Miroslav Stampar
|
1297df66da
|
fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed)
|
2011-01-06 08:04:59 +00:00 |
|
Miroslav Stampar
|
6942c9a001
|
same thing with mysql as in last commit
|
2011-01-05 14:41:38 +00:00 |
|
Miroslav Stampar
|
a136915ab6
|
bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned)
|
2011-01-05 14:36:41 +00:00 |
|
Miroslav Stampar
|
694a65f6f1
|
minor fix/update
|
2011-01-05 13:32:40 +00:00 |
|
Miroslav Stampar
|
7411052456
|
minor update regarding last commit
|
2011-01-05 12:09:57 +00:00 |
|
Miroslav Stampar
|
042e3f76ba
|
bug fix for a bug reported by nightman (RuntimeError: maximum recursion depth exceeded)
|
2011-01-05 11:36:40 +00:00 |
|
Miroslav Stampar
|
7ae5192070
|
adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data)
|
2011-01-05 10:25:07 +00:00 |
|
Miroslav Stampar
|
c83e9f6ca5
|
foundation for filtering binary string values (for example, replacement of non readable chars with #)
|
2011-01-04 21:56:37 +00:00 |
|
Miroslav Stampar
|
aa81ed4033
|
implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers)
|
2011-01-04 15:49:20 +00:00 |
|
Miroslav Stampar
|
8a48baf789
|
update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised
|
2011-01-04 13:23:59 +00:00 |
|
Miroslav Stampar
|
eb11f5b2e0
|
minor update
|
2011-01-04 13:07:12 +00:00 |
|
Miroslav Stampar
|
c1dc73d0a1
|
minor, just in case update related to the previous commit
|
2011-01-04 12:56:55 +00:00 |
|
Miroslav Stampar
|
709a7d156b
|
fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...)
|
2011-01-04 12:51:51 +00:00 |
|
Miroslav Stampar
|
d288c6d6e3
|
minor update
|
2011-01-04 08:40:41 +00:00 |
|
Miroslav Stampar
|
fdc463d08b
|
fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range)
|
2011-01-03 23:36:35 +00:00 |
|
Miroslav Stampar
|
0eabca9fd4
|
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
|
2011-01-03 22:31:29 +00:00 |
|
Miroslav Stampar
|
08ccbf2c1e
|
important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)
|
2011-01-03 22:02:58 +00:00 |
|
Miroslav Stampar
|
572f403069
|
update of one thing that was missing
|
2011-01-03 21:28:22 +00:00 |
|
Miroslav Stampar
|
7f97f3ea52
|
adding user agent strings for opera >= 9.10 and safari >= 4.0
|
2011-01-03 15:26:42 +00:00 |
|
Miroslav Stampar
|
6936ebb9e6
|
adding new user agent strings for firefox >= 3.0 and MSIE >= 7.0
|
2011-01-03 15:17:18 +00:00 |
|
Miroslav Stampar
|
ce48ea75d0
|
noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links
|
2011-01-03 14:39:23 +00:00 |
|
Miroslav Stampar
|
6aa616bd0d
|
minor minor fix
|
2011-01-03 14:28:20 +00:00 |
|
Miroslav Stampar
|
92e4cdb241
|
raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic
|
2011-01-03 14:21:41 +00:00 |
|
Miroslav Stampar
|
07129371bf
|
bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests)
|
2011-01-03 13:04:20 +00:00 |
|
Miroslav Stampar
|
3629c2737b
|
automatically turn on --text-only in case of heavily-dynamicity instead of critical exit
|
2011-01-03 11:06:49 +00:00 |
|
Miroslav Stampar
|
adc41181e6
|
some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one
|
2011-01-03 10:37:20 +00:00 |
|
Miroslav Stampar
|
5860b8942f
|
minor update
|
2011-01-03 09:16:42 +00:00 |
|
Miroslav Stampar
|
d19a8d53e4
|
minor update
|
2011-01-03 08:46:20 +00:00 |
|
Miroslav Stampar
|
8625494ff2
|
added one new quick check for multiple target(s) mode
|
2011-01-03 08:32:06 +00:00 |
|
Miroslav Stampar
|
8e1927fe31
|
minor fix
|
2011-01-02 18:12:18 +00:00 |
|
Miroslav Stampar
|
2efe7928c0
|
more concise than previously
|
2011-01-02 17:06:13 +00:00 |
|
Miroslav Stampar
|
5f9b6b2254
|
code refactoring
|
2011-01-02 16:51:21 +00:00 |
|
Miroslav Stampar
|
252ef7626f
|
removing too old user-agents (some sites just reject those because of possible rendering issues)
|
2011-01-02 15:57:52 +00:00 |
|
Miroslav Stampar
|
a56934e68b
|
one more MSSQL/ASPX error banner regex
|
2011-01-02 15:36:57 +00:00 |
|
Miroslav Stampar
|
e6f0c4d857
|
minor update
|
2011-01-02 15:32:35 +00:00 |
|
Miroslav Stampar
|
c1d0dde769
|
added support for .NET banners (http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx)
|
2011-01-02 14:46:31 +00:00 |
|
Miroslav Stampar
|
f762f32de8
|
bug fix for proper --parse-errors on .aspx pages
|
2011-01-02 13:00:04 +00:00 |
|
Miroslav Stampar
|
b763feafd9
|
bug fix (TypeError: object of type 'NoneType' has no len())
|
2011-01-02 12:26:31 +00:00 |
|
Miroslav Stampar
|
f0dad2a1e4
|
minor bug fix (in multiple item search only last item was shown)
|
2011-01-02 12:23:36 +00:00 |
|
Miroslav Stampar
|
7b9d978cf9
|
minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax")
|
2011-01-02 11:01:20 +00:00 |
|
Miroslav Stampar
|
dce9a762f1
|
important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode
|
2011-01-02 10:37:32 +00:00 |
|
Miroslav Stampar
|
96341f8f78
|
minor fix
|
2011-01-02 09:16:17 +00:00 |
|
Miroslav Stampar
|
73e8a10527
|
minor fix
|
2011-01-02 09:12:20 +00:00 |
|
Miroslav Stampar
|
93cb75ff65
|
added Nginx
|
2011-01-02 08:50:27 +00:00 |
|
Miroslav Stampar
|
5c6c870db4
|
removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode
|
2011-01-02 08:43:38 +00:00 |
|
Miroslav Stampar
|
6651ba05eb
|
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done)
|
2011-01-02 08:08:38 +00:00 |
|
Miroslav Stampar
|
e28b9f26fc
|
minor fix
|
2011-01-02 08:01:01 +00:00 |
|
Miroslav Stampar
|
da138c46c1
|
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
|
2011-01-02 07:37:47 +00:00 |
|
Miroslav Stampar
|
ec4440108b
|
minor cosmetics
|
2011-01-02 07:09:04 +00:00 |
|
Miroslav Stampar
|
428e817a32
|
some refactoring
|
2011-01-01 23:57:27 +00:00 |
|