| 
							
							
								 Miroslav Stampar | 73f33c1999 | bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped) | 2010-12-23 11:28:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5a0aef0f33 | fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server | 2010-12-23 09:53:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8fc60215ed | lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called. | 2010-12-22 19:12:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7c06dbffc3 | bug fix (AttributeError: 'unicode' object has no attribute 'sort') | 2010-12-22 18:55:50 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c1f2534e9a | More bug fixes to properly distinguish between full inband and single-entry inband sql injections | 2010-12-22 15:47:52 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | b3da473840 | Minor bug fix when --dbs has only one DB name | 2010-12-22 14:29:57 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c9ab8ae60e | Bug fix to properly identify if current user is DBA (--is-dba) on MySQL | 2010-12-22 14:06:01 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 250608660d | Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not) | 2010-12-22 13:41:36 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 5228f336da | Minor fix for ctrl+c during detection phase | 2010-12-22 13:15:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 08c88495d0 | removed that ugly hack | 2010-12-22 13:09:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8212b7b745 | bug fix | 2010-12-22 12:16:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c89021f0bb | some fixes | 2010-12-22 11:46:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5be9c04e44 | update regarding Sybase syntax | 2010-12-22 10:39:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5d25da5135 | better way to handle this one | 2010-12-22 00:51:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 306501363c | fuck, sorry, 0 was OK (STRCMP() returns 0 if the strings are the same) | 2010-12-22 00:41:38 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d6e6afd6f2 | minor fix ("To clarify a bit: STRCMP() is case-insensitive as of MySQL 4.0." - http://bugs.mysql.com/bug.php?id=2102) | 2010-12-22 00:38:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6f2ce15478 | minor refactoring | 2010-12-22 00:27:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | cb61401c18 | bug fix (http://dev.mysql.com/doc/refman/5.0/es/news-5-0-11.html - "Added support of where clause for queries with FROM DUAL") | 2010-12-22 00:20:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d974a966b8 | minor fix for end phase (Ctrl+C) | 2010-12-21 23:55:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fb75d0636b | minor update | 2010-12-21 23:42:59 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 39a13077c4 | minor bug fix | 2010-12-21 23:09:41 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 09479c85dc | minor bug fix | 2010-12-21 22:35:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f905adb7c1 | way better as there is no official release version for FOUND_ROWS() (it appears somewhere in alphas/betas of 4.0.x - i've stumbled upon one site with 4.0.22 and it didn't recognized FOUND_ROWS). | 2010-12-21 22:18:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7a525f28d4 | cosmetics | 2010-12-21 15:26:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b2e7f9484d | minor tuning (2 techniques MAX per value used) | 2010-12-21 15:24:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6c1133c4d4 | some code refactoring | 2010-12-21 15:13:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 466d61ee85 | minor fix | 2010-12-21 14:29:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 385e208f38 | code refactoring regarding standard output suppression and some threading issues | 2010-12-21 14:21:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0e68248f60 | minor update of heuristic check | 2010-12-21 12:56:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 16f1f4e13e | when doing dynamic checks there are cases when 404 can be raised (perfectly normal) | 2010-12-21 11:04:49 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | aca074b769 | Removed unused outdated code | 2010-12-21 10:49:52 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | ad6b528b33 | Bit more verbose comment | 2010-12-21 10:47:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6b37ddada4 | removed some blank trailing spaces (with extra/shutils/blanks.sh) | 2010-12-21 10:31:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 1a3f57e5fe | Cosmetics | 2010-12-21 09:23:00 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d554460aec | minor fix | 2010-12-21 01:09:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 116c141dfa | another fix | 2010-12-21 00:47:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 416755c0b7 | minor adjustments | 2010-12-21 00:25:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a876fcedfb | minor update | 2010-12-21 00:13:50 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8067365b93 | fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident') | 2010-12-20 23:47:53 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e10670d9ac | added end detection phase choice into Ctrl+C list | 2010-12-20 23:34:00 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 03b275ce33 | update | 2010-12-20 23:27:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 29001a4fce | minor update | 2010-12-20 23:21:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 518b3e094c | bug fix (http://dev.mysql.com/doc/refman/5.0/en/information-functions.html#function_found-rows) | 2010-12-20 23:00:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b34fe5c334 | no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout) | 2010-12-20 22:49:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8fd3e7ba1f | thread based data added | 2010-12-20 22:45:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c9e8aae8a2 | we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads) | 2010-12-20 19:34:41 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e09bc2406c | minor refactoring | 2010-12-20 19:24:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5852bad963 | some refactoring | 2010-12-20 18:56:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 36999a07c4 | some filtering | 2010-12-20 17:41:41 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 19d8733e9a | this is strictly for educational purposes | 2010-12-20 17:30:47 +00:00 |  |