Miroslav Stampar
|
93cb75ff65
|
added Nginx
|
2011-01-02 08:50:27 +00:00 |
|
Miroslav Stampar
|
5c6c870db4
|
removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode
|
2011-01-02 08:43:38 +00:00 |
|
Miroslav Stampar
|
6651ba05eb
|
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done)
|
2011-01-02 08:08:38 +00:00 |
|
Miroslav Stampar
|
e28b9f26fc
|
minor fix
|
2011-01-02 08:01:01 +00:00 |
|
Miroslav Stampar
|
da138c46c1
|
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
|
2011-01-02 07:37:47 +00:00 |
|
Miroslav Stampar
|
ec4440108b
|
minor cosmetics
|
2011-01-02 07:09:04 +00:00 |
|
Miroslav Stampar
|
428e817a32
|
some refactoring
|
2011-01-01 23:57:27 +00:00 |
|
Miroslav Stampar
|
212035e64d
|
user can now choose if he wants to skip non-heuristic based DBMS tests
|
2011-01-01 23:38:11 +00:00 |
|
Miroslav Stampar
|
ded9798e3d
|
minor bug fix
|
2011-01-01 23:07:50 +00:00 |
|
Miroslav Stampar
|
8a93cfd975
|
minor update
|
2011-01-01 22:43:15 +00:00 |
|
Miroslav Stampar
|
52e44df86c
|
minor update
|
2011-01-01 21:11:29 +00:00 |
|
Miroslav Stampar
|
942cbafba6
|
minor update
|
2011-01-01 20:19:55 +00:00 |
|
Miroslav Stampar
|
26b06bfcfb
|
update (http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html)
|
2011-01-01 19:38:51 +00:00 |
|
Miroslav Stampar
|
e4fd8b3f0c
|
(e) finally works as it should
|
2011-01-01 19:22:44 +00:00 |
|
Miroslav Stampar
|
0e815177c8
|
minor update
|
2011-01-01 19:07:40 +00:00 |
|
Miroslav Stampar
|
ef27fd5ea1
|
there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html)
|
2011-01-01 15:20:29 +00:00 |
|
Miroslav Stampar
|
7ea3d060f6
|
some fixes/updates here and there
|
2011-01-01 12:41:51 +00:00 |
|
Miroslav Stampar
|
15e6911fd8
|
fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')
|
2011-01-01 12:23:02 +00:00 |
|
Miroslav Stampar
|
91f665aaaa
|
bug fix for Ctrl+C
|
2010-12-31 15:00:19 +00:00 |
|
Miroslav Stampar
|
076560f59f
|
bug fix
|
2010-12-31 12:58:27 +00:00 |
|
Miroslav Stampar
|
5db8ebbfa9
|
update of mysql comment versions
|
2010-12-31 12:42:12 +00:00 |
|
Miroslav Stampar
|
40e3489099
|
minor update
|
2010-12-31 12:27:57 +00:00 |
|
Miroslav Stampar
|
ce19b0c431
|
optimization of comment checking in MySQL
|
2010-12-31 12:21:02 +00:00 |
|
Miroslav Stampar
|
281d124fa6
|
minor bug fix
|
2010-12-31 12:04:39 +00:00 |
|
Miroslav Stampar
|
42e7b1b3a7
|
bug fix
|
2010-12-30 22:40:37 +00:00 |
|
Miroslav Stampar
|
20e3a6d72f
|
fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html)
|
2010-12-30 21:53:34 +00:00 |
|
Miroslav Stampar
|
7f4acaf6f9
|
now comment injection fingerprint works with all techniques
|
2010-12-30 21:24:26 +00:00 |
|
Miroslav Stampar
|
6f17e84e19
|
minor fix
|
2010-12-30 08:29:20 +00:00 |
|
Miroslav Stampar
|
c3065f6ecc
|
minor fix
|
2010-12-29 20:38:56 +00:00 |
|
Miroslav Stampar
|
2476c1516d
|
minor fix
|
2010-12-29 20:26:36 +00:00 |
|
Miroslav Stampar
|
613242e298
|
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved)
|
2010-12-29 19:48:19 +00:00 |
|
Miroslav Stampar
|
8f32c740ff
|
code refactoring
|
2010-12-29 19:39:32 +00:00 |
|
Miroslav Stampar
|
6700cabc36
|
minor optimization
|
2010-12-29 19:01:29 +00:00 |
|
Miroslav Stampar
|
d1f5c1d7b7
|
now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering
|
2010-12-29 15:10:42 +00:00 |
|
Miroslav Stampar
|
79e97824ef
|
adding user names to the attack dictionary
|
2010-12-29 00:37:53 +00:00 |
|
Miroslav Stampar
|
93838fb155
|
"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)
|
2010-12-28 14:40:34 +00:00 |
|
Miroslav Stampar
|
96c3ffd3d7
|
changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload
|
2010-12-27 19:02:13 +00:00 |
|
Miroslav Stampar
|
c0423761e8
|
minor update
|
2010-12-27 18:27:42 +00:00 |
|
Miroslav Stampar
|
a77b186aca
|
minor fix
|
2010-12-27 16:55:27 +00:00 |
|
Miroslav Stampar
|
5015f04826
|
minor update
|
2010-12-27 16:36:05 +00:00 |
|
Miroslav Stampar
|
c8f8dbf0a7
|
minor update
|
2010-12-27 15:39:27 +00:00 |
|
Miroslav Stampar
|
9c1676bdfa
|
minor cosmetics
|
2010-12-27 14:44:00 +00:00 |
|
Miroslav Stampar
|
9fb0e0fc85
|
resume of brute forced data is now available
|
2010-12-27 14:17:20 +00:00 |
|
Miroslav Stampar
|
c7a160bf72
|
minor update (users want this to see)
|
2010-12-27 12:00:54 +00:00 |
|
Miroslav Stampar
|
3d23f226ae
|
minor update
|
2010-12-27 11:47:50 +00:00 |
|
Miroslav Stampar
|
68462466f2
|
minor fix for a bug reported by shaohua pan (argument of type 'NoneType' is not iterable)
|
2010-12-27 11:36:36 +00:00 |
|
Miroslav Stampar
|
51a492e17d
|
pretty important commit (now dumped tables are prone to dictionary attack)
|
2010-12-27 10:56:28 +00:00 |
|
Miroslav Stampar
|
c8d5a6b980
|
update
|
2010-12-27 00:41:16 +00:00 |
|
Miroslav Stampar
|
269d6bde24
|
this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion)
|
2010-12-27 00:14:29 +00:00 |
|
Miroslav Stampar
|
89c2640d23
|
basic --search now works with MS Access
|
2010-12-26 23:50:16 +00:00 |
|