Miroslav Stampar
|
c17714c423
|
suppress session in case of brute methods
|
2011-01-07 16:47:46 +00:00 |
|
Bernardo Damele
|
16a06117f7
|
Mere cosmetics
|
2011-01-07 16:36:32 +00:00 |
|
Miroslav Stampar
|
c968b438f2
|
Ctrl+C added to union dump
|
2011-01-06 09:48:04 +00:00 |
|
Miroslav Stampar
|
0616edcc44
|
adding progress to --union-test
|
2011-01-06 09:26:01 +00:00 |
|
Miroslav Stampar
|
8b9a624546
|
added progress into union based entry retrieval
|
2011-01-06 09:10:20 +00:00 |
|
Miroslav Stampar
|
7ae5192070
|
adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data)
|
2011-01-05 10:25:07 +00:00 |
|
Miroslav Stampar
|
0eabca9fd4
|
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
|
2011-01-03 22:31:29 +00:00 |
|
Miroslav Stampar
|
9fb0e0fc85
|
resume of brute forced data is now available
|
2010-12-27 14:17:20 +00:00 |
|
Miroslav Stampar
|
c7a160bf72
|
minor update (users want this to see)
|
2010-12-27 12:00:54 +00:00 |
|
Miroslav Stampar
|
89c2640d23
|
basic --search now works with MS Access
|
2010-12-26 23:50:16 +00:00 |
|
Miroslav Stampar
|
a555d1ad68
|
minor improvement
|
2010-12-26 11:15:02 +00:00 |
|
Miroslav Stampar
|
320a6f9efb
|
minor minor update
|
2010-12-26 09:55:33 +00:00 |
|
Miroslav Stampar
|
17d74fc83c
|
cosmeticado
|
2010-12-26 09:53:40 +00:00 |
|
Miroslav Stampar
|
eaf4b93856
|
minor update
|
2010-12-26 09:40:40 +00:00 |
|
Miroslav Stampar
|
6c72e41972
|
minor fix/update
|
2010-12-26 02:19:10 +00:00 |
|
Miroslav Stampar
|
c5c4aae3d5
|
minor update (to prevent adding too much items)
|
2010-12-25 10:42:36 +00:00 |
|
Miroslav Stampar
|
ea7ba19f6b
|
minor update
|
2010-12-25 09:43:14 +00:00 |
|
Miroslav Stampar
|
272476773f
|
getPageTextWordsSet on tableExists is pretty powerful stuff
|
2010-12-25 09:37:33 +00:00 |
|
Miroslav Stampar
|
6845d402fa
|
well, here and there, merry Christmas to all :)
|
2010-12-24 20:17:53 +00:00 |
|
Miroslav Stampar
|
edcf1a0872
|
few bug fixes
|
2010-12-24 18:40:48 +00:00 |
|
Miroslav Stampar
|
7f7fb93155
|
cosmetics
|
2010-12-23 18:44:18 +00:00 |
|
Bernardo Damele
|
c1f2534e9a
|
More bug fixes to properly distinguish between full inband and single-entry inband sql injections
|
2010-12-22 15:47:52 +00:00 |
|
Miroslav Stampar
|
5be9c04e44
|
update regarding Sybase syntax
|
2010-12-22 10:39:56 +00:00 |
|
Miroslav Stampar
|
466d61ee85
|
minor fix
|
2010-12-21 14:29:47 +00:00 |
|
Miroslav Stampar
|
385e208f38
|
code refactoring regarding standard output suppression and some threading issues
|
2010-12-21 14:21:24 +00:00 |
|
Miroslav Stampar
|
6b37ddada4
|
removed some blank trailing spaces (with extra/shutils/blanks.sh)
|
2010-12-21 10:31:56 +00:00 |
|
Miroslav Stampar
|
29001a4fce
|
minor update
|
2010-12-20 23:21:01 +00:00 |
|
Miroslav Stampar
|
5852bad963
|
some refactoring
|
2010-12-20 18:56:06 +00:00 |
|
Miroslav Stampar
|
36862e2efa
|
update
|
2010-12-18 15:57:47 +00:00 |
|
Miroslav Stampar
|
fe67d3827c
|
code refactoring and some fixes
|
2010-12-18 09:51:34 +00:00 |
|
Miroslav Stampar
|
f8a01ddaf8
|
minor update
|
2010-12-15 11:21:47 +00:00 |
|
Bernardo Damele
|
86690682c7
|
Minor bug fix to respect -v value in --common-tables and --common-columns
|
2010-12-13 21:37:12 +00:00 |
|
Bernardo Damele
|
db844c1785
|
No point in showing the error-based inject payload, it's same as the one showed in -v3
|
2010-12-13 21:35:20 +00:00 |
|
Miroslav Stampar
|
c93634b6c7
|
blind dumping of tables in sqlite implemented
|
2010-12-11 22:13:19 +00:00 |
|
Miroslav Stampar
|
6a24048aa6
|
urllib2 doesn't play well with '\n' when non unescaped chars used
|
2010-12-11 21:17:54 +00:00 |
|
Miroslav Stampar
|
f021548bd0
|
added inference failsafe (like in for instance Firebirds SUBSTR always returns a string value, no matter which starting index you use)
|
2010-12-11 10:52:04 +00:00 |
|
Miroslav Stampar
|
c17f444aab
|
minor fix
|
2010-12-11 10:22:18 +00:00 |
|
Miroslav Stampar
|
ac9080c07b
|
update
|
2010-12-11 08:24:29 +00:00 |
|
Miroslav Stampar
|
fe2039f5ba
|
coollyy little commits
|
2010-12-10 11:32:46 +00:00 |
|
Miroslav Stampar
|
cdff29ada7
|
update
|
2010-12-09 11:23:44 +00:00 |
|
Bernardo Damele
|
9c61adb21d
|
Cosmetics
|
2010-12-09 00:26:06 +00:00 |
|
Bernardo Damele
|
f5ce739bdf
|
Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.
|
2010-12-08 23:52:31 +00:00 |
|
Miroslav Stampar
|
54f6673609
|
update
|
2010-12-08 22:38:26 +00:00 |
|
Miroslav Stampar
|
d6077273e0
|
update
|
2010-12-08 22:14:42 +00:00 |
|
Miroslav Stampar
|
01cf1394a4
|
code refactoring
|
2010-12-08 14:26:40 +00:00 |
|
Miroslav Stampar
|
af22679605
|
minor update
|
2010-12-08 13:09:27 +00:00 |
|
Miroslav Stampar
|
6223f25dd9
|
code beautification
|
2010-12-08 13:04:48 +00:00 |
|
Miroslav Stampar
|
b5e45939e3
|
sqlmap premiere of blind time based query/bisection
|
2010-12-08 12:28:54 +00:00 |
|
Miroslav Stampar
|
2735848ab6
|
removed ERROR_SPACE
|
2010-12-06 22:40:07 +00:00 |
|
Miroslav Stampar
|
e8be14e00a
|
minor refactoring
|
2010-12-06 07:48:14 +00:00 |
|