Miroslav Stampar
|
e4fd8b3f0c
|
(e) finally works as it should
|
2011-01-01 19:22:44 +00:00 |
|
Miroslav Stampar
|
0e815177c8
|
minor update
|
2011-01-01 19:07:40 +00:00 |
|
Miroslav Stampar
|
ef27fd5ea1
|
there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html)
|
2011-01-01 15:20:29 +00:00 |
|
Miroslav Stampar
|
15e6911fd8
|
fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')
|
2011-01-01 12:23:02 +00:00 |
|
Miroslav Stampar
|
91f665aaaa
|
bug fix for Ctrl+C
|
2010-12-31 15:00:19 +00:00 |
|
Miroslav Stampar
|
5db8ebbfa9
|
update of mysql comment versions
|
2010-12-31 12:42:12 +00:00 |
|
Miroslav Stampar
|
281d124fa6
|
minor bug fix
|
2010-12-31 12:04:39 +00:00 |
|
Miroslav Stampar
|
613242e298
|
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved)
|
2010-12-29 19:48:19 +00:00 |
|
Miroslav Stampar
|
8f32c740ff
|
code refactoring
|
2010-12-29 19:39:32 +00:00 |
|
Miroslav Stampar
|
6700cabc36
|
minor optimization
|
2010-12-29 19:01:29 +00:00 |
|
Miroslav Stampar
|
d1f5c1d7b7
|
now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering
|
2010-12-29 15:10:42 +00:00 |
|
Miroslav Stampar
|
79e97824ef
|
adding user names to the attack dictionary
|
2010-12-29 00:37:53 +00:00 |
|
Miroslav Stampar
|
93838fb155
|
"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)
|
2010-12-28 14:40:34 +00:00 |
|
Miroslav Stampar
|
c0423761e8
|
minor update
|
2010-12-27 18:27:42 +00:00 |
|
Miroslav Stampar
|
c8f8dbf0a7
|
minor update
|
2010-12-27 15:39:27 +00:00 |
|
Miroslav Stampar
|
9fb0e0fc85
|
resume of brute forced data is now available
|
2010-12-27 14:17:20 +00:00 |
|
Miroslav Stampar
|
c7a160bf72
|
minor update (users want this to see)
|
2010-12-27 12:00:54 +00:00 |
|
Miroslav Stampar
|
51a492e17d
|
pretty important commit (now dumped tables are prone to dictionary attack)
|
2010-12-27 10:56:28 +00:00 |
|
Miroslav Stampar
|
269d6bde24
|
this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion)
|
2010-12-27 00:14:29 +00:00 |
|
Miroslav Stampar
|
89c2640d23
|
basic --search now works with MS Access
|
2010-12-26 23:50:16 +00:00 |
|
Miroslav Stampar
|
f2373121d0
|
noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more)
|
2010-12-26 14:36:51 +00:00 |
|
Miroslav Stampar
|
ceeb6374e8
|
bug fix (TypeError: object of type 'NoneType' has no len())
|
2010-12-26 13:27:24 +00:00 |
|
Miroslav Stampar
|
569e060aab
|
important improvement
|
2010-12-26 13:20:52 +00:00 |
|
Miroslav Stampar
|
a555d1ad68
|
minor improvement
|
2010-12-26 11:15:02 +00:00 |
|
Miroslav Stampar
|
320a6f9efb
|
minor minor update
|
2010-12-26 09:55:33 +00:00 |
|
Miroslav Stampar
|
17d74fc83c
|
cosmeticado
|
2010-12-26 09:53:40 +00:00 |
|
Miroslav Stampar
|
cd337d9f39
|
minor fix
|
2010-12-26 09:46:09 +00:00 |
|
Miroslav Stampar
|
eaf4b93856
|
minor update
|
2010-12-26 09:40:40 +00:00 |
|
Miroslav Stampar
|
562a6440d1
|
fix for a bug reported by nightman (same as http://bugs.python.org/issue8797)
|
2010-12-26 09:33:04 +00:00 |
|
Miroslav Stampar
|
6c72e41972
|
minor fix/update
|
2010-12-26 02:19:10 +00:00 |
|
Miroslav Stampar
|
c5c4aae3d5
|
minor update (to prevent adding too much items)
|
2010-12-25 10:42:36 +00:00 |
|
Miroslav Stampar
|
b472b96f92
|
bug fix, refactoring and improved extractErrorMessage capabilities
|
2010-12-25 10:16:20 +00:00 |
|
Miroslav Stampar
|
ea7ba19f6b
|
minor update
|
2010-12-25 09:43:14 +00:00 |
|
Miroslav Stampar
|
272476773f
|
getPageTextWordsSet on tableExists is pretty powerful stuff
|
2010-12-25 09:37:33 +00:00 |
|
Miroslav Stampar
|
6845d402fa
|
well, here and there, merry Christmas to all :)
|
2010-12-24 20:17:53 +00:00 |
|
Miroslav Stampar
|
2d115e0350
|
one more fix
|
2010-12-24 18:44:13 +00:00 |
|
Miroslav Stampar
|
edcf1a0872
|
few bug fixes
|
2010-12-24 18:40:48 +00:00 |
|
Miroslav Stampar
|
96a06351a1
|
minor fix (in testing phase raise404 should be set to False)
|
2010-12-24 12:36:00 +00:00 |
|
Miroslav Stampar
|
2c23a59ba5
|
fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)
|
2010-12-24 12:13:48 +00:00 |
|
Miroslav Stampar
|
aab14fa2d3
|
minor refactoring/cosmetics
|
2010-12-24 11:06:57 +00:00 |
|
Miroslav Stampar
|
23dc408901
|
prioritization of tests based on DBMS error messages and some comments in common.py
|
2010-12-24 10:55:41 +00:00 |
|
Miroslav Stampar
|
a09716a701
|
minor update
|
2010-12-24 10:07:56 +00:00 |
|
Miroslav Stampar
|
d9f08e4aa3
|
randomization of user agents
|
2010-12-24 10:04:27 +00:00 |
|
Miroslav Stampar
|
d5eebb1cbf
|
fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6
|
2010-12-24 09:49:19 +00:00 |
|
Miroslav Stampar
|
cb17e61f35
|
bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959)
|
2010-12-24 02:54:26 +00:00 |
|
Miroslav Stampar
|
8470de7b76
|
bug fix for boolean proxy when using time based payloads
|
2010-12-23 23:46:08 +00:00 |
|
Miroslav Stampar
|
7f7fb93155
|
cosmetics
|
2010-12-23 18:44:18 +00:00 |
|
Miroslav Stampar
|
017ea9e686
|
update
|
2010-12-23 14:06:22 +00:00 |
|
Miroslav Stampar
|
73f33c1999
|
bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)
|
2010-12-23 11:28:13 +00:00 |
|
Miroslav Stampar
|
8fc60215ed
|
lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.
|
2010-12-22 19:12:46 +00:00 |
|