Commit Graph

507 Commits

Author SHA1 Message Date
Miroslav Stampar
2e5222bfd8 adding INSERT/UPDATE generic boundaries 2011-10-28 11:00:09 +00:00
Miroslav Stampar
7ce3af68fc fixing support for parsing BURP logs 2011-10-27 17:31:34 +00:00
Miroslav Stampar
6b7920d89a minor patch for --tor 2011-10-27 10:52:06 +00:00
Miroslav Stampar
0cbcbf159c minor fix 2011-10-19 21:35:01 +00:00
Miroslav Stampar
323aa7bf2f minor update 2011-10-09 21:21:41 +00:00
Miroslav Stampar
ba5eff1de6 minor bug fix 2011-09-23 18:29:45 +00:00
Miroslav Stampar
0c9944daa8 update for THANKS file 2011-09-20 22:18:20 +00:00
Bernardo Damele
f890b29f81 Proper reference to Metasploit Framework as now it's version 4, not 3 anymore 2011-09-12 17:26:22 +00:00
Miroslav Stampar
ac00014c4a implemented --randomize switch by request 2011-08-29 12:50:52 +00:00
Miroslav Stampar
606debe55c better language 2011-08-23 21:42:34 +00:00
Miroslav Stampar
699cb89711 minor corrections to the definition and minor typos 2011-08-23 16:56:13 +00:00
Miroslav Stampar
dafc4d93bd typo 2011-08-22 15:05:54 +00:00
Miroslav Stampar
8a174248dc fix for a bug reported by blueBoy 2011-08-20 20:08:11 +00:00
Miroslav Stampar
7cc5743c5d minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) 2011-08-16 06:50:20 +00:00
Miroslav Stampar
600ef3eace minor patch 2011-08-16 06:22:04 +00:00
Bernardo Damele
e34787db99 update 2011-08-12 16:06:41 +00:00
Bernardo Damele
6d22d09a61 doc updated 2011-08-12 15:03:39 +00:00
Bernardo Damele
997c9ba1e8 Minor adjustments to user's manual 2011-08-12 12:56:55 +00:00
Miroslav Stampar
41ae9bc7ff minor bug fix 2011-08-09 14:20:25 +00:00
Miroslav Stampar
a3a649ed03 minor update 2011-08-03 09:11:50 +00:00
Miroslav Stampar
9423d15fb3 ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix 2011-08-03 09:08:16 +00:00
Bernardo Damele
c15439ab7f Minor improvement to --passwords output 2011-08-02 09:04:34 +00:00
Miroslav Stampar
0643ced651 minor update 2011-08-02 08:12:43 +00:00
Miroslav Stampar
b9438c3e14 doc/THANKS update 2011-08-01 10:18:00 +00:00
Miroslav Stampar
93ae1dfa2b minor bug fix 2011-07-31 08:52:48 +00:00
Miroslav Stampar
1f06d7d7de update of THANKS file 2011-07-30 21:51:37 +00:00
Miroslav Stampar
107089c00b bug fix 2011-07-27 08:25:51 +00:00
Bernardo Damele
4550fa9e40 update 2011-07-24 22:43:22 +00:00
Miroslav Stampar
ff8fc90ac7 bug fix 2011-07-13 06:44:15 +00:00
Miroslav Stampar
a46b5230f5 minor "patch" 2011-07-11 20:33:16 +00:00
Bernardo Damele
86d28947aa updated 2011-07-11 10:07:36 +00:00
Miroslav Stampar
f5e45bf113 quick fix for a bug reported by jovon.itwaru@gmail.com 2011-07-11 08:54:39 +00:00
Miroslav Stampar
98958f8808 minor minor update 2011-07-10 15:41:45 +00:00
Miroslav Stampar
b3acaf85d8 minor update 2011-07-10 08:58:55 +00:00
Bernardo Damele
3985a81cb9 Update email addresses 2011-07-08 13:39:47 +00:00
Bernardo Damele
b5dd4d4a63 Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection 2011-07-08 10:19:01 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Bernardo Damele
736327c893 Added two tamper scripts contributed by Roberto Salgado 2011-07-07 18:45:07 +00:00
Bernardo Damele
23b4efdcaf Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too. 2011-07-06 21:04:45 +00:00
Bernardo Damele
36c96ef796 Added DB2 support - patch provided by Sebastian Bittig 2011-06-25 09:44:24 +00:00
Miroslav Stampar
f434c3b29e update of THANKS file 2011-06-24 19:06:08 +00:00
Bernardo Damele
1cb12ea659 replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license) 2011-06-22 13:31:07 +00:00
Miroslav Stampar
019f4d344a update of THANKS file 2011-06-21 21:03:50 +00:00
Miroslav Stampar
d9015ed800 fix for a bug reported by krasn@deventum.com 2011-06-20 13:25:19 +00:00
Bernardo Damele
d7da71ce8e politeness 2011-06-20 09:10:04 +00:00
Bernardo Damele
4b94ef2b7c A little bit more polite 2011-06-18 13:03:55 +00:00
Miroslav Stampar
ca8a60dd7a update of doc/THANKS 2011-06-15 19:04:43 +00:00
Miroslav Stampar
60ecf95383 fix for a bug reported by seyi.akin@gmail.com 2011-06-14 08:40:25 +00:00
Miroslav Stampar
03d6031fe7 update of doc/THANKS file 2011-06-09 09:09:52 +00:00
Bernardo Damele
6d2c97d06f updated thanks file 2011-06-08 10:44:55 +00:00
Miroslav Stampar
75c12c5edb fix for a bug reported by cclements@flatearth.​net (TypeError: argument of type 'NoneType' is not iterable) 2011-06-07 21:46:49 +00:00
Miroslav Stampar
e7e23d1b79 fix for a Ctrl+C bug reported by nightman@email.de 2011-06-07 17:16:01 +00:00
Miroslav Stampar
24ed99e5a3 fix for a bug reported by aboynes@gmail.com 2011-06-06 08:50:48 +00:00
Miroslav Stampar
46ceb14f37 update of doc/THANKS 2011-05-26 13:49:42 +00:00
Miroslav Stampar
9077eadf23 update of doc/THANKS 2011-05-26 08:22:52 +00:00
Miroslav Stampar
0072c3af8e fix for a bug reported by aboynes@gmail.com (for elt in self.a) 2011-05-24 15:03:21 +00:00
Miroslav Stampar
2b12b18357 incorporating metasploit patch from oliver.kuckertz@mologie.de 2011-05-23 15:27:10 +00:00
Miroslav Stampar
d2221e4604 fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...) 2011-05-16 00:23:50 +00:00
Bernardo Damele
49b925772b Minor update 2011-05-10 10:56:06 +00:00
Bernardo Damele
6e784e766b Minor bug fix 2011-05-07 21:20:47 +00:00
Miroslav Stampar
d2a71d647b minor update 2011-05-06 13:38:58 +00:00
Miroslav Stampar
9652efa995 minor update 2011-05-06 13:34:03 +00:00
Miroslav Stampar
079ddf84b2 updating FAQ 2011-05-06 11:19:49 +00:00
Bernardo Damele
2976ed7e90 Updated user's manual, added details about URI injection 2011-05-03 14:47:01 +00:00
Bernardo Damele
b2f6ce9716 updated documentation 2011-05-03 10:57:55 +00:00
Miroslav Stampar
845618934d update of doc/THANKS 2011-05-02 18:20:37 +00:00
Miroslav Stampar
900ee0ff93 fix for a major bug reported by k1971@live.co.uk (1..9 99..) 2011-05-01 15:47:00 +00:00
Bernardo Damele
ebe631ea57 doc update 2011-05-01 00:43:42 +00:00
Miroslav Stampar
41fc9f9d54 fix for an issue reported by andrew.gecse@upcmail.hu (unknown web page charset 'hungarian-iso-8859-2') 2011-04-30 22:41:54 +00:00
Bernardo Damele
2f2758b033 Long form contributor name 2011-04-30 14:51:06 +00:00
Bernardo Damele
d3ed3268c3 minor adjustments 2011-04-28 21:17:06 +00:00
Bernardo Damele
8e63e1b70d more people to thanks 2011-04-28 21:15:15 +00:00
Bernardo Damele
3e66dae103 as we don't use UPX anymore.. 2011-04-28 20:54:21 +00:00
Bernardo Damele
6d07dddf60 updated doc and minor layout adjustments 2011-04-21 21:53:35 +00:00
Miroslav Stampar
c6a0209649 update of THANKS file 2011-04-18 14:01:45 +00:00
Miroslav Stampar
ad53e3f551 update of doc/THANKS 2011-04-17 07:39:49 +00:00
Bernardo Damele
d462937a2e added a contributor 2011-04-14 12:42:09 +00:00
Miroslav Stampar
f435f37d71 update of THANKS file 2011-04-12 15:54:00 +00:00
Bernardo Damele
30377621b8 slight update 2011-04-11 00:33:42 +00:00
Bernardo Damele
2f8ddd156c done with the manual 2011-04-11 00:23:47 +00:00
Bernardo Damele
9840a0491d more doc updates 2011-04-10 20:31:29 +00:00
Bernardo Damele
fe16360acb more doc updates 2011-04-10 13:28:14 +00:00
Bernardo Damele
64fcc88be5 typo 2011-04-08 10:26:03 +00:00
Bernardo Damele
1be7f859c6 Minor updates 2011-04-08 10:25:37 +00:00
Miroslav Stampar
bcc4c52cf7 minor update 2011-04-08 10:21:45 +00:00
Bernardo Damele
159789ba81 More user's manual updates 2011-04-08 10:20:42 +00:00
Bernardo Damele
d305183447 More updates to user's manual 2011-04-08 09:50:34 +00:00
Bernardo Damele
bac53eeef1 Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s) 2011-04-07 22:08:10 +00:00
Miroslav Stampar
b288e5ef57 implemented DNS caching mechanism 2011-04-07 21:39:18 +00:00
Bernardo Damele
1880f18367 Minor layout adjustments 2011-04-07 10:07:52 +00:00
Bernardo Damele
17844eb87c Refactoring to --technique 2011-04-07 10:00:47 +00:00
Bernardo Damele
287f74dbd2 update 2011-04-06 14:59:51 +00:00
Bernardo Damele
72555f3b28 user's manual updated.. we are getting close to 0.9 stable, stay tuned! 2011-04-06 08:21:13 +00:00
Bernardo Damele
a1bde071d8 Minor adjustments 2011-04-04 09:26:20 +00:00
Miroslav Stampar
e27afef6be minor update regarding --current-db on Oracle 2011-04-01 15:56:11 +00:00
Bernardo Damele
60afd80460 Change of release date to unknown 2011-03-31 13:06:30 +00:00
Bernardo Damele
19a6f86954 Minor update 2011-03-27 16:37:57 +00:00
Miroslav Stampar
08d052d9b8 minor update of THANKS file 2011-03-27 13:45:19 +00:00
Miroslav Stampar
d2eb4c6a39 update of THANKS file 2011-03-26 21:48:36 +00:00
Miroslav Stampar
0bb08d09d2 fix for a bug reported by Kirill (value is None in attack table phase) and minor fix for loading request file 2011-03-24 08:43:40 +00:00
Miroslav Stampar
bd75fd26e9 implementing a --page-rank switch as requested by l0rda@l0rda.biz 2011-03-23 11:57:57 +00:00
Miroslav Stampar
cbfb10cbd1 fix of a minor bug reported by syssecurity7@googlemail.com (missing iso-8858...) 2011-03-21 16:43:46 +00:00
Miroslav Stampar
7b1021d100 minor update of THANKS file 2011-03-21 13:18:00 +00:00
Miroslav Stampar
f8a2cf0497 minor THANKS update 2011-03-21 09:53:34 +00:00
Bernardo Damele
f7c1b7dc5f Updated 2011-03-21 00:39:54 +00:00
Miroslav Stampar
36233fac42 update regarding a feature request from andyroyalbattle@yahoo.it 2011-03-18 16:35:30 +00:00
Bernardo Damele
3edb30968b Pff.. just layout 2011-03-17 12:37:50 +00:00
Miroslav Stampar
1879a49506 fix for a bug reported by andreoaz@gmail.com 2011-03-10 20:40:12 +00:00
Miroslav Stampar
8e7c3b4666 update of THANKS file 2011-03-07 21:29:06 +00:00
Bernardo Damele
da6a87af43 update 2011-02-28 16:59:39 +00:00
Bernardo Damele
50ba0fa955 More adjustments 2011-02-28 16:14:09 +00:00
Bernardo Damele
021fce5601 Should be done with the ChangeLog - ready for 0.9.
Minor adjustments to user's manual too.
2011-02-28 15:23:05 +00:00
Bernardo Damele
b47d3e1da3 Huge update to user's manual. A lot to be done yet. 2011-02-27 12:19:32 +00:00
Bernardo Damele
6e1a08a805 Documentation update 2011-02-19 21:08:18 +00:00
Bernardo Damele
808b03fc3e Minor reordering 2011-02-14 02:08:11 +00:00
Bernardo Damele
f0f5d3d3e8 Began with the update of the user's manual for 0.9 2011-02-07 00:55:10 +00:00
Bernardo Damele
1bc2ee2fbf Updated 2011-02-06 15:44:27 +00:00
Miroslav Stampar
412a97b7fe fix for a bug reported by ahmed@isecur1ty.org (TypeError: unsupported operand type(s) for -: 'float' and 'NoneType') 2011-02-05 14:17:28 +00:00
Miroslav Stampar
1e8eb27156 update of doc/THANKS 2011-02-04 14:07:54 +00:00
Miroslav Stampar
af99105c27 lol. sybase and maxdb were just ignored while fingerprinted because they weren't in dbmsDict screwing half of dbms related functions (most notably aliasToDbmsEnum) 2011-02-01 22:45:38 +00:00
Bernardo Damele
9fc0bedea8 Minor bug fixes 2011-01-30 21:01:57 +00:00
Miroslav Stampar
81722b6881 major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values) 2011-01-27 18:36:28 +00:00
Miroslav Stampar
3bb4ea2c7a THANKS update 2011-01-25 22:29:36 +00:00
Miroslav Stampar
cab86871fe fix for a bug reported by mhackmail@gmail.com (local variable 'code' referenced before assignment) 2011-01-25 11:02:41 +00:00
Bernardo Damele
ceca64193b Updated 2011-01-24 14:46:41 +00:00
Bernardo Damele
c1f6bf2eda Updated 2011-01-18 23:14:35 +00:00
Miroslav Stampar
bdcb10cdab added MSSQL time based vector 2011-01-18 02:05:18 +00:00
Miroslav Stampar
a835f233ac fix for a bug reported by buawig@gmail.com (AttributeError: 'module' object has no attribute 'set_completer') 2011-01-17 00:17:31 +00:00
Bernardo Damele
f209b7a65e Updated 2011-01-14 09:56:55 +00:00
Miroslav Stampar
a8d660db54 fixes for bugs reported by pragmatk@gmail.com 2011-01-06 16:59:58 +00:00
Miroslav Stampar
1297df66da fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) 2011-01-06 08:04:59 +00:00
Miroslav Stampar
aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) 2011-01-04 15:49:20 +00:00
Miroslav Stampar
08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) 2011-01-03 22:02:58 +00:00
Miroslav Stampar
8067365b93 fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident') 2010-12-20 23:47:53 +00:00
Miroslav Stampar
e3fa3b0e8e fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint') 2010-12-17 07:48:32 +00:00
Miroslav Stampar
5aee1fd8e0 updated THANKS file 2010-12-08 21:19:46 +00:00
Bernardo Damele
ad17e9ed2a Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any) 2010-11-19 14:56:20 +00:00
Bernardo Damele
17486e472a Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! 2010-11-17 22:00:09 +00:00
Bernardo Damele
360aff7a4d sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle 2010-11-17 17:20:32 +00:00
Bernardo Damele
a9152c6723 Updated doc 2010-11-14 22:36:54 +00:00
Bernardo Damele
5e41cd07a3 Updated doc 2010-11-13 23:31:18 +00:00
Bernardo Damele
306e96331d Updated doc 2010-11-12 10:00:49 +00:00
Bernardo Damele
0c8918bf07 Minor bug fix, thanks Alex 2010-11-08 12:45:23 +00:00
Miroslav Stampar
14e9425673 update of doc/THANKS 2010-11-05 16:09:30 +00:00
Miroslav Stampar
7d12dbff41 update of THANKS 2010-11-05 11:36:43 +00:00
Miroslav Stampar
71d0b1bcd7 several bug fixes 2010-11-03 21:51:36 +00:00
Miroslav Stampar
861706fb31 fix for bug reported by ToR (unknown charset 'utf-8, text/html') 2010-11-02 18:01:10 +00:00
Miroslav Stampar
73b33ed765 fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic 2010-11-01 20:56:13 +00:00
Miroslav Stampar
d75578c81f some update regarding common tables 2010-10-29 09:00:51 +00:00
Bernardo Damele
ed1f2da43f Updated 2010-10-27 21:05:58 +00:00
Bernardo Damele
7715ba778b Updated 2010-10-27 14:41:03 +00:00
Bernardo Damele
4ab3edfc94 Updated 2010-10-25 23:40:19 +00:00
Miroslav Stampar
c7578d4ea1 update of THANKS 2010-10-25 16:07:03 +00:00
Miroslav Stampar
aa931efd4d several MySQL fixes/enhancements pointed out by Anton Mogilin 2010-10-24 22:05:14 +00:00
Miroslav Stampar
c5fb4edf3e update of THANKS 2010-10-23 09:25:34 +00:00
Miroslav Stampar
a8e42a4f2b bug fix 2010-10-23 06:42:21 +00:00
Bernardo Damele
e5485a9958 Updated doc 2010-10-20 22:14:52 +00:00
Bernardo Damele
22ed09a358 Updated 2010-10-20 21:52:33 +00:00
Bernardo Damele
cfa5655150 Updated changelog 2010-10-16 22:23:53 +00:00
Miroslav Stampar
5c3d21065a bug fix (reported by nightman) 2010-10-16 21:29:35 +00:00
Miroslav Stampar
2b60304933 update 2010-10-16 21:19:44 +00:00
Bernardo Damele
bd3a791f23 Updated documentation 2010-10-15 10:29:53 +00:00
Miroslav Stampar
2198a60684 bug fix (reported by james@ev6.net) 2010-10-10 20:51:11 +00:00
Miroslav Stampar
0ad8090ad8 fix for a google bug reported by Brandon E. 2010-10-01 08:03:39 +00:00
Miroslav Stampar
87abec16bd probable fix for a bug reported by Prashant Jadhav 2010-09-30 18:52:33 +00:00
Miroslav Stampar
7a7938a6da updated THANKS 2010-08-22 08:53:30 +00:00
Miroslav Stampar
526aebc84c small fix 2010-08-15 21:10:19 +00:00
Miroslav Stampar
f9752137f0 update of THANKS file 2010-08-08 22:28:01 +00:00
Miroslav Stampar
468eeb6ccf update of THANKS 2010-08-08 21:49:27 +00:00
Miroslav Stampar
1d8953ebdb update of THANKS file 2010-08-08 21:25:21 +00:00
Miroslav Stampar
6a6ff09c9a fix for a bug reported by Marek Sarvas 2010-07-26 08:11:28 +00:00
Miroslav Stampar
c39d819dd2 fix for a resume bug reported by Augusto Urbieta 2010-07-20 08:13:02 +00:00
Miroslav Stampar
6d11f86fdd update 2010-07-15 08:51:23 +00:00
Bernardo Damele
82bce81e28 Minor improvements 2010-07-02 13:38:52 +00:00
Bernardo Damele
dc8862a140 Updated 2010-07-01 10:46:59 +00:00
Bernardo Damele
3f2db471f5 Updated thanks 2010-06-30 13:27:07 +00:00
Bernardo Damele
d40a238335 Make --keep-alive public 2010-06-30 11:29:35 +00:00
Bernardo Damele
abc3c24d62 Update 2010-06-30 09:48:48 +00:00
Bernardo Damele
4bba59aaf5 Updated doc 2010-06-29 23:52:22 +00:00
Bernardo Damele
8576817a2b Added support for SOAP requests: fixed, extended and tested a user's patch - closes #196. 2010-06-29 21:07:23 +00:00
Bernardo Damele
7cad3cbda6 Minor code refactoring 2010-06-28 13:47:20 +00:00
Bernardo Damele
887adfcf10 Minor adjustments to extra/ libraries 2010-06-09 21:43:22 +00:00
Miroslav Stampar
01f2dfe33f update 2010-06-04 17:08:32 +00:00
Bernardo Damele
080c71b903 Updated documentation 2010-06-02 16:19:43 +00:00
Bernardo Damele
06af405efd Adapted and merged in patch to support XML output (-x switch) - still in beta.
Minor bug fixes and adjustments.
2010-05-28 16:43:04 +00:00
Miroslav Stampar
2a1dd492f5 updated THANKS 2010-05-25 10:10:27 +00:00
Miroslav Stampar
d2c03c12fd updated thanks 2010-05-24 20:25:43 +00:00
Bernardo Damele
03fb84e29f Minor enhancement to internal --profile function 2010-05-21 15:06:05 +00:00
Miroslav Stampar
4c1ad7d8ce added Jose Fonseca (gprof2dot) to THANKS 2010-05-21 10:22:56 +00:00
Bernardo Damele
bffa06f2ca Updated user's manual 2010-05-20 10:08:17 +00:00
Bernardo Damele
b2c5807109 Updated 2010-05-12 22:02:18 +00:00
Bernardo Damele
74860fee2a Updated 2010-05-10 14:52:02 +00:00
Bernardo Damele
7b6050f3c1 Minor update 2010-05-06 14:18:25 +00:00
Bernardo Damele
8dbf89afe4 Minor update 2010-05-06 11:22:53 +00:00
Bernardo Damele
783c48f6e9 Merged history into user's manual 2010-05-06 11:09:03 +00:00
Bernardo Damele
7bf31f54b8 Updated history SGML file 2010-05-06 10:54:13 +00:00
Bernardo Damele
147e14356d Major bug fix (reported by Thierry Zoller) 2010-05-06 10:52:40 +00:00
Bernardo Damele
107a900f51 Updated 2010-05-03 12:57:17 +00:00
Miroslav Stampar
d8e5585c66 fixed a bug reported by Mosk Dmitri (infoMsg UnboundLocalError) 2010-04-29 08:30:29 +00:00
Bernardo Damele
a588b2020b Added history SGML file 2010-04-26 15:00:53 +00:00