Commit Graph

182 Commits

Author SHA1 Message Date
Miroslav Stampar
48ac2101f2 Using only once the dummy checkWaf payload 2016-01-08 23:23:41 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
42066cfb3d Minor refactoring 2015-12-30 12:41:56 +01:00
Miroslav Stampar
89e0fc8ffa Minor update 2015-12-19 17:50:12 +01:00
Miroslav Stampar
c1e3431877 Minor patch 2015-11-16 15:32:28 +01:00
Miroslav Stampar
a33b0454cd Implementation for an Issue #1360 2015-08-26 15:26:16 +02:00
Bernardo Damele
1ecb921ba7 Consistency in enums 2015-02-20 18:31:47 +00:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
9b32e69f26 Adding new WAF script (UrlScan) 2014-12-04 10:06:15 +01:00
Miroslav Stampar
f94ac8c69d Second patch related to the Issue #846 2014-10-09 15:21:26 +02:00
Miroslav Stampar
7278af01ee Implementation for an Issue #832 2014-09-16 14:12:43 +02:00
Miroslav Stampar
57eb19377e Minor code refactoring 2014-09-16 09:07:31 +02:00
Miroslav Stampar
fd36250026 Proper fix for an Issue #757 2014-08-26 23:36:04 +02:00
Miroslav Stampar
ae8b1fe89c Implementation for an Issue #678 2014-04-25 09:17:10 +02:00
Miroslav Stampar
9c7fbd1a90 Minor refactoring 2014-04-06 18:19:54 +02:00
Miroslav Stampar
6369a38ebc Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
f18abb1e9c Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets) 2013-12-17 09:30:51 +01:00
Miroslav Stampar
a3defc175d Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00
stamparm
017ce22a2f Minor consistency patch (Issue #475) 2013-07-01 13:01:53 +02:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Meatballs
62000c6406 Remaining files 2013-06-24 14:42:58 +01:00
Miroslav Stampar
63d0e9bb12 Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881) 2013-06-13 21:50:35 +02:00
stamparm
1b3f1a4016 More appropriate naming (also, preventing ambiguities with --smart) 2013-05-22 23:21:43 +04:00
Miroslav Stampar
1a4ea186ca Consistency fix 2013-05-19 23:00:40 +02:00
stamparm
76b4e1ccb9 Implementation for an Issue #450 2013-05-17 15:04:25 +02:00
stamparm
f67148a9a4 Update for an Issue #431 2013-04-10 16:43:57 +02:00
stamparm
7447773237 Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
Miroslav Stampar
2f43c3eb9b Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00
Miroslav Stampar
9e49d8c68f Adding support for SHA2 hash functions 2013-03-05 11:04:46 +01:00
stamparm
e5835dc74f Update for WAF scripts 2013-02-26 15:30:11 +01:00
Miroslav Stampar
6acb2480b8 Adding WAF script for SecureIIS 2013-02-21 21:34:26 +01:00
stamparm
8e49872d7c Finalizing implementation for an Issue #290 2013-02-21 14:33:12 +01:00
stamparm
6b2981ef4e Update for an Issue #290 (adding tamper-like scripts into (new) directory waf) 2013-02-21 11:14:57 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Bernardo Damele
f7d826fee1 first case where partial output is retrievable via RESTful API - issue #297 2013-02-05 14:43:03 +00:00
Bernardo Damele
f8bc74758c improvement to restful API to store to IPC database partial entries, not yet functional (issue #297) 2013-02-03 11:31:05 +00:00
Bernardo Damele
103045d284 variable renamed 2013-01-30 15:30:34 +00:00
Bernardo Damele
9677e0f910 more data content types for API (issue #297) 2013-01-29 15:36:19 +00:00
Bernardo Damele
f1ab887c55 major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00
Bernardo Damele
a43202f3c0 updated copyright 2013-01-18 14:07:51 +00:00
Miroslav Stampar
03dd958d96 Implementation for an Issue #48 2013-01-13 16:22:43 +01:00
Miroslav Stampar
934d41dac2 Minor style update (PEP8) 2013-01-10 15:02:28 +01:00
Miroslav Stampar
5b77b20e2e Removing trailing whitespaces (PEP8) 2013-01-03 23:57:07 +01:00
Miroslav Stampar
82b468211d Minor update 2013-01-03 23:38:29 +01:00
Miroslav Stampar
775e0df04b Update for an Issue #278 2012-12-05 10:45:17 +01:00
Miroslav Stampar
f08eb0fd9f Minor style update 2012-11-28 10:59:15 +01:00
Miroslav Stampar
d95dd2d16e Preparation for an Issue #254 2012-11-28 10:58:18 +01:00
Miroslav Stampar
5cfc066ac4 Minor update 2012-10-30 10:30:22 +01:00
Miroslav Stampar
359e734954 Minor refactoring 2012-10-29 10:48:49 +01:00
Miroslav Stampar
2cb1b054bb Implementation for an Issue #79 2012-10-16 12:32:58 +02:00
Miroslav Stampar
e61c4c22c9 Implementation for an Issue #200 2012-10-09 15:19:47 +02:00
Miroslav Stampar
ebc7088f94 Implementation for an Issue #128 2012-10-05 10:24:09 +02:00
Miroslav Stampar
098e446ca4 Adding support for generic XML POST data 2012-10-04 18:44:12 +02:00
Miroslav Stampar
461e5ebc5f Work for Issue #197 and Issue #49 2012-10-04 11:25:44 +02:00
Miroslav Stampar
a3baf94e9b Minor style update 2012-09-07 10:09:00 +02:00
Miroslav Stampar
8a5042b6a4 Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case) 2012-08-22 11:56:30 +02:00
Miroslav Stampar
b3552494c4 Minor preparation for an Issue #48 2012-07-26 12:26:57 +02:00
Bernardo Damele
162da75a04 modified homepage address 2012-07-12 18:38:03 +01:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Miroslav Stampar
ec44e88db8 lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00
Miroslav Stampar
6ebb621228 adding support for (custom) POST injection (marking injection point with '*' in conf.data) 2012-04-17 14:23:00 +00:00
Miroslav Stampar
0fc4288a7c modifying redirection code for only two choices 2012-03-18 17:27:08 +00:00
Miroslav Stampar
8b9c5c66cc code refactoring regarding charsetType inside inference/bisection 2012-02-29 14:36:23 +00:00
Miroslav Stampar
f142c0f782 minor update 2012-02-28 14:04:13 +00:00
Miroslav Stampar
a9bf0297f6 moving injection data to HashDB 2012-02-27 13:44:07 +00:00
Miroslav Stampar
85125018a1 minor bug fix 2012-02-25 22:54:32 +00:00
Miroslav Stampar
74b19a0386 minor update 2012-02-25 10:43:10 +00:00
Miroslav Stampar
8d7912ad34 minor update and refactoring 2012-02-15 14:05:50 +00:00
Miroslav Stampar
95f89ab63a updating copyright date 2012-01-11 14:59:46 +00:00
Miroslav Stampar
1d0b43b1a2 implemented mechanism for merging cookies by request 2012-01-11 14:28:08 +00:00
Miroslav Stampar
22c3fe49bb some refactoring 2011-12-28 13:50:03 +00:00
Miroslav Stampar
dda979a15a minor refactoring 2011-12-27 12:31:29 +00:00
Miroslav Stampar
b02363b1aa minor update 2011-12-27 11:25:40 +00:00
Miroslav Stampar
c20546dcaa minor refactoring 2011-12-26 12:24:39 +00:00
Miroslav Stampar
0a039d84e0 some more refactoring 2011-12-21 19:40:42 +00:00
Miroslav Stampar
95cd9e2af3 adding support for scanning Host header values (-p host) 2011-12-20 12:52:41 +00:00
Miroslav Stampar
563c0c1066 adding switch --tor-type 2011-12-15 23:19:55 +00:00
Miroslav Stampar
9bc735963b update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself)) 2011-12-04 22:42:19 +00:00
Miroslav Stampar
872a73f631 minor refactoring 2011-11-29 19:17:07 +00:00
Miroslav Stampar
e1a92d59de implementing WordPress phpass hash cracking routine 2011-11-20 19:10:46 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Miroslav Stampar
93b296e02c few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation") 2011-07-06 05:44:47 +00:00
Bernardo Damele
36c96ef796 Added DB2 support - patch provided by Sebastian Bittig 2011-06-25 09:44:24 +00:00
Miroslav Stampar
6b81eef65a refactoring 2011-06-08 14:30:12 +00:00
Miroslav Stampar
e9eafc2e94 minor update 2011-06-03 14:13:22 +00:00
Miroslav Stampar
64a862ed58 minor usability update 2011-06-03 14:04:02 +00:00
Miroslav Stampar
20988e58ed warp 5 mr spock :) 2011-05-30 09:46:32 +00:00
Miroslav Stampar
8227298057 user friendliness uber 9000 2011-05-27 08:30:52 +00:00
Miroslav Stampar
45caadbd4a important update - finally found what was causing headache for UNION payloads in noticeable number of cases 2011-05-26 21:54:19 +00:00
Miroslav Stampar
bf2b58ba82 minor update 2011-05-26 15:23:28 +00:00
Miroslav Stampar
f774d8fea0 proper Tor settings (reverted r3915 and implemented it the right way) 2011-05-24 11:06:58 +00:00
Miroslav Stampar
fb23beef6f most elegant way i could think of to deal with "collation incompatibilities" issue on some MySQL/UNION cases (affected about 5% of all targets tested) 2011-05-22 19:14:36 +00:00
Miroslav Stampar
a7d7be5ce0 bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host) 2011-05-13 01:01:53 +00:00
Miroslav Stampar
0b2da2f9f5 minor beautification for --tor switch 2011-05-12 05:46:17 +00:00
Miroslav Stampar
22a1870c2c adding some constraining to number of used threads on brute force switches together with a warning in case of connection exception(s) with --threads>1 2011-05-10 12:32:07 +00:00
Bernardo Damele
aae140080e SVN roll back, DB2 patch will be recommitted after testing:
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
2011-05-06 10:27:43 +00:00
Miroslav Stampar
6e392b6054 applying contributed patch for DB2 2011-05-06 09:30:39 +00:00
Miroslav Stampar
1e6c2fea74 update regarding warning for --random-agent during connection timeout in connection test phase 2011-05-03 10:05:42 +00:00