Commit Graph

2395 Commits

Author SHA1 Message Date
Miroslav Stampar
eaaf6041b9 minor fix 2011-10-25 11:20:42 +00:00
Miroslav Stampar
c1486ed4be adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request 2011-10-25 09:53:44 +00:00
Miroslav Stampar
b07f165d60 quick fix 2011-10-24 18:11:34 +00:00
Miroslav Stampar
23bf52e496 minor refactoring 2011-10-24 09:55:50 +00:00
Miroslav Stampar
cd00c0d084 minor patch 2011-10-24 09:43:59 +00:00
Miroslav Stampar
6d64f87190 minor update 2011-10-24 00:46:54 +00:00
Miroslav Stampar
20ae1c2187 added switch --logic-negative 2011-10-24 00:40:06 +00:00
Miroslav Stampar
8bd3cfdc8e minor update 2011-10-24 00:17:38 +00:00
Miroslav Stampar
d39d36f7a7 minor language beautification 2011-10-23 23:27:56 +00:00
Miroslav Stampar
7c626f1dbe minor fix 2011-10-23 23:18:39 +00:00
Miroslav Stampar
d77a5f5928 update (generalizing ORDER BY approach) 2011-10-23 23:02:01 +00:00
Miroslav Stampar
1dd3fae930 minor fix 2011-10-23 22:27:45 +00:00
Miroslav Stampar
0c29311eb2 minor update 2011-10-23 22:24:57 +00:00
Miroslav Stampar
5863429fc1 minor update 2011-10-23 21:17:45 +00:00
Miroslav Stampar
4a469c3258 minor update 2011-10-23 21:12:34 +00:00
Miroslav Stampar
1f7d87c6a4 bug fix for --code (previously redirecting codes where not considered) 2011-10-23 20:48:37 +00:00
Miroslav Stampar
77e630d89e replaced longer CHAR form of escaped MySQL strings with more compact hex form 2011-10-23 20:19:42 +00:00
Miroslav Stampar
3f0517d3f3 support for non-latin (e.g. cyrillic) URLs 2011-10-23 17:02:48 +00:00
Miroslav Stampar
1c3f4e9e54 minor update 2011-10-23 08:44:21 +00:00
Miroslav Stampar
25f0ec3597 some minor range to xrange conversion (where safe to do) 2011-10-21 22:34:27 +00:00
Miroslav Stampar
eb240243ea minor update 2011-10-21 22:21:41 +00:00
Miroslav Stampar
b4ce857f9b added some comments 2011-10-21 21:29:24 +00:00
Miroslav Stampar
7a3096ce25 some refactoring 2011-10-21 21:12:48 +00:00
Miroslav Stampar
9356f8005c important bug fix 2011-10-21 21:07:06 +00:00
Miroslav Stampar
0a8e45955c minor update 2011-10-21 20:44:18 +00:00
Miroslav Stampar
566d6e4974 minor fix 2011-10-21 20:21:29 +00:00
Miroslav Stampar
05b9951a8b minor beautification 2011-10-21 09:19:31 +00:00
Miroslav Stampar
0db0571f35 minor patch 2011-10-21 09:06:00 +00:00
Miroslav Stampar
12a7fd4054 quick fix 2011-10-20 08:28:57 +00:00
Miroslav Stampar
0cbcbf159c minor fix 2011-10-19 21:35:01 +00:00
Miroslav Stampar
e3a719e7d2 minor update 2011-10-11 22:40:00 +00:00
Miroslav Stampar
7956390631 minor update 2011-10-11 22:27:49 +00:00
Miroslav Stampar
a7a29f33ad minor update 2011-10-11 21:58:57 +00:00
Miroslav Stampar
dacfeafc5f minor optimization 2011-10-10 17:45:16 +00:00
Miroslav Stampar
4989e8e6d3 minor update 2011-10-10 17:29:54 +00:00
Miroslav Stampar
c204f2b221 minor optimization 2011-10-10 14:47:48 +00:00
Miroslav Stampar
47b27a5988 minor improvement of HashDB 2011-10-10 14:23:17 +00:00
Miroslav Stampar
323aa7bf2f minor update 2011-10-09 21:21:41 +00:00
Miroslav Stampar
a31a0aa8d4 minor update 2011-10-06 22:29:49 +00:00
Miroslav Stampar
8720aad6dc transformed cDel to pDel as a more generic option 2011-10-06 22:03:33 +00:00
Miroslav Stampar
dd0ed5f5da adding redirect response to the traffic file 2011-09-28 08:13:46 +00:00
Miroslav Stampar
6d2536f217 minor update 2011-09-27 22:27:34 +00:00
Miroslav Stampar
c0910ca2c8 added one more warning message by request 2011-09-27 22:25:15 +00:00
Miroslav Stampar
b888a84764 minor update 2011-09-27 14:31:58 +00:00
Miroslav Stampar
88f1110c44 adding a new (for now) hidden switch --test-filter for filtering tests by their name 2011-09-27 14:09:25 +00:00
Miroslav Stampar
fd9acfd7d2 fix 2011-09-26 13:36:08 +00:00
Miroslav Stampar
b3b4459c72 minor fix 2011-09-26 13:01:43 +00:00
Miroslav Stampar
34738129c9 minor update 2011-09-25 21:27:58 +00:00
Miroslav Stampar
7e80274fac refactoring 2011-09-25 21:10:45 +00:00
Miroslav Stampar
744636a8c1 switching to SQLite resume support (on error and union techniques this moment) 2011-09-25 20:36:32 +00:00
Miroslav Stampar
ba5eff1de6 minor bug fix 2011-09-23 18:29:45 +00:00
Miroslav Stampar
d95ff4350d bug fix 2011-09-20 13:08:35 +00:00
Miroslav Stampar
4a3580d10b minor fix 2011-09-19 19:08:08 +00:00
Bernardo Damele
f890b29f81 Proper reference to Metasploit Framework as now it's version 4, not 3 anymore 2011-09-12 17:26:22 +00:00
Miroslav Stampar
4fb6dab1a2 minor bug fix 2011-09-12 14:15:57 +00:00
Miroslav Stampar
1bdde51d0e minor just in case update 2011-09-11 16:41:07 +00:00
Miroslav Stampar
02f993583b minor bug fix 2011-09-09 11:36:09 +00:00
Miroslav Stampar
2f4e34f5a0 minor improvement for URI injections 2011-09-08 11:13:12 +00:00
Miroslav Stampar
d434047482 minor bug fix 2011-09-05 09:28:40 +00:00
Miroslav Stampar
08e0eb9b61 minor lower/upper case fix 2011-08-29 13:47:32 +00:00
Miroslav Stampar
9be89422da implemented parameter --skip 2011-08-29 13:29:42 +00:00
Miroslav Stampar
e0f521cf9d minor update regarding --randomize 2011-08-29 13:08:25 +00:00
Miroslav Stampar
ac00014c4a implemented --randomize switch by request 2011-08-29 12:50:52 +00:00
Miroslav Stampar
8fe069b495 minor fix 2011-08-23 21:48:39 +00:00
Miroslav Stampar
01014eca17 by request 2011-08-23 21:45:01 +00:00
Miroslav Stampar
cfc1f2b70b minor update 2011-08-22 22:43:14 +00:00
Miroslav Stampar
f4127a80d7 improvement of UNION based injection detection (with non-NULL kb.uChar values searching of the content inside -1 UNION.. pages is used) 2011-08-22 21:43:46 +00:00
Miroslav Stampar
8a174248dc fix for a bug reported by blueBoy 2011-08-20 20:08:11 +00:00
Miroslav Stampar
cb32d46f2a minor minor update 2011-08-18 06:09:12 +00:00
Miroslav Stampar
54bcc35ba7 important bug fix (connection exception was causing losing of already retrieved data) 2011-08-17 22:31:33 +00:00
Miroslav Stampar
9d31322f3d update regarding special case when conf.uChar appears only in testable pages 2011-08-17 21:40:42 +00:00
Miroslav Stampar
75ec146224 minor beautification 2011-08-17 21:17:02 +00:00
Miroslav Stampar
f46baac70b bug fix (when comment is None this was errornous) 2011-08-17 10:58:29 +00:00
Bernardo Damele
9361e633f4 Minor bug fix - some applications do really set cookies like param="value" with double-quotes 2011-08-16 09:21:01 +00:00
Miroslav Stampar
e1dbb4443b minor update related to the last commit 2011-08-16 07:01:14 +00:00
Miroslav Stampar
7cc5743c5d minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) 2011-08-16 06:50:20 +00:00
Miroslav Stampar
600ef3eace minor patch 2011-08-16 06:22:04 +00:00
Miroslav Stampar
262996fc5b bug fix 2011-08-16 06:14:40 +00:00
Miroslav Stampar
df4abf1af1 lowering constant value from 10 to 7 for da peace in da houz 2011-08-12 17:19:19 +00:00
Bernardo Damele
702ed73a65 Added --code switch to match in boolean-based tests against the HTTP response code 2011-08-12 16:48:11 +00:00
Bernardo Damele
fff4c34e33 Search for --string and --regexp matches also in HTTP response headers 2011-08-12 15:33:37 +00:00
Bernardo Damele
5e5133b8e7 Should be fixed now 2011-08-12 15:00:11 +00:00
Bernardo Damele
1505cb2a80 typo 2011-08-12 14:51:39 +00:00
Bernardo Damele
702ca22d54 Minor bug fix for URI injections 2011-08-12 14:48:44 +00:00
Bernardo Damele
28bba9f5e6 More verbose warning message 2011-08-12 13:47:38 +00:00
Miroslav Stampar
10bdd90e60 minor speed optimizations (as a result of profiling) 2011-08-12 13:40:37 +00:00
Bernardo Damele
36280b33fa Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site 2011-08-12 13:06:40 +00:00
Miroslav Stampar
41ae9bc7ff minor bug fix 2011-08-09 14:20:25 +00:00
Miroslav Stampar
2ad267132a minor update for empty normal responses (like AJAX requests) 2011-08-05 10:55:21 +00:00
Miroslav Stampar
e849b71027 minor typo 2011-08-03 14:31:42 +00:00
Miroslav Stampar
538b49bcc5 removing word "dramatically". i was too excited at the moment :). it is cool and all but we shouldn't put "highly subjective" attribs in reports 2011-08-03 13:26:38 +00:00
Miroslav Stampar
f7562da754 from now on proper union column count should be displayed in injection info output 2011-08-03 10:34:50 +00:00
Miroslav Stampar
9423d15fb3 ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix 2011-08-03 09:08:16 +00:00
Miroslav Stampar
07afcd5440 fix for a bug reported by Ahmed Shawky (when user uses --suffix intermixing test default comments with the provided suffix is a big no no) 2011-08-02 18:20:21 +00:00
Miroslav Stampar
07c3d4fb18 minor adjustment 2011-08-02 17:35:43 +00:00
Miroslav Stampar
edab7d01a5 minor fix 2011-08-02 17:31:13 +00:00
Bernardo Damele
c15439ab7f Minor improvement to --passwords output 2011-08-02 09:04:34 +00:00
Miroslav Stampar
cb0981d858 proper way of handling 0 length results (as in __goInferenceProxy) 2011-08-02 08:39:32 +00:00
Miroslav Stampar
0643ced651 minor update 2011-08-02 08:12:43 +00:00
Miroslav Stampar
457f501bbd proper fix 2011-08-01 23:48:38 +00:00