Commit Graph

1655 Commits

Author SHA1 Message Date
Miroslav Stampar
80aedbe284 adding a warning about --tor switch 2012-05-10 18:17:32 +00:00
Miroslav Stampar
b81fe42d4b turning off null connection on -o when --tor used (not compatible) 2012-05-10 17:50:54 +00:00
Miroslav Stampar
efdd86ddcc minor just in case patch 2012-05-10 14:22:34 +00:00
Miroslav Stampar
6367f59b98 minor code refactoring 2012-05-10 14:15:17 +00:00
Miroslav Stampar
1418ae9767 little refactoring of parseUnionPage together with a patch for some special case 2012-05-09 18:47:40 +00:00
Miroslav Stampar
37f2709197 making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it) 2012-05-09 09:08:23 +00:00
Miroslav Stampar
64c241fe92 limiting original UNION query results to only 1 result (potentially speeding things up in some cases) 2012-05-08 13:45:53 +00:00
Miroslav Stampar
a121339395 automatically writing uncracked hashes to a file for eventual further processing 2012-05-08 10:46:05 +00:00
Miroslav Stampar
96299d3d5d minor refactoring 2012-05-03 22:34:18 +00:00
Miroslav Stampar
cc28f6db6b minor update 2012-05-01 20:43:16 +00:00
Miroslav Stampar
17efeaae7f causing too much confusion among dummy users 2012-05-01 09:04:11 +00:00
Miroslav Stampar
694b14111f skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set) 2012-04-27 13:16:51 +00:00
Miroslav Stampar
6f67dc85ee adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical 2012-04-25 20:29:07 +00:00
Miroslav Stampar
cec432f94d minor update 2012-04-23 14:43:59 +00:00
Miroslav Stampar
697768c01a adding --purge-output to be one of mandatory switches 2012-04-23 14:42:24 +00:00
Miroslav Stampar
d57d5e4b2c minor update 2012-04-23 14:33:36 +00:00
Miroslav Stampar
1eecfb3dce adding new file related to the last commit 2012-04-23 14:25:16 +00:00
Miroslav Stampar
095b25e1d1 adding option '--purge' 2012-04-23 14:24:23 +00:00
Miroslav Stampar
be2da77bf8 minor update 2012-04-23 10:15:04 +00:00
Miroslav Stampar
21c6b52198 minor fix 2012-04-23 10:11:00 +00:00
Miroslav Stampar
2b1b4c0742 minor fix 2012-04-18 10:01:04 +00:00
Miroslav Stampar
6ebb621228 adding support for (custom) POST injection (marking injection point with '*' in conf.data) 2012-04-17 14:23:00 +00:00
Miroslav Stampar
efd27d7ade minor renaming 2012-04-17 08:41:19 +00:00
Miroslav Stampar
601d118c68 reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types) 2012-04-15 16:59:03 +00:00
Miroslav Stampar
052d9455fe warning user in cases of "User xyz already has more than 'max_user_connections' active connections" 2012-04-12 09:44:54 +00:00
Miroslav Stampar
c7422546e1 tiny update 2012-04-11 23:01:38 +00:00
Miroslav Stampar
2bad73a981 minor update 2012-04-11 21:48:44 +00:00
Miroslav Stampar
e195de2093 correcting comment on reflective removal function 2012-04-11 21:41:48 +00:00
Miroslav Stampar
b45ae10da4 minor fixes 2012-04-11 21:36:37 +00:00
Miroslav Stampar
627bfc589f some more updates in reflective removal mechanism 2012-04-11 21:26:00 +00:00
Miroslav Stampar
8b130f6497 minor improvement for reflective values (when missing first part of payload like in error reports) 2012-04-11 15:01:28 +00:00
Miroslav Stampar
01bd5d0ab2 some more updates for reflective mechanism 2012-04-11 10:41:33 +00:00
Miroslav Stampar
2e92d8636e improvement of reflective mechanism 2012-04-11 08:58:03 +00:00
Miroslav Stampar
60ca44e0cf minor adjustment 2012-04-11 08:35:09 +00:00
Miroslav Stampar
8541222080 minor update 2012-04-10 22:26:42 +00:00
Miroslav Stampar
9c2f244d47 minor fix 2012-04-10 22:20:53 +00:00
Miroslav Stampar
119eec3598 improving "boolean detection" by automatic recognition of convenient --string candidate 2012-04-10 21:48:34 +00:00
Miroslav Stampar
8c6eb4faa9 adding support for PgSQL DNS data exfiltration 2012-04-07 14:06:11 +00:00
Miroslav Stampar
b2afa87e48 reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases) 2012-04-06 08:42:36 +00:00
Miroslav Stampar
2223c884e5 minor refactoring 2012-04-05 12:55:26 +00:00
Miroslav Stampar
02924eb345 minor update 2012-04-04 23:47:06 +00:00
Bernardo Damele
d106fb5184 layout adjustments 2012-04-04 12:27:24 +00:00
Miroslav Stampar
1b2cd44255 proper fix 2012-04-04 10:35:52 +00:00
Miroslav Stampar
7031ef8e00 removing default values for referer and host from higher level/risk options 2012-04-04 10:34:27 +00:00
Miroslav Stampar
b0787f193c getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached) 2012-04-03 14:34:15 +00:00
Miroslav Stampar
33bb9c5f19 much cleaner approach in that "flat" representation of retrieved items in union technique 2012-04-03 13:56:11 +00:00
Miroslav Stampar
e05109812f minor improvements regarding data retrieval through DNS channel 2012-04-03 09:18:30 +00:00
Miroslav Stampar
2c28423cb8 minor update 2012-04-02 14:57:15 +00:00
Miroslav Stampar
1cd3c3f7af further update of DNS data retrieval mechanism through SQLi 2012-04-02 14:05:30 +00:00
Miroslav Stampar
1e01203562 few just in case "patches" 2012-04-02 12:58:10 +00:00