Miroslav Stampar
|
e1f86c97c4
|
minor refactoring
|
2012-02-16 09:46:41 +00:00 |
|
Miroslav Stampar
|
bcf9fc6c6f
|
minor refactoring
|
2012-02-16 09:32:47 +00:00 |
|
Miroslav Stampar
|
8d7912ad34
|
minor update and refactoring
|
2012-02-15 14:05:50 +00:00 |
|
Miroslav Stampar
|
bf923a97df
|
minor update
|
2012-02-15 13:45:10 +00:00 |
|
Miroslav Stampar
|
122db6e164
|
minor update
|
2012-02-15 13:24:02 +00:00 |
|
Miroslav Stampar
|
9059d30312
|
adding first code example for SPL snippets
|
2012-02-15 13:17:01 +00:00 |
|
Miroslav Stampar
|
edeb4b6113
|
bug fix for --os-shell on Windows (echo ... > requires double quotes if the piped filename contains whitespace, otherwise doesn't hurt)
|
2012-02-15 11:14:01 +00:00 |
|
Miroslav Stampar
|
35fa214a1e
|
minor update (it was working before too, but this is cleaner)
|
2012-02-15 10:14:29 +00:00 |
|
Bernardo Damele
|
1c44d6d3c7
|
Fixed annoying bug that prevented proper checkBooleanExpression() function to work with direct connection (-d). Now DBMS fingerprint should work properly with -d
|
2012-02-14 17:29:00 +00:00 |
|
Miroslav Stampar
|
23cc8b6974
|
minor fix for special cases when parameter value contains html encoded characters
|
2012-02-14 14:08:10 +00:00 |
|
Miroslav Stampar
|
c1ab02494c
|
minor grammar and cosmetics
|
2012-02-14 13:18:37 +00:00 |
|
Miroslav Stampar
|
bb5113980b
|
minor update
|
2012-02-14 10:27:56 +00:00 |
|
Miroslav Stampar
|
3f15c52188
|
minor change in workflow for "tainted" parameter values
|
2012-02-14 09:26:52 +00:00 |
|
Miroslav Stampar
|
2604e73d88
|
minor change in workflow
|
2012-02-13 11:18:47 +00:00 |
|
Miroslav Stampar
|
96f589fc89
|
minor fix
|
2012-02-12 19:22:33 +00:00 |
|
Miroslav Stampar
|
8a2bd3897d
|
minor output fix
|
2012-02-12 19:11:54 +00:00 |
|
Miroslav Stampar
|
c1368053e5
|
minor fix
|
2012-02-12 18:46:25 +00:00 |
|
Miroslav Stampar
|
249cb48b0b
|
minor fix
|
2012-02-10 15:59:11 +00:00 |
|
Miroslav Stampar
|
6be95194a7
|
matter of concision
|
2012-02-10 15:37:43 +00:00 |
|
Miroslav Stampar
|
eab7a54e03
|
cosmetics
|
2012-02-10 15:34:04 +00:00 |
|
Miroslav Stampar
|
92590d0d59
|
minor fix
|
2012-02-10 15:26:55 +00:00 |
|
Miroslav Stampar
|
e36e9de57e
|
minor update by request
|
2012-02-10 15:12:23 +00:00 |
|
Miroslav Stampar
|
b140ef4a14
|
minor update (preparing for switching to HashDB from old sessionFile)
|
2012-02-10 10:24:48 +00:00 |
|
Miroslav Stampar
|
980367b7b2
|
minor update
|
2012-02-09 09:48:47 +00:00 |
|
Miroslav Stampar
|
7e9e582eca
|
minor update
|
2012-02-08 14:23:57 +00:00 |
|
Miroslav Stampar
|
2662fe84f7
|
minor update
|
2012-02-08 12:02:50 +00:00 |
|
Miroslav Stampar
|
85a4ef6593
|
minor update
|
2012-02-08 12:00:03 +00:00 |
|
Miroslav Stampar
|
93d7d6c355
|
minor patch
|
2012-02-08 10:38:58 +00:00 |
|
Miroslav Stampar
|
6bedb80ffa
|
adding --force-ssl switch (most useful in combination with -r)
|
2012-02-08 09:11:57 +00:00 |
|
Miroslav Stampar
|
e50d64546f
|
minor fix
|
2012-02-07 14:57:48 +00:00 |
|
Miroslav Stampar
|
2b05ded9c3
|
just a makeup
|
2012-02-07 12:05:23 +00:00 |
|
Miroslav Stampar
|
b4f4a982e4
|
minor update
|
2012-02-07 11:37:54 +00:00 |
|
Miroslav Stampar
|
11af0b1bbc
|
minor fix
|
2012-02-07 11:16:03 +00:00 |
|
Miroslav Stampar
|
f7bf1fbe94
|
upgrade/fixes for direct DBMS access
|
2012-02-07 10:46:55 +00:00 |
|
Miroslav Stampar
|
af71e3c563
|
minor update
|
2012-02-06 09:48:44 +00:00 |
|
Miroslav Stampar
|
8c45ff0d57
|
bug fix
|
2012-02-03 10:38:04 +00:00 |
|
Bernardo Damele
|
c0f4b4632d
|
Minor fix
|
2012-02-02 12:55:39 +00:00 |
|
Miroslav Stampar
|
a7970d094a
|
minor update
|
2012-02-01 15:10:06 +00:00 |
|
Miroslav Stampar
|
e56309f3b1
|
minor makeup update
|
2012-02-01 15:04:56 +00:00 |
|
Miroslav Stampar
|
8405ef59ac
|
some estetic updates
|
2012-02-01 14:49:42 +00:00 |
|
Miroslav Stampar
|
f4e7bf1d51
|
minor update regarding support for Unicode characters in Oracle
|
2012-02-01 14:17:27 +00:00 |
|
Miroslav Stampar
|
df43157284
|
minor patch
|
2012-02-01 12:28:06 +00:00 |
|
Miroslav Stampar
|
2ee198a381
|
minor "patch"
|
2012-02-01 11:00:01 +00:00 |
|
Miroslav Stampar
|
2589521ecf
|
fix of a wrong assumption (e.g. decodeIntToUnicode(12345) has been returning a "09" instead of a single unicode character)
|
2012-02-01 10:38:43 +00:00 |
|
Miroslav Stampar
|
4d9dcbf5db
|
minor fix
|
2012-02-01 10:14:23 +00:00 |
|
Miroslav Stampar
|
46f42f2fe4
|
minor fix
|
2012-01-30 13:10:35 +00:00 |
|
Miroslav Stampar
|
f2857e38ba
|
minor update
|
2012-01-30 10:19:03 +00:00 |
|
Miroslav Stampar
|
594579bef4
|
fix for a bug regarding --cookie and --crawl
|
2012-01-30 09:17:22 +00:00 |
|
Miroslav Stampar
|
2094c715db
|
minor update
|
2012-01-23 09:44:17 +00:00 |
|
Miroslav Stampar
|
9e5cf70a5a
|
minor fix
|
2012-01-20 11:13:25 +00:00 |
|
Miroslav Stampar
|
9eee6c252d
|
minor update for --scope
|
2012-01-16 10:28:21 +00:00 |
|
Miroslav Stampar
|
527ce070a3
|
minor fix
|
2012-01-16 10:04:18 +00:00 |
|
Miroslav Stampar
|
b2dad63000
|
some more refactoring
|
2012-01-13 22:00:34 +00:00 |
|
Miroslav Stampar
|
e5fe029a78
|
minor beautification
|
2012-01-13 21:03:50 +00:00 |
|
Miroslav Stampar
|
6634c4ac20
|
minor update
|
2012-01-13 21:01:58 +00:00 |
|
Miroslav Stampar
|
23117e72ca
|
minor improvement
|
2012-01-13 20:56:06 +00:00 |
|
Bernardo Damele
|
0043336620
|
Minor fix and removed leftover debug message
|
2012-01-13 17:04:59 +00:00 |
|
Bernardo Damele
|
e59ace5409
|
minor bug fix
|
2012-01-13 16:57:45 +00:00 |
|
Bernardo Damele
|
b03f91437b
|
Minor code refactoring
|
2012-01-13 16:49:52 +00:00 |
|
Miroslav Stampar
|
337973df77
|
reverting last 2 commits (better solution was the original one)
|
2012-01-13 15:58:47 +00:00 |
|
Miroslav Stampar
|
1f53ff0633
|
minor update regarding last commit
|
2012-01-13 15:56:50 +00:00 |
|
Miroslav Stampar
|
ff96c537a9
|
minor update for multithreaded mode
|
2012-01-13 15:50:38 +00:00 |
|
Bernardo Damele
|
7e560eec1f
|
Minor fix
|
2012-01-13 12:54:45 +00:00 |
|
Miroslav Stampar
|
dd295bbd4a
|
minor update regarding -d and time based injections
|
2012-01-13 12:45:02 +00:00 |
|
Miroslav Stampar
|
04686b83e3
|
minor update
|
2012-01-13 11:16:26 +00:00 |
|
Miroslav Stampar
|
305371b7a9
|
minor update
|
2012-01-12 14:58:23 +00:00 |
|
Miroslav Stampar
|
95f89ab63a
|
updating copyright date
|
2012-01-11 14:59:46 +00:00 |
|
Miroslav Stampar
|
1d0b43b1a2
|
implemented mechanism for merging cookies by request
|
2012-01-11 14:28:08 +00:00 |
|
Miroslav Stampar
|
ff52931140
|
some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)
|
2012-01-07 19:30:35 +00:00 |
|
Miroslav Stampar
|
18930539cd
|
more concise language
|
2012-01-07 17:45:45 +00:00 |
|
Miroslav Stampar
|
2b5e429dc2
|
one more level of defense against user himself
|
2012-01-07 17:16:14 +00:00 |
|
Miroslav Stampar
|
a675c88894
|
minor check added for invalid urls (e.g. deliberately too long)
|
2012-01-07 16:06:18 +00:00 |
|
Miroslav Stampar
|
164c8a4020
|
better message in case of update error
|
2012-01-07 15:47:38 +00:00 |
|
Miroslav Stampar
|
5a8fc44119
|
minor update
|
2012-01-07 15:26:54 +00:00 |
|
Miroslav Stampar
|
3f4afdf251
|
minor fix (crashing if no : in value)
|
2012-01-07 14:54:56 +00:00 |
|
Miroslav Stampar
|
759465bde5
|
minor fix
|
2012-01-06 00:06:38 +00:00 |
|
Miroslav Stampar
|
40398f358c
|
minor update
|
2012-01-05 14:55:23 +00:00 |
|
Miroslav Stampar
|
1f085a0241
|
now [SLEEPTIME] is changeable properly in vivo
|
2012-01-05 14:45:05 +00:00 |
|
Miroslav Stampar
|
9d50c806e1
|
bug fix
|
2012-01-05 10:55:58 +00:00 |
|
Miroslav Stampar
|
804629832d
|
minor fix
|
2012-01-05 10:24:27 +00:00 |
|
Miroslav Stampar
|
ea87c89c25
|
minor fix
|
2012-01-03 23:44:56 +00:00 |
|
Miroslav Stampar
|
13f2afbbc9
|
minor fix
|
2012-01-03 17:28:50 +00:00 |
|
Miroslav Stampar
|
40991a5d52
|
minor fix
|
2011-12-31 01:03:54 +00:00 |
|
Miroslav Stampar
|
94d43a4135
|
minor bug fix
|
2011-12-30 14:20:06 +00:00 |
|
Miroslav Stampar
|
63bc4ce116
|
minor patch
|
2011-12-30 14:11:02 +00:00 |
|
Miroslav Stampar
|
29f502fe29
|
some refactoring
|
2011-12-28 16:27:17 +00:00 |
|
Miroslav Stampar
|
37d78ffe01
|
minor optimization
|
2011-12-28 15:59:30 +00:00 |
|
Miroslav Stampar
|
22c3fe49bb
|
some refactoring
|
2011-12-28 13:50:03 +00:00 |
|
Miroslav Stampar
|
dda979a15a
|
minor refactoring
|
2011-12-27 12:31:29 +00:00 |
|
Miroslav Stampar
|
0a6334db22
|
minor speedup
|
2011-12-27 11:41:57 +00:00 |
|
Miroslav Stampar
|
b02363b1aa
|
minor update
|
2011-12-27 11:25:40 +00:00 |
|
Miroslav Stampar
|
068ff92dc4
|
optimizing a bit pyDes module used in Oracle hash cracking
|
2011-12-26 15:33:49 +00:00 |
|
Miroslav Stampar
|
08071f42d0
|
minor update
|
2011-12-26 14:31:59 +00:00 |
|
Miroslav Stampar
|
366e86c560
|
minor "patch"
|
2011-12-26 14:08:25 +00:00 |
|
Miroslav Stampar
|
c20546dcaa
|
minor refactoring
|
2011-12-26 12:24:39 +00:00 |
|
Miroslav Stampar
|
b71a81041d
|
implemented --tor-port by request
|
2011-12-23 10:57:09 +00:00 |
|
Miroslav Stampar
|
89d2c7c042
|
minor update
|
2011-12-22 20:54:20 +00:00 |
|
Miroslav Stampar
|
abb401879c
|
minor update
|
2011-12-22 20:42:57 +00:00 |
|
Miroslav Stampar
|
087e29d272
|
minor update
|
2011-12-22 20:14:56 +00:00 |
|
Miroslav Stampar
|
8a7b0406c8
|
minor optimization
|
2011-12-22 20:08:28 +00:00 |
|
Miroslav Stampar
|
094129a656
|
minor optimization
|
2011-12-22 15:42:21 +00:00 |
|
Miroslav Stampar
|
8585107e3d
|
minor update
|
2011-12-22 12:21:30 +00:00 |
|
Miroslav Stampar
|
f622995a29
|
compatibility with partial union and error technique resumed data
|
2011-12-22 12:20:21 +00:00 |
|
Miroslav Stampar
|
58a4a02b7e
|
minor fix
|
2011-12-22 11:56:42 +00:00 |
|
Miroslav Stampar
|
6f8d8a15aa
|
minor update
|
2011-12-22 11:55:02 +00:00 |
|
Miroslav Stampar
|
9f68e54fff
|
minor cleanup
|
2011-12-22 10:59:28 +00:00 |
|
Miroslav Stampar
|
aaa29d1f24
|
minor fix
|
2011-12-22 10:51:41 +00:00 |
|
Miroslav Stampar
|
4a1a0773b7
|
speedup of UNION dumping
|
2011-12-22 10:44:14 +00:00 |
|
Miroslav Stampar
|
1ae413a206
|
some refactoring/speedup around UNION technique
|
2011-12-22 10:32:21 +00:00 |
|
Miroslav Stampar
|
b77e2042f2
|
some optimization
|
2011-12-21 23:23:00 +00:00 |
|
Miroslav Stampar
|
a6310c0b21
|
minor update
|
2011-12-21 23:04:36 +00:00 |
|
Miroslav Stampar
|
526aacb640
|
code cleanup
|
2011-12-21 22:59:23 +00:00 |
|
Miroslav Stampar
|
41ccf88990
|
some more refactoring
|
2011-12-21 22:09:21 +00:00 |
|
Miroslav Stampar
|
0a039d84e0
|
some more refactoring
|
2011-12-21 19:40:42 +00:00 |
|
Miroslav Stampar
|
41b60b26fc
|
minor refactoring
|
2011-12-21 14:25:39 +00:00 |
|
Miroslav Stampar
|
81bd9a201b
|
minor refactoring
|
2011-12-21 11:50:49 +00:00 |
|
Miroslav Stampar
|
113ebf5e9d
|
minor update
|
2011-12-20 16:08:17 +00:00 |
|
Miroslav Stampar
|
8bfff4a28e
|
minor update
|
2011-12-20 15:01:27 +00:00 |
|
Miroslav Stampar
|
d3a428c9c8
|
minor bug fix regarding dumping tables with safe quotes
|
2011-12-20 13:17:24 +00:00 |
|
Miroslav Stampar
|
95cd9e2af3
|
adding support for scanning Host header values (-p host)
|
2011-12-20 12:52:41 +00:00 |
|
Miroslav Stampar
|
bdc724cb46
|
minor bug fix
|
2011-12-20 10:34:28 +00:00 |
|
Miroslav Stampar
|
1b16b5e0f1
|
minor fix
|
2011-12-20 09:10:44 +00:00 |
|
Miroslav Stampar
|
dcf842692b
|
minor fix
|
2011-12-16 12:34:26 +00:00 |
|
Miroslav Stampar
|
c57941c102
|
minor beautification
|
2011-12-15 23:33:44 +00:00 |
|
Miroslav Stampar
|
27d244b326
|
minor update
|
2011-12-15 23:29:11 +00:00 |
|
Miroslav Stampar
|
563c0c1066
|
adding switch --tor-type
|
2011-12-15 23:19:55 +00:00 |
|
Miroslav Stampar
|
316e27a809
|
minor update
|
2011-12-15 10:19:31 +00:00 |
|
Miroslav Stampar
|
c98f5f6f94
|
minor fix
|
2011-12-15 09:28:58 +00:00 |
|
Miroslav Stampar
|
8793fbc9f5
|
minor update
|
2011-12-14 12:59:25 +00:00 |
|
Miroslav Stampar
|
1fd1ec22a1
|
minor fix
|
2011-12-14 12:03:21 +00:00 |
|
Miroslav Stampar
|
e6820ebbd2
|
minor update
|
2011-12-14 10:26:03 +00:00 |
|
Miroslav Stampar
|
364113441b
|
adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)
|
2011-12-14 10:19:45 +00:00 |
|
Miroslav Stampar
|
73a500833d
|
minor bug fix
|
2011-12-12 14:38:06 +00:00 |
|
Miroslav Stampar
|
25cde9e2c7
|
minor fixes
|
2011-12-12 09:45:40 +00:00 |
|
Bernardo Damele
|
8fe72d87a8
|
minor bug fix for mysql -d --file-read
|
2011-12-06 10:57:23 +00:00 |
|
Miroslav Stampar
|
0f5d48ff20
|
minor update
|
2011-12-05 09:25:56 +00:00 |
|
Miroslav Stampar
|
a8a5e61ee1
|
minor update
|
2011-12-05 00:06:32 +00:00 |
|
Miroslav Stampar
|
9bc735963b
|
update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself))
|
2011-12-04 22:42:19 +00:00 |
|
Miroslav Stampar
|
ec895c3d1a
|
revert of last commit
|
2011-12-04 16:37:18 +00:00 |
|
Miroslav Stampar
|
393843bf87
|
it seems that SOCKS4 is safer solution for TOR socks access
|
2011-12-04 16:23:08 +00:00 |
|
Miroslav Stampar
|
5f7dbec41f
|
minor patch
|
2011-12-03 12:11:46 +00:00 |
|
Miroslav Stampar
|
b9ae28dd5e
|
minor beautification
|
2011-12-02 14:11:43 +00:00 |
|
Miroslav Stampar
|
b03a5e8928
|
people don't know what's "standard deviation" and they are wrongly connecting it's value in seconds to the --time-sec value
|
2011-12-01 13:30:47 +00:00 |
|
Miroslav Stampar
|
32ab7171ea
|
minor update
|
2011-12-01 10:07:39 +00:00 |
|
Miroslav Stampar
|
9975ff8d17
|
minor update
|
2011-11-30 19:26:03 +00:00 |
|
Miroslav Stampar
|
f1dfa5c860
|
minor update
|
2011-11-30 17:44:34 +00:00 |
|
Miroslav Stampar
|
71c46f50aa
|
adding option --csv-del
|
2011-11-30 17:39:41 +00:00 |
|
Miroslav Stampar
|
02bd9a54f3
|
minor update
|
2011-11-30 17:19:21 +00:00 |
|
Miroslav Stampar
|
872a73f631
|
minor refactoring
|
2011-11-29 19:17:07 +00:00 |
|
Miroslav Stampar
|
3cd8f47686
|
minor bug fix
|
2011-11-29 17:17:06 +00:00 |
|
Miroslav Stampar
|
2842c13d75
|
minor update
|
2011-11-29 16:59:06 +00:00 |
|
Miroslav Stampar
|
d958c2fe48
|
minor fix
|
2011-11-28 11:21:39 +00:00 |
|
Miroslav Stampar
|
885b432808
|
minor update
|
2011-11-23 21:39:53 +00:00 |
|
Miroslav Stampar
|
ba4234dc42
|
switching from HTTP proxy to SOCKS proxy for --tor (sick and tired of Polipo/Privoxy bull; either Tor flag is overwritten every here and there or they are putting all kinds of filter warnings)
|
2011-11-23 21:17:08 +00:00 |
|
Miroslav Stampar
|
8ea9b19b66
|
minor update regarding dumping of table content in --forms mode
|
2011-11-23 20:56:22 +00:00 |
|
Miroslav Stampar
|
d6f936b98d
|
minor update
|
2011-11-23 15:51:48 +00:00 |
|
Miroslav Stampar
|
40f21c3917
|
minor update
|
2011-11-23 15:38:31 +00:00 |
|
Miroslav Stampar
|
14e8ca6d41
|
minor fix
|
2011-11-23 14:26:40 +00:00 |
|
Miroslav Stampar
|
9b99530add
|
minor bug fix
|
2011-11-23 08:14:20 +00:00 |
|
Miroslav Stampar
|
d5cddd40f6
|
minor fix
|
2011-11-23 03:03:31 +00:00 |
|
Miroslav Stampar
|
f39170a2c4
|
minor update
|
2011-11-22 15:06:51 +00:00 |
|
Miroslav Stampar
|
e33f70269b
|
minor optimization
|
2011-11-22 12:44:28 +00:00 |
|
Miroslav Stampar
|
501fd85fa1
|
minor optimization
|
2011-11-22 12:40:12 +00:00 |
|
Miroslav Stampar
|
2e10de8921
|
minor update
|
2011-11-22 12:18:24 +00:00 |
|
Miroslav Stampar
|
ac041399f0
|
minor patch
|
2011-11-22 11:04:43 +00:00 |
|
Miroslav Stampar
|
9697e80013
|
some more optimizations
|
2011-11-22 10:54:29 +00:00 |
|
Miroslav Stampar
|
267d67b024
|
minor update
|
2011-11-22 10:41:56 +00:00 |
|
Miroslav Stampar
|
b117c40aa5
|
major improvement of HashDB speed in multi-threaded mode
|
2011-11-22 10:09:35 +00:00 |
|
Miroslav Stampar
|
e94efff187
|
some more optimization
|
2011-11-22 09:00:00 +00:00 |
|
Miroslav Stampar
|
2ed3efba12
|
speed optimization and bug fix (kb.absFilePaths were not stored previously; also, they are now extracted only in heuristic phase)
|
2011-11-22 08:39:13 +00:00 |
|
Miroslav Stampar
|
493e436e16
|
minor update
|
2011-11-22 07:32:39 +00:00 |
|
Miroslav Stampar
|
e905ea2a54
|
minor bug fix
|
2011-11-22 07:07:52 +00:00 |
|
Miroslav Stampar
|
f1f0828b28
|
minor update
|
2011-11-21 22:27:47 +00:00 |
|
Miroslav Stampar
|
704e1a4e74
|
minor minor update
|
2011-11-21 22:19:52 +00:00 |
|
Miroslav Stampar
|
fcac3d494b
|
minor beautification
|
2011-11-21 22:18:04 +00:00 |
|
Miroslav Stampar
|
753dcb3450
|
minor update
|
2011-11-21 22:12:24 +00:00 |
|
Miroslav Stampar
|
da51e8a9d1
|
minor fix
|
2011-11-21 21:55:05 +00:00 |
|
Miroslav Stampar
|
eee03871d7
|
minor refactoring
|
2011-11-21 21:31:08 +00:00 |
|
Miroslav Stampar
|
4fa24ec704
|
minor improvement
|
2011-11-21 17:39:18 +00:00 |
|
Miroslav Stampar
|
65b2b0ad87
|
adding switch --eval
|
2011-11-21 16:41:02 +00:00 |
|
Miroslav Stampar
|
df0b451389
|
minor update
|
2011-11-20 23:17:57 +00:00 |
|
Miroslav Stampar
|
49fddaf668
|
minor update (for cases with 404 original page - e.g. time based injections in some cases)
|
2011-11-20 23:11:18 +00:00 |
|
Miroslav Stampar
|
8c32b3653b
|
minor update of false positive check (in considerable amount of cases minus char is filtered/used for other means)
|
2011-11-20 20:27:30 +00:00 |
|
Miroslav Stampar
|
440b7efe55
|
minor optimization
|
2011-11-20 20:14:47 +00:00 |
|
Miroslav Stampar
|
7c1af97852
|
minor optimization
|
2011-11-20 19:38:56 +00:00 |
|
Miroslav Stampar
|
e1a92d59de
|
implementing WordPress phpass hash cracking routine
|
2011-11-20 19:10:46 +00:00 |
|
Miroslav Stampar
|
f1979936c8
|
minor update
|
2011-11-18 15:32:33 +00:00 |
|
Miroslav Stampar
|
0df768e24a
|
minor refactoring/optimization
|
2011-11-16 16:06:21 +00:00 |
|
Miroslav Stampar
|
7314de3490
|
language update
|
2011-11-15 11:17:39 +00:00 |
|
Miroslav Stampar
|
ad2762118d
|
minor update
|
2011-11-14 15:10:39 +00:00 |
|
Miroslav Stampar
|
b888829d12
|
minor update
|
2011-11-14 11:39:18 +00:00 |
|
Miroslav Stampar
|
367627c331
|
minor fix for Python 2.6
|
2011-11-13 19:09:13 +00:00 |
|
Miroslav Stampar
|
76fb6ba666
|
minor update
|
2011-11-13 10:38:27 +00:00 |
|
Miroslav Stampar
|
ccbd93cc2e
|
fix for redirect/HOST header bug
|
2011-11-11 11:28:27 +00:00 |
|
Miroslav Stampar
|
1061c06617
|
improvement of redirecting code
|
2011-11-11 11:07:49 +00:00 |
|
Miroslav Stampar
|
e183437f0b
|
minor typo
|
2011-11-10 10:30:53 +00:00 |
|
Miroslav Stampar
|
62f8f8d36c
|
bug fix (thanks to zhen zhou)
|
2011-11-10 10:22:35 +00:00 |
|
Miroslav Stampar
|
6c07573e30
|
minor update
|
2011-11-06 11:42:02 +00:00 |
|
Miroslav Stampar
|
030c57a0c8
|
minor update
|
2011-11-06 11:18:16 +00:00 |
|
Miroslav Stampar
|
2dbd51e357
|
fix for google searches
|
2011-11-06 08:55:09 +00:00 |
|
Miroslav Stampar
|
61e3621855
|
minor update
|
2011-11-02 14:33:23 +00:00 |
|
Miroslav Stampar
|
24bda96d9e
|
adding items from John the Ripper's word list to the dictionary for Oracle cracking
|
2011-11-02 11:21:49 +00:00 |
|
Miroslav Stampar
|
6ec522e14b
|
removal of minor obsolete thingy
|
2011-11-02 10:41:12 +00:00 |
|
Miroslav Stampar
|
ea125d820d
|
some more speed ups for hash cracking
|
2011-11-02 09:57:42 +00:00 |
|
Miroslav Stampar
|
2f355db230
|
minor fix
|
2011-11-02 09:32:15 +00:00 |
|
Miroslav Stampar
|
0e96af65e6
|
minor update
|
2011-11-02 07:06:07 +00:00 |
|
Miroslav Stampar
|
d735582536
|
major speed improvement of hash cracking
|
2011-11-02 06:53:43 +00:00 |
|
Miroslav Stampar
|
b3a57391e4
|
minor update
|
2011-11-01 20:39:22 +00:00 |
|
Miroslav Stampar
|
3e3f037f1e
|
improvement of hash cracking routine
|
2011-11-01 19:58:22 +00:00 |
|
Miroslav Stampar
|
4cafc5f31b
|
language update
|
2011-11-01 19:09:17 +00:00 |
|
Miroslav Stampar
|
43340a7ea5
|
language
|
2011-11-01 19:06:27 +00:00 |
|
Miroslav Stampar
|
f9bb762d1d
|
minor improvement (resuming of already cracked values)
|
2011-11-01 19:00:34 +00:00 |
|
Miroslav Stampar
|
c0cd29f01c
|
minor update
|
2011-10-31 15:20:40 +00:00 |
|
Miroslav Stampar
|
60cadf4747
|
better regex used
|
2011-10-29 10:31:52 +00:00 |
|
Miroslav Stampar
|
ef987c6954
|
adding compatibility support for using --crawl and --forms together
|
2011-10-29 09:32:20 +00:00 |
|
Miroslav Stampar
|
ddc4dfe5ff
|
minor refactoring for regarding --forms
|
2011-10-29 08:32:24 +00:00 |
|
Miroslav Stampar
|
d7866ac78d
|
added support for automatic filtering of badly formed HTML in --forms mode
|
2011-10-28 21:28:03 +00:00 |
|
Miroslav Stampar
|
1b45c5b56a
|
bug fix
|
2011-10-28 15:24:35 +00:00 |
|
Miroslav Stampar
|
666a7da12a
|
minor update
|
2011-10-28 11:28:21 +00:00 |
|
Miroslav Stampar
|
b83fe6113e
|
turning off time adjustment off (now is shown as a tip) because it seems that it never was actually used (payload always left the same)
|
2011-10-28 11:25:07 +00:00 |
|
Miroslav Stampar
|
e290f2b80b
|
minor update
|
2011-10-28 11:11:55 +00:00 |
|
Miroslav Stampar
|
7ce3af68fc
|
fixing support for parsing BURP logs
|
2011-10-27 17:31:34 +00:00 |
|
Miroslav Stampar
|
6b7920d89a
|
minor patch for --tor
|
2011-10-27 10:52:06 +00:00 |
|
Miroslav Stampar
|
3c31ccd16e
|
minor update
|
2011-10-26 22:37:04 +00:00 |
|
Miroslav Stampar
|
9d31230d5e
|
minor update
|
2011-10-26 21:56:26 +00:00 |
|
Miroslav Stampar
|
d64c0af461
|
minor update
|
2011-10-26 14:31:00 +00:00 |
|
Miroslav Stampar
|
9c1d1ca5d8
|
minor update
|
2011-10-26 14:13:38 +00:00 |
|
Miroslav Stampar
|
2a72c1ae68
|
minor fix
|
2011-10-26 11:30:10 +00:00 |
|
Miroslav Stampar
|
a99547363f
|
some fixes
|
2011-10-26 11:24:15 +00:00 |
|
Miroslav Stampar
|
3d883a2218
|
minor update
|
2011-10-26 11:10:15 +00:00 |
|
Miroslav Stampar
|
d467b40ff6
|
minor fix
|
2011-10-26 10:54:43 +00:00 |
|
Miroslav Stampar
|
8d668b1833
|
some updates regarding hash attack
|
2011-10-26 10:30:32 +00:00 |
|
Miroslav Stampar
|
f41ae9cf49
|
minor update
|
2011-10-26 09:40:47 +00:00 |
|
Miroslav Stampar
|
0b68144c8f
|
minor fixes for hash cracking
|
2011-10-26 09:29:41 +00:00 |
|
Miroslav Stampar
|
18affca0bc
|
minor update
|
2011-10-26 09:14:18 +00:00 |
|
Miroslav Stampar
|
64ca01ea0e
|
minor update
|
2011-10-25 22:06:47 +00:00 |
|
Miroslav Stampar
|
35c889a411
|
minor update
|
2011-10-25 18:07:33 +00:00 |
|
Miroslav Stampar
|
ee76fed56a
|
minor update
|
2011-10-25 17:48:20 +00:00 |
|
Miroslav Stampar
|
41ad7f9eab
|
minor update
|
2011-10-25 17:44:30 +00:00 |
|
Miroslav Stampar
|
86b4a3562f
|
added switch --check-tor
|
2011-10-25 17:37:43 +00:00 |
|
Miroslav Stampar
|
eaaf6041b9
|
minor fix
|
2011-10-25 11:20:42 +00:00 |
|
Miroslav Stampar
|
c1486ed4be
|
adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request
|
2011-10-25 09:53:44 +00:00 |
|
Miroslav Stampar
|
b07f165d60
|
quick fix
|
2011-10-24 18:11:34 +00:00 |
|
Miroslav Stampar
|
23bf52e496
|
minor refactoring
|
2011-10-24 09:55:50 +00:00 |
|
Miroslav Stampar
|
cd00c0d084
|
minor patch
|
2011-10-24 09:43:59 +00:00 |
|
Miroslav Stampar
|
6d64f87190
|
minor update
|
2011-10-24 00:46:54 +00:00 |
|
Miroslav Stampar
|
20ae1c2187
|
added switch --logic-negative
|
2011-10-24 00:40:06 +00:00 |
|
Miroslav Stampar
|
8bd3cfdc8e
|
minor update
|
2011-10-24 00:17:38 +00:00 |
|
Miroslav Stampar
|
d39d36f7a7
|
minor language beautification
|
2011-10-23 23:27:56 +00:00 |
|
Miroslav Stampar
|
7c626f1dbe
|
minor fix
|
2011-10-23 23:18:39 +00:00 |
|
Miroslav Stampar
|
d77a5f5928
|
update (generalizing ORDER BY approach)
|
2011-10-23 23:02:01 +00:00 |
|
Miroslav Stampar
|
1dd3fae930
|
minor fix
|
2011-10-23 22:27:45 +00:00 |
|
Miroslav Stampar
|
0c29311eb2
|
minor update
|
2011-10-23 22:24:57 +00:00 |
|
Miroslav Stampar
|
5863429fc1
|
minor update
|
2011-10-23 21:17:45 +00:00 |
|
Miroslav Stampar
|
4a469c3258
|
minor update
|
2011-10-23 21:12:34 +00:00 |
|
Miroslav Stampar
|
1f7d87c6a4
|
bug fix for --code (previously redirecting codes where not considered)
|
2011-10-23 20:48:37 +00:00 |
|
Miroslav Stampar
|
77e630d89e
|
replaced longer CHAR form of escaped MySQL strings with more compact hex form
|
2011-10-23 20:19:42 +00:00 |
|
Miroslav Stampar
|
3f0517d3f3
|
support for non-latin (e.g. cyrillic) URLs
|
2011-10-23 17:02:48 +00:00 |
|
Miroslav Stampar
|
1c3f4e9e54
|
minor update
|
2011-10-23 08:44:21 +00:00 |
|
Miroslav Stampar
|
25f0ec3597
|
some minor range to xrange conversion (where safe to do)
|
2011-10-21 22:34:27 +00:00 |
|
Miroslav Stampar
|
eb240243ea
|
minor update
|
2011-10-21 22:21:41 +00:00 |
|
Miroslav Stampar
|
b4ce857f9b
|
added some comments
|
2011-10-21 21:29:24 +00:00 |
|
Miroslav Stampar
|
7a3096ce25
|
some refactoring
|
2011-10-21 21:12:48 +00:00 |
|
Miroslav Stampar
|
9356f8005c
|
important bug fix
|
2011-10-21 21:07:06 +00:00 |
|
Miroslav Stampar
|
0a8e45955c
|
minor update
|
2011-10-21 20:44:18 +00:00 |
|
Miroslav Stampar
|
566d6e4974
|
minor fix
|
2011-10-21 20:21:29 +00:00 |
|
Miroslav Stampar
|
05b9951a8b
|
minor beautification
|
2011-10-21 09:19:31 +00:00 |
|
Miroslav Stampar
|
0db0571f35
|
minor patch
|
2011-10-21 09:06:00 +00:00 |
|
Miroslav Stampar
|
12a7fd4054
|
quick fix
|
2011-10-20 08:28:57 +00:00 |
|
Miroslav Stampar
|
0cbcbf159c
|
minor fix
|
2011-10-19 21:35:01 +00:00 |
|
Miroslav Stampar
|
e3a719e7d2
|
minor update
|
2011-10-11 22:40:00 +00:00 |
|
Miroslav Stampar
|
7956390631
|
minor update
|
2011-10-11 22:27:49 +00:00 |
|
Miroslav Stampar
|
a7a29f33ad
|
minor update
|
2011-10-11 21:58:57 +00:00 |
|
Miroslav Stampar
|
dacfeafc5f
|
minor optimization
|
2011-10-10 17:45:16 +00:00 |
|
Miroslav Stampar
|
4989e8e6d3
|
minor update
|
2011-10-10 17:29:54 +00:00 |
|
Miroslav Stampar
|
c204f2b221
|
minor optimization
|
2011-10-10 14:47:48 +00:00 |
|
Miroslav Stampar
|
47b27a5988
|
minor improvement of HashDB
|
2011-10-10 14:23:17 +00:00 |
|
Miroslav Stampar
|
323aa7bf2f
|
minor update
|
2011-10-09 21:21:41 +00:00 |
|
Miroslav Stampar
|
a31a0aa8d4
|
minor update
|
2011-10-06 22:29:49 +00:00 |
|
Miroslav Stampar
|
8720aad6dc
|
transformed cDel to pDel as a more generic option
|
2011-10-06 22:03:33 +00:00 |
|
Miroslav Stampar
|
dd0ed5f5da
|
adding redirect response to the traffic file
|
2011-09-28 08:13:46 +00:00 |
|
Miroslav Stampar
|
6d2536f217
|
minor update
|
2011-09-27 22:27:34 +00:00 |
|
Miroslav Stampar
|
c0910ca2c8
|
added one more warning message by request
|
2011-09-27 22:25:15 +00:00 |
|
Miroslav Stampar
|
b888a84764
|
minor update
|
2011-09-27 14:31:58 +00:00 |
|
Miroslav Stampar
|
88f1110c44
|
adding a new (for now) hidden switch --test-filter for filtering tests by their name
|
2011-09-27 14:09:25 +00:00 |
|
Miroslav Stampar
|
fd9acfd7d2
|
fix
|
2011-09-26 13:36:08 +00:00 |
|
Miroslav Stampar
|
b3b4459c72
|
minor fix
|
2011-09-26 13:01:43 +00:00 |
|
Miroslav Stampar
|
34738129c9
|
minor update
|
2011-09-25 21:27:58 +00:00 |
|
Miroslav Stampar
|
7e80274fac
|
refactoring
|
2011-09-25 21:10:45 +00:00 |
|
Miroslav Stampar
|
744636a8c1
|
switching to SQLite resume support (on error and union techniques this moment)
|
2011-09-25 20:36:32 +00:00 |
|
Miroslav Stampar
|
ba5eff1de6
|
minor bug fix
|
2011-09-23 18:29:45 +00:00 |
|
Miroslav Stampar
|
d95ff4350d
|
bug fix
|
2011-09-20 13:08:35 +00:00 |
|
Miroslav Stampar
|
4a3580d10b
|
minor fix
|
2011-09-19 19:08:08 +00:00 |
|
Bernardo Damele
|
f890b29f81
|
Proper reference to Metasploit Framework as now it's version 4, not 3 anymore
|
2011-09-12 17:26:22 +00:00 |
|
Miroslav Stampar
|
4fb6dab1a2
|
minor bug fix
|
2011-09-12 14:15:57 +00:00 |
|
Miroslav Stampar
|
1bdde51d0e
|
minor just in case update
|
2011-09-11 16:41:07 +00:00 |
|
Miroslav Stampar
|
02f993583b
|
minor bug fix
|
2011-09-09 11:36:09 +00:00 |
|
Miroslav Stampar
|
2f4e34f5a0
|
minor improvement for URI injections
|
2011-09-08 11:13:12 +00:00 |
|
Miroslav Stampar
|
d434047482
|
minor bug fix
|
2011-09-05 09:28:40 +00:00 |
|
Miroslav Stampar
|
08e0eb9b61
|
minor lower/upper case fix
|
2011-08-29 13:47:32 +00:00 |
|
Miroslav Stampar
|
9be89422da
|
implemented parameter --skip
|
2011-08-29 13:29:42 +00:00 |
|
Miroslav Stampar
|
e0f521cf9d
|
minor update regarding --randomize
|
2011-08-29 13:08:25 +00:00 |
|
Miroslav Stampar
|
ac00014c4a
|
implemented --randomize switch by request
|
2011-08-29 12:50:52 +00:00 |
|
Miroslav Stampar
|
8fe069b495
|
minor fix
|
2011-08-23 21:48:39 +00:00 |
|
Miroslav Stampar
|
01014eca17
|
by request
|
2011-08-23 21:45:01 +00:00 |
|
Miroslav Stampar
|
cfc1f2b70b
|
minor update
|
2011-08-22 22:43:14 +00:00 |
|
Miroslav Stampar
|
f4127a80d7
|
improvement of UNION based injection detection (with non-NULL kb.uChar values searching of the content inside -1 UNION.. pages is used)
|
2011-08-22 21:43:46 +00:00 |
|
Miroslav Stampar
|
8a174248dc
|
fix for a bug reported by blueBoy
|
2011-08-20 20:08:11 +00:00 |
|
Miroslav Stampar
|
cb32d46f2a
|
minor minor update
|
2011-08-18 06:09:12 +00:00 |
|
Miroslav Stampar
|
54bcc35ba7
|
important bug fix (connection exception was causing losing of already retrieved data)
|
2011-08-17 22:31:33 +00:00 |
|
Miroslav Stampar
|
9d31322f3d
|
update regarding special case when conf.uChar appears only in testable pages
|
2011-08-17 21:40:42 +00:00 |
|
Miroslav Stampar
|
75ec146224
|
minor beautification
|
2011-08-17 21:17:02 +00:00 |
|
Miroslav Stampar
|
f46baac70b
|
bug fix (when comment is None this was errornous)
|
2011-08-17 10:58:29 +00:00 |
|
Bernardo Damele
|
9361e633f4
|
Minor bug fix - some applications do really set cookies like param="value" with double-quotes
|
2011-08-16 09:21:01 +00:00 |
|
Miroslav Stampar
|
e1dbb4443b
|
minor update related to the last commit
|
2011-08-16 07:01:14 +00:00 |
|
Miroslav Stampar
|
7cc5743c5d
|
minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters)
|
2011-08-16 06:50:20 +00:00 |
|
Miroslav Stampar
|
600ef3eace
|
minor patch
|
2011-08-16 06:22:04 +00:00 |
|
Miroslav Stampar
|
262996fc5b
|
bug fix
|
2011-08-16 06:14:40 +00:00 |
|
Miroslav Stampar
|
df4abf1af1
|
lowering constant value from 10 to 7 for da peace in da houz
|
2011-08-12 17:19:19 +00:00 |
|
Bernardo Damele
|
702ed73a65
|
Added --code switch to match in boolean-based tests against the HTTP response code
|
2011-08-12 16:48:11 +00:00 |
|
Bernardo Damele
|
fff4c34e33
|
Search for --string and --regexp matches also in HTTP response headers
|
2011-08-12 15:33:37 +00:00 |
|
Bernardo Damele
|
5e5133b8e7
|
Should be fixed now
|
2011-08-12 15:00:11 +00:00 |
|
Bernardo Damele
|
1505cb2a80
|
typo
|
2011-08-12 14:51:39 +00:00 |
|
Bernardo Damele
|
702ca22d54
|
Minor bug fix for URI injections
|
2011-08-12 14:48:44 +00:00 |
|
Bernardo Damele
|
28bba9f5e6
|
More verbose warning message
|
2011-08-12 13:47:38 +00:00 |
|
Miroslav Stampar
|
10bdd90e60
|
minor speed optimizations (as a result of profiling)
|
2011-08-12 13:40:37 +00:00 |
|
Bernardo Damele
|
36280b33fa
|
Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site
|
2011-08-12 13:06:40 +00:00 |
|
Miroslav Stampar
|
41ae9bc7ff
|
minor bug fix
|
2011-08-09 14:20:25 +00:00 |
|
Miroslav Stampar
|
2ad267132a
|
minor update for empty normal responses (like AJAX requests)
|
2011-08-05 10:55:21 +00:00 |
|
Miroslav Stampar
|
e849b71027
|
minor typo
|
2011-08-03 14:31:42 +00:00 |
|
Miroslav Stampar
|
538b49bcc5
|
removing word "dramatically". i was too excited at the moment :). it is cool and all but we shouldn't put "highly subjective" attribs in reports
|
2011-08-03 13:26:38 +00:00 |
|
Miroslav Stampar
|
f7562da754
|
from now on proper union column count should be displayed in injection info output
|
2011-08-03 10:34:50 +00:00 |
|
Miroslav Stampar
|
9423d15fb3
|
ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix
|
2011-08-03 09:08:16 +00:00 |
|
Miroslav Stampar
|
07afcd5440
|
fix for a bug reported by Ahmed Shawky (when user uses --suffix intermixing test default comments with the provided suffix is a big no no)
|
2011-08-02 18:20:21 +00:00 |
|
Miroslav Stampar
|
07c3d4fb18
|
minor adjustment
|
2011-08-02 17:35:43 +00:00 |
|
Miroslav Stampar
|
edab7d01a5
|
minor fix
|
2011-08-02 17:31:13 +00:00 |
|
Bernardo Damele
|
c15439ab7f
|
Minor improvement to --passwords output
|
2011-08-02 09:04:34 +00:00 |
|
Miroslav Stampar
|
cb0981d858
|
proper way of handling 0 length results (as in __goInferenceProxy)
|
2011-08-02 08:39:32 +00:00 |
|
Miroslav Stampar
|
0643ced651
|
minor update
|
2011-08-02 08:12:43 +00:00 |
|
Miroslav Stampar
|
457f501bbd
|
proper fix
|
2011-08-01 23:48:38 +00:00 |
|
Bernardo Damele
|
cbd0ea0866
|
Possible fix for a minor bug
|
2011-08-01 23:24:39 +00:00 |
|
Miroslav Stampar
|
018d7ed646
|
improvement for limited queries (more stable to have TOP/LIMIT/OFFSET mechanisms as part of a subquery)
|
2011-07-31 23:40:09 +00:00 |
|
Miroslav Stampar
|
0627bb02cb
|
minor beautification
|
2011-07-31 10:21:47 +00:00 |
|
Miroslav Stampar
|
93ae1dfa2b
|
minor bug fix
|
2011-07-31 08:52:48 +00:00 |
|
Miroslav Stampar
|
68ae8ea5b2
|
minor refactoring
|
2011-07-29 10:54:25 +00:00 |
|
Miroslav Stampar
|
e522263640
|
fix for a neverending data retrieval in large full inband cases
|
2011-07-29 10:45:09 +00:00 |
|
Miroslav Stampar
|
3fc603843e
|
minor fix
|
2011-07-27 23:26:36 +00:00 |
|
Miroslav Stampar
|
107089c00b
|
bug fix
|
2011-07-27 08:25:51 +00:00 |
|
Miroslav Stampar
|
f7eaffcec5
|
i believe that this could be ok
|
2011-07-26 21:28:48 +00:00 |
|
Bernardo Damele
|
a2483b3bc4
|
Aligned OS takeover functionalities to recent Metasploit improvements
|
2011-07-26 10:29:14 +00:00 |
|