Miroslav Stampar
|
c1dc73d0a1
|
minor, just in case update related to the previous commit
|
2011-01-04 12:56:55 +00:00 |
|
Miroslav Stampar
|
709a7d156b
|
fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...)
|
2011-01-04 12:51:51 +00:00 |
|
Miroslav Stampar
|
d288c6d6e3
|
minor update
|
2011-01-04 08:40:41 +00:00 |
|
Miroslav Stampar
|
fdc463d08b
|
fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range)
|
2011-01-03 23:36:35 +00:00 |
|
Miroslav Stampar
|
0eabca9fd4
|
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
|
2011-01-03 22:31:29 +00:00 |
|
Miroslav Stampar
|
08ccbf2c1e
|
important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)
|
2011-01-03 22:02:58 +00:00 |
|
Miroslav Stampar
|
572f403069
|
update of one thing that was missing
|
2011-01-03 21:28:22 +00:00 |
|
Miroslav Stampar
|
ce48ea75d0
|
noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links
|
2011-01-03 14:39:23 +00:00 |
|
Miroslav Stampar
|
6aa616bd0d
|
minor minor fix
|
2011-01-03 14:28:20 +00:00 |
|
Miroslav Stampar
|
92e4cdb241
|
raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic
|
2011-01-03 14:21:41 +00:00 |
|
Miroslav Stampar
|
07129371bf
|
bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests)
|
2011-01-03 13:04:20 +00:00 |
|
Miroslav Stampar
|
3629c2737b
|
automatically turn on --text-only in case of heavily-dynamicity instead of critical exit
|
2011-01-03 11:06:49 +00:00 |
|
Miroslav Stampar
|
adc41181e6
|
some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one
|
2011-01-03 10:37:20 +00:00 |
|
Miroslav Stampar
|
5860b8942f
|
minor update
|
2011-01-03 09:16:42 +00:00 |
|
Miroslav Stampar
|
d19a8d53e4
|
minor update
|
2011-01-03 08:46:20 +00:00 |
|
Miroslav Stampar
|
8625494ff2
|
added one new quick check for multiple target(s) mode
|
2011-01-03 08:32:06 +00:00 |
|
Miroslav Stampar
|
5f9b6b2254
|
code refactoring
|
2011-01-02 16:51:21 +00:00 |
|
Miroslav Stampar
|
f762f32de8
|
bug fix for proper --parse-errors on .aspx pages
|
2011-01-02 13:00:04 +00:00 |
|
Miroslav Stampar
|
dce9a762f1
|
important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode
|
2011-01-02 10:37:32 +00:00 |
|
Miroslav Stampar
|
96341f8f78
|
minor fix
|
2011-01-02 09:16:17 +00:00 |
|
Miroslav Stampar
|
5c6c870db4
|
removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode
|
2011-01-02 08:43:38 +00:00 |
|
Miroslav Stampar
|
6651ba05eb
|
another fix (OS was set to None at all previous sessions if there was no explicit OS testing done)
|
2011-01-02 08:08:38 +00:00 |
|
Miroslav Stampar
|
da138c46c1
|
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
|
2011-01-02 07:37:47 +00:00 |
|
Miroslav Stampar
|
ec4440108b
|
minor cosmetics
|
2011-01-02 07:09:04 +00:00 |
|
Miroslav Stampar
|
428e817a32
|
some refactoring
|
2011-01-01 23:57:27 +00:00 |
|
Miroslav Stampar
|
212035e64d
|
user can now choose if he wants to skip non-heuristic based DBMS tests
|
2011-01-01 23:38:11 +00:00 |
|
Miroslav Stampar
|
8a93cfd975
|
minor update
|
2011-01-01 22:43:15 +00:00 |
|
Miroslav Stampar
|
52e44df86c
|
minor update
|
2011-01-01 21:11:29 +00:00 |
|
Miroslav Stampar
|
942cbafba6
|
minor update
|
2011-01-01 20:19:55 +00:00 |
|
Miroslav Stampar
|
e4fd8b3f0c
|
(e) finally works as it should
|
2011-01-01 19:22:44 +00:00 |
|
Miroslav Stampar
|
0e815177c8
|
minor update
|
2011-01-01 19:07:40 +00:00 |
|
Miroslav Stampar
|
ef27fd5ea1
|
there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html)
|
2011-01-01 15:20:29 +00:00 |
|
Miroslav Stampar
|
15e6911fd8
|
fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')
|
2011-01-01 12:23:02 +00:00 |
|
Miroslav Stampar
|
91f665aaaa
|
bug fix for Ctrl+C
|
2010-12-31 15:00:19 +00:00 |
|
Miroslav Stampar
|
5db8ebbfa9
|
update of mysql comment versions
|
2010-12-31 12:42:12 +00:00 |
|
Miroslav Stampar
|
281d124fa6
|
minor bug fix
|
2010-12-31 12:04:39 +00:00 |
|
Miroslav Stampar
|
613242e298
|
bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved)
|
2010-12-29 19:48:19 +00:00 |
|
Miroslav Stampar
|
8f32c740ff
|
code refactoring
|
2010-12-29 19:39:32 +00:00 |
|
Miroslav Stampar
|
6700cabc36
|
minor optimization
|
2010-12-29 19:01:29 +00:00 |
|
Miroslav Stampar
|
d1f5c1d7b7
|
now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering
|
2010-12-29 15:10:42 +00:00 |
|
Miroslav Stampar
|
79e97824ef
|
adding user names to the attack dictionary
|
2010-12-29 00:37:53 +00:00 |
|
Miroslav Stampar
|
93838fb155
|
"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)
|
2010-12-28 14:40:34 +00:00 |
|
Miroslav Stampar
|
c0423761e8
|
minor update
|
2010-12-27 18:27:42 +00:00 |
|
Miroslav Stampar
|
c8f8dbf0a7
|
minor update
|
2010-12-27 15:39:27 +00:00 |
|
Miroslav Stampar
|
9fb0e0fc85
|
resume of brute forced data is now available
|
2010-12-27 14:17:20 +00:00 |
|
Miroslav Stampar
|
c7a160bf72
|
minor update (users want this to see)
|
2010-12-27 12:00:54 +00:00 |
|
Miroslav Stampar
|
51a492e17d
|
pretty important commit (now dumped tables are prone to dictionary attack)
|
2010-12-27 10:56:28 +00:00 |
|
Miroslav Stampar
|
269d6bde24
|
this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion)
|
2010-12-27 00:14:29 +00:00 |
|
Miroslav Stampar
|
89c2640d23
|
basic --search now works with MS Access
|
2010-12-26 23:50:16 +00:00 |
|
Miroslav Stampar
|
f2373121d0
|
noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more)
|
2010-12-26 14:36:51 +00:00 |
|