Miroslav Stampar
|
88b992ad83
|
Fixing a bug noticed during the yesterday's AppSecEU presentation (--headers='user-agent:foobar*' was not working properly)
|
2013-08-23 11:54:08 +02:00 |
|
Miroslav Stampar
|
23f2c5f166
|
Finishing implementation for an Issue #58
|
2013-08-20 19:35:49 +02:00 |
|
Miroslav Stampar
|
4929cff0c0
|
Minor update
|
2013-08-13 06:42:49 +02:00 |
|
Miroslav Stampar
|
b2855e0281
|
Minor patch
|
2013-08-12 14:25:51 +02:00 |
|
Miroslav Stampar
|
a711c9ed36
|
Minor cleanup and initial work for #58
|
2013-08-09 14:13:48 +02:00 |
|
Miroslav Stampar
|
6b826ef64d
|
Reintroducing option --cookie-del
|
2013-07-31 20:41:19 +02:00 |
|
Miroslav Stampar
|
ca44b23d20
|
Implementation for --eval to support cookies
|
2013-07-31 17:29:16 +02:00 |
|
Miroslav Stampar
|
eaacbe0b12
|
Minor language fix
|
2013-07-31 09:24:34 +02:00 |
|
Miroslav Stampar
|
f185e5cdd5
|
Fix for an Issue #463
|
2013-06-10 22:26:34 +02:00 |
|
Miroslav Stampar
|
6f49b96a2d
|
Fix for an Issue #462
|
2013-06-10 12:20:58 +02:00 |
|
Miroslav Stampar
|
39612b5d87
|
Fix for an Issue #457
|
2013-06-04 23:46:39 +02:00 |
|
Miroslav Stampar
|
3e0f747fad
|
Minor fix
|
2013-06-04 00:05:25 +02:00 |
|
Miroslav Stampar
|
edc9da1226
|
Minor refactoring
|
2013-06-03 15:14:56 +02:00 |
|
stamparm
|
659c0bb418
|
Minor fix
|
2013-05-27 10:38:47 +02:00 |
|
Miroslav Stampar
|
ea5c742595
|
Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled)
|
2013-05-18 21:30:21 +02:00 |
|
stamparm
|
03732d2592
|
Minor fix
|
2013-05-17 16:04:05 +02:00 |
|
stamparm
|
76b4e1ccb9
|
Implementation for an Issue #450
|
2013-05-17 15:04:25 +02:00 |
|
stamparm
|
09e7f4f697
|
Minor bug fix regarding traffic logging of redirected requests
|
2013-04-30 17:46:26 +02:00 |
|
stamparm
|
e3a02f56e6
|
Just in case for --force-ssl (if url is returned in e.g. refresh toward the target)
|
2013-04-24 12:35:39 +02:00 |
|
stamparm
|
6fed1921ed
|
Bug fix (there are cases when provided kwargs containing explicit None values while we want to use the alternative in those kind of cases; there was an intention in original code, while the implementation was buggy)
|
2013-04-16 14:17:41 +02:00 |
|
stamparm
|
8c9da95343
|
Style and consistency update (url -> URL)
|
2013-04-09 11:48:42 +02:00 |
|
Miroslav Stampar
|
df4fd82515
|
Minor update
|
2013-04-03 23:27:27 +02:00 |
|
Miroslav Stampar
|
c75a2d0c40
|
Minor patch
|
2013-04-03 21:31:37 +02:00 |
|
stamparm
|
e1ffdde532
|
Little cleaning a mess with url encoding and post hint types
|
2013-03-27 13:39:27 +01:00 |
|
stamparm
|
7accba4cf9
|
Minor update
|
2013-03-26 16:10:41 +01:00 |
|
stamparm
|
7447773237
|
Update for consistency (all other enums are using _ in between words)
|
2013-03-20 11:10:24 +01:00 |
|
Miroslav Stampar
|
8acf033715
|
Code refactoring
|
2013-03-19 19:24:14 +01:00 |
|
stamparm
|
e226006766
|
Trivial fix
|
2013-03-18 13:29:55 +01:00 |
|
stamparm
|
5e02bcbd58
|
Minor adjustment
|
2013-03-18 12:16:16 +01:00 |
|
Miroslav Stampar
|
2f43c3eb9b
|
Minor fix (digest live test case) and some refactoring
|
2013-03-12 21:16:44 +01:00 |
|
Miroslav Stampar
|
84a5bdb9cf
|
Trivial cosmetics
|
2013-03-09 19:41:24 +01:00 |
|
Miroslav Stampar
|
79d6a0e9c9
|
Using binary data in dummy mode
|
2013-03-09 19:40:24 +01:00 |
|
Miroslav Stampar
|
0e89cc62a2
|
Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections
|
2013-02-28 20:20:08 +01:00 |
|
stamparm
|
69063947b6
|
Debug message should go with logging.DEBUG
|
2013-02-19 09:46:51 +01:00 |
|
Bernardo Damele
|
d7247a51ee
|
do not prompt constantly if the page is not found
|
2013-02-18 18:08:20 +00:00 |
|
Bernardo Damele
|
4b9d8ed673
|
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
|
2013-02-14 11:32:17 +00:00 |
|
Bernardo Damele
|
a67ef4117f
|
make sure to use Python 2 interpreter when default system Python is version 3
|
2013-02-14 11:25:04 +00:00 |
|
Miroslav Stampar
|
d78a3e977b
|
Update (allowing regular char * to be inside SOAP/JSON/XML)
|
2013-02-13 12:24:42 +01:00 |
|
Miroslav Stampar
|
c34f6e25b2
|
Minor fix for --eval (urldecoded values should be used inside evaluation)
|
2013-02-12 17:01:47 +01:00 |
|
Miroslav Stampar
|
6d942f92b5
|
Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))
|
2013-02-01 10:03:06 +01:00 |
|
Miroslav Stampar
|
f41460f8d8
|
Better naming
|
2013-01-29 20:53:11 +01:00 |
|
Miroslav Stampar
|
a59ac8e27f
|
Trivial cosmetics
|
2013-01-29 16:30:38 +01:00 |
|
Miroslav Stampar
|
479f791112
|
Minor fix
|
2013-01-25 12:41:51 +01:00 |
|
Chris Frohoff
|
218a6a9695
|
fixed response header logging for header names with special chars
|
2013-01-23 11:10:25 -08:00 |
|
Miroslav Stampar
|
bb6b89fe93
|
Patch for an Issue #360
|
2013-01-19 18:06:36 +01:00 |
|
Bernardo Damele
|
a43202f3c0
|
updated copyright
|
2013-01-18 14:07:51 +00:00 |
|
Miroslav Stampar
|
8480ceddcb
|
Minor style update
|
2013-01-17 19:55:56 +01:00 |
|
Miroslav Stampar
|
f7eda07d92
|
Patch for an Issue #347
|
2013-01-17 15:30:14 +01:00 |
|
Miroslav Stampar
|
fb7243c237
|
Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs
|
2013-01-16 16:04:00 +01:00 |
|
Miroslav Stampar
|
5ee653dd89
|
Merging commit 57bcbb458eade2850a6d7623ecddbe49c69cf334 from @morisson
|
2013-01-15 10:14:02 +01:00 |
|
Miroslav Stampar
|
03dd958d96
|
Implementation for an Issue #48
|
2013-01-13 16:22:43 +01:00 |
|
Miroslav Stampar
|
934d41dac2
|
Minor style update (PEP8)
|
2013-01-10 15:02:28 +01:00 |
|
Miroslav Stampar
|
ca3d35a878
|
Some PEP8 related style cleaning
|
2013-01-10 13:18:44 +01:00 |
|
Miroslav Stampar
|
e4a3c015e5
|
Replacing old and deprecated raise Exception style (PEP8)
|
2013-01-03 23:20:55 +01:00 |
|
Miroslav Stampar
|
2b64c10710
|
Patch for an Issue #304
|
2012-12-18 09:36:26 +01:00 |
|
Miroslav Stampar
|
4ea0c9e922
|
Another implementation for an Issue #302
|
2012-12-17 15:08:54 +01:00 |
|
Miroslav Stampar
|
60baf5071e
|
Patch for an Issue #302
|
2012-12-17 00:40:01 +01:00 |
|
Miroslav Stampar
|
013dc8bc98
|
Another minor update for an Issue #267
|
2012-12-10 13:07:36 +01:00 |
|
Miroslav Stampar
|
8bd0080bf4
|
Minor update for an Issue #267
|
2012-12-10 13:05:41 +01:00 |
|
Miroslav Stampar
|
96df0ba061
|
Implemented support for plain , chars too (Issue #267)
|
2012-12-10 12:58:17 +01:00 |
|
Miroslav Stampar
|
d0ea4c65c5
|
Minor styl eupdate for an Issue #267
|
2012-12-10 12:54:01 +01:00 |
|
Miroslav Stampar
|
5606a860ce
|
Oracle supports inline comments too (Issue #267)
|
2012-12-10 12:00:15 +01:00 |
|
Miroslav Stampar
|
a024884ca7
|
Support for a HTTP parameter pollution (Issue #267)
|
2012-12-10 11:55:31 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|
Miroslav Stampar
|
ab67344448
|
Removed unused imports and variables (pyflake-ing)
|
2012-12-06 11:15:05 +01:00 |
|
Miroslav Stampar
|
b6650add46
|
Introducing 'new style classes' (idea from Pull request #284)
|
2012-12-06 10:42:53 +01:00 |
|
Miroslav Stampar
|
79fca8e9d5
|
Fix for an Issue #268
|
2012-12-03 12:13:59 +01:00 |
|
Miroslav Stampar
|
c40dded28c
|
Fix for an Issue #250
|
2012-11-20 12:10:29 +01:00 |
|
Miroslav Stampar
|
a52dbc575b
|
Patch for an Issue #246
|
2012-11-13 10:21:11 +01:00 |
|
Miroslav Stampar
|
f305dde413
|
Patch for an Issue #235
|
2012-11-10 11:01:29 +01:00 |
|
Miroslav Stampar
|
12fc9442b9
|
Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)
|
2012-10-25 10:10:23 +02:00 |
|
Miroslav Stampar
|
b5060c0010
|
Fix for an Issue #205
|
2012-10-16 14:28:46 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
e61c4c22c9
|
Implementation for an Issue #200
|
2012-10-09 15:19:47 +02:00 |
|
Miroslav Stampar
|
5a91b6e622
|
Minor cleanup
|
2012-10-09 10:21:52 +02:00 |
|
Miroslav Stampar
|
ff205f088b
|
Minor update
|
2012-10-07 20:12:55 +02:00 |
|
Miroslav Stampar
|
098e446ca4
|
Adding support for generic XML POST data
|
2012-10-04 18:44:12 +02:00 |
|
Miroslav Stampar
|
f71b937add
|
Minor language cleanup
|
2012-10-04 18:28:36 +02:00 |
|
Miroslav Stampar
|
8865fe69d7
|
Minor cleanup
|
2012-10-04 18:26:07 +02:00 |
|
Miroslav Stampar
|
d464678e10
|
Minor update for an Issue #49
|
2012-10-04 18:01:42 +02:00 |
|
Miroslav Stampar
|
84b05e2d18
|
Better treating of numeric values (Issue #49)
|
2012-10-04 16:08:37 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
bcbf0571a5
|
Implementation for an Issue #49
|
2012-10-02 14:23:58 +02:00 |
|
Miroslav Stampar
|
763dc98311
|
Minor refactoring
|
2012-10-02 13:36:15 +02:00 |
|
Miroslav Stampar
|
a8aecaa036
|
Minor style update
|
2012-10-02 13:33:10 +02:00 |
|
Miroslav Stampar
|
d175decdfc
|
Fix for an Issue #190
|
2012-09-22 20:59:40 +02:00 |
|
Miroslav Stampar
|
511c3b8dcc
|
Update and fix for an Issue #182
|
2012-09-11 14:58:52 +02:00 |
|
Miroslav Stampar
|
5d23d72ff5
|
Fix for an Issue #176
|
2012-09-08 17:58:03 +02:00 |
|
Miroslav Stampar
|
dbce417cdd
|
Potential fix for an Issue #171
|
2012-09-02 22:48:41 +02:00 |
|
Miroslav Stampar
|
b916db34a4
|
Another update for an Issue #79
|
2012-08-31 12:38:02 +02:00 |
|
Miroslav Stampar
|
47d162f391
|
Minor update (same but cleaner)
|
2012-08-31 12:27:40 +02:00 |
|
Miroslav Stampar
|
7286d89cb6
|
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
|
2012-08-31 12:15:09 +02:00 |
|
Miroslav Stampar
|
cdd3ed6abc
|
Minor bug fix
|
2012-08-30 14:22:18 +02:00 |
|
Miroslav Stampar
|
d421f9a618
|
Fix for an Issue #157
|
2012-08-21 14:34:19 +02:00 |
|
Miroslav Stampar
|
b9c63eb908
|
Fix for an Issue #156
|
2012-08-21 10:46:29 +02:00 |
|
Miroslav Stampar
|
7a8ace78f9
|
Removing redundant newline char as logger already adds it's own
|
2012-08-21 09:58:40 +02:00 |
|
Miroslav Stampar
|
233b9a3815
|
Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those)
|
2012-08-20 22:17:39 +02:00 |
|
Miroslav Stampar
|
823dde73ab
|
Minor cleanup
|
2012-08-20 11:40:49 +02:00 |
|
Miroslav Stampar
|
76338add17
|
Fix for an Issue #152
|
2012-08-20 10:41:43 +02:00 |
|
Miroslav Stampar
|
fec8a5cc9d
|
Fix for an Issue #139
|
2012-08-07 00:50:58 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Bernardo Damele
|
92c2b3bd4c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-26 23:11:11 +01:00 |
|
Bernardo Damele
|
d492291744
|
working on issue #12
|
2012-07-26 23:11:07 +01:00 |
|
Miroslav Stampar
|
efa99c4519
|
Implementation for an Issue #4
|
2012-07-26 14:07:05 +02:00 |
|
Miroslav Stampar
|
b3552494c4
|
Minor preparation for an Issue #48
|
2012-07-26 12:26:57 +02:00 |
|
Miroslav Stampar
|
63bf99ce77
|
Minor just in case update for an Issue #117
|
2012-07-23 14:46:43 +02:00 |
|
Miroslav Stampar
|
a7d1a0c250
|
Implementation for an Issue #117
|
2012-07-23 14:14:22 +02:00 |
|
Miroslav Stampar
|
534eccc9aa
|
Fix for an Issue #115
|
2012-07-23 10:16:47 +02:00 |
|
Miroslav Stampar
|
f336afa913
|
Implementation for Issue #108
|
2012-07-20 09:48:09 +02:00 |
|
Miroslav Stampar
|
87ecf205cb
|
More work for Issue #66
|
2012-07-14 17:01:04 +02:00 |
|
Miroslav Stampar
|
805120ac52
|
Minor refactoring
|
2012-07-14 11:01:30 +02:00 |
|
Miroslav Stampar
|
3c81f74823
|
Minor style update
|
2012-07-13 12:22:37 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Miroslav Stampar
|
e948e4d45b
|
Some more refactoring
|
2012-07-06 17:18:22 +02:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
4ac3794e80
|
minor update
|
2012-06-12 14:22:14 +00:00 |
|
Miroslav Stampar
|
226547b7dc
|
minor fix for --skip-urlencode and custom post
|
2012-05-28 09:04:25 +00:00 |
|
Miroslav Stampar
|
09f2144485
|
full page read is not needed in DNS exfiltration mode
|
2012-05-26 21:28:43 +00:00 |
|
Miroslav Stampar
|
c394610740
|
adding switch --skip-urlencode to skip URL encoding of POST data
|
2012-05-24 23:30:33 +00:00 |
|
Miroslav Stampar
|
2538e2d5b4
|
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
|
2012-05-22 09:33:22 +00:00 |
|
Miroslav Stampar
|
12d32f58f2
|
fix for that SOAP reported bug
|
2012-05-10 13:39:54 +00:00 |
|
Miroslav Stampar
|
775134639d
|
minor update
|
2012-04-20 20:33:15 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|
Miroslav Stampar
|
2223c884e5
|
minor refactoring
|
2012-04-05 12:55:26 +00:00 |
|
Miroslav Stampar
|
e0994947e2
|
minor update
|
2012-04-04 23:37:50 +00:00 |
|
Miroslav Stampar
|
c89a4162e2
|
bug fix for --dns-domain with --technique=TS
|
2012-04-04 18:01:39 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
0fc4288a7c
|
modifying redirection code for only two choices
|
2012-03-18 17:27:08 +00:00 |
|
Bernardo Damele
|
3505503a08
|
no need to return here
|
2012-03-16 17:30:16 +00:00 |
|
Miroslav Stampar
|
577caac4de
|
putting kb.negativeLogic setting to the safe place
|
2012-03-16 09:17:11 +00:00 |
|
Miroslav Stampar
|
209e795369
|
minor just in case update
|
2012-03-16 09:02:17 +00:00 |
|
Miroslav Stampar
|
adb5fff6b2
|
one more update related to the redirection mechanism
|
2012-03-15 20:17:40 +00:00 |
|
Miroslav Stampar
|
ddd92476a8
|
minor fix
|
2012-03-15 15:58:25 +00:00 |
|
Miroslav Stampar
|
8dd570057b
|
minor fix (double traffic log for -t in case of HTTP error)
|
2012-03-15 14:51:16 +00:00 |
|
Miroslav Stampar
|
f7df755f37
|
minor update
|
2012-03-15 12:55:22 +00:00 |
|
Miroslav Stampar
|
a8c9a47092
|
redirect logic rewritten from scratch
|
2012-03-15 11:10:58 +00:00 |
|
Miroslav Stampar
|
52a8b25ff4
|
minor fix
|
2012-03-14 14:31:41 +00:00 |
|
Miroslav Stampar
|
a7fbc55748
|
grammar fix
|
2012-03-13 22:03:23 +00:00 |
|
Miroslav Stampar
|
edfcddd3c3
|
minor fix for logging only cookies used by request (e.g. --load-cookies case)
|
2012-03-13 10:58:15 +00:00 |
|
Miroslav Stampar
|
e6c610abab
|
minor fix
|
2012-03-13 09:14:56 +00:00 |
|
Miroslav Stampar
|
48bcde478e
|
more general update
|
2012-03-12 15:29:55 +00:00 |
|
Miroslav Stampar
|
1d0c8a7f44
|
minor update
|
2012-03-12 15:19:02 +00:00 |
|
Miroslav Stampar
|
b3bd4144f5
|
removing of unused imports together with some general code refactoring
|
2012-02-22 10:40:11 +00:00 |
|
Miroslav Stampar
|
dcf7277a0f
|
some more refactorings
|
2012-02-16 14:42:28 +00:00 |
|
Miroslav Stampar
|
85a4ef6593
|
minor update
|
2012-02-08 12:00:03 +00:00 |
|
Miroslav Stampar
|
a7970d094a
|
minor update
|
2012-02-01 15:10:06 +00:00 |
|
Miroslav Stampar
|
8405ef59ac
|
some estetic updates
|
2012-02-01 14:49:42 +00:00 |
|