sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	f41460f8d8	Better naming	2013-01-29 20:53:11 +01:00
Miroslav Stampar	a59ac8e27f	Trivial cosmetics	2013-01-29 16:30:38 +01:00
Miroslav Stampar	479f791112	Minor fix	2013-01-25 12:41:51 +01:00
Chris Frohoff	218a6a9695	fixed response header logging for header names with special chars	2013-01-23 11:10:25 -08:00
Miroslav Stampar	59b02539ca	More general approach regarding that last commit	2013-01-22 11:34:34 +01:00
Miroslav Stampar	01f1488f07	Minor patch (annoying trailing spaces for some DBMSes --technique=B --sql-query)	2013-01-22 11:29:51 +01:00
Miroslav Stampar	bb6b89fe93	Patch for an Issue #360	2013-01-19 18:06:36 +01:00
Miroslav Stampar	ac7709204a	Better fix for that page/headers/comparison --string candidate problem	2013-01-18 17:00:11 +01:00
Miroslav Stampar	8141d17985	Revert of previous commit (more care has to be done regarding headers dynamicity)	2013-01-18 16:49:35 +01:00
Miroslav Stampar	33094a118c	Fix for an Issue where '--string' is being automatically picked not looking properly in headers too	2013-01-18 16:35:09 +01:00
Bernardo Damele	a43202f3c0	updated copyright	2013-01-18 14:07:51 +00:00
Miroslav Stampar	17d36684b5	Removing obsolete proxy handling code (Python < 2.6)	2013-01-18 11:30:52 +01:00
Miroslav Stampar	e941e60b20	Minor just in place update for an Issue #348	2013-01-17 22:44:55 +01:00
Bernardo Damele	38eb4eb33e	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-17 21:03:11 +00:00
Bernardo Damele	b6e44ae64e	fix for #349 (compatible with all others DBMSes too)	2013-01-17 21:03:03 +00:00
Miroslav Stampar	a8e3fd58c5	Implementation for an Issue #348	2013-01-17 21:49:58 +01:00
Miroslav Stampar	8480ceddcb	Minor style update	2013-01-17 19:55:56 +01:00
Miroslav Stampar	f7eda07d92	Patch for an Issue #347	2013-01-17 15:30:14 +01:00
Miroslav Stampar	3ab4a5e36d	Fix for an Issue #345	2013-01-17 11:50:12 +01:00
Miroslav Stampar	14b7e655a9	Minor refactoring	2013-01-16 16:33:04 +01:00
Miroslav Stampar	fb7243c237	Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs	2013-01-16 16:04:00 +01:00
Bernardo Damele	e16ad38d3e	more work on #342	2013-01-15 18:15:07 +00:00
Bernardo Damele	329047fc12	restored fix for #210 to keep --hex work with --technique B	2013-01-15 17:51:40 +00:00
Bernardo Damele	2a751e075d	more work on #342	2013-01-15 17:14:44 +00:00
Bernardo Damele	4eaa0d17aa	Fix in forging query to calculate query output length - closes issue #342	2013-01-15 15:50:20 +00:00
Miroslav Stampar	5ee653dd89	Merging commit 57bcbb458eade2850a6d7623ecddbe49c69cf334 from @morisson	2013-01-15 10:14:02 +01:00
Miroslav Stampar	03dd958d96	Implementation for an Issue #48	2013-01-13 16:22:43 +01:00
Miroslav Stampar	81848c723d	Minor cleanup (we officially support Python >= 2.6)	2013-01-11 16:01:48 +01:00
Miroslav Stampar	934d41dac2	Minor style update (PEP8)	2013-01-10 15:02:28 +01:00
Miroslav Stampar	ca3d35a878	Some PEP8 related style cleaning	2013-01-10 13:18:44 +01:00
Miroslav Stampar	5b77b20e2e	Removing trailing whitespaces (PEP8)	2013-01-03 23:57:07 +01:00
Miroslav Stampar	e4a3c015e5	Replacing old and deprecated raise Exception style (PEP8)	2013-01-03 23:20:55 +01:00
Miroslav Stampar	127b880577	Minor update	2012-12-27 15:14:40 +01:00
Bernardo Damele	9149d77cc8	removed duplicate code - fixes issue #310	2012-12-19 12:17:56 +00:00
Bernardo Damele	dee56b17c3	handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308	2012-12-19 10:50:15 +00:00
Miroslav Stampar	155c1eddae	Debug message with declared page charset	2012-12-19 11:16:42 +01:00
Miroslav Stampar	2b64c10710	Patch for an Issue #304	2012-12-18 09:36:26 +01:00
Miroslav Stampar	4ea0c9e922	Another implementation for an Issue #302	2012-12-17 15:08:54 +01:00
Miroslav Stampar	60baf5071e	Patch for an Issue #302	2012-12-17 00:40:01 +01:00
Miroslav Stampar	c41618416c	Removing trailing blanks	2012-12-14 12:00:45 +01:00
Miroslav Stampar	013dc8bc98	Another minor update for an Issue #267	2012-12-10 13:07:36 +01:00
Miroslav Stampar	8bd0080bf4	Minor update for an Issue #267	2012-12-10 13:05:41 +01:00
Miroslav Stampar	96df0ba061	Implemented support for plain , chars too (Issue #267 )	2012-12-10 12:58:17 +01:00
Miroslav Stampar	d0ea4c65c5	Minor styl eupdate for an Issue #267	2012-12-10 12:54:01 +01:00
Miroslav Stampar	5606a860ce	Oracle supports inline comments too (Issue #267 )	2012-12-10 12:00:15 +01:00
Miroslav Stampar	a024884ca7	Support for a HTTP parameter pollution (Issue #267 )	2012-12-10 11:55:31 +01:00
Miroslav Stampar	73968a448c	Minor update	2012-12-07 15:29:54 +01:00
Miroslav Stampar	e129a30e6b	Removing redundant code in redirect handler (related to an Issue #288 )	2012-12-07 12:40:19 +01:00
Miroslav Stampar	fccad15cfa	Minor update for an Issue #288	2012-12-07 12:14:33 +01:00
Miroslav Stampar	75e6d77fbc	Minor refactoring	2012-12-07 11:54:34 +01:00
Miroslav Stampar	fbaeecdaf9	Patch for an Issue #288	2012-12-07 11:52:21 +01:00
Miroslav Stampar	c0fc12beb2	Minor update for an Issue #288	2012-12-07 11:23:18 +01:00
Miroslav Stampar	974407396e	Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)	2012-12-06 14:14:19 +01:00
Miroslav Stampar	ab67344448	Removed unused imports and variables (pyflake-ing)	2012-12-06 11:15:05 +01:00
Miroslav Stampar	b6650add46	Introducing 'new style classes' (idea from Pull request #284 )	2012-12-06 10:42:53 +01:00
Miroslav Stampar	0f191f624c	Taking some goodies from Pull request #284	2012-12-06 10:21:53 +01:00
Miroslav Stampar	775e0df04b	Update for an Issue #278	2012-12-05 10:45:17 +01:00
Miroslav Stampar	79fca8e9d5	Fix for an Issue #268	2012-12-03 12:13:59 +01:00
Miroslav Stampar	605d73cc3d	Minor refactoring	2012-11-29 12:21:12 +01:00
Miroslav Stampar	c40dded28c	Fix for an Issue #250	2012-11-20 12:10:29 +01:00
Miroslav Stampar	5b3fe25211	Improving comparison engine (removing shared prelude part to further sharpen if pages are identical - especially noticable in small test pages)	2012-11-13 15:22:59 +01:00
Miroslav Stampar	a52dbc575b	Patch for an Issue #246	2012-11-13 10:21:11 +01:00
Miroslav Stampar	f305dde413	Patch for an Issue #235	2012-11-10 11:01:29 +01:00
Miroslav Stampar	359e734954	Minor refactoring	2012-10-29 10:48:49 +01:00
Miroslav Stampar	25a5073281	Bug fix for --hex/--technique=B (especially MsSQL)	2012-10-28 12:22:33 +01:00
Miroslav Stampar	c1b8226329	Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)	2012-10-28 00:36:09 +02:00
Miroslav Stampar	a435ba6863	Minor fix	2012-10-28 00:19:00 +02:00
Miroslav Stampar	0aeb9dbe8b	Bug fix (in --dump mode if error/inband failed with None other techniques were ignored)	2012-10-27 23:42:52 +02:00
Miroslav Stampar	12fc9442b9	Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)	2012-10-25 10:10:23 +02:00
Miroslav Stampar	b82eb3a1ae	Fix for an Issue #210	2012-10-23 13:58:25 +02:00
Miroslav Stampar	3f596cda85	Minor fix for --dump --technique=B when empty strings are returned	2012-10-22 11:49:23 +02:00
Miroslav Stampar	21481df239	Minor update for Issue #209	2012-10-21 19:00:37 +02:00
Miroslav Stampar	fb1497aa89	Minor update for Issue #209	2012-10-21 18:53:31 +02:00
Miroslav Stampar	261b286021	Fix for an Issue #209	2012-10-20 13:17:45 +02:00
Miroslav Stampar	6a271fe800	Update for an Issue #2	2012-10-19 11:29:03 +02:00
Miroslav Stampar	998eb70288	Minor update	2012-10-19 11:05:10 +02:00
Miroslav Stampar	987f167e12	Minor update	2012-10-19 11:03:54 +02:00
Miroslav Stampar	d65d9e25cd	Implementation for an Issue #2	2012-10-19 11:02:14 +02:00
Miroslav Stampar	688a2db27a	Fix for an Issue #208	2012-10-19 10:04:09 +02:00
Miroslav Stampar	b5060c0010	Fix for an Issue #205	2012-10-16 14:28:46 +02:00
Miroslav Stampar	2cb1b054bb	Implementation for an Issue #79	2012-10-16 12:32:58 +02:00
Miroslav Stampar	42b2c85517	Minor cosmetics	2012-10-15 18:45:13 +02:00
Miroslav Stampar	c7cf8b2e80	Minor refactoring of direct()	2012-10-15 18:41:41 +02:00
Miroslav Stampar	e440b096c5	Fix for an Issue #202	2012-10-15 12:24:30 +02:00
Miroslav Stampar	e61c4c22c9	Implementation for an Issue #200	2012-10-09 15:19:47 +02:00
Miroslav Stampar	5a91b6e622	Minor cleanup	2012-10-09 10:21:52 +02:00
Miroslav Stampar	8e7449ccd5	Minor update	2012-10-07 20:28:24 +02:00
Miroslav Stampar	ff205f088b	Minor update	2012-10-07 20:12:55 +02:00
Miroslav Stampar	098e446ca4	Adding support for generic XML POST data	2012-10-04 18:44:12 +02:00
Miroslav Stampar	f71b937add	Minor language cleanup	2012-10-04 18:28:36 +02:00
Miroslav Stampar	8865fe69d7	Minor cleanup	2012-10-04 18:26:07 +02:00
Miroslav Stampar	d464678e10	Minor update for an Issue #49	2012-10-04 18:01:42 +02:00
Miroslav Stampar	84b05e2d18	Better treating of numeric values (Issue #49 )	2012-10-04 16:08:37 +02:00
Miroslav Stampar	461e5ebc5f	Work for Issue #197 and Issue #49	2012-10-04 11:25:44 +02:00
Miroslav Stampar	bcbf0571a5	Implementation for an Issue #49	2012-10-02 14:23:58 +02:00
Miroslav Stampar	763dc98311	Minor refactoring	2012-10-02 13:36:15 +02:00
Miroslav Stampar	a8aecaa036	Minor style update	2012-10-02 13:33:10 +02:00
Miroslav Stampar	687f3991de	Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.	2012-09-26 11:27:43 +02:00
Miroslav Stampar	ec43ceec40	Some more cleanup related to the last commit (unneeded manual crafting/unneeded closing with ;)	2012-09-25 14:29:22 +02:00
Miroslav Stampar	c9e7e71ea2	Implementation for an Issue #195	2012-09-25 10:17:25 +02:00
Miroslav Stampar	d175decdfc	Fix for an Issue #190	2012-09-22 20:59:40 +02:00
Miroslav Stampar	e570858db9	Implementation for an Issue #183	2012-09-12 11:50:38 +02:00
Miroslav Stampar	511c3b8dcc	Update and fix for an Issue #182	2012-09-11 14:58:52 +02:00
Miroslav Stampar	10b671d625	Update for an Issue #182	2012-09-11 12:08:34 +02:00
Miroslav Stampar	5d23d72ff5	Fix for an Issue #176	2012-09-08 17:58:03 +02:00
Miroslav Stampar	dbce417cdd	Potential fix for an Issue #171	2012-09-02 22:48:41 +02:00
Miroslav Stampar	b916db34a4	Another update for an Issue #79	2012-08-31 12:38:02 +02:00
Miroslav Stampar	47d162f391	Minor update (same but cleaner)	2012-08-31 12:27:40 +02:00
Miroslav Stampar	7286d89cb6	Few fixes for an Issue #79 (problem with case sensitivity of request get_header)	2012-08-31 12:15:09 +02:00
Miroslav Stampar	cdd3ed6abc	Minor bug fix	2012-08-30 14:22:18 +02:00
Miroslav Stampar	32a36f1ff3	El Cosmeticado	2012-08-22 09:58:39 +02:00
Miroslav Stampar	d421f9a618	Fix for an Issue #157	2012-08-21 14:34:19 +02:00
Miroslav Stampar	01f481c332	Minor refactoring of dictionaries	2012-08-21 11:19:15 +02:00
Miroslav Stampar	b9c63eb908	Fix for an Issue #156	2012-08-21 10:46:29 +02:00
Miroslav Stampar	7a8ace78f9	Removing redundant newline char as logger already adds it's own	2012-08-21 09:58:40 +02:00
Miroslav Stampar	233b9a3815	Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those)	2012-08-20 22:17:39 +02:00
Miroslav Stampar	823dde73ab	Minor cleanup	2012-08-20 11:40:49 +02:00
Miroslav Stampar	76338add17	Fix for an Issue #152	2012-08-20 10:41:43 +02:00
Miroslav Stampar	fec8a5cc9d	Fix for an Issue #139	2012-08-07 00:50:58 +02:00
Miroslav Stampar	142fc887f1	Fix for an Issue #129	2012-07-31 11:03:44 +02:00
Miroslav Stampar	47073f4afd	Implementation of an Issue #131	2012-07-30 21:50:46 +02:00
Miroslav Stampar	a86f9798b2	Minor refactoring together with a wider support for html entities	2012-07-30 11:21:32 +02:00
Miroslav Stampar	07738004cc	Fix for an Issue #123	2012-07-27 10:02:47 +02:00
Miroslav Stampar	a5062c1e4f	Adding a warn message when --dns-domain is ignored (because of faster techniques)	2012-07-27 09:48:48 +02:00
Bernardo Damele	92c2b3bd4c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-26 23:11:11 +01:00
Bernardo Damele	d492291744	working on issue #12	2012-07-26 23:11:07 +01:00
Miroslav Stampar	efa99c4519	Implementation for an Issue #4	2012-07-26 14:07:05 +02:00
Miroslav Stampar	b3552494c4	Minor preparation for an Issue #48	2012-07-26 12:26:57 +02:00
Miroslav Stampar	30f8d09651	Implementation for an Issue #70	2012-07-26 12:06:02 +02:00
Miroslav Stampar	f8c9868cb6	Implementation for an Issue #118	2012-07-24 15:34:50 +02:00
Miroslav Stampar	1153b4563c	Minor update for an Issue #111	2012-07-23 18:44:50 +02:00
Miroslav Stampar	fccd69721e	Update for an Issue #111	2012-07-23 18:38:46 +02:00
Miroslav Stampar	ab9cb80602	Implementing Issue #111	2012-07-23 15:14:52 +02:00
Miroslav Stampar	63bf99ce77	Minor just in case update for an Issue #117	2012-07-23 14:46:43 +02:00
Miroslav Stampar	c6b724489b	Minor style update	2012-07-23 14:26:42 +02:00
Miroslav Stampar	a7d1a0c250	Implementation for an Issue #117	2012-07-23 14:14:22 +02:00
Miroslav Stampar	534eccc9aa	Fix for an Issue #115	2012-07-23 10:16:47 +02:00
Miroslav Stampar	f336afa913	Implementation for Issue #108	2012-07-20 09:48:09 +02:00
Miroslav Stampar	81d15e5051	Fix for an Issue #101	2012-07-17 00:19:33 +02:00
Miroslav Stampar	0e21cb54de	Minor fix related to Issue #94	2012-07-16 16:06:39 +02:00
Miroslav Stampar	87ecf205cb	More work for Issue #66	2012-07-14 17:01:04 +02:00
Miroslav Stampar	805120ac52	Minor refactoring	2012-07-14 11:01:30 +02:00
Miroslav Stampar	ddb9caeef1	Revert of the previous commit	2012-07-13 15:05:19 +02:00
Miroslav Stampar	d165d5d5fe	To not be confused with heuristic method in SQLi	2012-07-13 15:03:43 +02:00
Miroslav Stampar	3c81f74823	Minor style update	2012-07-13 12:22:37 +02:00
Miroslav Stampar	d834e8debf	Minor update	2012-07-13 10:28:03 +02:00
Bernardo Damele	162da75a04	modified homepage address	2012-07-12 18:38:03 +01:00
Bernardo Damele	ea9c66108e	cleanup for issue #68	2012-07-12 15:38:43 +01:00
Miroslav Stampar	65639cdda6	First update for Issue #75 (error-based dumping)	2012-07-12 14:31:28 +02:00
Bernardo Damele	33cbbed4a8	I think we should not resume checkBooleanExpression() calls if --fresh-queries or --flush-session is provided	2012-07-12 01:39:15 +01:00
Bernardo Damele	3a94953ae2	leftover from previous commit	2012-07-12 01:15:34 +01:00
Bernardo Damele	31571e6e2d	minor refactoring	2012-07-11 11:55:05 +01:00
Miroslav Stampar	9c4a62f725	Some work on Issue #68	2012-07-11 11:58:47 +02:00
Miroslav Stampar	2669528b24	Language typo	2012-07-07 11:16:33 +02:00
Miroslav Stampar	e948e4d45b	Some more refactoring	2012-07-06 17:18:22 +02:00
Bernardo Damele	6697927098	initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap	2012-07-02 02:04:19 +01:00
Bernardo Damele	7b4ecd9df0	added skeleton code for issue #34 , still not usable	2012-07-02 00:22:34 +01:00
jekil	c39e5a85ba	Removed $id$ tags	2012-06-27 20:56:43 +02:00
Miroslav Stampar	01be9381d5	minor update	2012-06-25 16:24:33 +00:00
Miroslav Stampar	ec44e88db8	lots of refactoring regarding removal of already obsolete session file mechanism	2012-06-21 10:09:10 +00:00
Miroslav Stampar	06be7bbb18	few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)	2012-06-15 20:41:53 +00:00
Miroslav Stampar	3a90105fbb	minor refactoring	2012-06-14 13:38:53 +00:00
Miroslav Stampar	4ac3794e80	minor update	2012-06-12 14:22:14 +00:00
Miroslav Stampar	738073105e	minor updates	2012-06-04 19:52:51 +00:00
Miroslav Stampar	7b282b1d6c	adding support for newer SSL protocols	2012-06-04 19:46:28 +00:00
Miroslav Stampar	76a4aa19ac	some more fine tunning	2012-05-28 19:50:12 +00:00
Miroslav Stampar	efb406fbfc	minor revert	2012-05-28 19:13:50 +00:00
Miroslav Stampar	f7cba8d2cb	minor update	2012-05-28 18:05:15 +00:00
Miroslav Stampar	a72cb29c1f	taking care of few issues regarding reverse address lookup of localhost/127.0.0.1 at remote DNS server	2012-05-28 16:57:10 +00:00
Miroslav Stampar	89e90c3d84	revert of last commit	2012-05-28 15:01:56 +00:00
Miroslav Stampar	96c84e6e5b	minor update	2012-05-28 15:00:06 +00:00
Miroslav Stampar	a70a647aeb	few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...)	2012-05-28 14:51:23 +00:00
Miroslav Stampar	b1d82422a0	changing conf.dnsDomain to conf.dName just because of long text problems in help listing	2012-05-28 14:15:04 +00:00
Miroslav Stampar	226547b7dc	minor fix for --skip-urlencode and custom post	2012-05-28 09:04:25 +00:00
Miroslav Stampar	e967bbd70f	minor patch	2012-05-27 21:44:42 +00:00
Miroslav Stampar	fed0212631	now working with recursive queries too	2012-05-27 10:03:02 +00:00
Miroslav Stampar	09f2144485	full page read is not needed in DNS exfiltration mode	2012-05-26 21:28:43 +00:00
Miroslav Stampar	c394610740	adding switch --skip-urlencode to skip URL encoding of POST data	2012-05-24 23:30:33 +00:00
Miroslav Stampar	2538e2d5b4	fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring	2012-05-22 09:33:22 +00:00
Miroslav Stampar	333f8057a5	minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces	2012-05-14 14:06:43 +00:00
Miroslav Stampar	12d32f58f2	fix for that SOAP reported bug	2012-05-10 13:39:54 +00:00
Miroslav Stampar	fdf61015ad	minor patch	2012-05-09 08:41:05 +00:00
Miroslav Stampar	6af110d631	avoiding --no-cast/--hex warning message before a DBMS is fingerprinted	2012-05-08 14:06:41 +00:00
Miroslav Stampar	775134639d	minor update	2012-04-20 20:33:15 +00:00
Miroslav Stampar	6ebb621228	adding support for (custom) POST injection (marking injection point with '*' in conf.data)	2012-04-17 14:23:00 +00:00
Miroslav Stampar	052d9455fe	warning user in cases of "User xyz already has more than 'max_user_connections' active connections"	2012-04-12 09:44:54 +00:00
Miroslav Stampar	119eec3598	improving "boolean detection" by automatic recognition of convenient --string candidate	2012-04-10 21:48:34 +00:00
Miroslav Stampar	8c6eb4faa9	adding support for PgSQL DNS data exfiltration	2012-04-07 14:06:11 +00:00
Miroslav Stampar	b2afa87e48	reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)	2012-04-06 08:42:36 +00:00
Miroslav Stampar	2223c884e5	minor refactoring	2012-04-05 12:55:26 +00:00
Miroslav Stampar	e0994947e2	minor update	2012-04-04 23:37:50 +00:00
Miroslav Stampar	b1dd03731a	minor cosmetics	2012-04-04 23:34:08 +00:00
Miroslav Stampar	c89a4162e2	bug fix for --dns-domain with --technique=TS	2012-04-04 18:01:39 +00:00
Miroslav Stampar	098c7c06dd	added few comments	2012-04-04 13:24:58 +00:00
Miroslav Stampar	a4b95ab7dd	works against MySQL/Windows	2012-04-04 12:49:45 +00:00
Bernardo Damele	c0946ce2c9	Minor refactoring	2012-04-04 12:42:58 +00:00
Bernardo Damele	75d1dab895	more cosmetics	2012-04-04 12:33:16 +00:00
Bernardo Damele	d106fb5184	layout adjustments	2012-04-04 12:27:24 +00:00
Miroslav Stampar	503988887c	minor update	2012-04-03 10:43:46 +00:00
Miroslav Stampar	2504f4edb8	minor fixes	2012-04-03 10:10:33 +00:00
Miroslav Stampar	e05109812f	minor improvements regarding data retrieval through DNS channel	2012-04-03 09:18:30 +00:00
Miroslav Stampar	1cd3c3f7af	further update of DNS data retrieval mechanism through SQLi	2012-04-02 14:05:30 +00:00
Miroslav Stampar	abffc39929	minor update regarding DNS data retrieval task	2012-04-02 12:22:40 +00:00
Miroslav Stampar	429b8396e9	minor update for DNSServer support	2012-03-30 13:20:29 +00:00
Miroslav Stampar	6acf6b193a	minor update regarding boolean logic comparison mechanism	2012-03-30 09:42:58 +00:00
Miroslav Stampar	5469186540	minor comment update	2012-03-29 14:35:47 +00:00
Miroslav Stampar	637a8d8273	improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism	2012-03-29 14:33:27 +00:00
Miroslav Stampar	ce4c697bbd	disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code	2012-03-29 13:39:12 +00:00
Miroslav Stampar	60146481af	bug fix(es) (flags were used in place of count parameter in re.sub() calls)	2012-03-28 19:33:00 +00:00
Miroslav Stampar	7d131d1fb1	minor update	2012-03-28 13:46:31 +00:00
Miroslav Stampar	769b0d0ae7	more minor updates regarding data retrieval through DNS channel	2012-03-27 19:29:24 +00:00
Miroslav Stampar	1b072f6415	laying foundation for DNS based data retrieval	2012-03-27 18:59:12 +00:00
Miroslav Stampar	e88687b1f0	revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection)	2012-03-21 23:15:59 +00:00
Miroslav Stampar	524c1d38ad	making default redirect choice to NO (making fewer requests by default and in lots of cases clearer pages for comparison - original page vs redirect message)	2012-03-21 23:03:57 +00:00
Miroslav Stampar	037db9b3b8	minor removal of older stuff	2012-03-19 09:38:27 +00:00
Miroslav Stampar	da7f4eeffd	removing left over	2012-03-18 17:33:14 +00:00
Miroslav Stampar	0fc4288a7c	modifying redirection code for only two choices	2012-03-18 17:27:08 +00:00
Bernardo Damele	c03d0e24fb	it must stay as is	2012-03-16 17:42:00 +00:00
Bernardo Damele	3505503a08	no need to return here	2012-03-16 17:30:16 +00:00
Bernardo Damele	942d9e4fa8	code cleanup	2012-03-16 17:27:24 +00:00
Bernardo Damele	a1c943fc79	Major bug fix to comparison algorithm with OR based boolean-based injections	2012-03-16 17:22:55 +00:00
Miroslav Stampar	577caac4de	putting kb.negativeLogic setting to the safe place	2012-03-16 09:17:11 +00:00
Miroslav Stampar	209e795369	minor just in case update	2012-03-16 09:02:17 +00:00
Miroslav Stampar	adb5fff6b2	one more update related to the redirection mechanism	2012-03-15 20:17:40 +00:00
Miroslav Stampar	7d313ac911	few more fixes for proper redirecting mechanism	2012-03-15 19:47:59 +00:00
Bernardo Damele	86c4650058	Minor bug fix - revert	2012-03-15 17:12:24 +00:00
Bernardo Damele	cc15373769	More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later)	2012-03-15 16:29:28 +00:00
Bernardo Damele	4520744b4d	second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now	2012-03-15 16:25:26 +00:00
Miroslav Stampar	ddd92476a8	minor fix	2012-03-15 15:58:25 +00:00
Miroslav Stampar	19beb912fa	first step toward negative logic support	2012-03-15 15:52:12 +00:00
Miroslav Stampar	8dd570057b	minor fix (double traffic log for -t in case of HTTP error)	2012-03-15 14:51:16 +00:00
Miroslav Stampar	f7df755f37	minor update	2012-03-15 12:55:22 +00:00
Miroslav Stampar	3d39c6cb3b	some fixes here and there	2012-03-15 12:14:50 +00:00
Miroslav Stampar	91f1d6141f	minor fix	2012-03-15 11:24:55 +00:00
Miroslav Stampar	a8c9a47092	redirect logic rewritten from scratch	2012-03-15 11:10:58 +00:00
Miroslav Stampar	52a8b25ff4	minor fix	2012-03-14 14:31:41 +00:00
Miroslav Stampar	a7fbc55748	grammar fix	2012-03-13 22:03:23 +00:00
Miroslav Stampar	edfcddd3c3	minor fix for logging only cookies used by request (e.g. --load-cookies case)	2012-03-13 10:58:15 +00:00
Miroslav Stampar	34b0935cb3	refactoring "echo 1" quick test for xp_cmdshell console output	2012-03-13 10:36:49 +00:00
Miroslav Stampar	e6c610abab	minor fix	2012-03-13 09:14:56 +00:00
Miroslav Stampar	48bcde478e	more general update	2012-03-12 15:29:55 +00:00
Miroslav Stampar	1d0c8a7f44	minor update	2012-03-12 15:19:02 +00:00
Miroslav Stampar	5a83f1c5f7	minor update	2012-03-08 15:43:22 +00:00
Miroslav Stampar	cd28eb6544	minor update regarding --load-cookies	2012-03-08 10:19:34 +00:00
Miroslav Stampar	1ec56f93ec	minor update	2012-03-01 10:10:19 +00:00
Miroslav Stampar	a424de3102	minor fix	2012-02-27 12:55:28 +00:00
Miroslav Stampar	1e82405bb9	HashDB is now supported in -d too	2012-02-27 12:14:01 +00:00
Miroslav Stampar	f94b91ad87	added helper function for HashDB data storing/retrieval	2012-02-24 13:07:20 +00:00
Miroslav Stampar	0478e4166a	minor justin case fix	2012-02-23 15:19:20 +00:00
Miroslav Stampar	b3bd4144f5	removing of unused imports together with some general code refactoring	2012-02-22 10:40:11 +00:00

... 3 4 5 6 7 ...

1107 Commits