Miroslav Stampar
|
2538e2d5b4
|
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
|
2012-05-22 09:33:22 +00:00 |
|
Miroslav Stampar
|
333f8057a5
|
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
|
2012-05-14 14:06:43 +00:00 |
|
Miroslav Stampar
|
12d32f58f2
|
fix for that SOAP reported bug
|
2012-05-10 13:39:54 +00:00 |
|
Miroslav Stampar
|
fdf61015ad
|
minor patch
|
2012-05-09 08:41:05 +00:00 |
|
Miroslav Stampar
|
6af110d631
|
avoiding --no-cast/--hex warning message before a DBMS is fingerprinted
|
2012-05-08 14:06:41 +00:00 |
|
Miroslav Stampar
|
775134639d
|
minor update
|
2012-04-20 20:33:15 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|
Miroslav Stampar
|
2223c884e5
|
minor refactoring
|
2012-04-05 12:55:26 +00:00 |
|
Miroslav Stampar
|
e0994947e2
|
minor update
|
2012-04-04 23:37:50 +00:00 |
|
Miroslav Stampar
|
b1dd03731a
|
minor cosmetics
|
2012-04-04 23:34:08 +00:00 |
|
Miroslav Stampar
|
c89a4162e2
|
bug fix for --dns-domain with --technique=TS
|
2012-04-04 18:01:39 +00:00 |
|
Miroslav Stampar
|
098c7c06dd
|
added few comments
|
2012-04-04 13:24:58 +00:00 |
|
Miroslav Stampar
|
a4b95ab7dd
|
works against MySQL/Windows
|
2012-04-04 12:49:45 +00:00 |
|
Bernardo Damele
|
c0946ce2c9
|
Minor refactoring
|
2012-04-04 12:42:58 +00:00 |
|
Bernardo Damele
|
75d1dab895
|
more cosmetics
|
2012-04-04 12:33:16 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
503988887c
|
minor update
|
2012-04-03 10:43:46 +00:00 |
|
Miroslav Stampar
|
2504f4edb8
|
minor fixes
|
2012-04-03 10:10:33 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
abffc39929
|
minor update regarding DNS data retrieval task
|
2012-04-02 12:22:40 +00:00 |
|
Miroslav Stampar
|
429b8396e9
|
minor update for DNSServer support
|
2012-03-30 13:20:29 +00:00 |
|
Miroslav Stampar
|
6acf6b193a
|
minor update regarding boolean logic comparison mechanism
|
2012-03-30 09:42:58 +00:00 |
|
Miroslav Stampar
|
5469186540
|
minor comment update
|
2012-03-29 14:35:47 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
ce4c697bbd
|
disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code
|
2012-03-29 13:39:12 +00:00 |
|
Miroslav Stampar
|
60146481af
|
bug fix(es) (flags were used in place of count parameter in re.sub() calls)
|
2012-03-28 19:33:00 +00:00 |
|
Miroslav Stampar
|
7d131d1fb1
|
minor update
|
2012-03-28 13:46:31 +00:00 |
|
Miroslav Stampar
|
769b0d0ae7
|
more minor updates regarding data retrieval through DNS channel
|
2012-03-27 19:29:24 +00:00 |
|
Miroslav Stampar
|
1b072f6415
|
laying foundation for DNS based data retrieval
|
2012-03-27 18:59:12 +00:00 |
|
Miroslav Stampar
|
e88687b1f0
|
revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection)
|
2012-03-21 23:15:59 +00:00 |
|
Miroslav Stampar
|
524c1d38ad
|
making default redirect choice to NO (making fewer requests by default and in lots of cases clearer pages for comparison - original page vs redirect message)
|
2012-03-21 23:03:57 +00:00 |
|
Miroslav Stampar
|
037db9b3b8
|
minor removal of older stuff
|
2012-03-19 09:38:27 +00:00 |
|
Miroslav Stampar
|
da7f4eeffd
|
removing left over
|
2012-03-18 17:33:14 +00:00 |
|
Miroslav Stampar
|
0fc4288a7c
|
modifying redirection code for only two choices
|
2012-03-18 17:27:08 +00:00 |
|
Bernardo Damele
|
c03d0e24fb
|
it must stay as is
|
2012-03-16 17:42:00 +00:00 |
|
Bernardo Damele
|
3505503a08
|
no need to return here
|
2012-03-16 17:30:16 +00:00 |
|
Bernardo Damele
|
942d9e4fa8
|
code cleanup
|
2012-03-16 17:27:24 +00:00 |
|
Bernardo Damele
|
a1c943fc79
|
Major bug fix to comparison algorithm with OR based boolean-based injections
|
2012-03-16 17:22:55 +00:00 |
|
Miroslav Stampar
|
577caac4de
|
putting kb.negativeLogic setting to the safe place
|
2012-03-16 09:17:11 +00:00 |
|
Miroslav Stampar
|
209e795369
|
minor just in case update
|
2012-03-16 09:02:17 +00:00 |
|
Miroslav Stampar
|
adb5fff6b2
|
one more update related to the redirection mechanism
|
2012-03-15 20:17:40 +00:00 |
|
Miroslav Stampar
|
7d313ac911
|
few more fixes for proper redirecting mechanism
|
2012-03-15 19:47:59 +00:00 |
|
Bernardo Damele
|
86c4650058
|
Minor bug fix - revert
|
2012-03-15 17:12:24 +00:00 |
|
Bernardo Damele
|
cc15373769
|
More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later)
|
2012-03-15 16:29:28 +00:00 |
|
Bernardo Damele
|
4520744b4d
|
second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now
|
2012-03-15 16:25:26 +00:00 |
|