Commit Graph

1607 Commits

Author SHA1 Message Date
Miroslav Stampar
ccda26a567 Minor commit regarding #739 2018-06-19 16:23:17 +02:00
Miroslav Stampar
0265b3fcfa Second commit regarding #739 2018-06-19 16:11:49 +02:00
Miroslav Stampar
c268663bd9 Minor code style updates 2018-06-09 23:38:00 +02:00
Miroslav Stampar
b93284530e Patch related to the #3139 2018-06-08 15:13:50 +02:00
Miroslav Stampar
eb498e6c03 Fixes #2819 2018-05-29 14:54:43 +02:00
Miroslav Stampar
42042fb5de Removing encoding report part (enough time has been passed to collect major problems) 2018-05-24 10:41:20 +02:00
Miroslav Stampar
d8196cf7e6 Fixes #3110 2018-05-21 23:17:32 +02:00
Miroslav Stampar
331ccc5549 Fixes #3100 2018-05-17 23:07:52 +02:00
Miroslav Stampar
4a8f01c9dc Minor updates 2018-05-08 14:06:34 +02:00
Miroslav Stampar
2a810fb796 Trivial modifications (thou shalt not judge people by trivial commits) 2018-05-03 14:10:55 +02:00
Miroslav Stampar
3fde205cd4 Generic patch for #2886 (cause still unknown) 2018-04-24 19:45:53 +02:00
Miroslav Stampar
1822cc05f6 Patch for #3060 2018-04-22 01:12:56 +02:00
Miroslav Stampar
148d1c9ff9 Fixes #3037 2018-04-11 15:19:44 +02:00
Miroslav Stampar
a8cb14ed4a Minor patch (disable tamper script usage in WAF/IDS/IPS check phase) 2018-04-11 14:48:54 +02:00
Miroslav Stampar
4f2669a45a Fixes #3030 2018-04-06 01:13:04 +02:00
Miroslav Stampar
641838ed73 Minor update 2018-04-06 01:06:58 +02:00
Miroslav Stampar
4147f44e63 Potential patch for Issues like #3013 and #3017 2018-04-01 12:45:47 +02:00
Miroslav Stampar
241f7321de Proper patch related to the #3009 2018-03-26 15:39:48 +02:00
Miroslav Stampar
f287ff3767 Trivial comment update 2018-03-21 14:29:54 +01:00
Miroslav Stampar
e088fe08ec Update related to the #2995 2018-03-19 00:33:30 +01:00
Miroslav Stampar
6875c40a06 Minor update of permission problems detection 2018-03-16 14:20:43 +01:00
Miroslav Stampar
fa4c1c5251 Some more PEPing (I hope that I haven't broke anything) 2018-03-13 13:45:42 +01:00
Miroslav Stampar
ae2b02952f Dealing with deprecated raises 2018-03-13 11:13:38 +01:00
Miroslav Stampar
11b52c85e1 Patch of bug introduced with 76905e8728 2018-03-11 02:46:37 +01:00
Miroslav Stampar
881b49afd2 Fixes #2969 2018-03-08 01:21:34 +01:00
Miroslav Stampar
76905e8728 Patch related to the #2953 2018-03-05 10:53:24 +01:00
Miroslav Stampar
34d2fb1c8f Fixes #2957 2018-03-03 00:01:26 +01:00
Miroslav Stampar
a16663f9a1 Minor refactoring 2018-02-07 16:05:41 +01:00
Miroslav Stampar
a59198d1e4 Minor just in case patch (to prevent junk reports) 2018-01-15 09:48:07 +01:00
Miroslav Stampar
8a122401aa Update of copyright years 2018-01-02 00:48:10 +01:00
Miroslav Stampar
764d114b3c Fixes #2858 2018-01-02 00:42:20 +01:00
Miroslav Stampar
6e9fe27fa0 Minor patch related to the #2856 2017-12-30 16:35:45 +01:00
Miroslav Stampar
009f13742e Dirty patch for safe-encoded unicode characters 2017-12-27 12:23:35 +01:00
Miroslav Stampar
acd764fee8 Fixes #2828 2017-12-13 10:46:46 +01:00
Miroslav Stampar
8cef17b583 Minor just in case patch (error set in case of --string) 2017-12-12 11:18:17 +01:00
Miroslav Stampar
638dbf255a Fixes #2818 2017-12-06 13:42:15 +01:00
Miroslav Stampar
220dffbcfa Couple of wording updates 2017-12-04 13:59:35 +01:00
Miroslav Stampar
d7677f322d Fixes #2793 2017-11-22 13:07:04 +01:00
Miroslav Stampar
ec83837342 Fixes #2786 2017-11-19 02:51:29 +01:00
Miroslav Stampar
323f1285b6 Fixes #2774 2017-11-13 14:07:12 +01:00
Miroslav Stampar
d148694a4b Minor refactoring 2017-11-09 12:24:58 +01:00
Miroslav Stampar
58b87e4b6b Some more refactoring 2017-11-08 15:58:23 +01:00
Miroslav Stampar
66d37112d1 If it works, don't touch. I touched 2017-10-31 11:38:09 +01:00
Miroslav Stampar
22907d5085 Some more trivial refactoring 2017-10-31 11:05:25 +01:00
Miroslav Stampar
496075ef20 Trivial refactoring 2017-10-31 10:10:22 +01:00
Miroslav Stampar
4e611133c6 Fixes #2747 2017-10-17 16:34:09 +02:00
Miroslav Stampar
8c6b761044 Replacing doc/COPYING to LICENSE 2017-10-11 14:50:46 +02:00
Miroslav Stampar
94a337b2e3 Implementation for an Issue #1306 2017-10-10 16:08:13 +02:00
Miroslav Stampar
db94d24db1 Initial support for #2709 (more work to be done) 2017-09-21 14:35:24 +02:00
Miroslav Stampar
f67f26cebd Minor update 2017-09-11 10:00:35 +02:00
Miroslav Stampar
3e4130c5e6 Update for #2665 2017-08-28 11:08:36 +02:00
Miroslav Stampar
400339a884 Fixes #2665 2017-08-23 13:52:51 +02:00
Miroslav Stampar
8b0c50f25d Update related to the #2663 2017-08-23 13:17:37 +02:00
Miroslav Stampar
b8f88a079a Fixes #2659 2017-08-20 10:00:04 +02:00
Miroslav Stampar
a761e1d165 Fixes #2656 2017-08-16 03:08:58 +02:00
Miroslav Stampar
68ee1f361b Fixes #2640 2017-07-31 14:20:59 +02:00
Miroslav Stampar
23081f83db Fixes #2626 2017-07-28 00:16:06 +02:00
Miroslav Stampar
1745bac0ab Fixes #2625 2017-07-26 00:54:29 +02:00
Miroslav Stampar
36f3fd72e6 Update for an Issue #2616 2017-07-20 02:41:47 +02:00
Miroslav Stampar
4a4fa07bdd Minor update 2017-07-05 12:35:48 +02:00
Miroslav Stampar
a4ebd5418f Patch for an Issue reported privately via email 2017-07-05 12:15:14 +02:00
Miroslav Stampar
614f290217 Update for #2597 2017-07-04 12:14:17 +02:00
Miroslav Stampar
ce48217ada Minor update 2017-07-01 23:46:28 +02:00
Miroslav Stampar
0961f6a5e9 Fixes #2592 2017-06-23 23:46:25 +02:00
Miroslav Stampar
71457fea0e Fixes #2585 2017-06-18 13:19:11 +02:00
Miroslav Stampar
e0401104f2 Minor update 2017-06-07 12:55:14 +02:00
Miroslav Stampar
996ad59126 Minor patch 2017-06-05 16:28:19 +02:00
Miroslav Stampar
6d48df2454 Fixes #2562 2017-06-05 10:38:05 +02:00
Miroslav Stampar
6dd9d5b2dd Fixes #2547 2017-05-26 14:34:32 +02:00
Miroslav Stampar
0864387885 Minor update 2017-05-26 14:25:22 +02:00
Miroslav Stampar
359bfb2704 Minor adjustment 2017-05-26 14:14:35 +02:00
Miroslav Stampar
071132cd56 Fixes #2543 2017-05-21 22:52:44 +02:00
Miroslav Stampar
4ce08dcfa3 Patch for an Issue #2536 2017-05-17 00:22:18 +02:00
Miroslav Stampar
addb2445b7 Minor patch 2017-05-15 00:34:13 +02:00
Miroslav Stampar
d3a08a2d22 Implementation for an Issue #2505 2017-05-07 23:12:42 +02:00
Miroslav Stampar
ee5b5cdcbc Fixes #2514 2017-05-04 15:50:34 +02:00
Miroslav Stampar
f3f2c81cec Minor patch (UTF8 used for HTTP params) 2017-05-04 15:45:15 +02:00
Miroslav Stampar
fc8eede952 Minor cleanup and one bug fix 2017-04-19 14:46:27 +02:00
Miroslav Stampar
5f2bb88037 Some code refactoring 2017-04-18 15:48:05 +02:00
Miroslav Stampar
a702dafd03 Fixes #2481 2017-04-14 12:47:24 +02:00
Miroslav Stampar
c1c7ea33fe Minor update 2017-03-30 12:05:05 +02:00
Miroslav Stampar
aebae6e27b Added (heuristic) support for #1679 2017-03-30 10:16:35 +02:00
Miroslav Stampar
f82c0497fa Fixes #2447 2017-03-27 22:36:04 +02:00
Miroslav Stampar
4aae5d9a9d Fixes #2444 2017-03-19 21:34:47 +01:00
Miroslav Stampar
5dba32b2e1 Fixes #2431 2017-03-12 09:52:37 +01:00
Miroslav Stampar
b18444f215 Issue #2417 (most probably -> most likely) 2017-02-27 22:14:52 +01:00
Miroslav Stampar
7ea524800a Taking couple of suggestions from #2417 2017-02-27 22:03:15 +01:00
Brie Carranza
1475ba441c Correct typo in basic.py 2017-02-26 09:05:36 -05:00
Miroslav Stampar
2ed144ec85 Patch for wrong encoding reported privately via email 2017-02-16 15:52:07 +01:00
Miroslav Stampar
a35d1e5373 Minor patch related to the email from ML 2017-02-14 13:14:35 +01:00
Miroslav Stampar
f5cf22a536 Update for an Issue #2377 2017-02-06 13:57:33 +01:00
Miroslav Stampar
38f16decef Update for an Issue #2384 2017-02-06 13:28:33 +01:00
Miroslav Stampar
15f86e85b1 Minor update for #2379 2017-02-06 12:03:18 +01:00
Miroslav Stampar
5217efc69b Fixes #2379 2017-02-06 12:01:46 +01:00
Miroslav Stampar
138aa6db65 Patch for an Issue #2351 2017-01-16 15:23:38 +01:00
Miroslav Stampar
121f0376ea Implementation for #2351 2017-01-16 14:29:23 +01:00
Miroslav Stampar
750d57ec96 Fixed bug reported privately via email 2017-01-13 14:41:41 +01:00
Miroslav Stampar
9a86365d92 Fixes #2333 2017-01-08 01:21:31 +01:00
Miroslav Stampar
55272f7a3b New version preparation 2017-01-02 14:19:18 +01:00
Miroslav Stampar
17c556a63d Minor patches (and one bug from ML) 2016-12-20 09:53:44 +01:00
Miroslav Stampar
edc6f47758 Some refactoring 2016-12-19 23:47:39 +01:00
Miroslav Stampar
f6815df5c3 Fixes #2302 2016-12-09 23:10:14 +01:00
Miroslav Stampar
2a754eef1c Adding switch --ignore-redirects (Issue #2286) 2016-11-25 13:32:28 +01:00
Miroslav Stampar
6da2e49100 Fixes #2261 2016-11-04 15:04:38 +01:00
Miroslav Stampar
d2bbe80455 Fixes #2243 2016-10-22 22:07:29 +02:00
Miroslav Stampar
0398cbdc76 Minor refactoring 2016-10-22 21:52:18 +02:00
Roberto Salgado
a6cbbc5ea9 Support for timeout param when using Websockets
A fix for the timeout parameter being ignored when using Web-sockets.
2016-10-20 12:13:39 -07:00
Miroslav Stampar
5c80e988ba Fixes #2238 2016-10-20 00:47:53 +02:00
Miroslav Stampar
10ffcb8b00 Fixes #2237 2016-10-20 00:19:16 +02:00
Miroslav Stampar
5b14eecd25 Bug fix (reconnecting in case of timeouted direct connection) 2016-10-17 22:55:07 +02:00
Miroslav Stampar
91ad71b1e0 Minor cosmetics 2016-10-17 12:36:42 +02:00
Miroslav Stampar
748e94dcee Minor update for #2224 2016-10-13 23:25:46 +02:00
Miroslav Stampar
f389bd71c0 Implementation for an Issue #2224 2016-10-13 23:17:54 +02:00
Miroslav Stampar
79377fedab Minor update 2016-10-13 23:06:04 +02:00
Miroslav Stampar
6130185ac6 Minor consistency update with the wiki 2016-10-11 00:35:39 +02:00
Miroslav Stampar
dc8301689e Implementation for an Issue #2204 2016-10-02 11:13:40 +02:00
Miroslav Stampar
7a89433251 Minor patch 2016-09-29 18:02:20 +02:00
Miroslav Stampar
571ae174bd Minor language update 2016-09-29 14:55:43 +02:00
Miroslav Stampar
212c1ec1f2 Couple of fixes and some testing stuff 2016-09-27 14:03:59 +02:00
Miroslav Stampar
09617c8243 Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973 2016-09-27 10:20:36 +02:00
Miroslav Stampar
035137ef4e Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used) 2016-09-23 17:38:14 +02:00
Miroslav Stampar
9930f1b55b Speed optimization(s) 2016-09-09 11:06:38 +02:00
Miroslav Stampar
78e398d9c4 Fixes #2136 2016-09-06 15:03:17 +02:00
Miroslav Stampar
577e346774 Fixes #2144 2016-09-02 14:20:17 +02:00
Miroslav Stampar
ad5b8017f5 Minor refactoring 2016-08-26 12:28:35 +02:00
Miroslav Stampar
ef79bbf7d2 Minor patch 2016-08-02 12:38:57 +02:00
Miroslav Stampar
10eafa35fd Adding CloudFlare CAPTCHA warning 2016-07-23 23:02:15 +02:00
Miroslav Stampar
e21d751834 Fixes #2049 2016-07-20 20:04:44 +02:00
Miroslav Stampar
cb43c03712 Definite patch for MemoryError(s) (fixes #1991) 2016-06-30 14:57:56 +02:00
Miroslav Stampar
6bdef1b7da Minor update 2016-06-26 01:46:49 +02:00
Miroslav Stampar
9d9592a69b Fixes #1963 2016-06-17 16:51:23 +02:00
Miroslav Stampar
cb42294a7e Minor message update 2016-06-15 07:57:10 +02:00
Miroslav Stampar
146762c109 Minor update 2016-06-15 07:54:47 +02:00
Miroslav Stampar
494b9d1586 Fixes #1943 2016-06-13 15:30:38 +02:00
Miroslav Stampar
c6eec8db97 Fixes #1938 2016-06-10 17:52:22 +02:00
Miroslav Stampar
350baf0a0a Minor update 2016-06-03 14:29:32 +02:00
Miroslav Stampar
8114c14755 Removing leftover 2016-06-01 16:32:22 +02:00
Miroslav Stampar
ec8cf6aadc Adding support for detecting CAPTCHA 2016-06-01 15:48:04 +02:00
Miroslav Stampar
77f0b5dfa8 Fixes #1919 2016-06-01 10:56:42 +02:00
Miroslav Stampar
b0ea74dc63 Minor warning message update 2016-06-01 10:53:32 +02:00
Miroslav Stampar
9fad72f28b Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion) 2016-05-31 11:08:23 +02:00
Miroslav Stampar
1782bf8e64 Adding support for parsing ODBC/JDBC error messages 2016-05-31 10:49:34 +02:00
Miroslav Stampar
2fa4b22645 Patch for URL encoding cookie values (asking the user to choose) 2016-05-30 17:47:08 +02:00
Miroslav Stampar
935cb9c8cb Patch for a custom header cookie urlencoding 2016-05-30 14:09:53 +02:00
Miroslav Stampar
b6a4bd91fe Minor text update 2016-05-30 10:51:35 +02:00
Miroslav Stampar
6327063bd0 Minor patch 2016-05-27 16:43:01 +02:00
Miroslav Stampar
154ed2c4e2 Minor patch 2016-05-27 13:33:14 +02:00
Miroslav Stampar
831c960216 Update for an Issue #1899 2016-05-26 16:47:38 +02:00
Miroslav Stampar
43af2a4aee Fixes #1899 2016-05-26 16:08:59 +02:00
Miroslav Stampar
72f3185ae7 Fixes #1878 2016-05-17 10:47:17 +02:00
Miroslav Stampar
e3f54bc226 Minor patch for #1874 2016-05-16 16:53:28 +02:00
Miroslav Stampar
6928dae956 Minor patch 2016-05-02 10:45:50 +02:00
Miroslav Stampar
814d710320 Minor speed up 2016-04-08 14:41:34 +02:00
Miroslav Stampar
44c1c2c6f0 Minor update (reported via email) 2016-04-06 11:43:53 +02:00
Miroslav Stampar
06296bd251 Fixes #1743 2016-03-06 20:04:45 +01:00
Miroslav Stampar
679f0cf772 Fixes #1738 2016-03-01 15:36:00 +01:00
Miroslav Stampar
cedfdc78f4 Adding escapequotes.py (utility tamper script) 2016-02-05 12:00:57 +01:00
Miroslav Stampar
b07685a386 Added checking of localhost for another DNS service on *:53 2016-02-03 11:55:13 +01:00
Miroslav Stampar
8b90d146f6 Update of file attributes 2016-01-14 18:02:15 +01:00
Miroslav Stampar
a0b67418c7 Just in case update 2016-01-11 00:34:03 +01:00
Miroslav Stampar
2280cd191a Fixes #1654 2016-01-10 23:15:43 +01:00
Miroslav Stampar
5908964db4 Another (better) patch for #1636 2016-01-09 17:32:19 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
24d95ab6b3 Fixes #1624 2015-12-24 10:34:42 +01:00
Miroslav Stampar
ae7481081e Patch for an Issue reported via email 2015-12-19 23:45:10 +01:00
Miroslav Stampar
e4ed1c058b Minor error message improvement (SSL issues) 2015-12-18 17:15:59 +01:00
Miroslav Stampar
d7d786d3b5 Fixes #1607 2015-12-15 11:29:37 +01:00
Miroslav Stampar
273679f542 Adding new charset replacement (reported via email) 2015-12-10 13:23:50 +01:00
Miroslav Stampar
b5b3411f16 Fixes #1574 2015-12-06 23:49:22 +01:00
Miroslav Stampar
6397704456 Patch for an Issue #1578 2015-12-03 01:43:37 +01:00
Miroslav Stampar
c7ec1534a6 Patch related to #1256 2015-11-25 13:04:34 +01:00
Miroslav Stampar
4d576928a7 Fixes #1554 2015-11-22 16:05:48 +01:00
Miroslav Stampar
bc215d1b19 I believe that this was a wrong decision. Patching 2015-11-09 14:11:08 +01:00
Miroslav Stampar
17350fb4ec Proper fix for #1146 (/ has been escaped with \/ in output) 2015-11-09 14:05:53 +01:00
Miroslav Stampar
42649005c2 Lots of fixes and refactoring in search department 2015-11-08 16:37:46 +01:00
Miroslav Stampar
c31e23e514 Patch for an Issue #1516 2015-11-06 11:19:55 +01:00
Miroslav Stampar
6adb6eabec Fixes #1517 2015-11-03 14:53:41 +01:00
Miroslav Stampar
064c2a71ed Fixes #1510 2015-11-01 22:56:26 +01:00
Miroslav Stampar
0b64cf803c Fixes #1496 2015-10-29 16:52:17 +01:00
Miroslav Stampar
8fbac5a99e Patch for --proxy-file 2015-10-25 15:58:43 +01:00
Miroslav Stampar
5fb8ae9d3c Fixes #1479 2015-10-22 19:59:16 +02:00
Miroslav Stampar
90ad914c1e Patch related to the #1477 2015-10-22 14:58:06 +02:00
Miroslav Stampar
8aada250f3 Fixes #1471 2015-10-19 11:08:58 +02:00
Miroslav Stampar
3dc8820caa Fixes #1474 2015-10-19 10:38:38 +02:00
Miroslav Stampar
956047b43f Patch for an Issue #1468 2015-10-15 13:07:43 +02:00
Miroslav Stampar
e3ae026077 Fixes #1467 2015-10-14 15:19:44 +02:00
Miroslav Stampar
c4df6f3a22 Fixes #1465 2015-10-13 13:31:28 +02:00
Miroslav Stampar
b9a44555ff Fixes #1462 2015-10-11 15:20:10 +02:00
Miroslav Stampar
eb7c18d1f8 Fixes #1452 2015-10-07 09:25:14 +02:00
Miroslav Stampar
a1a7161fab Fixes #1441 2015-09-30 10:13:19 +02:00
Miroslav Stampar
1fd6b007ab Less critical messages when something goes wrong with connection 2015-09-27 16:36:20 +02:00
Miroslav Stampar
ef22f31fdf Fixes #1433 2015-09-27 16:17:58 +02:00
Miroslav Stampar
5ed106ecea Patch for an Issue #1434 2015-09-27 15:59:17 +02:00
Miroslav Stampar
38541b021a Implementing hidden switch '--force-threads' on request (to force multi-threading in time-based SQLi) 2015-09-26 00:09:17 +02:00
Miroslav Stampar
27707be467 Fixes #1416 2015-09-17 17:09:36 +02:00
Miroslav Stampar
65a8f0fe32 Minor enhancement 2015-09-17 15:25:40 +02:00
Miroslav Stampar
5de1825d0c Fixes #1412 2015-09-15 10:48:23 +02:00
Miroslav Stampar
f89ce2173f Fixes #1404 2015-09-12 15:13:30 +02:00
Miroslav Stampar
f494004f44 Switching to the getSafeExString (where it can be used) 2015-09-10 15:51:33 +02:00
Miroslav Stampar
c1f829d131 Removing last remnants of bad handling the exceptions as strings 2015-09-08 11:15:31 +02:00
Miroslav Stampar
6a01d2e430 Fixes #1366 2015-08-30 02:13:07 +02:00
Miroslav Stampar
1f5e6606a7 Fixes #1357 2015-08-25 02:03:56 +02:00
Miroslav Stampar
54d65328bc Patch for negative logic (e.g. OR) cases (reported privately) 2015-08-18 03:09:01 +02:00
Miroslav Stampar
310d79b8f1 Adding special variable 'lastPage' to the eval code (by request from ML) 2015-08-14 23:29:31 +02:00
Miroslav Stampar
e5863d8b89 Minor patch 2015-08-12 21:43:13 +02:00
Miroslav Stampar
b0bc3149f9 Fixes #1315 2015-07-26 16:18:41 +02:00
Miroslav Stampar
314df093f1 Fixes #1314 2015-07-26 16:06:01 +02:00
Miroslav Stampar
21e8182ac6 Fixes #1305 2015-07-18 17:01:34 +02:00
Miroslav Stampar
16f8e4c8ba Removing unused imports 2015-07-12 12:25:02 +02:00
Miroslav Stampar
10f8c6a0b6 Introducing --offline switch (to perform session only lookups) 2015-07-10 16:10:24 +02:00
Miroslav Stampar
e4b23c9beb Minor fix regarding POST redirects (ML) 2015-06-16 12:00:56 +02:00
Miroslav Stampar
04c1d439a7 Minor patch for #1260 2015-06-05 17:18:21 +02:00
Miroslav Stampar
8d7e915af7 Minor patch for #1260 2015-06-05 17:02:56 +02:00
Miroslav Stampar
ec87d8ebda Adding a support for SNI (Issue #1256) 2015-06-01 10:45:16 +02:00
Miroslav Stampar
341d2a6028 Minor fix for (hidden) switch '--dummy' 2015-05-29 17:30:02 +02:00
Miroslav Stampar
e8f87bfa41 Minor patches related to the #1206 2015-05-11 11:01:21 +02:00
Miroslav Stampar
91bc02e3ba Fixes related to the #1206 2015-05-11 10:56:10 +02:00
Miroslav Stampar
9010e157e9 Conflict fix 2015-05-11 10:11:33 +02:00
Miroslav Stampar
5b8df7984c Minor update (for Windows-31j charset) 2015-05-09 14:32:55 +02:00
Miroslav Stampar
bb98894dc1 Adding option --safe-req 2015-04-22 16:28:54 +02:00
Miroslav Stampar
c5138d4696 Minor refactoring 2015-04-21 00:02:47 +02:00
Miroslav Stampar
349dfbf2ae Adding an option --safe-post 2015-04-20 23:55:59 +02:00
Miroslav Stampar
99c1cc9937 Fixes #1208 2015-03-26 17:17:46 +01:00
Miroslav Stampar
fc0186e029 Minor update 2015-03-26 12:39:44 +01:00
Miroslav Stampar
7587528ebd Fixes #1202 2015-03-26 11:40:19 +01:00
ricterz
bbfdb02a0e fix mandatorily depend of websocket #1198 2015-03-24 22:25:16 +08:00
ricterz
811f5c11c6 remove Host header field and add cookie support #1198 2015-03-24 18:50:57 +08:00
ricterz
9b5dcbbbb2 modified error handle #1198 2015-03-24 18:21:50 +08:00
ricterz
78dbe080d7 determine whether it's websocket when connect #1198 2015-03-24 17:19:37 +08:00
Miroslav Stampar
05a496c275 Fixes #1196 2015-03-20 00:56:52 +01:00
Christ van Willegen
80fb2e29cc Fix some spelling errors in help texts (through -> thorough) 2015-03-04 13:31:29 +01:00
Miroslav Stampar
3347fc25ca Fixes #1185 2015-03-03 15:10:06 +01:00
Miroslav Stampar
3f6c3b40dd Minor update (not overriding user given 'Accept-Encoding' header value) 2015-03-03 14:37:36 +01:00
Miroslav Stampar
dde400ab8f More suitable version of 6bcc95a (suggested by user) 2015-02-25 10:19:51 +01:00
Miroslav Stampar
6bcc95a20d Restricting evaluated code variable names to Python valid characters ([_0-9a-zA-Z]) 2015-02-24 15:05:44 +01:00
Miroslav Stampar
1636088b75 Minor update 2015-02-16 11:48:53 +01:00
Miroslav Stampar
38011743bb Patch for an Issue #1157 2015-02-04 15:01:19 +01:00
Miroslav Stampar
59f0da369d Patch for a bug reported via ML (Accept header ignored in --headers) 2015-02-02 22:07:16 +01:00
Miroslav Stampar
9e90e357cf Patch for an Issue #1146 2015-01-30 21:59:03 +01:00
Miroslav Stampar
e73ac6c8e3 Minor patch on request of an user 2015-01-17 21:47:57 +01:00
Miroslav Stampar
c2b2ccd2b5 Minor bug fix 2015-01-17 17:31:00 +01:00
Miroslav Stampar
54e9a1fb2d Minor style update 2015-01-14 16:11:55 +01:00
Miroslav Stampar
8e03f4db0f Patch for an Issue #1062 2015-01-09 15:33:53 +01:00
Miroslav Stampar
450b3c93cb Potential patch for an Issue #1093 2015-01-07 11:40:11 +01:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
c474c16b4a Removing ML email address 2015-01-06 12:30:49 +01:00
Miroslav Stampar
41c2f889b2 Fix related to the SSLv3 disabling 2014-12-30 15:44:55 +01:00
Miroslav Stampar
1e014de6be Patch for an Issue #1066 2014-12-26 22:24:28 +01:00
Miroslav Stampar
6972020faf Bug fix for login-like SQLi (OR with 500 result) 2014-12-18 15:58:19 +01:00
Miroslav Stampar
180ede0cb3 Minor patch 2014-12-15 14:07:28 +01:00
Miroslav Stampar
20c272b77d More generic patch for an Issue #994 2014-12-07 16:14:48 +01:00
Miroslav Stampar
4e7f835eae Patch for an Issue #994 2014-12-07 16:11:07 +01:00
Miroslav Stampar
d3060f20d7 Minor improvement 2014-12-03 13:22:55 +01:00
Miroslav Stampar
17db587e2c Adding some friendly warning messages (regarding blocking) 2014-12-03 10:06:21 +01:00
Miroslav Stampar
7a04595f5e Added a reference url (http charset priority) 2014-12-01 11:15:45 +01:00
Miroslav Stampar
a0d95a8ec4 Refactoring of #952 2014-11-24 12:56:39 +01:00
Miroslav Stampar
27cd9e7064 Merge pull request #952 from Rexikon/patch-1
Update httpshandler.py, AttributeError PROTOCOL_SSLv3
2014-11-24 12:52:27 +01:00
Miroslav Stampar
05f7b1f121 Patch for an Issue #970 2014-11-24 10:55:19 +01:00
Miroslav Stampar
1fc4d0e3c4 Update for an Issue #431 2014-11-21 10:31:55 +01:00
Miroslav Stampar
cf2d5fd453 Update for an Issue #431 2014-11-21 09:41:49 +01:00
Miroslav Stampar
34ce774acd Patch for an Issue #956 2014-11-21 09:41:49 +01:00
Rexikon
4da20679ee Update httpshandler.py
ssl.PROTOCOL_SSLv3 removed
affecting error: AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'
2014-11-19 16:36:30 +01:00
Miroslav Stampar
05d5342f20 Update and patch for an Issue #2 2014-11-17 11:50:05 +01:00
Miroslav Stampar
c5df45a14f Minor bug fix (skipping HTML decoding in heuristic mode) 2014-11-11 11:23:14 +01:00
Miroslav Stampar
71c43be53a Patch for an Issue #901 2014-11-05 10:03:19 +01:00
Miroslav Stampar
49d3860b1f Minor fix 2014-10-31 20:22:15 +01:00
Miroslav Stampar
df73be32f1 Fix for an Issue #876 2014-10-28 14:41:21 +01:00
Miroslav Stampar
3b3b8d4ef2 Potential bug fix (escaping formatted regular expressions) 2014-10-28 14:02:55 +01:00
Miroslav Stampar
268e774087 Minor refactoring 2014-10-28 13:44:55 +01:00
Miroslav Stampar
f89e94fb8c Minor refactoring 2014-10-28 13:42:13 +01:00
Miroslav Stampar
6448d3caf4 Implementing support for csrfcookie (Issue #2) 2014-10-24 09:37:51 +02:00
Miroslav Stampar
5e31229d48 Minor cosmetic update 2014-10-23 15:18:22 +02:00
Miroslav Stampar
abbd352392 Support for X-CSRF-TOKEN header (Issue #2) 2014-10-23 14:33:22 +02:00
Miroslav Stampar
fc1b05bec9 Implementation for an Issue #2 2014-10-23 11:23:53 +02:00
Miroslav Stampar
8dcad46805 Update basic.py 2014-10-22 23:16:46 +02:00
Miroslav Stampar
2f18df345e Minor patch 2014-10-22 13:41:36 +02:00
Miroslav Stampar
268095495e Minor patch 2014-10-22 13:32:49 +02:00
Miroslav Stampar
3ebc5faa34 Falling back to partial UNION if large dump connects out 2014-10-21 09:23:34 +02:00
Miroslav Stampar
1e636fb925 Minor patch regarding Issue #840 2014-09-28 13:38:09 +02:00
Miroslav Stampar
767c278a0f Fix for an Issue #838 2014-09-26 17:00:50 +02:00
Miroslav Stampar
bfc8ab0e35 Language update 2014-09-08 14:48:31 +02:00
Miroslav Stampar
53d0d5bf8b Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved) 2014-09-08 14:33:13 +02:00
Miroslav Stampar
bbf0be1f8d Bug fix (Issue #813) 2014-09-03 22:09:12 +02:00
Miroslav Stampar
9476359255 Bug fix 2014-08-28 12:50:39 +02:00
Miroslav Stampar
e68326c0fe expandAsteriskForColumns changes value of conf.db and conf.tbl potentially causing problems in further work 2014-08-26 22:57:08 +02:00
Miroslav Stampar
dcaad75a1e Fix for an Issue #794 2014-08-22 15:08:05 +02:00
Miroslav Stampar
d74b803306 Minor patch 2014-08-22 14:45:23 +02:00
Miroslav Stampar
58d93ffb2b Fix for falling back to partial union (excluding scalar queries) 2014-08-20 23:53:15 +02:00
Miroslav Stampar
90882f081d Language update 2014-08-20 23:47:57 +02:00
Miroslav Stampar
0296081692 Minor refactoring 2014-08-20 23:42:40 +02:00
Miroslav Stampar
b4fbb9cafe Minor upgrade 2014-08-20 13:52:48 +02:00
Miroslav Stampar
6caccc3d93 Bug fix for ultra-slow processing of binary data 2014-08-20 01:38:01 +02:00
Miroslav Stampar
3cfa63646b Minor bug fix 2014-07-19 23:17:23 +02:00
Miroslav Stampar
32af0b17b0 Update for an Issue #760 2014-07-10 08:49:20 +02:00
Miroslav Stampar
686fe4d0e9 Another patch for DNS exfiltration and boolean checks 2014-06-27 14:22:00 +02:00
Miroslav Stampar
2f8d17bcb7 Appendix to last commit 2014-06-27 13:45:40 +02:00
Miroslav Stampar
75279ea75a Fix for DNS exfiltration of boolean checks 2014-06-27 13:07:34 +02:00
Miroslav Stampar
2a88436417 Patch for an Issue #724 2014-06-16 09:51:24 +02:00
Miroslav Stampar
f558b800ac Patch for an Issue #719 2014-06-12 09:08:55 +02:00
Miroslav Stampar
c50560c3a6 Patch for an Issue #716 2014-06-10 21:57:54 +02:00
Miroslav Stampar
680ab10ca6 Patch for an Issue #703 2014-05-27 21:41:07 +02:00
Miroslav Stampar
2d5461d250 Minor fix (related to the unknown encoding reported by ML) 2014-05-22 09:03:14 +02:00
Miroslav Stampar
c181e909b5 Minor fix 2014-05-16 23:47:00 +02:00
Miroslav Stampar
2e96e3c924 Adding a hidden switch --ignore-401 2014-04-29 23:26:45 +02:00
Miroslav Stampar
2d3a74a0fe Patch for an Issue #667 2014-04-07 21:01:40 +02:00
Miroslav Stampar
bf18b025d6 Minor removal of redundant code 2014-04-06 18:09:54 +02:00
Miroslav Stampar
7cc4159316 Renaming conf.cDel to conf.cookieDel 2014-04-06 16:50:58 +02:00
Miroslav Stampar
0ae8ac707e Renaming conf.pDel to conf.paramDel 2014-04-06 16:48:46 +02:00
Miroslav Stampar
492a410bcc Minor fix 2014-04-04 16:14:53 +02:00
Miroslav Stampar
e7e8a3965a Minor fix 2014-04-03 09:00:14 +02:00
Miroslav Stampar
80d4426dbd Patch related to the Issue #661 2014-04-02 22:34:37 +02:00
Miroslav Stampar
e8c1c90f2e Whitespace was being double encoded in case of spaceplus (' '->%2B) 2014-03-25 22:02:14 +01:00
Miroslav Stampar
106102bd3c Fix for an Issue #648 2014-03-21 20:28:29 +01:00
Miroslav Stampar
be3fd8bb29 Fix for an Issue #638 2014-03-14 16:44:56 +01:00
Miroslav Stampar
f1f53a5841 Minor cosmetic update 2014-03-06 21:08:31 +01:00
Miroslav Stampar
cc62a8adc9 Bug fix for JSON-like data (proper escaping of quotes) 2014-02-26 09:30:37 +01:00
Miroslav Stampar
6369a38ebc Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00
Miroslav Stampar
fc02badf40 Minor update 2014-01-23 08:33:21 +01:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
36f3ab5798 Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True) 2014-01-09 15:46:55 +01:00
Miroslav Stampar
5437f8bf36 Fix for an Issue #85 2014-01-02 12:09:58 +01:00
Miroslav Stampar
4de83daf03 Minor style update 2014-01-02 11:06:19 +01:00
Miroslav Stampar
b0ca34ff27 Bug fix (payload character '=' was not being url-encoded in custom (user) post cases - when posthint was None) 2013-12-04 10:09:54 +01:00
Bernardo Damele
59b6791faa minor improvement 2013-11-19 00:24:47 +00:00
Miroslav Stampar
8dac47f7e5 Minor patch (for recognition of x-mac-turkish codec) 2013-10-21 20:04:48 +02:00
Miroslav Stampar
344d3f4b5f Minor patch 2013-10-12 21:05:18 +02:00
Miroslav Stampar
18d9e1dbc3 Minor update due to reported (debug) problems with SSLv23 2013-10-04 10:53:49 +02:00
Miroslav Stampar
a3defc175d Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00
Miroslav Stampar
81409ce6da Minor patch 2013-09-02 10:54:32 +02:00
Miroslav Stampar
dd39913cf6 Improvement for an --eval mechanism 2013-08-31 00:28:51 +02:00
Miroslav Stampar
3a57af1452 Minor fix 2013-08-30 15:26:03 +02:00
Miroslav Stampar
88b992ad83 Fixing a bug noticed during the yesterday's AppSecEU presentation (--headers='user-agent:foobar*' was not working properly) 2013-08-23 11:54:08 +02:00
Miroslav Stampar
23f2c5f166 Finishing implementation for an Issue #58 2013-08-20 19:35:49 +02:00
Miroslav Stampar
4929cff0c0 Minor update 2013-08-13 06:42:49 +02:00
Miroslav Stampar
b2855e0281 Minor patch 2013-08-12 14:25:51 +02:00
Miroslav Stampar
a711c9ed36 Minor cleanup and initial work for #58 2013-08-09 14:13:48 +02:00
Miroslav Stampar
32c1cb20f5 Fix for an Issue #497 2013-08-01 19:48:20 +02:00
Miroslav Stampar
953b5815d8 Implementation for an Issue #496 2013-07-31 21:15:03 +02:00
Miroslav Stampar
6b826ef64d Reintroducing option --cookie-del 2013-07-31 20:41:19 +02:00
Miroslav Stampar
ca44b23d20 Implementation for --eval to support cookies 2013-07-31 17:29:16 +02:00
Miroslav Stampar
eaacbe0b12 Minor language fix 2013-07-31 09:24:34 +02:00
Miroslav Stampar
f54082111d Better way how to deal with required extensions 2013-07-13 19:25:49 +02:00
Miroslav Stampar
3f6d4083a7 Minor language update 2013-07-13 17:19:16 +02:00
Miroslav Stampar
31efabfca1 Appropriate error messaging when one of core libraries are missing due to erroneous Python build 2013-07-13 16:07:36 +02:00
Miroslav Stampar
4d9f8ad0dd Commit related to the last one 2013-07-13 12:00:03 +02:00
stamparm
a53823f9b7 Minor refactoring 2013-06-19 10:59:26 +02:00
Miroslav Stampar
f185e5cdd5 Fix for an Issue #463 2013-06-10 22:26:34 +02:00
Miroslav Stampar
6f49b96a2d Fix for an Issue #462 2013-06-10 12:20:58 +02:00
Miroslav Stampar
39612b5d87 Fix for an Issue #457 2013-06-04 23:46:39 +02:00
Miroslav Stampar
3e0f747fad Minor fix 2013-06-04 00:05:25 +02:00