Miroslav Stampar
|
8e74c571bc
|
centralization of urlencoding should be (only) in connect.py and we are from now on handling non-urlencoded data at other levels
|
2011-01-27 19:44:24 +00:00 |
|
Miroslav Stampar
|
49aeb41be8
|
quick bug fix for FALSE positives with UNION based technique
|
2011-01-27 18:49:44 +00:00 |
|
Miroslav Stampar
|
81722b6881
|
major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values)
|
2011-01-27 18:36:28 +00:00 |
|
Miroslav Stampar
|
03413bd5e0
|
minor refactoring before a huge bug fix reported by Ahmed Shawky (we are falsely urlencoding ORIGINAL part of the injection payload)
|
2011-01-27 16:55:58 +00:00 |
|
Miroslav Stampar
|
539168dcca
|
sanitizeStr screws html error parsing in some cases as new lines are removed (FALSE positives here and there)
|
2011-01-27 13:40:42 +00:00 |
|
Miroslav Stampar
|
bb6e36fb02
|
minor updates
|
2011-01-27 12:38:39 +00:00 |
|
Miroslav Stampar
|
3bb4ea2c7a
|
THANKS update
|
2011-01-25 22:29:36 +00:00 |
|
Miroslav Stampar
|
10b723f196
|
minor fix for a bug reported by yonnym@googlemail.com
|
2011-01-25 22:26:28 +00:00 |
|
Miroslav Stampar
|
430fd5cd63
|
minor fixes
|
2011-01-25 16:05:06 +00:00 |
|
Miroslav Stampar
|
20df2bbd10
|
minor fix
|
2011-01-25 15:44:45 +00:00 |
|
Miroslav Stampar
|
d3ddaba7be
|
minor refactoring
|
2011-01-25 13:04:13 +00:00 |
|
Miroslav Stampar
|
c7f260a8bc
|
minor update
|
2011-01-25 12:54:49 +00:00 |
|
Miroslav Stampar
|
98e48bd682
|
new script
|
2011-01-25 12:48:50 +00:00 |
|
Miroslav Stampar
|
cab86871fe
|
fix for a bug reported by mhackmail@gmail.com (local variable 'code' referenced before assignment)
|
2011-01-25 11:02:41 +00:00 |
|
Miroslav Stampar
|
5692506131
|
this was bad thing to have
|
2011-01-25 01:08:38 +00:00 |
|
Miroslav Stampar
|
5aa958a146
|
ASCII & CHR is quite common, so removing this one
|
2011-01-24 22:51:15 +00:00 |
|
Miroslav Stampar
|
a1619f84b6
|
changing level of last payload
|
2011-01-24 22:31:26 +00:00 |
|
Miroslav Stampar
|
8155f95b82
|
new payload - PostgreSQL boolean-based blind - Parameter replace (based on CHR(0) - "SQL error: ERROR: null character not permitted")
|
2011-01-24 22:28:54 +00:00 |
|
Miroslav Stampar
|
9f76468005
|
another premiere, yeeej. IDSes, watch yourself :)
|
2011-01-24 21:30:46 +00:00 |
|
Miroslav Stampar
|
2fb0c946d2
|
minor update
|
2011-01-24 21:21:47 +00:00 |
|
Miroslav Stampar
|
15645f50d4
|
world premiere :)
|
2011-01-24 21:21:11 +00:00 |
|
Miroslav Stampar
|
50969d238b
|
minor update
|
2011-01-24 17:51:56 +00:00 |
|
Miroslav Stampar
|
440264341c
|
minor update
|
2011-01-24 17:43:25 +00:00 |
|
Miroslav Stampar
|
0eea5665b2
|
minor update
|
2011-01-24 17:41:36 +00:00 |
|
Bernardo Damele
|
b0dc6c24eb
|
Moved
|
2011-01-24 17:04:49 +00:00 |
|
Miroslav Stampar
|
6cc69f5e16
|
now --technique is appliable also after the injections have been identified
|
2011-01-24 16:47:24 +00:00 |
|
Miroslav Stampar
|
c188996627
|
patch for possible query optimization (avoid precalculation of 1/0)
|
2011-01-24 16:21:27 +00:00 |
|
Miroslav Stampar
|
81011be0d7
|
minor update of parseTargetUrl method
|
2011-01-24 14:52:50 +00:00 |
|
Bernardo Damele
|
ceca64193b
|
Updated
|
2011-01-24 14:46:41 +00:00 |
|
Miroslav Stampar
|
4093599f38
|
added parseTargetUrl to redirect choice
|
2011-01-24 14:45:35 +00:00 |
|
Bernardo Damele
|
e1db2700f0
|
Minor bug fix to properly deal --prefix and --suffix and parameter replace payloads
|
2011-01-24 12:25:45 +00:00 |
|
Miroslav Stampar
|
8d0c2efbe2
|
unescaping of char marked payloads
|
2011-01-24 12:00:16 +00:00 |
|
Miroslav Stampar
|
4441e11f68
|
fix for case -r with no params and cookie available
|
2011-01-24 11:26:51 +00:00 |
|
Bernardo Damele
|
47fa600c04
|
Minor fix and cosmetics
|
2011-01-24 11:12:33 +00:00 |
|
Miroslav Stampar
|
a3e3387113
|
fix for proper Firebird resume of version
|
2011-01-24 11:04:32 +00:00 |
|
Miroslav Stampar
|
eb33612736
|
fix
|
2011-01-24 10:20:17 +00:00 |
|
Miroslav Stampar
|
c1145c244e
|
fix for user-agent injections
|
2011-01-23 23:23:30 +00:00 |
|
Miroslav Stampar
|
818c9787b2
|
minor update
|
2011-01-23 21:20:16 +00:00 |
|
Miroslav Stampar
|
b18397fbc7
|
major revisit of --os-shell methods
|
2011-01-23 20:47:06 +00:00 |
|
Miroslav Stampar
|
ff7707579f
|
minor improvement
|
2011-01-23 11:35:24 +00:00 |
|
Miroslav Stampar
|
f5ff78d40c
|
revert
|
2011-01-23 11:21:27 +00:00 |
|
Miroslav Stampar
|
db76bcb327
|
fix for cases when mixing ingres dbms with spanish word "ingresa"
|
2011-01-23 11:19:10 +00:00 |
|
Miroslav Stampar
|
97f66a87c5
|
minor improvement over last version - case insensitive and takes in count cases like " UNION ALL selects " from MySQL error message
|
2011-01-23 10:51:57 +00:00 |
|
Miroslav Stampar
|
3a5f0760f6
|
minor optimization (only way to prematurely stop SAX parser)
|
2011-01-23 10:12:01 +00:00 |
|
Miroslav Stampar
|
30cd877c4a
|
fix for URI based injections
|
2011-01-22 16:23:33 +00:00 |
|
Miroslav Stampar
|
7bf05bf2cb
|
minor update
|
2011-01-22 00:12:03 +00:00 |
|
Miroslav Stampar
|
d6d8d54eda
|
implemented Johannes Dahse / Reiners' technique
|
2011-01-22 00:06:27 +00:00 |
|
Miroslav Stampar
|
0743202879
|
minor update
|
2011-01-21 23:54:25 +00:00 |
|
Miroslav Stampar
|
cb0e7080c5
|
more appropriate name (on http://websec.wordpress.com/ they use term "conditional" for something very similar, although not stacked)
|
2011-01-21 23:47:45 +00:00 |
|
Miroslav Stampar
|
7c4c79477d
|
world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql)
|
2011-01-21 18:32:10 +00:00 |
|