Miroslav Stampar
|
a536bf210f
|
improved redirection mechanism
|
2011-05-23 23:20:03 +00:00 |
|
Miroslav Stampar
|
128a012121
|
this was causing that --suffix trouble
|
2011-05-23 19:59:07 +00:00 |
|
Miroslav Stampar
|
bfe8e51b7c
|
minor fix for retrieving stuff like "SELECT * FROM testdb..users"
|
2011-05-23 19:45:40 +00:00 |
|
Miroslav Stampar
|
2b12b18357
|
incorporating metasploit patch from oliver.kuckertz@mologie.de
|
2011-05-23 15:27:10 +00:00 |
|
Miroslav Stampar
|
4542d4535f
|
minor beautification
|
2011-05-23 14:28:05 +00:00 |
|
Miroslav Stampar
|
31b48ec11c
|
removing space left
|
2011-05-23 14:18:33 +00:00 |
|
Miroslav Stampar
|
0ed03d474f
|
now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate
|
2011-05-23 11:09:44 +00:00 |
|
Miroslav Stampar
|
868fbe370b
|
minor beautification
|
2011-05-23 10:39:58 +00:00 |
|
Miroslav Stampar
|
fb23beef6f
|
most elegant way i could think of to deal with "collation incompatibilities" issue on some MySQL/UNION cases (affected about 5% of all targets tested)
|
2011-05-22 19:14:36 +00:00 |
|
Miroslav Stampar
|
4fdb6ac9b9
|
adding useful info
|
2011-05-22 15:30:19 +00:00 |
|
Miroslav Stampar
|
48c20a62ac
|
minor nag fix
|
2011-05-22 15:08:55 +00:00 |
|
Miroslav Stampar
|
40971aca94
|
fixing nasty bug caused by retrying counter
|
2011-05-22 10:59:56 +00:00 |
|
Miroslav Stampar
|
712e238f33
|
another minor fix
|
2011-05-22 10:29:25 +00:00 |
|
Miroslav Stampar
|
2795aeff34
|
minor fix
|
2011-05-22 10:27:45 +00:00 |
|
Miroslav Stampar
|
806e898694
|
no more CRITICAL drop outs in test mode - lots of reports were related to this
|
2011-05-22 10:21:49 +00:00 |
|
Miroslav Stampar
|
9b2623514a
|
one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables
|
2011-05-22 09:48:46 +00:00 |
|
Miroslav Stampar
|
2ea613b170
|
type correction and adding global flag kb.ignoreTimeout which could be useful
|
2011-05-22 08:24:13 +00:00 |
|
Miroslav Stampar
|
27f0e73cc9
|
refactoring of 'target' flag in connect.py
|
2011-05-22 07:46:09 +00:00 |
|
Miroslav Stampar
|
a58aaf2e1a
|
better format for results file (easier for sorting when lots of files)
|
2011-05-22 07:02:36 +00:00 |
|
Miroslav Stampar
|
25fff8c135
|
changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux)
|
2011-05-21 11:46:57 +00:00 |
|
Miroslav Stampar
|
9e5856caf8
|
improvement for recognition of scalar vs multiple-row commands
|
2011-05-19 16:45:05 +00:00 |
|
Miroslav Stampar
|
db72428765
|
minor update
|
2011-05-19 15:57:29 +00:00 |
|
Miroslav Stampar
|
f40c6b2ce7
|
added --cookie for maskSensitiveData too
|
2011-05-19 15:42:59 +00:00 |
|
Miroslav Stampar
|
9832fc42d4
|
minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)
|
2011-05-18 21:47:40 +00:00 |
|
Miroslav Stampar
|
3048e9f710
|
minor refactoring
|
2011-05-17 23:03:31 +00:00 |
|
Miroslav Stampar
|
cc07e5dc97
|
added --charset option to force charset encoding of the retrieved data (e.g. when the backend collation is different than the current web page charset) as requested by devon.mitchell1988@yahoo.com
|
2011-05-17 22:55:22 +00:00 |
|
Miroslav Stampar
|
dfe81cc66f
|
minor yielding
|
2011-05-16 20:14:10 +00:00 |
|
Miroslav Stampar
|
a5ad4621c9
|
minor refactoring
|
2011-05-16 20:09:12 +00:00 |
|
Miroslav Stampar
|
ba1df457ab
|
fix for a charset euc_tw reported by devon.mitchell1988@yahoo.com
|
2011-05-16 19:26:58 +00:00 |
|
Miroslav Stampar
|
6ba9dea640
|
just in case for trimmed output
|
2011-05-16 06:17:37 +00:00 |
|
Miroslav Stampar
|
d2221e4604
|
fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...)
|
2011-05-16 00:23:50 +00:00 |
|
Miroslav Stampar
|
faa74cd2bc
|
introducing results file for multiple target mode
|
2011-05-15 22:21:38 +00:00 |
|
Miroslav Stampar
|
90e84c9a6d
|
removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end
|
2011-05-15 21:43:38 +00:00 |
|
Miroslav Stampar
|
c3bb5a03e1
|
minor improvement
|
2011-05-14 20:09:37 +00:00 |
|
Miroslav Stampar
|
3484a4426b
|
fix for a bug reported by itxx@qq.com (TypeError: encode() takes no keyword arguments)
|
2011-05-14 19:57:28 +00:00 |
|
Miroslav Stampar
|
053c245114
|
few minor fixes
|
2011-05-13 09:56:12 +00:00 |
|
Miroslav Stampar
|
a7d7be5ce0
|
bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host)
|
2011-05-13 01:01:53 +00:00 |
|
Miroslav Stampar
|
f11d5c91e3
|
minor update so that only one DNS request per scan is being done (before this commit there were two)
|
2011-05-12 14:32:39 +00:00 |
|
Miroslav Stampar
|
70688fb8b5
|
minor enhancement for dumping 'None' values (proper way should be empty string because None is too pythonic)
|
2011-05-12 12:00:17 +00:00 |
|
Miroslav Stampar
|
c64eb38a8b
|
same thing as for the last commit, but for error technique this time
|
2011-05-12 11:52:18 +00:00 |
|
Miroslav Stampar
|
84a7e5ffb9
|
"unfix" for r3172 which was causing "AttributeError: 'list' object has no attribute 'isdigit'" because of change of appereance
|
2011-05-12 11:36:02 +00:00 |
|
Miroslav Stampar
|
0b2da2f9f5
|
minor beautification for --tor switch
|
2011-05-12 05:46:17 +00:00 |
|
Miroslav Stampar
|
e05a9c0554
|
i was probably very tired or very stupid to do this
|
2011-05-11 13:13:46 +00:00 |
|
Miroslav Stampar
|
2ab9e30f7a
|
bug fix
|
2011-05-11 12:54:33 +00:00 |
|
Miroslav Stampar
|
53065ee1fb
|
adding ordered set for kb.targetUrls (now the order of appereance in multiple targets mode will be respected)
|
2011-05-11 08:55:48 +00:00 |
|
Miroslav Stampar
|
5ee07b90b9
|
added -m switch for bulk loading multiple targets
|
2011-05-11 08:46:40 +00:00 |
|
Miroslav Stampar
|
120b0d756e
|
unfix
|
2011-05-10 21:33:06 +00:00 |
|
Miroslav Stampar
|
6b66fce72c
|
minor fix
|
2011-05-10 20:52:43 +00:00 |
|
Miroslav Stampar
|
192c685bc8
|
changing conf attribute to a more proper name
|
2011-05-10 20:48:34 +00:00 |
|
Miroslav Stampar
|
deae534ee7
|
minor refactoring
|
2011-05-10 20:44:36 +00:00 |
|