Commit Graph

774 Commits

Author SHA1 Message Date
Miroslav Stampar
2d59a10515 Better patch than last commit 2016-05-31 10:25:01 +02:00
Miroslav Stampar
21a25c4f00 Bug for fix comments in case of MsAccess 2016-05-31 10:24:13 +02:00
Miroslav Stampar
6b5c16c22c Minor update for ColdFusion error messages 2016-05-31 09:54:14 +02:00
Miroslav Stampar
2c6621c26a Minor upgrade for WAF/IDS/IPS detection 2016-05-31 09:49:50 +02:00
Miroslav Stampar
f0500b1d2f Minor update for ColdFusion path regexes 2016-05-31 09:35:58 +02:00
Miroslav Stampar
6a033bb58c Minor update for ColdFusion type casting 2016-05-31 09:31:32 +02:00
Miroslav Stampar
2fa4b22645 Patch for URL encoding cookie values (asking the user to choose) 2016-05-30 17:47:08 +02:00
Miroslav Stampar
229d3a7dd0 Patch for cases when error page looks more like original, than the False one does 2016-05-30 16:46:23 +02:00
Miroslav Stampar
b965e5bf1c Minor refactoring 2016-05-30 16:06:39 +02:00
Miroslav Stampar
3bd74c5351 Minor patch 2016-05-30 15:20:21 +02:00
Miroslav Stampar
55624ec1a2 Minor message update 2016-05-30 14:40:22 +02:00
Miroslav Stampar
6885afe8c3 Minor update for requestvalidationmode.py waf script 2016-05-30 14:26:55 +02:00
Miroslav Stampar
acc1277246 Minor update 2016-05-30 14:13:57 +02:00
Miroslav Stampar
935cb9c8cb Patch for a custom header cookie urlencoding 2016-05-30 14:09:53 +02:00
Miroslav Stampar
17a4ddad63 Fixes #1916 2016-05-30 13:10:25 +02:00
Miroslav Stampar
5264671f5b Dump formatting patch for MsAccess 2016-05-30 12:03:33 +02:00
Miroslav Stampar
b4ebbae354 New payload(s) 2016-05-30 11:25:24 +02:00
Miroslav Stampar
510197c39e Minor text update 2016-05-30 10:52:30 +02:00
Miroslav Stampar
b6a4bd91fe Minor text update 2016-05-30 10:51:35 +02:00
Miroslav Stampar
83b82a5e98 Bug fix (wrong handler used in case of DBMS resolution) 2016-05-30 10:32:49 +02:00
Miroslav Stampar
0b1efc0759 Minor update (for newer versions of MsSQL) 2016-05-30 01:38:34 +02:00
Miroslav Stampar
2b506d744d Minor update 2016-05-30 01:29:40 +02:00
Miroslav Stampar
79d08906a4 Cleaning some redundant payload(s) 2016-05-27 23:59:48 +02:00
Miroslav Stampar
6327063bd0 Minor patch 2016-05-27 16:43:01 +02:00
Miroslav Stampar
69fd900108 Adding waf script for detection of generic/unknown 2016-05-27 16:34:41 +02:00
Miroslav Stampar
f9d01f682b Cloudflare has tons of HTTP error codes while detecting SQLi 2016-05-27 15:58:16 +02:00
Miroslav Stampar
d7d3db415b Minor update 2016-05-27 15:32:30 +02:00
Miroslav Stampar
31850e4544 Minor bug fixes 2016-05-27 13:58:18 +02:00
Miroslav Stampar
de9f23939f Major bug fix in WAF/IDS/IPS detection (question 'do you want..to try to detect backend WAF/IPS/IDS' never worked) 2016-05-27 13:41:03 +02:00
Miroslav Stampar
154ed2c4e2 Minor patch 2016-05-27 13:33:14 +02:00
Miroslav Stampar
89dfe4e1ac Adding wallarm WAF script (and couple of other WAF script updates) 2016-05-27 11:58:18 +02:00
Miroslav Stampar
b41b07ddd8 Updates for 360 and jiasule WAF scripts 2016-05-27 11:02:05 +02:00
Miroslav Stampar
e36fc02282 Adding sophos WAF script 2016-05-27 10:17:42 +02:00
Miroslav Stampar
49b41c1eca Minor update for cloudflare waf script 2016-05-27 09:43:54 +02:00
Miroslav Stampar
4cd9fdb7df Minor update for F5 waf script 2016-05-27 09:27:45 +02:00
Miroslav Stampar
5aab2d8fb5 Update for Akamai Kona WAF script 2016-05-27 09:22:39 +02:00
Miroslav Stampar
210b65c02d Couple of fixes for --identify-waf 2016-05-27 02:24:59 +02:00
Miroslav Stampar
7a2ac23f0b Adding new waf script (sitelock) 2016-05-27 02:13:01 +02:00
Miroslav Stampar
e435fb2e9e Adding new waf script (comodo) 2016-05-27 01:23:20 +02:00
Miroslav Stampar
6892c94595 Minor update 2016-05-27 01:10:37 +02:00
Miroslav Stampar
831c960216 Update for an Issue #1899 2016-05-26 16:47:38 +02:00
Miroslav Stampar
43af2a4aee Fixes #1899 2016-05-26 16:08:59 +02:00
Miroslav Stampar
1de6996c26 Fixes #1893 2016-05-25 15:43:39 +02:00
Miroslav Stampar
304f2ed308 Minor language patch 2016-05-25 15:32:17 +02:00
Miroslav Stampar
148b35da4f Better extraction of absolute file paths 2016-05-25 15:29:25 +02:00
Miroslav Stampar
3865b3a398 Minor improvement in case of technique E (when waiting for large entry - lots of chunks) 2016-05-25 12:50:53 +02:00
Miroslav Stampar
d6bcbbae1d Minor patch for E technique to be more compatible with output of U technique 2016-05-25 12:42:15 +02:00
Miroslav Stampar
04b3aefc5d Patch for special character output in U and E techniques 2016-05-25 12:24:36 +02:00
Miroslav Stampar
a5f8cae599 Fixes #1892 2016-05-24 17:58:35 +02:00
Miroslav Stampar
29c3037512 Better asciinema recording (shorter width) 2016-05-24 17:26:10 +02:00
Miroslav Stampar
d0d7d3a205 Update of location of a sample run 2016-05-24 17:12:44 +02:00
Miroslav Stampar
7ce36ea1b6 Removal of unused imports 2016-05-24 16:40:44 +02:00
Miroslav Stampar
6f97f4796b Fixes #1891 2016-05-24 16:34:07 +02:00
Miroslav Stampar
39fe96009f Minor improvement (related to the last commit) 2016-05-24 16:20:39 +02:00
Miroslav Stampar
b475a38895 Better ORDER BY detection 2016-05-24 15:46:06 +02:00
Miroslav Stampar
42de887b05 Language update 2016-05-24 15:18:19 +02:00
Miroslav Stampar
28576bf08e Minor output update 2016-05-24 15:08:04 +02:00
Miroslav Stampar
c395958dff Fixes #1888 2016-05-24 14:55:19 +02:00
Miroslav Stampar
798b539eec Minor update 2016-05-24 14:50:56 +02:00
Miroslav Stampar
70cf8edc75 Fixes #1887 2016-05-24 14:17:00 +02:00
Miroslav Stampar
a81ea88eb0 Fixes #1889 2016-05-24 13:59:34 +02:00
Miroslav Stampar
023dda26fc Minor update for --os-shell directories 2016-05-24 12:53:21 +02:00
Miroslav Stampar
3e76895155 Minor update 2016-05-24 12:30:01 +02:00
Miroslav Stampar
2c1bd7f034 Update for an Issue #1531 (MySQL quirk with international letters) 2016-05-24 12:01:02 +02:00
Miroslav Stampar
f7cae68378 More formal language 2016-05-22 21:44:17 +02:00
Miroslav Stampar
f6ff1a115a Better (automatic) picking of a --string candidate (especially in case of international pages) 2016-05-22 21:29:08 +02:00
Miroslav Stampar
32ee586e2a Minor language update 2016-05-22 14:30:32 +02:00
Miroslav Stampar
b9e5655e3c Proper naming 2016-05-22 14:26:36 +02:00
Miroslav Stampar
6623c3f877 Pesky bug fix (nobody noticed :) 2016-05-22 14:22:31 +02:00
Miroslav Stampar
30a4173249 I like users which don't know the difference between detection and identification 2016-05-22 12:40:23 +02:00
Miroslav Stampar
dbbe4c6ddd Fixes #1884 2016-05-22 11:44:21 +02:00
Miroslav Stampar
633e4dfe48 Fixes #1886 2016-05-22 11:37:27 +02:00
Miroslav Stampar
5e8b105677 Fixes #1880 2016-05-19 19:46:12 +02:00
Miroslav Stampar
414dd96bbd Minor update (warning on negative integer values provided) 2016-05-19 18:04:25 +02:00
Miroslav Stampar
e857c2a88a Update for an Issue #1879 2016-05-19 13:50:31 +02:00
Miroslav Stampar
e7aaea2b8e Update for an Issue #1826 2016-05-17 14:10:49 +02:00
Miroslav Stampar
63d7cd607e Minor patch (for late threading issues) 2016-05-17 13:54:42 +02:00
Miroslav Stampar
d886b08dd9 Update for an Issue #1826 2016-05-17 13:45:03 +02:00
Miroslav Stampar
72f3185ae7 Fixes #1878 2016-05-17 10:47:17 +02:00
Miroslav Stampar
03be9f9b65 Minor removal of blank lines 2016-05-17 10:43:16 +02:00
Miroslav Stampar
d9d0865c13 Another patch for an Issue #1874 2016-05-16 17:09:05 +02:00
Miroslav Stampar
e3f54bc226 Minor patch for #1874 2016-05-16 16:53:28 +02:00
Miroslav Stampar
9662f4a56a Minor update 2016-05-16 16:47:29 +02:00
Miroslav Stampar
fea5cc8579 Minor patch 2016-05-16 15:37:49 +02:00
Miroslav Stampar
94091cd0e9 Fixes #1871 2016-05-15 09:37:45 +02:00
Miroslav Stampar
cc9f4b6102 Minor refactoring for MariaDB 2016-05-14 15:05:50 +02:00
Miroslav Stampar
cd7c99c752 Minor revert (it was not necessary - caused other problems) 2016-05-14 14:48:17 +02:00
Miroslav Stampar
75478c1181 Fixes #1868 2016-05-14 14:18:34 +02:00
Miroslav Stampar
ad0ca69579 Fixes #1865 2016-05-13 15:14:56 +02:00
Miroslav Stampar
2d801b7122 Minor patch for an Issue #1861 2016-05-12 17:16:55 +02:00
Miroslav Stampar
1e07269fe3 Patch for an Issue #1860 2016-05-12 16:42:12 +02:00
Miroslav Stampar
3b74e99576 Minor update (support for MariaDB) 2016-05-11 15:47:35 +02:00
Miroslav Stampar
439fff684e Minor update (MSSQL CONCAT payload) 2016-05-11 09:42:54 +02:00
Miroslav Stampar
72cf06119c Patch for an Issue #1852 2016-05-10 09:55:03 +02:00
Miroslav Stampar
808068d70a Minor update 2016-05-10 09:19:59 +02:00
Miroslav Stampar
f09072b2b6 Fixes #1853 2016-05-09 13:13:02 +02:00
Miroslav Stampar
be9381abc5 Implements #1845 2016-05-06 13:06:59 +02:00
Miroslav Stampar
5d09f7b85f Fixes #1822 2016-05-06 10:32:16 +02:00
Miroslav Stampar
8bbfee7591 Cleaning a leftover from be26392057 2016-05-06 10:30:58 +02:00
Miroslav Stampar
be26392057 Update for an Issue #1846 2016-05-06 10:23:57 +02:00
Miroslav Stampar
263730f4ee Fixes #1840 2016-05-04 13:23:59 +02:00
Miroslav Stampar
5d7e1782d9 Fixes #1839 2016-05-04 11:14:42 +02:00
Miroslav Stampar
e27f590c2c Fixes #1838 2016-05-04 11:11:58 +02:00
Miroslav Stampar
7afe655561 Another minor update for #1836 2016-05-03 12:52:46 +02:00
Miroslav Stampar
3bf08290a4 Update for an Issue #1836 2016-05-03 12:37:10 +02:00
Miroslav Stampar
34c2172391 Fixes #1837 2016-05-03 11:38:47 +02:00
Miroslav Stampar
48044f7a46 Minor update of IDS_WAF_CHECK_PAYLOAD 2016-05-03 00:19:19 +02:00
Miroslav Stampar
04e666182f Minor update of FORMAT_EXCEPTION_STRINGS 2016-05-02 23:44:43 +02:00
Miroslav Stampar
c797129956 Fixes #1833 2016-05-02 11:10:12 +02:00
Miroslav Stampar
6928dae956 Minor patch 2016-05-02 10:45:50 +02:00
Miroslav Stampar
6db3bcbb51 Minor update for UrlScan 2016-05-02 10:12:19 +02:00
Miroslav Stampar
d7f0b3566d Automatic monthly tagging 2016-05-02 10:06:30 +02:00
Miroslav Stampar
0c67a90cc0 Minor bug fix 2016-05-02 10:06:30 +02:00
Miroslav Stampar
f06e498fb0 Implementation for an Issue #1826 2016-04-29 14:19:32 +02:00
Miroslav Stampar
ad612bf9e4 Patch for Windows banner display 2016-04-29 00:51:20 +02:00
Miroslav Stampar
9dd5cd8eb6 Removing CloudFlare check 2016-04-29 00:17:07 +02:00
Miroslav Stampar
5ed3cdc819 Minor update 2016-04-22 10:54:55 +02:00
Miroslav Stampar
0c5965c7b8 Minor patches 2016-04-19 13:13:37 +02:00
Miroslav Stampar
aa21550712 Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself) 2016-04-15 13:47:19 +02:00
Miroslav Stampar
66061e8c5f Fixes #1811 2016-04-15 12:04:54 +02:00
Miroslav Stampar
c4b74c2e01 Fixes #1810 2016-04-12 22:37:14 +02:00
Miroslav Stampar
55b23e78ee Fixes #1809 2016-04-12 22:10:26 +02:00
Miroslav Stampar
a9526bda92 Minor patch 2016-04-11 22:38:44 +02:00
Miroslav Stampar
0901da3f83 Update for an Issue #1807 2016-04-11 09:43:50 +02:00
Miroslav Stampar
8004652f7b Some more optimization 2016-04-08 15:30:25 +02:00
Miroslav Stampar
c9b410c97f Minor update 2016-04-08 14:59:52 +02:00
Miroslav Stampar
814d710320 Minor speed up 2016-04-08 14:41:34 +02:00
Miroslav Stampar
38fcc5a35a Update for pre-WHERE payloads 2016-04-08 13:19:42 +02:00
Miroslav Stampar
674d516f3e Minor patch 2016-04-08 11:40:09 +02:00
Miroslav Stampar
8ceb4907a5 Another update for Issue #1800 2016-04-08 11:37:38 +02:00
Miroslav Stampar
ce3749622a Minor revisit of payload boundaries (Issue #1800) 2016-04-08 11:28:17 +02:00
Miroslav Stampar
bcfae99701 Adding new WAF script 2016-04-08 10:32:18 +02:00
Miroslav Stampar
44c1c2c6f0 Minor update (reported via email) 2016-04-06 11:43:53 +02:00
Miroslav Stampar
ac08db82b2 Including one more error regex (based on testasp[.]vulnweb[.]com) 2016-04-04 16:14:30 +02:00
Miroslav Stampar
305bfd9d30 Implements #1763 2016-04-04 13:50:10 +02:00
Miroslav Stampar
f9aaec7b4a Minor patch (binary extensions) 2016-04-04 12:43:53 +02:00
Miroslav Stampar
d881a92ee7 Automatic monthly tagging 2016-04-04 12:38:37 +02:00
Miroslav Stampar
60ada89347 Trying once again 2016-04-04 12:38:37 +02:00
Miroslav Stampar
171bfa33a7 Automatic monthly tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
acaef90c7b Minor tuning of auto tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
31d7021d4c Fixes #1794 2016-04-04 12:25:07 +02:00
Miroslav Stampar
e83d8f6143 Updating colorama (Issue #1784) 2016-03-30 15:11:34 +02:00
Miroslav Stampar
ad3b766b65 Adding in-table name boundaries 2016-03-26 09:39:28 +01:00
Miroslav Stampar
074fbbcea5 Implementation for an Issue #1776 2016-03-23 15:45:49 +01:00
Miroslav Stampar
5b0d5970cc Another patch related to the #1773 2016-03-23 10:33:32 +01:00
Miroslav Stampar
6c2f9859be Potential patch for #1773 2016-03-23 10:26:22 +01:00
Miroslav Stampar
d496d99943 Fixes #1774 2016-03-22 13:24:54 +01:00
Miroslav Stampar
d20e9febf2 Fixes #1770 2016-03-19 17:40:05 +01:00
Miroslav Stampar
d76ee8f534 Further update for #1765 2016-03-17 17:06:11 +01:00
Miroslav Stampar
5b88e3e1ad Minor update of version comment 2016-03-17 16:38:39 +01:00