Commit Graph

115 Commits

Author SHA1 Message Date
Miroslav Stampar
8aa12db425 added option --proxy-cred for setting proxy credentials (Feature #195) 2010-08-18 22:45:00 +00:00
Miroslav Stampar
057ec8a6b2 added --ratio option for direct manipulation of conf.matchRatio parameter 2010-08-10 19:53:29 +00:00
Miroslav Stampar
28d9115373 fix for Feature #187 (Skip duplicates parameters in -g) 2010-07-29 20:01:04 +00:00
Bernardo Damele
49af0c43a5 Forgot 2010-07-01 15:26:18 +00:00
Miroslav Stampar
9d28ae23ca fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval) 2010-07-01 14:11:45 +00:00
Bernardo Damele
24428c1a1b Added warning message if both --proxy and --keep-alive are provided 2010-06-30 11:41:42 +00:00
Bernardo Damele
c33f3ef844 Minor adjustment to HTTP headers handling 2010-06-29 23:51:44 +00:00
Bernardo Damele
fb9f669544 More verbose comments 2010-06-29 21:10:33 +00:00
Bernardo Damele
ea45d75f2d Major bug fix to parse and store all HTTP headers from the request file (-r) 2010-06-29 21:06:03 +00:00
Bernardo Damele
9bce22683b Minor bug fix and adjustment to deal with Keep-Alive also against Google (-g) 2010-06-11 10:08:19 +00:00
Bernardo Damele
c23ea4c749 --keep-alive is not compatible with --proxy 2010-06-10 21:19:45 +00:00
Bernardo Damele
d3c8e461cf Minor layout adjustments 2010-06-10 14:14:56 +00:00
Miroslav Stampar
eb94edc48c added keepalive module 2010-06-01 12:21:10 +00:00
Miroslav Stampar
db7ede96fd more updates/fixes 2010-05-31 11:11:53 +00:00
Miroslav Stampar
0450df8a77 added kb.cache for storing cached results (e.g. kb.cache.regex for storing compiled regular expressions and kb.cache.md5 for storing precalculated MD5 values during '--users --common-prediction' session) 2010-05-31 08:13:08 +00:00
Bernardo Damele
89c721a451 More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files. 2010-05-29 10:10:28 +00:00
Bernardo Damele
a138dbe5f6 Minor bug fixes and code refactoring 2010-05-28 15:57:43 +00:00
Miroslav Stampar
919a8345d6 minor fix 2010-05-28 15:30:02 +00:00
Miroslav Stampar
ad3c425a18 quick fix 2010-05-28 15:26:55 +00:00
Miroslav Stampar
f36e093fa7 minor update 2010-05-28 09:13:50 +00:00
Miroslav Stampar
dc83f794ea fix regarding proper string isinstance checking (including unicode) 2010-05-25 10:09:35 +00:00
Bernardo Damele
a43eb64c5d Minor refactoring 2010-05-24 15:46:12 +00:00
Miroslav Stampar
0197f8db5c code refactoring regarding issue #184 2010-05-24 11:12:40 +00:00
Miroslav Stampar
e9be60e1ac added support for proper unicode session(s) storage/retrieval 2010-05-24 11:00:49 +00:00
Miroslav Stampar
64f2afe585 in a mood for more changes 2010-05-21 12:44:09 +00:00
Miroslav Stampar
78547bb79e quick fix 2010-05-21 12:19:20 +00:00
Bernardo Damele
a21a7fc56d Minor code refactoring 2010-05-21 12:09:31 +00:00
Miroslav Stampar
68e13c3872 periodical commit 2010-05-21 09:35:36 +00:00
Bernardo Damele
9c1d82c9f7 Minor bug fix to --proxy with HTTPS target on Python 2.6 - fixes #191. 2010-05-20 10:52:14 +00:00
Miroslav Stampar
5396f13bab added CPU throttling for lowering sqlmap's CPU intensivity 2010-05-13 15:19:28 +00:00
Bernardo Damele
fa48d26f95 Minor cosmetic fix 2010-04-26 12:34:21 +00:00
Miroslav Stampar
7eef76f1b0 added basic option validation for start/stop values regarding David Guimaraes mail 2010-04-26 11:23:12 +00:00
Bernardo Damele
a1b1f960cc Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function 2010-04-23 16:34:20 +00:00
Miroslav Stampar
938a3ab0b9 fix for Bug #183 (--threads dot output) 2010-04-16 13:40:02 +00:00
Miroslav Stampar
1aeaa5db47 implementation of Feature #176 (Safe URL: avoid being kicked out after N unsuccessful requests) 2010-04-16 12:44:47 +00:00
Miroslav Stampar
17554759b7 implemented feature request from Ole Rasmussen regarding table name retrieval speedup 2010-04-15 09:36:13 +00:00
Bernardo Damele
effc7dc41c Minor adjustment to notify the user that the --auth-cred format for NTLM authentication is "DOMAIN\user:password" 2010-04-07 09:47:14 +00:00
Bernardo Damele
2d55ec19a3 Minor code restyling 2010-04-06 10:15:19 +00:00
Miroslav Stampar
e29e8f82f9 fix for "Problem with --dbms set" reported by David Guimaraes 2010-04-05 23:09:35 +00:00
Bernardo Damele
1416cd0d86 Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Bernardo Damele
f4f68218bc Minor layout adjustment for --threads and --eta output 2010-03-25 11:47:18 +00:00
Bernardo Damele
d13ad8b2d7 fixes #181 - proper save/resume information about single entry UNION SQL injection 2010-03-22 15:39:29 +00:00
Bernardo Damele
d00e4a458a Code cleanup 2010-03-21 00:39:44 +00:00
Bernardo Damele
d2f86fb0a5 Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now 2010-03-16 15:21:42 +00:00
Bernardo Damele
466df89c4a Fixes #178 and #179 - proper handling of custom redirects 2010-03-16 14:30:57 +00:00
Bernardo Damele
3b3353e05b Revert last commit 2010-03-16 13:56:36 +00:00
Miroslav Stampar
1dfe558d3d Fix for Issue #177 2010-03-16 13:11:44 +00:00
Bernardo Damele
6d0ea86414 Fixes #59 - proper customizable redirect (302 and 301) 2010-03-15 14:24:43 +00:00
Miroslav Stampar
7ec04281dd minor adjustments 2010-03-12 12:46:26 +00:00
Miroslav Stampar
2c053d5cfb fix for Bug #166 (Keyboard interrupt in Python threading) 2010-03-11 11:14:20 +00:00