Miroslav Stampar
|
af1c9c7fb2
|
Related to the last commit
|
2016-10-04 23:48:09 +02:00 |
|
Miroslav Stampar
|
06b54ab134
|
Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems)
|
2016-10-04 23:43:00 +02:00 |
|
Miroslav Stampar
|
fee5c7bd7c
|
Adding two new payloads and minor cosmetics
|
2016-10-04 23:39:18 +02:00 |
|
Miroslav Stampar
|
fb8afc6add
|
Adding a new payload (Oracle boolean based on error response)
|
2016-10-04 22:12:00 +02:00 |
|
Miroslav Stampar
|
3409953538
|
Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows)
|
2016-09-29 12:59:51 +02:00 |
|
Miroslav Stampar
|
d36b5c0a4b
|
Adding time-based blind (heavy query) payloads for Informix (Issue #552)
|
2016-09-28 10:30:09 +02:00 |
|
Miroslav Stampar
|
5079c42788
|
Adding Informix parameter replacement payloads (Issue #552)
|
2016-09-27 14:39:17 +02:00 |
|
Miroslav Stampar
|
bc7ab01066
|
Bug fix for generic parameter replacement (CASE)
|
2016-09-27 14:29:18 +02:00 |
|
Miroslav Stampar
|
c7f615f707
|
Renaming payload files (consistency with the rest of the project)
|
2016-07-17 00:21:16 +02:00 |
|
Miroslav Stampar
|
74d0315fef
|
Update related to the last commit
|
2016-07-03 02:14:23 +02:00 |
|
Miroslav Stampar
|
3a9e36c52b
|
Reintroducing stacked queries removed in 79d08906a4 (good for WAF bypass)
|
2016-07-03 02:03:30 +02:00 |
|
Miroslav Stampar
|
cc313280af
|
Payload that never ever worked (now fixed)
|
2016-06-03 13:16:00 +02:00 |
|
Miroslav Stampar
|
f06ff42c58
|
This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE)
|
2016-06-03 10:42:57 +02:00 |
|
Miroslav Stampar
|
4bc1cf4518
|
Vastly better patch for MsSQL payloads
|
2016-06-03 10:29:04 +02:00 |
|
Miroslav Stampar
|
d326965966
|
Reordering MySQL's error-based payloads (BIGINT and EXP have crazy bigger chunk lenghts)
|
2016-06-01 14:12:22 +02:00 |
|
Miroslav Stampar
|
f0b8fbb7fd
|
Implemented support for JSON_KEYS error-based SQLi (and tons of fixes for MySQL 'ORDER BY,GROUP BY' payloads)
|
2016-06-01 13:23:41 +02:00 |
|
Miroslav Stampar
|
acc1277246
|
Minor update
|
2016-05-30 14:13:57 +02:00 |
|
Miroslav Stampar
|
b4ebbae354
|
New payload(s)
|
2016-05-30 11:25:24 +02:00 |
|
Miroslav Stampar
|
79d08906a4
|
Cleaning some redundant payload(s)
|
2016-05-27 23:59:48 +02:00 |
|
Miroslav Stampar
|
b9e5655e3c
|
Proper naming
|
2016-05-22 14:26:36 +02:00 |
|
Miroslav Stampar
|
439fff684e
|
Minor update (MSSQL CONCAT payload)
|
2016-05-11 09:42:54 +02:00 |
|
Miroslav Stampar
|
38fcc5a35a
|
Update for pre-WHERE payloads
|
2016-04-08 13:19:42 +02:00 |
|
Miroslav Stampar
|
ce3749622a
|
Minor revisit of payload boundaries (Issue #1800)
|
2016-04-08 11:28:17 +02:00 |
|
Miroslav Stampar
|
df8e4b504d
|
Patch for special cases of OR boolean-based blind (covered with last two commits)
|
2016-01-14 13:51:30 +01:00 |
|
Miroslav Stampar
|
5ff59296ef
|
Space after the generic comments has to be "protected"
|
2015-10-22 14:47:19 +02:00 |
|
Miroslav Stampar
|
ee22c477db
|
Minor patch for #1363
|
2015-08-28 10:59:12 +02:00 |
|
Miroslav Stampar
|
61b33f24d4
|
Implements #1363
|
2015-08-28 10:52:36 +02:00 |
|
Miroslav Stampar
|
26bec7219d
|
Update for an Issue #1184
|
2015-03-31 07:33:50 +02:00 |
|
Bernardo Damele
|
9eb7a0a0f2
|
enhanced time-based payloads - issue #1169
|
2015-03-19 12:09:43 +00:00 |
|
Bernardo Damele
|
2bdf121915
|
cleanup
|
2015-03-04 13:36:09 +00:00 |
|
Bernardo Damele A. G.
|
b2fca35c36
|
consolidated some time-based blind payloads - issue #1169
|
2015-03-03 14:22:20 +00:00 |
|
Bernardo Damele
|
37ca0a95f1
|
consolidated stacked queries payloads - issue #1169
|
2015-03-03 14:19:36 +00:00 |
|
Bernardo Damele
|
849ca3da3d
|
added a newline
|
2015-03-03 14:18:53 +00:00 |
|
Miroslav Stampar
|
b74edf9664
|
Fixes #1175
|
2015-02-25 10:16:01 +01:00 |
|
Bernardo Damele
|
21c1ae427b
|
swapped generic and MySQL-specific UNION payloads - issue #1169
|
2015-02-21 12:57:28 +00:00 |
|
Bernardo Damele
|
4bbf168b18
|
Minor titles fix
|
2015-02-20 18:35:13 +00:00 |
|
Bernardo Damele
|
ab6cc271d3
|
Major consistency rework of error-based payloads - issue #1169
|
2015-02-20 18:34:47 +00:00 |
|
Bernardo Damele
|
9fed41ddc2
|
Major consistency rework of boolean payloads - issue #1169
|
2015-02-20 18:34:23 +00:00 |
|
Bernardo Damele
|
2d886011c8
|
Consistency in enums
|
2015-02-20 18:33:04 +00:00 |
|
Bernardo Damele
|
1ecb921ba7
|
Consistency in enums
|
2015-02-20 18:31:47 +00:00 |
|
Bernardo Damele
|
3b3205c532
|
Minor stacked queries and time-based payloads cleanup - issue #1169
|
2015-02-20 15:44:06 +00:00 |
|
Bernardo Damele
|
5b65d2e133
|
more consistency of boolean blind payloads - issue #1169
|
2015-02-20 11:34:16 +00:00 |
|
Bernardo Damele
|
f547a776d8
|
consolidating blind based payloads - issue #1169
|
2015-02-19 16:42:26 +00:00 |
|
Bernardo Damele
|
4195f770a3
|
removing one unnecessary character from stacked payloads
|
2015-02-19 16:41:55 +00:00 |
|
Bernardo Damele
|
6cc092b926
|
split payloads in different files
|
2015-02-18 10:13:44 +00:00 |
|
Bernardo Damele
|
560bc7cc28
|
minor fixes
|
2015-02-18 09:51:07 +00:00 |
|
Bernardo Damele
|
c51ecf33f3
|
ported the recent MySQL time-based payload (introduced with 66c2a79397 ) to other techniques and conditions
|
2015-02-18 09:45:44 +00:00 |
|
Bernardo Damele
|
84349a370a
|
minor code cleanup
|
2015-02-15 19:51:07 +00:00 |
|
Bernardo Damele
|
32ab52b8ca
|
code refactoring: split boundaries and payloads XML files
|
2015-02-15 16:31:35 +00:00 |
|