Commit Graph

473 Commits

Author SHA1 Message Date
Miroslav Stampar
0eb5fb1e5a Update for an Issue #757 2014-07-19 23:02:14 +02:00
Miroslav Stampar
2a88436417 Patch for an Issue #724 2014-06-16 09:51:24 +02:00
Miroslav Stampar
106102bd3c Fix for an Issue #648 2014-03-21 20:28:29 +01:00
Miroslav Stampar
3b47418a1d Fix for an Issue #640 2014-03-14 22:20:20 +01:00
Miroslav Stampar
2ffdee5733 Bug fix for PAYLOAD.WHERE.REPLACE payloads containing custom injection marker ([ORIGVALUE] was screwed) 2014-02-26 11:41:48 +01:00
Miroslav Stampar
edc8ef9d5b Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used) 2014-02-25 13:48:34 +01:00
Miroslav Stampar
2a423d61ef Raising number of requests for false positive testing in case of higher levels 2014-02-23 19:40:01 +01:00
Miroslav Stampar
fe0ff6e679 Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases 2014-02-09 17:50:16 +01:00
Miroslav Stampar
f97fcb7bb3 Adding a switch --invalid-string 2014-01-23 21:56:06 +01:00
Miroslav Stampar
f88f6dcd7e Changing --invalid-bignum from float producing to int producing 2014-01-23 09:07:25 +01:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
6c80f2903b Patch for an Issue #564 2013-12-27 11:02:59 +01:00
Miroslav Stampar
7ed05f01b3 Minor update 2013-10-27 00:24:57 +02:00
Miroslav Stampar
334c698d53 Adding change verbosity level in testing phase when Ctrl+C pressed 2013-10-17 16:54:53 +02:00
Miroslav Stampar
2dc570d7a8 Minor patch (for ORDER BY 'col' cases) 2013-10-10 23:08:20 +02:00
Miroslav Stampar
369006ca73 Bug fix 2013-10-07 12:54:25 +02:00
Miroslav Stampar
0cf2bdeb1c Minor language update 2013-08-22 11:11:30 +02:00
Miroslav Stampar
941b2387c0 Minor fix 2013-07-31 09:22:45 +02:00
stamparm
e6f71c2130 Making 10% less requests in futile higher level/risk runs (using static template payloads for where==NEGATIVE) 2013-07-15 16:24:49 +02:00
stamparm
c9d3974205 Minor fix (templatePayload had duplicate string patterns for where==NEGATIVE) 2013-07-15 13:54:02 +02:00
stamparm
ac2d40e259 Revert of last commit (there is a chance that that big integer value is really valid :) 2013-07-15 13:34:38 +02:00
stamparm
a097ee1505 Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant) 2013-07-15 13:31:56 +02:00
stamparm
d7c0805e7c Removing leftover 2013-07-08 12:45:02 +02:00
stamparm
a548eb5c70 Minor text update 2013-07-08 12:44:14 +02:00
stamparm
d0e79a4d15 Minor text update 2013-07-08 12:38:36 +02:00
stamparm
a530817727 Minor typo fix 2013-07-08 11:52:46 +02:00
stamparm
8d3435ab0b Removing reflective warning for parsing heuristic test 2013-07-08 11:48:33 +02:00
stamparm
fd5b665f7d Removing arithmetic operations from false positive checking to minimize affect of character filtering ('>' and '=' have to stay because those are minimal requirements) 2013-06-26 10:55:34 +02:00
Miroslav Stampar
d3ad408a21 Minor cosmetics 2013-05-19 22:17:53 +02:00
Miroslav Stampar
980a0e3adb Trivial update 2013-05-18 21:00:53 +02:00
Miroslav Stampar
1ff98c2ff9 Another minor text update 2013-05-18 21:00:11 +02:00
Miroslav Stampar
967513e1bb Minor message update 2013-05-18 20:59:23 +02:00
Miroslav Stampar
caa4ee96cd Minor cosmetic update 2013-05-18 18:28:44 +02:00
Miroslav Stampar
6608410320 Adding a question after WAF has been identified 2013-05-18 18:26:40 +02:00
stamparm
03732d2592 Minor fix 2013-05-17 16:04:05 +02:00
stamparm
76b4e1ccb9 Implementation for an Issue #450 2013-05-17 15:04:25 +02:00
stamparm
f1f34a65a2 Minor update 2013-05-15 13:38:26 +02:00
stamparm
8c9da95343 Style and consistency update (url -> URL) 2013-04-09 11:48:42 +02:00
stamparm
5dd2529b02 Minor language update 2013-03-26 14:18:37 +01:00
stamparm
4d2b77dde3 Minor language update 2013-03-26 14:15:40 +01:00
stamparm
3f8dafedae Minor text update 2013-03-26 14:08:35 +01:00
stamparm
7447773237 Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
Miroslav Stampar
8acf033715 Code refactoring 2013-03-19 19:24:14 +01:00
Miroslav Stampar
a3d9a7b1ff Minor fix 2013-03-19 19:06:51 +01:00
Martin Bjerregaard Jepsen
d7a77c79ad Fixed incorrect call to checkBooleanExpression when testing for false positives 2013-03-01 22:51:34 +01:00
stamparm
3a3f9c5ea1 Trivial commit related to the last one 2013-03-01 12:09:03 +01:00
stamparm
440b484bf6 Minor update (one more just in case dummy request in false positive check for time-based injections - when DBMS could be unresponsive a bit due to previous heavy-queries) 2013-03-01 10:59:04 +01:00
Miroslav Stampar
e42350ddce Minor style update 2013-02-28 20:28:34 +01:00
Miroslav Stampar
0e89cc62a2 Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections 2013-02-28 20:20:08 +01:00
stamparm
af4762ace2 Minor style update 2013-02-26 11:16:09 +01:00