Commit Graph

4221 Commits

Author SHA1 Message Date
Miroslav Stampar
d6bcbbae1d Minor patch for E technique to be more compatible with output of U technique 2016-05-25 12:42:15 +02:00
Miroslav Stampar
04b3aefc5d Patch for special character output in U and E techniques 2016-05-25 12:24:36 +02:00
Miroslav Stampar
a5f8cae599 Fixes #1892 2016-05-24 17:58:35 +02:00
Miroslav Stampar
29c3037512 Better asciinema recording (shorter width) 2016-05-24 17:26:10 +02:00
Miroslav Stampar
d0d7d3a205 Update of location of a sample run 2016-05-24 17:12:44 +02:00
Miroslav Stampar
7ce36ea1b6 Removal of unused imports 2016-05-24 16:40:44 +02:00
Miroslav Stampar
6f97f4796b Fixes #1891 2016-05-24 16:34:07 +02:00
Miroslav Stampar
39fe96009f Minor improvement (related to the last commit) 2016-05-24 16:20:39 +02:00
Miroslav Stampar
b475a38895 Better ORDER BY detection 2016-05-24 15:46:06 +02:00
Miroslav Stampar
42de887b05 Language update 2016-05-24 15:18:19 +02:00
Miroslav Stampar
28576bf08e Minor output update 2016-05-24 15:08:04 +02:00
Miroslav Stampar
c395958dff Fixes #1888 2016-05-24 14:55:19 +02:00
Miroslav Stampar
798b539eec Minor update 2016-05-24 14:50:56 +02:00
Miroslav Stampar
70cf8edc75 Fixes #1887 2016-05-24 14:17:00 +02:00
Miroslav Stampar
a81ea88eb0 Fixes #1889 2016-05-24 13:59:34 +02:00
Miroslav Stampar
023dda26fc Minor update for --os-shell directories 2016-05-24 12:53:21 +02:00
Miroslav Stampar
3e76895155 Minor update 2016-05-24 12:30:01 +02:00
Miroslav Stampar
2c1bd7f034 Update for an Issue #1531 (MySQL quirk with international letters) 2016-05-24 12:01:02 +02:00
Miroslav Stampar
f7cae68378 More formal language 2016-05-22 21:44:17 +02:00
Miroslav Stampar
f6ff1a115a Better (automatic) picking of a --string candidate (especially in case of international pages) 2016-05-22 21:29:08 +02:00
Miroslav Stampar
32ee586e2a Minor language update 2016-05-22 14:30:32 +02:00
Miroslav Stampar
b9e5655e3c Proper naming 2016-05-22 14:26:36 +02:00
Miroslav Stampar
6623c3f877 Pesky bug fix (nobody noticed :) 2016-05-22 14:22:31 +02:00
Miroslav Stampar
30a4173249 I like users which don't know the difference between detection and identification 2016-05-22 12:40:23 +02:00
Miroslav Stampar
dbbe4c6ddd Fixes #1884 2016-05-22 11:44:21 +02:00
Miroslav Stampar
633e4dfe48 Fixes #1886 2016-05-22 11:37:27 +02:00
Miroslav Stampar
5e8b105677 Fixes #1880 2016-05-19 19:46:12 +02:00
Miroslav Stampar
414dd96bbd Minor update (warning on negative integer values provided) 2016-05-19 18:04:25 +02:00
Miroslav Stampar
e857c2a88a Update for an Issue #1879 2016-05-19 13:50:31 +02:00
Miroslav Stampar
e7aaea2b8e Update for an Issue #1826 2016-05-17 14:10:49 +02:00
Miroslav Stampar
63d7cd607e Minor patch (for late threading issues) 2016-05-17 13:54:42 +02:00
Miroslav Stampar
d886b08dd9 Update for an Issue #1826 2016-05-17 13:45:03 +02:00
Miroslav Stampar
72f3185ae7 Fixes #1878 2016-05-17 10:47:17 +02:00
Miroslav Stampar
03be9f9b65 Minor removal of blank lines 2016-05-17 10:43:16 +02:00
Miroslav Stampar
d9d0865c13 Another patch for an Issue #1874 2016-05-16 17:09:05 +02:00
Miroslav Stampar
e3f54bc226 Minor patch for #1874 2016-05-16 16:53:28 +02:00
Miroslav Stampar
9662f4a56a Minor update 2016-05-16 16:47:29 +02:00
Miroslav Stampar
fea5cc8579 Minor patch 2016-05-16 15:37:49 +02:00
Miroslav Stampar
94091cd0e9 Fixes #1871 2016-05-15 09:37:45 +02:00
Miroslav Stampar
cc9f4b6102 Minor refactoring for MariaDB 2016-05-14 15:05:50 +02:00
Miroslav Stampar
cd7c99c752 Minor revert (it was not necessary - caused other problems) 2016-05-14 14:48:17 +02:00
Miroslav Stampar
75478c1181 Fixes #1868 2016-05-14 14:18:34 +02:00
Miroslav Stampar
ad0ca69579 Fixes #1865 2016-05-13 15:14:56 +02:00
Miroslav Stampar
2d801b7122 Minor patch for an Issue #1861 2016-05-12 17:16:55 +02:00
Miroslav Stampar
1e07269fe3 Patch for an Issue #1860 2016-05-12 16:42:12 +02:00
Miroslav Stampar
3b74e99576 Minor update (support for MariaDB) 2016-05-11 15:47:35 +02:00
Miroslav Stampar
439fff684e Minor update (MSSQL CONCAT payload) 2016-05-11 09:42:54 +02:00
Miroslav Stampar
72cf06119c Patch for an Issue #1852 2016-05-10 09:55:03 +02:00
Miroslav Stampar
808068d70a Minor update 2016-05-10 09:19:59 +02:00
Miroslav Stampar
f09072b2b6 Fixes #1853 2016-05-09 13:13:02 +02:00
Miroslav Stampar
be9381abc5 Implements #1845 2016-05-06 13:06:59 +02:00
Miroslav Stampar
5d09f7b85f Fixes #1822 2016-05-06 10:32:16 +02:00
Miroslav Stampar
8bbfee7591 Cleaning a leftover from be26392057 2016-05-06 10:30:58 +02:00
Miroslav Stampar
be26392057 Update for an Issue #1846 2016-05-06 10:23:57 +02:00
Miroslav Stampar
263730f4ee Fixes #1840 2016-05-04 13:23:59 +02:00
Miroslav Stampar
5d7e1782d9 Fixes #1839 2016-05-04 11:14:42 +02:00
Miroslav Stampar
e27f590c2c Fixes #1838 2016-05-04 11:11:58 +02:00
Miroslav Stampar
7afe655561 Another minor update for #1836 2016-05-03 12:52:46 +02:00
Miroslav Stampar
3bf08290a4 Update for an Issue #1836 2016-05-03 12:37:10 +02:00
Miroslav Stampar
34c2172391 Fixes #1837 2016-05-03 11:38:47 +02:00
Miroslav Stampar
48044f7a46 Minor update of IDS_WAF_CHECK_PAYLOAD 2016-05-03 00:19:19 +02:00
Miroslav Stampar
04e666182f Minor update of FORMAT_EXCEPTION_STRINGS 2016-05-02 23:44:43 +02:00
Miroslav Stampar
c797129956 Fixes #1833 2016-05-02 11:10:12 +02:00
Miroslav Stampar
6928dae956 Minor patch 2016-05-02 10:45:50 +02:00
Miroslav Stampar
6db3bcbb51 Minor update for UrlScan 2016-05-02 10:12:19 +02:00
Miroslav Stampar
d7f0b3566d Automatic monthly tagging 2016-05-02 10:06:30 +02:00
Miroslav Stampar
0c67a90cc0 Minor bug fix 2016-05-02 10:06:30 +02:00
Miroslav Stampar
f06e498fb0 Implementation for an Issue #1826 2016-04-29 14:19:32 +02:00
Miroslav Stampar
ad612bf9e4 Patch for Windows banner display 2016-04-29 00:51:20 +02:00
Miroslav Stampar
9dd5cd8eb6 Removing CloudFlare check 2016-04-29 00:17:07 +02:00
Miroslav Stampar
5ed3cdc819 Minor update 2016-04-22 10:54:55 +02:00
Miroslav Stampar
e07c92bce5 Minor change on banner showing up 2016-04-19 13:45:49 +02:00
Miroslav Stampar
0c5965c7b8 Minor patches 2016-04-19 13:13:37 +02:00
Miroslav Stampar
aa21550712 Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself) 2016-04-15 13:47:19 +02:00
Miroslav Stampar
66061e8c5f Fixes #1811 2016-04-15 12:04:54 +02:00
Miroslav Stampar
c4b74c2e01 Fixes #1810 2016-04-12 22:37:14 +02:00
Miroslav Stampar
55b23e78ee Fixes #1809 2016-04-12 22:10:26 +02:00
Miroslav Stampar
a9526bda92 Minor patch 2016-04-11 22:38:44 +02:00
Miroslav Stampar
0901da3f83 Update for an Issue #1807 2016-04-11 09:43:50 +02:00
Miroslav Stampar
8004652f7b Some more optimization 2016-04-08 15:30:25 +02:00
Miroslav Stampar
c9b410c97f Minor update 2016-04-08 14:59:52 +02:00
Miroslav Stampar
814d710320 Minor speed up 2016-04-08 14:41:34 +02:00
Miroslav Stampar
38fcc5a35a Update for pre-WHERE payloads 2016-04-08 13:19:42 +02:00
Miroslav Stampar
674d516f3e Minor patch 2016-04-08 11:40:09 +02:00
Miroslav Stampar
8ceb4907a5 Another update for Issue #1800 2016-04-08 11:37:38 +02:00
Miroslav Stampar
ce3749622a Minor revisit of payload boundaries (Issue #1800) 2016-04-08 11:28:17 +02:00
Miroslav Stampar
bcfae99701 Adding new WAF script 2016-04-08 10:32:18 +02:00
Miroslav Stampar
44c1c2c6f0 Minor update (reported via email) 2016-04-06 11:43:53 +02:00
Miroslav Stampar
ac08db82b2 Including one more error regex (based on testasp[.]vulnweb[.]com) 2016-04-04 16:14:30 +02:00
Miroslav Stampar
305bfd9d30 Implements #1763 2016-04-04 13:50:10 +02:00
Miroslav Stampar
f9aaec7b4a Minor patch (binary extensions) 2016-04-04 12:43:53 +02:00
Miroslav Stampar
d881a92ee7 Automatic monthly tagging 2016-04-04 12:38:37 +02:00
Miroslav Stampar
60ada89347 Trying once again 2016-04-04 12:38:37 +02:00
Miroslav Stampar
171bfa33a7 Automatic monthly tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
acaef90c7b Minor tuning of auto tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
31d7021d4c Fixes #1794 2016-04-04 12:25:07 +02:00
Miroslav Stampar
e83d8f6143 Updating colorama (Issue #1784) 2016-03-30 15:11:34 +02:00
Miroslav Stampar
7e55af2811 Fixes #1778 2016-03-28 16:13:36 +02:00
Miroslav Stampar
ad3b766b65 Adding in-table name boundaries 2016-03-26 09:39:28 +01:00
Miroslav Stampar
074fbbcea5 Implementation for an Issue #1776 2016-03-23 15:45:49 +01:00
Miroslav Stampar
5b0d5970cc Another patch related to the #1773 2016-03-23 10:33:32 +01:00
Miroslav Stampar
6c2f9859be Potential patch for #1773 2016-03-23 10:26:22 +01:00
Miroslav Stampar
d496d99943 Fixes #1774 2016-03-22 13:24:54 +01:00
Miroslav Stampar
d20e9febf2 Fixes #1770 2016-03-19 17:40:05 +01:00
Miroslav Stampar
d76ee8f534 Further update for #1765 2016-03-17 17:06:11 +01:00
Miroslav Stampar
5b88e3e1ad Minor update of version comment 2016-03-17 16:38:39 +01:00
Miroslav Stampar
a68848faf7 (Auto) adjusting micro version (to current month) 2016-03-17 16:31:34 +01:00
Miroslav Stampar
a4f21399e7 Fixes #1760 2016-03-17 16:23:28 +01:00
Miroslav Stampar
e03b2df58f Fixes #1761 2016-03-14 17:21:35 +01:00
Miroslav Stampar
252eb97198 Patch related to the #1755 2016-03-12 19:28:28 +01:00
Miroslav Stampar
67ae620182 Another patch related to the #1752 2016-03-12 15:04:19 +01:00
Miroslav Stampar
13366aeb48 Fixes #1752 2016-03-12 12:26:30 +01:00
Miroslav Stampar
e1ce16144a Fixes #1753 2016-03-10 15:42:01 +01:00
Miroslav Stampar
3307918389 Fixes #1750 2016-03-10 14:48:05 +01:00
Miroslav Stampar
c50849707f Fixes #1748 2016-03-08 14:35:16 +01:00
Miroslav Stampar
06296bd251 Fixes #1743 2016-03-06 20:04:45 +01:00
Miroslav Stampar
0f6e529fb9 Fixes #1745 2016-03-06 12:14:20 +01:00
Miroslav Stampar
242800c085 Minor update related to the #1740 2016-03-01 15:40:34 +01:00
Miroslav Stampar
679f0cf772 Fixes #1738 2016-03-01 15:36:00 +01:00
Miroslav Stampar
1b5a4651a9 Trivial refactoring 2016-03-01 14:48:53 +01:00
Miroslav Stampar
05fa7eb7c6 Minor update 2016-03-01 11:56:56 +01:00
Miroslav Stampar
336169e181 Update of version display 2016-02-29 08:12:38 +01:00
Miroslav Stampar
b2bc3d49fd Minor update 2016-02-29 00:52:46 +01:00
Miroslav Stampar
71aa7deefe Minor beautification 2016-02-29 00:49:45 +01:00
Miroslav Stampar
cf5ae507c8 Minor update of READMEs 2016-02-29 00:44:08 +01:00
Miroslav Stampar
4898a2c332 Dummy commit 2016-02-29 00:30:37 +01:00
Miroslav Stampar
151dcee32e Minor update 2016-02-29 00:23:59 +01:00
Miroslav Stampar
73f1155847 Adding new shutils file 2016-02-29 00:20:58 +01:00
Miroslav Stampar
adfcb1ad67 Adjusting version number 2016-02-27 15:59:52 +01:00
Miroslav Stampar
a90913c57d Proper patch for #1723 2016-02-23 11:46:04 +01:00
Miroslav Stampar
d6bac363af Minor patch for combo -r and --method 2016-02-18 11:13:51 +01:00
Miroslav Stampar
82abf1f742 Fixes #1714 2016-02-16 09:56:53 +01:00
Noelkd
0514946efa Removed dead links. 2016-02-14 15:57:55 +00:00
Miroslav Stampar
08aae2b7c5 Bug fix (--prefix should not fix the origValue in REPLACEMENT payloads) 2016-02-05 11:53:24 +01:00
Miroslav Stampar
ee0439cf11 Update for #1678 2016-01-27 10:03:30 +01:00
Miroslav Stampar
c34eaa1ce8 Minor patch 2016-01-24 22:05:08 +01:00
Miroslav Stampar
c6c5a937f9 Minor style update 2016-01-21 10:17:17 +01:00
Miroslav Stampar
574b3a79aa Adding support for detection of CloudFlare responses 2016-01-21 10:16:23 +01:00
Miroslav Stampar
8d42a93fdc Fixes #1665 2016-01-16 08:13:56 +01:00
Miroslav Stampar
6fef2948ff Minor consistency update 2016-01-14 22:51:26 +01:00
Miroslav Stampar
66eaac862b Minor consistency update 2016-01-14 22:47:56 +01:00
Miroslav Stampar
59695af101 Minor improvement of heuristic checks 2016-01-14 22:21:47 +01:00
Miroslav Stampar
8b90d146f6 Update of file attributes 2016-01-14 18:02:15 +01:00
Miroslav Stampar
c78a9cd156 Consistency patch 2016-01-14 12:14:00 +01:00
Miroslav Stampar
4c1fc095d8 Adding heuristic check for FI vulnerability 2016-01-14 09:59:13 +01:00
Miroslav Stampar
87676eb4bb Minor update for #1660 2016-01-13 23:05:28 +01:00
Miroslav Stampar
c410f16f3f Fixes #1660 2016-01-13 23:02:11 +01:00
Miroslav Stampar
0c8c4fa0d9 Fixes #1663 2016-01-13 14:38:59 +01:00
Miroslav Stampar
c37f4855bb Another patch for Issue #1659 2016-01-12 10:34:56 +01:00
Miroslav Stampar
eb989469f3 Minor just in case update 2016-01-12 10:27:04 +01:00
Miroslav Stampar
9b716fcce9 Patch related to the #1659 2016-01-12 10:24:28 +01:00
Miroslav Stampar
a0b67418c7 Just in case update 2016-01-11 00:34:03 +01:00
Miroslav Stampar
7e78554e97 For frenzy Ctrl-C pressing 2016-01-11 00:08:38 +01:00
Miroslav Stampar
1f01d6022c Minor style update 2016-01-10 23:50:24 +01:00
Miroslav Stampar
e53e4dddf1 Minor patch 2016-01-10 23:12:46 +01:00
Miroslav Stampar
6b40e0aa8c Minor style update (nongit-version) 2016-01-10 02:08:23 +01:00
Miroslav Stampar
5908964db4 Another (better) patch for #1636 2016-01-09 17:32:19 +01:00
Miroslav Stampar
3c9be947c5 Fixes #1649 2016-01-09 00:15:05 +01:00
Miroslav Stampar
48ac2101f2 Using only once the dummy checkWaf payload 2016-01-08 23:23:41 +01:00
Miroslav Stampar
de06ae6803 Fixes #1647 2016-01-08 23:10:32 +01:00
Miroslav Stampar
c7ea3d65be Fixes #1644 2016-01-08 15:33:14 +01:00
Miroslav Stampar
e3650342bd Fixes #1639 2016-01-08 11:47:12 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
42066cfb3d Minor refactoring 2015-12-30 12:41:56 +01:00
Miroslav Stampar
89e0fc8ffa Minor update 2015-12-19 17:50:12 +01:00
Miroslav Stampar
aee47d32c5 Patch for #1601 2015-12-15 12:13:03 +01:00
Miroslav Stampar
b269e8418f Fixes #1608 2015-12-15 10:46:37 +01:00
Miroslav Stampar
dc7f2a71d2 Minor refactoring 2015-12-12 23:48:30 +01:00
Miroslav Stampar
663c976a3b Fixes #1600 2015-12-09 19:53:48 +01:00
Miroslav Stampar
31d250f98e Fixes #1592 2015-12-09 12:00:34 +01:00
Miroslav Stampar
1c5c937507 Minor update 2015-12-09 10:14:13 +01:00
Miroslav Stampar
efc91b015d Fixes #1589 2015-12-09 10:07:37 +01:00
Miroslav Stampar
af60f11319 Fixes #1584 (hello @w3af looking for the patch of this one ;) 2015-12-07 16:17:28 +01:00
Miroslav Stampar
b5b3411f16 Fixes #1574 2015-12-06 23:49:22 +01:00
Miroslav Stampar
7517e64417 Minor bug fix (reported via email) 2015-12-05 00:52:58 +01:00
Miroslav Stampar
d50c0b7103 Fixes #1581 2015-12-03 12:16:00 +01:00
Miroslav Stampar
a7c135174c Fixes #1579 2015-12-03 02:00:16 +01:00
Miroslav Stampar
6397704456 Patch for an Issue #1578 2015-12-03 01:43:37 +01:00
Miroslav Stampar
80d3ff6706 Adding hidden switch for disabling socket preconnect (debugging purposes) 2015-12-02 12:05:40 +01:00
Miroslav Stampar
a219ff9a92 Fixes #1572 2015-11-29 19:40:14 +01:00
Miroslav Stampar
f9da29284c Minor bug fix (reported via email) 2015-11-27 18:35:58 +01:00
Miroslav Stampar
5020269f50 Adding extra mark into non-git checkouts 2015-11-24 09:38:28 +01:00
Miroslav Stampar
527dcce08d Better alternative (on Linux getctime() is the time of the last metadata change) 2015-11-24 09:25:11 +01:00
Miroslav Stampar
376037123b Minor fix 2015-11-22 15:33:00 +01:00
Miroslav Stampar
a5489516eb Fixes #1550 2015-11-20 16:52:59 +01:00
Miroslav Stampar
7fa9c8e938 Patch for an Issue #1546 2015-11-20 11:38:26 +01:00
Miroslav Stampar
19f6eb234b Revert of #58e049a60d250b881af60091215c75daa3f5c01a (I can imagine couple of things that could go wrong) 2015-11-17 08:52:24 +01:00
Miroslav Stampar
58e049a60d More generic approach for number of pre-open sockets (Issue #1540) 2015-11-17 02:45:27 +01:00
Miroslav Stampar
fd2908336a Minor just in case patch 2015-11-17 02:35:53 +01:00
Miroslav Stampar
5be0a83e94 Minor patch 2015-11-17 01:38:43 +01:00
Miroslav Stampar
89abeb0244 Patch for 'Exception in thread Thread-1 (most likely raised during interpreter shutdown)' 2015-11-17 01:09:57 +01:00
Miroslav Stampar
abb1c6a621 Less intensive loop 2015-11-17 00:12:04 +01:00
Miroslav Stampar
41b8dfab86 Implementation for an Issue #1540 2015-11-16 23:46:10 +01:00
Miroslav Stampar
4335ae8330 Patching previous commit 2015-11-16 16:59:54 +01:00
Miroslav Stampar
94639d11a3 Another update related to the #1539 2015-11-16 15:33:05 +01:00
Miroslav Stampar
c1e3431877 Minor patch 2015-11-16 15:32:28 +01:00
Miroslav Stampar
768e5da589 Removing leftover (from 5593bf2fee) 2015-11-16 15:04:09 +01:00
Miroslav Stampar
5593bf2fee Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars) 2015-11-16 15:02:30 +01:00
Miroslav Stampar
ca933fcf1d Another patch for #1539 2015-11-16 14:08:43 +01:00
Miroslav Stampar
a212f0c240 Another patch for #1539 2015-11-16 12:56:15 +01:00
Miroslav Stampar
9c69f56a34 Proper patch for an Issue #1539 2015-11-16 11:59:09 +01:00
Miroslav Stampar
fb2cb25afe Bug fix for an Issue #1539 2015-11-16 11:56:15 +01:00
Miroslav Stampar
07b1407345 Patches #1530 2015-11-11 15:55:28 +01:00
Miroslav Stampar
17350fb4ec Proper fix for #1146 (/ has been escaped with \/ in output) 2015-11-09 14:05:53 +01:00
Miroslav Stampar
22484c8599 Bug fix (-p Host didn't work, while -p host worked) 2015-11-09 13:19:55 +01:00
Miroslav Stampar
42649005c2 Lots of fixes and refactoring in search department 2015-11-08 16:37:46 +01:00
Miroslav Stampar
b4526a3d51 Bug fix (usage of socks and http proxies in --proxy-file didn't work together) 2015-11-08 02:20:29 +01:00
Miroslav Stampar
3451372d4e Fixes #1521 2015-11-04 14:48:40 +01:00
Miroslav Stampar
4dc0c05172 Fixes #1505 2015-10-31 10:16:44 +01:00
Miroslav Stampar
04aaa5985b Fixes #1497 2015-10-29 17:02:47 +01:00
Miroslav Stampar
caafa377a6 Fixes #1495 2015-10-28 10:29:12 +01:00
Miroslav Stampar
89e36392f7 Fixes #1486 2015-10-25 15:32:02 +01:00
Miroslav Stampar
8f9979c302 Patch for an Issue #541 2015-10-22 20:51:05 +02:00
Miroslav Stampar
fbec463b49 Adding new bold patterns 2015-10-22 15:44:08 +02:00
Miroslav Stampar
7c1cff6749 Fixing ancient bug (introduced with #6c80f29) - that removes original value when --prefix used 2015-10-22 15:14:12 +02:00
Miroslav Stampar
441196f360 Fixes #1470 2015-10-16 23:59:39 +02:00
Miroslav Stampar
f793a26095 Removing ugly duplicating of \ (hidden bugs came - e.g. DNS exfiltration) 2015-10-15 16:00:59 +02:00
Miroslav Stampar
475ca5277a Minor information update regarding #541 2015-10-14 16:11:11 +02:00
Miroslav Stampar
80aca35dd1 Removing #1450 2015-10-13 15:00:59 +02:00
Miroslav Stampar
570562369b Further fixes for sqlmap to work properly with HSQLDB (WebGoat) 2015-10-13 13:04:59 +02:00
Miroslav Stampar
47a42c234e Fixes #1459 2015-10-10 19:19:50 +02:00
Miroslav Stampar
9641e84dd9 Bug fixes for HSQLDB 2015-10-09 16:52:13 +02:00
Miroslav Stampar
d424d4cdc7 Fixes #1457 2015-10-09 11:54:28 +02:00
Miroslav Stampar
8bf236ce11 Minor patch for SQLite parsing of schemas 2015-10-07 10:01:48 +02:00
Miroslav Stampar
fd686fb691 Patch related to the #1455 2015-10-07 09:43:25 +02:00
Miroslav Stampar
551b7e4b45 Patch for an Issue #1450 2015-10-06 13:23:01 +02:00
Miroslav Stampar
20c19f33dc Minor update 2015-10-05 15:51:21 +02:00
Miroslav Stampar
1c6e288eb1 Fixes #1447 2015-10-05 15:33:29 +02:00
Miroslav Stampar
acd6b7797f Fixes #1446 2015-10-05 15:18:54 +02:00
Miroslav Stampar
53de0e8949 Implements #1442 2015-10-01 11:57:33 +02:00
Miroslav Stampar
29edb4f75c Fixes #1440 2015-09-30 11:26:56 +02:00
Miroslav Stampar
906cb6d3c2 Removing a hard limit to use --start/--stop only for --dump scenarios 2015-09-28 11:11:39 +02:00
Miroslav Stampar
5ed106ecea Patch for an Issue #1434 2015-09-27 15:59:17 +02:00
Miroslav Stampar
b68891050d Better word used 2015-09-25 23:41:47 +02:00
Miroslav Stampar
f16389232f Bug fix for --proxy-file (only first element was fetched in case of fail) 2015-09-25 15:23:42 +02:00
Miroslav Stampar
4774795d8c Fixes #1429 2015-09-25 14:59:21 +02:00
Miroslav Stampar
0e22a0ca5f Minor cosmetics 2015-09-21 16:41:54 +02:00
Miroslav Stampar
81caf14b6d Adding switch --skip-waf 2015-09-21 14:57:44 +02:00
Miroslav Stampar
56f0b811a6 Minor patch 2015-09-21 13:23:56 +02:00
Miroslav Stampar
3fca379f29 Minor patch (avoiding message 'can't establish SSL connection' in --check-tor) 2015-09-21 11:25:59 +02:00
Miroslav Stampar
2cea977e12 Fixes #1415 2015-09-17 14:58:01 +02:00
Miroslav Stampar
ee38574449 Fixes #1411 2015-09-15 13:26:25 +02:00
Miroslav Stampar
c4f9e66a6f Patch related to the #1403 2015-09-10 16:21:31 +02:00
Miroslav Stampar
c05c0ff435 Minor patch with imports 2015-09-10 15:55:49 +02:00
Miroslav Stampar
f494004f44 Switching to the getSafeExString (where it can be used) 2015-09-10 15:51:33 +02:00
Miroslav Stampar
90329a8b01 Minor patch 2015-09-09 11:53:44 +02:00
Miroslav Stampar
b6206692e0 Fixes #1392 2015-09-08 11:53:29 +02:00
Miroslav Stampar
e59a220199 Fixes #1393 2015-09-08 11:10:47 +02:00
Miroslav Stampar
7511023bc2 Fixes #1385 2015-09-03 10:11:36 +02:00
Miroslav Stampar
401564898d Adding support for 'empty' POST body (if forced by --method) 2015-08-31 14:43:41 +02:00
Miroslav Stampar
265a78b455 Fixes #1379 2015-08-31 14:27:47 +02:00
Miroslav Stampar
d70215ad6c Fixes #1237 2015-08-31 10:24:05 +02:00
Miroslav Stampar
d2a9c7584f Minor patch 2015-08-31 09:51:35 +02:00
Miroslav Stampar
50d39d0252 Closes #1372 2015-08-30 23:15:50 +02:00
Miroslav Stampar
89292ce1f9 Closes #1376 2015-08-30 22:52:24 +02:00
Miroslav Stampar
737a37bfda Fixes #1367 2015-08-30 01:58:43 +02:00
Miroslav Stampar
06c8704179 Fixes #1365 2015-08-28 15:30:28 +02:00
Miroslav Stampar
43f3900ffe Fixes #1362 2015-08-27 12:25:25 +02:00
Miroslav Stampar
1cf012521d Minor refactoring 2015-08-26 16:18:03 +02:00
Miroslav Stampar
a33b0454cd Implementation for an Issue #1360 2015-08-26 15:26:16 +02:00
Miroslav Stampar
337eb9861a Fixes #1347 2015-08-23 22:11:59 +02:00
Miroslav Stampar
690347a170 Bug fix (non-ASCII chars in command line caused gibberish in unhandled messages) 2015-08-23 21:48:31 +02:00
Miroslav Stampar
9fb0eb3dd7 Blank removal 2015-08-23 21:41:59 +02:00
Miroslav Stampar
1204141278 Fixes #1350 2015-08-23 21:09:20 +02:00
KingX
3ebb3e6f4f fix removeDynamicContent bug
double re.escape() in "findDynamicContent" function and "removeDynamicContent" function leads an bug in finding dynamic content,
2015-08-22 14:05:03 +08:00
Miroslav Stampar
383316fcb3 Fixing issues caused by 9ad1d122f4 (better approach) 2015-08-18 22:48:55 +02:00
Miroslav Stampar
8806ce72c1 Patch for an Issue #1341 2015-08-18 22:03:42 +02:00
Miroslav Stampar
c9d1c4d7b1 Fixes #1337 2015-08-16 23:29:39 +02:00
Miroslav Stampar
713d5384bc Potential patch for an Issue #1337 2015-08-16 23:15:04 +02:00
Miroslav Stampar
310d79b8f1 Adding special variable 'lastPage' to the eval code (by request from ML) 2015-08-14 23:29:31 +02:00
Miroslav Stampar
b010fda695 Switch --save becomes an option (taking file path where to save config file) 2015-08-14 22:49:32 +02:00
Miroslav Stampar
2c1cde0f59 Minor fix (reported over ML - ignore saving of conf.saveCmdline) 2015-08-13 17:21:36 +02:00
Miroslav Stampar
8ea8b168b1 Minor cosmetics 2015-08-13 17:10:35 +02:00
Miroslav Stampar
9ad1d122f4 Minor patch (Issue #1327) 2015-08-12 22:09:31 +02:00
Miroslav Stampar
62f35698ee Bug fix (ML) - when cookies have blank expiration time 2015-08-06 13:07:16 +02:00
Miroslav Stampar
e623ee66ad Better approach for #1320 2015-07-30 23:29:31 +02:00
Miroslav Stampar
bcb25823e6 Fixes #1320 2015-07-30 23:19:38 +02:00
Miroslav Stampar
301aca57e6 Fixes #1319 2015-07-29 10:00:15 +02:00
Miroslav Stampar
401905b2dd Minor improvement to UNION file write 2015-07-26 17:02:46 +02:00
Miroslav Stampar
e3553ae893 Missing import 2015-07-26 16:19:44 +02:00
Miroslav Stampar
b0bc3149f9 Fixes #1315 2015-07-26 16:18:41 +02:00
Miroslav Stampar
e7af081447 Minor patch 2015-07-26 16:08:30 +02:00
Miroslav Stampar
b6ea2fdb07 Fixes #1170 2015-07-24 14:56:45 +02:00
Miroslav Stampar
a905b8d8f5 Fixes #1312 2015-07-23 10:07:21 +02:00
Miroslav Stampar
cece2cb12d Minor cosmetics 2015-07-23 00:42:29 +02:00
Miroslav Stampar
358651b19c Fixes #1313 2015-07-23 00:41:03 +02:00
Miroslav Stampar
2afb5687f6 Fixes #1307 2015-07-20 15:47:27 +02:00
Miroslav Stampar
a7c4400cc9 Fixes #1304 2015-07-17 14:20:51 +02:00
Miroslav Stampar
00f190fc92 Fixes #1303 2015-07-17 10:14:35 +02:00
Miroslav Stampar
49212ec920 Fixes #1302 2015-07-17 09:56:24 +02:00
Miroslav Stampar
1aafe85a3a Fixes #1299 2015-07-15 11:15:06 +02:00
Miroslav Stampar
fdc8e664df Updating --beep functionality (ML request) 2015-07-13 23:55:46 +02:00
Miroslav Stampar
16f8e4c8ba Removing unused imports 2015-07-12 12:25:02 +02:00
Miroslav Stampar
a20da7a677 Patch for automatic reporting (GitHub has robots) 2015-07-12 12:05:19 +02:00
Miroslav Stampar
fa303ef8b1 Minor update 2015-07-10 16:39:18 +02:00
Miroslav Stampar
10f8c6a0b6 Introducing --offline switch (to perform session only lookups) 2015-07-10 16:10:24 +02:00
Miroslav Stampar
4baaa4a5ad Minor improvement 2015-07-10 09:24:14 +02:00
Miroslav Stampar
02470ea683 Further decreasing number of testing payloads 2015-07-10 01:19:46 +02:00
Miroslav Stampar
3a5cc98976 -Z is/are a pseudo-option (just like -H) expanded during the run 2015-07-07 09:27:18 +02:00
Miroslav Stampar
2080fcaa37 Fixes #1293 2015-07-07 09:24:16 +02:00
Miroslav Stampar
6a1b3895f9 Patch for an Issue #1285 2015-07-06 11:50:59 +02:00
Miroslav Stampar
96327b6701 Fixes #1290 2015-07-05 01:47:01 +02:00
Miroslav Stampar
166dc98e81 Minor patch 2015-07-05 00:03:29 +02:00
Miroslav Stampar
7b95a2d80d Patch for an Issue #1280 2015-06-29 10:05:16 +02:00
Miroslav Stampar
8b63ee9bc3 Minor update for #1281 2015-06-29 01:12:14 +02:00
Miroslav Stampar
97244f5e5e Fixes #1279 2015-06-29 00:20:35 +02:00
Miroslav Stampar
b212321c07 Fixes #1278 2015-06-26 10:30:53 +02:00
Miroslav Stampar
b02be9674f Fixes #1277 2015-06-26 10:11:34 +02:00
Miroslav Stampar
7d418af274 Fix for a bug reported privately by email 2015-06-22 16:28:35 +02:00
Miroslav Stampar
9e5ef094a3 Closes #1270 2015-06-16 22:20:21 +02:00
Miroslav Stampar
8d7e915af7 Minor patch for #1260 2015-06-05 17:02:56 +02:00
Miroslav Stampar
ec87d8ebda Adding a support for SNI (Issue #1256) 2015-06-01 10:45:16 +02:00
Miroslav Stampar
17bfda1b9c Adding new switch ('--skip-static') 2015-05-18 20:57:15 +02:00
Miroslav Stampar
e8f87bfa41 Minor patches related to the #1206 2015-05-11 11:01:21 +02:00
Miroslav Stampar
9010e157e9 Conflict fix 2015-05-11 10:11:33 +02:00
Miroslav Stampar
5ee7fd785a Fixes #1235 2015-05-01 00:48:08 +02:00
Miroslav Stampar
bb98894dc1 Adding option --safe-req 2015-04-22 16:28:54 +02:00
Miroslav Stampar
4ded9a9966 Small patch for existing option validation 2015-04-22 15:32:14 +02:00
Miroslav Stampar
77c96de4ea Minor patch related to the last commit 2015-04-22 10:33:22 +02:00
Miroslav Stampar
95b52a02ec Minor patch for custom injection into HTTP Authorization header 2015-04-22 10:28:16 +02:00
Miroslav Stampar
c5138d4696 Minor refactoring 2015-04-21 00:02:47 +02:00
Miroslav Stampar
349dfbf2ae Adding an option --safe-post 2015-04-20 23:55:59 +02:00
Miroslav Stampar
7517db76d1 Minor fix for SQLite's schema parsing 2015-04-16 18:40:43 +02:00
Miroslav Stampar
1e7f2d6da2 Implements #1215 2015-04-06 22:07:22 +02:00
Miroslav Stampar
a19bccc84f Fixes #1205 2015-03-26 15:31:29 +01:00
Miroslav Stampar
770cfb6102 Removing test print 2015-03-26 15:20:54 +01:00
Miroslav Stampar
5dfd3ef1e4 Another update 2015-03-26 12:25:32 +01:00
Miroslav Stampar
3be7a447a5 Update 2015-03-26 12:22:49 +01:00
ricterz
bbfdb02a0e fix mandatorily depend of websocket #1198 2015-03-24 22:25:16 +08:00
ricterz
50fd6ce7f7 add websocket support for parse url #1198 2015-03-24 10:30:38 +08:00
Miroslav Stampar
05a496c275 Fixes #1196 2015-03-20 00:56:52 +01:00
Bernardo Damele
260643241a prioritized fingerprinted DBMS to error-based and user provided one 2015-02-27 14:19:30 +00:00
Miroslav Stampar
e35c7fbb7a Fixes #1172 2015-02-22 13:41:54 +01:00
Bernardo Damele
475cc8b24b trivial code cleanup 2015-02-21 13:12:30 +00:00
Bernardo Damele
383929c0c2 if the user forces the DBMS, then sort the tests accordingly to perform first the DBMS-specific tests, then the others 2015-02-21 13:12:03 +00:00
Bernardo Damele
8be24d3e9b minor enhancement, prefer intersect() each time DBMS values are comfronted 2015-02-21 12:59:27 +00:00
Bernardo Damele
388c0dfd77 trivial layout fix 2015-02-21 12:57:49 +00:00
Bernardo Damele
1ecb921ba7 Consistency in enums 2015-02-20 18:31:47 +00:00
Bernardo Damele
32ab52b8ca code refactoring: split boundaries and payloads XML files 2015-02-15 16:31:35 +00:00
Miroslav Stampar
2af2aef43e Minor patch for masking sensitive information (when formation -u=... is used) 2015-02-03 09:48:05 +01:00
Miroslav Stampar
bf1c08a8a6 Bug fix 2015-01-30 22:43:40 +01:00
Miroslav Stampar
9563e429d3 Removal of fun code 2015-01-30 21:49:22 +01:00
Miroslav Stampar
9f679a952f Minor update 2015-01-29 10:44:36 +01:00
Miroslav Stampar
024c500d8e Minor fix 2015-01-28 00:54:39 +01:00
Miroslav Stampar
5400bb2c95 Patch for an Issue #1142 2015-01-28 00:52:40 +01:00
Miroslav Stampar
fd632e5ada Update for unhandled exception mechanism (BADA) 2015-01-26 09:09:38 +01:00
Miroslav Stampar
eb548959b3 Minor update 2015-01-26 08:59:10 +01:00
Miroslav Stampar
f0eac38ab4 Minor fix 2015-01-26 08:48:37 +01:00
Miroslav Stampar
32bf2dbe6d Patch for an Issue #1133 2015-01-23 23:00:28 +01:00
Miroslav Stampar
779db7cbc3 Minor enhancement 2015-01-22 09:17:45 +01:00
Miroslav Stampar
2655b078d0 Patch for an Issue #1127 2015-01-22 08:52:15 +01:00
Miroslav Stampar
02b3eb941f Patch for an Issue #1124 2015-01-21 09:26:30 +01:00
Miroslav Stampar
cd743ab098 Minor update 2015-01-21 09:12:12 +01:00
Miroslav Stampar
a66b0c91bb Patch for an Issue #1120 2015-01-19 09:19:30 +01:00
Miroslav Stampar
e73ac6c8e3 Minor patch on request of an user 2015-01-17 21:47:57 +01:00
Miroslav Stampar
da737d23ed Fixing a leftover for #1117 2015-01-15 17:34:14 +01:00
Miroslav Stampar
20a9d94f56 Patch for an Issue #1117 2015-01-15 17:32:07 +01:00
Miroslav Stampar
1dd2b7aceb Important fix for dumping location of databases/tables with international letters 2015-01-15 14:01:19 +01:00
Miroslav Stampar
570d30789b Patch for an Issue #1113 2015-01-14 14:20:33 +01:00
nixawk
7388c3bf49 datatype.py 2015-01-14 09:40:24 +00:00
Miroslav Stampar
7e7513aa5e Patch for an Issue #1107 2015-01-14 05:30:08 +01:00
Miroslav Stampar
f9a9ededb1 Patch for an Issue #1106 2015-01-14 05:16:32 +01:00
Miroslav Stampar
06ff8b3a16 Patch for an Issue #1105 2015-01-13 10:33:51 +01:00
Miroslav Stampar
8e03f4db0f Patch for an Issue #1062 2015-01-09 15:33:53 +01:00
Miroslav Stampar
7bcb3ce599 Patch for an Issue #1099 2015-01-08 09:22:47 +01:00
Miroslav Stampar
c8d4df6eba Adding names to parameters in structured POST requests (e.g. JSON) 2015-01-07 22:09:40 +01:00
Miroslav Stampar
49982bce9c Trivial update 2015-01-07 16:03:37 +01:00
Miroslav Stampar
30b9f3d556 Minor update 2015-01-07 10:53:57 +01:00
Miroslav Stampar
47af7dfe6a Another minor patch 2015-01-07 10:49:15 +01:00
Miroslav Stampar
83add9fd9b Minor patch 2015-01-07 10:46:06 +01:00
Miroslav Stampar
c4c4ac13fe Better patch for an Issue #1095 2015-01-07 09:21:02 +01:00
Miroslav Stampar
2030311d50 Patch for an Issue #1095 2015-01-07 02:04:10 +01:00
Miroslav Stampar
5920d16cf6 Adding a warning message for deprecated switch '--check-waf+ 2015-01-06 15:25:24 +01:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
3d5ca1b25a Minor update 2015-01-06 14:36:51 +01:00
Miroslav Stampar
6fc41ca940 Heuristically checking for WAF/IDS/IPS by default 2015-01-06 14:01:47 +01:00
Miroslav Stampar
c474c16b4a Removing ML email address 2015-01-06 12:30:49 +01:00
Miroslav Stampar
2985050fce Minor patch 2014-12-30 16:07:08 +00:00
Miroslav Stampar
d3c6cf1932 Patch for an Issue #1079 2014-12-30 14:14:47 +00:00
Miroslav Stampar
e383df8e29 Patch for an Issue #1073 2014-12-30 09:16:50 +00:00
Miroslav Stampar
02d20ccd13 Patch for an Issue #1078 2014-12-30 08:48:50 +00:00
Miroslav Stampar
45886cb9ca Patch for an Issue #1060 2014-12-23 22:04:23 +01:00
Miroslav Stampar
59a3407322 Patch for an Issue #1057 2014-12-23 08:36:00 +01:00
Miroslav Stampar
f93bca4564 Patch for an Issue #1058 2014-12-23 08:23:40 +01:00
Miroslav Stampar
fc7dd2a9b9 Patch for an Issue #1056 2014-12-22 06:02:39 +01:00
Miroslav Stampar
76f79ece13 run like --threads=20! will skip the maximum number of threads check 2014-12-21 05:15:42 +01:00
Miroslav Stampar
4f122ee008 Bug fix regarding a problem reported by user @blink2014 2014-12-20 00:23:31 +01:00
Miroslav Stampar
6cb76bcf85 Adding one new smart ass warning message 2014-12-19 15:48:54 +01:00
Miroslav Stampar
1ea2f5bfe2 Patch for an Issue #1052 2014-12-19 09:37:06 +01:00
Miroslav Stampar
cf3b02ee04 Proper fix for #1053 2014-12-19 09:26:01 +01:00
Miroslav Stampar
9d06b71862 Minor revert 2014-12-15 13:51:00 +01:00
Miroslav Stampar
e6de92ce88 Minor patch (unicode related) 2014-12-15 13:36:08 +01:00
Miroslav Stampar
35c8e016a8 Minor patch 2014-12-15 13:26:15 +01:00
Miroslav Stampar
4c6331daa6 Patch for an Issue #1028 2014-12-15 09:30:54 +01:00
Miroslav Stampar
e794c7f246 Patch for an Issue #1027 2014-12-15 09:13:13 +01:00
Miroslav Stampar
ecbba4ea20 Patch for an Issue #1030 2014-12-15 07:18:47 +01:00
Miroslav Stampar
e17e703e3e Minor bug fix (for Windows nagging message about Unicode data) 2014-12-14 00:17:43 +01:00
Miroslav Stampar
fb645b90f7 Minor update 2014-12-14 00:14:18 +01:00
Miroslav Stampar
25196b4572 Patch for an Issue #1021 2014-12-13 13:48:50 +01:00
Miroslav Stampar
84ba5f35ac Minor update for #1022 2014-12-13 13:41:39 +01:00
Miroslav Stampar
fe58aff26c Patch for an Issue #1019 2014-12-13 00:08:18 +01:00
Miroslav Stampar
23d33bb5b5 Patch for an Issue #1017 2014-12-12 09:58:42 +01:00
Miroslav Stampar
bb4ac41ff7 Patch for an Issue #1016 2014-12-12 04:40:44 +01:00
Miroslav Stampar
785e3d0317 Patch for an Issue #1014 2014-12-11 13:29:42 +01:00
Miroslav Stampar
2bcaae3a0b Another just in case update for an Issue #1011 2014-12-11 00:14:35 +01:00
Miroslav Stampar
763f720675 Patch for an Issue #1011 2014-12-11 00:11:52 +01:00
Miroslav Stampar
10ed97b0df Patch for an Issue #1010 2014-12-10 13:50:29 +01:00
Miroslav Stampar
ee20d98bca Minor fix for --forms 2014-12-10 12:13:37 +01:00
Miroslav Stampar
0d931a7b09 Fix for an Issue #999 2014-12-07 15:55:22 +01:00
Miroslav Stampar
7673f3e045 Minor style update 2014-12-05 11:15:33 +01:00
Miroslav Stampar
9b32e69f26 Adding new WAF script (UrlScan) 2014-12-04 10:06:15 +01:00
Miroslav Stampar
a3507d65fd Minor update 2014-12-04 09:34:37 +01:00
Miroslav Stampar
d3060f20d7 Minor improvement 2014-12-03 13:22:55 +01:00
Miroslav Stampar
aa95a05477 Minor update 2014-12-03 13:14:06 +01:00
Miroslav Stampar
17db587e2c Adding some friendly warning messages (regarding blocking) 2014-12-03 10:06:21 +01:00
Miroslav Stampar
e4b00bdbcb Patch for an Issue #983 2014-12-02 10:57:50 +01:00
Miroslav Stampar
f71a65a9a0 Patch for an Issue #979 2014-12-01 00:29:25 +01:00
Miroslav Stampar
56b6bf72f4 Patch for an Issue #978 2014-11-29 23:33:24 +01:00
Miroslav Stampar
605b126758 Patch for an Issue #976 2014-11-26 13:38:21 +01:00
Miroslav Stampar
8cd40f8917 Patch for an Issue #971 2014-11-25 13:54:26 +01:00
Miroslav Stampar
816348f1ab Patch for an Issue #963 2014-11-24 11:54:04 +01:00
Miroslav Stampar
2f744139fc Patch for an Issue #968 2014-11-24 10:13:56 +01:00
Miroslav Stampar
2284535267 Update for an Issue #963 2014-11-24 05:44:38 +01:00
Miroslav Stampar
69cdad4148 Patch for an Issue #958 2014-11-23 15:55:12 +01:00
Miroslav Stampar
28d6af6237 Minor update 2014-11-23 15:42:41 +01:00
Miroslav Stampar
f853f8973f Minor refactorign 2014-11-23 15:41:24 +01:00
Miroslav Stampar
080a873922 Patch for an Issue #964 2014-11-23 15:39:08 +01:00
Miroslav Stampar
f0802c6fb9 Update for an Issue #431 2014-11-21 11:20:54 +01:00
Miroslav Stampar
1fc4d0e3c4 Update for an Issue #431 2014-11-21 10:31:55 +01:00
Miroslav Stampar
cf2d5fd453 Update for an Issue #431 2014-11-21 09:41:49 +01:00
Miroslav Stampar
f8a8cbf9a6 Storing crawling results to a temporary file (for eventual further processing) 2014-11-20 16:29:17 +01:00
Miroslav Stampar
d3551631c4 Minor update 2014-11-20 16:10:25 +01:00
Miroslav Stampar
484fa61afc Patch for an Issue #954 2014-11-20 15:08:08 +01:00
Miroslav Stampar
ee8b3ee664 Patch for an Issue #953 2014-11-20 09:49:04 +01:00
Miroslav Stampar
05d5342f20 Update and patch for an Issue #2 2014-11-17 11:50:05 +01:00
Miroslav Stampar
733e06e31f Patch for an Issue #944 2014-11-16 14:25:44 +01:00
Miroslav Stampar
bb56eb583a Minor update 2014-11-16 13:34:35 +01:00
Miroslav Stampar
74eacf95fd Patch for an Issue #929 2014-11-13 10:52:33 +01:00
Miroslav Stampar
671facc6d9 Patch for an Issue #930 2014-11-13 10:28:38 +01:00
Miroslav Stampar
d0afa7f325 Bug fix for not displaying proper version in unhandled exception win cases 2014-11-12 11:53:42 +01:00
Miroslav Stampar
06e6d2aaeb Patch for an Issue #921 2014-11-11 11:38:14 +01:00
Miroslav Stampar
dfa8e0456d Potential patch for an Issue #914 2014-11-10 14:51:31 +01:00
Miroslav Stampar
cdbfb17408 Patch for an Issue #919 2014-11-10 13:41:53 +01:00
Miroslav Stampar
06bb957d13 Preventing a run of duplicate issues 2014-11-09 22:07:11 +01:00
Miroslav Stampar
de1cf26fe6 Minor patch 2014-11-09 18:58:25 +01:00
Miroslav Stampar
80af465ce3 Fix for an Issue #911 2014-11-09 18:40:49 +01:00
Miroslav Stampar
9fe6ab749b Bug fix for occureance of ANSI color codes in multiprocessing hash cracking on Windows OS 2014-11-09 15:08:44 +01:00
Miroslav Stampar
62a73bf30b Minor fix for automatic removal of temporary files 2014-11-09 14:52:50 +01:00
Miroslav Stampar
5e9c73f9c1 Just in case update (for unhandled exceptions happening too soon) 2014-11-08 21:44:46 +01:00
Miroslav Stampar
3b06665c9f Patch for an Issue #910 2014-11-08 21:22:03 +01:00
Miroslav Stampar
8fdf9ff746 Probable fix for an Issue #908 2014-11-07 15:47:42 +01:00
Miroslav Stampar
31f8d6e612 Fix for an Issue #904 2014-11-06 11:19:05 +01:00
Miroslav Stampar
a91fb4149b Minor update (using lower frequency alphabet for kb.chars) 2014-11-05 10:56:30 +01:00
Miroslav Stampar
97cc679f9c Fix for an Issue #900 2014-11-04 15:15:58 +01:00
Miroslav Stampar
4d5b48b2ae Patch for an Issue #896 2014-11-04 00:34:35 +01:00
Miroslav Stampar
6f45596f28 Minor style update 2014-11-03 23:48:44 +01:00
Miroslav Stampar
05b446b95d Patch for an Issue #893 2014-11-02 23:38:52 +01:00
Miroslav Stampar
9652e41226 Path for an Issue #891 2014-11-02 23:32:19 +01:00
Miroslav Stampar
1ef2c4006d Patch for an Issue #892 2014-11-02 11:01:46 +01:00
Miroslav Stampar
a4d058d70c More anonymization of unhanded exception data 2014-11-02 10:55:38 +01:00
Miroslav Stampar
4e0e64d06b Bug fix for DNS Exfiltration in PgSQL case ('invalid URI') 2014-10-31 20:28:37 +01:00
Miroslav Stampar
38978c3e54 Fix for an Issue #884 2014-10-31 16:45:26 +01:00
Miroslav Stampar
455ea9922c Minor update 2014-10-28 15:26:28 +01:00
Miroslav Stampar
258a700b2e More anonymization of unhandled exception messages 2014-10-28 15:14:41 +01:00
Miroslav Stampar
725c3a6a95 Minor update 2014-10-28 14:08:06 +01:00
Miroslav Stampar
3b3b8d4ef2 Potential bug fix (escaping formatted regular expressions) 2014-10-28 14:02:55 +01:00
Miroslav Stampar
e08c8f272a Fix for an Issue #875 2014-10-28 13:10:07 +01:00
Miroslav Stampar
19aed90ae5 Implementation for an Issue #874 2014-10-27 00:37:46 +01:00
Miroslav Stampar
6448d3caf4 Implementing support for csrfcookie (Issue #2) 2014-10-24 09:37:51 +02:00
Miroslav Stampar
abbd352392 Support for X-CSRF-TOKEN header (Issue #2) 2014-10-23 14:33:22 +02:00
Miroslav Stampar
95f2e61ca1 Minor fix related to the Issue #2 2014-10-23 14:23:01 +02:00
Miroslav Stampar
01f4b76817 Minor update for the Issue #2 2014-10-23 14:03:44 +02:00
Miroslav Stampar
7143e61619 Minor update 2014-10-23 14:00:53 +02:00
Miroslav Stampar
32bcca0aae Basic options check for Issue #2 2014-10-23 11:54:29 +02:00
Miroslav Stampar
7fc9e82d28 Minor style update 2014-10-23 11:44:38 +02:00
Miroslav Stampar
780dbd1c64 Update for an Issue #2 2014-10-23 11:42:30 +02:00
Miroslav Stampar
fc1b05bec9 Implementation for an Issue #2 2014-10-23 11:23:53 +02:00
Miroslav Stampar
73a3db67eb Fix for an Issue #862 2014-10-22 14:54:49 +02:00
Miroslav Stampar
60f2764c3d Minor style update 2014-10-22 13:53:18 +02:00
Miroslav Stampar
34aed7cde0 Bug fix (now it's possible to use multiple parsed requests without mixing associated headers) 2014-10-22 13:49:29 +02:00
Miroslav Stampar
e239fefe67 Minor patch for JSON requests 2014-10-22 10:38:49 +02:00
Miroslav Stampar
a2f578dbf4 Patch to also include JSON array elements into automatic recognition 2014-10-22 10:28:10 +02:00
Miroslav Stampar
4e3a4eb0ff Added a prompt for choosing a number of threads when in crawling mode 2014-10-10 12:09:08 +02:00
Miroslav Stampar
d4610890ca Minor patch (flushing log file output at the end of program run) 2014-10-10 10:07:17 +02:00
Miroslav Stampar
7811a958ae Another minor patch for Issue #846 2014-10-09 15:42:44 +02:00
Miroslav Stampar
f94ac8c69d Second patch related to the Issue #846 2014-10-09 15:21:26 +02:00
Miroslav Stampar
c823c58d47 One patch related to the Issue #846 2014-10-09 14:39:54 +02:00
Miroslav Stampar
70215a95a1 Patch for an Issue #847 2014-10-07 13:02:47 +02:00
Miroslav Stampar
2ab4558859 Potential fix for an Issue #846 2014-10-07 11:49:53 +02:00
Miroslav Stampar
ddfec1c668 Initial patch for an Issue #846 2014-10-07 11:34:47 +02:00
Miroslav Stampar
2de12ef4a2 Potential fix for an Issue #843 2014-10-05 00:20:42 +02:00
Miroslav Stampar
fdef53aa67 Minor update of unhandled exception message 2014-10-01 14:23:45 +02:00
Miroslav Stampar
a2b059123a Minor update of format exception strings 2014-10-01 14:12:30 +02:00
Miroslav Stampar
8c9014c39f Adding a dummy (auxiliary) XSS check 2014-10-01 13:31:48 +02:00
Miroslav Stampar
4d23744430 Bug fix (there was a problem using --tamper=varnish with --identify-waf because of same named modules) 2014-09-30 09:58:02 +02:00
Miroslav Stampar
ff42720c62 Minor fix 2014-09-29 14:07:59 +02:00
Miroslav Stampar
00fc842c6f Update agent.py 2014-09-20 10:20:57 +02:00
Miroslav Stampar
69701ba08c Minor refactoring 2014-09-17 18:29:01 +02:00
Miroslav Stampar
09064a4a24 Minor just in case patch 2014-09-17 18:25:24 +02:00
Miroslav Stampar
bbc6dd9ac8 Minor fix 2014-09-17 10:28:18 +02:00
Miroslav Stampar
5b0732e9f9 Minor update for Issue #832 2014-09-16 15:17:50 +02:00
Miroslav Stampar
7278af01ee Implementation for an Issue #832 2014-09-16 14:12:43 +02:00
Miroslav Stampar
57eb19377e Minor code refactoring 2014-09-16 09:07:31 +02:00
Miroslav Stampar
45f5548113 Minor update regarding shell history file 2014-09-16 08:58:25 +02:00
Miroslav Stampar
637d3cbaf7 Fix for cases when parameter name is urlencoded 2014-09-12 13:29:30 +02:00
Miroslav Stampar
53d0d5bf8b Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved) 2014-09-08 14:33:13 +02:00
Miroslav Stampar
055b759145 Minor update 2014-09-03 23:13:57 +02:00
Miroslav Stampar
112a0cb1ae Patch for output directory (using unicode for international support) 2014-09-03 21:49:30 +02:00
Miroslav Stampar
7e40890f32 Patch for an Issue #815 2014-09-01 16:16:12 +02:00
Miroslav Stampar
25c6fca20e Minor fix 2014-09-01 15:48:00 +02:00
Miroslav Stampar
d5d01e91ad Warning message 2014-08-30 22:15:14 +02:00
Miroslav Stampar
177fc0376d Minor fix for HSQLDB 2014-08-30 21:37:38 +02:00
Miroslav Stampar
1a9a331422 Bug fix (proper extending of tests when dbms is known) 2014-08-30 21:34:23 +02:00
Miroslav Stampar
e501b2a80b Minor patch 2014-08-30 20:58:59 +02:00
Miroslav Stampar
03c8e7b7a2 Patch for an Issue #810 2014-08-30 17:13:02 +02:00
Miroslav Stampar
7595f2b73e Minor fix 2014-08-28 00:13:27 +02:00
Miroslav Stampar
fce671c899 Patch for an Issue #801 2014-08-28 00:00:16 +02:00
Miroslav Stampar
fd36250026 Proper fix for an Issue #757 2014-08-26 23:36:04 +02:00
Miroslav Stampar
2a268199d4 Patch for an Issue #798 2014-08-26 23:11:44 +02:00
Miroslav Stampar
decd092b2a Minor patch 2014-08-26 22:40:50 +02:00
Miroslav Stampar
2be0ebd883 Minor fix (e.g. Oracle identifier names can contain character $) 2014-08-26 22:40:15 +02:00
Miroslav Stampar
dcaad75a1e Fix for an Issue #794 2014-08-22 15:08:05 +02:00
Miroslav Stampar
e0a8b89069 Minor patch when trailing space is used with comma to split option items (e.g. '-C id, name') 2014-08-22 14:19:53 +02:00
Miroslav Stampar
e3a0f25db0 Patch for an Issue #795 2014-08-22 14:11:23 +02:00
Miroslav Stampar
2ce3ccac46 Patch for an Issue #797 (switching to greedy because of performance; it shouldn't be a problem because it was a single line replacement in the first place) 2014-08-22 13:06:53 +02:00
Miroslav Stampar
77513e1de9 Minor style update 2014-08-21 01:19:10 +02:00
Miroslav Stampar
c5b71cff10 Some filtering 2014-08-21 01:12:44 +02:00
Miroslav Stampar
3cfdb5ff0f Removing / from auto directories (it doesn't make sense to auto-test for uploading to /) 2014-08-21 00:43:37 +02:00
Miroslav Stampar
0296081692 Minor refactoring 2014-08-20 23:42:40 +02:00
Miroslav Stampar
f51ea20bbd Minor style update 2014-08-20 22:50:00 +02:00
Miroslav Stampar
5d10bae31f Removing trailing blank lines 2014-08-20 21:07:19 +02:00
Miroslav Stampar
e0216771ed Minor update 2014-08-20 15:23:07 +02:00
Miroslav Stampar
c97782cfed Minor update of banner 2014-08-20 15:10:21 +02:00
Miroslav Stampar
07f881e711 Minor fix 2014-08-20 14:02:04 +02:00
Miroslav Stampar
dfa426fbb5 Minor style update 2014-08-20 13:32:32 +02:00
Miroslav Stampar
5a05271097 Minor fix 2014-08-19 22:34:07 +02:00
Miroslav Stampar
b0465a6a76 Adding a revision scheme for nongit checkouts 2014-08-19 22:32:16 +02:00
Miroslav Stampar
cd92de1702 Adding colorful banner 2014-08-19 22:19:22 +02:00
Miroslav Stampar
7d578d395f Minor update for Apache on Windows 2014-08-16 16:01:18 +02:00
Miroslav Stampar
a8b4b96cd9 Extending list for brute forcing doc root 2014-08-16 15:16:03 +02:00
Miroslav Stampar
0809a61fc3 Bug fix (whole page output as a result of partial union runs) 2014-08-13 15:18:11 +02:00
Miroslav Stampar
0a74ae736f Probable fix for an Issue #788 2014-08-13 14:01:57 +02:00
Miroslav Stampar
658110e644 Minor fix 2014-08-11 12:46:37 +02:00
hydhyd
e7ffe92d8c Update settings.py
Modified BRUTE_DOC_PREFIXES to include "/srv/www" used by default in OpenSUSE.
2014-08-06 12:59:18 +04:00
Miroslav Stampar
8599005115 Implementation for an Issue #771 2014-08-01 14:19:32 +02:00
Miroslav Stampar
208d51e0e9 Revert of last trigger happy commit 2014-08-01 13:57:43 +02:00
Miroslav Stampar
d300f99b0b Removing a redundant code (similar check is being done upper in code) 2014-08-01 13:57:07 +02:00
Miroslav Stampar
8bc6154f06 Removing a redundant code (similar check is being done upper in code) 2014-08-01 13:53:22 +02:00
Miroslav Stampar
20d75cc52e Patch for an Issue #767 2014-07-29 13:32:26 +02:00
Miroslav Stampar
9fff88d6e4 Minor update 2014-07-19 23:23:55 +02:00
Miroslav Stampar
3cfa63646b Minor bug fix 2014-07-19 23:17:23 +02:00
Miroslav Stampar
79a66ef22c Minor patch 2014-07-06 09:09:44 +02:00
Miroslav Stampar
e6d0d5a1c7 Implementation for an Issue #674 2014-07-02 22:27:51 +02:00
Miroslav Stampar
1eecabaea8 Patch for an Issue #746 2014-07-02 10:11:31 +02:00
Bernardo Damele
018748f52e increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections 2014-07-01 00:34:09 +01:00
Conny Brunnkvist
f0e23c9441 Use the selected random User-Agent 2014-07-01 00:27:14 +07:00
Miroslav Stampar
5b5a765f96 Patch for an Issue #734 2014-06-23 12:24:08 +02:00
Miroslav Stampar
a47072eced Patch for an Issue #732 2014-06-22 00:09:08 +02:00
Miroslav Stampar
5e9334ab79 Implementation for an Issue #715 2014-06-08 23:55:15 +02:00
Miroslav Stampar
54be398e83 Patch for an Issue #711 2014-06-04 16:35:07 +02:00
Miroslav Stampar
27ebc02535 Minor fix (user reported problem via email) 2014-05-29 09:33:14 +02:00
Miroslav Stampar
0f10cdfa4c Minor update 2014-05-29 09:24:09 +02:00
Miroslav Stampar
680ab10ca6 Patch for an Issue #703 2014-05-27 21:41:07 +02:00
Miroslav Stampar
24954776a5 Patch for an Issue #697 2014-05-20 22:00:26 +02:00
Miroslav Stampar
babe49f086 Minor update (added new warning message) 2014-05-20 17:14:40 +02:00
Miroslav Stampar
4e8b41b869 Patch for an Issue #688 2014-05-13 00:50:36 +02:00
Miroslav Stampar
3a2916724c Minor style update 2014-05-11 17:12:15 +02:00
Miroslav Stampar
a72d73804e Revert of 9255174890 (bug was introduced with it) 2014-05-10 01:31:44 +02:00
Miroslav Stampar
8f0807d7f9 Another fix related to the last commit 2014-05-09 22:55:16 +02:00
Miroslav Stampar
5eae002084 Minor fix 2014-05-09 22:45:43 +02:00
Miroslav Stampar
9255174890 Minor fix 2014-05-09 22:39:56 +02:00
Miroslav Stampar
bc4369be06 Fix for an Issue #687 2014-05-07 09:16:17 +02:00
Miroslav Stampar
2a55f75f86 Using a more generic XML recognition regex 2014-04-30 21:25:45 +02:00
Miroslav Stampar
2e96e3c924 Adding a hidden switch --ignore-401 2014-04-29 23:26:45 +02:00
Miroslav Stampar
eb8e31c23f Adding a failsafe output directory 2014-04-27 22:40:41 +02:00
Miroslav Stampar
b54651b5a2 Minor patch (while saving configuration file) 2014-04-25 09:32:57 +02:00
Miroslav Stampar
ae8b1fe89c Implementation for an Issue #678 2014-04-25 09:17:10 +02:00
Miroslav Stampar
ef5ce7e66c Fix for an Issue #670 2014-04-12 17:22:47 +02:00
Miroslav Stampar
fd884ec67b Adding another comment 2014-04-12 17:22:47 +02:00
Miroslav Stampar
b5cca742e4 Adding a comment 2014-04-12 17:22:47 +02:00
Miroslav Stampar
7f371c499d Commit related to the last one 2014-04-10 21:29:59 +02:00
Miroslav Stampar
096ce7881e Minor beauty patch 2014-04-10 21:18:24 +02:00
Miroslav Stampar
0d1690de61 Minor fix 2014-04-10 21:18:24 +02:00
Miroslav Stampar
1e8349eeaa Minor fix 2014-04-10 21:18:24 +02:00
Miroslav Stampar
bcf754fb17 Consistency patch (to be the same as in help listing) 2014-04-07 20:10:21 +02:00
Miroslav Stampar
75f447ccf8 Renaming lib/core/purge to lib/utils/purge 2014-04-07 20:04:07 +02:00
Miroslav Stampar
9c7fbd1a90 Minor refactoring 2014-04-06 18:19:54 +02:00
Miroslav Stampar
bf18b025d6 Minor removal of redundant code 2014-04-06 18:09:54 +02:00
Miroslav Stampar
e931344617 More elegant implementation for --random-agent 2014-04-06 18:05:43 +02:00
Miroslav Stampar
1c92d8d51f More generic implementation for --proxy-file (accepting public lists format) 2014-04-06 17:23:13 +02:00
Miroslav Stampar
bbf08a825e Minor language fix 2014-04-06 17:12:43 +02:00
Miroslav Stampar
053b0fd0e9 Renaming conf.oDir to conf.outputDir 2014-04-06 16:54:46 +02:00
Miroslav Stampar
7cc4159316 Renaming conf.cDel to conf.cookieDel 2014-04-06 16:50:58 +02:00
Miroslav Stampar
0ae8ac707e Renaming conf.pDel to conf.paramDel 2014-04-06 16:48:46 +02:00
Miroslav Stampar
1b3a98b8ef Trivial update (for consistency sake) 2014-04-06 13:42:15 +02:00
Miroslav Stampar
15f92c4197 Bug fix (port was not being used properly with Burp exported history) 2014-04-03 09:46:37 +02:00
Miroslav Stampar
1632bec10b Another fix related to the last commit 2014-04-03 09:05:12 +02:00
Miroslav Stampar
3e024ac8e6 Minor update (consistency patch) 2014-03-30 16:51:31 +02:00
Miroslav Stampar
76b9fad24a Fix for an Issue #656 2014-03-30 16:21:18 +02:00
Miroslav Stampar
3710a7051b Fix for an Issue #653 2014-03-25 21:26:22 +01:00
Miroslav Stampar
930c3e3c5a Minor update (added check for --limit and --risk) 2014-03-25 09:28:12 +01:00
Miroslav Stampar
f6e1d9e026 Fix for an Issue #650 2014-03-24 10:46:23 +01:00
Miroslav Stampar
106102bd3c Fix for an Issue #648 2014-03-21 20:28:29 +01:00
Miroslav Stampar
39ab3b9149 Minor fix for meta refresh 2014-03-20 13:13:47 +01:00
Miroslav Stampar
d7f0da5599 Minor patch for an Issue #646 2014-03-20 13:08:28 +01:00
Miroslav Stampar
97fe5e52c2 Fix for an Issue #644 2014-03-18 16:41:05 +01:00
Miroslav Stampar
97f603af4a Fix for an Issue #641 2014-03-17 20:20:25 +01:00
Miroslav Stampar
0622cdf3d8 Bug fix (credentials used in combination with request file) 2014-03-15 09:29:21 +01:00
Miroslav Stampar
3b47418a1d Fix for an Issue #640 2014-03-14 22:20:20 +01:00
Miroslav Stampar
56d76e6bfd Updating list of extensions to exclude from crawling 2014-03-14 21:34:16 +01:00
Miroslav Stampar
17742df0fa Update for an Issue #636 (to prevent eventual future reports with lack of stack trace) 2014-03-11 21:18:31 +01:00
Miroslav Stampar
490d51258e Raising number of minimum time responses (15 is statistically too low) 2014-03-03 20:49:58 +01:00
Miroslav Stampar
291a0d772a Update for an Issue #615 2014-02-27 14:23:14 +01:00
Miroslav Stampar
6369a38ebc Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00
Miroslav Stampar
465f968be6 Minor cosmetic update 2014-02-26 08:41:23 +01:00
Miroslav Stampar
d05bfdd7dd Implementing option '--where' (Issue #605) 2014-02-11 16:20:45 +01:00
Miroslav Stampar
8521265526 Minor fix 2014-02-07 14:40:43 +01:00
Miroslav Stampar
534c2ee0e6 Minor update 2014-02-01 22:12:00 +01:00
Miroslav Stampar
f97fcb7bb3 Adding a switch --invalid-string 2014-01-23 21:56:06 +01:00
Miroslav Stampar
f88f6dcd7e Changing --invalid-bignum from float producing to int producing 2014-01-23 09:07:25 +01:00
Bernardo Damele
bc29bf6481 removed comments 2014-01-13 23:57:49 +00:00
Bernardo Damele
3c79d66569 fixed stderr 2014-01-13 17:34:38 +00:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Bernardo Damele
dfa9076a70 fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d) 2014-01-13 17:12:37 +00:00
Miroslav Stampar
6863436d4e Implementation for an Issue #596 2014-01-13 10:05:56 +01:00
Bernardo Damele
d9e00adfae minor fix 2014-01-10 17:23:16 +00:00
Miroslav Stampar
192a911b76 Patch for an Issue #28 2013-12-29 16:16:50 +01:00
Miroslav Stampar
41d6c1af82 Patch for an Issue #589 2013-12-28 13:47:40 +01:00
Miroslav Stampar
6c80f2903b Patch for an Issue #564 2013-12-27 11:02:59 +01:00
Miroslav Stampar
cadbddd607 Adding a boundary proposed in Issue #564 2013-12-27 10:46:18 +01:00
Miroslav Stampar
7718edac9b Fix for an Issue #570 2013-12-27 09:40:33 +01:00
Miroslav Stampar
02de2aee6d Patch for an Issue #582 2013-12-26 22:27:04 +01:00
Miroslav Stampar
2c2667b2be Minor patch for an Issue #575 2013-12-18 00:56:24 +01:00
Miroslav Stampar
f18abb1e9c Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets) 2013-12-17 09:30:51 +01:00
Miroslav Stampar
5b2ded0b18 Fix for an Issue #577 2013-12-13 21:00:26 +01:00
Miroslav Stampar
437278e32d Fix for an Issue #580 2013-12-13 19:48:05 +01:00
Miroslav Stampar
bf3fbb0ae0 Ignore Google analytics cookies 2013-12-04 09:56:37 +01:00
Miroslav Stampar
dd2ddec79a Minor fix (better extraction of original value in case of replacement and custom POST injection mark) 2013-12-03 13:37:04 +01:00
Miroslav Stampar
7054586e8a Update for an Issue #565 (more work TBD - DuckDuckGo has some kind of IP blocking mechanism) 2013-11-25 20:57:07 +01:00
Miroslav Stampar
cda27ec20b Patch for an Issue #563 2013-11-24 15:01:51 +01:00
Bernardo Damele
c37ad88283 minor bug fix 2013-11-13 14:34:19 +00:00
Miroslav Stampar
3c67ba08c5 Minor fix 2013-11-12 14:53:05 +01:00
Miroslav Stampar
d84ddf23bd Replacing os.sep constructs with os.path.join 2013-11-12 14:08:41 +01:00
Miroslav Stampar
2f1607b4d5 Minor fix for dumping non-alphanumeric database names 2013-11-12 13:13:47 +01:00
Miroslav Stampar
0a4512e9ae Implementation for an Issue #557 2013-11-08 09:23:38 +01:00
Miroslav Stampar
48bd2e75e9 Minor patch 2013-10-28 13:59:38 +01:00
Miroslav Stampar
7ed05f01b3 Minor update 2013-10-27 00:24:57 +02:00
Miroslav Stampar
fabbe63f00 Proper fix for re.sub() call with repl value containing backslash 2013-10-23 18:07:38 +02:00
Miroslav Stampar
28529a92a7 Minor fix (for parameters with \ in value) 2013-10-23 10:49:50 +02:00
Miroslav Stampar
9f21406a4b Using cPickle in BigArray (faster and potentially less memory used) 2013-10-21 20:48:00 +02:00
Miroslav Stampar
e197720def Fix for an Issue #546 2013-10-19 20:54:52 +02:00
Miroslav Stampar
777d999e71 Minor update 2013-10-18 15:39:46 +02:00
Miroslav Stampar
6ff2b931ff Another patch for an Issue #545 2013-10-17 23:42:51 +02:00
Miroslav Stampar
334c698d53 Adding change verbosity level in testing phase when Ctrl+C pressed 2013-10-17 16:54:53 +02:00
Miroslav Stampar
304c9822bd Patch for an Issue #545 2013-10-17 16:38:07 +02:00
Miroslav Stampar
5b8d631dc0 Minor update 2013-10-16 11:48:00 +02:00
Miroslav Stampar
04dbee3bec Update for a more generic JSON recognition regex 2013-10-16 11:39:04 +02:00
Miroslav Stampar
b8d49c2ea2 Minor usability patch 2013-10-12 20:41:25 +02:00
Miroslav Stampar
98d27ef200 Bug fix (missing permissions when creating dump directory) 2013-10-11 21:17:12 +02:00
Miroslav Stampar
dd87233fe4 Minor patch (to accept * inside urls in request files too) 2013-10-10 15:04:48 +02:00
Miroslav Stampar
a944028114 Revert of last commit 2013-10-02 22:14:50 +02:00
Miroslav Stampar
9ceb518a50 Minor patch 2013-10-02 22:03:53 +02:00
Miroslav Stampar
45c88b36c6 Fix for an Issue #532 2013-09-30 09:33:39 +02:00
Miroslav Stampar
2fbd7e8929 Minor fix 2013-09-24 21:56:40 +02:00
Miroslav Stampar
df9b1d72de Minor update 2013-09-24 21:44:59 +02:00
Miroslav Stampar
f11e15a180 Minor update 2013-09-11 23:22:10 +02:00
Miroslav Stampar
a3defc175d Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00
Miroslav Stampar
4cf49bc0cc Minor fix for an Issue #517 2013-09-05 09:22:11 +02:00
Miroslav Stampar
b17bb07301 Minor regex update 2013-09-04 19:28:59 +02:00
Miroslav Stampar
bf57f636a3 Fix for an Issue #517 2013-09-04 19:22:24 +02:00
Miroslav Stampar
9e975210ac Implementation for an Issue #515 2013-08-30 10:22:43 +02:00
Miroslav Stampar
e0bfb0503c Minor language update 2013-08-30 09:55:57 +02:00
Miroslav Stampar
28eca2116f Fix for an Issue #513 2013-08-27 13:55:38 +02:00
Miroslav Stampar
7cb3ea20dd Minor patch for a problem noticed yesterday too (in some cases if Ctrl-C is pressed sent is most probably a None value) 2013-08-23 11:59:58 +02:00
Miroslav Stampar
bc19f40d09 Minor update 2013-08-22 10:44:21 +02:00
Miroslav Stampar
23f2c5f166 Finishing implementation for an Issue #58 2013-08-20 19:35:49 +02:00
Miroslav Stampar
6cc0cf3702 Minor comment update 2013-08-20 18:36:31 +02:00
Miroslav Stampar
1f2c8fbf59 Fix for an Issue #500 2013-08-13 20:40:36 +02:00
Miroslav Stampar
52a71546d0 Implementation for an Issue #507 2013-08-13 18:55:23 +02:00
bladeswords
6d756317c3 Remove debugging which prevents sqlmap from running smoothly 2013-08-13 13:58:45 +10:00
Miroslav Stampar
b2855e0281 Minor patch 2013-08-12 14:25:51 +02:00
Miroslav Stampar
a711c9ed36 Minor cleanup and initial work for #58 2013-08-09 14:13:48 +02:00
Miroslav Stampar
1088011bf0 Adding new binary file formats for excluding in crawling 2013-08-02 23:07:13 +02:00
Miroslav Stampar
953b5815d8 Implementation for an Issue #496 2013-07-31 21:15:03 +02:00
Miroslav Stampar
6b826ef64d Reintroducing option --cookie-del 2013-07-31 20:41:19 +02:00
Miroslav Stampar
eaacbe0b12 Minor language fix 2013-07-31 09:24:34 +02:00
Miroslav Stampar
4f58e0af0c Minor fix 2013-07-31 08:45:04 +02:00
Miroslav Stampar
a585aa4bff Adding support for ~ 2013-07-29 20:42:29 +02:00
Miroslav Stampar
de31688c4f Update for an Issue #481 2013-07-29 18:25:27 +02:00
stamparm
dbb0d7f700 Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used) 2013-07-19 13:24:35 +02:00
stamparm
28cd50b2f1 Patch for an Issue #490 2013-07-16 14:08:32 +02:00
stamparm
ac2d40e259 Revert of last commit (there is a chance that that big integer value is really valid :) 2013-07-15 13:34:38 +02:00
stamparm
a097ee1505 Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant) 2013-07-15 13:31:56 +02:00
stamparm
dc1623a40f Fix for a bug reported over ML (error: unbalanced parenthesis) 2013-07-11 10:20:58 +02:00
stamparm
01159575b2 Fix for an Issue #488 2013-07-11 10:11:43 +02:00
stamparm
aad102378a Fix for an Issue #487 2013-07-09 11:00:43 +02:00
stamparm
be5ce760b6 Fix for an Issue #485 (failing back to single-thread mode if over some bisection length) 2013-07-09 10:24:48 +02:00
stamparm
8d3435ab0b Removing reflective warning for parsing heuristic test 2013-07-08 11:48:33 +02:00
stamparm
db536427f0 Adding a question for storing hashes to a temporary file (after a mention of it on Twitter) 2013-07-04 15:34:00 +02:00
stamparm
f97b35dcc1 Patch for an Issue #475 2013-07-01 13:43:38 +02:00
stamparm
017ce22a2f Minor consistency patch (Issue #475) 2013-07-01 13:01:53 +02:00
stamparm
5ff09aff63 Some more adjustments (Issue #475) 2013-07-01 12:50:12 +02:00
stamparm
04046f38eb Minor update (Issue #475) 2013-07-01 12:26:57 +02:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651 Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
Meatballs
4595b2c287 decodeHexValue 2013-06-24 23:45:39 +01:00
Meatballs
09e1dc814d Fix concat 2013-06-24 23:20:34 +01:00
Meatballs
ed40a76c9d Fix dummy table 2013-06-24 23:18:47 +01:00
Meatballs
9212b05eeb Add call to execute statements 2013-06-24 15:01:44 +01:00
Meatballs
62000c6406 Remaining files 2013-06-24 14:42:58 +01:00
Meatballs
7b6cc3d183 Add hsql settings 2013-06-24 14:38:44 +01:00
Meatballs
20a5d9a16e Include HSQL dummy table 2013-06-24 14:37:42 +01:00
Miroslav Stampar
0355e29b7c Minor fix (NoneType has no attribute split) 2013-06-24 14:49:53 +02:00
Miroslav Stampar
fca6772df6 Implementation for an Issue #468 2013-06-22 00:13:46 +02:00
stamparm
a53823f9b7 Minor refactoring 2013-06-19 10:59:26 +02:00
stamparm
9a6f5a95f5 Minor patch for SQLAlchemy/MSSQL 2013-06-18 09:36:09 +02:00
Miroslav Stampar
63d0e9bb12 Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881) 2013-06-13 21:50:35 +02:00
Miroslav Stampar
cdb434805a Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases 2013-06-10 22:14:45 +02:00
Miroslav Stampar
3583f45ee7 Fix for an Issue #461 2013-06-10 11:44:56 +02:00
Miroslav Stampar
c1592e8508 Code refactoring (moving import ctypes to be used only when needed) 2013-06-04 22:23:44 +02:00
Miroslav Stampar
213d0ecfb9 Minor fix 2013-06-03 23:32:57 +02:00
Miroslav Stampar
351c70b390 Locale module screws string.letters, etc. in some cases (e.g. IDLE run) 2013-06-01 14:06:58 +02:00
Miroslav Stampar
b7989f93c5 Trivial update regarding last commit 2013-05-30 12:04:56 +02:00
Miroslav Stampar
ed8f16e754 Minor update on user's request 2013-05-30 12:01:13 +02:00
Miroslav Stampar
12870e6ff3 Minor fix 2013-05-30 11:42:27 +02:00
Miroslav Stampar
793a8ad349 Minor fix 2013-05-30 11:38:24 +02:00
stamparm
c3038fcb65 Minor cosmetic update 2013-05-29 15:46:59 +02:00
stamparm
dfd6ee20bb Patch for an Issue #454 2013-05-29 15:26:11 +02:00
stamparm
60df3e9d1e Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access) 2013-05-29 15:04:14 +02:00
stamparm
e28b056028 Dummy fix 2013-05-29 14:26:00 +02:00
Miroslav Stampar
f3f752d85c Patch for an Issue #452 2013-05-25 18:52:59 +02:00
Miroslav Stampar
a85a0e53de Fix for an Issue 'ValueError: Invalid IPv6 URL' 2013-05-25 18:00:21 +02:00
Miroslav Stampar
e7ddc2fcab Minor fix 2013-05-23 12:57:33 +04:00
Miroslav Stampar
eb8e12b7c2 Minor adjustment (for headers like 'name:http://asdas') 2013-05-23 11:29:43 +04:00
stamparm
1b3f1a4016 More appropriate naming (also, preventing ambiguities with --smart) 2013-05-22 23:21:43 +04:00
Miroslav Stampar
1a4ea186ca Consistency fix 2013-05-19 23:00:40 +02:00
Miroslav Stampar
ea5c742595 Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled) 2013-05-18 21:30:21 +02:00
Miroslav Stampar
b2b3b3b5a6 Minor bug fix (level names not properly used in non-logger output) 2013-05-18 16:44:21 +02:00
Miroslav Stampar
dcea745576 Minor update (not displaying safe enclosings in table dumps) 2013-05-18 16:13:34 +02:00
stamparm
76b4e1ccb9 Implementation for an Issue #450 2013-05-17 15:04:25 +02:00
stamparm
cb9ea67c8d Code refactoring (moving progress.py to lib/utils) 2013-05-13 14:48:39 +02:00
stamparm
936815128d Minor fix 2013-05-13 13:42:43 +02:00
Miroslav Stampar
034e123b0c Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent) 2013-05-12 16:24:13 +02:00
Miroslav Stampar
6676eaf88f Minor fix 2013-05-12 14:02:50 +02:00
Miroslav Stampar
f8cef1fc6f Minor fix for a test case 211 2013-05-09 21:20:17 +02:00
stamparm
3873805dab Partial implementation for an Issue #189 (error-based; still partial union left) 2013-05-09 16:23:57 +02:00
stamparm
9fe5a8832f Update for an Issue #189 (code refactoring of ProgressBar so it could be ready for usage in non-inference cases out of box) 2013-05-09 15:52:18 +02:00
stamparm
fc57b7565d Implementation for an Issue #432 2013-05-09 14:26:29 +02:00
stamparm
ebe8ee3500 Fix for crawler and redirection case 2013-04-30 18:08:26 +02:00
stamparm
d2a5548889 Some more reordering 2013-04-30 14:32:11 +02:00
stamparm
16866119b8 Another minor update 2013-04-30 14:11:56 +02:00
stamparm
08fbfda5d2 Minor update 2013-04-30 14:06:04 +02:00
stamparm
69e3a2cb9e Minor update 2013-04-30 14:06:04 +02:00
stamparm
03c4eb8338 Minor update 2013-04-30 14:06:04 +02:00
stamparm
46557198a5 Minor update of doc root names 2013-04-29 11:29:59 +02:00
stamparm
63d7707346 Adding support for appending to the existing table dump if --start/--stop is used 2013-04-24 16:08:40 +02:00
stamparm
8d382f00e8 Minor style update 2013-04-22 11:38:47 +02:00
Miroslav Stampar
a475116853 Minor check 2013-04-21 21:42:23 +02:00
stamparm
0d92145fc6 Minor bug fix 2013-04-19 15:40:25 +02:00
stamparm
0cb3ce5765 Bug fix (maybe it will have repercusions in future as this was a silent bug) 2013-04-19 10:10:06 +02:00
stamparm
b7d4afcc63 Moving '--pivot-column' to a General section (Issue #437) 2013-04-18 17:12:32 +02:00
stamparm
9d045e14e8 Implementation for an Issue #437 2013-04-18 17:06:45 +02:00
stamparm
2defc30dc6 From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML) 2013-04-17 11:12:15 +02:00
stamparm
feed2274c3 Patch for an Issue #435 2013-04-17 10:48:17 +02:00
stamparm
c73489aff3 Adding a couple of new option validation checks 2013-04-16 14:31:10 +02:00
stamparm
7204ec5616 Adding a basic validation check (-d with --url) 2013-04-16 14:23:27 +02:00
stamparm
1c47b33020 Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple) 2013-04-15 15:23:45 +02:00
stamparm
aed738d6e6 Update for an Issue #361 2013-04-15 14:20:21 +02:00
stamparm
a9a0d1a3f9 Minor update 2013-04-15 11:56:19 +02:00
stamparm
10fbeaed7b Code refactoring 2013-04-15 11:49:11 +02:00
stamparm
349f885f08 Minor patch 2013-04-15 11:41:53 +02:00
stamparm
3e65037a05 Introducing lib/utils/sqlalchemy.py (Issue #361) 2013-04-15 10:33:25 +02:00
Miroslav Stampar
b6fee638ef Neutralizing time of cookie expiration (in case of --load-cookies) 2013-04-14 01:13:08 +02:00
stamparm
7edd7ee2aa Trivial code change 2013-04-12 16:25:24 +02:00
Miroslav Stampar
0b449bb1d9 Fix for an Issue #433 2013-04-10 19:33:31 +02:00
stamparm
f67148a9a4 Update for an Issue #431 2013-04-10 16:43:57 +02:00
stamparm
8c9da95343 Style and consistency update (url -> URL) 2013-04-09 11:48:42 +02:00
stamparm
3948b527dd Update for an Issue #429 2013-04-09 11:36:33 +02:00
stamparm
cce541cc33 Patch for an Issue #429 2013-04-09 10:39:20 +02:00
Miroslav Stampar
7614c815ed Minor update/patch 2013-04-07 21:32:03 +02:00
Miroslav Stampar
50ac3aab7a Minor patch 2013-04-06 01:56:24 +02:00
stamparm
a75d3ed0b8 Minor style update 2013-04-06 01:56:23 +02:00
Miroslav Stampar
f387333415 Minor cosmetics 2013-04-02 17:34:56 +02:00
Miroslav Stampar
4b5335a323 Moving --force-ssl from [Request] to [General] options 2013-04-02 17:18:21 +02:00
Miroslav Stampar
76a0d20799 Minor patch 2013-04-01 22:18:41 +02:00
Miroslav Stampar
b67f342975 Minor patch 2013-04-01 17:32:16 +02:00
stamparm
a371f182ac Minor patch (previous combination is not working well with oriental characters - 0 length normalized unicode string is being returned) 2013-03-28 15:37:14 +01:00
stamparm
e1ffdde532 Little cleaning a mess with url encoding and post hint types 2013-03-27 13:39:27 +01:00
stamparm
0882fe0ce3 Minor update related to the last two 2013-03-26 16:04:56 +01:00
stamparm
eb1bfc20cb Update related to the last commit 2013-03-26 15:36:44 +01:00
stamparm
2fe6aea0eb Minor fix 2013-03-26 15:07:14 +01:00
stamparm
825aa4b8dd Minor language update 2013-03-26 14:27:51 +01:00
stamparm
473a39b820 Minor language fix 2013-03-26 14:11:17 +01:00
stamparm
ad039c335d Implementation for an Issue #423 2013-03-21 11:28:44 +01:00
stamparm
7447773237 Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
Miroslav Stampar
8acf033715 Code refactoring 2013-03-19 19:24:14 +01:00
stamparm
6969874c02 Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values) 2013-03-19 10:52:37 +01:00
stamparm
10e6c70c22 Trivial style update (undoing last dummy commit) 2013-03-19 10:43:29 +01:00
stamparm
70265fd3b5 Trivial style update 2013-03-19 10:43:03 +01:00
stamparm
5adac57ca9 Trivial style update 2013-03-19 10:42:50 +01:00
Miroslav Stampar
5df1f5528e More general update for an Issue #421 2013-03-15 22:49:09 +01:00
Miroslav Stampar
f0a419bdec Patch for an Issue #421 2013-03-15 22:08:15 +01:00
Miroslav Stampar
4cb378ce3e Another update for an Issue #352 and couple of fixes 2013-03-13 21:57:09 +01:00
Miroslav Stampar
b35122a42c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-03-13 19:52:17 +01:00
Miroslav Stampar
eb08c8d752 Another update for an Issue #352 2013-03-13 19:42:22 +01:00
Bernardo Damele
dea62189b2 fixes #420 2013-03-12 22:16:42 +00:00
Miroslav Stampar
2f43c3eb9b Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00
Miroslav Stampar
65306f1ac1 Update for an Issue #352 2013-03-12 20:10:32 +01:00
Miroslav Stampar
db0a1e58b9 Update for an Issue #352 2013-03-11 14:58:05 +01:00
Miroslav Stampar
d6fc10092f Minor refactoring 2013-03-11 13:31:50 +01:00
Miroslav Stampar
1e731f87a4 Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request) 2013-03-09 19:33:04 +01:00
Miroslav Stampar
8e6692d793 Minor fix (for JSON values with :) 2013-03-05 20:12:24 +01:00
Miroslav Stampar
9e49d8c68f Adding support for SHA2 hash functions 2013-03-05 11:04:46 +01:00
Miroslav Stampar
2ada9e9b84 Patch for an Issue Issue #416 2013-03-04 18:05:40 +01:00
Miroslav Stampar
084cfc797a Fix for an Issue #415 2013-03-02 09:55:12 +01:00
stamparm
55f33da85a Fix for invalid logical test cases 2013-03-01 12:04:49 +01:00
Miroslav Stampar
0e89cc62a2 Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections 2013-02-28 20:20:08 +01:00
stamparm
9ef79df23d Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched) 2013-02-28 13:51:08 +01:00
stamparm
be50192d8d Refactoring WAF scripts 2013-02-26 15:54:50 +01:00
stamparm
e5835dc74f Update for WAF scripts 2013-02-26 15:30:11 +01:00
stamparm
17fa0f568c Minor patch for an Issue #404 2013-02-26 12:55:09 +01:00
stamparm
ecbcd4afe6 Minor update 2013-02-26 12:55:09 +01:00
stamparm
e5e39bc682 Fix for an Issue #410 2013-02-25 11:07:30 +01:00
stamparm
6fbd902265 Minor refactoring (Issue #411) 2013-02-25 10:44:04 +01:00
stamparm
7127869ede Minor bug fix (live test specific verbosity should be valid only inside of it) 2013-02-22 17:26:48 +01:00
stamparm
ad471368f5 Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a 2013-02-22 11:42:09 +01:00
stamparm
42cbd94fa4 Better update regarding 6acb2480b8 2013-02-22 10:49:45 +01:00
stamparm
44a46d2b10 Fix for an Issue #409 2013-02-22 10:18:22 +01:00
Miroslav Stampar
6acb2480b8 Adding WAF script for SecureIIS 2013-02-21 21:34:26 +01:00
stamparm
08f0670aca Minor refactoring for an Issue #290 2013-02-21 14:39:22 +01:00
stamparm
8e49872d7c Finalizing implementation for an Issue #290 2013-02-21 14:33:12 +01:00
stamparm
6b2981ef4e Update for an Issue #290 (adding tamper-like scripts into (new) directory waf) 2013-02-21 11:14:57 +01:00
Miroslav Stampar
7f293afe74 Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b) 2013-02-18 15:18:53 +01:00
Miroslav Stampar
9b5f33560b Oracle is too specific (only column names can be enclosed) - removing it 2013-02-15 17:36:58 +01:00
Miroslav Stampar
bf82506c1b Oracle can't enclose table names with double quotations 2013-02-15 17:36:58 +01:00
Miroslav Stampar
1b3d749488 Proper fix related to the last commit/revert 2013-02-15 17:36:58 +01:00
Miroslav Stampar
5a793cbc7c Minor revert 2013-02-15 17:36:58 +01:00
Miroslav Stampar
799bd51c2e Minor fix when two readInput/dataToStdout are called one at a time 2013-02-15 17:36:58 +01:00
Miroslav Stampar
97c06854a4 Minor fixes 2013-02-15 17:36:58 +01:00
Miroslav Stampar
014e4e0055 Minor represenation fix 2013-02-15 14:48:24 +01:00
Miroslav Stampar
345d10a9e0 Consistency fix (everywhere else we show unsafe format of identificator names) 2013-02-15 14:05:14 +01:00
Bernardo Damele
b472d9809a another consistency fix to readInput() 2013-02-15 09:35:09 +00:00
Bernardo Damele
c3f1e196e1 added missing parameter 2013-02-15 00:43:46 +00:00
Bernardo Damele
4727589135 code consistency 2013-02-15 00:17:13 +00:00
Miroslav Stampar
515be4ee0b Minor just in case commit related to the last one 2013-02-14 19:58:10 +01:00
Miroslav Stampar
fef60b73f4 Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases 2013-02-14 19:53:26 +01:00
Bernardo Damele
d91530f885 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-14 17:16:55 +00:00
Bernardo Damele
52264f544e minor fix for Windows file paths, do not strip the windows drive letter 2013-02-14 17:16:49 +00:00
Miroslav Stampar
fdf00e4842 Fix for an Issue #397 2013-02-14 17:14:36 +01:00
Miroslav Stampar
368a2fd297 Fix for an Issue #393 2013-02-14 16:18:16 +01:00
Miroslav Stampar
f97f575018 Trivial restyling 2013-02-14 15:41:27 +01:00
Miroslav Stampar
605c5b089e Minor style update 2013-02-14 15:38:44 +01:00
Miroslav Stampar
06d8547916 Implementation for an Issue #394 2013-02-14 15:38:44 +01:00
Miroslav Stampar
7944684ff2 This was supposed to be a separate commit (going to commit it in next one) 2013-02-14 15:38:44 +01:00
Miroslav Stampar
6c0054bc5f Putting that ugly parameter xyz is not inside the Cookie into the debug messages 2013-02-14 15:38:44 +01:00
Bernardo Damele
646df37884 minor bug fix for --reg-read 2013-02-14 13:17:30 +00:00
Miroslav Stampar
c72353321d Minor update for an Issue #392 2013-02-14 13:36:33 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Miroslav Stampar
6629233de5 Minor update 2013-02-14 10:18:40 +01:00
Miroslav Stampar
0a4605644e Minor fix for previous commit 2013-02-13 16:31:03 +01:00
Miroslav Stampar
2b121c938b Minor fix 2013-02-13 16:24:21 +01:00
Miroslav Stampar
c6d29e093e Fixing issue with newlines after the data in -r mode 2013-02-13 12:36:01 +01:00
Miroslav Stampar
965fa04a33 Trivial update 2013-02-13 12:28:51 +01:00
Miroslav Stampar
d78a3e977b Update (allowing regular char * to be inside SOAP/JSON/XML) 2013-02-13 12:24:42 +01:00
Miroslav Stampar
6314d64a70 Renaming --binary to --binary-fields 2013-02-13 11:27:03 +01:00
Miroslav Stampar
7c802ed8cc Minor fix 2013-02-13 11:14:45 +01:00
Miroslav Stampar
dc41484b3f Refactoring of funcionality for finding out if stacking is available 2013-02-13 09:57:16 +01:00
Miroslav Stampar
8b4f72322a Adding (for now hidden) option --binary (works like -C but deliberately retrieves data in hex format and displays in hex format) 2013-02-13 09:56:44 +01:00
Miroslav Stampar
c34f6e25b2 Minor fix for --eval (urldecoded values should be used inside evaluation) 2013-02-12 17:01:47 +01:00
Miroslav Stampar
212e92ea01 Minor update regarding --load-cookies (warning about expired ones) 2013-02-12 14:29:56 +01:00
Miroslav Stampar
c67b39d14d Update for a last update 2013-02-12 12:58:15 +01:00
Miroslav Stampar
72984a578d Update for --load-cookies 2013-02-12 12:42:12 +01:00
Miroslav Stampar
c2672e78fc Support for multiple injection marks inside the same header value (Issue #48) 2013-02-12 12:06:13 +01:00
Miroslav Stampar
c75560ba69 Minor bug fix (getting ? in < 0xf char cases) 2013-02-11 21:16:35 +01:00
Miroslav Stampar
c0e59d94a9 Better naming 2013-02-08 16:28:58 +01:00
Miroslav Stampar
cdfe43560b Update for an Issue #207 (and a potential patch for regression tests) 2013-02-08 16:20:48 +01:00
Bernardo Damele
d015bf98fc renamed variable to avoid confusion 2013-02-07 14:19:07 +00:00
Bernardo Damele
07fe6d44fb unnecessary condition here 2013-02-07 14:18:52 +00:00
Bernardo Damele
b477c56b52 first steps to allow multiple scans on the same taskid - issue #297 2013-02-07 00:05:26 +00:00
Bernardo Damele
5c8335876f minor bug fix to make --disable-coloring work on log messages too 2013-02-06 21:04:54 +00:00
Bernardo Damele
477c66ac4b minor refactoring and trivial bug fix 2013-02-06 17:45:25 +00:00
Bernardo Damele
f7d826fee1 first case where partial output is retrievable via RESTful API - issue #297 2013-02-05 14:43:03 +00:00
Miroslav Stampar
e836629215 Bug fixes for search (safeStringFormat should not replace all if given scalar values) 2013-02-05 11:37:49 +01:00
Bernardo Damele
9d04ae5db5 minor improvement to temporary folder name 2013-02-05 09:11:38 +00:00
Miroslav Stampar
6cab3d4759 Minor update 2013-02-04 16:46:08 +01:00
Miroslav Stampar
f4b8a3c1d8 Bug fix for boolean (multithreaded Ctrl+C) resumed values 2013-02-04 15:49:29 +01:00
Miroslav Stampar
5e4e863986 Bug fix (introduced with f1ab887c55) 2013-02-04 15:31:28 +01:00
Miroslav Stampar
235153ab39 Removal of unused imports 2013-02-04 15:29:13 +01:00
Miroslav Stampar
7e1ff1bb8e Same refactoring as the last commit 2013-02-04 15:26:44 +01:00
Bernardo Damele
9370f96a67 step by step getting there to partial output presentation to restful API (issue #297), not quite yet though.. 2013-02-03 22:09:33 +00:00
Bernardo Damele
df3cc38cd9 minor improvements 2013-02-03 15:39:07 +00:00
Bernardo Damele
bd1ea13b8d Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-03 11:31:12 +00:00
Bernardo Damele
f8bc74758c improvement to restful API to store to IPC database partial entries, not yet functional (issue #297) 2013-02-03 11:31:05 +00:00
Miroslav Stampar
e7b93b5b66 Implementation for an Issue #363 2013-02-01 17:24:04 +01:00
Miroslav Stampar
6d942f92b5 Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.)) 2013-02-01 10:03:06 +01:00
Miroslav Stampar
8d51b4b63a Minor bug fix 2013-01-31 16:24:44 +01:00
Miroslav Stampar
d6606a8f31 Patch to prevent problems like Issue #381 2013-01-31 13:58:39 +01:00
Miroslav Stampar
cfcf8a3abb Another update for an Issue #380 (--common-... switches) 2013-01-31 13:49:19 +01:00
Miroslav Stampar
2420a4b626 Update for an Issue #342 and #372 2013-01-31 10:01:52 +01:00
Miroslav Stampar
9b4eaa9272 Minor fix 2013-01-30 18:21:15 +01:00
Miroslav Stampar
fdea8ddea6 Starting to clean up a mess in Oracle's world of DISTINCT (part of Issue #342 and #372) 2013-01-30 16:55:09 +01:00
Bernardo Damele
103045d284 variable renamed 2013-01-30 15:30:34 +00:00
Miroslav Stampar
f33bf06c88 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-30 11:38:20 +01:00
Bernardo Damele
6dfe91165d Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-30 10:34:51 +00:00
Bernardo Damele
8519717f25 minor fixes to --live-test 2013-01-30 10:32:56 +00:00
Miroslav Stampar
f391937083 Minor refactoring 2013-01-30 10:43:46 +01:00
Miroslav Stampar
d6fb0e8545 Update for an Issue #352 2013-01-30 10:38:11 +01:00
Miroslav Stampar
bd08ede117 Minor fine tuning 2013-01-29 21:06:02 +01:00
Miroslav Stampar
f41460f8d8 Better naming 2013-01-29 20:53:11 +01:00
Bernardo Damele
e8bd3c9c9f cosmetics 2013-01-29 17:00:28 +00:00
Bernardo Damele
8f36f92dd3 minor fix 2013-01-29 16:23:30 +00:00
Bernardo Damele
c47b44e93f Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-29 15:38:16 +00:00
Bernardo Damele
9677e0f910 more data content types for API (issue #297) 2013-01-29 15:36:19 +00:00
Bernardo Damele
92ae8145df ignore any non-relevant string: avoid storing to the API, careful this can introduce bugs but it is necessary at this stage of development (issue #297) 2013-01-29 15:35:51 +00:00
Bernardo Damele
bfce7210e6 improvements to the dump library to output to the API data fetched properly formatted (issue #297) 2013-01-29 15:34:20 +00:00
Bernardo Damele
eeecb3fe2c split init() into two separate functions for API purposes (issue #297) 2013-01-29 15:33:16 +00:00
Miroslav Stampar
f4b7b3fd35 Minor cosmetics 2013-01-29 16:04:20 +01:00
Miroslav Stampar
9eca41bae2 Minor fix 2013-01-29 15:55:50 +01:00
Miroslav Stampar
a104de01d7 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-29 15:35:01 +01:00
Miroslav Stampar
7e73825ece Minor cosmetics 2013-01-29 15:34:41 +01:00
Bernardo Damele
085495024f minor adjustment 2013-01-29 01:44:57 +00:00
Bernardo Damele
f1ab887c55 major enhancement, code refactoring for issue #297 2013-01-29 01:39:27 +00:00
Bernardo Damele
cd4075f6a3 no raise, just pass at ctrl-c 2013-01-26 15:33:09 +00:00
Bernardo Damele
a0b9e0f1c5 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-25 17:11:38 +00:00
Bernardo Damele
195d17449e first test of stdout/stderr redirect to a database when sqlmap is executed from restful API (#297) 2013-01-25 17:11:31 +00:00
Miroslav Stampar
c06f94e2c8 Fix for an Issue #378 2013-01-25 16:38:41 +01:00
Miroslav Stampar
8c84a16cb7 Minor style update for an Issue #377 2013-01-25 12:52:31 +01:00
Miroslav Stampar
194a9e7b88 Implementation for an Issue #377 2013-01-25 12:34:57 +01:00
Bernardo Damele
5b3c8d8991 first implementation of asynchronous inter-protocol communication between the sqlmap RESTful API and the sqlmap engine with SQLite 2013-01-24 12:57:24 +00:00
Miroslav Stampar
232f8d3585 Fix for an Issue #368 2013-01-23 13:36:17 +01:00
Bernardo Damele
5635776173 proper SQLite 2 library 2013-01-22 18:56:25 +00:00
Miroslav Stampar
719c7f622b Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions) 2013-01-22 15:51:06 +01:00
Miroslav Stampar
2ec828f1cb Fix for an Issue #367 2013-01-22 14:27:17 +01:00
Miroslav Stampar
09c02c6c72 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-22 14:08:31 +01:00
Miroslav Stampar
15b0ab1b44 Fix for a 'no parameter found' problem when user says N on 'custom injection mark found in POST...' 2013-01-22 14:08:19 +01:00
Bernardo Damele
061aef57ba missing import 2013-01-22 11:25:01 +00:00
Bernardo Damele
e558040810 minor fix to previous commit 2013-01-21 17:10:56 +00:00
Bernardo Damele
d43b04c582 better detection if vulnerable of not for regression test 2013-01-21 17:09:35 +00:00
Miroslav Stampar
b35a0810ef Fix for an Issue #364 2013-01-21 17:01:52 +01:00
Miroslav Stampar
1e3f68c7ff Rewriting some query crafting parts (especially those .find(' FROM ')) 2013-01-21 16:15:38 +01:00
Miroslav Stampar
832d95984c IFNULL-like mechanism now works on SQLite 2 too 2013-01-21 15:04:27 +01:00
Miroslav Stampar
c55a002f95 Language fix 2013-01-21 13:19:08 +01:00
Miroslav Stampar
80255433b0 Trivial style update 2013-01-21 13:18:34 +01:00
Miroslav Stampar
0e86175342 Adding new common function for further refactoring 2013-01-21 11:50:47 +01:00
Miroslav Stampar
3200134b3b Fix for a regression test #30 test case fail (Firebird inline) 2013-01-21 10:12:54 +01:00
Bernardo Damele
3373e30808 minor fix for a bug introduced with commit 1ad9e26a21 2013-01-20 02:40:40 +00:00
Bernardo Damele
115be9d7b5 minor fixes 2013-01-20 01:26:46 +00:00
Miroslav Stampar
0a4f5d2e51 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-19 19:08:18 +01:00
Miroslav Stampar
e9641e30db This last commit was in haste :) 2013-01-19 19:07:38 +01:00
Miroslav Stampar
6a87dd9225 Minor update (just for consistency with the rest of code) 2013-01-19 19:07:06 +01:00
Miroslav Stampar
979e108c87 Minor update (just for consistency with the rest of code) 2013-01-19 19:06:51 +01:00
Bernardo Damele
f89b25fdb6 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-19 18:04:38 +00:00
Bernardo Damele
adf97e630f add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL 2013-01-19 18:04:33 +00:00
Miroslav Stampar
9ce2395405 Minor refactoring 2013-01-19 18:40:44 +01:00
Miroslav Stampar
3f4c010370 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-19 18:28:52 +01:00
Miroslav Stampar
efe26ac3f8 In case that content-length header was not in a desired case ('Content-length') POST request file would fail badly (repeating original content-length header value) 2013-01-19 18:28:37 +01:00
Bernardo Damele
6a62292a3f layout adjustment 2013-01-19 17:11:16 +00:00
Miroslav Stampar
bb6b89fe93 Patch for an Issue #360 2013-01-19 18:06:36 +01:00
Bernardo Damele
dcf2dcd03d all we need to debug failed test cases while regression test run.. 2013-01-19 17:04:57 +00:00
Bernardo Damele
f22fd396ef write the test case name before it is run so if the test case crashes badly, we can trace back what test case it was at a later stage 2013-01-19 16:41:19 +00:00
Bernardo Damele
1923ef691e just in case, add also the test case name inside the temp folder for debug purposes 2013-01-19 16:06:46 +00:00
Bernardo Damele
0e78fbef56 correctly format SQLi payload for inline query technique 2013-01-19 00:28:03 +00:00
Bernardo Damele
6be7eee8d6 more fixes 2013-01-18 23:35:16 +00:00
Bernardo Damele
56eaa073ce fixed test cases for Firebird - #312 2013-01-18 23:32:39 +00:00
Bernardo Damele
1f4c6a8371 avoid blank line if password hashes have not been fetched 2013-01-18 22:10:36 +00:00
Bernardo Damele
1ad9e26a21 bug fix for ORDER BY users provided statements (issue #354) 2013-01-18 21:40:50 +00:00
Miroslav Stampar
ac7709204a Better fix for that page/headers/comparison --string candidate problem 2013-01-18 17:00:11 +01:00
Miroslav Stampar
8141d17985 Revert of previous commit (more care has to be done regarding headers dynamicity) 2013-01-18 16:49:35 +01:00
Miroslav Stampar
33094a118c Fix for an Issue where '--string' is being automatically picked not looking properly in headers too 2013-01-18 16:35:09 +01:00
Miroslav Stampar
601eb1e49a Unescaping is renamed to escaping 2013-01-18 15:40:37 +01:00
Bernardo Damele
a43202f3c0 updated copyright 2013-01-18 14:07:51 +00:00
Bernardo Damele
1bb061f68c improvements to --live-test 2013-01-18 13:02:35 +00:00
Bernardo Damele
738ccb643d minor output adjustment 2013-01-18 11:41:09 +00:00
Miroslav Stampar
33ea811c6c Removing some unused stuff (mainly imports) 2013-01-18 11:50:02 +01:00
Miroslav Stampar
aa467cb54c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-18 11:31:25 +01:00
Miroslav Stampar
17d36684b5 Removing obsolete proxy handling code (Python < 2.6) 2013-01-18 11:30:52 +01:00
Miroslav Stampar
4d5bae7131 Removing some obsolete functions 2013-01-18 11:18:56 +01:00
Miroslav Stampar
bcc907ce09 Minor update 2013-01-18 11:00:21 +01:00
Miroslav Stampar
d1008b45b5 Minor removal of unused function 2013-01-18 10:46:06 +01:00
Miroslav Stampar
caae773b2d Minor removal of redundant code 2013-01-18 10:44:57 +01:00
Bernardo Damele
d66f7e22b1 more fixes to test cases 2013-01-18 09:32:05 +00:00
Miroslav Stampar
e941e60b20 Minor just in place update for an Issue #348 2013-01-17 22:44:55 +01:00
Bernardo Damele
1d6e642d41 fixed url 2013-01-17 21:29:00 +00:00
Miroslav Stampar
507f185b69 Revert of patch for an Issue #347 2013-01-17 18:38:37 +01:00
Miroslav Stampar
f7eda07d92 Patch for an Issue #347 2013-01-17 15:30:14 +01:00
Miroslav Stampar
a38b3e397c Patch for an Issue #286 2013-01-17 14:17:39 +01:00
Miroslav Stampar
65273295e3 Implementing a check for an Issue #25 2013-01-17 13:56:04 +01:00
Miroslav Stampar
9428d1819e Fix for an Issue #346 2013-01-17 12:03:02 +01:00
Miroslav Stampar
3ab4a5e36d Fix for an Issue #345 2013-01-17 11:50:12 +01:00
Miroslav Stampar
51a77d1fe2 Minor update for an Issue #8 2013-01-17 11:37:45 +01:00
Miroslav Stampar
14b7e655a9 Minor refactoring 2013-01-16 16:33:04 +01:00
Miroslav Stampar
053b7d12b4 Minor language update 2013-01-16 16:07:12 +01:00
Miroslav Stampar
fb7243c237 Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs 2013-01-16 16:04:00 +01:00
Miroslav Stampar
c0a6e1c3a7 Finishing first usable prototype for an Issue #8 2013-01-16 14:54:37 +01:00
Miroslav Stampar
ff5ec48abd Minor update for an Issue #8 2013-01-16 14:16:22 +01:00
Bernardo Damele
3464a70ac2 bug fix: without this generic concatenation of strings in concatQuery(), detection of UNION query SQLi only (--technique U) when the page did not disclose any DBMS error message and it was not MySQL (for which there are UNION SQLi specific payloads) was not detected 2013-01-16 01:53:33 +00:00
Bernardo Damele
542f6de72e typo fix 2013-01-16 01:31:03 +00:00
Bernardo Damele
2a751e075d more work on #342 2013-01-15 17:14:44 +00:00
Bernardo Damele
ec076f5f8a write console output to temporary folder in any case the test case fails, even if no traceback is raised 2013-01-15 15:51:03 +00:00
Miroslav Stampar
7a1d484115 Implementation for an Issue #340 2013-01-15 16:05:33 +01:00
Bernardo Damele
c51358953a add more Oracle system dbs 2013-01-15 14:51:29 +00:00
Bernardo Damele
3e2c3851f3 Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312) 2013-01-14 13:42:50 +00:00
Bernardo Damele
515c1c6205 removed leftover 2013-01-14 10:26:22 +00:00
Bernardo Damele
83000de9e1 improved handling and storing of exceptions with --live-test (#312) 2013-01-14 10:23:40 +00:00
Bernardo Damele
8125fe90a7 code refactoring 2013-01-14 10:22:38 +00:00
Bernardo Damele
036b612bcb bug fix to be able to write unicode chars to debug file 2013-01-14 01:11:42 +00:00
Miroslav Stampar
fc560f2b75 Minor revert and proper fix 2013-01-14 00:47:29 +01:00
Bernardo Damele
b74cfbf336 minor enhancements for debug purposes (issue #312) 2013-01-13 23:15:56 +00:00
Bernardo Damele
fdd6075859 temporary patch to fix UNION query enumeration 2013-01-13 23:08:23 +00:00
Miroslav Stampar
92ea8841f8 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-13 16:23:09 +01:00
Miroslav Stampar
03dd958d96 Implementation for an Issue #48 2013-01-13 16:22:43 +01:00
Bernardo Damele
675e4a026b Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-11 13:31:49 +00:00
Bernardo Damele
41834e7a5b working on #8 - still not usable though 2013-01-11 13:31:44 +00:00
Miroslav Stampar
bc4d8d3e02 Implementation for an Issue #332 2013-01-11 11:17:41 +01:00
Miroslav Stampar
5571d09354 Minor revert 2013-01-11 11:13:55 +01:00
Miroslav Stampar
ec4e49d771 Minor refactoring 2013-01-10 16:09:28 +01:00
Miroslav Stampar
1363f26367 Minor refactoring 2013-01-10 15:59:02 +01:00
Miroslav Stampar
834be1eddc Restyling redundant 'except Exception' form 2013-01-10 15:54:28 +01:00
Miroslav Stampar
acfeeb4f51 Restyling old form of urlparse 2013-01-10 15:41:07 +01:00
Miroslav Stampar
8686c20fa5 Removing one obsolete instantiation line 2013-01-10 15:27:35 +01:00
Miroslav Stampar
934d41dac2 Minor style update (PEP8) 2013-01-10 15:02:28 +01:00
Miroslav Stampar
ca3d35a878 Some PEP8 related style cleaning 2013-01-10 13:18:44 +01:00
Miroslav Stampar
6cfa9cb0b3 Removing unused imports 2013-01-10 12:15:12 +01:00
Miroslav Stampar
05705857a9 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-10 12:09:48 +01:00
Miroslav Stampar
ca1c0c2a1d Minor style update 2013-01-10 11:54:07 +01:00
Bernardo Damele
ca337159f5 added reminder TODO 2013-01-10 01:11:22 +00:00
Bernardo Damele
10f1099944 remove logging handler that shows logging messages to stdout - issue #297 2013-01-10 00:51:56 +00:00
Bernardo Damele
ccc3c3d1a3 minor fix to distinguish stdout from stderr 2013-01-10 00:51:05 +00:00
Bernardo Damele
2126a5ba12 minor index fix 2013-01-10 00:00:00 +00:00
Bernardo Damele
794700eb37 preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297 2013-01-09 22:08:50 +00:00
Bernardo Damele
d120dc18d1 cleanup 2013-01-09 22:06:27 +00:00
Bernardo Damele
58a60562ac avoid exiting with a traceback for missing dependency, handle properly at some point 2013-01-09 16:05:55 +00:00
Bernardo Damele
7f4ce4afbb Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-09 16:04:29 +00:00
Bernardo Damele
510ceb6e19 first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28 2013-01-09 16:04:23 +00:00
Miroslav Stampar
bf5544903b Minor style update 2013-01-09 16:10:26 +01:00
Miroslav Stampar
9bdcb1176d Update for an Issue #169 2013-01-09 15:58:13 +01:00
Miroslav Stampar
25f01a419f Minor style update (for the sake of consistency over the code and our PEP8 adaptation) 2013-01-09 15:38:41 +01:00
Miroslav Stampar
bdd2592848 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-09 15:22:30 +01:00
Miroslav Stampar
3d4f381ab5 Patch for an Issue #169 2013-01-09 15:22:21 +01:00
Bernardo Damele
c44a829b9b pass a pickled options object to sqlmap engine when called from API 2013-01-09 12:34:45 +00:00
Bernardo Damele
8457cff278 added variable to store the live test traceback if any 2013-01-09 12:33:18 +00:00
Bernardo Damele
f11747732e added missing command line options 2013-01-09 12:30:13 +00:00
Miroslav Stampar
55a552ddc4 Update for an Issue #24 2013-01-08 10:55:25 +01:00
Miroslav Stampar
ad85c4c964 Minor refactoring for an Issue #295 2013-01-08 10:23:02 +01:00
Bernardo Damele
1e35b3c8c9 proper link 2013-01-07 16:59:59 +00:00
Miroslav Stampar
74552bea87 Cleaning some garbage (hard coded paths with linux native slashes) 2013-01-07 16:51:00 +01:00
Bernardo Damele
7fa75792dd Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-07 11:10:08 +00:00
Bernardo Damele
a30d7014b9 removed unused var 2013-01-07 11:05:33 +00:00
Miroslav Stampar
5b77b20e2e Removing trailing whitespaces (PEP8) 2013-01-03 23:57:07 +01:00
Miroslav Stampar
82b468211d Minor update 2013-01-03 23:38:29 +01:00
Miroslav Stampar
f340ce8b4b Minor style update 2013-01-03 23:35:29 +01:00
Miroslav Stampar
1712603dce Replacing deprecated has_key() with operator in (PEP8) 2013-01-03 23:28:07 +01:00
Miroslav Stampar
e4a3c015e5 Replacing old and deprecated raise Exception style (PEP8) 2013-01-03 23:20:55 +01:00
Miroslav Stampar
304e52cb4d Minor language update 2013-01-02 22:11:59 +01:00
Miroslav Stampar
09f1cdd8e1 Minor style update 2013-01-02 21:52:50 +01:00
Miroslav Stampar
0795760255 Minor fix 2012-12-30 11:22:23 +01:00
Miroslav Stampar
648d91d790 Distinguishing invalid unicode from safe encoded characters (for proper potential decoding) 2012-12-27 22:43:39 +01:00
Miroslav Stampar
3d01890147 Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode) 2012-12-27 21:15:44 +01:00
Miroslav Stampar
6ae4590edc Removing problematic per-MySQL LIMIT prefix 2012-12-26 19:48:01 +01:00
Miroslav Stampar
77625e5af7 Minor revert 2012-12-21 19:31:05 +01:00
Miroslav Stampar
00e55828e4 Minor style update 2012-12-21 15:06:03 +01:00
Miroslav Stampar
8b3e17ed4d Minor update (better approach for those old NOT IN cases in MsSQL - instead of standard pivot dump table) 2012-12-21 14:52:47 +01:00
Miroslav Stampar
35728fa443 Fix (and some hidden bug fixes/improvements) regarding an Issue #317 2012-12-21 10:51:35 +01:00
Miroslav Stampar
b94a5d42d4 Removing a leftover 2012-12-21 09:49:09 +01:00
Miroslav Stampar
0a122ccce4 Related to an Issue #319 2012-12-21 09:47:58 +01:00
Miroslav Stampar
1073ebc697 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-20 20:51:41 +01:00
Bernardo Damele
912323c12d minor bug fix (#297) 2012-12-20 17:05:44 +00:00
Bernardo Damele
7adaffa71b fixed options initiation 2012-12-20 16:53:43 +00:00
Miroslav Stampar
8efe056671 Minor refactoring 2012-12-20 15:51:03 +01:00
Bernardo Damele
e9ab33e9dd standalone REST API, code cleanup (#297) 2012-12-20 14:35:02 +00:00
Miroslav Stampar
63d9b7a1f8 No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset) 2012-12-20 12:23:37 +01:00
Miroslav Stampar
c2c4601d6e Minor restyling 2012-12-20 11:06:52 +01:00
Bernardo Damele
076b4063e6 these edits got overwritten from last commits 2012-12-20 09:42:44 +00:00
Miroslav Stampar
3cbe60b586 Proper fix 2012-12-20 10:37:20 +01:00
Miroslav Stampar
0d1ea7f05a Merge branch 'master' of github.com:sqlmapproject/sqlmap
Conflicts:
	lib/core/testing.py
2012-12-20 10:37:11 +01:00
Miroslav Stampar
da93e77eb2 Proper fix 2012-12-20 10:34:51 +01:00
Bernardo Damele
ac77724970 attempt to handle standard input from --live-test 2012-12-20 09:30:48 +00:00
Bernardo Damele
2b6ee06de0 minor bug fix to correctly parse unicode chars 2012-12-20 09:30:13 +00:00
Miroslav Stampar
69310e47ce Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-20 09:54:39 +01:00
Miroslav Stampar
06d8213ffd minor fix (reading of unicode xml files) 2012-12-20 09:53:08 +01:00
Bernardo Damele
86872956d5 minor bug fix (for PostgreSQL) 2012-12-19 22:55:31 +00:00
Bernardo Damele
77843f44fb minor bug fix (issue #314) 2012-12-19 22:49:02 +00:00
Bernardo Damele
357da43cea slight improvement of live test engine and added misc test cases to xml 2012-12-19 17:28:41 +00:00
Bernardo Damele
85fcd27e2d added support for random global variables 2012-12-19 15:58:06 +00:00
Bernardo Damele
12d34587cc minor restyling 2012-12-19 14:34:34 +00:00
Bernardo Damele
326ff404fc Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 14:25:35 +00:00
Bernardo Damele
12eed58485 pointless restyling 2012-12-19 14:25:29 +00:00
Miroslav Stampar
37346fe8a3 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 15:23:57 +01:00
Miroslav Stampar
7ee98c7bff Just for one girl out there waiting for this patch ;) 2012-12-19 15:23:38 +01:00
Bernardo Damele
3be90c97aa forgot these 2012-12-19 14:12:45 +00:00
Bernardo Damele
cefb03c835 fixed bug related to issue #223 2012-12-19 14:12:09 +00:00
Bernardo Damele
27a12ae85b restyling 2012-12-19 13:47:17 +00:00
Bernardo Damele
4b3b4eb374 commented out partial work 2012-12-19 13:47:04 +00:00
Bernardo Damele
3655d1f12a revert change of name for now 2012-12-19 13:45:52 +00:00
Bernardo Damele
874e2176c6 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 13:43:00 +00:00
Bernardo Damele
4f0f729982 be more specific in standard output message as to whether or not the read file is same as remote file 2012-12-19 13:42:56 +00:00
Miroslav Stampar
23153e8088 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 14:29:08 +01:00
Miroslav Stampar
244901eda0 During --flush-session log file should be cleaned too (especially because of --live-tests) 2012-12-19 14:28:54 +01:00
Bernardo Damele
282aeb734f ORDER BY does not play well with UNION query SQLi (related to issue #313) 2012-12-19 13:21:16 +00:00
Bernardo Damele
128597ee7e --run-case is now case insensitive 2012-12-19 12:45:46 +00:00
Bernardo Damele
b91c829103 minor bug fix (issue #310) 2012-12-19 12:42:31 +00:00
Bernardo Damele
2bc2c0431c fixed test cases 2012-12-19 12:33:37 +00:00
Bernardo Damele
9149d77cc8 removed duplicate code - fixes issue #310 2012-12-19 12:17:56 +00:00
Bernardo Damele
f5450e9f0e layout adjustment 2012-12-19 11:39:38 +00:00
Miroslav Stampar
92e338251a Finally working inference against MySQL/international letters (even chinese) 2012-12-19 10:44:02 +01:00
Miroslav Stampar
c9b8b51c9c Update lib/core/common.py
Revert of last commit and try 2
2012-12-19 01:48:53 +01:00
Bernardo Damele
318fcee49c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 00:30:26 +00:00
Bernardo Damele
3c7007097a minor refactoring 2012-12-19 00:30:22 +00:00
Miroslav Stampar
50b846b5af Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
2012-12-19 01:26:12 +01:00
Miroslav Stampar
9e2f0131b9 Update lib/core/agent.py 2012-12-18 20:25:00 +01:00
Bernardo Damele
326ed33f31 added support for comma separated list of files for --file-read - fixes issue #223 2012-12-18 17:55:21 +00:00
Bernardo Damele
58656bbeb5 minor bug fix, union query has to be limited 0, 0 2012-12-18 16:36:30 +00:00
Bernardo Damele
61a838bb35 added more test cases 2012-12-18 15:59:48 +00:00
Miroslav Stampar
88d8494b5a Implementation for an Issue #307 2012-12-18 16:03:35 +01:00
Bernardo Damele
3c1b696bd6 removed more print statements 2012-12-17 13:35:32 +00:00
Bernardo Damele
9f47eb0a59 cleaner 2012-12-17 13:29:37 +00:00
Bernardo Damele
0500712a03 removed unuseful prints 2012-12-17 13:29:19 +00:00
Bernardo Damele
ac44cf3ec0 minor fix: add also back-end DBMS and web app fingerprint output to log file 2012-12-17 13:02:09 +00:00
Bernardo Damele
bbd2adb5fb improvements to --live-test and added --stop-fail switch 2012-12-17 11:41:43 +00:00
Bernardo Damele
2926c815bf improved test switch --live-test and minor refactoring 2012-12-17 11:29:33 +00:00
Bernardo Damele
0c3da5c7eb code refactoring and first time logger is handled by a separate file descriptor (issue #297) 2012-12-15 00:12:22 +00:00
Bernardo Damele
a2a71bb37b cleanup from XML-RPC related stuff 2012-12-14 13:37:36 +00:00
Bernardo Damele
6e31e87de1 added initial support (hidden from -hh and not yet usable) for REST-JSON API 2012-12-14 02:49:25 +00:00
Miroslav Stampar
df0f08bc6a Cleaning some (web upload based) garbage 2012-12-13 13:19:47 +01:00
Miroslav Stampar
5150172178 Minor update 2012-12-13 10:03:21 +01:00
Miroslav Stampar
fc4be0a77c Minor fix 2012-12-12 16:45:29 +01:00
Miroslav Stampar
921000bd87 Another update for an Issue #287 2012-12-12 14:22:24 +01:00
Miroslav Stampar
c3f20a136f Minor update for an Issue #287 2012-12-12 14:03:03 +01:00
Miroslav Stampar
a6448e8768 Update for an Issue #287 2012-12-12 11:54:59 +01:00
Miroslav Stampar
b9f6fc5f4e First commit (and working one) for an Issue #287 (XML-RPC server) 2012-12-11 16:02:06 +01:00
Miroslav Stampar
b5884c7eda Minor language update 2012-12-11 15:24:02 +01:00
Miroslav Stampar
760519dbe9 Removing redundant piece of code 2012-12-11 15:21:27 +01:00
Miroslav Stampar
a54c261496 Minor update for Issues #292 & #293 (only single alert per target) 2012-12-11 14:44:43 +01:00
Miroslav Stampar
5c2451d83c Implementation for an Issue #293 2012-12-11 12:48:58 +01:00
Miroslav Stampar
562044577b Implementation for an Issue #292 2012-12-11 12:02:06 +01:00
Miroslav Stampar
6433be8b3d Style update 2012-12-10 17:20:04 +01:00
Miroslav Stampar
a024884ca7 Support for a HTTP parameter pollution (Issue #267) 2012-12-10 11:55:31 +01:00
Miroslav Stampar
1f7644a691 Minor fix when user doesn't want custom injection char marker to be processed 2012-12-08 21:23:30 +01:00
Miroslav Stampar
0cbdaaecfa Revert of 99e9412f74 (because of an Issue #289) 2012-12-08 08:53:25 +01:00
Miroslav Stampar
1028afce37 Removal of leftovers 2012-12-06 14:15:44 +01:00
Miroslav Stampar
974407396e Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods) 2012-12-06 14:14:19 +01:00
Miroslav Stampar
baccbd6f48 Implementation for an Issue #283 2012-12-06 11:57:57 +01:00
Miroslav Stampar
ab67344448 Removed unused imports and variables (pyflake-ing) 2012-12-06 11:15:05 +01:00
Miroslav Stampar
b6650add46 Introducing 'new style classes' (idea from Pull request #284) 2012-12-06 10:42:53 +01:00
Miroslav Stampar
0f191f624c Taking some goodies from Pull request #284 2012-12-06 10:21:53 +01:00
Miroslav Stampar
6b39e661a7 Fix for an issue #279 2012-12-05 12:15:14 +01:00
Miroslav Stampar
775e0df04b Update for an Issue #278 2012-12-05 10:45:17 +01:00
Miroslav Stampar
6b007ab188 Minor patch for an Issue #274 (just in case to avoid this kind of problems) 2012-12-04 16:14:14 +01:00
Miroslav Stampar
e2aa695655 Minor update 2012-12-03 17:20:18 +01:00