Commit Graph

8040 Commits

Author SHA1 Message Date
Miroslav Stampar
5b7254af96 Minor patch 2016-10-06 22:27:29 +02:00
Miroslav Stampar
c83d417298 Fixes #2212 2016-10-05 23:02:20 +02:00
Miroslav Stampar
b42dc6e7a5 Update of Oracle and PostgreSQL system databases/schemas 2016-10-05 17:58:35 +02:00
Miroslav Stampar
8124fe391d Bug fix for using --search in combination with -D CD 2016-10-05 17:43:57 +02:00
Miroslav Stampar
833ca4b640 Minor refactoring 2016-10-05 17:41:02 +02:00
Miroslav Stampar
3b244858f8 Adding performance_schema as one more of MySQL's system database 2016-10-05 17:33:24 +02:00
Miroslav Stampar
6107696e25 Minor patch (--help should display basic help) 2016-10-05 17:01:58 +02:00
Miroslav Stampar
af1c9c7fb2 Related to the last commit 2016-10-04 23:48:09 +02:00
Miroslav Stampar
06b54ab134 Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems) 2016-10-04 23:43:00 +02:00
Miroslav Stampar
fee5c7bd7c Adding two new payloads and minor cosmetics 2016-10-04 23:39:18 +02:00
Miroslav Stampar
fb8afc6add Adding a new payload (Oracle boolean based on error response) 2016-10-04 22:12:00 +02:00
Miroslav Stampar
6c372a09bd Minor update 2016-10-04 11:55:16 +02:00
Miroslav Stampar
171cf6f54d Minor fine tuning for SQLi heuristic check 2016-10-04 11:32:06 +02:00
Miroslav Stampar
029bb5554d Minor cleanup of user-agents 2016-10-04 10:48:10 +02:00
Miroslav Stampar
c69cb79d66 Fixes #2208 2016-10-04 10:39:28 +02:00
Miroslav Stampar
dc8301689e Implementation for an Issue #2204 2016-10-02 11:13:40 +02:00
Miroslav Stampar
d8dd37510c Fixes #2202 2016-10-01 21:02:40 +02:00
Miroslav Stampar
d1680b04f3 Minor code consistency update 2016-09-29 21:26:47 +02:00
Miroslav Stampar
102d4b4119 Bug fix for uploading files in case of web subdirectories 2016-09-29 21:14:28 +02:00
Miroslav Stampar
b3b49b3492 Minor patch for --parse-errors 2016-09-29 18:07:00 +02:00
Miroslav Stampar
7a89433251 Minor patch 2016-09-29 18:02:20 +02:00
Miroslav Stampar
ced6711128 Playing a bit with logo 2016-09-29 15:59:28 +02:00
Miroslav Stampar
bdf76f8d4d Revisiting user-agents (newer versions of mainstream browsers) 2016-09-29 15:21:32 +02:00
Miroslav Stampar
571ae174bd Minor language update 2016-09-29 14:55:43 +02:00
Miroslav Stampar
332726356c Minor language update 2016-09-29 14:03:46 +02:00
Miroslav Stampar
4ea9d3b884 Replacing generic concatenation || with CONCAT (far better choice) 2016-09-29 13:35:16 +02:00
Miroslav Stampar
3409953538 Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows) 2016-09-29 12:59:51 +02:00
Miroslav Stampar
3b3ab072e6 Adding short option(s) for setting verbosity (e.g. -vvv) 2016-09-29 11:19:25 +02:00
Miroslav Stampar
fef407e09c Making HTTP requests up to 20% smaller (fine tuning the request headers) 2016-09-29 10:44:00 +02:00
Miroslav Stampar
5afccce3c6 Minor patch 2016-09-28 16:56:47 +02:00
Miroslav Stampar
e439095593 Bug fix for MySQL's --os-pwn 2016-09-28 15:39:34 +02:00
Miroslav Stampar
e77126e847 Removing obsolete functionality 2016-09-28 15:00:26 +02:00
Miroslav Stampar
3ef01f0e31 Minor update 2016-09-28 14:48:33 +02:00
Miroslav Stampar
d36b5c0a4b Adding time-based blind (heavy query) payloads for Informix (Issue #552) 2016-09-28 10:30:09 +02:00
Miroslav Stampar
e5a758bdf4 Fixes #2192 2016-09-28 09:55:14 +02:00
Miroslav Stampar
617509869d Minor patch for Informix --parse-errors 2016-09-27 14:58:10 +02:00
Miroslav Stampar
5079c42788 Adding Informix parameter replacement payloads (Issue #552) 2016-09-27 14:39:17 +02:00
Miroslav Stampar
bc7ab01066 Bug fix for generic parameter replacement (CASE) 2016-09-27 14:29:18 +02:00
Miroslav Stampar
212c1ec1f2 Couple of fixes and some testing stuff 2016-09-27 14:03:59 +02:00
Miroslav Stampar
381deb68ff Implementation for an Issue #2137 2016-09-27 13:26:11 +02:00
Miroslav Stampar
ba0facb5eb Removal of unused imports 2016-09-27 11:23:31 +02:00
Miroslav Stampar
7151df16f6 Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs) 2016-09-27 11:21:12 +02:00
Miroslav Stampar
8994bf2dba Further dealing with time-based SQLi (Issue #1973) 2016-09-27 10:32:22 +02:00
Miroslav Stampar
09617c8243 Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973 2016-09-27 10:20:36 +02:00
Miroslav Stampar
556b4d289e Minor cosmetic patch (removing multiple same content '...appears...' messages) 2016-09-26 17:02:40 +02:00
Miroslav Stampar
978f56ad10 One more commit for #552 (--passwords) 2016-09-26 16:38:03 +02:00
Miroslav Stampar
aa0b97b562 Support for Informix --roles/--privileges (Issue #552) 2016-09-26 14:20:04 +02:00
Miroslav Stampar
df645d7d3d Update for column types (Issue #552) 2016-09-23 18:03:31 +02:00
Miroslav Stampar
035137ef4e Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used) 2016-09-23 17:38:14 +02:00
Miroslav Stampar
484d9a4825 Implementation of --dump for Informix (Issue #552) 2016-09-23 17:21:48 +02:00