Miroslav Stampar
|
3710a7051b
|
Fix for an Issue #653
|
2014-03-25 21:26:22 +01:00 |
|
Miroslav Stampar
|
930c3e3c5a
|
Minor update (added check for --limit and --risk)
|
2014-03-25 09:28:12 +01:00 |
|
Miroslav Stampar
|
f6e1d9e026
|
Fix for an Issue #650
|
2014-03-24 10:46:23 +01:00 |
|
Miroslav Stampar
|
106102bd3c
|
Fix for an Issue #648
|
2014-03-21 20:28:29 +01:00 |
|
Bernardo Damele
|
9f838c3d5b
|
typo fix
|
2014-03-21 11:37:34 +00:00 |
|
Bernardo Damele
|
8091a88d3e
|
minor code cleanup and bug fix
|
2014-03-21 11:35:30 +00:00 |
|
Bernardo Damele
|
c211255773
|
replaced outfile with dumpfile so works even if the original statement outputs blob
|
2014-03-21 11:01:57 +00:00 |
|
Miroslav Stampar
|
39ab3b9149
|
Minor fix for meta refresh
|
2014-03-20 13:13:47 +01:00 |
|
Miroslav Stampar
|
d7f0da5599
|
Minor patch for an Issue #646
|
2014-03-20 13:08:28 +01:00 |
|
Miroslav Stampar
|
97fe5e52c2
|
Fix for an Issue #644
|
2014-03-18 16:41:05 +01:00 |
|
Miroslav Stampar
|
97f603af4a
|
Fix for an Issue #641
|
2014-03-17 20:20:25 +01:00 |
|
Miroslav Stampar
|
0622cdf3d8
|
Bug fix (credentials used in combination with request file)
|
2014-03-15 09:29:21 +01:00 |
|
Miroslav Stampar
|
3b47418a1d
|
Fix for an Issue #640
|
2014-03-14 22:20:20 +01:00 |
|
Miroslav Stampar
|
56d76e6bfd
|
Updating list of extensions to exclude from crawling
|
2014-03-14 21:34:16 +01:00 |
|
Miroslav Stampar
|
be3fd8bb29
|
Fix for an Issue #638
|
2014-03-14 16:44:56 +01:00 |
|
Miroslav Stampar
|
17742df0fa
|
Update for an Issue #636 (to prevent eventual future reports with lack of stack trace)
|
2014-03-11 21:18:31 +01:00 |
|
Miroslav Stampar
|
2f8846caec
|
Fix for an Issue #636
|
2014-03-11 21:11:51 +01:00 |
|
Miroslav Stampar
|
d1a6a775f1
|
Patch for an Issue #636
|
2014-03-11 21:00:15 +01:00 |
|
Miroslav Stampar
|
f1f53a5841
|
Minor cosmetic update
|
2014-03-06 21:08:31 +01:00 |
|
Miroslav Stampar
|
490d51258e
|
Raising number of minimum time responses (15 is statistically too low)
|
2014-03-03 20:49:58 +01:00 |
|
Miroslav Stampar
|
291a0d772a
|
Update for an Issue #615
|
2014-02-27 14:23:14 +01:00 |
|
Miroslav Stampar
|
2ffdee5733
|
Bug fix for PAYLOAD.WHERE.REPLACE payloads containing custom injection marker ([ORIGVALUE] was screwed)
|
2014-02-26 11:41:48 +01:00 |
|
Miroslav Stampar
|
cc62a8adc9
|
Bug fix for JSON-like data (proper escaping of quotes)
|
2014-02-26 09:30:37 +01:00 |
|
Miroslav Stampar
|
6369a38ebc
|
Adding support for JSON-like data with single quote
|
2014-02-26 08:56:17 +01:00 |
|
Miroslav Stampar
|
465f968be6
|
Minor cosmetic update
|
2014-02-26 08:41:23 +01:00 |
|
Miroslav Stampar
|
edc8ef9d5b
|
Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used)
|
2014-02-25 13:48:34 +01:00 |
|
Miroslav Stampar
|
2a423d61ef
|
Raising number of requests for false positive testing in case of higher levels
|
2014-02-23 19:40:01 +01:00 |
|
Miroslav Stampar
|
d405fc1157
|
Minor update (for the consistency sake)
|
2014-02-16 22:04:12 +01:00 |
|
Miroslav Stampar
|
58eac364a2
|
Bug fix
|
2014-02-16 21:57:14 +01:00 |
|
Miroslav Stampar
|
dfa727cbc5
|
Fix for a same bug mentioned in last commit
|
2014-02-16 21:47:14 +01:00 |
|
Miroslav Stampar
|
43df4efd11
|
Bug fix (bad idea is to do os.path.join on web URLs - especially on Windows OS)
|
2014-02-16 21:44:57 +01:00 |
|
Miroslav Stampar
|
d05bfdd7dd
|
Implementing option '--where' (Issue #605)
|
2014-02-11 16:20:45 +01:00 |
|
Bernardo Damele
|
be6767b3b0
|
minor fix for command execution via web shell
|
2014-02-10 09:59:57 +00:00 |
|
Miroslav Stampar
|
fe0ff6e679
|
Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases
|
2014-02-09 17:50:16 +01:00 |
|
Miroslav Stampar
|
8521265526
|
Minor fix
|
2014-02-07 14:40:43 +01:00 |
|
Miroslav Stampar
|
534c2ee0e6
|
Minor update
|
2014-02-01 22:12:00 +01:00 |
|
Miroslav Stampar
|
0e44132778
|
Removing unused imports
|
2014-02-01 21:49:12 +01:00 |
|
Miroslav Stampar
|
f97fcb7bb3
|
Adding a switch --invalid-string
|
2014-01-23 21:56:06 +01:00 |
|
Miroslav Stampar
|
f88f6dcd7e
|
Changing --invalid-bignum from float producing to int producing
|
2014-01-23 09:07:25 +01:00 |
|
Miroslav Stampar
|
fc02badf40
|
Minor update
|
2014-01-23 08:33:21 +01:00 |
|
Bernardo Damele
|
bc29bf6481
|
removed comments
|
2014-01-13 23:57:49 +00:00 |
|
Bernardo Damele
|
1505f1dc74
|
removed useless sink
|
2014-01-13 23:55:32 +00:00 |
|
Bernardo Damele
|
124ebefc7f
|
code cleanup
|
2014-01-13 23:48:15 +00:00 |
|
Bernardo Damele
|
3c79d66569
|
fixed stderr
|
2014-01-13 17:34:38 +00:00 |
|
Bernardo Damele
|
43a4e85749
|
updated copyright
|
2014-01-13 17:24:49 +00:00 |
|
Bernardo Damele
|
dfa9076a70
|
fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d )
|
2014-01-13 17:12:37 +00:00 |
|
Miroslav Stampar
|
6863436d4e
|
Implementation for an Issue #596
|
2014-01-13 10:05:56 +01:00 |
|
Bernardo Damele
|
d9e00adfae
|
minor fix
|
2014-01-10 17:23:16 +00:00 |
|
Miroslav Stampar
|
36f3ab5798
|
Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True)
|
2014-01-09 15:46:55 +01:00 |
|
Miroslav Stampar
|
cb1f17cb04
|
Proper patch for an Issue #591
|
2014-01-02 12:15:56 +01:00 |
|