| 
							
							
								 Miroslav Stampar | 818c9787b2 | minor update | 2011-01-23 21:20:16 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b18397fbc7 | major revisit of --os-shell methods | 2011-01-23 20:47:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ff7707579f | minor improvement | 2011-01-23 11:35:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f5ff78d40c | revert | 2011-01-23 11:21:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | db76bcb327 | fix for cases when mixing ingres dbms with spanish word "ingresa" | 2011-01-23 11:19:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 97f66a87c5 | minor improvement over last version - case insensitive and takes in count cases like " UNION ALL selects " from MySQL error message | 2011-01-23 10:51:57 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 3a5f0760f6 | minor optimization (only way to prematurely stop SAX parser) | 2011-01-23 10:12:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 30cd877c4a | fix for URI based injections | 2011-01-22 16:23:33 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7bf05bf2cb | minor update | 2011-01-22 00:12:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d6d8d54eda | implemented Johannes Dahse / Reiners' technique | 2011-01-22 00:06:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0743202879 | minor update | 2011-01-21 23:54:25 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | cb0e7080c5 | more appropriate name (on http://websec.wordpress.com/ they use term "conditional" for something very similar, although not stacked) | 2011-01-21 23:47:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7c4c79477d | world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql) | 2011-01-21 18:32:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 79e4b1efd5 | added new signature for SQLite error messages | 2011-01-20 22:47:03 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 03a880c6f1 | Got rid of progression log message as it overlaps with WARNINGS (like "Got 500") and with --parse-errors | 2011-01-20 22:02:20 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 0f2634c4b0 | Minor bug fix to properly cast to string also the COUNT() query in error-based technique (as it's concatenated to random strings for identification in page response) and int-string concatenation is not supported in all DBMS (like Oracle) | 2011-01-20 22:01:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bd2e036412 | minor fix | 2011-01-20 22:00:16 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 97573693be | Minor bug fix to properly handle in -d data retrieval statement not starting with SELECT | 2011-01-20 21:59:47 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | f1b402b103 | Proper handling of CASE in Oracle, finally | 2011-01-20 21:58:50 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 4128b2c87f | Enforce that when --prefix is provided, --suffix is too and viceversa. | 2011-01-20 21:57:54 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 1d06c64149 | Indentation fix | 2011-01-20 21:56:38 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 7d1c704575 | Moved little precaution from checks.py to common.py. Initial refactoring of kb.os* get/set. | 2011-01-20 21:56:10 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 9770db597e | Centralization of unescape() | 2011-01-20 21:55:13 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | e734efcda7 | Removed deprecated code | 2011-01-20 21:50:58 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | aa8a20d241 | Minor bug fix for a traceback | 2011-01-20 21:50:21 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 1d5050d577 | Aligned comment | 2011-01-20 21:49:34 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 77999fb39d | Allow in --sql-shell to always ('a') retrieve query output. Minor bug fix in case with --columns it is not possible to retrieve a column datatype. | 2011-01-20 21:49:06 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | b1d6040a48 | Minor bug fix so that --search also works when the technique is error-based (which always return a list with lists inside) | 2011-01-20 21:46:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 6c490bfc8f | Avoid a traceback elsewhere | 2011-01-20 21:43:41 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 7ce49bcf0d | Sorted boundaries so that the ones with parenthesis are tested first - it has to be like this! Adjusted comments accordingly to new UNION-specific tags. | 2011-01-20 21:42:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f6d79f58bc | another fix (LIMIT is not a good idea to have in inband queries) | 2011-01-20 21:13:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ff1a44c335 | probably a fix for that SQLite bug reported by Ahmed Shawky | 2011-01-20 20:30:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a1d77737f5 | minor grammar update (this should be a better form) | 2011-01-20 18:35:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 496a84c356 | minor update | 2011-01-20 18:32:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | dd7262d9e6 | we haven't closed session file for previous target which lead to potentially nasty problems in multi target mode | 2011-01-20 17:53:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ad12242151 | LoL (removing those checks because we use same "logic" for parsing Burp log files and request files) | 2011-01-20 16:27:59 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e8c037de1a | minor update | 2011-01-20 16:17:38 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4e5f0da1ae | minor update | 2011-01-20 16:07:08 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2fa066f892 | added support for WebScarab logs | 2011-01-20 15:55:50 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 345e2288e1 | important fix regarding encoding stuff | 2011-01-20 13:54:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f6f4b5e9dd | bug fix for charset used in inference for pages retrieved with --null-connection | 2011-01-20 11:01:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a4a0f10950 | minor minor minor | 2011-01-20 09:25:34 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 50c02fbb37 | Done with previous refactoring | 2011-01-20 00:01:06 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 701947490b | Two major bug fixes related to UNION technique query forging | 2011-01-19 23:46:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7a060e756d | dummy fix for SQLite schema retrieval (lots of spaces inside) | 2011-01-19 23:16:22 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | bade0e3124 | Major code refactoring - centralized all kb.dbms* info for both retrieval and set. | 2011-01-19 23:06:15 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4bdc19d879 | minor cosmetics | 2011-01-19 22:48:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c106dc829a | more proper way to deal with this because without it warn message is just fast scrolled while leaving users confused (why it doesn't run) | 2011-01-19 22:08:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7ad41f9b19 | bug fix (UnboundLocalError: local variable 'colType' referenced before assignment) | 2011-01-19 21:46:43 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | aea43a1e43 | minor refactoring | 2011-01-19 15:26:57 +00:00 |  |