Miroslav Stampar
2be0ebd883 Minor fix (e.g. Oracle identifier names can contain character $) 2014-08-26 22:40:15 +02:00
Miroslav Stampar
77513e1de9 Minor style update 2014-08-21 01:19:10 +02:00
Miroslav Stampar
c5b71cff10 Some filtering 2014-08-21 01:12:44 +02:00
Miroslav Stampar
3cfdb5ff0f Removing / from auto directories (it doesn't make sense to auto-test for uploading to /) 2014-08-21 00:43:37 +02:00
Miroslav Stampar
cd92de1702 Adding colorful banner 2014-08-19 22:19:22 +02:00
Miroslav Stampar
0809a61fc3 Bug fix (whole page output as a result of partial union runs) 2014-08-13 15:18:11 +02:00
Miroslav Stampar
0a74ae736f Probable fix for an Issue #788 2014-08-13 14:01:57 +02:00
Miroslav Stampar
1eecabaea8 Patch for an Issue #746 2014-07-02 10:11:31 +02:00
Miroslav Stampar
54be398e83 Patch for an Issue #711 2014-06-04 16:35:07 +02:00
Miroslav Stampar
680ab10ca6 Patch for an Issue #703 2014-05-27 21:41:07 +02:00
Miroslav Stampar
24954776a5 Patch for an Issue #697 2014-05-20 22:00:26 +02:00
Miroslav Stampar
babe49f086 Minor update (added new warning message) 2014-05-20 17:14:40 +02:00
Miroslav Stampar
3a2916724c Minor style update 2014-05-11 17:12:15 +02:00
Miroslav Stampar
a72d73804e Revert of 9255174890 (bug was introduced with it) 2014-05-10 01:31:44 +02:00
Miroslav Stampar
8f0807d7f9 Another fix related to the last commit 2014-05-09 22:55:16 +02:00
Miroslav Stampar
5eae002084 Minor fix 2014-05-09 22:45:43 +02:00
Miroslav Stampar
9255174890 Minor fix 2014-05-09 22:39:56 +02:00
Miroslav Stampar
eb8e31c23f Adding a failsafe output directory 2014-04-27 22:40:41 +02:00
Miroslav Stampar
fd884ec67b Adding another comment 2014-04-12 17:22:47 +02:00
Miroslav Stampar
b5cca742e4 Adding a comment 2014-04-12 17:22:47 +02:00
Miroslav Stampar
7cc4159316 Renaming conf.cDel to conf.cookieDel 2014-04-06 16:50:58 +02:00
Miroslav Stampar
0ae8ac707e Renaming conf.pDel to conf.paramDel 2014-04-06 16:48:46 +02:00
Miroslav Stampar
76b9fad24a Fix for an Issue #656 2014-03-30 16:21:18 +02:00
Miroslav Stampar
d7f0da5599 Minor patch for an Issue #646 2014-03-20 13:08:28 +01:00
Miroslav Stampar
17742df0fa Update for an Issue #636 (to prevent eventual future reports with lack of stack trace) 2014-03-11 21:18:31 +01:00
Miroslav Stampar
291a0d772a Update for an Issue #615 2014-02-27 14:23:14 +01:00
Miroslav Stampar
534c2ee0e6 Minor update 2014-02-01 22:12:00 +01:00
Bernardo Damele
dfa9076a70 fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d) 2014-01-13 17:12:37 +00:00
Miroslav Stampar
02de2aee6d Patch for an Issue #582 2013-12-26 22:27:04 +01:00
Miroslav Stampar
2c2667b2be Minor patch for an Issue #575 2013-12-18 00:56:24 +01:00
Miroslav Stampar
5b2ded0b18 Fix for an Issue #577 2013-12-13 21:00:26 +01:00
Miroslav Stampar
437278e32d Fix for an Issue #580 2013-12-13 19:48:05 +01:00
Miroslav Stampar
bf3fbb0ae0 Ignore Google analytics cookies 2013-12-04 09:56:37 +01:00
Miroslav Stampar
3c67ba08c5 Minor fix 2013-11-12 14:53:05 +01:00
Miroslav Stampar
d84ddf23bd Replacing os.sep constructs with os.path.join 2013-11-12 14:08:41 +01:00
Miroslav Stampar
48bd2e75e9 Minor patch 2013-10-28 13:59:38 +01:00
Miroslav Stampar
7ed05f01b3 Minor update 2013-10-27 00:24:57 +02:00
Miroslav Stampar
9e975210ac Implementation for an Issue #515 2013-08-30 10:22:43 +02:00
Miroslav Stampar
28eca2116f Fix for an Issue #513 2013-08-27 13:55:38 +02:00
Miroslav Stampar
bc19f40d09 Minor update 2013-08-22 10:44:21 +02:00
Miroslav Stampar
23f2c5f166 Finishing implementation for an Issue #58 2013-08-20 19:35:49 +02:00
Miroslav Stampar
1f2c8fbf59 Fix for an Issue #500 2013-08-13 20:40:36 +02:00
Miroslav Stampar
b2855e0281 Minor patch 2013-08-12 14:25:51 +02:00
Miroslav Stampar
a711c9ed36 Minor cleanup and initial work for #58 2013-08-09 14:13:48 +02:00
Miroslav Stampar
6b826ef64d Reintroducing option --cookie-del 2013-07-31 20:41:19 +02:00
Miroslav Stampar
eaacbe0b12 Minor language fix 2013-07-31 09:24:34 +02:00
Miroslav Stampar
4f58e0af0c Minor fix 2013-07-31 08:45:04 +02:00
stamparm
8d3435ab0b Removing reflective warning for parsing heuristic test 2013-07-08 11:48:33 +02:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651 Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
Meatballs
4595b2c287 decodeHexValue 2013-06-24 23:45:39 +01:00
Miroslav Stampar
0355e29b7c Minor fix (NoneType has no attribute split) 2013-06-24 14:49:53 +02:00
Miroslav Stampar
3583f45ee7 Fix for an Issue #461 2013-06-10 11:44:56 +02:00
Miroslav Stampar
c1592e8508 Code refactoring (moving import ctypes to be used only when needed) 2013-06-04 22:23:44 +02:00
Miroslav Stampar
351c70b390 Locale module screws string.letters, etc. in some cases (e.g. IDLE run) 2013-06-01 14:06:58 +02:00
Miroslav Stampar
ed8f16e754 Minor update on user's request 2013-05-30 12:01:13 +02:00
Miroslav Stampar
793a8ad349 Minor fix 2013-05-30 11:38:24 +02:00
stamparm
c3038fcb65 Minor cosmetic update 2013-05-29 15:46:59 +02:00
stamparm
dfd6ee20bb Patch for an Issue #454 2013-05-29 15:26:11 +02:00
stamparm
60df3e9d1e Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access) 2013-05-29 15:04:14 +02:00
Miroslav Stampar
e7ddc2fcab Minor fix 2013-05-23 12:57:33 +04:00
Miroslav Stampar
b2b3b3b5a6 Minor bug fix (level names not properly used in non-logger output) 2013-05-18 16:44:21 +02:00
stamparm
936815128d Minor fix 2013-05-13 13:42:43 +02:00
Miroslav Stampar
034e123b0c Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent) 2013-05-12 16:24:13 +02:00
stamparm
fc57b7565d Implementation for an Issue #432 2013-05-09 14:26:29 +02:00
stamparm
0d92145fc6 Minor bug fix 2013-04-19 15:40:25 +02:00
stamparm
0cb3ce5765 Bug fix (maybe it will have repercusions in future as this was a silent bug) 2013-04-19 10:10:06 +02:00
stamparm
2defc30dc6 From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML) 2013-04-17 11:12:15 +02:00
stamparm
aed738d6e6 Update for an Issue #361 2013-04-15 14:20:21 +02:00
stamparm
a9a0d1a3f9 Minor update 2013-04-15 11:56:19 +02:00
stamparm
10fbeaed7b Code refactoring 2013-04-15 11:49:11 +02:00
stamparm
349f885f08 Minor patch 2013-04-15 11:41:53 +02:00
Miroslav Stampar
b6fee638ef Neutralizing time of cookie expiration (in case of --load-cookies) 2013-04-14 01:13:08 +02:00
stamparm
8c9da95343 Style and consistency update (url -> URL) 2013-04-09 11:48:42 +02:00
Miroslav Stampar
50ac3aab7a Minor patch 2013-04-06 01:56:24 +02:00
Miroslav Stampar
76a0d20799 Minor patch 2013-04-01 22:18:41 +02:00
stamparm
7447773237 Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
Miroslav Stampar
4cb378ce3e Another update for an Issue #352 and couple of fixes 2013-03-13 21:57:09 +01:00
Miroslav Stampar
b35122a42c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-03-13 19:52:17 +01:00
Miroslav Stampar
eb08c8d752 Another update for an Issue #352 2013-03-13 19:42:22 +01:00
Bernardo Damele
dea62189b2 fixes #420 2013-03-12 22:16:42 +00:00
Miroslav Stampar
65306f1ac1 Update for an Issue #352 2013-03-12 20:10:32 +01:00
Miroslav Stampar
db0a1e58b9 Update for an Issue #352 2013-03-11 14:58:05 +01:00
Miroslav Stampar
d6fc10092f Minor refactoring 2013-03-11 13:31:50 +01:00
Miroslav Stampar
1e731f87a4 Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request) 2013-03-09 19:33:04 +01:00
stamparm
6fbd902265 Minor refactoring (Issue #411) 2013-02-25 10:44:04 +01:00
stamparm
ad471368f5 Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a 2013-02-22 11:42:09 +01:00
stamparm
44a46d2b10 Fix for an Issue #409 2013-02-22 10:18:22 +01:00
stamparm
6b2981ef4e Update for an Issue #290 (adding tamper-like scripts into (new) directory waf) 2013-02-21 11:14:57 +01:00
Miroslav Stampar
7f293afe74 Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b) 2013-02-18 15:18:53 +01:00
Miroslav Stampar
9b5f33560b Oracle is too specific (only column names can be enclosed) - removing it 2013-02-15 17:36:58 +01:00
Miroslav Stampar
bf82506c1b Oracle can't enclose table names with double quotations 2013-02-15 17:36:58 +01:00
Miroslav Stampar
1b3d749488 Proper fix related to the last commit/revert 2013-02-15 17:36:58 +01:00
Miroslav Stampar
5a793cbc7c Minor revert 2013-02-15 17:36:58 +01:00
Miroslav Stampar
799bd51c2e Minor fix when two readInput/dataToStdout are called one at a time 2013-02-15 17:36:58 +01:00
Bernardo Damele
b472d9809a another consistency fix to readInput() 2013-02-15 09:35:09 +00:00
Bernardo Damele
4727589135 code consistency 2013-02-15 00:17:13 +00:00
Bernardo Damele
d91530f885 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-14 17:16:55 +00:00
Bernardo Damele
52264f544e minor fix for Windows file paths, do not strip the windows drive letter 2013-02-14 17:16:49 +00:00
Miroslav Stampar
fdf00e4842 Fix for an Issue #397 2013-02-14 17:14:36 +01:00
Miroslav Stampar
6c0054bc5f Putting that ugly parameter xyz is not inside the Cookie into the debug messages 2013-02-14 15:38:44 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Miroslav Stampar
0a4605644e Minor fix for previous commit 2013-02-13 16:31:03 +01:00
Miroslav Stampar
2b121c938b Minor fix 2013-02-13 16:24:21 +01:00
Miroslav Stampar
965fa04a33 Trivial update 2013-02-13 12:28:51 +01:00
Miroslav Stampar
dc41484b3f Refactoring of funcionality for finding out if stacking is available 2013-02-13 09:57:16 +01:00
Miroslav Stampar
c34f6e25b2 Minor fix for --eval (urldecoded values should be used inside evaluation) 2013-02-12 17:01:47 +01:00
Miroslav Stampar
212e92ea01 Minor update regarding --load-cookies (warning about expired ones) 2013-02-12 14:29:56 +01:00
Miroslav Stampar
c67b39d14d Update for a last update 2013-02-12 12:58:15 +01:00
Miroslav Stampar
72984a578d Update for --load-cookies 2013-02-12 12:42:12 +01:00
Miroslav Stampar
c75560ba69 Minor bug fix (getting ? in < 0xf char cases) 2013-02-11 21:16:35 +01:00
Bernardo Damele
07fe6d44fb unnecessary condition here 2013-02-07 14:18:52 +00:00
Bernardo Damele
b477c56b52 first steps to allow multiple scans on the same taskid - issue #297 2013-02-07 00:05:26 +00:00
Bernardo Damele
5c8335876f minor bug fix to make --disable-coloring work on log messages too 2013-02-06 21:04:54 +00:00
Miroslav Stampar
e836629215 Bug fixes for search (safeStringFormat should not replace all if given scalar values) 2013-02-05 11:37:49 +01:00
Miroslav Stampar
6cab3d4759 Minor update 2013-02-04 16:46:08 +01:00
Miroslav Stampar
7e1ff1bb8e Same refactoring as the last commit 2013-02-04 15:26:44 +01:00
Bernardo Damele
9370f96a67 step by step getting there to partial output presentation to restful API (issue #297), not quite yet though.. 2013-02-03 22:09:33 +00:00
Bernardo Damele
bd1ea13b8d Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-03 11:31:12 +00:00
Bernardo Damele
f8bc74758c improvement to restful API to store to IPC database partial entries, not yet functional (issue #297) 2013-02-03 11:31:05 +00:00
Miroslav Stampar
6d942f92b5 Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.)) 2013-02-01 10:03:06 +01:00
Miroslav Stampar
8d51b4b63a Minor bug fix 2013-01-31 16:24:44 +01:00
Miroslav Stampar
f391937083 Minor refactoring 2013-01-30 10:43:46 +01:00
Miroslav Stampar
d6fb0e8545 Update for an Issue #352 2013-01-30 10:38:11 +01:00
Miroslav Stampar
bd08ede117 Minor fine tuning 2013-01-29 21:06:02 +01:00
Miroslav Stampar
f41460f8d8 Better naming 2013-01-29 20:53:11 +01:00
Bernardo Damele
c47b44e93f Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-29 15:38:16 +00:00
Bernardo Damele
92ae8145df ignore any non-relevant string: avoid storing to the API, careful this can introduce bugs but it is necessary at this stage of development (issue #297) 2013-01-29 15:35:51 +00:00
Miroslav Stampar
a104de01d7 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-29 15:35:01 +01:00
Miroslav Stampar
7e73825ece Minor cosmetics 2013-01-29 15:34:41 +01:00