sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	1678b606a2	Update for #2597	2017-07-03 16:55:24 +02:00
Louis-Philippe Huberdeau	0d756a8823	Parse request data and convert to HAR, include in injection data	2017-06-23 11:50:21 -04:00
Miroslav Stampar	864711b434	Minor improvement	2017-06-05 16:48:14 +02:00
Miroslav Stampar	996ad59126	Minor patch	2017-06-05 16:28:19 +02:00
Miroslav Stampar	359bfb2704	Minor adjustment	2017-05-26 14:14:35 +02:00
Miroslav Stampar	644ea2e3aa	Minor patch	2017-05-26 14:08:08 +02:00
Miroslav Stampar	4ce08dcfa3	Patch for an Issue #2536	2017-05-17 00:22:18 +02:00
Miroslav Stampar	d3a08a2d22	Implementation for an Issue #2505	2017-05-07 23:12:42 +02:00
Miroslav Stampar	fc8eede952	Minor cleanup and one bug fix	2017-04-19 14:46:27 +02:00
Miroslav Stampar	c8a0c525fc	Fixes #2489	2017-04-19 14:19:39 +02:00
Miroslav Stampar	5f2bb88037	Some code refactoring	2017-04-18 15:48:05 +02:00
Miroslav Stampar	7ebba5614a	Moving brute from techniques to utils	2017-04-18 13:53:41 +02:00
Miroslav Stampar	d9a931f77a	Minor cleanup	2017-04-14 13:14:53 +02:00
Miroslav Stampar	0e206da7c0	Minor patches (pydiatra)	2017-04-14 13:08:51 +02:00
Miroslav Stampar	9b3d229294	Fixes #2471	2017-04-10 19:21:22 +02:00
Miroslav Stampar	60e8c725f9	Fixes #2437	2017-03-12 23:24:13 +01:00
Miroslav Stampar	7960045cf9	Fixes #2277 and #2300	2017-02-27 13:58:07 +01:00
Miroslav Stampar	4b420e7579	Removing Google PageRank as it is dead now	2017-02-23 11:33:39 +01:00
Miroslav Stampar	38f16decef	Update for an Issue #2384	2017-02-06 13:28:33 +01:00
Miroslav Stampar	03bbf552ef	Patch for an Issue #2382	2017-02-06 11:14:45 +01:00
Miroslav Stampar	55272f7a3b	New version preparation	2017-01-02 14:19:18 +01:00
Francisco Blas Izquierdo Riera (klondike)	025e9ac5b4	Fix the logic used for --param-exclude The current logic will skip all existing parameters if no param-exclude is defined. This breaks previous behaviour, makes it harder to use the tool and is quite confusing. The new logic will always check the parameter is set before running any other checks instead of shortcircuit an empoty(always true) regexp.	2016-12-28 12:25:05 +01:00
Miroslav Stampar	89bbf5284c	Adding new option --param-exclude on private request	2016-12-25 23:16:44 +01:00
Miroslav Stampar	edc6f47758	Some refactoring	2016-12-19 23:47:39 +01:00
Hanno Heinrichs	2cc604e356	Fix several typos	2016-10-26 21:41:57 +02:00
Miroslav Stampar	24eaf55dc8	Removing bad decision for -d (user should be able to choose)	2016-10-17 22:32:23 +02:00
Miroslav Stampar	6130185ac6	Minor consistency update with the wiki	2016-10-11 00:35:39 +02:00
Miroslav Stampar	171cf6f54d	Minor fine tuning for SQLi heuristic check	2016-10-04 11:32:06 +02:00
Miroslav Stampar	dc8301689e	Implementation for an Issue #2204	2016-10-02 11:13:40 +02:00
Miroslav Stampar	332726356c	Minor language update	2016-09-29 14:03:46 +02:00
Miroslav Stampar	381deb68ff	Implementation for an Issue #2137	2016-09-27 13:26:11 +02:00
Miroslav Stampar	7151df16f6	Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs)	2016-09-27 11:21:12 +02:00
Miroslav Stampar	8994bf2dba	Further dealing with time-based SQLi (Issue #1973 )	2016-09-27 10:32:22 +02:00
Miroslav Stampar	09617c8243	Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973	2016-09-27 10:20:36 +02:00
Miroslav Stampar	556b4d289e	Minor cosmetic patch (removing multiple same content '...appears...' messages)	2016-09-26 17:02:40 +02:00
Miroslav Stampar	1b48ff223d	Adding initial support for Informix (Issue #552 )	2016-09-23 12:33:27 +02:00
Miroslav Stampar	56a918c408	Minor refactoring	2016-09-20 10:03:00 +02:00
Miroslav Stampar	bcd62ecc5b	Minor optimization (avoiding unnecessary deepcopies)	2016-09-20 09:56:08 +02:00
Miroslav Stampar	32dd4a938c	Minor patch of message	2016-09-09 11:37:16 +02:00
Miroslav Stampar	6b91b7b7fa	Minor cosmetics	2016-09-02 16:10:11 +02:00
Miroslav Stampar	cb43c03712	Definite patch for MemoryError(s) (fixes #1991 )	2016-06-30 14:57:56 +02:00
Miroslav Stampar	8b4367d354	Revert of last commit	2016-06-26 01:42:21 +02:00
Miroslav Stampar	0a9d69a7d0	Minor patch	2016-06-26 01:10:47 +02:00
Miroslav Stampar	0175acd028	Bug fix (in some cases lack of warning message for SQLi appearing)	2016-06-23 17:52:37 +02:00
Miroslav Stampar	78fdb27a0b	More improvements	2016-06-03 15:51:52 +02:00
Miroslav Stampar	350baf0a0a	Minor update	2016-06-03 14:29:32 +02:00
Miroslav Stampar	9886b646eb	Proper update regarding the last commit	2016-06-03 14:18:28 +02:00
Miroslav Stampar	c5197b99a0	Minor patch and minor improvement	2016-06-03 13:59:32 +02:00
Miroslav Stampar	0e65043c84	Minor adjustment	2016-06-03 09:48:49 +02:00
Miroslav Stampar	229d3a7dd0	Patch for cases when error page looks more like original, than the False one does	2016-05-30 16:46:23 +02:00
Miroslav Stampar	b965e5bf1c	Minor refactoring	2016-05-30 16:06:39 +02:00
Miroslav Stampar	3bd74c5351	Minor patch	2016-05-30 15:20:21 +02:00
Miroslav Stampar	55624ec1a2	Minor message update	2016-05-30 14:40:22 +02:00
Miroslav Stampar	83b82a5e98	Bug fix (wrong handler used in case of DBMS resolution)	2016-05-30 10:32:49 +02:00
Miroslav Stampar	69fd900108	Adding waf script for detection of generic/unknown	2016-05-27 16:34:41 +02:00
Miroslav Stampar	de9f23939f	Major bug fix in WAF/IDS/IPS detection (question 'do you want..to try to detect backend WAF/IPS/IDS' never worked)	2016-05-27 13:41:03 +02:00
Miroslav Stampar	7a2ac23f0b	Adding new waf script (sitelock)	2016-05-27 02:13:01 +02:00
Miroslav Stampar	a5f8cae599	Fixes #1892	2016-05-24 17:58:35 +02:00
Miroslav Stampar	c395958dff	Fixes #1888	2016-05-24 14:55:19 +02:00
Miroslav Stampar	798b539eec	Minor update	2016-05-24 14:50:56 +02:00
Miroslav Stampar	f7cae68378	More formal language	2016-05-22 21:44:17 +02:00
Miroslav Stampar	f6ff1a115a	Better (automatic) picking of a --string candidate (especially in case of international pages)	2016-05-22 21:29:08 +02:00
Miroslav Stampar	32ee586e2a	Minor language update	2016-05-22 14:30:32 +02:00
Miroslav Stampar	6623c3f877	Pesky bug fix (nobody noticed :)	2016-05-22 14:22:31 +02:00
Miroslav Stampar	30a4173249	I like users which don't know the difference between detection and identification	2016-05-22 12:40:23 +02:00
Miroslav Stampar	5e8b105677	Fixes #1880	2016-05-19 19:46:12 +02:00
Miroslav Stampar	1e07269fe3	Patch for an Issue #1860	2016-05-12 16:42:12 +02:00
Miroslav Stampar	be9381abc5	Implements #1845	2016-05-06 13:06:59 +02:00
Miroslav Stampar	c797129956	Fixes #1833	2016-05-02 11:10:12 +02:00
Miroslav Stampar	9dd5cd8eb6	Removing CloudFlare check	2016-04-29 00:17:07 +02:00
Miroslav Stampar	aa21550712	Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself)	2016-04-15 13:47:19 +02:00
Miroslav Stampar	66061e8c5f	Fixes #1811	2016-04-15 12:04:54 +02:00
Miroslav Stampar	0245ce6228	Fixes #1782	2016-03-28 19:55:33 +02:00
Miroslav Stampar	d7cdb6cbd8	Minor update	2016-02-06 20:16:33 +01:00
Miroslav Stampar	62f94f6587	Adding comments (Issue #1681 )	2016-01-26 07:52:25 +01:00
Miroslav Stampar	574b3a79aa	Adding support for detection of CloudFlare responses	2016-01-21 10:16:23 +01:00
Miroslav Stampar	59695af101	Minor improvement of heuristic checks	2016-01-14 22:21:47 +01:00
Miroslav Stampar	bdcf3fffba	Minor update related to the last (error results in OR boolean-based blind should not be the same as True to be able to do proper comparison)	2016-01-14 13:40:50 +01:00
Miroslav Stampar	c7ef9429ae	Minor check for problematic injections	2016-01-14 13:16:44 +01:00
Miroslav Stampar	4c1fc095d8	Adding heuristic check for FI vulnerability	2016-01-14 09:59:13 +01:00
Miroslav Stampar	a8c6c6fca1	Minor update related to the last one	2016-01-13 23:47:34 +01:00
Miroslav Stampar	4e29e1b351	Fixing wrong commit #4f939b5719716dfe9bd085c4f67696bc11064edd	2016-01-13 23:34:42 +01:00
Miroslav Stampar	8362bdcf66	Fix for screw up made by #52dd92748a50bcee4fb979ea49185840ff6743b9	2016-01-13 23:16:27 +01:00
Miroslav Stampar	eb989469f3	Minor just in case update	2016-01-12 10:27:04 +01:00
Miroslav Stampar	48ac2101f2	Using only once the dummy checkWaf payload	2016-01-08 23:23:41 +01:00
Miroslav Stampar	d0d676ccce	Update of copyright string	2016-01-06 00:06:12 +01:00
Miroslav Stampar	c6d4217495	Minor update (just in case)	2015-12-03 02:08:59 +01:00
Miroslav Stampar	d41cd53d31	Minor style fix (distinguish form from URL testing when --forms --crawl combo used)	2015-10-28 14:03:21 +01:00
Miroslav Stampar	78bbf5d63c	Fixes #1451	2015-10-06 14:17:35 +02:00
Miroslav Stampar	53de0e8949	Implements #1442	2015-10-01 11:57:33 +02:00
Miroslav Stampar	81caf14b6d	Adding switch --skip-waf	2015-09-21 14:57:44 +02:00
Miroslav Stampar	e81e474646	Minor adjustment	2015-09-21 14:46:34 +02:00
Miroslav Stampar	56f0b811a6	Minor patch	2015-09-21 13:23:56 +02:00
Miroslav Stampar	c05c0ff435	Minor patch with imports	2015-09-10 15:55:49 +02:00
Miroslav Stampar	f494004f44	Switching to the getSafeExString (where it can be used)	2015-09-10 15:51:33 +02:00
Miroslav Stampar	c1f829d131	Removing last remnants of bad handling the exceptions as strings	2015-09-08 11:15:31 +02:00
Miroslav Stampar	e623ee66ad	Better approach for #1320	2015-07-30 23:29:31 +02:00
Miroslav Stampar	58002c5057	Minor cosmetics	2015-07-23 09:55:59 +02:00
Miroslav Stampar	21e8182ac6	Fixes #1305	2015-07-18 17:01:34 +02:00
Miroslav Stampar	00f190fc92	Fixes #1303	2015-07-17 10:14:35 +02:00
Miroslav Stampar	16f8e4c8ba	Removing unused imports	2015-07-12 12:25:02 +02:00
Miroslav Stampar	10f8c6a0b6	Introducing --offline switch (to perform session only lookups)	2015-07-10 16:10:24 +02:00
Miroslav Stampar	9bdbdc136f	Minor cosmetics update	2015-07-10 11:33:12 +02:00
Miroslav Stampar	0ba264bfa0	Minor patch	2015-07-10 09:51:11 +02:00
Miroslav Stampar	4baaa4a5ad	Minor improvement	2015-07-10 09:24:14 +02:00
Miroslav Stampar	9ff115ce71	Minor patch	2015-07-10 01:33:53 +02:00
Miroslav Stampar	02470ea683	Further decreasing number of testing payloads	2015-07-10 01:19:46 +02:00
Miroslav Stampar	48b627f3ff	Prevent double tests (e.g. in same final tests where suffix is cut by the comment)	2015-07-10 00:54:02 +02:00
Miroslav Stampar	ca2f63c672	Test speed up in case of boolean based blind	2015-07-10 00:37:59 +02:00
Miroslav Stampar	96327b6701	Fixes #1290	2015-07-05 01:47:01 +02:00
Miroslav Stampar	1f71d809d4	Fixes #1288	2015-07-03 08:55:33 +02:00
Miroslav Stampar	08caca387b	Minor patch of automatic WAF heuristic check	2015-05-29 16:01:41 +02:00
Miroslav Stampar	17bfda1b9c	Adding new switch ('--skip-static')	2015-05-18 20:57:15 +02:00
Miroslav Stampar	7587528ebd	Fixes #1202	2015-03-26 11:40:19 +01:00
Miroslav Stampar	adc8ac267d	Fixes #1190	2015-03-10 09:23:26 +01:00
Bernardo Damele	8281fe48e5	bug fix: test for boundaries with high levels if the test was extended	2015-03-01 11:02:05 +00:00
Bernardo Damele	2f08c8b666	bug fix: do not skil heuristic check if previous page (test for dynamicity) had DBMS message. Code cleanup	2015-02-27 13:57:28 +00:00
Bernardo Damele	475cc8b24b	trivial code cleanup	2015-02-21 13:12:30 +00:00
Bernardo Damele	d235ee375b	code cleanup	2015-02-21 12:59:44 +00:00
Bernardo Damele	52dd92748a	rework some of the logic of the detection phase based on identified DBMS along the way	2015-02-21 02:23:42 +00:00
Bernardo Damele	4f939b5719	avoid false positive message when extensive heuristic check is performed following detection of boolean blind injection detection: do only heuristic DBMS fingerprint for DBMS specific tables	2015-02-20 18:36:34 +00:00
Bernardo Damele	214b9360e9	Minor fix to check for inline query payloads regardless of previously identified payloads and code cleanup	2015-02-20 18:30:42 +00:00
Bernardo Damele	79d4d970a5	trivial code cleanup	2015-02-20 15:42:28 +00:00
Bernardo Damele	201b605f9b	Minor fix and consistency: do not ask to include all tests if level and risk are at the max settings already	2015-02-20 10:21:44 +00:00
Bernardo Damele	e17d212c23	bug fix introduced with `863d5a6281`	2015-02-15 20:07:52 +00:00
Bernardo Damele	863d5a6281	--test-filter now ignores values of --risk and --level	2015-02-15 16:28:37 +00:00
Miroslav Stampar	2e5c11e427	Closes #1163	2015-02-13 10:59:03 +01:00
Miroslav Stampar	2e9bf47703	Heuristic check for WAF/IDS/IPS is now prone to tamper functions (Issue #1145 )	2015-01-30 22:12:35 +01:00
Miroslav Stampar	b7cfaa6ca5	Minor style update	2015-01-22 08:55:37 +01:00
Miroslav Stampar	a603002acd	Adding a choice to automatically turn on --identify-waf if protection has been detected	2015-01-20 09:38:18 +01:00
Miroslav Stampar	0c4d63fb00	Bug fix (reported by user over ML)	2015-01-08 09:00:21 +01:00
Miroslav Stampar	45bdefd29b	Update of copyright	2015-01-06 15:02:16 +01:00
Miroslav Stampar	6fc41ca940	Heuristically checking for WAF/IDS/IPS by default	2015-01-06 14:01:47 +01:00
Miroslav Stampar	beffe85d6c	Patch for an Issue #1085	2015-01-03 22:30:21 +01:00
Miroslav Stampar	e6de92ce88	Minor patch (unicode related)	2014-12-15 13:36:08 +01:00
Miroslav Stampar	1e06e7c386	Adding a debug message during name resolution	2014-12-11 13:29:26 +01:00
Miroslav Stampar	a7b21a2f62	Rerun advice update	2014-12-09 09:02:06 +01:00
Miroslav Stampar	034fae0f47	Patch for an Issue #992	2014-12-05 11:24:43 +01:00
Miroslav Stampar	9b32e69f26	Adding new WAF script (UrlScan)	2014-12-04 10:06:15 +01:00
Miroslav Stampar	5c182a0ec4	Update for an Issue #431	2014-11-21 11:33:57 +01:00
Miroslav Stampar	f0802c6fb9	Update for an Issue #431	2014-11-21 11:20:54 +01:00
Miroslav Stampar	cf2d5fd453	Update for an Issue #431	2014-11-21 09:41:49 +01:00
Miroslav Stampar	05d5342f20	Update and patch for an Issue #2	2014-11-17 11:50:05 +01:00
Miroslav Stampar	fc1b05bec9	Implementation for an Issue #2	2014-10-23 11:23:53 +02:00
Miroslav Stampar	34aed7cde0	Bug fix (now it's possible to use multiple parsed requests without mixing associated headers)	2014-10-22 13:49:29 +02:00
Miroslav Stampar	c6a8feea8a	Fix for an Issue #831	2014-10-07 12:00:11 +02:00
Miroslav Stampar	f67a38dba9	Minor adjustment	2014-10-01 13:42:10 +02:00
Miroslav Stampar	a9454fbb43	Minor commit related to the last one (bypassing DBMS error trimming problem)	2014-10-01 13:35:20 +02:00
Miroslav Stampar	8c9014c39f	Adding a dummy (auxiliary) XSS check	2014-10-01 13:31:48 +02:00
Miroslav Stampar	bfc8ab0e35	Language update	2014-09-08 14:48:31 +02:00
Miroslav Stampar	53d0d5bf8b	Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved)	2014-09-08 14:33:13 +02:00
Miroslav Stampar	20ff402103	Minor patch	2014-08-30 22:04:55 +02:00
Miroslav Stampar	dc2ee8bfa0	Minor update	2014-08-30 21:53:09 +02:00
Miroslav Stampar	1a9a331422	Bug fix (proper extending of tests when dbms is known)	2014-08-30 21:34:23 +02:00
Miroslav Stampar	834f8e18c8	Minor patch for an Issue #802	2014-08-28 00:45:57 +02:00
Miroslav Stampar	b77d8d617b	Minor patch for an Issue #800	2014-08-28 00:31:49 +02:00
Miroslav Stampar	7828f61642	Minor style update	2014-08-20 13:35:41 +02:00
Miroslav Stampar	6795b51c7e	Another minor update	2014-08-20 01:59:30 +02:00
Miroslav Stampar	d08c1b7c04	Minor update	2014-08-20 01:45:42 +02:00
Miroslav Stampar	ebc964267f	Better reporting on filtered-chars cases	2014-08-20 01:11:26 +02:00
Miroslav Stampar	b31e141012	Fix for an Issue #772	2014-07-29 14:37:48 +02:00
Miroslav Stampar	0eb5fb1e5a	Update for an Issue #757	2014-07-19 23:02:14 +02:00
Miroslav Stampar	2a88436417	Patch for an Issue #724	2014-06-16 09:51:24 +02:00
Miroslav Stampar	cb0044b2c4	Minor beauty patch	2014-04-07 20:28:17 +02:00
Miroslav Stampar	9456dc68e7	Minor patch	2014-04-06 17:24:27 +02:00
Miroslav Stampar	cf250a0381	Minor patch (it would go boom if special character was inside the --param-del)	2014-04-06 17:02:32 +02:00
Miroslav Stampar	0ae8ac707e	Renaming conf.pDel to conf.paramDel	2014-04-06 16:48:46 +02:00
Miroslav Stampar	106102bd3c	Fix for an Issue #648	2014-03-21 20:28:29 +01:00
Miroslav Stampar	3b47418a1d	Fix for an Issue #640	2014-03-14 22:20:20 +01:00
Miroslav Stampar	2ffdee5733	Bug fix for PAYLOAD.WHERE.REPLACE payloads containing custom injection marker ([ORIGVALUE] was screwed)	2014-02-26 11:41:48 +01:00
Miroslav Stampar	edc8ef9d5b	Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used)	2014-02-25 13:48:34 +01:00
Miroslav Stampar	2a423d61ef	Raising number of requests for false positive testing in case of higher levels	2014-02-23 19:40:01 +01:00
Miroslav Stampar	fe0ff6e679	Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases	2014-02-09 17:50:16 +01:00
Miroslav Stampar	f97fcb7bb3	Adding a switch --invalid-string	2014-01-23 21:56:06 +01:00
Miroslav Stampar	f88f6dcd7e	Changing --invalid-bignum from float producing to int producing	2014-01-23 09:07:25 +01:00
Bernardo Damele	43a4e85749	updated copyright	2014-01-13 17:24:49 +00:00
Miroslav Stampar	6c80f2903b	Patch for an Issue #564	2013-12-27 11:02:59 +01:00
Miroslav Stampar	bf3fbb0ae0	Ignore Google analytics cookies	2013-12-04 09:56:37 +01:00
Miroslav Stampar	7ed05f01b3	Minor update	2013-10-27 00:24:57 +02:00
Miroslav Stampar	334c698d53	Adding change verbosity level in testing phase when Ctrl+C pressed	2013-10-17 16:54:53 +02:00
Moshe Kaplan	8cd641a2a6	minor typos corrected "choosen" -> "chosen"	2013-10-15 13:26:24 -04:00
Miroslav Stampar	2dc570d7a8	Minor patch (for ORDER BY 'col' cases)	2013-10-10 23:08:20 +02:00
Miroslav Stampar	369006ca73	Bug fix	2013-10-07 12:54:25 +02:00
Miroslav Stampar	0cf2bdeb1c	Minor language update	2013-08-22 11:11:30 +02:00
Miroslav Stampar	38ee95e2c9	Minor language update	2013-08-13 18:58:24 +02:00
Miroslav Stampar	52a71546d0	Implementation for an Issue #507	2013-08-13 18:55:23 +02:00
Miroslav Stampar	941b2387c0	Minor fix	2013-07-31 09:22:45 +02:00
Miroslav Stampar	b921ff0729	Fix for an Issue #495	2013-07-27 11:20:43 +02:00
stamparm	e6f71c2130	Making 10% less requests in futile higher level/risk runs (using static template payloads for where==NEGATIVE)	2013-07-15 16:24:49 +02:00
stamparm	c9d3974205	Minor fix (templatePayload had duplicate string patterns for where==NEGATIVE)	2013-07-15 13:54:02 +02:00
stamparm	ac2d40e259	Revert of last commit (there is a chance that that big integer value is really valid :)	2013-07-15 13:34:38 +02:00
stamparm	a097ee1505	Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant)	2013-07-15 13:31:56 +02:00
stamparm	d7c0805e7c	Removing leftover	2013-07-08 12:45:02 +02:00
stamparm	a548eb5c70	Minor text update	2013-07-08 12:44:14 +02:00
stamparm	d0e79a4d15	Minor text update	2013-07-08 12:38:36 +02:00
stamparm	a530817727	Minor typo fix	2013-07-08 11:52:46 +02:00
stamparm	8d3435ab0b	Removing reflective warning for parsing heuristic test	2013-07-08 11:48:33 +02:00
stamparm	04046f38eb	Minor update (Issue #475 )	2013-07-01 12:26:57 +02:00
stamparm	f7d15cb465	Official naming is HSQLDB (and/or HyperSQL)	2013-07-01 11:57:47 +02:00
Miroslav Stampar	aeb83ba651	Merge pull request #475 from Meatballs1/hsql_clean HSQL Payloads and Query Support	2013-07-01 02:38:04 -07:00
stamparm	fd5b665f7d	Removing arithmetic operations from false positive checking to minimize affect of character filtering ('>' and '=' have to stay because those are minimal requirements)	2013-06-26 10:55:34 +02:00
Meatballs	62000c6406	Remaining files	2013-06-24 14:42:58 +01:00
stamparm	690645f6c7	Cosmetic fix	2013-06-19 10:50:00 +02:00
stamparm	f4ca4cd6c5	Minor update	2013-05-29 15:49:09 +02:00
Miroslav Stampar	d3ad408a21	Minor cosmetics	2013-05-19 22:17:53 +02:00
Miroslav Stampar	980a0e3adb	Trivial update	2013-05-18 21:00:53 +02:00
Miroslav Stampar	1ff98c2ff9	Another minor text update	2013-05-18 21:00:11 +02:00
Miroslav Stampar	967513e1bb	Minor message update	2013-05-18 20:59:23 +02:00
Miroslav Stampar	caa4ee96cd	Minor cosmetic update	2013-05-18 18:28:44 +02:00
Miroslav Stampar	6608410320	Adding a question after WAF has been identified	2013-05-18 18:26:40 +02:00
stamparm	03732d2592	Minor fix	2013-05-17 16:04:05 +02:00
stamparm	76b4e1ccb9	Implementation for an Issue #450	2013-05-17 15:04:25 +02:00
stamparm	f1f34a65a2	Minor update	2013-05-15 13:38:26 +02:00
Miroslav Stampar	034e123b0c	Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent)	2013-05-12 16:24:13 +02:00
Miroslav Stampar	840ee26a14	If SQLAlchemy is available and it has problems while connecting then it should be smarter to not force the other (standard) method - if available	2013-04-15 18:42:26 +02:00
stamparm	1c2197e8de	Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends)	2013-04-15 16:18:40 +02:00
stamparm	a3d36fcb73	Minor update	2013-04-15 16:07:27 +02:00
stamparm	aed738d6e6	Update for an Issue #361	2013-04-15 14:20:21 +02:00
stamparm	3e65037a05	Introducing lib/utils/sqlalchemy.py (Issue #361 )	2013-04-15 10:33:25 +02:00
stamparm	661b44135d	Minor bug fix	2013-04-10 11:59:07 +02:00
stamparm	8c9da95343	Style and consistency update (url -> URL)	2013-04-09 11:48:42 +02:00
Miroslav Stampar	153aa10b77	Minor cosmetic update	2013-04-03 19:00:54 +02:00
stamparm	5dd2529b02	Minor language update	2013-03-26 14:18:37 +01:00
stamparm	4d2b77dde3	Minor language update	2013-03-26 14:15:40 +01:00
stamparm	3f8dafedae	Minor text update	2013-03-26 14:08:35 +01:00
stamparm	7447773237	Update for consistency (all other enums are using _ in between words)	2013-03-20 11:10:24 +01:00
Miroslav Stampar	8acf033715	Code refactoring	2013-03-19 19:24:14 +01:00
Miroslav Stampar	a3d9a7b1ff	Minor fix	2013-03-19 19:06:51 +01:00
Martin Bjerregaard Jepsen	d7a77c79ad	Fixed incorrect call to checkBooleanExpression when testing for false positives	2013-03-01 22:51:34 +01:00
stamparm	3a3f9c5ea1	Trivial commit related to the last one	2013-03-01 12:09:03 +01:00
stamparm	440b484bf6	Minor update (one more just in case dummy request in false positive check for time-based injections - when DBMS could be unresponsive a bit due to previous heavy-queries)	2013-03-01 10:59:04 +01:00
Miroslav Stampar	e42350ddce	Minor style update	2013-02-28 20:28:34 +01:00
Miroslav Stampar	0e89cc62a2	Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections	2013-02-28 20:20:08 +01:00
stamparm	af4762ace2	Minor style update	2013-02-26 11:16:09 +01:00
stamparm	f6b43b4b13	Minor update for an Issue #290	2013-02-26 11:08:06 +01:00
stamparm	68ce51bfd4	Changing from warn to info for no WAF found	2013-02-22 12:15:38 +01:00
stamparm	0bbbfc2eac	Adding a small warning message (related to the Issue #407 )	2013-02-22 11:12:41 +01:00
Miroslav Stampar	229e4e167b	Minor cosmetics	2013-02-21 21:06:31 +01:00
stamparm	3a8c0cd3a2	Minor style update	2013-02-21 14:52:56 +01:00
stamparm	29ba43ee6c	Unhidding switch '--identify-waf' (Issue #290 )	2013-02-21 14:48:19 +01:00
stamparm	08f0670aca	Minor refactoring for an Issue #290	2013-02-21 14:39:22 +01:00
stamparm	8e49872d7c	Finalizing implementation for an Issue #290	2013-02-21 14:33:12 +01:00
stamparm	6b2981ef4e	Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)	2013-02-21 11:14:57 +01:00
Miroslav Stampar	5c099efccc	Fix for an Issue #401	2013-02-18 11:38:18 +01:00
Bernardo Damele	4b9d8ed673	reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter	2013-02-14 11:32:17 +00:00
Bernardo Damele	a67ef4117f	make sure to use Python 2 interpreter when default system Python is version 3	2013-02-14 11:25:04 +00:00
Miroslav Stampar	1618086027	Minor fix	2013-02-05 10:58:02 +01:00
Miroslav Stampar	44579120b5	Cosmetics	2013-02-05 10:02:11 +01:00
Miroslav Stampar	e7b93b5b66	Implementation for an Issue #363	2013-02-01 17:24:04 +01:00
Miroslav Stampar	993372aae4	Bug fix (causing search problems)	2013-02-01 11:24:17 +01:00

... 3 4 5 6 7 ...

1087 Commits