58 Commits

Author	SHA1	Message	Date
Miroslav Stampar	03447acc1d	avoiding some trashy match ratios	2010-12-11 17:12:19 +00:00
Miroslav Stampar	bdff4aba6a	switching to quick_ratio	2010-12-07 23:57:43 +00:00
Miroslav Stampar	c1b82cf09c	ratio() gives a considerable lag on real life cases, as real_quick_ratio() gives almost as good results	2010-12-07 23:53:44 +00:00
Miroslav Stampar	eeb199375b	usage of compiled regexes in case of dynamic markings and other refactoring	2010-12-04 13:23:28 +00:00
Miroslav Stampar	0fc7a8f9e8	code refactoring	2010-12-04 10:13:18 +00:00
Miroslav Stampar	04714374f9	now you can use kb.pageTemplate to set a page which will be used as a template in comparison process (at least in '-[RANDNUM] OR' cases we'll need to use different template(s))	2010-12-04 10:05:18 +00:00
Bernardo Damele	17486e472a	Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!	2010-11-17 22:00:09 +00:00
Miroslav Stampar	6ef3846400	update regarding error parsing (and reporting)	2010-11-16 10:42:42 +00:00
Miroslav Stampar	27735b14df	update (--string and --regex should be done regardless of wasLastRequestError)	2010-11-12 22:44:15 +00:00
Miroslav Stampar	19c1bfa368	just a precaution (now i really need to go for a sleep)	2010-11-09 23:38:29 +00:00
Miroslav Stampar	88c00e61d3	another update	2010-11-09 23:35:37 +00:00
Miroslav Stampar	47720a43dd	minor fix (while we've calculated conf.matchRation for stable pages, we've put a constant value (0.900) for dynamic ones - so putting (ratio - conf.matchRatio) > DIFF_TOLERANCE for dynamic pages too would just effectively increase it's value to 0.900 + DIFF_TOLERANCE (in our case to 0.950) which is too narrow space for True result)	2010-11-09 23:21:21 +00:00
Miroslav Stampar	5ebd5d935c	another name change	2010-11-09 22:49:31 +00:00
Miroslav Stampar	06f00cf8c1	name change	2010-11-09 22:48:22 +00:00
Miroslav Stampar	fef60d5cb7	some fixes :)	2010-11-09 22:32:05 +00:00
Bernardo Damele	1cc99e2247	Possible quick fix for missing of True/False comparison of stable-but-not-really pages	2010-11-09 21:39:58 +00:00
Miroslav Stampar	620fa1c8fb	trust me, i know what i am doing :)	2010-11-07 20:33:33 +00:00
Bernardo Damele	4d81da6bc8	Cosmetics	2010-11-07 16:23:03 +00:00
Miroslav Stampar	00dfd55830	added powerful switch --longest-common for dealing with heavy dynamicity	2010-11-07 08:52:09 +00:00
Miroslav Stampar	508b9cc763	dynamicity engine update	2010-11-07 00:12:00 +00:00
Miroslav Stampar	3619fc5127	minor update	2010-11-06 08:31:11 +00:00
Miroslav Stampar	0e895fa512	update of dynamicity testing and few misc fixes	2010-11-05 13:14:12 +00:00
Miroslav Stampar	29b7c5366c	cosmetics	2010-11-04 17:22:33 +00:00
Miroslav Stampar	e1cec8c02b	fix for all that stable, dynamic mambo jambo :)	2010-11-04 16:44:34 +00:00
Miroslav Stampar	71d0b1bcd7	several bug fixes	2010-11-03 21:51:36 +00:00
Miroslav Stampar	44678fa320	fix for a bug reported by ToR (TypeError: unsupported operand type(s) for *: 'float' and 'NoneType')	2010-11-03 12:40:11 +00:00
Miroslav Stampar	5269cb8c08	some code refactoring and beautification	2010-11-02 09:06:38 +00:00
Miroslav Stampar	13e93f564a	one bug fix in dynamic content engine and some code refactoring	2010-11-02 07:32:08 +00:00
Miroslav Stampar	24c5d7b313	code refactoring	2010-10-25 14:06:56 +00:00
Miroslav Stampar	9c94a233a1	conf.md5hash thrown out	2010-10-25 13:52:21 +00:00
Miroslav Stampar	71543092b7	update regarding comparison engine	2010-10-25 12:00:59 +00:00
Miroslav Stampar	8df7c88174	implementation of a new dynamic content removal engine	2010-10-25 10:41:37 +00:00
Miroslav Stampar	4f7f20b94f	sorry, cosmetics	2010-10-14 23:18:29 +00:00
Miroslav Stampar	8b48833136	large commit with copyright header modifications	2010-10-14 14:41:14 +00:00
Miroslav Stampar	d2ec132469	added --text-only switch	2010-10-12 19:41:29 +00:00
Miroslav Stampar	1741801ade	implementation of HEAD/Range methods	2010-09-16 09:32:09 +00:00
Miroslav Stampar	798ab4989b	fix for a Bug #200	2010-09-14 10:35:01 +00:00
Miroslav Stampar	19fb2e3dcf	fix for Bug #165	2010-09-13 13:31:01 +00:00
Miroslav Stampar	057ec8a6b2	added --ratio option for direct manipulation of conf.matchRatio parameter	2010-08-10 19:53:29 +00:00
Miroslav Stampar	131789a6e4	some code refactoring	2010-05-14 14:21:13 +00:00
Miroslav Stampar	91dd609e26	fixed threading bug (difflib :)	2010-03-10 14:14:27 +00:00
Bernardo Damele	156fdd96ef	Updated copyright	2010-03-03 15:26:27 +00:00
Bernardo Damele	ce022a3b6e	sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.	2010-01-02 02:02:12 +00:00
Bernardo Damele	16b4530bbe	Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed). ... Minor common library code refactoring. Code cleanup. Set back the default User-Agent to sqlmap for comparison algorithm reasons. Updated THANKS.	2009-04-27 23:05:11 +00:00
Bernardo Damele	8c0ac767f4	Updated to sqlmap 0.7 release candidate 1	2009-04-22 11:48:07 +00:00
Bernardo Damele	2efee058ea	Major enhancement in comparison algorithm	2009-02-12 00:17:44 +00:00
Bernardo Damele	ba00a17205	Minor layout adjustment	2009-02-09 10:58:44 +00:00
Bernardo Damele	207e96e2b2	Major bug fix in the comparison algorithm to correctly handle also the ... case that the url is stable and the False response changes the page content very little.	2009-02-09 10:28:03 +00:00
Bernardo Damele	5560f0b68a	Updated the copyright	2009-01-12 21:35:38 +00:00
Bernardo Damele	35708a0b97	Minor adjustment to UNION query SQL injection detection function. ... Updated command line help message based upon recent developments. Updated copyright note of lib/contrib/multipartpost.py.	2008-12-21 16:35:03 +00:00