Miroslav Stampar
|
5477c9f7ba
|
Fix for an Issue #216
|
2012-10-24 22:59:46 +02:00 |
|
Miroslav Stampar
|
056be32ac1
|
Fix for Issue #213
|
2012-10-23 17:06:31 +02:00 |
|
Miroslav Stampar
|
f2bbf1ead9
|
Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)
|
2012-10-23 11:05:00 +02:00 |
|
Miroslav Stampar
|
5ff2e33c43
|
Minor fix
|
2012-10-23 10:54:26 +02:00 |
|
Miroslav Stampar
|
68d5faa287
|
Minor update
|
2012-10-23 10:46:17 +02:00 |
|
Miroslav Stampar
|
64b4586883
|
Minor update
|
2012-10-18 11:36:12 +02:00 |
|
Miroslav Stampar
|
1cb2ca4195
|
Minor update
|
2012-10-18 10:55:27 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
8b57e1fce6
|
Minor update for an Issue #203
|
2012-10-15 23:15:52 +02:00 |
|
Miroslav Stampar
|
048e720f69
|
Minor refactoring for an Issue #203
|
2012-10-15 17:55:57 +02:00 |
|
Miroslav Stampar
|
9aba690a60
|
Patch for an Issue #203
|
2012-10-15 16:23:41 +02:00 |
|
Miroslav Stampar
|
56832fe9c4
|
Better adjustTimeDelay() candidate algorithm
|
2012-10-11 14:23:53 +02:00 |
|
Miroslav Stampar
|
e61c4c22c9
|
Implementation for an Issue #200
|
2012-10-09 15:19:47 +02:00 |
|
Miroslav Stampar
|
8c5fb1b064
|
Minor update
|
2012-10-09 14:46:45 +02:00 |
|
Miroslav Stampar
|
d464678e10
|
Minor update for an Issue #49
|
2012-10-04 18:01:42 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
6bc5f44b20
|
Minor just in case update for an Issue #195 (safer behavior on forced charsets)
|
2012-09-25 15:09:07 +02:00 |
|
Miroslav Stampar
|
d175decdfc
|
Fix for an Issue #190
|
2012-09-22 20:59:40 +02:00 |
|
Miroslav Stampar
|
e4bc471f81
|
Fix for an Issue #173
|
2012-09-07 10:09:19 +02:00 |
|
Miroslav Stampar
|
2170e64ca5
|
Minor bug fix
|
2012-08-31 19:48:45 +02:00 |
|
Miroslav Stampar
|
7286d89cb6
|
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
|
2012-08-31 12:15:09 +02:00 |
|
Miroslav Stampar
|
a6d743ec4c
|
Minor console output fix (redundant newline has been displayed in case of rawInput)
|
2012-08-22 14:43:57 +02:00 |
|
Miroslav Stampar
|
8a5042b6a4
|
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)
|
2012-08-22 11:56:30 +02:00 |
|
Miroslav Stampar
|
ad59abe018
|
Cleaning leftover
|
2012-08-21 14:37:09 +02:00 |
|
Miroslav Stampar
|
1b86fffc6d
|
Fix for an Issue #157
|
2012-08-21 14:36:04 +02:00 |
|
Miroslav Stampar
|
d421f9a618
|
Fix for an Issue #157
|
2012-08-21 14:34:19 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
f358ab2e73
|
Implementation of an Issue #147
|
2012-08-15 16:37:18 +02:00 |
|
Miroslav Stampar
|
36b55cf209
|
Proper fix for an Issue #145
|
2012-08-14 22:28:42 +02:00 |
|
Miroslav Stampar
|
ab35ab4e2a
|
Fix for an Issue #145
|
2012-08-14 18:52:45 +02:00 |
|
Miroslav Stampar
|
432b567584
|
Fix for an Issue #141
|
2012-08-08 00:03:58 +02:00 |
|
Miroslav Stampar
|
31ceb0cb6c
|
Fix for an Issue #140
|
2012-08-07 10:57:29 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Miroslav Stampar
|
bdbe8ff9d9
|
Fix for an Issue #132
|
2012-07-30 22:39:45 +02:00 |
|
Miroslav Stampar
|
20a66567a3
|
Minor refactoring
|
2012-07-30 10:06:14 +02:00 |
|
Miroslav Stampar
|
3e9f1fe410
|
Minor style update
|
2012-07-26 12:13:16 +02:00 |
|
Miroslav Stampar
|
30f8d09651
|
Implementation for an Issue #70
|
2012-07-26 12:06:02 +02:00 |
|
Miroslav Stampar
|
231f0f76b5
|
Fix for an Issue #119
|
2012-07-26 00:49:51 +02:00 |
|
Miroslav Stampar
|
f8c9868cb6
|
Implementation for an Issue #118
|
2012-07-24 15:34:50 +02:00 |
|
Miroslav Stampar
|
42f518b2d6
|
Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized
|
2012-07-24 14:44:44 +02:00 |
|
Miroslav Stampar
|
b820975217
|
Improvement of decodeIntToUnicode()
|
2012-07-23 19:31:06 +02:00 |
|
Miroslav Stampar
|
1b6cb9442f
|
Fix for an Issue #114
|
2012-07-21 23:31:36 +02:00 |
|
Miroslav Stampar
|
dcf8a27f12
|
Implementation for an Issue #67
|
2012-07-18 14:24:10 +02:00 |
|
Miroslav Stampar
|
81d15e5051
|
Fix for an Issue #101
|
2012-07-17 00:19:33 +02:00 |
|
Miroslav Stampar
|
ffbbb10abb
|
Support for dotted identificator names
|
2012-07-16 23:13:21 +02:00 |
|
Miroslav Stampar
|
87ecf205cb
|
More work for Issue #66
|
2012-07-14 17:01:04 +02:00 |
|
Miroslav Stampar
|
c5ecc8b8db
|
Closing work on Issue #83
|
2012-07-13 11:23:21 +02:00 |
|
Miroslav Stampar
|
48f68bd076
|
First commit for Issue #83
|
2012-07-13 10:35:22 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Miroslav Stampar
|
569c9214bf
|
Adding support for boldifying important logging messages
|
2012-07-12 16:30:35 +02:00 |
|
Miroslav Stampar
|
8e18514e56
|
Minor refactoring for all that stickyness
|
2012-07-12 15:58:45 +02:00 |
|
Miroslav Stampar
|
fe61bdce75
|
Minor update
|
2012-07-12 15:25:26 +02:00 |
|
Miroslav Stampar
|
dbbca16c69
|
Minor renaming
|
2012-07-12 15:24:40 +02:00 |
|
Miroslav Stampar
|
9bc24cea6b
|
Dealing with kb.currentMessage issue
|
2012-07-12 15:23:35 +02:00 |
|
Miroslav Stampar
|
b320dc118d
|
Minor fix (recognizing if it's colorizing handler or not)
|
2012-07-12 14:55:54 +02:00 |
|
Bernardo Damele
|
4e64c1126d
|
restored bold on questions to users (calls from readInput()) - issue #77
|
2012-07-11 22:56:11 +01:00 |
|
Bernardo Damele
|
247f95e051
|
restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")
|
2012-07-11 22:48:27 +01:00 |
|
Miroslav Stampar
|
15ee5310d9
|
Adding traffic in and out to color_map
|
2012-07-11 20:42:18 +02:00 |
|
Miroslav Stampar
|
43cac2212b
|
Fix for a case when ColorizingStreamHandler is not used
|
2012-07-11 20:36:32 +02:00 |
|
Miroslav Stampar
|
72378d4f61
|
Some more refactoring
|
2012-07-11 20:29:48 +02:00 |
|
Miroslav Stampar
|
c6464b44be
|
Some more refactoring
|
2012-07-11 20:13:23 +02:00 |
|
Miroslav Stampar
|
d7926b8aac
|
Minor refactoring
|
2012-07-11 19:54:21 +02:00 |
|
Bernardo Damele
|
53ccd09ca4
|
now also readInput() uses colouring
|
2012-07-11 17:53:32 +01:00 |
|
Bernardo Damele
|
02ec25b4b8
|
code refactoring
|
2012-07-11 17:44:23 +01:00 |
|
Bernardo Damele
|
77b275f1a6
|
conf->kb
|
2012-07-11 17:32:12 +01:00 |
|
Bernardo Damele
|
1d2c87e24e
|
leftover
|
2012-07-11 17:22:01 +01:00 |
|
Bernardo Damele
|
fa2f6f9a39
|
colourize manually crafter "logging" messages
|
2012-07-11 16:48:30 +01:00 |
|
Bernardo Damele
|
eb7ffb8f91
|
setup for implementing logging colouring - issue #77
|
2012-07-10 02:54:37 +01:00 |
|
Bernardo Damele
|
a27f50ed1d
|
added conf.unescape global variable to control whether or not the injected statements should be unescaped
|
2012-07-10 01:37:16 +01:00 |
|
Bernardo Damele
|
f645ac6040
|
dealing with variables in SQL procs - issue #33
|
2012-07-10 01:05:03 +01:00 |
|
Bernardo Damele
|
2527554f8e
|
more work on #33
|
2012-07-10 00:53:07 +01:00 |
|
Bernardo Damele
|
d3da3f5c52
|
refactoring for issue #51
|
2012-07-10 00:19:32 +01:00 |
|
Miroslav Stampar
|
0d539a876d
|
Minor fix (subversion->github)
|
2012-07-07 23:49:34 +02:00 |
|
Miroslav Stampar
|
e948e4d45b
|
Some more refactoring
|
2012-07-06 17:18:22 +02:00 |
|
Miroslav Stampar
|
438a636973
|
Fix for issue Issue #60
|
2012-07-06 15:36:32 +02:00 |
|
Miroslav Stampar
|
c3c1b9e957
|
Minor restyling
|
2012-07-04 20:28:18 +02:00 |
|
Miroslav Stampar
|
40fc6488bf
|
Fix for Issue #56 (Google has changed few things for retrieving PR)
|
2012-07-03 21:00:18 +02:00 |
|
Miroslav Stampar
|
481b46a004
|
Restyling output for Issue #52
|
2012-07-03 13:06:52 +02:00 |
|
Miroslav Stampar
|
8eefe4b71f
|
Getting back revision number - displayed like in GitHub commits (Issue #52)
|
2012-07-02 13:01:20 +02:00 |
|
Miroslav Stampar
|
d7cd55fb28
|
Fix for Issue #47
|
2012-07-01 11:05:04 +02:00 |
|
Miroslav Stampar
|
21d9ae0a2c
|
some more refactoring
|
2012-07-01 01:19:54 +02:00 |
|
Miroslav Stampar
|
f6509db31a
|
minor refactoring
|
2012-07-01 00:33:19 +02:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
ec44e88db8
|
lots of refactoring regarding removal of already obsolete session file mechanism
|
2012-06-21 10:09:10 +00:00 |
|
Miroslav Stampar
|
302d782a0f
|
minor style update
|
2012-06-19 08:33:51 +00:00 |
|
Miroslav Stampar
|
06be7bbb18
|
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
|
2012-06-15 20:41:53 +00:00 |
|
Miroslav Stampar
|
d2dd47fb23
|
some more refactoring
|
2012-06-14 13:52:56 +00:00 |
|
Miroslav Stampar
|
3a90105fbb
|
minor refactoring
|
2012-06-14 13:38:53 +00:00 |
|
Miroslav Stampar
|
a51d8c4c79
|
replacing identifier safe char " with [] enclosing for MsSQL
|
2012-06-13 15:27:42 +00:00 |
|
Miroslav Stampar
|
367de838c1
|
minor update
|
2012-06-13 14:08:32 +00:00 |
|
Miroslav Stampar
|
db526bdbc0
|
minor update (tainted values are not checked any more in multipleTargets mode)
|
2012-05-25 09:52:17 +00:00 |
|
Miroslav Stampar
|
86fdad2bfa
|
minor update
|
2012-05-24 22:07:50 +00:00 |
|
Miroslav Stampar
|
eed8d7eb5d
|
finalizing support for IPv6
|
2012-05-24 21:55:57 +00:00 |
|
Miroslav Stampar
|
b6d37d766a
|
minor update regarding IPv6 support
|
2012-05-24 21:49:20 +00:00 |
|
Miroslav Stampar
|
92286104e3
|
minor just in case update
|
2012-05-24 21:39:10 +00:00 |
|
Miroslav Stampar
|
3e9c57d177
|
minor fix
|
2012-05-24 21:36:35 +00:00 |
|
Miroslav Stampar
|
be76928293
|
minor fix
|
2012-05-24 20:53:01 +00:00 |
|
Miroslav Stampar
|
bbfa4b6d5d
|
minor update
|
2012-05-14 14:38:16 +00:00 |
|
Miroslav Stampar
|
333f8057a5
|
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
|
2012-05-14 14:06:43 +00:00 |
|
Miroslav Stampar
|
b81fe42d4b
|
turning off null connection on -o when --tor used (not compatible)
|
2012-05-10 17:50:54 +00:00 |
|
Miroslav Stampar
|
efdd86ddcc
|
minor just in case patch
|
2012-05-10 14:22:34 +00:00 |
|
Miroslav Stampar
|
1418ae9767
|
little refactoring of parseUnionPage together with a patch for some special case
|
2012-05-09 18:47:40 +00:00 |
|
Miroslav Stampar
|
96299d3d5d
|
minor refactoring
|
2012-05-03 22:34:18 +00:00 |
|
Miroslav Stampar
|
efd27d7ade
|
minor renaming
|
2012-04-17 08:41:19 +00:00 |
|
Miroslav Stampar
|
c7422546e1
|
tiny update
|
2012-04-11 23:01:38 +00:00 |
|
Miroslav Stampar
|
2bad73a981
|
minor update
|
2012-04-11 21:48:44 +00:00 |
|
Miroslav Stampar
|
e195de2093
|
correcting comment on reflective removal function
|
2012-04-11 21:41:48 +00:00 |
|
Miroslav Stampar
|
b45ae10da4
|
minor fixes
|
2012-04-11 21:36:37 +00:00 |
|
Miroslav Stampar
|
627bfc589f
|
some more updates in reflective removal mechanism
|
2012-04-11 21:26:00 +00:00 |
|
Miroslav Stampar
|
8b130f6497
|
minor improvement for reflective values (when missing first part of payload like in error reports)
|
2012-04-11 15:01:28 +00:00 |
|
Miroslav Stampar
|
01bd5d0ab2
|
some more updates for reflective mechanism
|
2012-04-11 10:41:33 +00:00 |
|
Miroslav Stampar
|
2e92d8636e
|
improvement of reflective mechanism
|
2012-04-11 08:58:03 +00:00 |
|
Miroslav Stampar
|
60ca44e0cf
|
minor adjustment
|
2012-04-11 08:35:09 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
1b2cd44255
|
proper fix
|
2012-04-04 10:35:52 +00:00 |
|
Miroslav Stampar
|
7031ef8e00
|
removing default values for referer and host from higher level/risk options
|
2012-04-04 10:34:27 +00:00 |
|
Miroslav Stampar
|
b0787f193c
|
getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)
|
2012-04-03 14:34:15 +00:00 |
|
Miroslav Stampar
|
33bb9c5f19
|
much cleaner approach in that "flat" representation of retrieved items in union technique
|
2012-04-03 13:56:11 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
2c28423cb8
|
minor update
|
2012-04-02 14:57:15 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
1e01203562
|
few just in case "patches"
|
2012-04-02 12:58:10 +00:00 |
|
Miroslav Stampar
|
abffc39929
|
minor update regarding DNS data retrieval task
|
2012-04-02 12:22:40 +00:00 |
|
Miroslav Stampar
|
8be9cd4ac4
|
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
|
2012-03-31 10:22:50 +00:00 |
|
Miroslav Stampar
|
79c3d6f2aa
|
minor update
|
2012-03-30 10:37:46 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
772ead8d03
|
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
|
2012-03-29 12:44:20 +00:00 |
|
Miroslav Stampar
|
9433bbe26d
|
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
|
2012-03-28 19:27:12 +00:00 |
|
Miroslav Stampar
|
7fd64df167
|
minor code cleaning
|
2012-03-28 13:31:07 +00:00 |
|
Miroslav Stampar
|
11132ba993
|
fix for a bug in reflection removal mechanism
|
2012-03-19 14:28:18 +00:00 |
|
Bernardo Damele
|
890bf708bc
|
Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)
|
2012-03-15 00:19:57 +00:00 |
|
Miroslav Stampar
|
61ad3b999a
|
fix for a crash with partial union and --hex
|
2012-03-14 10:31:24 +00:00 |
|
Miroslav Stampar
|
a7fbc55748
|
grammar fix
|
2012-03-13 22:03:23 +00:00 |
|
Miroslav Stampar
|
cda8815634
|
introducing safe deprecation mechanism for HashDB versioning
|
2012-03-12 22:55:57 +00:00 |
|
Miroslav Stampar
|
98a3e43f53
|
bug fix for writing raw pickled data into SQLite HashDB
|
2012-03-08 10:57:47 +00:00 |
|
Miroslav Stampar
|
cd28eb6544
|
minor update regarding --load-cookies
|
2012-03-08 10:19:34 +00:00 |
|
Miroslav Stampar
|
4cfea96471
|
minor update
|
2012-03-05 09:56:48 +00:00 |
|
Miroslav Stampar
|
37db27b720
|
turning back on automatic adjusting of delays in time based queries
|
2012-02-29 15:51:23 +00:00 |
|
Miroslav Stampar
|
0205d96d7b
|
minor fix
|
2012-02-29 15:38:01 +00:00 |
|
Miroslav Stampar
|
8b9c5c66cc
|
code refactoring regarding charsetType inside inference/bisection
|
2012-02-29 14:36:23 +00:00 |
|
Miroslav Stampar
|
f6f98f1b41
|
minor improvement
|
2012-02-29 14:19:59 +00:00 |
|
Miroslav Stampar
|
d06182347f
|
fixing few potential problems
|
2012-02-29 13:56:40 +00:00 |
|
Miroslav Stampar
|
5b67af3b20
|
minor update
|
2012-02-24 15:03:39 +00:00 |
|
Miroslav Stampar
|
8a203ef79d
|
making session data strictly dependent on url through HashDB helper functions
|
2012-02-24 14:58:24 +00:00 |
|
Miroslav Stampar
|
c36cbbb3ae
|
minor fix
|
2012-02-24 14:54:10 +00:00 |
|
Miroslav Stampar
|
9d6fd2e507
|
bug fix for --schema --technique=BST
|
2012-02-24 14:12:19 +00:00 |
|
Miroslav Stampar
|
f94b91ad87
|
added helper function for HashDB data storing/retrieval
|
2012-02-24 13:07:20 +00:00 |
|
Miroslav Stampar
|
b481c0352f
|
minor update
|
2012-02-24 11:25:56 +00:00 |
|
Miroslav Stampar
|
1f6ce265b9
|
minor fix
|
2012-02-24 11:05:04 +00:00 |
|
Miroslav Stampar
|
5afbd52b61
|
more update related to last commits
|
2012-02-24 10:57:23 +00:00 |
|
Miroslav Stampar
|
570d3a19c2
|
more general fix
|
2012-02-24 10:53:28 +00:00 |
|
Miroslav Stampar
|
e8352e504f
|
fixing problems with chars deletition by logging messages in inference mode
|
2012-02-24 10:48:19 +00:00 |
|
Miroslav Stampar
|
71028a81f5
|
fix for proper retrieval of columns in SQLite
|
2012-02-24 09:55:13 +00:00 |
|
Miroslav Stampar
|
7941504c3a
|
minor update
|
2012-02-23 15:32:36 +00:00 |
|
Miroslav Stampar
|
0478e4166a
|
minor justin case fix
|
2012-02-23 15:19:20 +00:00 |
|
Miroslav Stampar
|
6e54cb171f
|
minor code restyling
|
2012-02-22 15:53:36 +00:00 |
|
Miroslav Stampar
|
b3bd4144f5
|
removing of unused imports together with some general code refactoring
|
2012-02-22 10:40:11 +00:00 |
|
Miroslav Stampar
|
686eacda9a
|
minor update regarding --hex
|
2012-02-21 13:38:18 +00:00 |
|
Miroslav Stampar
|
bcf3255fe1
|
implementation of switch --hex for 4 major DBMSes
|
2012-02-21 11:44:48 +00:00 |
|
Miroslav Stampar
|
3e4db6d140
|
minor fix for Python v2.6
|
2012-02-20 19:35:57 +00:00 |
|
Miroslav Stampar
|
aee269cc14
|
gazillion changes, nothing will work, muhahaha
|
2012-02-17 14:22:48 +00:00 |
|
Miroslav Stampar
|
dcf7277a0f
|
some more refactorings
|
2012-02-16 14:42:28 +00:00 |
|
Miroslav Stampar
|
6632aa7308
|
some more refactoring
|
2012-02-16 13:46:01 +00:00 |
|
Miroslav Stampar
|
844fc8addb
|
minor cleanup
|
2012-02-16 10:19:36 +00:00 |
|
Miroslav Stampar
|
0e23521adc
|
some more refactoring
|
2012-02-16 09:54:29 +00:00 |
|
Miroslav Stampar
|
e1f86c97c4
|
minor refactoring
|
2012-02-16 09:46:41 +00:00 |
|
Miroslav Stampar
|
bcf9fc6c6f
|
minor refactoring
|
2012-02-16 09:32:47 +00:00 |
|
Miroslav Stampar
|
8d7912ad34
|
minor update and refactoring
|
2012-02-15 14:05:50 +00:00 |
|
Miroslav Stampar
|
bf923a97df
|
minor update
|
2012-02-15 13:45:10 +00:00 |
|
Miroslav Stampar
|
122db6e164
|
minor update
|
2012-02-15 13:24:02 +00:00 |
|
Miroslav Stampar
|
9059d30312
|
adding first code example for SPL snippets
|
2012-02-15 13:17:01 +00:00 |
|
Miroslav Stampar
|
23cc8b6974
|
minor fix for special cases when parameter value contains html encoded characters
|
2012-02-14 14:08:10 +00:00 |
|
Miroslav Stampar
|
bb5113980b
|
minor update
|
2012-02-14 10:27:56 +00:00 |
|
Miroslav Stampar
|
3f15c52188
|
minor change in workflow for "tainted" parameter values
|
2012-02-14 09:26:52 +00:00 |
|
Miroslav Stampar
|
b140ef4a14
|
minor update (preparing for switching to HashDB from old sessionFile)
|
2012-02-10 10:24:48 +00:00 |
|
Miroslav Stampar
|
980367b7b2
|
minor update
|
2012-02-09 09:48:47 +00:00 |
|
Miroslav Stampar
|
7e9e582eca
|
minor update
|
2012-02-08 14:23:57 +00:00 |
|
Miroslav Stampar
|
93d7d6c355
|
minor patch
|
2012-02-08 10:38:58 +00:00 |
|
Miroslav Stampar
|
6bedb80ffa
|
adding --force-ssl switch (most useful in combination with -r)
|
2012-02-08 09:11:57 +00:00 |
|
Miroslav Stampar
|
2b05ded9c3
|
just a makeup
|
2012-02-07 12:05:23 +00:00 |
|
Miroslav Stampar
|
b4f4a982e4
|
minor update
|
2012-02-07 11:37:54 +00:00 |
|
Miroslav Stampar
|
11af0b1bbc
|
minor fix
|
2012-02-07 11:16:03 +00:00 |
|
Miroslav Stampar
|
f7bf1fbe94
|
upgrade/fixes for direct DBMS access
|
2012-02-07 10:46:55 +00:00 |
|
Miroslav Stampar
|
8c45ff0d57
|
bug fix
|
2012-02-03 10:38:04 +00:00 |
|
Miroslav Stampar
|
f4e7bf1d51
|
minor update regarding support for Unicode characters in Oracle
|
2012-02-01 14:17:27 +00:00 |
|
Miroslav Stampar
|
2589521ecf
|
fix of a wrong assumption (e.g. decodeIntToUnicode(12345) has been returning a "09" instead of a single unicode character)
|
2012-02-01 10:38:43 +00:00 |
|
Miroslav Stampar
|
b2dad63000
|
some more refactoring
|
2012-01-13 22:00:34 +00:00 |
|
Miroslav Stampar
|
23117e72ca
|
minor improvement
|
2012-01-13 20:56:06 +00:00 |
|
Bernardo Damele
|
0043336620
|
Minor fix and removed leftover debug message
|
2012-01-13 17:04:59 +00:00 |
|
Bernardo Damele
|
b03f91437b
|
Minor code refactoring
|
2012-01-13 16:49:52 +00:00 |
|
Miroslav Stampar
|
04686b83e3
|
minor update
|
2012-01-13 11:16:26 +00:00 |
|
Miroslav Stampar
|
305371b7a9
|
minor update
|
2012-01-12 14:58:23 +00:00 |
|
Miroslav Stampar
|
95f89ab63a
|
updating copyright date
|
2012-01-11 14:59:46 +00:00 |
|
Miroslav Stampar
|
ff52931140
|
some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)
|
2012-01-07 19:30:35 +00:00 |
|
Miroslav Stampar
|
2b5e429dc2
|
one more level of defense against user himself
|
2012-01-07 17:16:14 +00:00 |
|
Miroslav Stampar
|
a675c88894
|
minor check added for invalid urls (e.g. deliberately too long)
|
2012-01-07 16:06:18 +00:00 |
|
Miroslav Stampar
|
13f2afbbc9
|
minor fix
|
2012-01-03 17:28:50 +00:00 |
|
Miroslav Stampar
|
29f502fe29
|
some refactoring
|
2011-12-28 16:27:17 +00:00 |
|
Miroslav Stampar
|
0a6334db22
|
minor speedup
|
2011-12-27 11:41:57 +00:00 |
|
Miroslav Stampar
|
366e86c560
|
minor "patch"
|
2011-12-26 14:08:25 +00:00 |
|
Miroslav Stampar
|
c20546dcaa
|
minor refactoring
|
2011-12-26 12:24:39 +00:00 |
|
Miroslav Stampar
|
087e29d272
|
minor update
|
2011-12-22 20:14:56 +00:00 |
|
Miroslav Stampar
|
8a7b0406c8
|
minor optimization
|
2011-12-22 20:08:28 +00:00 |
|
Miroslav Stampar
|
094129a656
|
minor optimization
|
2011-12-22 15:42:21 +00:00 |
|
Miroslav Stampar
|
f622995a29
|
compatibility with partial union and error technique resumed data
|
2011-12-22 12:20:21 +00:00 |
|
Miroslav Stampar
|
58a4a02b7e
|
minor fix
|
2011-12-22 11:56:42 +00:00 |
|
Miroslav Stampar
|
6f8d8a15aa
|
minor update
|
2011-12-22 11:55:02 +00:00 |
|
Miroslav Stampar
|
9f68e54fff
|
minor cleanup
|
2011-12-22 10:59:28 +00:00 |
|
Miroslav Stampar
|
aaa29d1f24
|
minor fix
|
2011-12-22 10:51:41 +00:00 |
|
Miroslav Stampar
|
4a1a0773b7
|
speedup of UNION dumping
|
2011-12-22 10:44:14 +00:00 |
|
Miroslav Stampar
|
1ae413a206
|
some refactoring/speedup around UNION technique
|
2011-12-22 10:32:21 +00:00 |
|
Miroslav Stampar
|
b77e2042f2
|
some optimization
|
2011-12-21 23:23:00 +00:00 |
|
Miroslav Stampar
|
526aacb640
|
code cleanup
|
2011-12-21 22:59:23 +00:00 |
|
Miroslav Stampar
|
41ccf88990
|
some more refactoring
|
2011-12-21 22:09:21 +00:00 |
|
Miroslav Stampar
|
0a039d84e0
|
some more refactoring
|
2011-12-21 19:40:42 +00:00 |
|
Miroslav Stampar
|
81bd9a201b
|
minor refactoring
|
2011-12-21 11:50:49 +00:00 |
|
Miroslav Stampar
|
113ebf5e9d
|
minor update
|
2011-12-20 16:08:17 +00:00 |
|
Miroslav Stampar
|
8bfff4a28e
|
minor update
|
2011-12-20 15:01:27 +00:00 |
|
Miroslav Stampar
|
95cd9e2af3
|
adding support for scanning Host header values (-p host)
|
2011-12-20 12:52:41 +00:00 |
|
Miroslav Stampar
|
dcf842692b
|
minor fix
|
2011-12-16 12:34:26 +00:00 |
|
Miroslav Stampar
|
8793fbc9f5
|
minor update
|
2011-12-14 12:59:25 +00:00 |
|
Miroslav Stampar
|
1fd1ec22a1
|
minor fix
|
2011-12-14 12:03:21 +00:00 |
|
Miroslav Stampar
|
73a500833d
|
minor bug fix
|
2011-12-12 14:38:06 +00:00 |
|
Miroslav Stampar
|
25cde9e2c7
|
minor fixes
|
2011-12-12 09:45:40 +00:00 |
|
Miroslav Stampar
|
f1dfa5c860
|
minor update
|
2011-11-30 17:44:34 +00:00 |
|
Miroslav Stampar
|
71c46f50aa
|
adding option --csv-del
|
2011-11-30 17:39:41 +00:00 |
|
Miroslav Stampar
|
02bd9a54f3
|
minor update
|
2011-11-30 17:19:21 +00:00 |
|
Miroslav Stampar
|
e94efff187
|
some more optimization
|
2011-11-22 09:00:00 +00:00 |
|
Miroslav Stampar
|
2ed3efba12
|
speed optimization and bug fix (kb.absFilePaths were not stored previously; also, they are now extracted only in heuristic phase)
|
2011-11-22 08:39:13 +00:00 |
|
Miroslav Stampar
|
493e436e16
|
minor update
|
2011-11-22 07:32:39 +00:00 |
|
Miroslav Stampar
|
e905ea2a54
|
minor bug fix
|
2011-11-22 07:07:52 +00:00 |
|
Miroslav Stampar
|
eee03871d7
|
minor refactoring
|
2011-11-21 21:31:08 +00:00 |
|
Miroslav Stampar
|
65b2b0ad87
|
adding switch --eval
|
2011-11-21 16:41:02 +00:00 |
|
Miroslav Stampar
|
7c1af97852
|
minor optimization
|
2011-11-20 19:38:56 +00:00 |
|
Miroslav Stampar
|
367627c331
|
minor fix for Python 2.6
|
2011-11-13 19:09:13 +00:00 |
|
Miroslav Stampar
|
76fb6ba666
|
minor update
|
2011-11-13 10:38:27 +00:00 |
|
Miroslav Stampar
|
ccbd93cc2e
|
fix for redirect/HOST header bug
|
2011-11-11 11:28:27 +00:00 |
|
Miroslav Stampar
|
24bda96d9e
|
adding items from John the Ripper's word list to the dictionary for Oracle cracking
|
2011-11-02 11:21:49 +00:00 |
|
Miroslav Stampar
|
6ec522e14b
|
removal of minor obsolete thingy
|
2011-11-02 10:41:12 +00:00 |
|
Miroslav Stampar
|
60cadf4747
|
better regex used
|
2011-10-29 10:31:52 +00:00 |
|
Miroslav Stampar
|
ef987c6954
|
adding compatibility support for using --crawl and --forms together
|
2011-10-29 09:32:20 +00:00 |
|
Miroslav Stampar
|
ddc4dfe5ff
|
minor refactoring for regarding --forms
|
2011-10-29 08:32:24 +00:00 |
|
Miroslav Stampar
|
666a7da12a
|
minor update
|
2011-10-28 11:28:21 +00:00 |
|
Miroslav Stampar
|
b83fe6113e
|
turning off time adjustment off (now is shown as a tip) because it seems that it never was actually used (payload always left the same)
|
2011-10-28 11:25:07 +00:00 |
|
Miroslav Stampar
|
3c31ccd16e
|
minor update
|
2011-10-26 22:37:04 +00:00 |
|
Miroslav Stampar
|
b07f165d60
|
quick fix
|
2011-10-24 18:11:34 +00:00 |
|
Miroslav Stampar
|
d39d36f7a7
|
minor language beautification
|
2011-10-23 23:27:56 +00:00 |
|
Miroslav Stampar
|
1dd3fae930
|
minor fix
|
2011-10-23 22:27:45 +00:00 |
|
Miroslav Stampar
|
5863429fc1
|
minor update
|
2011-10-23 21:17:45 +00:00 |
|