4221 Commits

Author	SHA1	Message	Date
Miroslav Stampar	8fdf9ff746	Probable fix for an Issue #908	2014-11-07 15:47:42 +01:00
Miroslav Stampar	31f8d6e612	Fix for an Issue #904	2014-11-06 11:19:05 +01:00
Miroslav Stampar	a91fb4149b	Minor update (using lower frequency alphabet for kb.chars)	2014-11-05 10:56:30 +01:00
Miroslav Stampar	97cc679f9c	Fix for an Issue #900	2014-11-04 15:15:58 +01:00
Miroslav Stampar	4d5b48b2ae	Patch for an Issue #896	2014-11-04 00:34:35 +01:00
Miroslav Stampar	6f45596f28	Minor style update	2014-11-03 23:48:44 +01:00
Miroslav Stampar	05b446b95d	Patch for an Issue #893	2014-11-02 23:38:52 +01:00
Miroslav Stampar	9652e41226	Path for an Issue #891	2014-11-02 23:32:19 +01:00
Miroslav Stampar	1ef2c4006d	Patch for an Issue #892	2014-11-02 11:01:46 +01:00
Miroslav Stampar	a4d058d70c	More anonymization of unhanded exception data	2014-11-02 10:55:38 +01:00
Miroslav Stampar	4e0e64d06b	Bug fix for DNS Exfiltration in PgSQL case ('invalid URI')	2014-10-31 20:28:37 +01:00
Miroslav Stampar	38978c3e54	Fix for an Issue #884	2014-10-31 16:45:26 +01:00
Miroslav Stampar	455ea9922c	Minor update	2014-10-28 15:26:28 +01:00
Miroslav Stampar	258a700b2e	More anonymization of unhandled exception messages	2014-10-28 15:14:41 +01:00
Miroslav Stampar	725c3a6a95	Minor update	2014-10-28 14:08:06 +01:00
Miroslav Stampar	3b3b8d4ef2	Potential bug fix (escaping formatted regular expressions)	2014-10-28 14:02:55 +01:00
Miroslav Stampar	e08c8f272a	Fix for an Issue #875	2014-10-28 13:10:07 +01:00
Miroslav Stampar	19aed90ae5	Implementation for an Issue #874	2014-10-27 00:37:46 +01:00
Miroslav Stampar	6448d3caf4	Implementing support for csrfcookie (Issue #2)	2014-10-24 09:37:51 +02:00
Miroslav Stampar	abbd352392	Support for X-CSRF-TOKEN header (Issue #2)	2014-10-23 14:33:22 +02:00
Miroslav Stampar	95f2e61ca1	Minor fix related to the Issue #2	2014-10-23 14:23:01 +02:00
Miroslav Stampar	01f4b76817	Minor update for the Issue #2	2014-10-23 14:03:44 +02:00
Miroslav Stampar	7143e61619	Minor update	2014-10-23 14:00:53 +02:00
Miroslav Stampar	32bcca0aae	Basic options check for Issue #2	2014-10-23 11:54:29 +02:00
Miroslav Stampar	7fc9e82d28	Minor style update	2014-10-23 11:44:38 +02:00
Miroslav Stampar	780dbd1c64	Update for an Issue #2	2014-10-23 11:42:30 +02:00
Miroslav Stampar	fc1b05bec9	Implementation for an Issue #2	2014-10-23 11:23:53 +02:00
Miroslav Stampar	73a3db67eb	Fix for an Issue #862	2014-10-22 14:54:49 +02:00
Miroslav Stampar	60f2764c3d	Minor style update	2014-10-22 13:53:18 +02:00
Miroslav Stampar	34aed7cde0	Bug fix (now it's possible to use multiple parsed requests without mixing associated headers)	2014-10-22 13:49:29 +02:00
Miroslav Stampar	e239fefe67	Minor patch for JSON requests	2014-10-22 10:38:49 +02:00
Miroslav Stampar	a2f578dbf4	Patch to also include JSON array elements into automatic recognition	2014-10-22 10:28:10 +02:00
Miroslav Stampar	4e3a4eb0ff	Added a prompt for choosing a number of threads when in crawling mode	2014-10-10 12:09:08 +02:00
Miroslav Stampar	d4610890ca	Minor patch (flushing log file output at the end of program run)	2014-10-10 10:07:17 +02:00
Miroslav Stampar	7811a958ae	Another minor patch for Issue #846	2014-10-09 15:42:44 +02:00
Miroslav Stampar	f94ac8c69d	Second patch related to the Issue #846	2014-10-09 15:21:26 +02:00
Miroslav Stampar	c823c58d47	One patch related to the Issue #846	2014-10-09 14:39:54 +02:00
Miroslav Stampar	70215a95a1	Patch for an Issue #847	2014-10-07 13:02:47 +02:00
Miroslav Stampar	2ab4558859	Potential fix for an Issue #846	2014-10-07 11:49:53 +02:00
Miroslav Stampar	ddfec1c668	Initial patch for an Issue #846	2014-10-07 11:34:47 +02:00
Miroslav Stampar	2de12ef4a2	Potential fix for an Issue #843	2014-10-05 00:20:42 +02:00
Miroslav Stampar	fdef53aa67	Minor update of unhandled exception message	2014-10-01 14:23:45 +02:00
Miroslav Stampar	a2b059123a	Minor update of format exception strings	2014-10-01 14:12:30 +02:00
Miroslav Stampar	8c9014c39f	Adding a dummy (auxiliary) XSS check	2014-10-01 13:31:48 +02:00
Miroslav Stampar	4d23744430	Bug fix (there was a problem using --tamper=varnish with --identify-waf because of same named modules)	2014-09-30 09:58:02 +02:00
Miroslav Stampar	ff42720c62	Minor fix	2014-09-29 14:07:59 +02:00
Miroslav Stampar	00fc842c6f	Update agent.py	2014-09-20 10:20:57 +02:00
Miroslav Stampar	69701ba08c	Minor refactoring	2014-09-17 18:29:01 +02:00
Miroslav Stampar	09064a4a24	Minor just in case patch	2014-09-17 18:25:24 +02:00
Miroslav Stampar	bbc6dd9ac8	Minor fix	2014-09-17 10:28:18 +02:00
Miroslav Stampar	5b0732e9f9	Minor update for Issue #832	2014-09-16 15:17:50 +02:00
Miroslav Stampar	7278af01ee	Implementation for an Issue #832	2014-09-16 14:12:43 +02:00
Miroslav Stampar	57eb19377e	Minor code refactoring	2014-09-16 09:07:31 +02:00
Miroslav Stampar	45f5548113	Minor update regarding shell history file	2014-09-16 08:58:25 +02:00
Miroslav Stampar	637d3cbaf7	Fix for cases when parameter name is urlencoded	2014-09-12 13:29:30 +02:00
Miroslav Stampar	53d0d5bf8b	Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved)	2014-09-08 14:33:13 +02:00
Miroslav Stampar	055b759145	Minor update	2014-09-03 23:13:57 +02:00
Miroslav Stampar	112a0cb1ae	Patch for output directory (using unicode for international support)	2014-09-03 21:49:30 +02:00
Miroslav Stampar	7e40890f32	Patch for an Issue #815	2014-09-01 16:16:12 +02:00
Miroslav Stampar	25c6fca20e	Minor fix	2014-09-01 15:48:00 +02:00
Miroslav Stampar	d5d01e91ad	Warning message	2014-08-30 22:15:14 +02:00
Miroslav Stampar	177fc0376d	Minor fix for HSQLDB	2014-08-30 21:37:38 +02:00
Miroslav Stampar	1a9a331422	Bug fix (proper extending of tests when dbms is known)	2014-08-30 21:34:23 +02:00
Miroslav Stampar	e501b2a80b	Minor patch	2014-08-30 20:58:59 +02:00
Miroslav Stampar	03c8e7b7a2	Patch for an Issue #810	2014-08-30 17:13:02 +02:00
Miroslav Stampar	7595f2b73e	Minor fix	2014-08-28 00:13:27 +02:00
Miroslav Stampar	fce671c899	Patch for an Issue #801	2014-08-28 00:00:16 +02:00
Miroslav Stampar	fd36250026	Proper fix for an Issue #757	2014-08-26 23:36:04 +02:00
Miroslav Stampar	2a268199d4	Patch for an Issue #798	2014-08-26 23:11:44 +02:00
Miroslav Stampar	decd092b2a	Minor patch	2014-08-26 22:40:50 +02:00
Miroslav Stampar	2be0ebd883	Minor fix (e.g. Oracle identifier names can contain character $)	2014-08-26 22:40:15 +02:00
Miroslav Stampar	dcaad75a1e	Fix for an Issue #794	2014-08-22 15:08:05 +02:00
Miroslav Stampar	e0a8b89069	Minor patch when trailing space is used with comma to split option items (e.g. '-C id, name')	2014-08-22 14:19:53 +02:00
Miroslav Stampar	e3a0f25db0	Patch for an Issue #795	2014-08-22 14:11:23 +02:00
Miroslav Stampar	2ce3ccac46	Patch for an Issue #797 (switching to greedy because of performance; it shouldn't be a problem because it was a single line replacement in the first place)	2014-08-22 13:06:53 +02:00
Miroslav Stampar	77513e1de9	Minor style update	2014-08-21 01:19:10 +02:00
Miroslav Stampar	c5b71cff10	Some filtering	2014-08-21 01:12:44 +02:00
Miroslav Stampar	3cfdb5ff0f	Removing / from auto directories (it doesn't make sense to auto-test for uploading to /)	2014-08-21 00:43:37 +02:00
Miroslav Stampar	0296081692	Minor refactoring	2014-08-20 23:42:40 +02:00
Miroslav Stampar	f51ea20bbd	Minor style update	2014-08-20 22:50:00 +02:00
Miroslav Stampar	5d10bae31f	Removing trailing blank lines	2014-08-20 21:07:19 +02:00
Miroslav Stampar	e0216771ed	Minor update	2014-08-20 15:23:07 +02:00
Miroslav Stampar	c97782cfed	Minor update of banner	2014-08-20 15:10:21 +02:00
Miroslav Stampar	07f881e711	Minor fix	2014-08-20 14:02:04 +02:00
Miroslav Stampar	dfa426fbb5	Minor style update	2014-08-20 13:32:32 +02:00
Miroslav Stampar	5a05271097	Minor fix	2014-08-19 22:34:07 +02:00
Miroslav Stampar	b0465a6a76	Adding a revision scheme for nongit checkouts	2014-08-19 22:32:16 +02:00
Miroslav Stampar	cd92de1702	Adding colorful banner	2014-08-19 22:19:22 +02:00
Miroslav Stampar	7d578d395f	Minor update for Apache on Windows	2014-08-16 16:01:18 +02:00
Miroslav Stampar	a8b4b96cd9	Extending list for brute forcing doc root	2014-08-16 15:16:03 +02:00
Miroslav Stampar	0809a61fc3	Bug fix (whole page output as a result of partial union runs)	2014-08-13 15:18:11 +02:00
Miroslav Stampar	0a74ae736f	Probable fix for an Issue #788	2014-08-13 14:01:57 +02:00
Miroslav Stampar	658110e644	Minor fix	2014-08-11 12:46:37 +02:00
hydhyd	e7ffe92d8c	Update settings.py ... Modified BRUTE_DOC_PREFIXES to include "/srv/www" used by default in OpenSUSE.	2014-08-06 12:59:18 +04:00
Miroslav Stampar	8599005115	Implementation for an Issue #771	2014-08-01 14:19:32 +02:00
Miroslav Stampar	208d51e0e9	Revert of last trigger happy commit	2014-08-01 13:57:43 +02:00
Miroslav Stampar	d300f99b0b	Removing a redundant code (similar check is being done upper in code)	2014-08-01 13:57:07 +02:00
Miroslav Stampar	8bc6154f06	Removing a redundant code (similar check is being done upper in code)	2014-08-01 13:53:22 +02:00
Miroslav Stampar	20d75cc52e	Patch for an Issue #767	2014-07-29 13:32:26 +02:00
Miroslav Stampar	9fff88d6e4	Minor update	2014-07-19 23:23:55 +02:00
Miroslav Stampar	3cfa63646b	Minor bug fix	2014-07-19 23:17:23 +02:00
Miroslav Stampar	79a66ef22c	Minor patch	2014-07-06 09:09:44 +02:00
Miroslav Stampar	e6d0d5a1c7	Implementation for an Issue #674	2014-07-02 22:27:51 +02:00
Miroslav Stampar	1eecabaea8	Patch for an Issue #746	2014-07-02 10:11:31 +02:00
Bernardo Damele	018748f52e	increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections	2014-07-01 00:34:09 +01:00
Conny Brunnkvist	f0e23c9441	Use the selected random User-Agent	2014-07-01 00:27:14 +07:00
Miroslav Stampar	5b5a765f96	Patch for an Issue #734	2014-06-23 12:24:08 +02:00
Miroslav Stampar	a47072eced	Patch for an Issue #732	2014-06-22 00:09:08 +02:00
Miroslav Stampar	5e9334ab79	Implementation for an Issue #715	2014-06-08 23:55:15 +02:00
Miroslav Stampar	54be398e83	Patch for an Issue #711	2014-06-04 16:35:07 +02:00
Miroslav Stampar	27ebc02535	Minor fix (user reported problem via email)	2014-05-29 09:33:14 +02:00
Miroslav Stampar	0f10cdfa4c	Minor update	2014-05-29 09:24:09 +02:00
Miroslav Stampar	680ab10ca6	Patch for an Issue #703	2014-05-27 21:41:07 +02:00
Miroslav Stampar	24954776a5	Patch for an Issue #697	2014-05-20 22:00:26 +02:00
Miroslav Stampar	babe49f086	Minor update (added new warning message)	2014-05-20 17:14:40 +02:00
Miroslav Stampar	4e8b41b869	Patch for an Issue #688	2014-05-13 00:50:36 +02:00
Miroslav Stampar	3a2916724c	Minor style update	2014-05-11 17:12:15 +02:00
Miroslav Stampar	a72d73804e	Revert of 9255174890 (bug was introduced with it)	2014-05-10 01:31:44 +02:00
Miroslav Stampar	8f0807d7f9	Another fix related to the last commit	2014-05-09 22:55:16 +02:00
Miroslav Stampar	5eae002084	Minor fix	2014-05-09 22:45:43 +02:00
Miroslav Stampar	9255174890	Minor fix	2014-05-09 22:39:56 +02:00
Miroslav Stampar	bc4369be06	Fix for an Issue #687	2014-05-07 09:16:17 +02:00
Miroslav Stampar	2a55f75f86	Using a more generic XML recognition regex	2014-04-30 21:25:45 +02:00
Miroslav Stampar	2e96e3c924	Adding a hidden switch --ignore-401	2014-04-29 23:26:45 +02:00
Miroslav Stampar	eb8e31c23f	Adding a failsafe output directory	2014-04-27 22:40:41 +02:00
Miroslav Stampar	b54651b5a2	Minor patch (while saving configuration file)	2014-04-25 09:32:57 +02:00
Miroslav Stampar	ae8b1fe89c	Implementation for an Issue #678	2014-04-25 09:17:10 +02:00
Miroslav Stampar	ef5ce7e66c	Fix for an Issue #670	2014-04-12 17:22:47 +02:00
Miroslav Stampar	fd884ec67b	Adding another comment	2014-04-12 17:22:47 +02:00
Miroslav Stampar	b5cca742e4	Adding a comment	2014-04-12 17:22:47 +02:00
Miroslav Stampar	7f371c499d	Commit related to the last one	2014-04-10 21:29:59 +02:00
Miroslav Stampar	096ce7881e	Minor beauty patch	2014-04-10 21:18:24 +02:00
Miroslav Stampar	0d1690de61	Minor fix	2014-04-10 21:18:24 +02:00
Miroslav Stampar	1e8349eeaa	Minor fix	2014-04-10 21:18:24 +02:00
Miroslav Stampar	bcf754fb17	Consistency patch (to be the same as in help listing)	2014-04-07 20:10:21 +02:00
Miroslav Stampar	75f447ccf8	Renaming lib/core/purge to lib/utils/purge	2014-04-07 20:04:07 +02:00
Miroslav Stampar	9c7fbd1a90	Minor refactoring	2014-04-06 18:19:54 +02:00
Miroslav Stampar	bf18b025d6	Minor removal of redundant code	2014-04-06 18:09:54 +02:00
Miroslav Stampar	e931344617	More elegant implementation for --random-agent	2014-04-06 18:05:43 +02:00
Miroslav Stampar	1c92d8d51f	More generic implementation for --proxy-file (accepting public lists format)	2014-04-06 17:23:13 +02:00
Miroslav Stampar	bbf08a825e	Minor language fix	2014-04-06 17:12:43 +02:00
Miroslav Stampar	053b0fd0e9	Renaming conf.oDir to conf.outputDir	2014-04-06 16:54:46 +02:00
Miroslav Stampar	7cc4159316	Renaming conf.cDel to conf.cookieDel	2014-04-06 16:50:58 +02:00
Miroslav Stampar	0ae8ac707e	Renaming conf.pDel to conf.paramDel	2014-04-06 16:48:46 +02:00
Miroslav Stampar	1b3a98b8ef	Trivial update (for consistency sake)	2014-04-06 13:42:15 +02:00
Miroslav Stampar	15f92c4197	Bug fix (port was not being used properly with Burp exported history)	2014-04-03 09:46:37 +02:00
Miroslav Stampar	1632bec10b	Another fix related to the last commit	2014-04-03 09:05:12 +02:00
Miroslav Stampar	3e024ac8e6	Minor update (consistency patch)	2014-03-30 16:51:31 +02:00
Miroslav Stampar	76b9fad24a	Fix for an Issue #656	2014-03-30 16:21:18 +02:00
Miroslav Stampar	3710a7051b	Fix for an Issue #653	2014-03-25 21:26:22 +01:00
Miroslav Stampar	930c3e3c5a	Minor update (added check for --limit and --risk)	2014-03-25 09:28:12 +01:00
Miroslav Stampar	f6e1d9e026	Fix for an Issue #650	2014-03-24 10:46:23 +01:00
Miroslav Stampar	106102bd3c	Fix for an Issue #648	2014-03-21 20:28:29 +01:00
Miroslav Stampar	39ab3b9149	Minor fix for meta refresh	2014-03-20 13:13:47 +01:00
Miroslav Stampar	d7f0da5599	Minor patch for an Issue #646	2014-03-20 13:08:28 +01:00
Miroslav Stampar	97fe5e52c2	Fix for an Issue #644	2014-03-18 16:41:05 +01:00
Miroslav Stampar	97f603af4a	Fix for an Issue #641	2014-03-17 20:20:25 +01:00
Miroslav Stampar	0622cdf3d8	Bug fix (credentials used in combination with request file)	2014-03-15 09:29:21 +01:00
Miroslav Stampar	3b47418a1d	Fix for an Issue #640	2014-03-14 22:20:20 +01:00
Miroslav Stampar	56d76e6bfd	Updating list of extensions to exclude from crawling	2014-03-14 21:34:16 +01:00
Miroslav Stampar	17742df0fa	Update for an Issue #636 (to prevent eventual future reports with lack of stack trace)	2014-03-11 21:18:31 +01:00
Miroslav Stampar	490d51258e	Raising number of minimum time responses (15 is statistically too low)	2014-03-03 20:49:58 +01:00
Miroslav Stampar	291a0d772a	Update for an Issue #615	2014-02-27 14:23:14 +01:00
Miroslav Stampar	6369a38ebc	Adding support for JSON-like data with single quote	2014-02-26 08:56:17 +01:00
Miroslav Stampar	465f968be6	Minor cosmetic update	2014-02-26 08:41:23 +01:00
Miroslav Stampar	d05bfdd7dd	Implementing option '--where' (Issue #605)	2014-02-11 16:20:45 +01:00
Miroslav Stampar	8521265526	Minor fix	2014-02-07 14:40:43 +01:00
Miroslav Stampar	534c2ee0e6	Minor update	2014-02-01 22:12:00 +01:00
Miroslav Stampar	f97fcb7bb3	Adding a switch --invalid-string	2014-01-23 21:56:06 +01:00
Miroslav Stampar	f88f6dcd7e	Changing --invalid-bignum from float producing to int producing	2014-01-23 09:07:25 +01:00
Bernardo Damele	bc29bf6481	removed comments	2014-01-13 23:57:49 +00:00
Bernardo Damele	3c79d66569	fixed stderr	2014-01-13 17:34:38 +00:00
Bernardo Damele	43a4e85749	updated copyright	2014-01-13 17:24:49 +00:00
Bernardo Damele	dfa9076a70	fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d)	2014-01-13 17:12:37 +00:00
Miroslav Stampar	6863436d4e	Implementation for an Issue #596	2014-01-13 10:05:56 +01:00
Bernardo Damele	d9e00adfae	minor fix	2014-01-10 17:23:16 +00:00
Miroslav Stampar	192a911b76	Patch for an Issue #28	2013-12-29 16:16:50 +01:00
Miroslav Stampar	41d6c1af82	Patch for an Issue #589	2013-12-28 13:47:40 +01:00
Miroslav Stampar	6c80f2903b	Patch for an Issue #564	2013-12-27 11:02:59 +01:00
Miroslav Stampar	cadbddd607	Adding a boundary proposed in Issue #564	2013-12-27 10:46:18 +01:00
Miroslav Stampar	7718edac9b	Fix for an Issue #570	2013-12-27 09:40:33 +01:00
Miroslav Stampar	02de2aee6d	Patch for an Issue #582	2013-12-26 22:27:04 +01:00
Miroslav Stampar	2c2667b2be	Minor patch for an Issue #575	2013-12-18 00:56:24 +01:00
Miroslav Stampar	f18abb1e9c	Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets)	2013-12-17 09:30:51 +01:00
Miroslav Stampar	5b2ded0b18	Fix for an Issue #577	2013-12-13 21:00:26 +01:00
Miroslav Stampar	437278e32d	Fix for an Issue #580	2013-12-13 19:48:05 +01:00
Miroslav Stampar	bf3fbb0ae0	Ignore Google analytics cookies	2013-12-04 09:56:37 +01:00
Miroslav Stampar	dd2ddec79a	Minor fix (better extraction of original value in case of replacement and custom POST injection mark)	2013-12-03 13:37:04 +01:00
Miroslav Stampar	7054586e8a	Update for an Issue #565 (more work TBD - DuckDuckGo has some kind of IP blocking mechanism)	2013-11-25 20:57:07 +01:00
Miroslav Stampar	cda27ec20b	Patch for an Issue #563	2013-11-24 15:01:51 +01:00
Bernardo Damele	c37ad88283	minor bug fix	2013-11-13 14:34:19 +00:00
Miroslav Stampar	3c67ba08c5	Minor fix	2013-11-12 14:53:05 +01:00
Miroslav Stampar	d84ddf23bd	Replacing os.sep constructs with os.path.join	2013-11-12 14:08:41 +01:00
Miroslav Stampar	2f1607b4d5	Minor fix for dumping non-alphanumeric database names	2013-11-12 13:13:47 +01:00
Miroslav Stampar	0a4512e9ae	Implementation for an Issue #557	2013-11-08 09:23:38 +01:00
Miroslav Stampar	48bd2e75e9	Minor patch	2013-10-28 13:59:38 +01:00
Miroslav Stampar	7ed05f01b3	Minor update	2013-10-27 00:24:57 +02:00
Miroslav Stampar	fabbe63f00	Proper fix for re.sub() call with repl value containing backslash	2013-10-23 18:07:38 +02:00
Miroslav Stampar	28529a92a7	Minor fix (for parameters with \ in value)	2013-10-23 10:49:50 +02:00
Miroslav Stampar	9f21406a4b	Using cPickle in BigArray (faster and potentially less memory used)	2013-10-21 20:48:00 +02:00
Miroslav Stampar	e197720def	Fix for an Issue #546	2013-10-19 20:54:52 +02:00
Miroslav Stampar	777d999e71	Minor update	2013-10-18 15:39:46 +02:00
Miroslav Stampar	6ff2b931ff	Another patch for an Issue #545	2013-10-17 23:42:51 +02:00
Miroslav Stampar	334c698d53	Adding change verbosity level in testing phase when Ctrl+C pressed	2013-10-17 16:54:53 +02:00
Miroslav Stampar	304c9822bd	Patch for an Issue #545	2013-10-17 16:38:07 +02:00
Miroslav Stampar	5b8d631dc0	Minor update	2013-10-16 11:48:00 +02:00
Miroslav Stampar	04dbee3bec	Update for a more generic JSON recognition regex	2013-10-16 11:39:04 +02:00
Miroslav Stampar	b8d49c2ea2	Minor usability patch	2013-10-12 20:41:25 +02:00
Miroslav Stampar	98d27ef200	Bug fix (missing permissions when creating dump directory)	2013-10-11 21:17:12 +02:00
Miroslav Stampar	dd87233fe4	Minor patch (to accept * inside urls in request files too)	2013-10-10 15:04:48 +02:00
Miroslav Stampar	a944028114	Revert of last commit	2013-10-02 22:14:50 +02:00
Miroslav Stampar	9ceb518a50	Minor patch	2013-10-02 22:03:53 +02:00
Miroslav Stampar	45c88b36c6	Fix for an Issue #532	2013-09-30 09:33:39 +02:00
Miroslav Stampar	2fbd7e8929	Minor fix	2013-09-24 21:56:40 +02:00
Miroslav Stampar	df9b1d72de	Minor update	2013-09-24 21:44:59 +02:00
Miroslav Stampar	f11e15a180	Minor update	2013-09-11 23:22:10 +02:00
Miroslav Stampar	a3defc175d	Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself)	2013-09-11 23:17:18 +02:00
Miroslav Stampar	4cf49bc0cc	Minor fix for an Issue #517	2013-09-05 09:22:11 +02:00
Miroslav Stampar	b17bb07301	Minor regex update	2013-09-04 19:28:59 +02:00
Miroslav Stampar	bf57f636a3	Fix for an Issue #517	2013-09-04 19:22:24 +02:00
Miroslav Stampar	9e975210ac	Implementation for an Issue #515	2013-08-30 10:22:43 +02:00
Miroslav Stampar	e0bfb0503c	Minor language update	2013-08-30 09:55:57 +02:00
Miroslav Stampar	28eca2116f	Fix for an Issue #513	2013-08-27 13:55:38 +02:00
Miroslav Stampar	7cb3ea20dd	Minor patch for a problem noticed yesterday too (in some cases if Ctrl-C is pressed sent is most probably a None value)	2013-08-23 11:59:58 +02:00
Miroslav Stampar	bc19f40d09	Minor update	2013-08-22 10:44:21 +02:00
Miroslav Stampar	23f2c5f166	Finishing implementation for an Issue #58	2013-08-20 19:35:49 +02:00
Miroslav Stampar	6cc0cf3702	Minor comment update	2013-08-20 18:36:31 +02:00
Miroslav Stampar	1f2c8fbf59	Fix for an Issue #500	2013-08-13 20:40:36 +02:00
Miroslav Stampar	52a71546d0	Implementation for an Issue #507	2013-08-13 18:55:23 +02:00
bladeswords	6d756317c3	Remove debugging which prevents sqlmap from running smoothly	2013-08-13 13:58:45 +10:00
Miroslav Stampar	b2855e0281	Minor patch	2013-08-12 14:25:51 +02:00
Miroslav Stampar	a711c9ed36	Minor cleanup and initial work for #58	2013-08-09 14:13:48 +02:00
Miroslav Stampar	1088011bf0	Adding new binary file formats for excluding in crawling	2013-08-02 23:07:13 +02:00
Miroslav Stampar	953b5815d8	Implementation for an Issue #496	2013-07-31 21:15:03 +02:00
Miroslav Stampar	6b826ef64d	Reintroducing option --cookie-del	2013-07-31 20:41:19 +02:00
Miroslav Stampar	eaacbe0b12	Minor language fix	2013-07-31 09:24:34 +02:00
Miroslav Stampar	4f58e0af0c	Minor fix	2013-07-31 08:45:04 +02:00
Miroslav Stampar	a585aa4bff	Adding support for ~	2013-07-29 20:42:29 +02:00
Miroslav Stampar	de31688c4f	Update for an Issue #481	2013-07-29 18:25:27 +02:00
stamparm	dbb0d7f700	Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used)	2013-07-19 13:24:35 +02:00
stamparm	28cd50b2f1	Patch for an Issue #490	2013-07-16 14:08:32 +02:00
stamparm	ac2d40e259	Revert of last commit (there is a chance that that big integer value is really valid :)	2013-07-15 13:34:38 +02:00
stamparm	a097ee1505	Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant)	2013-07-15 13:31:56 +02:00
stamparm	dc1623a40f	Fix for a bug reported over ML (error: unbalanced parenthesis)	2013-07-11 10:20:58 +02:00
stamparm	01159575b2	Fix for an Issue #488	2013-07-11 10:11:43 +02:00
stamparm	aad102378a	Fix for an Issue #487	2013-07-09 11:00:43 +02:00
stamparm	be5ce760b6	Fix for an Issue #485 (failing back to single-thread mode if over some bisection length)	2013-07-09 10:24:48 +02:00
stamparm	8d3435ab0b	Removing reflective warning for parsing heuristic test	2013-07-08 11:48:33 +02:00
stamparm	db536427f0	Adding a question for storing hashes to a temporary file (after a mention of it on Twitter)	2013-07-04 15:34:00 +02:00
stamparm	f97b35dcc1	Patch for an Issue #475	2013-07-01 13:43:38 +02:00
stamparm	017ce22a2f	Minor consistency patch (Issue #475)	2013-07-01 13:01:53 +02:00
stamparm	5ff09aff63	Some more adjustments (Issue #475)	2013-07-01 12:50:12 +02:00
stamparm	04046f38eb	Minor update (Issue #475)	2013-07-01 12:26:57 +02:00
stamparm	f7d15cb465	Official naming is HSQLDB (and/or HyperSQL)	2013-07-01 11:57:47 +02:00
Miroslav Stampar	aeb83ba651	Merge pull request #475 from Meatballs1/hsql_clean ... HSQL Payloads and Query Support	2013-07-01 02:38:04 -07:00
Meatballs	4595b2c287	decodeHexValue	2013-06-24 23:45:39 +01:00
Meatballs	09e1dc814d	Fix concat	2013-06-24 23:20:34 +01:00
Meatballs	ed40a76c9d	Fix dummy table	2013-06-24 23:18:47 +01:00
Meatballs	9212b05eeb	Add call to execute statements	2013-06-24 15:01:44 +01:00
Meatballs	62000c6406	Remaining files	2013-06-24 14:42:58 +01:00
Meatballs	7b6cc3d183	Add hsql settings	2013-06-24 14:38:44 +01:00
Meatballs	20a5d9a16e	Include HSQL dummy table	2013-06-24 14:37:42 +01:00
Miroslav Stampar	0355e29b7c	Minor fix (NoneType has no attribute split)	2013-06-24 14:49:53 +02:00
Miroslav Stampar	fca6772df6	Implementation for an Issue #468	2013-06-22 00:13:46 +02:00
stamparm	a53823f9b7	Minor refactoring	2013-06-19 10:59:26 +02:00
stamparm	9a6f5a95f5	Minor patch for SQLAlchemy/MSSQL	2013-06-18 09:36:09 +02:00
Miroslav Stampar	63d0e9bb12	Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881)	2013-06-13 21:50:35 +02:00
Miroslav Stampar	cdb434805a	Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases	2013-06-10 22:14:45 +02:00
Miroslav Stampar	3583f45ee7	Fix for an Issue #461	2013-06-10 11:44:56 +02:00
Miroslav Stampar	c1592e8508	Code refactoring (moving import ctypes to be used only when needed)	2013-06-04 22:23:44 +02:00
Miroslav Stampar	213d0ecfb9	Minor fix	2013-06-03 23:32:57 +02:00
Miroslav Stampar	351c70b390	Locale module screws string.letters, etc. in some cases (e.g. IDLE run)	2013-06-01 14:06:58 +02:00
Miroslav Stampar	b7989f93c5	Trivial update regarding last commit	2013-05-30 12:04:56 +02:00
Miroslav Stampar	ed8f16e754	Minor update on user's request	2013-05-30 12:01:13 +02:00
Miroslav Stampar	12870e6ff3	Minor fix	2013-05-30 11:42:27 +02:00
Miroslav Stampar	793a8ad349	Minor fix	2013-05-30 11:38:24 +02:00
stamparm	c3038fcb65	Minor cosmetic update	2013-05-29 15:46:59 +02:00
stamparm	dfd6ee20bb	Patch for an Issue #454	2013-05-29 15:26:11 +02:00
stamparm	60df3e9d1e	Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access)	2013-05-29 15:04:14 +02:00
stamparm	e28b056028	Dummy fix	2013-05-29 14:26:00 +02:00
Miroslav Stampar	f3f752d85c	Patch for an Issue #452	2013-05-25 18:52:59 +02:00
Miroslav Stampar	a85a0e53de	Fix for an Issue 'ValueError: Invalid IPv6 URL'	2013-05-25 18:00:21 +02:00
Miroslav Stampar	e7ddc2fcab	Minor fix	2013-05-23 12:57:33 +04:00
Miroslav Stampar	eb8e12b7c2	Minor adjustment (for headers like 'name:http://asdas')	2013-05-23 11:29:43 +04:00
stamparm	1b3f1a4016	More appropriate naming (also, preventing ambiguities with --smart)	2013-05-22 23:21:43 +04:00
Miroslav Stampar	1a4ea186ca	Consistency fix	2013-05-19 23:00:40 +02:00
Miroslav Stampar	ea5c742595	Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled)	2013-05-18 21:30:21 +02:00
Miroslav Stampar	b2b3b3b5a6	Minor bug fix (level names not properly used in non-logger output)	2013-05-18 16:44:21 +02:00
Miroslav Stampar	dcea745576	Minor update (not displaying safe enclosings in table dumps)	2013-05-18 16:13:34 +02:00
stamparm	76b4e1ccb9	Implementation for an Issue #450	2013-05-17 15:04:25 +02:00
stamparm	cb9ea67c8d	Code refactoring (moving progress.py to lib/utils)	2013-05-13 14:48:39 +02:00
stamparm	936815128d	Minor fix	2013-05-13 13:42:43 +02:00
Miroslav Stampar	034e123b0c	Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent)	2013-05-12 16:24:13 +02:00
Miroslav Stampar	6676eaf88f	Minor fix	2013-05-12 14:02:50 +02:00
Miroslav Stampar	f8cef1fc6f	Minor fix for a test case 211	2013-05-09 21:20:17 +02:00
stamparm	3873805dab	Partial implementation for an Issue #189 (error-based; still partial union left)	2013-05-09 16:23:57 +02:00
stamparm	9fe5a8832f	Update for an Issue #189 (code refactoring of ProgressBar so it could be ready for usage in non-inference cases out of box)	2013-05-09 15:52:18 +02:00
stamparm	fc57b7565d	Implementation for an Issue #432	2013-05-09 14:26:29 +02:00
stamparm	ebe8ee3500	Fix for crawler and redirection case	2013-04-30 18:08:26 +02:00
stamparm	d2a5548889	Some more reordering	2013-04-30 14:32:11 +02:00
stamparm	16866119b8	Another minor update	2013-04-30 14:11:56 +02:00
stamparm	08fbfda5d2	Minor update	2013-04-30 14:06:04 +02:00
stamparm	69e3a2cb9e	Minor update	2013-04-30 14:06:04 +02:00
stamparm	03c4eb8338	Minor update	2013-04-30 14:06:04 +02:00
stamparm	46557198a5	Minor update of doc root names	2013-04-29 11:29:59 +02:00
stamparm	63d7707346	Adding support for appending to the existing table dump if --start/--stop is used	2013-04-24 16:08:40 +02:00
stamparm	8d382f00e8	Minor style update	2013-04-22 11:38:47 +02:00
Miroslav Stampar	a475116853	Minor check	2013-04-21 21:42:23 +02:00
stamparm	0d92145fc6	Minor bug fix	2013-04-19 15:40:25 +02:00
stamparm	0cb3ce5765	Bug fix (maybe it will have repercusions in future as this was a silent bug)	2013-04-19 10:10:06 +02:00
stamparm	b7d4afcc63	Moving '--pivot-column' to a General section (Issue #437)	2013-04-18 17:12:32 +02:00
stamparm	9d045e14e8	Implementation for an Issue #437	2013-04-18 17:06:45 +02:00
stamparm	2defc30dc6	From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML)	2013-04-17 11:12:15 +02:00
stamparm	feed2274c3	Patch for an Issue #435	2013-04-17 10:48:17 +02:00
stamparm	c73489aff3	Adding a couple of new option validation checks	2013-04-16 14:31:10 +02:00
stamparm	7204ec5616	Adding a basic validation check (-d with --url)	2013-04-16 14:23:27 +02:00
stamparm	1c47b33020	Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple)	2013-04-15 15:23:45 +02:00
stamparm	aed738d6e6	Update for an Issue #361	2013-04-15 14:20:21 +02:00
stamparm	a9a0d1a3f9	Minor update	2013-04-15 11:56:19 +02:00
stamparm	10fbeaed7b	Code refactoring	2013-04-15 11:49:11 +02:00
stamparm	349f885f08	Minor patch	2013-04-15 11:41:53 +02:00
stamparm	3e65037a05	Introducing lib/utils/sqlalchemy.py (Issue #361)	2013-04-15 10:33:25 +02:00
Miroslav Stampar	b6fee638ef	Neutralizing time of cookie expiration (in case of --load-cookies)	2013-04-14 01:13:08 +02:00
stamparm	7edd7ee2aa	Trivial code change	2013-04-12 16:25:24 +02:00
Miroslav Stampar	0b449bb1d9	Fix for an Issue #433	2013-04-10 19:33:31 +02:00
stamparm	f67148a9a4	Update for an Issue #431	2013-04-10 16:43:57 +02:00
stamparm	8c9da95343	Style and consistency update (url -> URL)	2013-04-09 11:48:42 +02:00
stamparm	3948b527dd	Update for an Issue #429	2013-04-09 11:36:33 +02:00
stamparm	cce541cc33	Patch for an Issue #429	2013-04-09 10:39:20 +02:00
Miroslav Stampar	7614c815ed	Minor update/patch	2013-04-07 21:32:03 +02:00
Miroslav Stampar	50ac3aab7a	Minor patch	2013-04-06 01:56:24 +02:00
stamparm	a75d3ed0b8	Minor style update	2013-04-06 01:56:23 +02:00
Miroslav Stampar	f387333415	Minor cosmetics	2013-04-02 17:34:56 +02:00
Miroslav Stampar	4b5335a323	Moving --force-ssl from [Request] to [General] options	2013-04-02 17:18:21 +02:00
Miroslav Stampar	76a0d20799	Minor patch	2013-04-01 22:18:41 +02:00
Miroslav Stampar	b67f342975	Minor patch	2013-04-01 17:32:16 +02:00
stamparm	a371f182ac	Minor patch (previous combination is not working well with oriental characters - 0 length normalized unicode string is being returned)	2013-03-28 15:37:14 +01:00
stamparm	e1ffdde532	Little cleaning a mess with url encoding and post hint types	2013-03-27 13:39:27 +01:00
stamparm	0882fe0ce3	Minor update related to the last two	2013-03-26 16:04:56 +01:00
stamparm	eb1bfc20cb	Update related to the last commit	2013-03-26 15:36:44 +01:00
stamparm	2fe6aea0eb	Minor fix	2013-03-26 15:07:14 +01:00
stamparm	825aa4b8dd	Minor language update	2013-03-26 14:27:51 +01:00
stamparm	473a39b820	Minor language fix	2013-03-26 14:11:17 +01:00
stamparm	ad039c335d	Implementation for an Issue #423	2013-03-21 11:28:44 +01:00
stamparm	7447773237	Update for consistency (all other enums are using _ in between words)	2013-03-20 11:10:24 +01:00
Miroslav Stampar	8acf033715	Code refactoring	2013-03-19 19:24:14 +01:00
stamparm	6969874c02	Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values)	2013-03-19 10:52:37 +01:00
stamparm	10e6c70c22	Trivial style update (undoing last dummy commit)	2013-03-19 10:43:29 +01:00
stamparm	70265fd3b5	Trivial style update	2013-03-19 10:43:03 +01:00
stamparm	5adac57ca9	Trivial style update	2013-03-19 10:42:50 +01:00
Miroslav Stampar	5df1f5528e	More general update for an Issue #421	2013-03-15 22:49:09 +01:00
Miroslav Stampar	f0a419bdec	Patch for an Issue #421	2013-03-15 22:08:15 +01:00
Miroslav Stampar	4cb378ce3e	Another update for an Issue #352 and couple of fixes	2013-03-13 21:57:09 +01:00
Miroslav Stampar	b35122a42c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-03-13 19:52:17 +01:00
Miroslav Stampar	eb08c8d752	Another update for an Issue #352	2013-03-13 19:42:22 +01:00
Bernardo Damele	dea62189b2	fixes #420	2013-03-12 22:16:42 +00:00
Miroslav Stampar	2f43c3eb9b	Minor fix (digest live test case) and some refactoring	2013-03-12 21:16:44 +01:00
Miroslav Stampar	65306f1ac1	Update for an Issue #352	2013-03-12 20:10:32 +01:00
Miroslav Stampar	db0a1e58b9	Update for an Issue #352	2013-03-11 14:58:05 +01:00
Miroslav Stampar	d6fc10092f	Minor refactoring	2013-03-11 13:31:50 +01:00
Miroslav Stampar	1e731f87a4	Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request)	2013-03-09 19:33:04 +01:00
Miroslav Stampar	8e6692d793	Minor fix (for JSON values with :)	2013-03-05 20:12:24 +01:00
Miroslav Stampar	9e49d8c68f	Adding support for SHA2 hash functions	2013-03-05 11:04:46 +01:00
Miroslav Stampar	2ada9e9b84	Patch for an Issue Issue #416	2013-03-04 18:05:40 +01:00
Miroslav Stampar	084cfc797a	Fix for an Issue #415	2013-03-02 09:55:12 +01:00
stamparm	55f33da85a	Fix for invalid logical test cases	2013-03-01 12:04:49 +01:00
Miroslav Stampar	0e89cc62a2	Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections	2013-02-28 20:20:08 +01:00
stamparm	9ef79df23d	Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched)	2013-02-28 13:51:08 +01:00
stamparm	be50192d8d	Refactoring WAF scripts	2013-02-26 15:54:50 +01:00
stamparm	e5835dc74f	Update for WAF scripts	2013-02-26 15:30:11 +01:00
stamparm	17fa0f568c	Minor patch for an Issue #404	2013-02-26 12:55:09 +01:00
stamparm	ecbcd4afe6	Minor update	2013-02-26 12:55:09 +01:00
stamparm	e5e39bc682	Fix for an Issue #410	2013-02-25 11:07:30 +01:00
stamparm	6fbd902265	Minor refactoring (Issue #411)	2013-02-25 10:44:04 +01:00
stamparm	7127869ede	Minor bug fix (live test specific verbosity should be valid only inside of it)	2013-02-22 17:26:48 +01:00
stamparm	ad471368f5	Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a	2013-02-22 11:42:09 +01:00
stamparm	42cbd94fa4	Better update regarding 6acb2480b8	2013-02-22 10:49:45 +01:00
stamparm	44a46d2b10	Fix for an Issue #409	2013-02-22 10:18:22 +01:00
Miroslav Stampar	6acb2480b8	Adding WAF script for SecureIIS	2013-02-21 21:34:26 +01:00
stamparm	08f0670aca	Minor refactoring for an Issue #290	2013-02-21 14:39:22 +01:00
stamparm	8e49872d7c	Finalizing implementation for an Issue #290	2013-02-21 14:33:12 +01:00
stamparm	6b2981ef4e	Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)	2013-02-21 11:14:57 +01:00
Miroslav Stampar	7f293afe74	Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b)	2013-02-18 15:18:53 +01:00
Miroslav Stampar	9b5f33560b	Oracle is too specific (only column names can be enclosed) - removing it	2013-02-15 17:36:58 +01:00
Miroslav Stampar	bf82506c1b	Oracle can't enclose table names with double quotations	2013-02-15 17:36:58 +01:00
Miroslav Stampar	1b3d749488	Proper fix related to the last commit/revert	2013-02-15 17:36:58 +01:00
Miroslav Stampar	5a793cbc7c	Minor revert	2013-02-15 17:36:58 +01:00
Miroslav Stampar	799bd51c2e	Minor fix when two readInput/dataToStdout are called one at a time	2013-02-15 17:36:58 +01:00
Miroslav Stampar	97c06854a4	Minor fixes	2013-02-15 17:36:58 +01:00
Miroslav Stampar	014e4e0055	Minor represenation fix	2013-02-15 14:48:24 +01:00
Miroslav Stampar	345d10a9e0	Consistency fix (everywhere else we show unsafe format of identificator names)	2013-02-15 14:05:14 +01:00
Bernardo Damele	b472d9809a	another consistency fix to readInput()	2013-02-15 09:35:09 +00:00
Bernardo Damele	c3f1e196e1	added missing parameter	2013-02-15 00:43:46 +00:00
Bernardo Damele	4727589135	code consistency	2013-02-15 00:17:13 +00:00
Miroslav Stampar	515be4ee0b	Minor just in case commit related to the last one	2013-02-14 19:58:10 +01:00
Miroslav Stampar	fef60b73f4	Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases	2013-02-14 19:53:26 +01:00
Bernardo Damele	d91530f885	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-14 17:16:55 +00:00
Bernardo Damele	52264f544e	minor fix for Windows file paths, do not strip the windows drive letter	2013-02-14 17:16:49 +00:00
Miroslav Stampar	fdf00e4842	Fix for an Issue #397	2013-02-14 17:14:36 +01:00
Miroslav Stampar	368a2fd297	Fix for an Issue #393	2013-02-14 16:18:16 +01:00
Miroslav Stampar	f97f575018	Trivial restyling	2013-02-14 15:41:27 +01:00
Miroslav Stampar	605c5b089e	Minor style update	2013-02-14 15:38:44 +01:00
Miroslav Stampar	06d8547916	Implementation for an Issue #394	2013-02-14 15:38:44 +01:00
Miroslav Stampar	7944684ff2	This was supposed to be a separate commit (going to commit it in next one)	2013-02-14 15:38:44 +01:00
Miroslav Stampar	6c0054bc5f	Putting that ugly parameter xyz is not inside the Cookie into the debug messages	2013-02-14 15:38:44 +01:00
Bernardo Damele	646df37884	minor bug fix for --reg-read	2013-02-14 13:17:30 +00:00
Miroslav Stampar	c72353321d	Minor update for an Issue #392	2013-02-14 13:36:33 +01:00
Bernardo Damele	4b9d8ed673	reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter	2013-02-14 11:32:17 +00:00
Bernardo Damele	a67ef4117f	make sure to use Python 2 interpreter when default system Python is version 3	2013-02-14 11:25:04 +00:00
Miroslav Stampar	6629233de5	Minor update	2013-02-14 10:18:40 +01:00
Miroslav Stampar	0a4605644e	Minor fix for previous commit	2013-02-13 16:31:03 +01:00
Miroslav Stampar	2b121c938b	Minor fix	2013-02-13 16:24:21 +01:00
Miroslav Stampar	c6d29e093e	Fixing issue with newlines after the data in -r mode	2013-02-13 12:36:01 +01:00
Miroslav Stampar	965fa04a33	Trivial update	2013-02-13 12:28:51 +01:00
Miroslav Stampar	d78a3e977b	Update (allowing regular char * to be inside SOAP/JSON/XML)	2013-02-13 12:24:42 +01:00
Miroslav Stampar	6314d64a70	Renaming --binary to --binary-fields	2013-02-13 11:27:03 +01:00
Miroslav Stampar	7c802ed8cc	Minor fix	2013-02-13 11:14:45 +01:00
Miroslav Stampar	dc41484b3f	Refactoring of funcionality for finding out if stacking is available	2013-02-13 09:57:16 +01:00
Miroslav Stampar	8b4f72322a	Adding (for now hidden) option --binary (works like -C but deliberately retrieves data in hex format and displays in hex format)	2013-02-13 09:56:44 +01:00
Miroslav Stampar	c34f6e25b2	Minor fix for --eval (urldecoded values should be used inside evaluation)	2013-02-12 17:01:47 +01:00
Miroslav Stampar	212e92ea01	Minor update regarding --load-cookies (warning about expired ones)	2013-02-12 14:29:56 +01:00
Miroslav Stampar	c67b39d14d	Update for a last update	2013-02-12 12:58:15 +01:00
Miroslav Stampar	72984a578d	Update for --load-cookies	2013-02-12 12:42:12 +01:00
Miroslav Stampar	c2672e78fc	Support for multiple injection marks inside the same header value (Issue #48)	2013-02-12 12:06:13 +01:00
Miroslav Stampar	c75560ba69	Minor bug fix (getting ? in < 0xf char cases)	2013-02-11 21:16:35 +01:00
Miroslav Stampar	c0e59d94a9	Better naming	2013-02-08 16:28:58 +01:00
Miroslav Stampar	cdfe43560b	Update for an Issue #207 (and a potential patch for regression tests)	2013-02-08 16:20:48 +01:00
Bernardo Damele	d015bf98fc	renamed variable to avoid confusion	2013-02-07 14:19:07 +00:00
Bernardo Damele	07fe6d44fb	unnecessary condition here	2013-02-07 14:18:52 +00:00
Bernardo Damele	b477c56b52	first steps to allow multiple scans on the same taskid - issue #297	2013-02-07 00:05:26 +00:00
Bernardo Damele	5c8335876f	minor bug fix to make --disable-coloring work on log messages too	2013-02-06 21:04:54 +00:00
Bernardo Damele	477c66ac4b	minor refactoring and trivial bug fix	2013-02-06 17:45:25 +00:00
Bernardo Damele	f7d826fee1	first case where partial output is retrievable via RESTful API - issue #297	2013-02-05 14:43:03 +00:00
Miroslav Stampar	e836629215	Bug fixes for search (safeStringFormat should not replace all if given scalar values)	2013-02-05 11:37:49 +01:00
Bernardo Damele	9d04ae5db5	minor improvement to temporary folder name	2013-02-05 09:11:38 +00:00
Miroslav Stampar	6cab3d4759	Minor update	2013-02-04 16:46:08 +01:00
Miroslav Stampar	f4b8a3c1d8	Bug fix for boolean (multithreaded Ctrl+C) resumed values	2013-02-04 15:49:29 +01:00
Miroslav Stampar	5e4e863986	Bug fix (introduced with f1ab887c55)	2013-02-04 15:31:28 +01:00
Miroslav Stampar	235153ab39	Removal of unused imports	2013-02-04 15:29:13 +01:00
Miroslav Stampar	7e1ff1bb8e	Same refactoring as the last commit	2013-02-04 15:26:44 +01:00
Bernardo Damele	9370f96a67	step by step getting there to partial output presentation to restful API (issue #297), not quite yet though..	2013-02-03 22:09:33 +00:00
Bernardo Damele	df3cc38cd9	minor improvements	2013-02-03 15:39:07 +00:00
Bernardo Damele	bd1ea13b8d	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-03 11:31:12 +00:00
Bernardo Damele	f8bc74758c	improvement to restful API to store to IPC database partial entries, not yet functional (issue #297)	2013-02-03 11:31:05 +00:00
Miroslav Stampar	e7b93b5b66	Implementation for an Issue #363	2013-02-01 17:24:04 +01:00
Miroslav Stampar	6d942f92b5	Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))	2013-02-01 10:03:06 +01:00
Miroslav Stampar	8d51b4b63a	Minor bug fix	2013-01-31 16:24:44 +01:00
Miroslav Stampar	d6606a8f31	Patch to prevent problems like Issue #381	2013-01-31 13:58:39 +01:00
Miroslav Stampar	cfcf8a3abb	Another update for an Issue #380 (--common-... switches)	2013-01-31 13:49:19 +01:00
Miroslav Stampar	2420a4b626	Update for an Issue #342 and #372	2013-01-31 10:01:52 +01:00
Miroslav Stampar	9b4eaa9272	Minor fix	2013-01-30 18:21:15 +01:00
Miroslav Stampar	fdea8ddea6	Starting to clean up a mess in Oracle's world of DISTINCT (part of Issue #342 and #372)	2013-01-30 16:55:09 +01:00
Bernardo Damele	103045d284	variable renamed	2013-01-30 15:30:34 +00:00
Miroslav Stampar	f33bf06c88	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-30 11:38:20 +01:00
Bernardo Damele	6dfe91165d	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-30 10:34:51 +00:00
Bernardo Damele	8519717f25	minor fixes to --live-test	2013-01-30 10:32:56 +00:00
Miroslav Stampar	f391937083	Minor refactoring	2013-01-30 10:43:46 +01:00
Miroslav Stampar	d6fb0e8545	Update for an Issue #352	2013-01-30 10:38:11 +01:00
Miroslav Stampar	bd08ede117	Minor fine tuning	2013-01-29 21:06:02 +01:00
Miroslav Stampar	f41460f8d8	Better naming	2013-01-29 20:53:11 +01:00
Bernardo Damele	e8bd3c9c9f	cosmetics	2013-01-29 17:00:28 +00:00
Bernardo Damele	8f36f92dd3	minor fix	2013-01-29 16:23:30 +00:00
Bernardo Damele	c47b44e93f	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-29 15:38:16 +00:00
Bernardo Damele	9677e0f910	more data content types for API (issue #297)	2013-01-29 15:36:19 +00:00
Bernardo Damele	92ae8145df	ignore any non-relevant string: avoid storing to the API, careful this can introduce bugs but it is necessary at this stage of development (issue #297)	2013-01-29 15:35:51 +00:00
Bernardo Damele	bfce7210e6	improvements to the dump library to output to the API data fetched properly formatted (issue #297)	2013-01-29 15:34:20 +00:00
Bernardo Damele	eeecb3fe2c	split init() into two separate functions for API purposes (issue #297)	2013-01-29 15:33:16 +00:00
Miroslav Stampar	f4b7b3fd35	Minor cosmetics	2013-01-29 16:04:20 +01:00
Miroslav Stampar	9eca41bae2	Minor fix	2013-01-29 15:55:50 +01:00
Miroslav Stampar	a104de01d7	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-29 15:35:01 +01:00
Miroslav Stampar	7e73825ece	Minor cosmetics	2013-01-29 15:34:41 +01:00
Bernardo Damele	085495024f	minor adjustment	2013-01-29 01:44:57 +00:00
Bernardo Damele	f1ab887c55	major enhancement, code refactoring for issue #297	2013-01-29 01:39:27 +00:00
Bernardo Damele	cd4075f6a3	no raise, just pass at ctrl-c	2013-01-26 15:33:09 +00:00
Bernardo Damele	a0b9e0f1c5	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-25 17:11:38 +00:00
Bernardo Damele	195d17449e	first test of stdout/stderr redirect to a database when sqlmap is executed from restful API (#297)	2013-01-25 17:11:31 +00:00
Miroslav Stampar	c06f94e2c8	Fix for an Issue #378	2013-01-25 16:38:41 +01:00
Miroslav Stampar	8c84a16cb7	Minor style update for an Issue #377	2013-01-25 12:52:31 +01:00
Miroslav Stampar	194a9e7b88	Implementation for an Issue #377	2013-01-25 12:34:57 +01:00
Bernardo Damele	5b3c8d8991	first implementation of asynchronous inter-protocol communication between the sqlmap RESTful API and the sqlmap engine with SQLite	2013-01-24 12:57:24 +00:00
Miroslav Stampar	232f8d3585	Fix for an Issue #368	2013-01-23 13:36:17 +01:00
Bernardo Damele	5635776173	proper SQLite 2 library	2013-01-22 18:56:25 +00:00
Miroslav Stampar	719c7f622b	Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions)	2013-01-22 15:51:06 +01:00
Miroslav Stampar	2ec828f1cb	Fix for an Issue #367	2013-01-22 14:27:17 +01:00
Miroslav Stampar	09c02c6c72	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-22 14:08:31 +01:00
Miroslav Stampar	15b0ab1b44	Fix for a 'no parameter found' problem when user says N on 'custom injection mark found in POST...'	2013-01-22 14:08:19 +01:00
Bernardo Damele	061aef57ba	missing import	2013-01-22 11:25:01 +00:00
Bernardo Damele	e558040810	minor fix to previous commit	2013-01-21 17:10:56 +00:00
Bernardo Damele	d43b04c582	better detection if vulnerable of not for regression test	2013-01-21 17:09:35 +00:00
Miroslav Stampar	b35a0810ef	Fix for an Issue #364	2013-01-21 17:01:52 +01:00
Miroslav Stampar	1e3f68c7ff	Rewriting some query crafting parts (especially those .find(' FROM '))	2013-01-21 16:15:38 +01:00
Miroslav Stampar	832d95984c	IFNULL-like mechanism now works on SQLite 2 too	2013-01-21 15:04:27 +01:00
Miroslav Stampar	c55a002f95	Language fix	2013-01-21 13:19:08 +01:00
Miroslav Stampar	80255433b0	Trivial style update	2013-01-21 13:18:34 +01:00
Miroslav Stampar	0e86175342	Adding new common function for further refactoring	2013-01-21 11:50:47 +01:00
Miroslav Stampar	3200134b3b	Fix for a regression test #30 test case fail (Firebird inline)	2013-01-21 10:12:54 +01:00
Bernardo Damele	3373e30808	minor fix for a bug introduced with commit 1ad9e26a21	2013-01-20 02:40:40 +00:00
Bernardo Damele	115be9d7b5	minor fixes	2013-01-20 01:26:46 +00:00
Miroslav Stampar	0a4f5d2e51	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-19 19:08:18 +01:00
Miroslav Stampar	e9641e30db	This last commit was in haste :)	2013-01-19 19:07:38 +01:00
Miroslav Stampar	6a87dd9225	Minor update (just for consistency with the rest of code)	2013-01-19 19:07:06 +01:00
Miroslav Stampar	979e108c87	Minor update (just for consistency with the rest of code)	2013-01-19 19:06:51 +01:00
Bernardo Damele	f89b25fdb6	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-19 18:04:38 +00:00
Bernardo Damele	adf97e630f	add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL	2013-01-19 18:04:33 +00:00
Miroslav Stampar	9ce2395405	Minor refactoring	2013-01-19 18:40:44 +01:00
Miroslav Stampar	3f4c010370	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-19 18:28:52 +01:00
Miroslav Stampar	efe26ac3f8	In case that content-length header was not in a desired case ('Content-length') POST request file would fail badly (repeating original content-length header value)	2013-01-19 18:28:37 +01:00
Bernardo Damele	6a62292a3f	layout adjustment	2013-01-19 17:11:16 +00:00
Miroslav Stampar	bb6b89fe93	Patch for an Issue #360	2013-01-19 18:06:36 +01:00
Bernardo Damele	dcf2dcd03d	all we need to debug failed test cases while regression test run..	2013-01-19 17:04:57 +00:00
Bernardo Damele	f22fd396ef	write the test case name before it is run so if the test case crashes badly, we can trace back what test case it was at a later stage	2013-01-19 16:41:19 +00:00
Bernardo Damele	1923ef691e	just in case, add also the test case name inside the temp folder for debug purposes	2013-01-19 16:06:46 +00:00
Bernardo Damele	0e78fbef56	correctly format SQLi payload for inline query technique	2013-01-19 00:28:03 +00:00
Bernardo Damele	6be7eee8d6	more fixes	2013-01-18 23:35:16 +00:00
Bernardo Damele	56eaa073ce	fixed test cases for Firebird - #312	2013-01-18 23:32:39 +00:00
Bernardo Damele	1f4c6a8371	avoid blank line if password hashes have not been fetched	2013-01-18 22:10:36 +00:00
Bernardo Damele	1ad9e26a21	bug fix for ORDER BY users provided statements (issue #354)	2013-01-18 21:40:50 +00:00
Miroslav Stampar	ac7709204a	Better fix for that page/headers/comparison --string candidate problem	2013-01-18 17:00:11 +01:00
Miroslav Stampar	8141d17985	Revert of previous commit (more care has to be done regarding headers dynamicity)	2013-01-18 16:49:35 +01:00
Miroslav Stampar	33094a118c	Fix for an Issue where '--string' is being automatically picked not looking properly in headers too	2013-01-18 16:35:09 +01:00
Miroslav Stampar	601eb1e49a	Unescaping is renamed to escaping	2013-01-18 15:40:37 +01:00
Bernardo Damele	a43202f3c0	updated copyright	2013-01-18 14:07:51 +00:00
Bernardo Damele	1bb061f68c	improvements to --live-test	2013-01-18 13:02:35 +00:00
Bernardo Damele	738ccb643d	minor output adjustment	2013-01-18 11:41:09 +00:00
Miroslav Stampar	33ea811c6c	Removing some unused stuff (mainly imports)	2013-01-18 11:50:02 +01:00
Miroslav Stampar	aa467cb54c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-18 11:31:25 +01:00
Miroslav Stampar	17d36684b5	Removing obsolete proxy handling code (Python < 2.6)	2013-01-18 11:30:52 +01:00
Miroslav Stampar	4d5bae7131	Removing some obsolete functions	2013-01-18 11:18:56 +01:00
Miroslav Stampar	bcc907ce09	Minor update	2013-01-18 11:00:21 +01:00
Miroslav Stampar	d1008b45b5	Minor removal of unused function	2013-01-18 10:46:06 +01:00
Miroslav Stampar	caae773b2d	Minor removal of redundant code	2013-01-18 10:44:57 +01:00
Bernardo Damele	d66f7e22b1	more fixes to test cases	2013-01-18 09:32:05 +00:00
Miroslav Stampar	e941e60b20	Minor just in place update for an Issue #348	2013-01-17 22:44:55 +01:00
Bernardo Damele	1d6e642d41	fixed url	2013-01-17 21:29:00 +00:00
Miroslav Stampar	507f185b69	Revert of patch for an Issue #347	2013-01-17 18:38:37 +01:00
Miroslav Stampar	f7eda07d92	Patch for an Issue #347	2013-01-17 15:30:14 +01:00
Miroslav Stampar	a38b3e397c	Patch for an Issue #286	2013-01-17 14:17:39 +01:00
Miroslav Stampar	65273295e3	Implementing a check for an Issue #25	2013-01-17 13:56:04 +01:00
Miroslav Stampar	9428d1819e	Fix for an Issue #346	2013-01-17 12:03:02 +01:00
Miroslav Stampar	3ab4a5e36d	Fix for an Issue #345	2013-01-17 11:50:12 +01:00
Miroslav Stampar	51a77d1fe2	Minor update for an Issue #8	2013-01-17 11:37:45 +01:00
Miroslav Stampar	14b7e655a9	Minor refactoring	2013-01-16 16:33:04 +01:00
Miroslav Stampar	053b7d12b4	Minor language update	2013-01-16 16:07:12 +01:00
Miroslav Stampar	fb7243c237	Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs	2013-01-16 16:04:00 +01:00
Miroslav Stampar	c0a6e1c3a7	Finishing first usable prototype for an Issue #8	2013-01-16 14:54:37 +01:00
Miroslav Stampar	ff5ec48abd	Minor update for an Issue #8	2013-01-16 14:16:22 +01:00
Bernardo Damele	3464a70ac2	bug fix: without this generic concatenation of strings in concatQuery(), detection of UNION query SQLi only (--technique U) when the page did not disclose any DBMS error message and it was not MySQL (for which there are UNION SQLi specific payloads) was not detected	2013-01-16 01:53:33 +00:00
Bernardo Damele	542f6de72e	typo fix	2013-01-16 01:31:03 +00:00
Bernardo Damele	2a751e075d	more work on #342	2013-01-15 17:14:44 +00:00
Bernardo Damele	ec076f5f8a	write console output to temporary folder in any case the test case fails, even if no traceback is raised	2013-01-15 15:51:03 +00:00
Miroslav Stampar	7a1d484115	Implementation for an Issue #340	2013-01-15 16:05:33 +01:00
Bernardo Damele	c51358953a	add more Oracle system dbs	2013-01-15 14:51:29 +00:00
Bernardo Damele	3e2c3851f3	Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312)	2013-01-14 13:42:50 +00:00
Bernardo Damele	515c1c6205	removed leftover	2013-01-14 10:26:22 +00:00
Bernardo Damele	83000de9e1	improved handling and storing of exceptions with --live-test (#312)	2013-01-14 10:23:40 +00:00
Bernardo Damele	8125fe90a7	code refactoring	2013-01-14 10:22:38 +00:00
Bernardo Damele	036b612bcb	bug fix to be able to write unicode chars to debug file	2013-01-14 01:11:42 +00:00
Miroslav Stampar	fc560f2b75	Minor revert and proper fix	2013-01-14 00:47:29 +01:00
Bernardo Damele	b74cfbf336	minor enhancements for debug purposes (issue #312)	2013-01-13 23:15:56 +00:00
Bernardo Damele	fdd6075859	temporary patch to fix UNION query enumeration	2013-01-13 23:08:23 +00:00
Miroslav Stampar	92ea8841f8	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-13 16:23:09 +01:00
Miroslav Stampar	03dd958d96	Implementation for an Issue #48	2013-01-13 16:22:43 +01:00
Bernardo Damele	675e4a026b	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-11 13:31:49 +00:00
Bernardo Damele	41834e7a5b	working on #8 - still not usable though	2013-01-11 13:31:44 +00:00
Miroslav Stampar	bc4d8d3e02	Implementation for an Issue #332	2013-01-11 11:17:41 +01:00
Miroslav Stampar	5571d09354	Minor revert	2013-01-11 11:13:55 +01:00
Miroslav Stampar	ec4e49d771	Minor refactoring	2013-01-10 16:09:28 +01:00
Miroslav Stampar	1363f26367	Minor refactoring	2013-01-10 15:59:02 +01:00
Miroslav Stampar	834be1eddc	Restyling redundant 'except Exception' form	2013-01-10 15:54:28 +01:00
Miroslav Stampar	acfeeb4f51	Restyling old form of urlparse	2013-01-10 15:41:07 +01:00
Miroslav Stampar	8686c20fa5	Removing one obsolete instantiation line	2013-01-10 15:27:35 +01:00
Miroslav Stampar	934d41dac2	Minor style update (PEP8)	2013-01-10 15:02:28 +01:00
Miroslav Stampar	ca3d35a878	Some PEP8 related style cleaning	2013-01-10 13:18:44 +01:00
Miroslav Stampar	6cfa9cb0b3	Removing unused imports	2013-01-10 12:15:12 +01:00
Miroslav Stampar	05705857a9	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-10 12:09:48 +01:00
Miroslav Stampar	ca1c0c2a1d	Minor style update	2013-01-10 11:54:07 +01:00
Bernardo Damele	ca337159f5	added reminder TODO	2013-01-10 01:11:22 +00:00
Bernardo Damele	10f1099944	remove logging handler that shows logging messages to stdout - issue #297	2013-01-10 00:51:56 +00:00
Bernardo Damele	ccc3c3d1a3	minor fix to distinguish stdout from stderr	2013-01-10 00:51:05 +00:00
Bernardo Damele	2126a5ba12	minor index fix	2013-01-10 00:00:00 +00:00
Bernardo Damele	794700eb37	preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297	2013-01-09 22:08:50 +00:00
Bernardo Damele	d120dc18d1	cleanup	2013-01-09 22:06:27 +00:00
Bernardo Damele	58a60562ac	avoid exiting with a traceback for missing dependency, handle properly at some point	2013-01-09 16:05:55 +00:00
Bernardo Damele	7f4ce4afbb	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-09 16:04:29 +00:00
Bernardo Damele	510ceb6e19	first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28	2013-01-09 16:04:23 +00:00
Miroslav Stampar	bf5544903b	Minor style update	2013-01-09 16:10:26 +01:00
Miroslav Stampar	9bdcb1176d	Update for an Issue #169	2013-01-09 15:58:13 +01:00
Miroslav Stampar	25f01a419f	Minor style update (for the sake of consistency over the code and our PEP8 adaptation)	2013-01-09 15:38:41 +01:00
Miroslav Stampar	bdd2592848	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-09 15:22:30 +01:00
Miroslav Stampar	3d4f381ab5	Patch for an Issue #169	2013-01-09 15:22:21 +01:00
Bernardo Damele	c44a829b9b	pass a pickled options object to sqlmap engine when called from API	2013-01-09 12:34:45 +00:00
Bernardo Damele	8457cff278	added variable to store the live test traceback if any	2013-01-09 12:33:18 +00:00
Bernardo Damele	f11747732e	added missing command line options	2013-01-09 12:30:13 +00:00
Miroslav Stampar	55a552ddc4	Update for an Issue #24	2013-01-08 10:55:25 +01:00
Miroslav Stampar	ad85c4c964	Minor refactoring for an Issue #295	2013-01-08 10:23:02 +01:00
Bernardo Damele	1e35b3c8c9	proper link	2013-01-07 16:59:59 +00:00
Miroslav Stampar	74552bea87	Cleaning some garbage (hard coded paths with linux native slashes)	2013-01-07 16:51:00 +01:00
Bernardo Damele	7fa75792dd	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-07 11:10:08 +00:00
Bernardo Damele	a30d7014b9	removed unused var	2013-01-07 11:05:33 +00:00
Miroslav Stampar	5b77b20e2e	Removing trailing whitespaces (PEP8)	2013-01-03 23:57:07 +01:00
Miroslav Stampar	82b468211d	Minor update	2013-01-03 23:38:29 +01:00
Miroslav Stampar	f340ce8b4b	Minor style update	2013-01-03 23:35:29 +01:00
Miroslav Stampar	1712603dce	Replacing deprecated has_key() with operator in (PEP8)	2013-01-03 23:28:07 +01:00
Miroslav Stampar	e4a3c015e5	Replacing old and deprecated raise Exception style (PEP8)	2013-01-03 23:20:55 +01:00
Miroslav Stampar	304e52cb4d	Minor language update	2013-01-02 22:11:59 +01:00
Miroslav Stampar	09f1cdd8e1	Minor style update	2013-01-02 21:52:50 +01:00
Miroslav Stampar	0795760255	Minor fix	2012-12-30 11:22:23 +01:00
Miroslav Stampar	648d91d790	Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)	2012-12-27 22:43:39 +01:00
Miroslav Stampar	3d01890147	Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode)	2012-12-27 21:15:44 +01:00
Miroslav Stampar	6ae4590edc	Removing problematic per-MySQL LIMIT prefix	2012-12-26 19:48:01 +01:00
Miroslav Stampar	77625e5af7	Minor revert	2012-12-21 19:31:05 +01:00
Miroslav Stampar	00e55828e4	Minor style update	2012-12-21 15:06:03 +01:00
Miroslav Stampar	8b3e17ed4d	Minor update (better approach for those old NOT IN cases in MsSQL - instead of standard pivot dump table)	2012-12-21 14:52:47 +01:00
Miroslav Stampar	35728fa443	Fix (and some hidden bug fixes/improvements) regarding an Issue #317	2012-12-21 10:51:35 +01:00
Miroslav Stampar	b94a5d42d4	Removing a leftover	2012-12-21 09:49:09 +01:00
Miroslav Stampar	0a122ccce4	Related to an Issue #319	2012-12-21 09:47:58 +01:00
Miroslav Stampar	1073ebc697	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-20 20:51:41 +01:00
Bernardo Damele	912323c12d	minor bug fix (#297)	2012-12-20 17:05:44 +00:00
Bernardo Damele	7adaffa71b	fixed options initiation	2012-12-20 16:53:43 +00:00
Miroslav Stampar	8efe056671	Minor refactoring	2012-12-20 15:51:03 +01:00
Bernardo Damele	e9ab33e9dd	standalone REST API, code cleanup (#297)	2012-12-20 14:35:02 +00:00
Miroslav Stampar	63d9b7a1f8	No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset)	2012-12-20 12:23:37 +01:00
Miroslav Stampar	c2c4601d6e	Minor restyling	2012-12-20 11:06:52 +01:00
Bernardo Damele	076b4063e6	these edits got overwritten from last commits	2012-12-20 09:42:44 +00:00
Miroslav Stampar	3cbe60b586	Proper fix	2012-12-20 10:37:20 +01:00
Miroslav Stampar	0d1ea7f05a	Merge branch 'master' of github.com:sqlmapproject/sqlmap ... Conflicts: lib/core/testing.py	2012-12-20 10:37:11 +01:00
Miroslav Stampar	da93e77eb2	Proper fix	2012-12-20 10:34:51 +01:00
Bernardo Damele	ac77724970	attempt to handle standard input from --live-test	2012-12-20 09:30:48 +00:00
Bernardo Damele	2b6ee06de0	minor bug fix to correctly parse unicode chars	2012-12-20 09:30:13 +00:00
Miroslav Stampar	69310e47ce	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-20 09:54:39 +01:00
Miroslav Stampar	06d8213ffd	minor fix (reading of unicode xml files)	2012-12-20 09:53:08 +01:00
Bernardo Damele	86872956d5	minor bug fix (for PostgreSQL)	2012-12-19 22:55:31 +00:00
Bernardo Damele	77843f44fb	minor bug fix (issue #314)	2012-12-19 22:49:02 +00:00
Bernardo Damele	357da43cea	slight improvement of live test engine and added misc test cases to xml	2012-12-19 17:28:41 +00:00
Bernardo Damele	85fcd27e2d	added support for random global variables	2012-12-19 15:58:06 +00:00
Bernardo Damele	12d34587cc	minor restyling	2012-12-19 14:34:34 +00:00
Bernardo Damele	326ff404fc	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 14:25:35 +00:00
Bernardo Damele	12eed58485	pointless restyling	2012-12-19 14:25:29 +00:00
Miroslav Stampar	37346fe8a3	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 15:23:57 +01:00
Miroslav Stampar	7ee98c7bff	Just for one girl out there waiting for this patch ;)	2012-12-19 15:23:38 +01:00
Bernardo Damele	3be90c97aa	forgot these	2012-12-19 14:12:45 +00:00
Bernardo Damele	cefb03c835	fixed bug related to issue #223	2012-12-19 14:12:09 +00:00
Bernardo Damele	27a12ae85b	restyling	2012-12-19 13:47:17 +00:00
Bernardo Damele	4b3b4eb374	commented out partial work	2012-12-19 13:47:04 +00:00
Bernardo Damele	3655d1f12a	revert change of name for now	2012-12-19 13:45:52 +00:00
Bernardo Damele	874e2176c6	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 13:43:00 +00:00
Bernardo Damele	4f0f729982	be more specific in standard output message as to whether or not the read file is same as remote file	2012-12-19 13:42:56 +00:00
Miroslav Stampar	23153e8088	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 14:29:08 +01:00
Miroslav Stampar	244901eda0	During --flush-session log file should be cleaned too (especially because of --live-tests)	2012-12-19 14:28:54 +01:00
Bernardo Damele	282aeb734f	ORDER BY does not play well with UNION query SQLi (related to issue #313)	2012-12-19 13:21:16 +00:00
Bernardo Damele	128597ee7e	--run-case is now case insensitive	2012-12-19 12:45:46 +00:00
Bernardo Damele	b91c829103	minor bug fix (issue #310)	2012-12-19 12:42:31 +00:00
Bernardo Damele	2bc2c0431c	fixed test cases	2012-12-19 12:33:37 +00:00
Bernardo Damele	9149d77cc8	removed duplicate code - fixes issue #310	2012-12-19 12:17:56 +00:00
Bernardo Damele	f5450e9f0e	layout adjustment	2012-12-19 11:39:38 +00:00
Miroslav Stampar	92e338251a	Finally working inference against MySQL/international letters (even chinese)	2012-12-19 10:44:02 +01:00
Miroslav Stampar	c9b8b51c9c	Update lib/core/common.py ... Revert of last commit and try 2	2012-12-19 01:48:53 +01:00
Bernardo Damele	318fcee49c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 00:30:26 +00:00
Bernardo Damele	3c7007097a	minor refactoring	2012-12-19 00:30:22 +00:00
Miroslav Stampar	50b846b5af	Update lib/core/common.py ... Fixing wrong assumption in case of MySQL inference international character retrieval	2012-12-19 01:26:12 +01:00
Miroslav Stampar	9e2f0131b9	Update lib/core/agent.py	2012-12-18 20:25:00 +01:00
Bernardo Damele	326ed33f31	added support for comma separated list of files for --file-read - fixes issue #223	2012-12-18 17:55:21 +00:00
Bernardo Damele	58656bbeb5	minor bug fix, union query has to be limited 0, 0	2012-12-18 16:36:30 +00:00
Bernardo Damele	61a838bb35	added more test cases	2012-12-18 15:59:48 +00:00
Miroslav Stampar	88d8494b5a	Implementation for an Issue #307	2012-12-18 16:03:35 +01:00
Bernardo Damele	3c1b696bd6	removed more print statements	2012-12-17 13:35:32 +00:00
Bernardo Damele	9f47eb0a59	cleaner	2012-12-17 13:29:37 +00:00
Bernardo Damele	0500712a03	removed unuseful prints	2012-12-17 13:29:19 +00:00
Bernardo Damele	ac44cf3ec0	minor fix: add also back-end DBMS and web app fingerprint output to log file	2012-12-17 13:02:09 +00:00
Bernardo Damele	bbd2adb5fb	improvements to --live-test and added --stop-fail switch	2012-12-17 11:41:43 +00:00
Bernardo Damele	2926c815bf	improved test switch --live-test and minor refactoring	2012-12-17 11:29:33 +00:00
Bernardo Damele	0c3da5c7eb	code refactoring and first time logger is handled by a separate file descriptor (issue #297)	2012-12-15 00:12:22 +00:00
Bernardo Damele	a2a71bb37b	cleanup from XML-RPC related stuff	2012-12-14 13:37:36 +00:00
Bernardo Damele	6e31e87de1	added initial support (hidden from -hh and not yet usable) for REST-JSON API	2012-12-14 02:49:25 +00:00
Miroslav Stampar	df0f08bc6a	Cleaning some (web upload based) garbage	2012-12-13 13:19:47 +01:00
Miroslav Stampar	5150172178	Minor update	2012-12-13 10:03:21 +01:00
Miroslav Stampar	fc4be0a77c	Minor fix	2012-12-12 16:45:29 +01:00
Miroslav Stampar	921000bd87	Another update for an Issue #287	2012-12-12 14:22:24 +01:00
Miroslav Stampar	c3f20a136f	Minor update for an Issue #287	2012-12-12 14:03:03 +01:00
Miroslav Stampar	a6448e8768	Update for an Issue #287	2012-12-12 11:54:59 +01:00
Miroslav Stampar	b9f6fc5f4e	First commit (and working one) for an Issue #287 (XML-RPC server)	2012-12-11 16:02:06 +01:00
Miroslav Stampar	b5884c7eda	Minor language update	2012-12-11 15:24:02 +01:00
Miroslav Stampar	760519dbe9	Removing redundant piece of code	2012-12-11 15:21:27 +01:00
Miroslav Stampar	a54c261496	Minor update for Issues #292 & #293 (only single alert per target)	2012-12-11 14:44:43 +01:00
Miroslav Stampar	5c2451d83c	Implementation for an Issue #293	2012-12-11 12:48:58 +01:00
Miroslav Stampar	562044577b	Implementation for an Issue #292	2012-12-11 12:02:06 +01:00
Miroslav Stampar	6433be8b3d	Style update	2012-12-10 17:20:04 +01:00
Miroslav Stampar	a024884ca7	Support for a HTTP parameter pollution (Issue #267)	2012-12-10 11:55:31 +01:00
Miroslav Stampar	1f7644a691	Minor fix when user doesn't want custom injection char marker to be processed	2012-12-08 21:23:30 +01:00
Miroslav Stampar	0cbdaaecfa	Revert of 99e9412f74 (because of an Issue #289)	2012-12-08 08:53:25 +01:00
Miroslav Stampar	1028afce37	Removal of leftovers	2012-12-06 14:15:44 +01:00
Miroslav Stampar	974407396e	Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)	2012-12-06 14:14:19 +01:00
Miroslav Stampar	baccbd6f48	Implementation for an Issue #283	2012-12-06 11:57:57 +01:00
Miroslav Stampar	ab67344448	Removed unused imports and variables (pyflake-ing)	2012-12-06 11:15:05 +01:00
Miroslav Stampar	b6650add46	Introducing 'new style classes' (idea from Pull request #284)	2012-12-06 10:42:53 +01:00
Miroslav Stampar	0f191f624c	Taking some goodies from Pull request #284	2012-12-06 10:21:53 +01:00
Miroslav Stampar	6b39e661a7	Fix for an issue #279	2012-12-05 12:15:14 +01:00
Miroslav Stampar	775e0df04b	Update for an Issue #278	2012-12-05 10:45:17 +01:00
Miroslav Stampar	6b007ab188	Minor patch for an Issue #274 (just in case to avoid this kind of problems)	2012-12-04 16:14:14 +01:00
Miroslav Stampar	e2aa695655	Minor update	2012-12-03 17:20:18 +01:00
Miroslav Stampar	42a8234c6f	Update for an Issue #12	2012-12-03 14:27:01 +01:00
Miroslav Stampar	79fca8e9d5	Fix for an Issue #268	2012-12-03 12:13:59 +01:00
Miroslav Stampar	8410fc5a9d	Minor update	2012-12-02 08:00:55 +01:00
redshark1802	1675386093	fixed typo that created an invalid configuration file with the option '--save'	2012-11-30 23:00:03 +01:00
Miroslav Stampar	5b61e9ce12	Minor update for an Issue #254	2012-11-30 11:43:50 +01:00
Miroslav Stampar	7e2db762d6	Minor update	2012-11-29 15:45:04 +01:00
Miroslav Stampar	8f10023523	Fix for an Issue #266	2012-11-29 15:44:14 +01:00
Miroslav Stampar	3b961c2550	Update for an Issue #254	2012-11-29 15:36:38 +01:00
Miroslav Stampar	a7e1e856d4	Fix for an Issue #260	2012-11-28 17:00:26 +01:00
Miroslav Stampar	35d1146fd1	Minor update for an (Issue #254)	2012-11-28 12:53:11 +01:00
Miroslav Stampar	753d0f18bf	First CSS style added for a HTML table dump format (Issue #254)	2012-11-28 12:46:43 +01:00
Miroslav Stampar	b6ea337937	First style-less prototype for an HTML dump output (Issue #254)	2012-11-28 12:28:42 +01:00
Miroslav Stampar	e2d8b53e97	Minor update for an Issue #264	2012-11-28 11:45:33 +01:00
Miroslav Stampar	cff0c59630	Implementation for an Issue #264	2012-11-28 11:41:39 +01:00
Miroslav Stampar	5bf5b95588	More refactoring for an Issue #254	2012-11-28 11:16:00 +01:00
Miroslav Stampar	87a92ab330	Deprecating --replicate (Issue #254)	2012-11-28 11:10:57 +01:00
Miroslav Stampar	f08eb0fd9f	Minor style update	2012-11-28 10:59:15 +01:00
Miroslav Stampar	d95dd2d16e	Preparation for an Issue #254	2012-11-28 10:58:18 +01:00
Miroslav Stampar	d490ffb163	Fix for an Issue #259	2012-11-27 11:45:22 +01:00
Miroslav Stampar	bd33128085	Fix for an Issue #262	2012-11-27 10:08:22 +01:00
Miroslav Stampar	38c96a366b	Patch for an Issue #260	2012-11-26 11:16:59 +01:00
Miroslav Stampar	ef2038f1c8	Implementation for an Issue #253	2012-11-21 10:16:13 +01:00
Miroslav Stampar	93e071fc33	Fix for an Issue #251	2012-11-20 11:19:23 +01:00
Miroslav Stampar	302348b0cd	Minor update	2012-11-19 11:59:28 +01:00
Miroslav Stampar	d37be5f97b	Fix for an Issue #248	2012-11-14 15:54:24 +01:00
Miroslav Stampar	9a54a911a8	Patch for an Issue #231	2012-11-14 11:30:29 +01:00
Miroslav Stampar	6f7f9dd8eb	Patch for an Issue #242	2012-11-13 10:41:13 +01:00
Miroslav Stampar	a52dbc575b	Patch for an Issue #246	2012-11-13 10:21:11 +01:00
Miroslav Stampar	f305dde413	Patch for an Issue #235	2012-11-10 11:01:29 +01:00
Miroslav Stampar	181c3534f0	Patch for an Issue #237	2012-11-08 19:16:37 +01:00
Miroslav Stampar	e7e83defaa	Minor update	2012-11-08 11:09:34 +01:00
Miroslav Stampar	1ee0d9ce5e	Fix for an Issue #229	2012-11-05 15:58:54 +01:00
Miroslav Stampar	2de52927f3	Code refactoring (epecially Google search code)	2012-10-30 18:38:10 +01:00
Miroslav Stampar	5cfc066ac4	Minor update	2012-10-30 10:30:22 +01:00
Miroslav Stampar	7c7aff12c6	Update for an Issue #225	2012-10-30 01:26:19 +01:00
Miroslav Stampar	b0f5b4f9bc	Update for an Issue #225	2012-10-30 00:59:31 +01:00
Miroslav Stampar	a9094a35fe	Fix for an Issue #227	2012-10-30 00:20:49 +01:00
Miroslav Stampar	1d07b93730	Bug fix for --os-shell on MySQL (it was not working for a long time because of this)	2012-10-29 15:45:30 +01:00
Miroslav Stampar	5358d85d37	Important refactoring for web-based functionality	2012-10-29 15:09:05 +01:00
Miroslav Stampar	81ccf28785	Minor refactoring	2012-10-29 14:08:48 +01:00
Miroslav Stampar	359e734954	Minor refactoring	2012-10-29 10:48:49 +01:00
Miroslav Stampar	c1eb803ef5	Bug fix for MsSQL --hex --technique=E (NOT IN based queries were not working properly)	2012-10-28 21:16:51 +01:00
Miroslav Stampar	25a5073281	Bug fix for --hex/--technique=B (especially MsSQL)	2012-10-28 12:22:33 +01:00
Miroslav Stampar	8617fe0d65	Bug fix for international letters decoded with --hex on MsSQL	2012-10-28 11:50:16 +01:00
Miroslav Stampar	ca427af8b3	Minor refactoring/improvement	2012-10-28 01:42:08 +02:00
Miroslav Stampar	43ddf39bea	Minor refactoring	2012-10-28 01:16:02 +02:00
Miroslav Stampar	bcdba7b7bb	Dealing with rare cases when getIdentifiedDbms is needed prior to DBMS isfingerprinted and there are multiples of dbmses inside details	2012-10-28 01:11:50 +02:00
Miroslav Stampar	c1b8226329	Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)	2012-10-28 00:36:09 +02:00
Miroslav Stampar	965d7eee17	Minor bug fix for a reflection removal mechanism	2012-10-26 00:06:15 +02:00
Miroslav Stampar	8a5844a364	Implementation for an Issue #222	2012-10-25 13:21:32 +02:00
Miroslav Stampar	12fc9442b9	Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)	2012-10-25 10:10:23 +02:00
Miroslav Stampar	65ec715828	Fix for an Issue #218	2012-10-25 00:03:00 +02:00
Miroslav Stampar	5477c9f7ba	Fix for an Issue #216	2012-10-24 22:59:46 +02:00
Miroslav Stampar	056be32ac1	Fix for Issue #213	2012-10-23 17:06:31 +02:00
Miroslav Stampar	4365c48e83	Minor style update	2012-10-23 14:38:24 +02:00
Miroslav Stampar	06f226c494	Fix for an Issue #211	2012-10-23 14:37:45 +02:00
Miroslav Stampar	b82eb3a1ae	Fix for an Issue #210	2012-10-23 13:58:25 +02:00
Miroslav Stampar	f2bbf1ead9	Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)	2012-10-23 11:05:00 +02:00
Miroslav Stampar	5ff2e33c43	Minor fix	2012-10-23 10:54:26 +02:00
Miroslav Stampar	68d5faa287	Minor update	2012-10-23 10:46:17 +02:00
Miroslav Stampar	f11a640e99	Undo of a previous commit (pdb left inside)	2012-10-22 14:39:35 +02:00
Miroslav Stampar	b913e2123d	Displaying hex-decoded resulting output in --hex mode	2012-10-22 14:39:11 +02:00
Miroslav Stampar	39f565533a	In case on --no-cast DUMP_REPLACEMENTS should not be used	2012-10-22 14:13:30 +02:00
Miroslav Stampar	d65d9e25cd	Implementation for an Issue #2	2012-10-19 11:02:14 +02:00
Miroslav Stampar	64b4586883	Minor update	2012-10-18 11:36:12 +02:00
Miroslav Stampar	ea49fa2db2	Fix for an Issue #206	2012-10-18 11:11:20 +02:00
Miroslav Stampar	1cb2ca4195	Minor update	2012-10-18 10:55:27 +02:00
Miroslav Stampar	2cb1b054bb	Implementation for an Issue #79	2012-10-16 12:32:58 +02:00
Miroslav Stampar	3e64ab214e	Minor update	2012-10-16 10:28:59 +02:00
Miroslav Stampar	8b57e1fce6	Minor update for an Issue #203	2012-10-15 23:15:52 +02:00
Miroslav Stampar	048e720f69	Minor refactoring for an Issue #203	2012-10-15 17:55:57 +02:00
Miroslav Stampar	9aba690a60	Patch for an Issue #203	2012-10-15 16:23:41 +02:00
Miroslav Stampar	e440b096c5	Fix for an Issue #202	2012-10-15 12:24:30 +02:00
Miroslav Stampar	56832fe9c4	Better adjustTimeDelay() candidate algorithm	2012-10-11 14:23:53 +02:00
Miroslav Stampar	e61c4c22c9	Implementation for an Issue #200	2012-10-09 15:19:47 +02:00
Miroslav Stampar	cd9a47835b	Minor consistency update	2012-10-09 14:48:26 +02:00
Miroslav Stampar	8c5fb1b064	Minor update	2012-10-09 14:46:45 +02:00
Miroslav Stampar	ea12ccec77	Minor refactoring	2012-10-09 11:33:19 +02:00
Miroslav Stampar	10b0fd21dc	Fix for an Issue #198	2012-10-09 11:27:19 +02:00
Miroslav Stampar	8e7449ccd5	Minor update	2012-10-07 20:28:24 +02:00
Miroslav Stampar	ebc7088f94	Implementation for an Issue #128	2012-10-05 10:24:09 +02:00
Miroslav Stampar	098e446ca4	Adding support for generic XML POST data	2012-10-04 18:44:12 +02:00
Miroslav Stampar	8865fe69d7	Minor cleanup	2012-10-04 18:26:07 +02:00
Miroslav Stampar	d464678e10	Minor update for an Issue #49	2012-10-04 18:01:42 +02:00
Miroslav Stampar	84b05e2d18	Better treating of numeric values (Issue #49)	2012-10-04 16:08:37 +02:00
Miroslav Stampar	31aa9be1c7	Minor update	2012-10-04 15:40:11 +02:00
Miroslav Stampar	9129dac77b	Minor fix for an Issue #134	2012-10-04 15:33:26 +02:00
Miroslav Stampar	5d2b534908	Minor update (Issue #49)	2012-10-04 15:23:01 +02:00
Miroslav Stampar	5b59b6feb4	Removing junk part	2012-10-04 12:09:09 +02:00
Miroslav Stampar	d570e25b1b	Minor workflow update	2012-10-04 12:05:59 +02:00
Miroslav Stampar	eddc634ceb	Minor improvement (custom injection marks are now processed in order of appearance)	2012-10-04 11:52:40 +02:00
Miroslav Stampar	3764d230be	Minor fix for Issue #197 and Issue #49	2012-10-04 11:43:37 +02:00
Miroslav Stampar	461e5ebc5f	Work for Issue #197 and Issue #49	2012-10-04 11:25:44 +02:00
Miroslav Stampar	bcbf0571a5	Implementation for an Issue #49	2012-10-02 14:23:58 +02:00
Miroslav Stampar	763dc98311	Minor refactoring	2012-10-02 13:36:15 +02:00
Miroslav Stampar	687f3991de	Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.	2012-09-26 11:27:43 +02:00
Miroslav Stampar	6bc5f44b20	Minor just in case update for an Issue #195 (safer behavior on forced charsets)	2012-09-25 15:09:07 +02:00
Miroslav Stampar	efe4c13ed1	Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments)	2012-09-25 14:36:15 +02:00
Miroslav Stampar	fccdb824bb	Patch for an Issue #193	2012-09-25 11:21:39 +02:00
Miroslav Stampar	c9e7e71ea2	Implementation for an Issue #195	2012-09-25 10:17:25 +02:00
Miroslav Stampar	9ca7b3e20e	Implementation for an Issue #194	2012-09-25 09:25:35 +02:00
Miroslav Stampar	d175decdfc	Fix for an Issue #190	2012-09-22 20:59:40 +02:00
Miroslav Stampar	9a1fbb8941	Fix for an Issue #185	2012-09-13 14:22:26 +02:00
Miroslav Stampar	a64438fb5c	Minor language update	2012-09-11 19:45:40 +02:00
Miroslav Stampar	05dced5418	Minor language update	2012-09-11 19:43:03 +02:00
Miroslav Stampar	511c3b8dcc	Update and fix for an Issue #182	2012-09-11 14:58:52 +02:00
Miroslav Stampar	f26ea04e38	Fix for an Issue #175	2012-09-07 17:06:38 +02:00
Miroslav Stampar	e4bc471f81	Fix for an Issue #173	2012-09-07 10:09:19 +02:00
Miroslav Stampar	a3baf94e9b	Minor style update	2012-09-07 10:09:00 +02:00
Miroslav Stampar	cea5127ffd	Update for an Issue #6	2012-09-06 15:51:38 +02:00
Miroslav Stampar	c3d191e626	Minor update for an Issue #2	2012-09-06 14:13:54 +02:00
Miroslav Stampar	1e238b5a5a	Minor update	2012-09-06 13:36:34 +02:00
Miroslav Stampar	f6716cf7c0	Fix for an Issue #170	2012-09-01 23:52:00 +02:00
Miroslav Stampar	2170e64ca5	Minor bug fix	2012-08-31 19:48:45 +02:00
Miroslav Stampar	33980adaef	Another update for an Issue #79	2012-08-31 12:46:38 +02:00
Miroslav Stampar	7286d89cb6	Few fixes for an Issue #79 (problem with case sensitivity of request get_header)	2012-08-31 12:15:09 +02:00
Miroslav Stampar	2806185989	Minor refactoring	2012-08-31 10:43:06 +02:00
Miroslav Stampar	74a5d41272	Minor update for an Issue #79	2012-08-31 10:24:47 +02:00
Miroslav Stampar	a89d61415a	'Patch' for an Issue #167	2012-08-29 21:29:27 +02:00
Miroslav Stampar	9674b174ee	One more minor update related to last commit	2012-08-23 15:37:17 +02:00
Miroslav Stampar	b79247c197	Minor update	2012-08-23 15:22:14 +02:00
Miroslav Stampar	e9ae44c6fc	Implementation for an #162	2012-08-22 16:50:01 +02:00
Miroslav Stampar	a62a874d59	Update for an Issue #161 (changing default readInput value regarding the conf.multipleTargets)	2012-08-22 16:06:09 +02:00
Miroslav Stampar	52351e5d81	Update for an Issue #161 (now detecting format error messages too)	2012-08-22 15:51:47 +02:00
Miroslav Stampar	a6d743ec4c	Minor console output fix (redundant newline has been displayed in case of rawInput)	2012-08-22 14:43:57 +02:00
Miroslav Stampar	8a5042b6a4	Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)	2012-08-22 11:56:30 +02:00
Miroslav Stampar	61151447fe	Implementation of an Issue #161	2012-08-22 11:27:58 +02:00
Miroslav Stampar	2c66ca39f1	Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0)	2012-08-22 09:53:53 +02:00
Miroslav Stampar	ad59abe018	Cleaning leftover	2012-08-21 14:37:09 +02:00
Miroslav Stampar	1b86fffc6d	Fix for an Issue #157	2012-08-21 14:36:04 +02:00
Miroslav Stampar	d421f9a618	Fix for an Issue #157	2012-08-21 14:34:19 +02:00
Miroslav Stampar	1bcf5a6b88	Some more dict refactorings	2012-08-21 11:30:01 +02:00
Miroslav Stampar	01f481c332	Minor refactoring of dictionaries	2012-08-21 11:19:15 +02:00
Miroslav Stampar	b7415d36df	Minor refactoring	2012-08-21 10:28:25 +02:00
Miroslav Stampar	8ee9feafb9	Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries)	2012-08-20 21:57:25 +02:00
Miroslav Stampar	823dde73ab	Minor cleanup	2012-08-20 11:40:49 +02:00
Miroslav Stampar	e0d9fa8666	Minor style update	2012-08-20 11:28:41 +02:00
Miroslav Stampar	59078bb1b8	Fix for an Issue #154	2012-08-20 10:05:13 +02:00
Miroslav Stampar	4649450603	Fix for an Issue #137	2012-08-16 22:20:24 +02:00
Miroslav Stampar	0d8fca30c9	Fix for an Issue #59	2012-08-16 11:31:43 +02:00
Miroslav Stampar	1af81c0de4	Implementation of an Issue #149	2012-08-15 22:31:25 +02:00
Miroslav Stampar	f358ab2e73	Implementation of an Issue #147	2012-08-15 16:37:18 +02:00
Miroslav Stampar	36b55cf209	Proper fix for an Issue #145	2012-08-14 22:28:42 +02:00
Miroslav Stampar	ab35ab4e2a	Fix for an Issue #145	2012-08-14 18:52:45 +02:00
Miroslav Stampar	432b567584	Fix for an Issue #141	2012-08-08 00:03:58 +02:00
Miroslav Stampar	31ceb0cb6c	Fix for an Issue #140	2012-08-07 10:57:29 +02:00
Miroslav Stampar	fec8a5cc9d	Fix for an Issue #139	2012-08-07 00:50:58 +02:00
Miroslav Stampar	f797a6d813	Fix for an Issue #125	2012-07-31 13:06:45 +02:00
Miroslav Stampar	6f529542e3	Making those --string tips (containing escaped characters) decodable by sqlmap	2012-07-31 11:32:53 +02:00
Miroslav Stampar	142fc887f1	Fix for an Issue #129	2012-07-31 11:03:44 +02:00
Miroslav Stampar	bdbe8ff9d9	Fix for an Issue #132	2012-07-30 22:39:45 +02:00
Miroslav Stampar	b9ac50faef	Minor bug fix	2012-07-30 12:09:20 +02:00
Miroslav Stampar	a86f9798b2	Minor refactoring together with a wider support for html entities	2012-07-30 11:21:32 +02:00
Miroslav Stampar	20a66567a3	Minor refactoring	2012-07-30 10:06:14 +02:00
Miroslav Stampar	1669c6bdb4	Another update for an Issue #28	2012-07-27 17:05:21 +02:00
Miroslav Stampar	6ffc5665d0	Update for Issue #28	2012-07-27 16:29:33 +02:00
Bernardo Damele	92c2b3bd4c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-26 23:11:11 +01:00
Bernardo Damele	d492291744	working on issue #12	2012-07-26 23:11:07 +01:00
Miroslav Stampar	efa99c4519	Implementation for an Issue #4	2012-07-26 14:07:05 +02:00
Miroslav Stampar	b3552494c4	Minor preparation for an Issue #48	2012-07-26 12:26:57 +02:00
Miroslav Stampar	3e9f1fe410	Minor style update	2012-07-26 12:13:16 +02:00
Miroslav Stampar	30f8d09651	Implementation for an Issue #70	2012-07-26 12:06:02 +02:00
Miroslav Stampar	231f0f76b5	Fix for an Issue #119	2012-07-26 00:49:51 +02:00
Miroslav Stampar	cba77410a9	Minor style update	2012-07-26 00:08:49 +02:00
Miroslav Stampar	18b1d1efd6	Fix for an Issue #121	2012-07-26 00:02:38 +02:00
Miroslav Stampar	922ea9d1f4	Update for Issue #118	2012-07-24 15:43:29 +02:00
Miroslav Stampar	f8c9868cb6	Implementation for an Issue #118	2012-07-24 15:34:50 +02:00
Miroslav Stampar	42f518b2d6	Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized	2012-07-24 14:44:44 +02:00
Miroslav Stampar	b820975217	Improvement of decodeIntToUnicode()	2012-07-23 19:31:06 +02:00
Miroslav Stampar	ab9cb80602	Implementing Issue #111	2012-07-23 15:14:52 +02:00
Miroslav Stampar	6809449e31	Minor style update	2012-07-23 15:06:49 +02:00
Miroslav Stampar	a7d1a0c250	Implementation for an Issue #117	2012-07-23 14:14:22 +02:00
Miroslav Stampar	1b6cb9442f	Fix for an Issue #114	2012-07-21 23:31:36 +02:00
Miroslav Stampar	95e0d46e3e	Fix for an Issue #110	2012-07-21 09:15:54 +02:00
Miroslav Stampar	dcf8a27f12	Implementation for an Issue #67	2012-07-18 14:24:10 +02:00
Miroslav Stampar	4fc462c4d9	Minor update for an Issue #105	2012-07-18 14:09:04 +02:00
Miroslav Stampar	655dd55a6f	Implementation of an Issue #105	2012-07-18 13:32:34 +02:00
Miroslav Stampar	08244c7ebf	Fix for an Issue #104	2012-07-17 15:05:50 +02:00
Miroslav Stampar	e30646a54f	Fix for an Issue #103	2012-07-17 10:36:22 +02:00
Miroslav Stampar	d6ceb7af5e	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-17 00:19:52 +02:00
Miroslav Stampar	81d15e5051	Fix for an Issue #101	2012-07-17 00:19:33 +02:00
Bernardo Damele	5f876bdbbe	minor adjustments	2012-07-16 22:50:29 +01:00
Miroslav Stampar	c96e44b30c	Fix for an Issue #100	2012-07-16 23:28:01 +02:00
Miroslav Stampar	ffbbb10abb	Support for dotted identificator names	2012-07-16 23:13:21 +02:00
Miroslav Stampar	0eff977c63	Refactoring for Issue #91	2012-07-16 12:24:54 +02:00
Miroslav Stampar	4d759984b2	Implementation for Issue #91	2012-07-16 12:12:52 +02:00
Miroslav Stampar	c1a14257a4	Removing --disable... switches and making changes in default choice(s) for respectable sections	2012-07-16 11:31:51 +02:00
Miroslav Stampar	07a85874fe	Implementation for Issue #92	2012-07-16 11:07:47 +02:00
Miroslav Stampar	87ecf205cb	More work for Issue #66	2012-07-14 17:01:04 +02:00
Miroslav Stampar	38d82771be	Minor style update	2012-07-14 11:23:22 +02:00
Miroslav Stampar	805120ac52	Minor refactoring	2012-07-14 11:01:30 +02:00
Miroslav Stampar	9a7fc24ec2	Minor style update	2012-07-13 15:22:08 +02:00
Miroslav Stampar	32b700f130	Minor style update	2012-07-13 15:02:11 +02:00
Miroslav Stampar	fbb5db00ba	Minor style update	2012-07-13 15:00:39 +02:00
Miroslav Stampar	786686da60	Minor language update	2012-07-13 14:53:42 +02:00
Miroslav Stampar	3c81f74823	Minor style update	2012-07-13 12:22:37 +02:00
Miroslav Stampar	6ade007aec	Minor update of language	2012-07-13 12:13:04 +02:00
Miroslav Stampar	c5ecc8b8db	Closing work on Issue #83	2012-07-13 11:23:21 +02:00
Miroslav Stampar	48f68bd076	First commit for Issue #83	2012-07-13 10:35:22 +02:00
Miroslav Stampar	d834e8debf	Minor update	2012-07-13 10:28:03 +02:00
Miroslav Stampar	b11fd8b9f7	Fix for an Issue #87	2012-07-13 10:11:16 +02:00
Bernardo Damele	162da75a04	modified homepage address	2012-07-12 18:38:03 +01:00
Miroslav Stampar	a49d685eb8	Hidding --beep (Issue #84)	2012-07-12 17:03:24 +02:00
Miroslav Stampar	569c9214bf	Adding support for boldifying important logging messages	2012-07-12 16:30:35 +02:00
Miroslav Stampar	b2fe1c30f8	Minority report	2012-07-12 16:04:01 +02:00
Miroslav Stampar	8e18514e56	Minor refactoring for all that stickyness	2012-07-12 15:58:45 +02:00
Miroslav Stampar	fe61bdce75	Minor update	2012-07-12 15:25:26 +02:00
Miroslav Stampar	dbbca16c69	Minor renaming	2012-07-12 15:24:40 +02:00
Miroslav Stampar	9bc24cea6b	Dealing with kb.currentMessage issue	2012-07-12 15:23:35 +02:00
Miroslav Stampar	b320dc118d	Minor fix (recognizing if it's colorizing handler or not)	2012-07-12 14:55:54 +02:00
Miroslav Stampar	65639cdda6	First update for Issue #75 (error-based dumping)	2012-07-12 14:31:28 +02:00
Miroslav Stampar	3fd5119f3f	Redesigning for Issue #75	2012-07-12 13:42:22 +02:00
Bernardo Damele	3d66e2dfb1	minor bug fix	2012-07-12 10:47:51 +01:00
Bernardo Damele	ee3aeb8dcf	actual implementation of issue #75, still some work to do	2012-07-12 01:16:00 +01:00
Bernardo Damele	a5924739f6	minor code refactoring in preparation of ticket #75	2012-07-12 01:12:30 +01:00
Bernardo Damele	53c0336b48	added --hostname switch to retrieve DBMS server hostname - closes issue #69	2012-07-12 00:01:57 +01:00
Bernardo Damele	4e64c1126d	restored bold on questions to users (calls from readInput()) - issue #77	2012-07-11 22:56:11 +01:00
Bernardo Damele	247f95e051	restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")	2012-07-11 22:48:27 +01:00
Bernardo Damele	2b3ea3e3b7	fixed colouring for PAYLOAD (-v 3) - issue #77	2012-07-11 22:40:52 +01:00
Miroslav Stampar	15ee5310d9	Adding traffic in and out to color_map	2012-07-11 20:42:18 +02:00
Miroslav Stampar	43cac2212b	Fix for a case when ColorizingStreamHandler is not used	2012-07-11 20:36:32 +02:00
Miroslav Stampar	72378d4f61	Some more refactoring	2012-07-11 20:29:48 +02:00
Miroslav Stampar	c6464b44be	Some more refactoring	2012-07-11 20:13:23 +02:00
Miroslav Stampar	d7926b8aac	Minor refactoring	2012-07-11 19:54:21 +02:00
Bernardo Damele	53ccd09ca4	now also readInput() uses colouring	2012-07-11 17:53:32 +01:00
Bernardo Damele	02ec25b4b8	code refactoring	2012-07-11 17:44:23 +01:00
Bernardo Damele	77b275f1a6	conf->kb	2012-07-11 17:32:12 +01:00
Bernardo Damele	1d2c87e24e	leftover	2012-07-11 17:22:01 +01:00
Bernardo Damele	105ac8ea77	deleted unnecessary hg file	2012-07-11 17:06:56 +01:00
Bernardo Damele	fa2f6f9a39	colourize manually crafter "logging" messages	2012-07-11 16:48:30 +01:00
Bernardo Damele	f219b39980	minor fix in case ctypes is not installed on Windows	2012-07-10 13:08:37 +01:00
Miroslav Stampar	8caffac4bc	conf.unescape->kb.unescape	2012-07-10 10:55:04 +02:00
Miroslav Stampar	e7f78bf04f	Fix for an issue where False value was displayed for --is.. switches	2012-07-10 10:31:14 +02:00
Bernardo Damele	ea77e7d9d1	added missing file - issue #77	2012-07-10 03:00:21 +01:00
Bernardo Damele	eb7ffb8f91	setup for implementing logging colouring - issue #77	2012-07-10 02:54:37 +01:00
Bernardo Damele	0a3899858d	missed in previous commit	2012-07-10 01:37:53 +01:00
Bernardo Damele	a27f50ed1d	added conf.unescape global variable to control whether or not the injected statements should be unescaped	2012-07-10 01:37:16 +01:00
Bernardo Damele	f645ac6040	dealing with variables in SQL procs - issue #33	2012-07-10 01:05:03 +01:00
Bernardo Damele	2527554f8e	more work on #33	2012-07-10 00:53:07 +01:00
Bernardo Damele	c4af7b9aa0	initial work for issue #33	2012-07-10 00:27:08 +01:00
Bernardo Damele	d3da3f5c52	refactoring for issue #51	2012-07-10 00:19:32 +01:00
Bernardo Damele	99c5ea54f7	cleanup for #34	2012-07-09 12:39:43 +01:00
Miroslav Stampar	3ff28e58b4	Update regarding Issue #52	2012-07-08 19:24:25 +02:00
Miroslav Stampar	0d539a876d	Minor fix (subversion->github)	2012-07-07 23:49:34 +02:00
Miroslav Stampar	a525dd4336	Fix for Issue #72	2012-07-07 19:02:46 +02:00
Miroslav Stampar	f00a776d8d	Minor fix for BigArray (now accepting negative indexes)	2012-07-07 10:35:29 +02:00
Miroslav Stampar	8c871476ee	Some more refactoring	2012-07-06 17:34:40 +02:00
Miroslav Stampar	6bc0b34031	Some more refactoring	2012-07-06 17:28:01 +02:00
Miroslav Stampar	e948e4d45b	Some more refactoring	2012-07-06 17:18:22 +02:00
Miroslav Stampar	438a636973	Fix for issue Issue #60	2012-07-06 15:36:32 +02:00
Miroslav Stampar	6a05e3fd79	Fix for Issue #61	2012-07-06 14:24:44 +02:00
Miroslav Stampar	1ebff35b19	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-06 12:25:21 +02:00
Miroslav Stampar	982fcde1c0	Fix for Issue #62	2012-07-06 12:24:55 +02:00
Bernardo Damele	4fa6d51d93	improved issues link	2012-07-05 16:26:50 +01:00
Miroslav Stampar	c3c1b9e957	Minor restyling	2012-07-04 20:28:18 +02:00
Miroslav Stampar	23fb753759	Finishing work on Issue #52	2012-07-03 22:13:01 +02:00
Miroslav Stampar	40fc6488bf	Fix for Issue #56 (Google has changed few things for retrieving PR)	2012-07-03 21:00:18 +02:00
Miroslav Stampar	bbf41f6658	Removing debugging leftover	2012-07-03 16:50:05 +02:00
Miroslav Stampar	ada627a022	Another update for Issue #52	2012-07-03 16:49:34 +02:00
Miroslav Stampar	70f754f6c5	Making work on Issue #52	2012-07-03 16:34:11 +02:00
Bernardo Damele	793fa464e3	website url fix	2012-07-03 13:14:39 +01:00
Miroslav Stampar	481b46a004	Restyling output for Issue #52	2012-07-03 13:06:52 +02:00
Miroslav Stampar	3af1532700	Implementation for Issue #54	2012-07-03 12:09:18 +02:00
Miroslav Stampar	5af6ca58a0	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-03 00:50:45 +02:00
Miroslav Stampar	168aeadf76	Adding switch --output-dir (Issue #53)	2012-07-03 00:50:23 +02:00
Bernardo Damele	04d803c7fd	more tweaking for issue #34, it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)	2012-07-02 15:02:00 +01:00
Miroslav Stampar	8eefe4b71f	Getting back revision number - displayed like in GitHub commits (Issue #52)	2012-07-02 13:01:20 +02:00
Bernardo Damele	7b4ecd9df0	added skeleton code for issue #34, still not usable	2012-07-02 00:22:34 +01:00
Bernardo Damele	4736d46677	just in case..	2012-07-02 00:00:46 +01:00
Bernardo Damele	03d2c9c818	placeholder message when --update is provided, remove when the function is updated to pull changes from git	2012-07-01 23:59:44 +01:00
Miroslav Stampar	d7cd55fb28	Fix for Issue #47	2012-07-01 11:05:04 +02:00
Miroslav Stampar	21d9ae0a2c	some more refactoring	2012-07-01 01:19:54 +02:00
Miroslav Stampar	f6509db31a	minor refactoring	2012-07-01 00:33:19 +02:00
Miroslav Stampar	e51d3a02f1	Update for Issue #43 (renamed --disable-cracking to --disable-hash)	2012-06-28 18:53:47 +02:00
Miroslav Stampar	18b596ea75	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-06-28 18:48:18 +02:00
Miroslav Stampar	c8bac658f3	Fix for Issue #43	2012-06-28 18:47:55 +02:00
Miroslav Stampar	2a72fcce2b	Fix for Issue #42	2012-06-28 13:55:30 +02:00
jekil	c39e5a85ba	Removed $id$ tags	2012-06-27 20:56:43 +02:00
Miroslav Stampar	ea5d483c86	session file no more	2012-06-21 11:19:30 +00:00
Miroslav Stampar	ec44e88db8	lots of refactoring regarding removal of already obsolete session file mechanism	2012-06-21 10:09:10 +00:00
Miroslav Stampar	1e67b4f0b9	minor fix	2012-06-20 14:16:26 +00:00
Miroslav Stampar	302d782a0f	minor style update	2012-06-19 08:33:51 +00:00
Miroslav Stampar	452ef202ae	minor fixes	2012-06-17 22:48:23 +00:00
Miroslav Stampar	b9f6943a42	minor update	2012-06-17 21:23:12 +00:00
Miroslav Stampar	06be7bbb18	few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)	2012-06-15 20:41:53 +00:00
Miroslav Stampar	76c873a222	minor fix	2012-06-15 06:22:44 +00:00
Miroslav Stampar	76584ff0fa	unhidding --test-filter	2012-06-14 14:36:53 +00:00
Miroslav Stampar	d2dd47fb23	some more refactoring	2012-06-14 13:52:56 +00:00
Miroslav Stampar	3a90105fbb	minor refactoring	2012-06-14 13:38:53 +00:00
Miroslav Stampar	1204eb00b2	minor fix	2012-06-14 12:46:32 +00:00
Miroslav Stampar	19c0efec59	just a minor refactoring	2012-06-14 09:10:28 +00:00
Miroslav Stampar	a51d8c4c79	replacing identifier safe char " with [] enclosing for MsSQL	2012-06-13 15:27:42 +00:00
Miroslav Stampar	367de838c1	minor update	2012-06-13 14:08:32 +00:00
Miroslav Stampar	d7f698fa14	minor update	2012-06-11 22:01:13 +00:00
Miroslav Stampar	058a9c59a2	fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)	2012-06-05 22:40:55 +00:00
Miroslav Stampar	f94ebe3107	minor fix (credentials were only set for the first target)	2012-06-04 22:30:12 +00:00
Miroslav Stampar	7b282b1d6c	adding support for newer SSL protocols	2012-06-04 19:46:28 +00:00
Miroslav Stampar	10b0639a96	making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE)	2012-06-04 09:24:46 +00:00
Miroslav Stampar	b1d82422a0	changing conf.dnsDomain to conf.dName just because of long text problems in help listing	2012-05-28 14:15:04 +00:00
Miroslav Stampar	76eeba10e2	unhiding --dns-domain switch	2012-05-27 18:41:06 +00:00
Miroslav Stampar	71ff081fde	minor update	2012-05-27 09:11:19 +00:00
Miroslav Stampar	d335ec0c34	turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars	2012-05-26 07:00:26 +00:00
Miroslav Stampar	db526bdbc0	minor update (tainted values are not checked any more in multipleTargets mode)	2012-05-25 09:52:17 +00:00
Miroslav Stampar	c394610740	adding switch --skip-urlencode to skip URL encoding of POST data	2012-05-24 23:30:33 +00:00
Miroslav Stampar	86fdad2bfa	minor update	2012-05-24 22:07:50 +00:00
Miroslav Stampar	eed8d7eb5d	finalizing support for IPv6	2012-05-24 21:55:57 +00:00
Miroslav Stampar	b6d37d766a	minor update regarding IPv6 support	2012-05-24 21:49:20 +00:00
Miroslav Stampar	92286104e3	minor just in case update	2012-05-24 21:39:10 +00:00
Miroslav Stampar	3e9c57d177	minor fix	2012-05-24 21:36:35 +00:00
Miroslav Stampar	be76928293	minor fix	2012-05-24 20:53:01 +00:00
Miroslav Stampar	2538e2d5b4	fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring	2012-05-22 09:33:22 +00:00
Miroslav Stampar	2c057d5b3d	minor style update	2012-05-21 22:40:52 +00:00
Miroslav Stampar	bbfa4b6d5d	minor update	2012-05-14 14:38:16 +00:00
Miroslav Stampar	333f8057a5	minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces	2012-05-14 14:06:43 +00:00
Miroslav Stampar	595f69fa2c	minor language update	2012-05-10 18:30:25 +00:00
Miroslav Stampar	35f400b45b	minor language upgrade	2012-05-10 18:25:12 +00:00
Miroslav Stampar	80aedbe284	adding a warning about --tor switch	2012-05-10 18:17:32 +00:00
Miroslav Stampar	b81fe42d4b	turning off null connection on -o when --tor used (not compatible)	2012-05-10 17:50:54 +00:00
Miroslav Stampar	efdd86ddcc	minor just in case patch	2012-05-10 14:22:34 +00:00
Miroslav Stampar	6367f59b98	minor code refactoring	2012-05-10 14:15:17 +00:00
Miroslav Stampar	1418ae9767	little refactoring of parseUnionPage together with a patch for some special case	2012-05-09 18:47:40 +00:00
Miroslav Stampar	37f2709197	making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)	2012-05-09 09:08:23 +00:00
Miroslav Stampar	64c241fe92	limiting original UNION query results to only 1 result (potentially speeding things up in some cases)	2012-05-08 13:45:53 +00:00
Miroslav Stampar	a121339395	automatically writing uncracked hashes to a file for eventual further processing	2012-05-08 10:46:05 +00:00
Miroslav Stampar	96299d3d5d	minor refactoring	2012-05-03 22:34:18 +00:00
Miroslav Stampar	cc28f6db6b	minor update	2012-05-01 20:43:16 +00:00
Miroslav Stampar	17efeaae7f	causing too much confusion among dummy users	2012-05-01 09:04:11 +00:00
Miroslav Stampar	694b14111f	skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set)	2012-04-27 13:16:51 +00:00
Miroslav Stampar	6f67dc85ee	adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical	2012-04-25 20:29:07 +00:00
Miroslav Stampar	cec432f94d	minor update	2012-04-23 14:43:59 +00:00
Miroslav Stampar	697768c01a	adding --purge-output to be one of mandatory switches	2012-04-23 14:42:24 +00:00
Miroslav Stampar	d57d5e4b2c	minor update	2012-04-23 14:33:36 +00:00
Miroslav Stampar	1eecfb3dce	adding new file related to the last commit	2012-04-23 14:25:16 +00:00
Miroslav Stampar	095b25e1d1	adding option '--purge'	2012-04-23 14:24:23 +00:00
Miroslav Stampar	be2da77bf8	minor update	2012-04-23 10:15:04 +00:00
Miroslav Stampar	21c6b52198	minor fix	2012-04-23 10:11:00 +00:00
Miroslav Stampar	2b1b4c0742	minor fix	2012-04-18 10:01:04 +00:00
Miroslav Stampar	6ebb621228	adding support for (custom) POST injection (marking injection point with '*' in conf.data)	2012-04-17 14:23:00 +00:00
Miroslav Stampar	efd27d7ade	minor renaming	2012-04-17 08:41:19 +00:00
Miroslav Stampar	601d118c68	reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types)	2012-04-15 16:59:03 +00:00
Miroslav Stampar	052d9455fe	warning user in cases of "User xyz already has more than 'max_user_connections' active connections"	2012-04-12 09:44:54 +00:00
Miroslav Stampar	c7422546e1	tiny update	2012-04-11 23:01:38 +00:00
Miroslav Stampar	2bad73a981	minor update	2012-04-11 21:48:44 +00:00
Miroslav Stampar	e195de2093	correcting comment on reflective removal function	2012-04-11 21:41:48 +00:00
Miroslav Stampar	b45ae10da4	minor fixes	2012-04-11 21:36:37 +00:00
Miroslav Stampar	627bfc589f	some more updates in reflective removal mechanism	2012-04-11 21:26:00 +00:00
Miroslav Stampar	8b130f6497	minor improvement for reflective values (when missing first part of payload like in error reports)	2012-04-11 15:01:28 +00:00
Miroslav Stampar	01bd5d0ab2	some more updates for reflective mechanism	2012-04-11 10:41:33 +00:00
Miroslav Stampar	2e92d8636e	improvement of reflective mechanism	2012-04-11 08:58:03 +00:00
Miroslav Stampar	60ca44e0cf	minor adjustment	2012-04-11 08:35:09 +00:00
Miroslav Stampar	8541222080	minor update	2012-04-10 22:26:42 +00:00
Miroslav Stampar	9c2f244d47	minor fix	2012-04-10 22:20:53 +00:00
Miroslav Stampar	119eec3598	improving "boolean detection" by automatic recognition of convenient --string candidate	2012-04-10 21:48:34 +00:00
Miroslav Stampar	8c6eb4faa9	adding support for PgSQL DNS data exfiltration	2012-04-07 14:06:11 +00:00
Miroslav Stampar	b2afa87e48	reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)	2012-04-06 08:42:36 +00:00
Miroslav Stampar	2223c884e5	minor refactoring	2012-04-05 12:55:26 +00:00
Miroslav Stampar	02924eb345	minor update	2012-04-04 23:47:06 +00:00
Bernardo Damele	d106fb5184	layout adjustments	2012-04-04 12:27:24 +00:00
Miroslav Stampar	1b2cd44255	proper fix	2012-04-04 10:35:52 +00:00
Miroslav Stampar	7031ef8e00	removing default values for referer and host from higher level/risk options	2012-04-04 10:34:27 +00:00
Miroslav Stampar	b0787f193c	getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)	2012-04-03 14:34:15 +00:00
Miroslav Stampar	33bb9c5f19	much cleaner approach in that "flat" representation of retrieved items in union technique	2012-04-03 13:56:11 +00:00
Miroslav Stampar	e05109812f	minor improvements regarding data retrieval through DNS channel	2012-04-03 09:18:30 +00:00
Miroslav Stampar	2c28423cb8	minor update	2012-04-02 14:57:15 +00:00
Miroslav Stampar	1cd3c3f7af	further update of DNS data retrieval mechanism through SQLi	2012-04-02 14:05:30 +00:00
Miroslav Stampar	1e01203562	few just in case "patches"	2012-04-02 12:58:10 +00:00
Miroslav Stampar	d908d078dd	minor fix	2012-04-02 12:27:30 +00:00
Miroslav Stampar	abffc39929	minor update regarding DNS data retrieval task	2012-04-02 12:22:40 +00:00
Miroslav Stampar	f7a664b120	enablind DNS server for DNS data exfiltration	2012-03-31 12:08:27 +00:00
Miroslav Stampar	8be9cd4ac4	bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)	2012-03-31 10:22:50 +00:00
Miroslav Stampar	56638f9e95	making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection	2012-03-30 10:50:01 +00:00
Miroslav Stampar	79c3d6f2aa	minor update	2012-03-30 10:37:46 +00:00
Miroslav Stampar	637a8d8273	improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism	2012-03-29 14:33:27 +00:00
Miroslav Stampar	772ead8d03	fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values	2012-03-29 12:44:20 +00:00
Miroslav Stampar	60146481af	bug fix(es) (flags were used in place of count parameter in re.sub() calls)	2012-03-28 19:33:00 +00:00
Miroslav Stampar	9433bbe26d	memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)	2012-03-28 19:27:12 +00:00
Miroslav Stampar	7fd64df167	minor code cleaning	2012-03-28 13:31:07 +00:00
Miroslav Stampar	11132ba993	fix for a bug in reflection removal mechanism	2012-03-19 14:28:18 +00:00
Miroslav Stampar	0fc4288a7c	modifying redirection code for only two choices	2012-03-18 17:27:08 +00:00
Miroslav Stampar	cbdcbdd786	minor minor update	2012-03-16 11:18:18 +00:00
Miroslav Stampar	adb5fff6b2	one more update related to the redirection mechanism	2012-03-15 20:17:40 +00:00
Miroslav Stampar	19beb912fa	first step toward negative logic support	2012-03-15 15:52:12 +00:00
Miroslav Stampar	3d9b1599d1	minor update	2012-03-15 11:45:32 +00:00
Miroslav Stampar	a8c9a47092	redirect logic rewritten from scratch	2012-03-15 11:10:58 +00:00
Bernardo Damele	890bf708bc	Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)	2012-03-15 00:19:57 +00:00
Miroslav Stampar	ca0d068575	distinguishing NULL from BLANK	2012-03-14 13:52:23 +00:00
Miroslav Stampar	61ad3b999a	fix for a crash with partial union and --hex	2012-03-14 10:31:24 +00:00
Miroslav Stampar	a7fbc55748	grammar fix	2012-03-13 22:03:23 +00:00
Miroslav Stampar	e827f41cdb	using pickle HIGHEST_PROTOCOL just in case	2012-03-13 09:35:37 +00:00
Miroslav Stampar	cda8815634	introducing safe deprecation mechanism for HashDB versioning	2012-03-12 22:55:57 +00:00
Miroslav Stampar	6ed1b04bbe	minor update	2012-03-12 13:27:07 +00:00
Bernardo Damele	c79807f5fb	Minor layout adjustments	2012-03-08 15:11:24 +00:00
Miroslav Stampar	775e424bf2	bug fix for using --no-cast and --hex switches together	2012-03-08 15:04:52 +00:00
Miroslav Stampar	11c7cc5224	minor temporary fix	2012-03-08 11:08:43 +00:00
Miroslav Stampar	98a3e43f53	bug fix for writing raw pickled data into SQLite HashDB	2012-03-08 10:57:47 +00:00
Miroslav Stampar	cd28eb6544	minor update regarding --load-cookies	2012-03-08 10:19:34 +00:00
Miroslav Stampar	2c87d061e9	minor update	2012-03-08 10:03:59 +00:00
Miroslav Stampar	b4cf8b05b3	added switch --load-cookies	2012-03-07 14:48:45 +00:00
Miroslav Stampar	4cfea96471	minor update	2012-03-05 09:56:48 +00:00
Miroslav Stampar	ac5a752b12	Oracle's XMLType doesn't like '#' char too	2012-03-01 11:59:37 +00:00
Miroslav Stampar	37db27b720	turning back on automatic adjusting of delays in time based queries	2012-02-29 15:51:23 +00:00
Miroslav Stampar	0205d96d7b	minor fix	2012-02-29 15:38:01 +00:00
Miroslav Stampar	8b9c5c66cc	code refactoring regarding charsetType inside inference/bisection	2012-02-29 14:36:23 +00:00
Miroslav Stampar	f6f98f1b41	minor improvement	2012-02-29 14:19:59 +00:00
Miroslav Stampar	d06182347f	fixing few potential problems	2012-02-29 13:56:40 +00:00
Miroslav Stampar	f142c0f782	minor update	2012-02-28 14:04:13 +00:00
Miroslav Stampar	22b3fa0749	minor update	2012-02-27 15:28:36 +00:00
Miroslav Stampar	a9bf0297f6	moving injection data to HashDB	2012-02-27 13:44:07 +00:00
Miroslav Stampar	68e08d2749	minor fix for not displaying 'None' but None in enumeration when data unavailable	2012-02-27 13:15:10 +00:00
Miroslav Stampar	3909658fc2	few minor just in case updates	2012-02-27 11:15:53 +00:00
Miroslav Stampar	85125018a1	minor bug fix	2012-02-25 22:54:32 +00:00
Miroslav Stampar	5d307cf886	minor update	2012-02-25 10:54:39 +00:00
Miroslav Stampar	06ab3fa134	minor update	2012-02-25 10:53:38 +00:00
Miroslav Stampar	74b19a0386	minor update	2012-02-25 10:43:10 +00:00
Miroslav Stampar	5b67af3b20	minor update	2012-02-24 15:03:39 +00:00
Miroslav Stampar	8a203ef79d	making session data strictly dependent on url through HashDB helper functions	2012-02-24 14:58:24 +00:00
Miroslav Stampar	c36cbbb3ae	minor fix	2012-02-24 14:54:10 +00:00
Miroslav Stampar	9d6fd2e507	bug fix for --schema --technique=BST	2012-02-24 14:12:19 +00:00
Miroslav Stampar	f94b91ad87	added helper function for HashDB data storing/retrieval	2012-02-24 13:07:20 +00:00
Miroslav Stampar	b481c0352f	minor update	2012-02-24 11:25:56 +00:00
Miroslav Stampar	1f6ce265b9	minor fix	2012-02-24 11:05:04 +00:00
Miroslav Stampar	5afbd52b61	more update related to last commits	2012-02-24 10:57:23 +00:00
Miroslav Stampar	570d3a19c2	more general fix	2012-02-24 10:53:28 +00:00
Miroslav Stampar	e8352e504f	fixing problems with chars deletition by logging messages in inference mode	2012-02-24 10:48:19 +00:00
Miroslav Stampar	71028a81f5	fix for proper retrieval of columns in SQLite	2012-02-24 09:55:13 +00:00
Miroslav Stampar	7941504c3a	minor update	2012-02-23 15:32:36 +00:00
Miroslav Stampar	0478e4166a	minor justin case fix	2012-02-23 15:19:20 +00:00
Miroslav Stampar	6e54cb171f	minor code restyling	2012-02-22 15:53:36 +00:00
Miroslav Stampar	61a25418a9	minor update	2012-02-22 10:45:10 +00:00
Miroslav Stampar	b3bd4144f5	removing of unused imports together with some general code refactoring	2012-02-22 10:40:11 +00:00
Miroslav Stampar	386e98a0e3	using UNION SELECT for where=..NEGATIVE	2012-02-22 09:41:58 +00:00
Miroslav Stampar	686eacda9a	minor update regarding --hex	2012-02-21 13:38:18 +00:00
Miroslav Stampar	bcf3255fe1	implementation of switch --hex for 4 major DBMSes	2012-02-21 11:44:48 +00:00
Miroslav Stampar	3e4db6d140	minor fix for Python v2.6	2012-02-20 19:35:57 +00:00
Miroslav Stampar	bc4dd7c0dd	fix for -g	2012-02-20 10:02:19 +00:00
Miroslav Stampar	aee269cc14	gazillion changes, nothing will work, muhahaha	2012-02-17 14:22:48 +00:00
Miroslav Stampar	dcf7277a0f	some more refactorings	2012-02-16 14:42:28 +00:00
Miroslav Stampar	6632aa7308	some more refactoring	2012-02-16 13:46:01 +00:00
Miroslav Stampar	844fc8addb	minor cleanup	2012-02-16 10:19:36 +00:00
Miroslav Stampar	0e23521adc	some more refactoring	2012-02-16 09:54:29 +00:00
Miroslav Stampar	e1f86c97c4	minor refactoring	2012-02-16 09:46:41 +00:00
Miroslav Stampar	bcf9fc6c6f	minor refactoring	2012-02-16 09:32:47 +00:00
Miroslav Stampar	8d7912ad34	minor update and refactoring	2012-02-15 14:05:50 +00:00
Miroslav Stampar	bf923a97df	minor update	2012-02-15 13:45:10 +00:00
Miroslav Stampar	122db6e164	minor update	2012-02-15 13:24:02 +00:00
Miroslav Stampar	9059d30312	adding first code example for SPL snippets	2012-02-15 13:17:01 +00:00
Miroslav Stampar	23cc8b6974	minor fix for special cases when parameter value contains html encoded characters	2012-02-14 14:08:10 +00:00
Miroslav Stampar	bb5113980b	minor update	2012-02-14 10:27:56 +00:00
Miroslav Stampar	3f15c52188	minor change in workflow for "tainted" parameter values	2012-02-14 09:26:52 +00:00
Miroslav Stampar	b140ef4a14	minor update (preparing for switching to HashDB from old sessionFile)	2012-02-10 10:24:48 +00:00
Miroslav Stampar	980367b7b2	minor update	2012-02-09 09:48:47 +00:00
Miroslav Stampar	7e9e582eca	minor update	2012-02-08 14:23:57 +00:00
Miroslav Stampar	2662fe84f7	minor update	2012-02-08 12:02:50 +00:00
Miroslav Stampar	93d7d6c355	minor patch	2012-02-08 10:38:58 +00:00
Miroslav Stampar	6bedb80ffa	adding --force-ssl switch (most useful in combination with -r)	2012-02-08 09:11:57 +00:00
Miroslav Stampar	e50d64546f	minor fix	2012-02-07 14:57:48 +00:00
Miroslav Stampar	2b05ded9c3	just a makeup	2012-02-07 12:05:23 +00:00
Miroslav Stampar	b4f4a982e4	minor update	2012-02-07 11:37:54 +00:00
Miroslav Stampar	11af0b1bbc	minor fix	2012-02-07 11:16:03 +00:00
Miroslav Stampar	f7bf1fbe94	upgrade/fixes for direct DBMS access	2012-02-07 10:46:55 +00:00
Miroslav Stampar	8c45ff0d57	bug fix	2012-02-03 10:38:04 +00:00
Bernardo Damele	c0f4b4632d	Minor fix	2012-02-02 12:55:39 +00:00
Miroslav Stampar	8405ef59ac	some estetic updates	2012-02-01 14:49:42 +00:00
Miroslav Stampar	f4e7bf1d51	minor update regarding support for Unicode characters in Oracle	2012-02-01 14:17:27 +00:00
Miroslav Stampar	2589521ecf	fix of a wrong assumption (e.g. decodeIntToUnicode(12345) has been returning a "09" instead of a single unicode character)	2012-02-01 10:38:43 +00:00
Miroslav Stampar	f2857e38ba	minor update	2012-01-30 10:19:03 +00:00
Miroslav Stampar	9eee6c252d	minor update for --scope	2012-01-16 10:28:21 +00:00
Miroslav Stampar	b2dad63000	some more refactoring	2012-01-13 22:00:34 +00:00
Miroslav Stampar	23117e72ca	minor improvement	2012-01-13 20:56:06 +00:00
Bernardo Damele	0043336620	Minor fix and removed leftover debug message	2012-01-13 17:04:59 +00:00
Bernardo Damele	b03f91437b	Minor code refactoring	2012-01-13 16:49:52 +00:00
Miroslav Stampar	337973df77	reverting last 2 commits (better solution was the original one)	2012-01-13 15:58:47 +00:00
Miroslav Stampar	1f53ff0633	minor update regarding last commit	2012-01-13 15:56:50 +00:00
Miroslav Stampar	ff96c537a9	minor update for multithreaded mode	2012-01-13 15:50:38 +00:00
Bernardo Damele	7e560eec1f	Minor fix	2012-01-13 12:54:45 +00:00
Miroslav Stampar	04686b83e3	minor update	2012-01-13 11:16:26 +00:00
Miroslav Stampar	305371b7a9	minor update	2012-01-12 14:58:23 +00:00
Miroslav Stampar	95f89ab63a	updating copyright date	2012-01-11 14:59:46 +00:00
Miroslav Stampar	1d0b43b1a2	implemented mechanism for merging cookies by request	2012-01-11 14:28:08 +00:00
Miroslav Stampar	ff52931140	some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)	2012-01-07 19:30:35 +00:00
Miroslav Stampar	2b5e429dc2	one more level of defense against user himself	2012-01-07 17:16:14 +00:00
Miroslav Stampar	a675c88894	minor check added for invalid urls (e.g. deliberately too long)	2012-01-07 16:06:18 +00:00
Miroslav Stampar	164c8a4020	better message in case of update error	2012-01-07 15:47:38 +00:00
Miroslav Stampar	5a8fc44119	minor update	2012-01-07 15:26:54 +00:00
Miroslav Stampar	3f4afdf251	minor fix (crashing if no : in value)	2012-01-07 14:54:56 +00:00
Miroslav Stampar	759465bde5	minor fix	2012-01-06 00:06:38 +00:00
Miroslav Stampar	1f085a0241	now [SLEEPTIME] is changeable properly in vivo	2012-01-05 14:45:05 +00:00
Miroslav Stampar	804629832d	minor fix	2012-01-05 10:24:27 +00:00
Miroslav Stampar	13f2afbbc9	minor fix	2012-01-03 17:28:50 +00:00
Miroslav Stampar	40991a5d52	minor fix	2011-12-31 01:03:54 +00:00
Miroslav Stampar	94d43a4135	minor bug fix	2011-12-30 14:20:06 +00:00
Miroslav Stampar	29f502fe29	some refactoring	2011-12-28 16:27:17 +00:00
Miroslav Stampar	37d78ffe01	minor optimization	2011-12-28 15:59:30 +00:00
Miroslav Stampar	22c3fe49bb	some refactoring	2011-12-28 13:50:03 +00:00
Miroslav Stampar	dda979a15a	minor refactoring	2011-12-27 12:31:29 +00:00
Miroslav Stampar	0a6334db22	minor speedup	2011-12-27 11:41:57 +00:00
Miroslav Stampar	b02363b1aa	minor update	2011-12-27 11:25:40 +00:00
Miroslav Stampar	068ff92dc4	optimizing a bit pyDes module used in Oracle hash cracking	2011-12-26 15:33:49 +00:00
Miroslav Stampar	08071f42d0	minor update	2011-12-26 14:31:59 +00:00
Miroslav Stampar	366e86c560	minor "patch"	2011-12-26 14:08:25 +00:00
Miroslav Stampar	c20546dcaa	minor refactoring	2011-12-26 12:24:39 +00:00
Miroslav Stampar	b71a81041d	implemented --tor-port by request	2011-12-23 10:57:09 +00:00
Miroslav Stampar	89d2c7c042	minor update	2011-12-22 20:54:20 +00:00
Miroslav Stampar	abb401879c	minor update	2011-12-22 20:42:57 +00:00
Miroslav Stampar	087e29d272	minor update	2011-12-22 20:14:56 +00:00
Miroslav Stampar	8a7b0406c8	minor optimization	2011-12-22 20:08:28 +00:00
Miroslav Stampar	094129a656	minor optimization	2011-12-22 15:42:21 +00:00
Miroslav Stampar	f622995a29	compatibility with partial union and error technique resumed data	2011-12-22 12:20:21 +00:00
Miroslav Stampar	58a4a02b7e	minor fix	2011-12-22 11:56:42 +00:00
Miroslav Stampar	6f8d8a15aa	minor update	2011-12-22 11:55:02 +00:00
Miroslav Stampar	9f68e54fff	minor cleanup	2011-12-22 10:59:28 +00:00
Miroslav Stampar	aaa29d1f24	minor fix	2011-12-22 10:51:41 +00:00
Miroslav Stampar	4a1a0773b7	speedup of UNION dumping	2011-12-22 10:44:14 +00:00
Miroslav Stampar	1ae413a206	some refactoring/speedup around UNION technique	2011-12-22 10:32:21 +00:00
Miroslav Stampar	b77e2042f2	some optimization	2011-12-21 23:23:00 +00:00
Miroslav Stampar	a6310c0b21	minor update	2011-12-21 23:04:36 +00:00
Miroslav Stampar	526aacb640	code cleanup	2011-12-21 22:59:23 +00:00
Miroslav Stampar	41ccf88990	some more refactoring	2011-12-21 22:09:21 +00:00
Miroslav Stampar	0a039d84e0	some more refactoring	2011-12-21 19:40:42 +00:00
Miroslav Stampar	41b60b26fc	minor refactoring	2011-12-21 14:25:39 +00:00
Miroslav Stampar	81bd9a201b	minor refactoring	2011-12-21 11:50:49 +00:00
Miroslav Stampar	113ebf5e9d	minor update	2011-12-20 16:08:17 +00:00
Miroslav Stampar	8bfff4a28e	minor update	2011-12-20 15:01:27 +00:00
Miroslav Stampar	d3a428c9c8	minor bug fix regarding dumping tables with safe quotes	2011-12-20 13:17:24 +00:00
Miroslav Stampar	95cd9e2af3	adding support for scanning Host header values (-p host)	2011-12-20 12:52:41 +00:00
Miroslav Stampar	dcf842692b	minor fix	2011-12-16 12:34:26 +00:00
Miroslav Stampar	563c0c1066	adding switch --tor-type	2011-12-15 23:19:55 +00:00
Miroslav Stampar	8793fbc9f5	minor update	2011-12-14 12:59:25 +00:00
Miroslav Stampar	1fd1ec22a1	minor fix	2011-12-14 12:03:21 +00:00
Miroslav Stampar	364113441b	adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)	2011-12-14 10:19:45 +00:00
Miroslav Stampar	73a500833d	minor bug fix	2011-12-12 14:38:06 +00:00
Miroslav Stampar	25cde9e2c7	minor fixes	2011-12-12 09:45:40 +00:00
Bernardo Damele	8fe72d87a8	minor bug fix for mysql -d --file-read	2011-12-06 10:57:23 +00:00
Miroslav Stampar	0f5d48ff20	minor update	2011-12-05 09:25:56 +00:00
Miroslav Stampar	9bc735963b	update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself))	2011-12-04 22:42:19 +00:00
Miroslav Stampar	ec895c3d1a	revert of last commit	2011-12-04 16:37:18 +00:00
Miroslav Stampar	393843bf87	it seems that SOCKS4 is safer solution for TOR socks access	2011-12-04 16:23:08 +00:00
Miroslav Stampar	5f7dbec41f	minor patch	2011-12-03 12:11:46 +00:00
Miroslav Stampar	b9ae28dd5e	minor beautification	2011-12-02 14:11:43 +00:00
Miroslav Stampar	32ab7171ea	minor update	2011-12-01 10:07:39 +00:00
Miroslav Stampar	9975ff8d17	minor update	2011-11-30 19:26:03 +00:00
Miroslav Stampar	f1dfa5c860	minor update	2011-11-30 17:44:34 +00:00
Miroslav Stampar	71c46f50aa	adding option --csv-del	2011-11-30 17:39:41 +00:00
Miroslav Stampar	02bd9a54f3	minor update	2011-11-30 17:19:21 +00:00
Miroslav Stampar	872a73f631	minor refactoring	2011-11-29 19:17:07 +00:00
Miroslav Stampar	885b432808	minor update	2011-11-23 21:39:53 +00:00
Miroslav Stampar	ba4234dc42	switching from HTTP proxy to SOCKS proxy for --tor (sick and tired of Polipo/Privoxy bull; either Tor flag is overwritten every here and there or they are putting all kinds of filter warnings)	2011-11-23 21:17:08 +00:00
Miroslav Stampar	8ea9b19b66	minor update regarding dumping of table content in --forms mode	2011-11-23 20:56:22 +00:00
Miroslav Stampar	14e8ca6d41	minor fix	2011-11-23 14:26:40 +00:00
Miroslav Stampar	d5cddd40f6	minor fix	2011-11-23 03:03:31 +00:00
Miroslav Stampar	2e10de8921	minor update	2011-11-22 12:18:24 +00:00
Miroslav Stampar	ac041399f0	minor patch	2011-11-22 11:04:43 +00:00
Miroslav Stampar	9697e80013	some more optimizations	2011-11-22 10:54:29 +00:00
Miroslav Stampar	267d67b024	minor update	2011-11-22 10:41:56 +00:00
Miroslav Stampar	b117c40aa5	major improvement of HashDB speed in multi-threaded mode	2011-11-22 10:09:35 +00:00
Miroslav Stampar	e94efff187	some more optimization	2011-11-22 09:00:00 +00:00
Miroslav Stampar	2ed3efba12	speed optimization and bug fix (kb.absFilePaths were not stored previously; also, they are now extracted only in heuristic phase)	2011-11-22 08:39:13 +00:00
Miroslav Stampar	493e436e16	minor update	2011-11-22 07:32:39 +00:00
Miroslav Stampar	e905ea2a54	minor bug fix	2011-11-22 07:07:52 +00:00
Miroslav Stampar	eee03871d7	minor refactoring	2011-11-21 21:31:08 +00:00
Miroslav Stampar	65b2b0ad87	adding switch --eval	2011-11-21 16:41:02 +00:00
Miroslav Stampar	440b7efe55	minor optimization	2011-11-20 20:14:47 +00:00
Miroslav Stampar	7c1af97852	minor optimization	2011-11-20 19:38:56 +00:00
Miroslav Stampar	e1a92d59de	implementing WordPress phpass hash cracking routine	2011-11-20 19:10:46 +00:00
Miroslav Stampar	f1979936c8	minor update	2011-11-18 15:32:33 +00:00
Miroslav Stampar	7314de3490	language update	2011-11-15 11:17:39 +00:00
Miroslav Stampar	ad2762118d	minor update	2011-11-14 15:10:39 +00:00
Miroslav Stampar	367627c331	minor fix for Python 2.6	2011-11-13 19:09:13 +00:00
Miroslav Stampar	76fb6ba666	minor update	2011-11-13 10:38:27 +00:00
Miroslav Stampar	ccbd93cc2e	fix for redirect/HOST header bug	2011-11-11 11:28:27 +00:00
Miroslav Stampar	030c57a0c8	minor update	2011-11-06 11:18:16 +00:00
Miroslav Stampar	61e3621855	minor update	2011-11-02 14:33:23 +00:00
Miroslav Stampar	24bda96d9e	adding items from John the Ripper's word list to the dictionary for Oracle cracking	2011-11-02 11:21:49 +00:00
Miroslav Stampar	6ec522e14b	removal of minor obsolete thingy	2011-11-02 10:41:12 +00:00
Miroslav Stampar	d735582536	major speed improvement of hash cracking	2011-11-02 06:53:43 +00:00
Miroslav Stampar	43340a7ea5	language	2011-11-01 19:06:27 +00:00
Miroslav Stampar	c0cd29f01c	minor update	2011-10-31 15:20:40 +00:00
Miroslav Stampar	60cadf4747	better regex used	2011-10-29 10:31:52 +00:00
Miroslav Stampar	ef987c6954	adding compatibility support for using --crawl and --forms together	2011-10-29 09:32:20 +00:00
Miroslav Stampar	ddc4dfe5ff	minor refactoring for regarding --forms	2011-10-29 08:32:24 +00:00
Miroslav Stampar	d7866ac78d	added support for automatic filtering of badly formed HTML in --forms mode	2011-10-28 21:28:03 +00:00
Miroslav Stampar	666a7da12a	minor update	2011-10-28 11:28:21 +00:00
Miroslav Stampar	b83fe6113e	turning off time adjustment off (now is shown as a tip) because it seems that it never was actually used (payload always left the same)	2011-10-28 11:25:07 +00:00
Miroslav Stampar	7ce3af68fc	fixing support for parsing BURP logs	2011-10-27 17:31:34 +00:00
Miroslav Stampar	6b7920d89a	minor patch for --tor	2011-10-27 10:52:06 +00:00
Miroslav Stampar	3c31ccd16e	minor update	2011-10-26 22:37:04 +00:00
Miroslav Stampar	d64c0af461	minor update	2011-10-26 14:31:00 +00:00
Miroslav Stampar	64ca01ea0e	minor update	2011-10-25 22:06:47 +00:00
Miroslav Stampar	35c889a411	minor update	2011-10-25 18:07:33 +00:00
Miroslav Stampar	ee76fed56a	minor update	2011-10-25 17:48:20 +00:00
Miroslav Stampar	41ad7f9eab	minor update	2011-10-25 17:44:30 +00:00
Miroslav Stampar	86b4a3562f	added switch --check-tor	2011-10-25 17:37:43 +00:00
Miroslav Stampar	c1486ed4be	adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request	2011-10-25 09:53:44 +00:00
Miroslav Stampar	b07f165d60	quick fix	2011-10-24 18:11:34 +00:00
Miroslav Stampar	cd00c0d084	minor patch	2011-10-24 09:43:59 +00:00
Miroslav Stampar	20ae1c2187	added switch --logic-negative	2011-10-24 00:40:06 +00:00
Miroslav Stampar	8bd3cfdc8e	minor update	2011-10-24 00:17:38 +00:00
Miroslav Stampar	d39d36f7a7	minor language beautification	2011-10-23 23:27:56 +00:00
Miroslav Stampar	1dd3fae930	minor fix	2011-10-23 22:27:45 +00:00
Miroslav Stampar	0c29311eb2	minor update	2011-10-23 22:24:57 +00:00
Miroslav Stampar	5863429fc1	minor update	2011-10-23 21:17:45 +00:00
Miroslav Stampar	4a469c3258	minor update	2011-10-23 21:12:34 +00:00
Miroslav Stampar	3f0517d3f3	support for non-latin (e.g. cyrillic) URLs	2011-10-23 17:02:48 +00:00
Miroslav Stampar	25f0ec3597	some minor range to xrange conversion (where safe to do)	2011-10-21 22:34:27 +00:00
Miroslav Stampar	b4ce857f9b	added some comments	2011-10-21 21:29:24 +00:00
Miroslav Stampar	7a3096ce25	some refactoring	2011-10-21 21:12:48 +00:00
Miroslav Stampar	566d6e4974	minor fix	2011-10-21 20:21:29 +00:00
Miroslav Stampar	12a7fd4054	quick fix	2011-10-20 08:28:57 +00:00
Miroslav Stampar	0cbcbf159c	minor fix	2011-10-19 21:35:01 +00:00
Miroslav Stampar	e3a719e7d2	minor update	2011-10-11 22:40:00 +00:00
Miroslav Stampar	c204f2b221	minor optimization	2011-10-10 14:47:48 +00:00
Miroslav Stampar	323aa7bf2f	minor update	2011-10-09 21:21:41 +00:00
Miroslav Stampar	8720aad6dc	transformed cDel to pDel as a more generic option	2011-10-06 22:03:33 +00:00
Miroslav Stampar	dd0ed5f5da	adding redirect response to the traffic file	2011-09-28 08:13:46 +00:00
Miroslav Stampar	6d2536f217	minor update	2011-09-27 22:27:34 +00:00
Miroslav Stampar	c0910ca2c8	added one more warning message by request	2011-09-27 22:25:15 +00:00
Miroslav Stampar	88f1110c44	adding a new (for now) hidden switch --test-filter for filtering tests by their name	2011-09-27 14:09:25 +00:00
Miroslav Stampar	fd9acfd7d2	fix	2011-09-26 13:36:08 +00:00
Miroslav Stampar	b3b4459c72	minor fix	2011-09-26 13:01:43 +00:00
Miroslav Stampar	7e80274fac	refactoring	2011-09-25 21:10:45 +00:00
Miroslav Stampar	744636a8c1	switching to SQLite resume support (on error and union techniques this moment)	2011-09-25 20:36:32 +00:00
Miroslav Stampar	4a3580d10b	minor fix	2011-09-19 19:08:08 +00:00
Bernardo Damele	f890b29f81	Proper reference to Metasploit Framework as now it's version 4, not 3 anymore	2011-09-12 17:26:22 +00:00
Miroslav Stampar	4fb6dab1a2	minor bug fix	2011-09-12 14:15:57 +00:00
Miroslav Stampar	1bdde51d0e	minor just in case update	2011-09-11 16:41:07 +00:00
Miroslav Stampar	02f993583b	minor bug fix	2011-09-09 11:36:09 +00:00
Miroslav Stampar	2f4e34f5a0	minor improvement for URI injections	2011-09-08 11:13:12 +00:00
Miroslav Stampar	d434047482	minor bug fix	2011-09-05 09:28:40 +00:00
Miroslav Stampar	08e0eb9b61	minor lower/upper case fix	2011-08-29 13:47:32 +00:00
Miroslav Stampar	9be89422da	implemented parameter --skip	2011-08-29 13:29:42 +00:00
Miroslav Stampar	e0f521cf9d	minor update regarding --randomize	2011-08-29 13:08:25 +00:00
Miroslav Stampar	ac00014c4a	implemented --randomize switch by request	2011-08-29 12:50:52 +00:00
Miroslav Stampar	01014eca17	by request	2011-08-23 21:45:01 +00:00
Miroslav Stampar	8a174248dc	fix for a bug reported by blueBoy	2011-08-20 20:08:11 +00:00
Miroslav Stampar	54bcc35ba7	important bug fix (connection exception was causing losing of already retrieved data)	2011-08-17 22:31:33 +00:00
Bernardo Damele	9361e633f4	Minor bug fix - some applications do really set cookies like param="value" with double-quotes	2011-08-16 09:21:01 +00:00
Miroslav Stampar	7cc5743c5d	minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters)	2011-08-16 06:50:20 +00:00
Miroslav Stampar	262996fc5b	bug fix	2011-08-16 06:14:40 +00:00
Miroslav Stampar	df4abf1af1	lowering constant value from 10 to 7 for da peace in da houz	2011-08-12 17:19:19 +00:00
Bernardo Damele	702ed73a65	Added --code switch to match in boolean-based tests against the HTTP response code	2011-08-12 16:48:11 +00:00
Miroslav Stampar	10bdd90e60	minor speed optimizations (as a result of profiling)	2011-08-12 13:40:37 +00:00
Bernardo Damele	36280b33fa	Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site	2011-08-12 13:06:40 +00:00
Miroslav Stampar	41ae9bc7ff	minor bug fix	2011-08-09 14:20:25 +00:00
Miroslav Stampar	2ad267132a	minor update for empty normal responses (like AJAX requests)	2011-08-05 10:55:21 +00:00
Miroslav Stampar	9423d15fb3	ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix	2011-08-03 09:08:16 +00:00
Miroslav Stampar	457f501bbd	proper fix	2011-08-01 23:48:38 +00:00
Bernardo Damele	cbd0ea0866	Possible fix for a minor bug	2011-08-01 23:24:39 +00:00
Miroslav Stampar	018d7ed646	improvement for limited queries (more stable to have TOP/LIMIT/OFFSET mechanisms as part of a subquery)	2011-07-31 23:40:09 +00:00
Miroslav Stampar	0627bb02cb	minor beautification	2011-07-31 10:21:47 +00:00
Miroslav Stampar	68ae8ea5b2	minor refactoring	2011-07-29 10:54:25 +00:00
Miroslav Stampar	e522263640	fix for a neverending data retrieval in large full inband cases	2011-07-29 10:45:09 +00:00
Miroslav Stampar	107089c00b	bug fix	2011-07-27 08:25:51 +00:00
Bernardo Damele	938716e361	Proper fix for --start and --stop consistency amongst different techniques	2011-07-26 10:06:28 +00:00
Bernardo Damele	e71f96afe7	Reverted dumb "fix"	2011-07-26 09:42:09 +00:00
Miroslav Stampar	6bbb8139a0	update (smaller memory footprint in postprocessing phase because of safecharencode part)	2011-07-25 20:40:31 +00:00
Miroslav Stampar	5770c08784	minor optimization and refactoring	2011-07-25 20:17:44 +00:00
Bernardo Damele	0a7a648694	Minor bug fix for --start, now all techniques return the same result (before blind techniques returned from one entry behind)	2011-07-25 11:15:18 +00:00
Bernardo Damele	6cbb927012	Partial fix for -o not resumed at following runs if missing from command line	2011-07-25 11:05:49 +00:00
Miroslav Stampar	2033a28ae7	minor update regarding last commit (cleaner code)	2011-07-24 20:44:17 +00:00
Miroslav Stampar	3a3561fdaa	doing proper big table support for partial union too	2011-07-24 20:36:44 +00:00
Miroslav Stampar	ec1bc0219c	hello big tables, this is sqlmap, sqlmap this is big tables	2011-07-24 09:19:33 +00:00
Miroslav Stampar	82e1e61554	minor speedup	2011-07-23 19:51:19 +00:00
Miroslav Stampar	094dc91e2d	minor update (prior to some changes regarding large content retrieval)	2011-07-23 19:04:59 +00:00
Miroslav Stampar	a89140e1ce	revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function)	2011-07-23 06:07:00 +00:00
Miroslav Stampar	8a00ca83af	refactoring. nothing special changed	2011-07-21 10:18:11 +00:00
Miroslav Stampar	963f54e6d2	minor fix for parameters containing '=' inside values itself (remark: no parameter name will have '=' nor '%3d' inside; tested and it does a good job)	2011-07-21 10:06:52 +00:00
Miroslav Stampar	9cf33ec997	now status is no longer represented in percentage (impossible in cases where we need to support too small and too large dictionaries - technical issues regarding counting) but by the rotating char	2011-07-15 13:24:13 +00:00
Miroslav Stampar	ff8fc90ac7	bug fix	2011-07-13 06:44:15 +00:00
Miroslav Stampar	5c162efbd8	more optimization	2011-07-12 23:21:15 +00:00
Miroslav Stampar	9933edc718	optimization of reflective removal mechanism	2011-07-12 22:28:19 +00:00
Miroslav Stampar	3583d6dd1b	quick fixes, more work to do	2011-07-12 20:32:19 +00:00
Miroslav Stampar	f5e45bf113	quick fix for a bug reported by jovon.itwaru@gmail.com	2011-07-11 08:54:39 +00:00
Miroslav Stampar	0d6afca7db	adding new switch '--smart' by request	2011-07-10 15:16:58 +00:00
Miroslav Stampar	1e182e6c72	quick fix	2011-07-08 22:34:44 +00:00
Bernardo Damele	651349e229	More verbose critical message	2011-07-08 13:12:53 +00:00
Bernardo Damele	b5dd4d4a63	Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection	2011-07-08 10:19:01 +00:00
Miroslav Stampar	02bfd05b20	more general approach	2011-07-08 10:03:14 +00:00
Miroslav Stampar	5443e06430	cosmetics (in debug mode [0] is used)	2011-07-08 09:43:52 +00:00
Miroslav Stampar	c463c411b9	minor update	2011-07-08 09:32:58 +00:00
Miroslav Stampar	ba2c06c9dc	quick fix	2011-07-08 09:01:32 +00:00
Miroslav Stampar	c517e97a44	few fixes and minor cosmetics	2011-07-08 06:02:31 +00:00
Bernardo Damele	aedcf8c8d7	Changed homepage address	2011-07-07 20:10:03 +00:00
Bernardo Damele	067354b97f	Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access	2011-07-07 13:20:40 +00:00
Bernardo Damele	fcd4e94c04	Higher chances to detect UNION query SQL injection against Microsoft Access	2011-07-06 23:52:44 +00:00
Bernardo Damele	23b4efdcaf	Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too.	2011-07-06 21:04:45 +00:00
Bernardo Damele	6f6038b534	Quick fix (revert..)	2011-07-06 11:32:12 +00:00
Miroslav Stampar	93b296e02c	few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")	2011-07-06 05:44:47 +00:00
Miroslav Stampar	b8ffcf9495	few fixes here and there and multi-core processing for dictionary based hash attack	2011-07-04 19:58:41 +00:00
Miroslav Stampar	34d9a91af1	bulk of fixes	2011-07-02 22:48:56 +00:00
Bernardo Damele	861cdb1b14	cosmetics	2011-07-01 10:04:34 +00:00
Miroslav Stampar	4513ef409e	massive (like really massive) dictionary support	2011-06-30 23:44:49 +00:00
Miroslav Stampar	43db6b03a7	update with a feature request (file with list of wordlist files)	2011-06-30 08:42:43 +00:00
Miroslav Stampar	be9b8bca78	bug fix	2011-06-29 17:39:58 +00:00
Miroslav Stampar	4be55c811f	minor update	2011-06-27 21:48:26 +00:00
Miroslav Stampar	5b4eaf48d9	minor fix (for those blank suffixes out of nowhere at the end of payload - not related to "-- ")	2011-06-27 21:34:49 +00:00
Miroslav Stampar	8a8b94883b	minor update (that default quit in --batch was bothering me - my original idea and it was bad :)	2011-06-27 14:14:49 +00:00
Miroslav Stampar	d72db1bf91	minor update (all misc options are alphabetically ordered)	2011-06-27 08:21:33 +00:00
Bernardo Damele	36c96ef796	Added DB2 support - patch provided by Sebastian Bittig	2011-06-25 09:44:24 +00:00
Miroslav Stampar	aa83fe5c66	minor update	2011-06-24 18:19:33 +00:00
Miroslav Stampar	21010f702c	minor beautification	2011-06-24 17:46:54 +00:00
Miroslav Stampar	96190cf594	minor update	2011-06-24 17:15:15 +00:00
Bernardo Damele	406f2cda09	Got rid of useless TAB completion in --sql-shell	2011-06-24 13:05:13 +00:00
Bernardo Damele	35ce6dedcf	Got rid of useless imports	2011-06-24 09:59:11 +00:00
Bernardo Damele	a78f5b4eb3	Minor adjustment to avoid function and variables with same name	2011-06-24 09:29:11 +00:00
Miroslav Stampar	eaa2a4202f	changing to: --crawl=CRAWLDEPTH	2011-06-24 05:40:03 +00:00
Miroslav Stampar	3717b8423f	cleanest fix this moment (conf.dbms will for sure deal problems later in any form)	2011-06-22 15:48:44 +00:00
Miroslav Stampar	5190440ea2	minor fix	2011-06-22 15:36:59 +00:00
Miroslav Stampar	97d8729d71	probable fix for a bug reported by m4l1c3 (RuntimeError: maximum recursion depth exceeded)	2011-06-22 15:28:49 +00:00
Miroslav Stampar	52ba3c281e	minor update	2011-06-22 14:59:49 +00:00
Miroslav Stampar	4ca37901da	thread safe logging+stdout (no more overlapping of log messages and raw output)	2011-06-22 14:53:42 +00:00
Miroslav Stampar	84bc8c3a37	update	2011-06-22 14:39:31 +00:00
Miroslav Stampar	938db1b513	replacing xmlobject logic with our own	2011-06-22 14:33:52 +00:00
Bernardo Damele	1cb12ea659	replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license)	2011-06-22 13:31:07 +00:00
Miroslav Stampar	2a4a284a29	crawler fix (skip binary files)	2011-06-20 22:41:38 +00:00
Miroslav Stampar	d6062e8fc9	minor fix for crawler and far less message overlaps in future	2011-06-20 21:18:12 +00:00
Miroslav Stampar	8968c708a0	minor update	2011-06-20 14:27:24 +00:00
Miroslav Stampar	f09340fc89	minor update	2011-06-20 12:40:14 +00:00
Miroslav Stampar	4d1fa5596b	added support for --scope in --crawl mode	2011-06-20 12:37:51 +00:00
Miroslav Stampar	67fab9f2e2	putting this to info messages (user needs to know at this place why is it waiting)	2011-06-20 12:17:19 +00:00
Miroslav Stampar	b1426b5131	bug fix	2011-06-20 12:11:09 +00:00
Miroslav Stampar	cda39ca350	minor update	2011-06-20 11:46:23 +00:00
Miroslav Stampar	07e2c72943	adding Beautifulsoup (BSD) into extras; adding --crawl to options	2011-06-20 11:32:30 +00:00
Miroslav Stampar	8c04aa871a	english typo	2011-06-20 11:00:23 +00:00
Miroslav Stampar	83af83da9e	minor beautification (WordsSet is considered as a bad english)	2011-06-18 15:47:19 +00:00
Bernardo Damele	6b2f44de14	Minor layout adjustment	2011-06-18 12:27:12 +00:00
Bernardo Damele	cd07139919	Layout adjustments	2011-06-18 11:58:14 +00:00
Miroslav Stampar	31ad0875b4	added by request	2011-06-18 11:34:51 +00:00
Miroslav Stampar	e4be141602	minor fix for --smoke-test	2011-06-18 11:26:17 +00:00
Bernardo Damele	c7e1aeeef2	layout	2011-06-18 11:02:48 +00:00
Miroslav Stampar	905fef0eae	now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5)	2011-06-18 10:51:14 +00:00
Miroslav Stampar	1440c9f2d4	minor update	2011-06-17 22:28:07 +00:00
Miroslav Stampar	87e9842371	better language	2011-06-17 22:13:45 +00:00
Miroslav Stampar	ce3170edef	minor update/better language	2011-06-17 22:11:40 +00:00
Miroslav Stampar	ec6fa384eb	update	2011-06-17 22:04:25 +00:00
Miroslav Stampar	f3ee2c09fb	cleaner fix	2011-06-17 15:32:23 +00:00
Miroslav Stampar	bb987ec98f	fix for DNS leakage	2011-06-17 15:23:58 +00:00
Miroslav Stampar	9498a3f259	little stabilization of multi threading	2011-06-17 12:50:28 +00:00
Miroslav Stampar	530c296519	minor fix	2011-06-16 13:56:17 +00:00
Miroslav Stampar	0eeb48f8f5	some fixes	2011-06-16 13:41:02 +00:00
Miroslav Stampar	7733e5866a	minor update regarding mnemonics (again)	2011-06-16 12:34:38 +00:00
Miroslav Stampar	17e4c6b564	minor update regarding mnemonics	2011-06-16 12:26:50 +00:00
Miroslav Stampar	25b923bbc3	minor fixes and minor updates	2011-06-16 12:12:30 +00:00
Miroslav Stampar	3995891ab4	new file containing default settings	2011-06-16 11:43:07 +00:00
Miroslav Stampar	6f681b45ad	cleaning up a bit for a configuration mess	2011-06-16 11:42:13 +00:00
Bernardo Damele	f515c9c9e0	Dealt with SVN update login traceback. Need to investigate further why it asks for credentials sometimes	2011-06-16 10:11:11 +00:00
Miroslav Stampar	63d98d8ce6	fix for a bug reported by rdsears@mtu.edu (ignored config file items)	2011-06-16 08:08:49 +00:00
Miroslav Stampar	4d51fa8155	minor update planned for a long time (in case of heuristic test was positive warn the user properly at the end if program fails)	2011-06-15 17:37:28 +00:00
Miroslav Stampar	e0ad72031f	minor update	2011-06-15 12:04:30 +00:00
Miroslav Stampar	1d93a03eeb	introducing mnemonics	2011-06-15 11:58:50 +00:00
Miroslav Stampar	d55a242908	minor improvement. messages are now warnings (not errors because lots of them are not causing problems for a normal usage) and most of all it's being checked only if the --dependencies is used (until now this switch has been ignored and turned on by default - always)	2011-06-14 19:38:35 +00:00
Bernardo Damele	8978fded03	typo fix	2011-06-13 19:00:27 +00:00
Bernardo Damele	7152a1ed3b	Added --dependences to show which sqlmap dependences are not available	2011-06-13 18:44:02 +00:00
Miroslav Stampar	2da56ea507	fix of a language bug	2011-06-11 21:17:30 +00:00
Miroslav Stampar	9331abb96f	minor update	2011-06-11 08:33:36 +00:00
Miroslav Stampar	f8dde2c23b	adding --titles switch (killer switch for pages with lots of dynamicity and/or international ones)	2011-06-10 23:18:43 +00:00
Miroslav Stampar	fae089646b	minor fix	2011-06-09 08:38:17 +00:00
Miroslav Stampar	9202fedf7b	minor fix	2011-06-09 08:14:54 +00:00
Miroslav Stampar	af5fe457bd	revert of the revert (it's a good idea to have it like this because of problems with e.g. --text-only and binary content)	2011-06-09 07:53:31 +00:00
Miroslav Stampar	8ec4bc9d9d	revert of the last commit. have to think about it	2011-06-09 06:32:53 +00:00
Miroslav Stampar	9c093d91f2	minor update	2011-06-09 06:14:35 +00:00
Bernardo Damele	0d8d6a4ace	Cosmetics	2011-06-08 16:08:20 +00:00
Bernardo Damele	70cac24909	Cosmetics	2011-06-08 15:31:27 +00:00
Bernardo Damele	64bef644c3	This was missing	2011-06-08 15:30:59 +00:00
Bernardo Damele	0d3e8a76d8	Cosmetics and a missing param	2011-06-08 14:40:42 +00:00
Miroslav Stampar	4a9640160e	more concise	2011-06-08 14:35:23 +00:00
Miroslav Stampar	6b81eef65a	refactoring	2011-06-08 14:30:12 +00:00
Bernardo Damele	7da3d8dbd1	minor layout adjustment	2011-06-08 13:01:33 +00:00
Miroslav Stampar	f65abdaae3	added switch --cookie-del by request	2011-06-08 08:27:24 +00:00
Miroslav Stampar	4eeeb3655e	asking and skipping to the next google result page if no usable links found	2011-06-07 23:24:17 +00:00
Miroslav Stampar	26062ec71e	minor update	2011-06-07 15:13:51 +00:00
Miroslav Stampar	50dde39e68	minor update	2011-06-07 10:32:18 +00:00
Miroslav Stampar	7a3cc38e3c	refactoring and stabilization of multithreading	2011-06-07 09:50:00 +00:00
Miroslav Stampar	03c3f83893	minor fix	2011-06-06 13:34:49 +00:00
Miroslav Stampar	24ed99e5a3	fix for a bug reported by aboynes@gmail.com	2011-06-06 08:50:48 +00:00
Miroslav Stampar	f27181c628	minor improvement for blind based injections with reflected values	2011-06-03 14:41:36 +00:00
Miroslav Stampar	e9eafc2e94	minor update	2011-06-03 14:13:22 +00:00
Miroslav Stampar	64a862ed58	minor usability update	2011-06-03 14:04:02 +00:00
Miroslav Stampar	faf7814869	fix for a fuzz "bug" reported by daniele.rivetti@yahoo.com	2011-06-03 11:01:26 +00:00
Miroslav Stampar	08d6bb4f23	minor fix	2011-06-02 22:13:31 +00:00
Miroslav Stampar	8aa5625cd0	proper fix related to the last commit	2011-06-01 23:00:18 +00:00
Miroslav Stampar	63145236b9	minor fix	2011-05-31 21:53:29 +00:00
Miroslav Stampar	3c12799ff0	minor improvement	2011-05-30 20:34:34 +00:00
Miroslav Stampar	89559d1b0a	better regex and now after we have that automatic switch off for reflective removal mechanism it's not so important to change it	2011-05-30 20:18:30 +00:00
Miroslav Stampar	20988e58ed	warp 5 mr spock :)	2011-05-30 09:46:32 +00:00
Miroslav Stampar	001cbff2a9	speed up of 2 times for partial union technique	2011-05-30 09:07:48 +00:00
Miroslav Stampar	97820949f5	minor update	2011-05-30 08:33:01 +00:00
Miroslav Stampar	23d7820de7	minor update	2011-05-29 23:56:41 +00:00
Miroslav Stampar	86455ceb9c	implementation of multithreading for UNION and ERROR techniques	2011-05-29 23:17:50 +00:00
Miroslav Stampar	d51efa679d	typo update	2011-05-29 06:26:28 +00:00
Miroslav Stampar	f848cc779e	adding legal disclaimer as latest situation (these days news headlines) seems out of control	2011-05-28 18:54:14 +00:00
Miroslav Stampar	eb9b84d1da	type correction	2011-05-28 17:53:05 +00:00
Miroslav Stampar	03ef53f00a	update regarding mysql function resolution and versionedkeywords	2011-05-28 17:34:43 +00:00
Miroslav Stampar	c11ea35d53	adding some user input for "refreshing" cases (like redirect ones)	2011-05-27 22:42:23 +00:00
Miroslav Stampar	8227298057	user friendliness uber 9000	2011-05-27 08:30:52 +00:00
Miroslav Stampar	45caadbd4a	important update - finally found what was causing headache for UNION payloads in noticeable number of cases	2011-05-26 21:54:19 +00:00
Miroslav Stampar	4f46a5ab63	minor usability enhancement regarding warning for --text-only switch	2011-05-26 20:48:18 +00:00
Miroslav Stampar	ff030e4d24	minor cleanup of the leftover	2011-05-26 17:37:24 +00:00
Miroslav Stampar	bf2b58ba82	minor update	2011-05-26 15:23:28 +00:00
Miroslav Stampar	b6fe5b12a4	adding --schema to the wizard/Basic as it looks like a cool thingy to put there	2011-05-26 14:30:05 +00:00
Miroslav Stampar	f3ed61af5f	bug fix when using inference and kb.pageEncoding is None (like in binary cases)	2011-05-25 21:12:12 +00:00
Miroslav Stampar	0e480a9921	adding SYS to the ORACLE_SYSTEM_DBS	2011-05-25 10:55:47 +00:00
Miroslav Stampar	2f456bee75	minor beautification	2011-05-25 08:14:39 +00:00
Miroslav Stampar	8b7a3c5a6b	making it easier for totally dummy users	2011-05-24 17:24:01 +00:00
Miroslav Stampar	bec2c04671	helping dummy users	2011-05-24 17:15:25 +00:00
Miroslav Stampar	a3466ff79c	serving everything for the users	2011-05-24 16:34:08 +00:00
Miroslav Stampar	69eb173eca	minor just in case patch	2011-05-24 15:07:37 +00:00
Miroslav Stampar	f774d8fea0	proper Tor settings (reverted r3915 and implemented it the right way)	2011-05-24 11:06:58 +00:00
Miroslav Stampar	a536bf210f	improved redirection mechanism	2011-05-23 23:20:03 +00:00
Miroslav Stampar	128a012121	this was causing that --suffix trouble	2011-05-23 19:59:07 +00:00
Miroslav Stampar	bfe8e51b7c	minor fix for retrieving stuff like "SELECT * FROM testdb..users"	2011-05-23 19:45:40 +00:00
Miroslav Stampar	4542d4535f	minor beautification	2011-05-23 14:28:05 +00:00
Miroslav Stampar	0ed03d474f	now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate	2011-05-23 11:09:44 +00:00
Miroslav Stampar	fb23beef6f	most elegant way i could think of to deal with "collation incompatibilities" issue on some MySQL/UNION cases (affected about 5% of all targets tested)	2011-05-22 19:14:36 +00:00
Miroslav Stampar	9b2623514a	one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables	2011-05-22 09:48:46 +00:00
Miroslav Stampar	2ea613b170	type correction and adding global flag kb.ignoreTimeout which could be useful	2011-05-22 08:24:13 +00:00
Miroslav Stampar	a58aaf2e1a	better format for results file (easier for sorting when lots of files)	2011-05-22 07:02:36 +00:00
Miroslav Stampar	25fff8c135	changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux)	2011-05-21 11:46:57 +00:00
Miroslav Stampar	9e5856caf8	improvement for recognition of scalar vs multiple-row commands	2011-05-19 16:45:05 +00:00
Miroslav Stampar	db72428765	minor update	2011-05-19 15:57:29 +00:00
Miroslav Stampar	f40c6b2ce7	added --cookie for maskSensitiveData too	2011-05-19 15:42:59 +00:00
Miroslav Stampar	9832fc42d4	minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)	2011-05-18 21:47:40 +00:00
Miroslav Stampar	3048e9f710	minor refactoring	2011-05-17 23:03:31 +00:00
Miroslav Stampar	cc07e5dc97	added --charset option to force charset encoding of the retrieved data (e.g. when the backend collation is different than the current web page charset) as requested by devon.mitchell1988@y​ahoo.com	2011-05-17 22:55:22 +00:00
Miroslav Stampar	dfe81cc66f	minor yielding	2011-05-16 20:14:10 +00:00
Miroslav Stampar	a5ad4621c9	minor refactoring	2011-05-16 20:09:12 +00:00
Miroslav Stampar	faa74cd2bc	introducing results file for multiple target mode	2011-05-15 22:21:38 +00:00
Miroslav Stampar	90e84c9a6d	removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end	2011-05-15 21:43:38 +00:00
Miroslav Stampar	c3bb5a03e1	minor improvement	2011-05-14 20:09:37 +00:00
Miroslav Stampar	3484a4426b	fix for a bug reported by itxx@qq.co​m (TypeError: encode() takes no keyword arguments)	2011-05-14 19:57:28 +00:00
Miroslav Stampar	a7d7be5ce0	bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host)	2011-05-13 01:01:53 +00:00
Miroslav Stampar	70688fb8b5	minor enhancement for dumping 'None' values (proper way should be empty string because None is too pythonic)	2011-05-12 12:00:17 +00:00
Miroslav Stampar	0b2da2f9f5	minor beautification for --tor switch	2011-05-12 05:46:17 +00:00
Miroslav Stampar	e05a9c0554	i was probably very tired or very stupid to do this	2011-05-11 13:13:46 +00:00
Miroslav Stampar	2ab9e30f7a	bug fix	2011-05-11 12:54:33 +00:00
Miroslav Stampar	53065ee1fb	adding ordered set for kb.targetUrls (now the order of appereance in multiple targets mode will be respected)	2011-05-11 08:55:48 +00:00
Miroslav Stampar	5ee07b90b9	added -m switch for bulk loading multiple targets	2011-05-11 08:46:40 +00:00
Miroslav Stampar	120b0d756e	unfix	2011-05-10 21:33:06 +00:00
Miroslav Stampar	192c685bc8	changing conf attribute to a more proper name	2011-05-10 20:48:34 +00:00
Miroslav Stampar	deae534ee7	minor refactoring	2011-05-10 20:44:36 +00:00
Bernardo Damele	97bc816aeb	layout	2011-05-10 16:24:09 +00:00
Bernardo Damele	3a8309c4b0	Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches	2011-05-10 15:34:54 +00:00
Miroslav Stampar	707edc7b1a	fix for a bug (previously --dbms="mysql 4" was ignored and abruptly terminated while the mechanism was here all along)	2011-05-10 13:28:07 +00:00
Miroslav Stampar	a64407d9db	minor bug fix for multithreading and lots of connection retries	2011-05-10 12:40:01 +00:00
Miroslav Stampar	22a1870c2c	adding some constraining to number of used threads on brute force switches together with a warning in case of connection exception(s) with --threads>1	2011-05-10 12:32:07 +00:00
Miroslav Stampar	ec4d9178f8	minor update related to the previous commit	2011-05-08 06:28:58 +00:00
Miroslav Stampar	4d6e7c738c	minor update	2011-05-08 06:17:43 +00:00
Bernardo Damele	6653907700	forgot in last commit	2011-05-07 21:13:56 +00:00
Bernardo Damele	1151af52bb	More fix for save/resume of --technique	2011-05-07 21:08:14 +00:00
Bernardo Damele	aae140080e	SVN roll back, DB2 patch will be recommitted after testing: ... $ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .	2011-05-06 10:27:43 +00:00
Miroslav Stampar	42bca80968	removing blank lines and adding newline at the end of files	2011-05-06 09:35:53 +00:00
Miroslav Stampar	6e392b6054	applying contributed patch for DB2	2011-05-06 09:30:39 +00:00
Bernardo Damele	e96a533a04	Bug fix to resume of --technique	2011-05-05 15:18:33 +00:00
Bernardo Damele	c58dc4a6d8	isDbmsWithin() must stay like this, no getIdentifiedDbms() in there	2011-05-03 14:13:45 +00:00
Miroslav Stampar	742b0ef76e	major improvement of ERROR data retrieval on MSSQL	2011-05-03 13:25:20 +00:00
Miroslav Stampar	2a7838928e	minor fancier --replicate update	2011-05-03 11:48:04 +00:00
Miroslav Stampar	b202d73b46	bug fix for MSSQL identificators which were starting with d, b, o and . Thing is that .lstrip strips all occurances of the given chars :) (spotted ancidentally)	2011-05-03 11:09:30 +00:00
Miroslav Stampar	1840b0e43b	fix for a bug reported by k1971@live.co.uk (OperationalError: unknown database dbo)	2011-05-03 10:22:38 +00:00
Miroslav Stampar	1e6c2fea74	update regarding warning for --random-agent during connection timeout in connection test phase	2011-05-03 10:05:42 +00:00
Miroslav Stampar	5e9620198c	fix for a privately reported bug ("AttributeError: item is disabled")	2011-05-02 18:18:04 +00:00
Miroslav Stampar	93dee30895	better fix for the previous commit	2011-05-02 13:34:55 +00:00
Miroslav Stampar	20ad1c1f2f	minor update to not confuse users when using -o	2011-05-02 13:24:35 +00:00
Bernardo Damele	ac2550535c	Proper fix for --technique=U bug	2011-05-01 23:42:41 +00:00
Miroslav Stampar	900ee0ff93	fix for a major bug reported by k1971@live.co.uk (1..9 99..)	2011-05-01 15:47:00 +00:00
Miroslav Stampar	494503b334	proper way to deal with generic cases	2011-05-01 08:04:08 +00:00
Miroslav Stampar	fcd69ba9c7	fix for a --technique=U	2011-05-01 07:37:22 +00:00
Bernardo Damele	955dbc85e7	Minor variable rename	2011-04-30 15:29:59 +00:00
Bernardo Damele	00f14bec5f	layout adjustment	2011-04-30 15:22:33 +00:00
Bernardo Damele	9a4ae7d9e2	More code refactoring of Backend class methods used	2011-04-30 14:54:29 +00:00
Bernardo Damele	f56d135438	Minor code restyling	2011-04-30 13:20:05 +00:00
Miroslav Stampar	983546d6bf	proper fix	2011-04-30 07:01:21 +00:00
Bernardo Damele	a5968fff3e	Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided	2011-04-30 00:22:22 +00:00
Bernardo Damele	956e75e2b5	Minor adjustment to --mobile. ... Bug fix to --random-agent.	2011-04-29 21:50:48 +00:00
Miroslav Stampar	46f96f3c4c	removing Kindle from list as it's not really a smartphone	2011-04-29 19:32:30 +00:00
Miroslav Stampar	11124b21f9	implemented --mobile switch	2011-04-29 19:27:23 +00:00
Miroslav Stampar	6bb4dce3aa	minor refactoring	2011-04-29 15:22:32 +00:00
Miroslav Stampar	a2bb0d72e8	fix for a bug reported by rdsears@mtu.edu (TypeError: expected string or buffer)	2011-04-29 14:40:28 +00:00
Bernardo Damele	edac0b2558	Added switch --schema to enumerate DBMS schema and now --columns does not require a mandatory table (-T) anymore, instead it will act as an alias for --schema	2011-04-28 23:59:00 +00:00
Bernardo Damele	e35f25b2cb	Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: ... * It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime. * shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product. * shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX). * UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software. shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec. Minor code refactoring.	2011-04-24 23:01:21 +00:00
Bernardo Damele	d0dff82ce0	Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch	2011-04-23 16:25:09 +00:00
Miroslav Stampar	f88aa4b165	implemented suppressResumeInfo mechanism (huge slowdown on large tables)	2011-04-22 19:58:10 +00:00
Bernardo Damele	06a00fe85e	For development version, print also the revision number in the banner	2011-04-21 21:34:57 +00:00
Bernardo Damele	edc2d75702	Cosmetics and major bug fix	2011-04-21 21:15:23 +00:00
Bernardo Damele	b667c50588	store/resume info on xp_cmd available in session file	2011-04-21 14:25:04 +00:00
Bernardo Damele	a313df4d37	Allow user to force temporary folder with --tmp-path even if it has been saved one in the session file	2011-04-21 14:05:37 +00:00
Miroslav Stampar	e1a8d268d8	fix for UPX linux/macos	2011-04-21 10:52:34 +00:00
Bernardo Damele	11ecd16099	cosmetics	2011-04-21 10:08:38 +00:00
Miroslav Stampar	9ccf720c05	removing funny remark	2011-04-21 10:06:13 +00:00
Bernardo Damele	a91e6a8440	layout	2011-04-21 10:03:18 +00:00
Miroslav Stampar	cbfe743bad	added a comment	2011-04-21 10:01:58 +00:00
Miroslav Stampar	3b133303bf	refactoring	2011-04-19 22:54:13 +00:00
Miroslav Stampar	de2479b864	dealing with http://bugs.python.org/issue1602	2011-04-19 22:33:03 +00:00
Miroslav Stampar	44bbef42f8	minor cosmetics	2011-04-19 20:23:08 +00:00
Miroslav Stampar	13f8c001a7	minor update	2011-04-19 11:13:53 +00:00
Miroslav Stampar	7a06af9a92	added "lagging" critical message	2011-04-19 10:37:20 +00:00
Miroslav Stampar	a7c26366b4	doing that auto default value for --time-sec only for --tor	2011-04-19 08:43:29 +00:00
Miroslav Stampar	4d48ac54dc	automatically increasing default --time-sec value when --tor/--proxy used (not touching anything if explicit --time-sec set)	2011-04-19 08:34:21 +00:00
Miroslav Stampar	b79d4f70f3	cleaner solution for the problem solved with last commit	2011-04-18 14:51:48 +00:00
Miroslav Stampar	f5cff067c6	little hack for --time-sec	2011-04-18 14:46:18 +00:00
Miroslav Stampar	354a2ce249	'chardet' heuristic engine added to the project	2011-04-18 13:38:46 +00:00
Miroslav Stampar	6fab44d635	minor refactoring and improving of used regex	2011-04-17 22:37:00 +00:00