Miroslav Stampar
|
b0ea74dc63
|
Minor warning message update
|
2016-06-01 10:53:32 +02:00 |
|
Miroslav Stampar
|
9fad72f28b
|
Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion)
|
2016-05-31 11:08:23 +02:00 |
|
Miroslav Stampar
|
1782bf8e64
|
Adding support for parsing ODBC/JDBC error messages
|
2016-05-31 10:49:34 +02:00 |
|
Miroslav Stampar
|
2fa4b22645
|
Patch for URL encoding cookie values (asking the user to choose)
|
2016-05-30 17:47:08 +02:00 |
|
Miroslav Stampar
|
935cb9c8cb
|
Patch for a custom header cookie urlencoding
|
2016-05-30 14:09:53 +02:00 |
|
Miroslav Stampar
|
b6a4bd91fe
|
Minor text update
|
2016-05-30 10:51:35 +02:00 |
|
Miroslav Stampar
|
6327063bd0
|
Minor patch
|
2016-05-27 16:43:01 +02:00 |
|
Miroslav Stampar
|
154ed2c4e2
|
Minor patch
|
2016-05-27 13:33:14 +02:00 |
|
Miroslav Stampar
|
831c960216
|
Update for an Issue #1899
|
2016-05-26 16:47:38 +02:00 |
|
Miroslav Stampar
|
43af2a4aee
|
Fixes #1899
|
2016-05-26 16:08:59 +02:00 |
|
Miroslav Stampar
|
72f3185ae7
|
Fixes #1878
|
2016-05-17 10:47:17 +02:00 |
|
Miroslav Stampar
|
e3f54bc226
|
Minor patch for #1874
|
2016-05-16 16:53:28 +02:00 |
|
Miroslav Stampar
|
6928dae956
|
Minor patch
|
2016-05-02 10:45:50 +02:00 |
|
Miroslav Stampar
|
814d710320
|
Minor speed up
|
2016-04-08 14:41:34 +02:00 |
|
Miroslav Stampar
|
44c1c2c6f0
|
Minor update (reported via email)
|
2016-04-06 11:43:53 +02:00 |
|
Miroslav Stampar
|
06296bd251
|
Fixes #1743
|
2016-03-06 20:04:45 +01:00 |
|
Miroslav Stampar
|
679f0cf772
|
Fixes #1738
|
2016-03-01 15:36:00 +01:00 |
|
Miroslav Stampar
|
cedfdc78f4
|
Adding escapequotes.py (utility tamper script)
|
2016-02-05 12:00:57 +01:00 |
|
Miroslav Stampar
|
b07685a386
|
Added checking of localhost for another DNS service on *:53
|
2016-02-03 11:55:13 +01:00 |
|
Miroslav Stampar
|
8b90d146f6
|
Update of file attributes
|
2016-01-14 18:02:15 +01:00 |
|
Miroslav Stampar
|
a0b67418c7
|
Just in case update
|
2016-01-11 00:34:03 +01:00 |
|
Miroslav Stampar
|
2280cd191a
|
Fixes #1654
|
2016-01-10 23:15:43 +01:00 |
|
Miroslav Stampar
|
5908964db4
|
Another (better) patch for #1636
|
2016-01-09 17:32:19 +01:00 |
|
Miroslav Stampar
|
d0d676ccce
|
Update of copyright string
|
2016-01-06 00:06:12 +01:00 |
|
Miroslav Stampar
|
24d95ab6b3
|
Fixes #1624
|
2015-12-24 10:34:42 +01:00 |
|
Miroslav Stampar
|
ae7481081e
|
Patch for an Issue reported via email
|
2015-12-19 23:45:10 +01:00 |
|
Miroslav Stampar
|
e4ed1c058b
|
Minor error message improvement (SSL issues)
|
2015-12-18 17:15:59 +01:00 |
|
Miroslav Stampar
|
d7d786d3b5
|
Fixes #1607
|
2015-12-15 11:29:37 +01:00 |
|
Miroslav Stampar
|
273679f542
|
Adding new charset replacement (reported via email)
|
2015-12-10 13:23:50 +01:00 |
|
Miroslav Stampar
|
b5b3411f16
|
Fixes #1574
|
2015-12-06 23:49:22 +01:00 |
|
Miroslav Stampar
|
6397704456
|
Patch for an Issue #1578
|
2015-12-03 01:43:37 +01:00 |
|
Miroslav Stampar
|
c7ec1534a6
|
Patch related to #1256
|
2015-11-25 13:04:34 +01:00 |
|
Miroslav Stampar
|
4d576928a7
|
Fixes #1554
|
2015-11-22 16:05:48 +01:00 |
|
Miroslav Stampar
|
bc215d1b19
|
I believe that this was a wrong decision. Patching
|
2015-11-09 14:11:08 +01:00 |
|
Miroslav Stampar
|
17350fb4ec
|
Proper fix for #1146 (/ has been escaped with \/ in output)
|
2015-11-09 14:05:53 +01:00 |
|
Miroslav Stampar
|
42649005c2
|
Lots of fixes and refactoring in search department
|
2015-11-08 16:37:46 +01:00 |
|
Miroslav Stampar
|
c31e23e514
|
Patch for an Issue #1516
|
2015-11-06 11:19:55 +01:00 |
|
Miroslav Stampar
|
6adb6eabec
|
Fixes #1517
|
2015-11-03 14:53:41 +01:00 |
|
Miroslav Stampar
|
064c2a71ed
|
Fixes #1510
|
2015-11-01 22:56:26 +01:00 |
|
Miroslav Stampar
|
0b64cf803c
|
Fixes #1496
|
2015-10-29 16:52:17 +01:00 |
|
Miroslav Stampar
|
8fbac5a99e
|
Patch for --proxy-file
|
2015-10-25 15:58:43 +01:00 |
|
Miroslav Stampar
|
5fb8ae9d3c
|
Fixes #1479
|
2015-10-22 19:59:16 +02:00 |
|
Miroslav Stampar
|
90ad914c1e
|
Patch related to the #1477
|
2015-10-22 14:58:06 +02:00 |
|
Miroslav Stampar
|
8aada250f3
|
Fixes #1471
|
2015-10-19 11:08:58 +02:00 |
|
Miroslav Stampar
|
3dc8820caa
|
Fixes #1474
|
2015-10-19 10:38:38 +02:00 |
|
Miroslav Stampar
|
956047b43f
|
Patch for an Issue #1468
|
2015-10-15 13:07:43 +02:00 |
|
Miroslav Stampar
|
e3ae026077
|
Fixes #1467
|
2015-10-14 15:19:44 +02:00 |
|
Miroslav Stampar
|
c4df6f3a22
|
Fixes #1465
|
2015-10-13 13:31:28 +02:00 |
|
Miroslav Stampar
|
b9a44555ff
|
Fixes #1462
|
2015-10-11 15:20:10 +02:00 |
|
Miroslav Stampar
|
eb7c18d1f8
|
Fixes #1452
|
2015-10-07 09:25:14 +02:00 |
|
Miroslav Stampar
|
a1a7161fab
|
Fixes #1441
|
2015-09-30 10:13:19 +02:00 |
|
Miroslav Stampar
|
1fd6b007ab
|
Less critical messages when something goes wrong with connection
|
2015-09-27 16:36:20 +02:00 |
|
Miroslav Stampar
|
ef22f31fdf
|
Fixes #1433
|
2015-09-27 16:17:58 +02:00 |
|
Miroslav Stampar
|
5ed106ecea
|
Patch for an Issue #1434
|
2015-09-27 15:59:17 +02:00 |
|
Miroslav Stampar
|
38541b021a
|
Implementing hidden switch '--force-threads' on request (to force multi-threading in time-based SQLi)
|
2015-09-26 00:09:17 +02:00 |
|
Miroslav Stampar
|
27707be467
|
Fixes #1416
|
2015-09-17 17:09:36 +02:00 |
|
Miroslav Stampar
|
65a8f0fe32
|
Minor enhancement
|
2015-09-17 15:25:40 +02:00 |
|
Miroslav Stampar
|
5de1825d0c
|
Fixes #1412
|
2015-09-15 10:48:23 +02:00 |
|
Miroslav Stampar
|
f89ce2173f
|
Fixes #1404
|
2015-09-12 15:13:30 +02:00 |
|
Miroslav Stampar
|
f494004f44
|
Switching to the getSafeExString (where it can be used)
|
2015-09-10 15:51:33 +02:00 |
|
Miroslav Stampar
|
c1f829d131
|
Removing last remnants of bad handling the exceptions as strings
|
2015-09-08 11:15:31 +02:00 |
|
Miroslav Stampar
|
6a01d2e430
|
Fixes #1366
|
2015-08-30 02:13:07 +02:00 |
|
Miroslav Stampar
|
1f5e6606a7
|
Fixes #1357
|
2015-08-25 02:03:56 +02:00 |
|
Miroslav Stampar
|
54d65328bc
|
Patch for negative logic (e.g. OR) cases (reported privately)
|
2015-08-18 03:09:01 +02:00 |
|
Miroslav Stampar
|
310d79b8f1
|
Adding special variable 'lastPage' to the eval code (by request from ML)
|
2015-08-14 23:29:31 +02:00 |
|
Miroslav Stampar
|
e5863d8b89
|
Minor patch
|
2015-08-12 21:43:13 +02:00 |
|
Miroslav Stampar
|
b0bc3149f9
|
Fixes #1315
|
2015-07-26 16:18:41 +02:00 |
|
Miroslav Stampar
|
314df093f1
|
Fixes #1314
|
2015-07-26 16:06:01 +02:00 |
|
Miroslav Stampar
|
21e8182ac6
|
Fixes #1305
|
2015-07-18 17:01:34 +02:00 |
|
Miroslav Stampar
|
16f8e4c8ba
|
Removing unused imports
|
2015-07-12 12:25:02 +02:00 |
|
Miroslav Stampar
|
10f8c6a0b6
|
Introducing --offline switch (to perform session only lookups)
|
2015-07-10 16:10:24 +02:00 |
|
Miroslav Stampar
|
e4b23c9beb
|
Minor fix regarding POST redirects (ML)
|
2015-06-16 12:00:56 +02:00 |
|
Miroslav Stampar
|
04c1d439a7
|
Minor patch for #1260
|
2015-06-05 17:18:21 +02:00 |
|
Miroslav Stampar
|
8d7e915af7
|
Minor patch for #1260
|
2015-06-05 17:02:56 +02:00 |
|
Miroslav Stampar
|
ec87d8ebda
|
Adding a support for SNI (Issue #1256)
|
2015-06-01 10:45:16 +02:00 |
|
Miroslav Stampar
|
341d2a6028
|
Minor fix for (hidden) switch '--dummy'
|
2015-05-29 17:30:02 +02:00 |
|
Miroslav Stampar
|
e8f87bfa41
|
Minor patches related to the #1206
|
2015-05-11 11:01:21 +02:00 |
|
Miroslav Stampar
|
91bc02e3ba
|
Fixes related to the #1206
|
2015-05-11 10:56:10 +02:00 |
|
Miroslav Stampar
|
9010e157e9
|
Conflict fix
|
2015-05-11 10:11:33 +02:00 |
|
Miroslav Stampar
|
5b8df7984c
|
Minor update (for Windows-31j charset)
|
2015-05-09 14:32:55 +02:00 |
|
Miroslav Stampar
|
bb98894dc1
|
Adding option --safe-req
|
2015-04-22 16:28:54 +02:00 |
|
Miroslav Stampar
|
c5138d4696
|
Minor refactoring
|
2015-04-21 00:02:47 +02:00 |
|
Miroslav Stampar
|
349dfbf2ae
|
Adding an option --safe-post
|
2015-04-20 23:55:59 +02:00 |
|
Miroslav Stampar
|
99c1cc9937
|
Fixes #1208
|
2015-03-26 17:17:46 +01:00 |
|
Miroslav Stampar
|
fc0186e029
|
Minor update
|
2015-03-26 12:39:44 +01:00 |
|
Miroslav Stampar
|
7587528ebd
|
Fixes #1202
|
2015-03-26 11:40:19 +01:00 |
|
ricterz
|
bbfdb02a0e
|
fix mandatorily depend of websocket #1198
|
2015-03-24 22:25:16 +08:00 |
|
ricterz
|
811f5c11c6
|
remove Host header field and add cookie support #1198
|
2015-03-24 18:50:57 +08:00 |
|
ricterz
|
9b5dcbbbb2
|
modified error handle #1198
|
2015-03-24 18:21:50 +08:00 |
|
ricterz
|
78dbe080d7
|
determine whether it's websocket when connect #1198
|
2015-03-24 17:19:37 +08:00 |
|
Miroslav Stampar
|
05a496c275
|
Fixes #1196
|
2015-03-20 00:56:52 +01:00 |
|
Christ van Willegen
|
80fb2e29cc
|
Fix some spelling errors in help texts (through -> thorough)
|
2015-03-04 13:31:29 +01:00 |
|
Miroslav Stampar
|
3347fc25ca
|
Fixes #1185
|
2015-03-03 15:10:06 +01:00 |
|
Miroslav Stampar
|
3f6c3b40dd
|
Minor update (not overriding user given 'Accept-Encoding' header value)
|
2015-03-03 14:37:36 +01:00 |
|
Miroslav Stampar
|
dde400ab8f
|
More suitable version of 6bcc95a (suggested by user)
|
2015-02-25 10:19:51 +01:00 |
|
Miroslav Stampar
|
6bcc95a20d
|
Restricting evaluated code variable names to Python valid characters ([_0-9a-zA-Z])
|
2015-02-24 15:05:44 +01:00 |
|
Miroslav Stampar
|
1636088b75
|
Minor update
|
2015-02-16 11:48:53 +01:00 |
|
Miroslav Stampar
|
38011743bb
|
Patch for an Issue #1157
|
2015-02-04 15:01:19 +01:00 |
|
Miroslav Stampar
|
59f0da369d
|
Patch for a bug reported via ML (Accept header ignored in --headers)
|
2015-02-02 22:07:16 +01:00 |
|
Miroslav Stampar
|
9e90e357cf
|
Patch for an Issue #1146
|
2015-01-30 21:59:03 +01:00 |
|
Miroslav Stampar
|
e73ac6c8e3
|
Minor patch on request of an user
|
2015-01-17 21:47:57 +01:00 |
|
Miroslav Stampar
|
c2b2ccd2b5
|
Minor bug fix
|
2015-01-17 17:31:00 +01:00 |
|
Miroslav Stampar
|
54e9a1fb2d
|
Minor style update
|
2015-01-14 16:11:55 +01:00 |
|
Miroslav Stampar
|
8e03f4db0f
|
Patch for an Issue #1062
|
2015-01-09 15:33:53 +01:00 |
|
Miroslav Stampar
|
450b3c93cb
|
Potential patch for an Issue #1093
|
2015-01-07 11:40:11 +01:00 |
|
Miroslav Stampar
|
45bdefd29b
|
Update of copyright
|
2015-01-06 15:02:16 +01:00 |
|
Miroslav Stampar
|
c474c16b4a
|
Removing ML email address
|
2015-01-06 12:30:49 +01:00 |
|
Miroslav Stampar
|
41c2f889b2
|
Fix related to the SSLv3 disabling
|
2014-12-30 15:44:55 +01:00 |
|
Miroslav Stampar
|
1e014de6be
|
Patch for an Issue #1066
|
2014-12-26 22:24:28 +01:00 |
|
Miroslav Stampar
|
6972020faf
|
Bug fix for login-like SQLi (OR with 500 result)
|
2014-12-18 15:58:19 +01:00 |
|
Miroslav Stampar
|
180ede0cb3
|
Minor patch
|
2014-12-15 14:07:28 +01:00 |
|
Miroslav Stampar
|
20c272b77d
|
More generic patch for an Issue #994
|
2014-12-07 16:14:48 +01:00 |
|
Miroslav Stampar
|
4e7f835eae
|
Patch for an Issue #994
|
2014-12-07 16:11:07 +01:00 |
|
Miroslav Stampar
|
d3060f20d7
|
Minor improvement
|
2014-12-03 13:22:55 +01:00 |
|
Miroslav Stampar
|
17db587e2c
|
Adding some friendly warning messages (regarding blocking)
|
2014-12-03 10:06:21 +01:00 |
|
Miroslav Stampar
|
7a04595f5e
|
Added a reference url (http charset priority)
|
2014-12-01 11:15:45 +01:00 |
|
Miroslav Stampar
|
a0d95a8ec4
|
Refactoring of #952
|
2014-11-24 12:56:39 +01:00 |
|
Miroslav Stampar
|
27cd9e7064
|
Merge pull request #952 from Rexikon/patch-1
Update httpshandler.py, AttributeError PROTOCOL_SSLv3
|
2014-11-24 12:52:27 +01:00 |
|
Miroslav Stampar
|
05f7b1f121
|
Patch for an Issue #970
|
2014-11-24 10:55:19 +01:00 |
|
Miroslav Stampar
|
1fc4d0e3c4
|
Update for an Issue #431
|
2014-11-21 10:31:55 +01:00 |
|
Miroslav Stampar
|
cf2d5fd453
|
Update for an Issue #431
|
2014-11-21 09:41:49 +01:00 |
|
Miroslav Stampar
|
34ce774acd
|
Patch for an Issue #956
|
2014-11-21 09:41:49 +01:00 |
|
Rexikon
|
4da20679ee
|
Update httpshandler.py
ssl.PROTOCOL_SSLv3 removed
affecting error: AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'
|
2014-11-19 16:36:30 +01:00 |
|
Miroslav Stampar
|
05d5342f20
|
Update and patch for an Issue #2
|
2014-11-17 11:50:05 +01:00 |
|
Miroslav Stampar
|
c5df45a14f
|
Minor bug fix (skipping HTML decoding in heuristic mode)
|
2014-11-11 11:23:14 +01:00 |
|
Miroslav Stampar
|
71c43be53a
|
Patch for an Issue #901
|
2014-11-05 10:03:19 +01:00 |
|
Miroslav Stampar
|
49d3860b1f
|
Minor fix
|
2014-10-31 20:22:15 +01:00 |
|
Miroslav Stampar
|
df73be32f1
|
Fix for an Issue #876
|
2014-10-28 14:41:21 +01:00 |
|
Miroslav Stampar
|
3b3b8d4ef2
|
Potential bug fix (escaping formatted regular expressions)
|
2014-10-28 14:02:55 +01:00 |
|
Miroslav Stampar
|
268e774087
|
Minor refactoring
|
2014-10-28 13:44:55 +01:00 |
|
Miroslav Stampar
|
f89e94fb8c
|
Minor refactoring
|
2014-10-28 13:42:13 +01:00 |
|
Miroslav Stampar
|
6448d3caf4
|
Implementing support for csrfcookie (Issue #2)
|
2014-10-24 09:37:51 +02:00 |
|
Miroslav Stampar
|
5e31229d48
|
Minor cosmetic update
|
2014-10-23 15:18:22 +02:00 |
|
Miroslav Stampar
|
abbd352392
|
Support for X-CSRF-TOKEN header (Issue #2)
|
2014-10-23 14:33:22 +02:00 |
|
Miroslav Stampar
|
fc1b05bec9
|
Implementation for an Issue #2
|
2014-10-23 11:23:53 +02:00 |
|
Miroslav Stampar
|
8dcad46805
|
Update basic.py
|
2014-10-22 23:16:46 +02:00 |
|
Miroslav Stampar
|
2f18df345e
|
Minor patch
|
2014-10-22 13:41:36 +02:00 |
|
Miroslav Stampar
|
268095495e
|
Minor patch
|
2014-10-22 13:32:49 +02:00 |
|
Miroslav Stampar
|
3ebc5faa34
|
Falling back to partial UNION if large dump connects out
|
2014-10-21 09:23:34 +02:00 |
|
Miroslav Stampar
|
1e636fb925
|
Minor patch regarding Issue #840
|
2014-09-28 13:38:09 +02:00 |
|
Miroslav Stampar
|
767c278a0f
|
Fix for an Issue #838
|
2014-09-26 17:00:50 +02:00 |
|
Miroslav Stampar
|
bfc8ab0e35
|
Language update
|
2014-09-08 14:48:31 +02:00 |
|
Miroslav Stampar
|
53d0d5bf8b
|
Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved)
|
2014-09-08 14:33:13 +02:00 |
|
Miroslav Stampar
|
bbf0be1f8d
|
Bug fix (Issue #813)
|
2014-09-03 22:09:12 +02:00 |
|
Miroslav Stampar
|
9476359255
|
Bug fix
|
2014-08-28 12:50:39 +02:00 |
|
Miroslav Stampar
|
e68326c0fe
|
expandAsteriskForColumns changes value of conf.db and conf.tbl potentially causing problems in further work
|
2014-08-26 22:57:08 +02:00 |
|
Miroslav Stampar
|
dcaad75a1e
|
Fix for an Issue #794
|
2014-08-22 15:08:05 +02:00 |
|
Miroslav Stampar
|
d74b803306
|
Minor patch
|
2014-08-22 14:45:23 +02:00 |
|
Miroslav Stampar
|
58d93ffb2b
|
Fix for falling back to partial union (excluding scalar queries)
|
2014-08-20 23:53:15 +02:00 |
|
Miroslav Stampar
|
90882f081d
|
Language update
|
2014-08-20 23:47:57 +02:00 |
|
Miroslav Stampar
|
0296081692
|
Minor refactoring
|
2014-08-20 23:42:40 +02:00 |
|
Miroslav Stampar
|
b4fbb9cafe
|
Minor upgrade
|
2014-08-20 13:52:48 +02:00 |
|
Miroslav Stampar
|
6caccc3d93
|
Bug fix for ultra-slow processing of binary data
|
2014-08-20 01:38:01 +02:00 |
|
Miroslav Stampar
|
3cfa63646b
|
Minor bug fix
|
2014-07-19 23:17:23 +02:00 |
|
Miroslav Stampar
|
32af0b17b0
|
Update for an Issue #760
|
2014-07-10 08:49:20 +02:00 |
|
Miroslav Stampar
|
686fe4d0e9
|
Another patch for DNS exfiltration and boolean checks
|
2014-06-27 14:22:00 +02:00 |
|
Miroslav Stampar
|
2f8d17bcb7
|
Appendix to last commit
|
2014-06-27 13:45:40 +02:00 |
|
Miroslav Stampar
|
75279ea75a
|
Fix for DNS exfiltration of boolean checks
|
2014-06-27 13:07:34 +02:00 |
|
Miroslav Stampar
|
2a88436417
|
Patch for an Issue #724
|
2014-06-16 09:51:24 +02:00 |
|
Miroslav Stampar
|
f558b800ac
|
Patch for an Issue #719
|
2014-06-12 09:08:55 +02:00 |
|
Miroslav Stampar
|
c50560c3a6
|
Patch for an Issue #716
|
2014-06-10 21:57:54 +02:00 |
|
Miroslav Stampar
|
680ab10ca6
|
Patch for an Issue #703
|
2014-05-27 21:41:07 +02:00 |
|
Miroslav Stampar
|
2d5461d250
|
Minor fix (related to the unknown encoding reported by ML)
|
2014-05-22 09:03:14 +02:00 |
|
Miroslav Stampar
|
c181e909b5
|
Minor fix
|
2014-05-16 23:47:00 +02:00 |
|
Miroslav Stampar
|
2e96e3c924
|
Adding a hidden switch --ignore-401
|
2014-04-29 23:26:45 +02:00 |
|
Miroslav Stampar
|
2d3a74a0fe
|
Patch for an Issue #667
|
2014-04-07 21:01:40 +02:00 |
|
Miroslav Stampar
|
bf18b025d6
|
Minor removal of redundant code
|
2014-04-06 18:09:54 +02:00 |
|
Miroslav Stampar
|
7cc4159316
|
Renaming conf.cDel to conf.cookieDel
|
2014-04-06 16:50:58 +02:00 |
|
Miroslav Stampar
|
0ae8ac707e
|
Renaming conf.pDel to conf.paramDel
|
2014-04-06 16:48:46 +02:00 |
|
Miroslav Stampar
|
492a410bcc
|
Minor fix
|
2014-04-04 16:14:53 +02:00 |
|
Miroslav Stampar
|
e7e8a3965a
|
Minor fix
|
2014-04-03 09:00:14 +02:00 |
|
Miroslav Stampar
|
80d4426dbd
|
Patch related to the Issue #661
|
2014-04-02 22:34:37 +02:00 |
|
Miroslav Stampar
|
e8c1c90f2e
|
Whitespace was being double encoded in case of spaceplus (' '->%2B)
|
2014-03-25 22:02:14 +01:00 |
|
Miroslav Stampar
|
106102bd3c
|
Fix for an Issue #648
|
2014-03-21 20:28:29 +01:00 |
|
Miroslav Stampar
|
be3fd8bb29
|
Fix for an Issue #638
|
2014-03-14 16:44:56 +01:00 |
|
Miroslav Stampar
|
f1f53a5841
|
Minor cosmetic update
|
2014-03-06 21:08:31 +01:00 |
|
Miroslav Stampar
|
cc62a8adc9
|
Bug fix for JSON-like data (proper escaping of quotes)
|
2014-02-26 09:30:37 +01:00 |
|
Miroslav Stampar
|
6369a38ebc
|
Adding support for JSON-like data with single quote
|
2014-02-26 08:56:17 +01:00 |
|
Miroslav Stampar
|
fc02badf40
|
Minor update
|
2014-01-23 08:33:21 +01:00 |
|
Bernardo Damele
|
43a4e85749
|
updated copyright
|
2014-01-13 17:24:49 +00:00 |
|
Miroslav Stampar
|
36f3ab5798
|
Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True)
|
2014-01-09 15:46:55 +01:00 |
|
Miroslav Stampar
|
5437f8bf36
|
Fix for an Issue #85
|
2014-01-02 12:09:58 +01:00 |
|
Miroslav Stampar
|
4de83daf03
|
Minor style update
|
2014-01-02 11:06:19 +01:00 |
|
Miroslav Stampar
|
b0ca34ff27
|
Bug fix (payload character '=' was not being url-encoded in custom (user) post cases - when posthint was None)
|
2013-12-04 10:09:54 +01:00 |
|
Bernardo Damele
|
59b6791faa
|
minor improvement
|
2013-11-19 00:24:47 +00:00 |
|
Miroslav Stampar
|
8dac47f7e5
|
Minor patch (for recognition of x-mac-turkish codec)
|
2013-10-21 20:04:48 +02:00 |
|
Miroslav Stampar
|
344d3f4b5f
|
Minor patch
|
2013-10-12 21:05:18 +02:00 |
|
Miroslav Stampar
|
18d9e1dbc3
|
Minor update due to reported (debug) problems with SSLv23
|
2013-10-04 10:53:49 +02:00 |
|
Miroslav Stampar
|
a3defc175d
|
Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself)
|
2013-09-11 23:17:18 +02:00 |
|
Miroslav Stampar
|
81409ce6da
|
Minor patch
|
2013-09-02 10:54:32 +02:00 |
|
Miroslav Stampar
|
dd39913cf6
|
Improvement for an --eval mechanism
|
2013-08-31 00:28:51 +02:00 |
|
Miroslav Stampar
|
3a57af1452
|
Minor fix
|
2013-08-30 15:26:03 +02:00 |
|
Miroslav Stampar
|
88b992ad83
|
Fixing a bug noticed during the yesterday's AppSecEU presentation (--headers='user-agent:foobar*' was not working properly)
|
2013-08-23 11:54:08 +02:00 |
|
Miroslav Stampar
|
23f2c5f166
|
Finishing implementation for an Issue #58
|
2013-08-20 19:35:49 +02:00 |
|
Miroslav Stampar
|
4929cff0c0
|
Minor update
|
2013-08-13 06:42:49 +02:00 |
|
Miroslav Stampar
|
b2855e0281
|
Minor patch
|
2013-08-12 14:25:51 +02:00 |
|
Miroslav Stampar
|
a711c9ed36
|
Minor cleanup and initial work for #58
|
2013-08-09 14:13:48 +02:00 |
|
Miroslav Stampar
|
32c1cb20f5
|
Fix for an Issue #497
|
2013-08-01 19:48:20 +02:00 |
|
Miroslav Stampar
|
953b5815d8
|
Implementation for an Issue #496
|
2013-07-31 21:15:03 +02:00 |
|
Miroslav Stampar
|
6b826ef64d
|
Reintroducing option --cookie-del
|
2013-07-31 20:41:19 +02:00 |
|
Miroslav Stampar
|
ca44b23d20
|
Implementation for --eval to support cookies
|
2013-07-31 17:29:16 +02:00 |
|
Miroslav Stampar
|
eaacbe0b12
|
Minor language fix
|
2013-07-31 09:24:34 +02:00 |
|
Miroslav Stampar
|
f54082111d
|
Better way how to deal with required extensions
|
2013-07-13 19:25:49 +02:00 |
|
Miroslav Stampar
|
3f6d4083a7
|
Minor language update
|
2013-07-13 17:19:16 +02:00 |
|
Miroslav Stampar
|
31efabfca1
|
Appropriate error messaging when one of core libraries are missing due to erroneous Python build
|
2013-07-13 16:07:36 +02:00 |
|
Miroslav Stampar
|
4d9f8ad0dd
|
Commit related to the last one
|
2013-07-13 12:00:03 +02:00 |
|
stamparm
|
a53823f9b7
|
Minor refactoring
|
2013-06-19 10:59:26 +02:00 |
|
Miroslav Stampar
|
f185e5cdd5
|
Fix for an Issue #463
|
2013-06-10 22:26:34 +02:00 |
|
Miroslav Stampar
|
6f49b96a2d
|
Fix for an Issue #462
|
2013-06-10 12:20:58 +02:00 |
|
Miroslav Stampar
|
39612b5d87
|
Fix for an Issue #457
|
2013-06-04 23:46:39 +02:00 |
|
Miroslav Stampar
|
3e0f747fad
|
Minor fix
|
2013-06-04 00:05:25 +02:00 |
|
Miroslav Stampar
|
edc9da1226
|
Minor refactoring
|
2013-06-03 15:14:56 +02:00 |
|
stamparm
|
6b280d8da4
|
Putting 2 decimal places for debug messages with performed queries (e.g. to handle a problem with 0 seconds roundup)
|
2013-05-28 14:40:45 +02:00 |
|
stamparm
|
659c0bb418
|
Minor fix
|
2013-05-27 10:38:47 +02:00 |
|
stamparm
|
4b2cf07262
|
Minor style update
|
2013-05-20 16:15:35 +02:00 |
|
Miroslav Stampar
|
ea5c742595
|
Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled)
|
2013-05-18 21:30:21 +02:00 |
|
Miroslav Stampar
|
f24c8c6b6b
|
Changing logging type to warning for parsed error messages
|
2013-05-18 16:17:56 +02:00 |
|
stamparm
|
03732d2592
|
Minor fix
|
2013-05-17 16:04:05 +02:00 |
|
stamparm
|
76b4e1ccb9
|
Implementation for an Issue #450
|
2013-05-17 15:04:25 +02:00 |
|
stamparm
|
887109a12d
|
Minor bug fix (for not displaying heuristic detected page charset None)
|
2013-04-30 18:16:32 +02:00 |
|
stamparm
|
ebe8ee3500
|
Fix for crawler and redirection case
|
2013-04-30 18:08:26 +02:00 |
|
stamparm
|
09e7f4f697
|
Minor bug fix regarding traffic logging of redirected requests
|
2013-04-30 17:46:26 +02:00 |
|
stamparm
|
1035ee9c3d
|
Patch for an Issue #442
|
2013-04-26 14:49:24 +02:00 |
|
stamparm
|
e3a02f56e6
|
Just in case for --force-ssl (if url is returned in e.g. refresh toward the target)
|
2013-04-24 12:35:39 +02:00 |
|
stamparm
|
6fed1921ed
|
Bug fix (there are cases when provided kwargs containing explicit None values while we want to use the alternative in those kind of cases; there was an intention in original code, while the implementation was buggy)
|
2013-04-16 14:17:41 +02:00 |
|
stamparm
|
140cffbde2
|
Patch for an Issue #434
|
2013-04-15 15:57:28 +02:00 |
|
Miroslav Stampar
|
ed5599f489
|
In case that cookie file is given and cookie header inside request file clashes with one of contained cookies, give cookie file greater priority
|
2013-04-12 19:20:33 +02:00 |
|
stamparm
|
8c9da95343
|
Style and consistency update (url -> URL)
|
2013-04-09 11:48:42 +02:00 |
|
Miroslav Stampar
|
240e9f3f7e
|
Minor patch
|
2013-04-07 11:02:43 +02:00 |
|
Miroslav Stampar
|
df4fd82515
|
Minor update
|
2013-04-03 23:27:27 +02:00 |
|
Miroslav Stampar
|
c75a2d0c40
|
Minor patch
|
2013-04-03 21:31:37 +02:00 |
|
stamparm
|
e1ffdde532
|
Little cleaning a mess with url encoding and post hint types
|
2013-03-27 13:39:27 +01:00 |
|
Miroslav Stampar
|
c19a283434
|
Minor patch
|
2013-03-26 20:06:50 +01:00 |
|
stamparm
|
7accba4cf9
|
Minor update
|
2013-03-26 16:10:41 +01:00 |
|
stamparm
|
7447773237
|
Update for consistency (all other enums are using _ in between words)
|
2013-03-20 11:10:24 +01:00 |
|
Miroslav Stampar
|
8acf033715
|
Code refactoring
|
2013-03-19 19:24:14 +01:00 |
|
stamparm
|
6969874c02
|
Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values)
|
2013-03-19 10:52:37 +01:00 |
|
stamparm
|
e226006766
|
Trivial fix
|
2013-03-18 13:29:55 +01:00 |
|
stamparm
|
5e02bcbd58
|
Minor adjustment
|
2013-03-18 12:16:16 +01:00 |
|
Miroslav Stampar
|
eb08c8d752
|
Another update for an Issue #352
|
2013-03-13 19:42:22 +01:00 |
|
Miroslav Stampar
|
2f43c3eb9b
|
Minor fix (digest live test case) and some refactoring
|
2013-03-12 21:16:44 +01:00 |
|
Miroslav Stampar
|
84a5bdb9cf
|
Trivial cosmetics
|
2013-03-09 19:41:24 +01:00 |
|
Miroslav Stampar
|
79d6a0e9c9
|
Using binary data in dummy mode
|
2013-03-09 19:40:24 +01:00 |
|
Miroslav Stampar
|
62980d7d5a
|
Automatically decoding url encoded data in response
|
2013-03-05 17:32:10 +01:00 |
|
Miroslav Stampar
|
0e89cc62a2
|
Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections
|
2013-02-28 20:20:08 +01:00 |
|
stamparm
|
9ef79df23d
|
Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched)
|
2013-02-28 13:51:08 +01:00 |
|
stamparm
|
69063947b6
|
Debug message should go with logging.DEBUG
|
2013-02-19 09:46:51 +01:00 |
|
Bernardo Damele
|
d7247a51ee
|
do not prompt constantly if the page is not found
|
2013-02-18 18:08:20 +00:00 |
|
Miroslav Stampar
|
11bcf28d86
|
Fix for an Issue #399
|
2013-02-15 10:04:13 +01:00 |
|
Bernardo Damele
|
4b9d8ed673
|
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
|
2013-02-14 11:32:17 +00:00 |
|
Bernardo Damele
|
a67ef4117f
|
make sure to use Python 2 interpreter when default system Python is version 3
|
2013-02-14 11:25:04 +00:00 |
|
Miroslav Stampar
|
a0b44da5d8
|
Minor fix for --threads>1 --binary-fields
|
2013-02-13 20:47:27 +01:00 |
|
Miroslav Stampar
|
d78a3e977b
|
Update (allowing regular char * to be inside SOAP/JSON/XML)
|
2013-02-13 12:24:42 +01:00 |
|
Miroslav Stampar
|
1d42aba01e
|
Minor update regarding 093a93938c (for goStacked to work properly with stacked conditional payloads - e.g. proper suffix/prefix)
|
2013-02-12 17:35:14 +01:00 |
|
Miroslav Stampar
|
c34f6e25b2
|
Minor fix for --eval (urldecoded values should be used inside evaluation)
|
2013-02-12 17:01:47 +01:00 |
|
Bernardo Damele
|
2fa2f30d21
|
slighlty better, still not optimal
|
2013-02-06 17:45:52 +00:00 |
|
Bernardo Damele
|
b272b0574d
|
minor fix to reset partRun value - #297
|
2013-02-06 17:09:28 +00:00 |
|
Miroslav Stampar
|
62772125e3
|
Bug fix for HTTPSCertAuthHandler
|
2013-02-05 12:16:06 +01:00 |
|
Miroslav Stampar
|
6d942f92b5
|
Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))
|
2013-02-01 10:03:06 +01:00 |
|
Miroslav Stampar
|
f5844eabae
|
Valuable data is potentially lost if page not parsed in dump mode (e.g. --technique=B and error occuring) <- partial revert of previous optimization commit 10bdd90e60
|
2013-01-31 13:32:14 +01:00 |
|
Miroslav Stampar
|
2420a4b626
|
Update for an Issue #342 and #372
|
2013-01-31 10:01:52 +01:00 |
|
Miroslav Stampar
|
f41460f8d8
|
Better naming
|
2013-01-29 20:53:11 +01:00 |
|
Miroslav Stampar
|
a59ac8e27f
|
Trivial cosmetics
|
2013-01-29 16:30:38 +01:00 |
|
Miroslav Stampar
|
479f791112
|
Minor fix
|
2013-01-25 12:41:51 +01:00 |
|
Chris Frohoff
|
218a6a9695
|
fixed response header logging for header names with special chars
|
2013-01-23 11:10:25 -08:00 |
|
Miroslav Stampar
|
59b02539ca
|
More general approach regarding that last commit
|
2013-01-22 11:34:34 +01:00 |
|
Miroslav Stampar
|
01f1488f07
|
Minor patch (annoying trailing spaces for some DBMSes --technique=B --sql-query)
|
2013-01-22 11:29:51 +01:00 |
|
Miroslav Stampar
|
bb6b89fe93
|
Patch for an Issue #360
|
2013-01-19 18:06:36 +01:00 |
|
Miroslav Stampar
|
ac7709204a
|
Better fix for that page/headers/comparison --string candidate problem
|
2013-01-18 17:00:11 +01:00 |
|
Miroslav Stampar
|
8141d17985
|
Revert of previous commit (more care has to be done regarding headers dynamicity)
|
2013-01-18 16:49:35 +01:00 |
|
Miroslav Stampar
|
33094a118c
|
Fix for an Issue where '--string' is being automatically picked not looking properly in headers too
|
2013-01-18 16:35:09 +01:00 |
|
Bernardo Damele
|
a43202f3c0
|
updated copyright
|
2013-01-18 14:07:51 +00:00 |
|
Miroslav Stampar
|
17d36684b5
|
Removing obsolete proxy handling code (Python < 2.6)
|
2013-01-18 11:30:52 +01:00 |
|
Miroslav Stampar
|
e941e60b20
|
Minor just in place update for an Issue #348
|
2013-01-17 22:44:55 +01:00 |
|
Bernardo Damele
|
38eb4eb33e
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-17 21:03:11 +00:00 |
|
Bernardo Damele
|
b6e44ae64e
|
fix for #349 (compatible with all others DBMSes too)
|
2013-01-17 21:03:03 +00:00 |
|
Miroslav Stampar
|
a8e3fd58c5
|
Implementation for an Issue #348
|
2013-01-17 21:49:58 +01:00 |
|
Miroslav Stampar
|
8480ceddcb
|
Minor style update
|
2013-01-17 19:55:56 +01:00 |
|
Miroslav Stampar
|
f7eda07d92
|
Patch for an Issue #347
|
2013-01-17 15:30:14 +01:00 |
|
Miroslav Stampar
|
3ab4a5e36d
|
Fix for an Issue #345
|
2013-01-17 11:50:12 +01:00 |
|
Miroslav Stampar
|
14b7e655a9
|
Minor refactoring
|
2013-01-16 16:33:04 +01:00 |
|
Miroslav Stampar
|
fb7243c237
|
Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs
|
2013-01-16 16:04:00 +01:00 |
|
Bernardo Damele
|
e16ad38d3e
|
more work on #342
|
2013-01-15 18:15:07 +00:00 |
|
Bernardo Damele
|
329047fc12
|
restored fix for #210 to keep --hex work with --technique B
|
2013-01-15 17:51:40 +00:00 |
|
Bernardo Damele
|
2a751e075d
|
more work on #342
|
2013-01-15 17:14:44 +00:00 |
|
Bernardo Damele
|
4eaa0d17aa
|
Fix in forging query to calculate query output length - closes issue #342
|
2013-01-15 15:50:20 +00:00 |
|
Miroslav Stampar
|
5ee653dd89
|
Merging commit 57bcbb458eade2850a6d7623ecddbe49c69cf334 from @morisson
|
2013-01-15 10:14:02 +01:00 |
|
Miroslav Stampar
|
03dd958d96
|
Implementation for an Issue #48
|
2013-01-13 16:22:43 +01:00 |
|
Miroslav Stampar
|
81848c723d
|
Minor cleanup (we officially support Python >= 2.6)
|
2013-01-11 16:01:48 +01:00 |
|
Miroslav Stampar
|
934d41dac2
|
Minor style update (PEP8)
|
2013-01-10 15:02:28 +01:00 |
|
Miroslav Stampar
|
ca3d35a878
|
Some PEP8 related style cleaning
|
2013-01-10 13:18:44 +01:00 |
|
Miroslav Stampar
|
5b77b20e2e
|
Removing trailing whitespaces (PEP8)
|
2013-01-03 23:57:07 +01:00 |
|
Miroslav Stampar
|
e4a3c015e5
|
Replacing old and deprecated raise Exception style (PEP8)
|
2013-01-03 23:20:55 +01:00 |
|
Miroslav Stampar
|
127b880577
|
Minor update
|
2012-12-27 15:14:40 +01:00 |
|
Bernardo Damele
|
9149d77cc8
|
removed duplicate code - fixes issue #310
|
2012-12-19 12:17:56 +00:00 |
|
Bernardo Damele
|
dee56b17c3
|
handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308
|
2012-12-19 10:50:15 +00:00 |
|
Miroslav Stampar
|
155c1eddae
|
Debug message with declared page charset
|
2012-12-19 11:16:42 +01:00 |
|
Miroslav Stampar
|
2b64c10710
|
Patch for an Issue #304
|
2012-12-18 09:36:26 +01:00 |
|
Miroslav Stampar
|
4ea0c9e922
|
Another implementation for an Issue #302
|
2012-12-17 15:08:54 +01:00 |
|
Miroslav Stampar
|
60baf5071e
|
Patch for an Issue #302
|
2012-12-17 00:40:01 +01:00 |
|
Miroslav Stampar
|
c41618416c
|
Removing trailing blanks
|
2012-12-14 12:00:45 +01:00 |
|
Miroslav Stampar
|
013dc8bc98
|
Another minor update for an Issue #267
|
2012-12-10 13:07:36 +01:00 |
|
Miroslav Stampar
|
8bd0080bf4
|
Minor update for an Issue #267
|
2012-12-10 13:05:41 +01:00 |
|
Miroslav Stampar
|
96df0ba061
|
Implemented support for plain , chars too (Issue #267)
|
2012-12-10 12:58:17 +01:00 |
|
Miroslav Stampar
|
d0ea4c65c5
|
Minor styl eupdate for an Issue #267
|
2012-12-10 12:54:01 +01:00 |
|
Miroslav Stampar
|
5606a860ce
|
Oracle supports inline comments too (Issue #267)
|
2012-12-10 12:00:15 +01:00 |
|
Miroslav Stampar
|
a024884ca7
|
Support for a HTTP parameter pollution (Issue #267)
|
2012-12-10 11:55:31 +01:00 |
|
Miroslav Stampar
|
73968a448c
|
Minor update
|
2012-12-07 15:29:54 +01:00 |
|
Miroslav Stampar
|
e129a30e6b
|
Removing redundant code in redirect handler (related to an Issue #288)
|
2012-12-07 12:40:19 +01:00 |
|
Miroslav Stampar
|
fccad15cfa
|
Minor update for an Issue #288
|
2012-12-07 12:14:33 +01:00 |
|
Miroslav Stampar
|
75e6d77fbc
|
Minor refactoring
|
2012-12-07 11:54:34 +01:00 |
|
Miroslav Stampar
|
fbaeecdaf9
|
Patch for an Issue #288
|
2012-12-07 11:52:21 +01:00 |
|
Miroslav Stampar
|
c0fc12beb2
|
Minor update for an Issue #288
|
2012-12-07 11:23:18 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|
Miroslav Stampar
|
ab67344448
|
Removed unused imports and variables (pyflake-ing)
|
2012-12-06 11:15:05 +01:00 |
|
Miroslav Stampar
|
b6650add46
|
Introducing 'new style classes' (idea from Pull request #284)
|
2012-12-06 10:42:53 +01:00 |
|
Miroslav Stampar
|
0f191f624c
|
Taking some goodies from Pull request #284
|
2012-12-06 10:21:53 +01:00 |
|
Miroslav Stampar
|
775e0df04b
|
Update for an Issue #278
|
2012-12-05 10:45:17 +01:00 |
|
Miroslav Stampar
|
79fca8e9d5
|
Fix for an Issue #268
|
2012-12-03 12:13:59 +01:00 |
|
Miroslav Stampar
|
605d73cc3d
|
Minor refactoring
|
2012-11-29 12:21:12 +01:00 |
|
Miroslav Stampar
|
c40dded28c
|
Fix for an Issue #250
|
2012-11-20 12:10:29 +01:00 |
|
Miroslav Stampar
|
5b3fe25211
|
Improving comparison engine (removing shared prelude part to further sharpen if pages are identical - especially noticable in small test pages)
|
2012-11-13 15:22:59 +01:00 |
|
Miroslav Stampar
|
a52dbc575b
|
Patch for an Issue #246
|
2012-11-13 10:21:11 +01:00 |
|
Miroslav Stampar
|
f305dde413
|
Patch for an Issue #235
|
2012-11-10 11:01:29 +01:00 |
|
Miroslav Stampar
|
359e734954
|
Minor refactoring
|
2012-10-29 10:48:49 +01:00 |
|
Miroslav Stampar
|
25a5073281
|
Bug fix for --hex/--technique=B (especially MsSQL)
|
2012-10-28 12:22:33 +01:00 |
|
Miroslav Stampar
|
c1b8226329
|
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
|
2012-10-28 00:36:09 +02:00 |
|
Miroslav Stampar
|
a435ba6863
|
Minor fix
|
2012-10-28 00:19:00 +02:00 |
|
Miroslav Stampar
|
0aeb9dbe8b
|
Bug fix (in --dump mode if error/inband failed with None other techniques were ignored)
|
2012-10-27 23:42:52 +02:00 |
|
Miroslav Stampar
|
12fc9442b9
|
Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)
|
2012-10-25 10:10:23 +02:00 |
|
Miroslav Stampar
|
b82eb3a1ae
|
Fix for an Issue #210
|
2012-10-23 13:58:25 +02:00 |
|
Miroslav Stampar
|
3f596cda85
|
Minor fix for --dump --technique=B when empty strings are returned
|
2012-10-22 11:49:23 +02:00 |
|
Miroslav Stampar
|
21481df239
|
Minor update for Issue #209
|
2012-10-21 19:00:37 +02:00 |
|
Miroslav Stampar
|
fb1497aa89
|
Minor update for Issue #209
|
2012-10-21 18:53:31 +02:00 |
|
Miroslav Stampar
|
261b286021
|
Fix for an Issue #209
|
2012-10-20 13:17:45 +02:00 |
|
Miroslav Stampar
|
6a271fe800
|
Update for an Issue #2
|
2012-10-19 11:29:03 +02:00 |
|
Miroslav Stampar
|
998eb70288
|
Minor update
|
2012-10-19 11:05:10 +02:00 |
|
Miroslav Stampar
|
987f167e12
|
Minor update
|
2012-10-19 11:03:54 +02:00 |
|
Miroslav Stampar
|
d65d9e25cd
|
Implementation for an Issue #2
|
2012-10-19 11:02:14 +02:00 |
|
Miroslav Stampar
|
688a2db27a
|
Fix for an Issue #208
|
2012-10-19 10:04:09 +02:00 |
|
Miroslav Stampar
|
b5060c0010
|
Fix for an Issue #205
|
2012-10-16 14:28:46 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
42b2c85517
|
Minor cosmetics
|
2012-10-15 18:45:13 +02:00 |
|
Miroslav Stampar
|
c7cf8b2e80
|
Minor refactoring of direct()
|
2012-10-15 18:41:41 +02:00 |
|
Miroslav Stampar
|
e440b096c5
|
Fix for an Issue #202
|
2012-10-15 12:24:30 +02:00 |
|
Miroslav Stampar
|
e61c4c22c9
|
Implementation for an Issue #200
|
2012-10-09 15:19:47 +02:00 |
|
Miroslav Stampar
|
5a91b6e622
|
Minor cleanup
|
2012-10-09 10:21:52 +02:00 |
|
Miroslav Stampar
|
8e7449ccd5
|
Minor update
|
2012-10-07 20:28:24 +02:00 |
|
Miroslav Stampar
|
ff205f088b
|
Minor update
|
2012-10-07 20:12:55 +02:00 |
|
Miroslav Stampar
|
098e446ca4
|
Adding support for generic XML POST data
|
2012-10-04 18:44:12 +02:00 |
|
Miroslav Stampar
|
f71b937add
|
Minor language cleanup
|
2012-10-04 18:28:36 +02:00 |
|
Miroslav Stampar
|
8865fe69d7
|
Minor cleanup
|
2012-10-04 18:26:07 +02:00 |
|
Miroslav Stampar
|
d464678e10
|
Minor update for an Issue #49
|
2012-10-04 18:01:42 +02:00 |
|
Miroslav Stampar
|
84b05e2d18
|
Better treating of numeric values (Issue #49)
|
2012-10-04 16:08:37 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
bcbf0571a5
|
Implementation for an Issue #49
|
2012-10-02 14:23:58 +02:00 |
|
Miroslav Stampar
|
763dc98311
|
Minor refactoring
|
2012-10-02 13:36:15 +02:00 |
|
Miroslav Stampar
|
a8aecaa036
|
Minor style update
|
2012-10-02 13:33:10 +02:00 |
|
Miroslav Stampar
|
687f3991de
|
Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.
|
2012-09-26 11:27:43 +02:00 |
|
Miroslav Stampar
|
ec43ceec40
|
Some more cleanup related to the last commit (unneeded manual crafting/unneeded closing with ;)
|
2012-09-25 14:29:22 +02:00 |
|
Miroslav Stampar
|
c9e7e71ea2
|
Implementation for an Issue #195
|
2012-09-25 10:17:25 +02:00 |
|
Miroslav Stampar
|
d175decdfc
|
Fix for an Issue #190
|
2012-09-22 20:59:40 +02:00 |
|
Miroslav Stampar
|
e570858db9
|
Implementation for an Issue #183
|
2012-09-12 11:50:38 +02:00 |
|
Miroslav Stampar
|
511c3b8dcc
|
Update and fix for an Issue #182
|
2012-09-11 14:58:52 +02:00 |
|
Miroslav Stampar
|
10b671d625
|
Update for an Issue #182
|
2012-09-11 12:08:34 +02:00 |
|
Miroslav Stampar
|
5d23d72ff5
|
Fix for an Issue #176
|
2012-09-08 17:58:03 +02:00 |
|
Miroslav Stampar
|
dbce417cdd
|
Potential fix for an Issue #171
|
2012-09-02 22:48:41 +02:00 |
|
Miroslav Stampar
|
b916db34a4
|
Another update for an Issue #79
|
2012-08-31 12:38:02 +02:00 |
|
Miroslav Stampar
|
47d162f391
|
Minor update (same but cleaner)
|
2012-08-31 12:27:40 +02:00 |
|
Miroslav Stampar
|
7286d89cb6
|
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
|
2012-08-31 12:15:09 +02:00 |
|
Miroslav Stampar
|
cdd3ed6abc
|
Minor bug fix
|
2012-08-30 14:22:18 +02:00 |
|
Miroslav Stampar
|
32a36f1ff3
|
El Cosmeticado
|
2012-08-22 09:58:39 +02:00 |
|
Miroslav Stampar
|
d421f9a618
|
Fix for an Issue #157
|
2012-08-21 14:34:19 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
b9c63eb908
|
Fix for an Issue #156
|
2012-08-21 10:46:29 +02:00 |
|
Miroslav Stampar
|
7a8ace78f9
|
Removing redundant newline char as logger already adds it's own
|
2012-08-21 09:58:40 +02:00 |
|
Miroslav Stampar
|
233b9a3815
|
Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those)
|
2012-08-20 22:17:39 +02:00 |
|
Miroslav Stampar
|
823dde73ab
|
Minor cleanup
|
2012-08-20 11:40:49 +02:00 |
|
Miroslav Stampar
|
76338add17
|
Fix for an Issue #152
|
2012-08-20 10:41:43 +02:00 |
|
Miroslav Stampar
|
fec8a5cc9d
|
Fix for an Issue #139
|
2012-08-07 00:50:58 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Miroslav Stampar
|
47073f4afd
|
Implementation of an Issue #131
|
2012-07-30 21:50:46 +02:00 |
|
Miroslav Stampar
|
a86f9798b2
|
Minor refactoring together with a wider support for html entities
|
2012-07-30 11:21:32 +02:00 |
|
Miroslav Stampar
|
07738004cc
|
Fix for an Issue #123
|
2012-07-27 10:02:47 +02:00 |
|
Miroslav Stampar
|
a5062c1e4f
|
Adding a warn message when --dns-domain is ignored (because of faster techniques)
|
2012-07-27 09:48:48 +02:00 |
|
Bernardo Damele
|
92c2b3bd4c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-26 23:11:11 +01:00 |
|
Bernardo Damele
|
d492291744
|
working on issue #12
|
2012-07-26 23:11:07 +01:00 |
|
Miroslav Stampar
|
efa99c4519
|
Implementation for an Issue #4
|
2012-07-26 14:07:05 +02:00 |
|
Miroslav Stampar
|
b3552494c4
|
Minor preparation for an Issue #48
|
2012-07-26 12:26:57 +02:00 |
|
Miroslav Stampar
|
30f8d09651
|
Implementation for an Issue #70
|
2012-07-26 12:06:02 +02:00 |
|
Miroslav Stampar
|
f8c9868cb6
|
Implementation for an Issue #118
|
2012-07-24 15:34:50 +02:00 |
|
Miroslav Stampar
|
1153b4563c
|
Minor update for an Issue #111
|
2012-07-23 18:44:50 +02:00 |
|
Miroslav Stampar
|
fccd69721e
|
Update for an Issue #111
|
2012-07-23 18:38:46 +02:00 |
|
Miroslav Stampar
|
ab9cb80602
|
Implementing Issue #111
|
2012-07-23 15:14:52 +02:00 |
|
Miroslav Stampar
|
63bf99ce77
|
Minor just in case update for an Issue #117
|
2012-07-23 14:46:43 +02:00 |
|
Miroslav Stampar
|
c6b724489b
|
Minor style update
|
2012-07-23 14:26:42 +02:00 |
|
Miroslav Stampar
|
a7d1a0c250
|
Implementation for an Issue #117
|
2012-07-23 14:14:22 +02:00 |
|
Miroslav Stampar
|
534eccc9aa
|
Fix for an Issue #115
|
2012-07-23 10:16:47 +02:00 |
|
Miroslav Stampar
|
f336afa913
|
Implementation for Issue #108
|
2012-07-20 09:48:09 +02:00 |
|
Miroslav Stampar
|
81d15e5051
|
Fix for an Issue #101
|
2012-07-17 00:19:33 +02:00 |
|
Miroslav Stampar
|
0e21cb54de
|
Minor fix related to Issue #94
|
2012-07-16 16:06:39 +02:00 |
|
Miroslav Stampar
|
87ecf205cb
|
More work for Issue #66
|
2012-07-14 17:01:04 +02:00 |
|
Miroslav Stampar
|
805120ac52
|
Minor refactoring
|
2012-07-14 11:01:30 +02:00 |
|
Miroslav Stampar
|
ddb9caeef1
|
Revert of the previous commit
|
2012-07-13 15:05:19 +02:00 |
|
Miroslav Stampar
|
d165d5d5fe
|
To not be confused with heuristic method in SQLi
|
2012-07-13 15:03:43 +02:00 |
|
Miroslav Stampar
|
3c81f74823
|
Minor style update
|
2012-07-13 12:22:37 +02:00 |
|
Miroslav Stampar
|
d834e8debf
|
Minor update
|
2012-07-13 10:28:03 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Bernardo Damele
|
ea9c66108e
|
cleanup for issue #68
|
2012-07-12 15:38:43 +01:00 |
|
Miroslav Stampar
|
65639cdda6
|
First update for Issue #75 (error-based dumping)
|
2012-07-12 14:31:28 +02:00 |
|
Bernardo Damele
|
33cbbed4a8
|
I think we should not resume checkBooleanExpression() calls if --fresh-queries or --flush-session is provided
|
2012-07-12 01:39:15 +01:00 |
|
Bernardo Damele
|
3a94953ae2
|
leftover from previous commit
|
2012-07-12 01:15:34 +01:00 |
|
Bernardo Damele
|
31571e6e2d
|
minor refactoring
|
2012-07-11 11:55:05 +01:00 |
|
Miroslav Stampar
|
9c4a62f725
|
Some work on Issue #68
|
2012-07-11 11:58:47 +02:00 |
|
Miroslav Stampar
|
2669528b24
|
Language typo
|
2012-07-07 11:16:33 +02:00 |
|
Miroslav Stampar
|
e948e4d45b
|
Some more refactoring
|
2012-07-06 17:18:22 +02:00 |
|
Bernardo Damele
|
6697927098
|
initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap
|
2012-07-02 02:04:19 +01:00 |
|
Bernardo Damele
|
7b4ecd9df0
|
added skeleton code for issue #34, still not usable
|
2012-07-02 00:22:34 +01:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
01be9381d5
|
minor update
|
2012-06-25 16:24:33 +00:00 |
|
Miroslav Stampar
|
ec44e88db8
|
lots of refactoring regarding removal of already obsolete session file mechanism
|
2012-06-21 10:09:10 +00:00 |
|
Miroslav Stampar
|
06be7bbb18
|
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
|
2012-06-15 20:41:53 +00:00 |
|
Miroslav Stampar
|
3a90105fbb
|
minor refactoring
|
2012-06-14 13:38:53 +00:00 |
|
Miroslav Stampar
|
4ac3794e80
|
minor update
|
2012-06-12 14:22:14 +00:00 |
|
Miroslav Stampar
|
738073105e
|
minor updates
|
2012-06-04 19:52:51 +00:00 |
|
Miroslav Stampar
|
7b282b1d6c
|
adding support for newer SSL protocols
|
2012-06-04 19:46:28 +00:00 |
|
Miroslav Stampar
|
76a4aa19ac
|
some more fine tunning
|
2012-05-28 19:50:12 +00:00 |
|
Miroslav Stampar
|
efb406fbfc
|
minor revert
|
2012-05-28 19:13:50 +00:00 |
|
Miroslav Stampar
|
f7cba8d2cb
|
minor update
|
2012-05-28 18:05:15 +00:00 |
|
Miroslav Stampar
|
a72cb29c1f
|
taking care of few issues regarding reverse address lookup of localhost/127.0.0.1 at remote DNS server
|
2012-05-28 16:57:10 +00:00 |
|
Miroslav Stampar
|
89e90c3d84
|
revert of last commit
|
2012-05-28 15:01:56 +00:00 |
|
Miroslav Stampar
|
96c84e6e5b
|
minor update
|
2012-05-28 15:00:06 +00:00 |
|
Miroslav Stampar
|
a70a647aeb
|
few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...)
|
2012-05-28 14:51:23 +00:00 |
|
Miroslav Stampar
|
b1d82422a0
|
changing conf.dnsDomain to conf.dName just because of long text problems in help listing
|
2012-05-28 14:15:04 +00:00 |
|
Miroslav Stampar
|
226547b7dc
|
minor fix for --skip-urlencode and custom post
|
2012-05-28 09:04:25 +00:00 |
|
Miroslav Stampar
|
e967bbd70f
|
minor patch
|
2012-05-27 21:44:42 +00:00 |
|
Miroslav Stampar
|
fed0212631
|
now working with recursive queries too
|
2012-05-27 10:03:02 +00:00 |
|
Miroslav Stampar
|
09f2144485
|
full page read is not needed in DNS exfiltration mode
|
2012-05-26 21:28:43 +00:00 |
|
Miroslav Stampar
|
c394610740
|
adding switch --skip-urlencode to skip URL encoding of POST data
|
2012-05-24 23:30:33 +00:00 |
|
Miroslav Stampar
|
2538e2d5b4
|
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
|
2012-05-22 09:33:22 +00:00 |
|
Miroslav Stampar
|
333f8057a5
|
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
|
2012-05-14 14:06:43 +00:00 |
|
Miroslav Stampar
|
12d32f58f2
|
fix for that SOAP reported bug
|
2012-05-10 13:39:54 +00:00 |
|
Miroslav Stampar
|
fdf61015ad
|
minor patch
|
2012-05-09 08:41:05 +00:00 |
|
Miroslav Stampar
|
6af110d631
|
avoiding --no-cast/--hex warning message before a DBMS is fingerprinted
|
2012-05-08 14:06:41 +00:00 |
|
Miroslav Stampar
|
775134639d
|
minor update
|
2012-04-20 20:33:15 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|