Miroslav Stampar
|
493b9adf8e
|
speed up of resume values (compiled regexes used)
|
2011-04-22 19:27:41 +00:00 |
|
Miroslav Stampar
|
7b3b9e6a87
|
it seems that this was indeed not meant to be here
|
2011-04-22 15:07:09 +00:00 |
|
Miroslav Stampar
|
304500a2e8
|
implemented checkFalsePositives method (simple Turing like tests)
|
2011-04-22 12:24:16 +00:00 |
|
Bernardo Damele
|
7df954dd9f
|
paranoy
|
2011-04-21 23:41:25 +00:00 |
|
Miroslav Stampar
|
0764c4c752
|
parenthesis were missing; banning OR NOT from payloads
|
2011-04-21 23:32:53 +00:00 |
|
Miroslav Stampar
|
41924a6ead
|
fix for a bug reported by saccurso@skygear.com.ar (UnicodeDecodeError: 'ascii' codec can't decode byte 0xe9 in position 0: ordinal
not in range(128))
|
2011-04-21 23:17:16 +00:00 |
|
Bernardo Damele
|
1d61611145
|
leftover
|
2011-04-21 22:46:43 +00:00 |
|
Bernardo Damele
|
f3088079c0
|
error message adjustment
|
2011-04-21 22:31:02 +00:00 |
|
Bernardo Damele
|
eabb5a2ba7
|
More adjustments to the error message when no sql injections are detected
|
2011-04-21 22:04:20 +00:00 |
|
Bernardo Damele
|
6d07dddf60
|
updated doc and minor layout adjustments
|
2011-04-21 21:53:35 +00:00 |
|
Bernardo Damele
|
06a00fe85e
|
For development version, print also the revision number in the banner
|
2011-04-21 21:34:57 +00:00 |
|
Bernardo Damele
|
770b1523ff
|
More verbose output when no SQL injections are detected
|
2011-04-21 21:31:16 +00:00 |
|
Bernardo Damele
|
edc2d75702
|
Cosmetics and major bug fix
|
2011-04-21 21:15:23 +00:00 |
|
Bernardo Damele
|
870f773d70
|
In some old versions of MySQL (perhaps others DBMS too) the NOT clause is not supported, hence we need also OR tests without NOT - tested and works like this
|
2011-04-21 20:36:50 +00:00 |
|
Bernardo Damele
|
d2f102f5a1
|
cosmetics
|
2011-04-21 20:21:37 +00:00 |
|
Miroslav Stampar
|
148fb26301
|
quick fix
|
2011-04-21 17:34:26 +00:00 |
|
Miroslav Stampar
|
e181d5412e
|
fix for a bug reported by aboynes@gmail.com (@@datadir not available on MySQL 4)
|
2011-04-21 17:33:07 +00:00 |
|
Miroslav Stampar
|
bd4fbb3251
|
fix for a bug reported by l0rda@l0rda.biz (TypeError: cannot concatenate 'str' and 'NoneType' objects)
|
2011-04-21 14:53:02 +00:00 |
|
Bernardo Damele
|
b667c50588
|
store/resume info on xp_cmd available in session file
|
2011-04-21 14:25:04 +00:00 |
|
Miroslav Stampar
|
930872cf3b
|
fix
|
2011-04-21 14:20:09 +00:00 |
|
Bernardo Damele
|
a313df4d37
|
Allow user to force temporary folder with --tmp-path even if it has been saved one in the session file
|
2011-04-21 14:05:37 +00:00 |
|
Bernardo Damele
|
fbe5ba5394
|
cosmetics
|
2011-04-21 10:54:12 +00:00 |
|
Miroslav Stampar
|
e1a8d268d8
|
fix for UPX linux/macos
|
2011-04-21 10:52:34 +00:00 |
|
Bernardo Damele
|
8d8fc2bbd8
|
cosmetics
|
2011-04-21 10:17:41 +00:00 |
|
Bernardo Damele
|
11ecd16099
|
cosmetics
|
2011-04-21 10:08:38 +00:00 |
|
Miroslav Stampar
|
9ccf720c05
|
removing funny remark
|
2011-04-21 10:06:13 +00:00 |
|
Bernardo Damele
|
a91e6a8440
|
layout
|
2011-04-21 10:03:18 +00:00 |
|
Miroslav Stampar
|
cbfe743bad
|
added a comment
|
2011-04-21 10:01:58 +00:00 |
|
Miroslav Stampar
|
c84c4d835f
|
minor update
|
2011-04-21 09:31:35 +00:00 |
|
Bernardo Damele
|
8e2e06a7a3
|
layout adjustment
|
2011-04-21 09:25:42 +00:00 |
|
Miroslav Stampar
|
5052013ffa
|
minor update
|
2011-04-20 14:48:23 +00:00 |
|
Miroslav Stampar
|
f909ecb369
|
bug fix for mssqlserver escape
|
2011-04-20 13:41:01 +00:00 |
|
Miroslav Stampar
|
e4d3190f41
|
reverting back to NVARCHAR because of error technique
|
2011-04-20 12:59:23 +00:00 |
|
Miroslav Stampar
|
3607f03a9e
|
fix of a minor typo
|
2011-04-20 12:42:35 +00:00 |
|
Miroslav Stampar
|
1286cc0913
|
now showing trimmed output in for of warning message (UNION and ERROR techniques affected)
|
2011-04-20 12:41:58 +00:00 |
|
Miroslav Stampar
|
7993f3f12d
|
way better for storing bulk of data (like BLOB on mysql)
|
2011-04-20 11:44:52 +00:00 |
|
Miroslav Stampar
|
04653684cd
|
revert
|
2011-04-20 10:34:34 +00:00 |
|
Miroslav Stampar
|
4fadcf0615
|
improvement for UNION/ERROR case
|
2011-04-20 10:17:42 +00:00 |
|
Miroslav Stampar
|
1c1c20fb64
|
minor update
|
2011-04-20 09:34:00 +00:00 |
|
Miroslav Stampar
|
4b6c524d4c
|
one more minor update regarding last commit
|
2011-04-20 09:26:03 +00:00 |
|
Miroslav Stampar
|
44926757da
|
minor update
|
2011-04-20 09:23:08 +00:00 |
|
Miroslav Stampar
|
52c98afe93
|
minor fix
|
2011-04-20 08:38:46 +00:00 |
|
Miroslav Stampar
|
24435a2c20
|
implemented "break a tie" request by Andres Riancho
|
2011-04-20 08:35:47 +00:00 |
|
Miroslav Stampar
|
df0331fe9b
|
some more refactoring
|
2011-04-19 23:04:10 +00:00 |
|
Miroslav Stampar
|
3b133303bf
|
refactoring
|
2011-04-19 22:54:13 +00:00 |
|
Miroslav Stampar
|
de2479b864
|
dealing with http://bugs.python.org/issue1602
|
2011-04-19 22:33:03 +00:00 |
|
Miroslav Stampar
|
9a9838f1e6
|
cleaning a mess with UPX and virus scanners
|
2011-04-19 21:57:04 +00:00 |
|
Miroslav Stampar
|
44bbef42f8
|
minor cosmetics
|
2011-04-19 20:23:08 +00:00 |
|
Miroslav Stampar
|
b7efa255d6
|
minor update of usage string
|
2011-04-19 20:14:56 +00:00 |
|
Miroslav Stampar
|
fc90974940
|
revert of last commit because of the situation in detection phase where payload is made at the starting point (can't change conf.timeSec in that phase)
|
2011-04-19 14:50:09 +00:00 |
|