| 
							
							
								 Bernardo Damele | 97ae7e330f | cosmetics | 2011-01-07 17:10:58 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | e373dac1f2 | Cosmetics | 2011-01-07 16:50:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c17714c423 | suppress session in case of brute methods | 2011-01-07 16:47:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b313a20a3f | some fixes | 2011-01-07 16:39:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1a079c62cb | minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones) | 2011-01-07 16:08:01 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 1c86ec374e | Code refactoring and cosmetics | 2011-01-07 15:41:09 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a8d660db54 | fixes for bugs reported by pragmatk@gmail.com | 2011-01-06 16:59:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | cc9ca802bf | minor update | 2011-01-06 08:54:50 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1297df66da | fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) | 2011-01-06 08:04:59 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 694a65f6f1 | minor fix/update | 2011-01-05 13:32:40 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7ae5192070 | adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) | 2011-01-05 10:25:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c83e9f6ca5 | foundation for filtering binary string values (for example, replacement of non readable chars with #) | 2011-01-04 21:56:37 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | aa81ed4033 | implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) | 2011-01-04 15:49:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fdc463d08b | fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range) | 2011-01-03 23:36:35 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0eabca9fd4 | update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) | 2011-01-03 22:31:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 08ccbf2c1e | important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) | 2011-01-03 22:02:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 92e4cdb241 | raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic | 2011-01-03 14:21:41 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d19a8d53e4 | minor update | 2011-01-03 08:46:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8625494ff2 | added one new quick check for multiple target(s) mode | 2011-01-03 08:32:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5f9b6b2254 | code refactoring | 2011-01-02 16:51:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f762f32de8 | bug fix for proper --parse-errors on .aspx pages | 2011-01-02 13:00:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | dce9a762f1 | important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode | 2011-01-02 10:37:32 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6651ba05eb | another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) | 2011-01-02 08:08:38 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | da138c46c1 | added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly) | 2011-01-02 07:37:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 428e817a32 | some refactoring | 2011-01-01 23:57:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 212035e64d | user can now choose if he wants to skip non-heuristic based DBMS tests | 2011-01-01 23:38:11 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0e815177c8 | minor update | 2011-01-01 19:07:40 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 613242e298 | bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) | 2010-12-29 19:48:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8f32c740ff | code refactoring | 2010-12-29 19:39:32 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 93838fb155 | "patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError) | 2010-12-28 14:40:34 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9fb0e0fc85 | resume of brute forced data is now available | 2010-12-27 14:17:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 51a492e17d | pretty important commit (now dumped tables are prone to dictionary attack) | 2010-12-27 10:56:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 269d6bde24 | this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion) | 2010-12-27 00:14:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 89c2640d23 | basic --search now works with MS Access | 2010-12-26 23:50:16 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ceeb6374e8 | bug fix (TypeError: object of type 'NoneType' has no len()) | 2010-12-26 13:27:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 569e060aab | important improvement | 2010-12-26 13:20:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a555d1ad68 | minor improvement | 2010-12-26 11:15:02 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 562a6440d1 | fix for a bug reported by nightman (same as http://bugs.python.org/issue8797) | 2010-12-26 09:33:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b472b96f92 | bug fix, refactoring and improved extractErrorMessage capabilities | 2010-12-25 10:16:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2c23a59ba5 | fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside) | 2010-12-24 12:13:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | aab14fa2d3 | minor refactoring/cosmetics | 2010-12-24 11:06:57 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 23dc408901 | prioritization of tests based on DBMS error messages and some comments in common.py | 2010-12-24 10:55:41 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d9f08e4aa3 | randomization of user agents | 2010-12-24 10:04:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d5eebb1cbf | fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6 | 2010-12-24 09:49:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 017ea9e686 | update | 2010-12-23 14:06:22 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 73f33c1999 | bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped) | 2010-12-23 11:28:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7c06dbffc3 | bug fix (AttributeError: 'unicode' object has no attribute 'sort') | 2010-12-22 18:55:50 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c1f2534e9a | More bug fixes to properly distinguish between full inband and single-entry inband sql injections | 2010-12-22 15:47:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8212b7b745 | bug fix | 2010-12-22 12:16:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5be9c04e44 | update regarding Sybase syntax | 2010-12-22 10:39:56 +00:00 |  |