1977 Commits

Author	SHA1	Message	Date
Miroslav Stampar	48c20a62ac	minor nag fix	2011-05-22 15:08:55 +00:00
Miroslav Stampar	40971aca94	fixing nasty bug caused by retrying counter	2011-05-22 10:59:56 +00:00
Miroslav Stampar	712e238f33	another minor fix	2011-05-22 10:29:25 +00:00
Miroslav Stampar	2795aeff34	minor fix	2011-05-22 10:27:45 +00:00
Miroslav Stampar	806e898694	no more CRITICAL drop outs in test mode - lots of reports were related to this	2011-05-22 10:21:49 +00:00
Miroslav Stampar	9b2623514a	one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables	2011-05-22 09:48:46 +00:00
Miroslav Stampar	2ea613b170	type correction and adding global flag kb.ignoreTimeout which could be useful	2011-05-22 08:24:13 +00:00
Miroslav Stampar	27f0e73cc9	refactoring of 'target' flag in connect.py	2011-05-22 07:46:09 +00:00
Miroslav Stampar	a58aaf2e1a	better format for results file (easier for sorting when lots of files)	2011-05-22 07:02:36 +00:00
Miroslav Stampar	25fff8c135	changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux)	2011-05-21 11:46:57 +00:00
Miroslav Stampar	9e5856caf8	improvement for recognition of scalar vs multiple-row commands	2011-05-19 16:45:05 +00:00
Miroslav Stampar	db72428765	minor update	2011-05-19 15:57:29 +00:00
Miroslav Stampar	f40c6b2ce7	added --cookie for maskSensitiveData too	2011-05-19 15:42:59 +00:00
Miroslav Stampar	9832fc42d4	minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)	2011-05-18 21:47:40 +00:00
Miroslav Stampar	3048e9f710	minor refactoring	2011-05-17 23:03:31 +00:00
Miroslav Stampar	cc07e5dc97	added --charset option to force charset encoding of the retrieved data (e.g. when the backend collation is different than the current web page charset) as requested by devon.mitchell1988@y​ahoo.com	2011-05-17 22:55:22 +00:00
Miroslav Stampar	dfe81cc66f	minor yielding	2011-05-16 20:14:10 +00:00
Miroslav Stampar	a5ad4621c9	minor refactoring	2011-05-16 20:09:12 +00:00
Miroslav Stampar	ba1df457ab	fix for a charset euc_tw reported by devon.mitchell1988@y​ahoo.com	2011-05-16 19:26:58 +00:00
Miroslav Stampar	6ba9dea640	just in case for trimmed output	2011-05-16 06:17:37 +00:00
Miroslav Stampar	d2221e4604	fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...)	2011-05-16 00:23:50 +00:00
Miroslav Stampar	faa74cd2bc	introducing results file for multiple target mode	2011-05-15 22:21:38 +00:00
Miroslav Stampar	90e84c9a6d	removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end	2011-05-15 21:43:38 +00:00
Miroslav Stampar	c3bb5a03e1	minor improvement	2011-05-14 20:09:37 +00:00
Miroslav Stampar	3484a4426b	fix for a bug reported by itxx@qq.co​m (TypeError: encode() takes no keyword arguments)	2011-05-14 19:57:28 +00:00
Miroslav Stampar	053c245114	few minor fixes	2011-05-13 09:56:12 +00:00
Miroslav Stampar	a7d7be5ce0	bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host)	2011-05-13 01:01:53 +00:00
Miroslav Stampar	f11d5c91e3	minor update so that only one DNS request per scan is being done (before this commit there were two)	2011-05-12 14:32:39 +00:00
Miroslav Stampar	70688fb8b5	minor enhancement for dumping 'None' values (proper way should be empty string because None is too pythonic)	2011-05-12 12:00:17 +00:00
Miroslav Stampar	c64eb38a8b	same thing as for the last commit, but for error technique this time	2011-05-12 11:52:18 +00:00
Miroslav Stampar	84a7e5ffb9	"unfix" for r3172 which was causing "AttributeError: 'list' object has no attribute 'isdigit'" because of change of appereance	2011-05-12 11:36:02 +00:00
Miroslav Stampar	0b2da2f9f5	minor beautification for --tor switch	2011-05-12 05:46:17 +00:00
Miroslav Stampar	e05a9c0554	i was probably very tired or very stupid to do this	2011-05-11 13:13:46 +00:00
Miroslav Stampar	2ab9e30f7a	bug fix	2011-05-11 12:54:33 +00:00
Miroslav Stampar	53065ee1fb	adding ordered set for kb.targetUrls (now the order of appereance in multiple targets mode will be respected)	2011-05-11 08:55:48 +00:00
Miroslav Stampar	5ee07b90b9	added -m switch for bulk loading multiple targets	2011-05-11 08:46:40 +00:00
Miroslav Stampar	120b0d756e	unfix	2011-05-10 21:33:06 +00:00
Miroslav Stampar	6b66fce72c	minor fix	2011-05-10 20:52:43 +00:00
Miroslav Stampar	192c685bc8	changing conf attribute to a more proper name	2011-05-10 20:48:34 +00:00
Miroslav Stampar	deae534ee7	minor refactoring	2011-05-10 20:44:36 +00:00
Bernardo Damele	97bc816aeb	layout	2011-05-10 16:24:09 +00:00
Bernardo Damele	3a8309c4b0	Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches	2011-05-10 15:34:54 +00:00
Miroslav Stampar	707edc7b1a	fix for a bug (previously --dbms="mysql 4" was ignored and abruptly terminated while the mechanism was here all along)	2011-05-10 13:28:07 +00:00
Miroslav Stampar	1dea609019	fix for a bug reported by David (UnicodeDecodeError: url = url + '?' + query)	2011-05-10 12:51:37 +00:00
Miroslav Stampar	a64407d9db	minor bug fix for multithreading and lots of connection retries	2011-05-10 12:40:01 +00:00
Miroslav Stampar	22a1870c2c	adding some constraining to number of used threads on brute force switches together with a warning in case of connection exception(s) with --threads>1	2011-05-10 12:32:07 +00:00
Miroslav Stampar	ec4d9178f8	minor update related to the previous commit	2011-05-08 06:28:58 +00:00
Miroslav Stampar	4d6e7c738c	minor update	2011-05-08 06:17:43 +00:00
Bernardo Damele	9955483052	Major improvement for --dump. ... Minor improvement for --dump-all. Minor bug fix for infinite loop	2011-05-08 02:08:18 +00:00
Bernardo Damele	8179fd63c0	Minor fix	2011-05-07 23:48:03 +00:00