Miroslav Stampar
|
5f9b6b2254
|
code refactoring
|
2011-01-02 16:51:21 +00:00 |
|
Miroslav Stampar
|
252ef7626f
|
removing too old user-agents (some sites just reject those because of possible rendering issues)
|
2011-01-02 15:57:52 +00:00 |
|
Miroslav Stampar
|
a56934e68b
|
one more MSSQL/ASPX error banner regex
|
2011-01-02 15:36:57 +00:00 |
|
Miroslav Stampar
|
e6f0c4d857
|
minor update
|
2011-01-02 15:32:35 +00:00 |
|
Miroslav Stampar
|
c1d0dde769
|
added support for .NET banners (http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx)
|
2011-01-02 14:46:31 +00:00 |
|
Miroslav Stampar
|
f762f32de8
|
bug fix for proper --parse-errors on .aspx pages
|
2011-01-02 13:00:04 +00:00 |
|
Miroslav Stampar
|
b763feafd9
|
bug fix (TypeError: object of type 'NoneType' has no len())
|
2011-01-02 12:26:31 +00:00 |
|
Miroslav Stampar
|
f0dad2a1e4
|
minor bug fix (in multiple item search only last item was shown)
|
2011-01-02 12:23:36 +00:00 |
|
Miroslav Stampar
|
7b9d978cf9
|
minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax")
|
2011-01-02 11:01:20 +00:00 |
|
Miroslav Stampar
|
dce9a762f1
|
important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode
|
2011-01-02 10:37:32 +00:00 |
|
Miroslav Stampar
|
96341f8f78
|
minor fix
|
2011-01-02 09:16:17 +00:00 |
|
Miroslav Stampar
|
73e8a10527
|
minor fix
|
2011-01-02 09:12:20 +00:00 |
|
Miroslav Stampar
|
93cb75ff65
|
added Nginx
|
2011-01-02 08:50:27 +00:00 |
|
Miroslav Stampar
|
5c6c870db4
|
removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode
|
2011-01-02 08:43:38 +00:00 |
|
Miroslav Stampar
|
6651ba05eb
|
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done)
|
2011-01-02 08:08:38 +00:00 |
|
Miroslav Stampar
|
e28b9f26fc
|
minor fix
|
2011-01-02 08:01:01 +00:00 |
|
Miroslav Stampar
|
da138c46c1
|
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
|
2011-01-02 07:37:47 +00:00 |
|
Miroslav Stampar
|
ec4440108b
|
minor cosmetics
|
2011-01-02 07:09:04 +00:00 |
|
Miroslav Stampar
|
428e817a32
|
some refactoring
|
2011-01-01 23:57:27 +00:00 |
|
Miroslav Stampar
|
212035e64d
|
user can now choose if he wants to skip non-heuristic based DBMS tests
|
2011-01-01 23:38:11 +00:00 |
|
Miroslav Stampar
|
ded9798e3d
|
minor bug fix
|
2011-01-01 23:07:50 +00:00 |
|
Miroslav Stampar
|
8a93cfd975
|
minor update
|
2011-01-01 22:43:15 +00:00 |
|
Miroslav Stampar
|
52e44df86c
|
minor update
|
2011-01-01 21:11:29 +00:00 |
|
Miroslav Stampar
|
942cbafba6
|
minor update
|
2011-01-01 20:19:55 +00:00 |
|
Miroslav Stampar
|
26b06bfcfb
|
update (http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html)
|
2011-01-01 19:38:51 +00:00 |
|
Miroslav Stampar
|
e4fd8b3f0c
|
(e) finally works as it should
|
2011-01-01 19:22:44 +00:00 |
|
Miroslav Stampar
|
0e815177c8
|
minor update
|
2011-01-01 19:07:40 +00:00 |
|
Miroslav Stampar
|
ef27fd5ea1
|
there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html)
|
2011-01-01 15:20:29 +00:00 |
|
Miroslav Stampar
|
7ea3d060f6
|
some fixes/updates here and there
|
2011-01-01 12:41:51 +00:00 |
|
Miroslav Stampar
|
15e6911fd8
|
fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')
|
2011-01-01 12:23:02 +00:00 |
|
Miroslav Stampar
|
91f665aaaa
|
bug fix for Ctrl+C
|
2010-12-31 15:00:19 +00:00 |
|
Miroslav Stampar
|
076560f59f
|
bug fix
|
2010-12-31 12:58:27 +00:00 |
|
Miroslav Stampar
|
5db8ebbfa9
|
update of mysql comment versions
|
2010-12-31 12:42:12 +00:00 |
|
Miroslav Stampar
|
40e3489099
|
minor update
|
2010-12-31 12:27:57 +00:00 |
|
Miroslav Stampar
|
ce19b0c431
|
optimization of comment checking in MySQL
|
2010-12-31 12:21:02 +00:00 |
|
Miroslav Stampar
|
281d124fa6
|
minor bug fix
|
2010-12-31 12:04:39 +00:00 |
|
Miroslav Stampar
|
42e7b1b3a7
|
bug fix
|
2010-12-30 22:40:37 +00:00 |
|
Miroslav Stampar
|
20e3a6d72f
|
fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html)
|
2010-12-30 21:53:34 +00:00 |
|
Miroslav Stampar
|
7f4acaf6f9
|
now comment injection fingerprint works with all techniques
|
2010-12-30 21:24:26 +00:00 |
|
Miroslav Stampar
|
6f17e84e19
|
minor fix
|
2010-12-30 08:29:20 +00:00 |
|
Miroslav Stampar
|
c3065f6ecc
|
minor fix
|
2010-12-29 20:38:56 +00:00 |
|
Miroslav Stampar
|
2476c1516d
|
minor fix
|
2010-12-29 20:26:36 +00:00 |
|
Miroslav Stampar
|
613242e298
|
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved)
|
2010-12-29 19:48:19 +00:00 |
|
Miroslav Stampar
|
8f32c740ff
|
code refactoring
|
2010-12-29 19:39:32 +00:00 |
|
Miroslav Stampar
|
6700cabc36
|
minor optimization
|
2010-12-29 19:01:29 +00:00 |
|
Miroslav Stampar
|
d1f5c1d7b7
|
now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering
|
2010-12-29 15:10:42 +00:00 |
|
Miroslav Stampar
|
79e97824ef
|
adding user names to the attack dictionary
|
2010-12-29 00:37:53 +00:00 |
|
Miroslav Stampar
|
93838fb155
|
"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)
|
2010-12-28 14:40:34 +00:00 |
|
Miroslav Stampar
|
96c3ffd3d7
|
changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload
|
2010-12-27 19:02:13 +00:00 |
|
Miroslav Stampar
|
c0423761e8
|
minor update
|
2010-12-27 18:27:42 +00:00 |
|