Commit Graph

228 Commits

Author SHA1 Message Date
Miroslav Stampar
a46b5230f5 minor "patch" 2011-07-11 20:33:16 +00:00
Bernardo Damele
86d28947aa updated 2011-07-11 10:07:36 +00:00
Miroslav Stampar
f5e45bf113 quick fix for a bug reported by jovon.itwaru@gmail.com 2011-07-11 08:54:39 +00:00
Miroslav Stampar
98958f8808 minor minor update 2011-07-10 15:41:45 +00:00
Miroslav Stampar
b3acaf85d8 minor update 2011-07-10 08:58:55 +00:00
Bernardo Damele
3985a81cb9 Update email addresses 2011-07-08 13:39:47 +00:00
Bernardo Damele
b5dd4d4a63 Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection 2011-07-08 10:19:01 +00:00
Bernardo Damele
736327c893 Added two tamper scripts contributed by Roberto Salgado 2011-07-07 18:45:07 +00:00
Bernardo Damele
23b4efdcaf Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too. 2011-07-06 21:04:45 +00:00
Bernardo Damele
36c96ef796 Added DB2 support - patch provided by Sebastian Bittig 2011-06-25 09:44:24 +00:00
Miroslav Stampar
f434c3b29e update of THANKS file 2011-06-24 19:06:08 +00:00
Miroslav Stampar
019f4d344a update of THANKS file 2011-06-21 21:03:50 +00:00
Miroslav Stampar
d9015ed800 fix for a bug reported by krasn@deventum.com 2011-06-20 13:25:19 +00:00
Miroslav Stampar
ca8a60dd7a update of doc/THANKS 2011-06-15 19:04:43 +00:00
Miroslav Stampar
60ecf95383 fix for a bug reported by seyi.akin@gmail.com 2011-06-14 08:40:25 +00:00
Miroslav Stampar
03d6031fe7 update of doc/THANKS file 2011-06-09 09:09:52 +00:00
Bernardo Damele
6d2c97d06f updated thanks file 2011-06-08 10:44:55 +00:00
Miroslav Stampar
75c12c5edb fix for a bug reported by cclements@flatearth.​net (TypeError: argument of type 'NoneType' is not iterable) 2011-06-07 21:46:49 +00:00
Miroslav Stampar
e7e23d1b79 fix for a Ctrl+C bug reported by nightman@email.de 2011-06-07 17:16:01 +00:00
Miroslav Stampar
24ed99e5a3 fix for a bug reported by aboynes@gmail.com 2011-06-06 08:50:48 +00:00
Miroslav Stampar
46ceb14f37 update of doc/THANKS 2011-05-26 13:49:42 +00:00
Miroslav Stampar
9077eadf23 update of doc/THANKS 2011-05-26 08:22:52 +00:00
Miroslav Stampar
0072c3af8e fix for a bug reported by aboynes@gmail.com (for elt in self.a) 2011-05-24 15:03:21 +00:00
Miroslav Stampar
2b12b18357 incorporating metasploit patch from oliver.kuckertz@mologie.de 2011-05-23 15:27:10 +00:00
Miroslav Stampar
d2221e4604 fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...) 2011-05-16 00:23:50 +00:00
Bernardo Damele
49b925772b Minor update 2011-05-10 10:56:06 +00:00
Bernardo Damele
6e784e766b Minor bug fix 2011-05-07 21:20:47 +00:00
Miroslav Stampar
845618934d update of doc/THANKS 2011-05-02 18:20:37 +00:00
Miroslav Stampar
900ee0ff93 fix for a major bug reported by k1971@live.co.uk (1..9 99..) 2011-05-01 15:47:00 +00:00
Bernardo Damele
ebe631ea57 doc update 2011-05-01 00:43:42 +00:00
Miroslav Stampar
41fc9f9d54 fix for an issue reported by andrew.gecse@upcmail.hu (unknown web page charset 'hungarian-iso-8859-2') 2011-04-30 22:41:54 +00:00
Bernardo Damele
2f2758b033 Long form contributor name 2011-04-30 14:51:06 +00:00
Bernardo Damele
d3ed3268c3 minor adjustments 2011-04-28 21:17:06 +00:00
Bernardo Damele
8e63e1b70d more people to thanks 2011-04-28 21:15:15 +00:00
Bernardo Damele
3e66dae103 as we don't use UPX anymore.. 2011-04-28 20:54:21 +00:00
Bernardo Damele
6d07dddf60 updated doc and minor layout adjustments 2011-04-21 21:53:35 +00:00
Miroslav Stampar
c6a0209649 update of THANKS file 2011-04-18 14:01:45 +00:00
Miroslav Stampar
ad53e3f551 update of doc/THANKS 2011-04-17 07:39:49 +00:00
Bernardo Damele
d462937a2e added a contributor 2011-04-14 12:42:09 +00:00
Miroslav Stampar
f435f37d71 update of THANKS file 2011-04-12 15:54:00 +00:00
Bernardo Damele
bac53eeef1 Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s) 2011-04-07 22:08:10 +00:00
Miroslav Stampar
b288e5ef57 implemented DNS caching mechanism 2011-04-07 21:39:18 +00:00
Miroslav Stampar
e27afef6be minor update regarding --current-db on Oracle 2011-04-01 15:56:11 +00:00
Miroslav Stampar
08d052d9b8 minor update of THANKS file 2011-03-27 13:45:19 +00:00
Miroslav Stampar
d2eb4c6a39 update of THANKS file 2011-03-26 21:48:36 +00:00
Miroslav Stampar
0bb08d09d2 fix for a bug reported by Kirill (value is None in attack table phase) and minor fix for loading request file 2011-03-24 08:43:40 +00:00
Miroslav Stampar
bd75fd26e9 implementing a --page-rank switch as requested by l0rda@l0rda.biz 2011-03-23 11:57:57 +00:00
Miroslav Stampar
cbfb10cbd1 fix of a minor bug reported by syssecurity7@googlemail.com (missing iso-8858...) 2011-03-21 16:43:46 +00:00
Miroslav Stampar
7b1021d100 minor update of THANKS file 2011-03-21 13:18:00 +00:00
Miroslav Stampar
f8a2cf0497 minor THANKS update 2011-03-21 09:53:34 +00:00
Bernardo Damele
f7c1b7dc5f Updated 2011-03-21 00:39:54 +00:00
Miroslav Stampar
36233fac42 update regarding a feature request from andyroyalbattle@yahoo.it 2011-03-18 16:35:30 +00:00
Miroslav Stampar
1879a49506 fix for a bug reported by andreoaz@gmail.com 2011-03-10 20:40:12 +00:00
Miroslav Stampar
8e7c3b4666 update of THANKS file 2011-03-07 21:29:06 +00:00
Bernardo Damele
da6a87af43 update 2011-02-28 16:59:39 +00:00
Bernardo Damele
1bc2ee2fbf Updated 2011-02-06 15:44:27 +00:00
Miroslav Stampar
412a97b7fe fix for a bug reported by ahmed@isecur1ty.org (TypeError: unsupported operand type(s) for -: 'float' and 'NoneType') 2011-02-05 14:17:28 +00:00
Miroslav Stampar
1e8eb27156 update of doc/THANKS 2011-02-04 14:07:54 +00:00
Miroslav Stampar
af99105c27 lol. sybase and maxdb were just ignored while fingerprinted because they weren't in dbmsDict screwing half of dbms related functions (most notably aliasToDbmsEnum) 2011-02-01 22:45:38 +00:00
Bernardo Damele
9fc0bedea8 Minor bug fixes 2011-01-30 21:01:57 +00:00
Miroslav Stampar
81722b6881 major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values) 2011-01-27 18:36:28 +00:00
Miroslav Stampar
3bb4ea2c7a THANKS update 2011-01-25 22:29:36 +00:00
Miroslav Stampar
cab86871fe fix for a bug reported by mhackmail@gmail.com (local variable 'code' referenced before assignment) 2011-01-25 11:02:41 +00:00
Bernardo Damele
ceca64193b Updated 2011-01-24 14:46:41 +00:00
Bernardo Damele
c1f6bf2eda Updated 2011-01-18 23:14:35 +00:00
Miroslav Stampar
bdcb10cdab added MSSQL time based vector 2011-01-18 02:05:18 +00:00
Miroslav Stampar
a835f233ac fix for a bug reported by buawig@gmail.com (AttributeError: 'module' object has no attribute 'set_completer') 2011-01-17 00:17:31 +00:00
Bernardo Damele
f209b7a65e Updated 2011-01-14 09:56:55 +00:00
Miroslav Stampar
a8d660db54 fixes for bugs reported by pragmatk@gmail.com 2011-01-06 16:59:58 +00:00
Miroslav Stampar
1297df66da fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) 2011-01-06 08:04:59 +00:00
Miroslav Stampar
aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) 2011-01-04 15:49:20 +00:00
Miroslav Stampar
08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) 2011-01-03 22:02:58 +00:00
Miroslav Stampar
8067365b93 fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident') 2010-12-20 23:47:53 +00:00
Miroslav Stampar
e3fa3b0e8e fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint') 2010-12-17 07:48:32 +00:00
Miroslav Stampar
5aee1fd8e0 updated THANKS file 2010-12-08 21:19:46 +00:00
Bernardo Damele
ad17e9ed2a Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any) 2010-11-19 14:56:20 +00:00
Bernardo Damele
17486e472a Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! 2010-11-17 22:00:09 +00:00
Bernardo Damele
360aff7a4d sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle 2010-11-17 17:20:32 +00:00
Bernardo Damele
5e41cd07a3 Updated doc 2010-11-13 23:31:18 +00:00
Bernardo Damele
306e96331d Updated doc 2010-11-12 10:00:49 +00:00
Bernardo Damele
0c8918bf07 Minor bug fix, thanks Alex 2010-11-08 12:45:23 +00:00
Miroslav Stampar
14e9425673 update of doc/THANKS 2010-11-05 16:09:30 +00:00
Miroslav Stampar
7d12dbff41 update of THANKS 2010-11-05 11:36:43 +00:00
Miroslav Stampar
71d0b1bcd7 several bug fixes 2010-11-03 21:51:36 +00:00
Miroslav Stampar
861706fb31 fix for bug reported by ToR (unknown charset 'utf-8, text/html') 2010-11-02 18:01:10 +00:00
Miroslav Stampar
73b33ed765 fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic 2010-11-01 20:56:13 +00:00
Miroslav Stampar
d75578c81f some update regarding common tables 2010-10-29 09:00:51 +00:00
Bernardo Damele
ed1f2da43f Updated 2010-10-27 21:05:58 +00:00
Bernardo Damele
7715ba778b Updated 2010-10-27 14:41:03 +00:00
Bernardo Damele
4ab3edfc94 Updated 2010-10-25 23:40:19 +00:00
Miroslav Stampar
c7578d4ea1 update of THANKS 2010-10-25 16:07:03 +00:00
Miroslav Stampar
aa931efd4d several MySQL fixes/enhancements pointed out by Anton Mogilin 2010-10-24 22:05:14 +00:00
Miroslav Stampar
c5fb4edf3e update of THANKS 2010-10-23 09:25:34 +00:00
Miroslav Stampar
a8e42a4f2b bug fix 2010-10-23 06:42:21 +00:00
Bernardo Damele
22ed09a358 Updated 2010-10-20 21:52:33 +00:00
Miroslav Stampar
5c3d21065a bug fix (reported by nightman) 2010-10-16 21:29:35 +00:00
Miroslav Stampar
2b60304933 update 2010-10-16 21:19:44 +00:00
Bernardo Damele
bd3a791f23 Updated documentation 2010-10-15 10:29:53 +00:00
Miroslav Stampar
2198a60684 bug fix (reported by james@ev6.net) 2010-10-10 20:51:11 +00:00
Miroslav Stampar
0ad8090ad8 fix for a google bug reported by Brandon E. 2010-10-01 08:03:39 +00:00