Miroslav Stampar
|
86fdad2bfa
|
minor update
|
2012-05-24 22:07:50 +00:00 |
|
Miroslav Stampar
|
595f69fa2c
|
minor language update
|
2012-05-10 18:30:25 +00:00 |
|
Miroslav Stampar
|
35f400b45b
|
minor language upgrade
|
2012-05-10 18:25:12 +00:00 |
|
Miroslav Stampar
|
80aedbe284
|
adding a warning about --tor switch
|
2012-05-10 18:17:32 +00:00 |
|
Miroslav Stampar
|
17efeaae7f
|
causing too much confusion among dummy users
|
2012-05-01 09:04:11 +00:00 |
|
Miroslav Stampar
|
cec432f94d
|
minor update
|
2012-04-23 14:43:59 +00:00 |
|
Miroslav Stampar
|
697768c01a
|
adding --purge-output to be one of mandatory switches
|
2012-04-23 14:42:24 +00:00 |
|
Miroslav Stampar
|
d57d5e4b2c
|
minor update
|
2012-04-23 14:33:36 +00:00 |
|
Miroslav Stampar
|
095b25e1d1
|
adding option '--purge'
|
2012-04-23 14:24:23 +00:00 |
|
Miroslav Stampar
|
be2da77bf8
|
minor update
|
2012-04-23 10:15:04 +00:00 |
|
Miroslav Stampar
|
21c6b52198
|
minor fix
|
2012-04-23 10:11:00 +00:00 |
|
Miroslav Stampar
|
2b1b4c0742
|
minor fix
|
2012-04-18 10:01:04 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
8541222080
|
minor update
|
2012-04-10 22:26:42 +00:00 |
|
Miroslav Stampar
|
02924eb345
|
minor update
|
2012-04-04 23:47:06 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
f7a664b120
|
enablind DNS server for DNS data exfiltration
|
2012-03-31 12:08:27 +00:00 |
|
Miroslav Stampar
|
adb5fff6b2
|
one more update related to the redirection mechanism
|
2012-03-15 20:17:40 +00:00 |
|
Miroslav Stampar
|
19beb912fa
|
first step toward negative logic support
|
2012-03-15 15:52:12 +00:00 |
|
Miroslav Stampar
|
3d9b1599d1
|
minor update
|
2012-03-15 11:45:32 +00:00 |
|
Miroslav Stampar
|
a7fbc55748
|
grammar fix
|
2012-03-13 22:03:23 +00:00 |
|
Miroslav Stampar
|
cd28eb6544
|
minor update regarding --load-cookies
|
2012-03-08 10:19:34 +00:00 |
|
Miroslav Stampar
|
2c87d061e9
|
minor update
|
2012-03-08 10:03:59 +00:00 |
|
Miroslav Stampar
|
b4cf8b05b3
|
added switch --load-cookies
|
2012-03-07 14:48:45 +00:00 |
|
Miroslav Stampar
|
ac5a752b12
|
Oracle's XMLType doesn't like '#' char too
|
2012-03-01 11:59:37 +00:00 |
|
Miroslav Stampar
|
570d3a19c2
|
more general fix
|
2012-02-24 10:53:28 +00:00 |
|
Miroslav Stampar
|
e8352e504f
|
fixing problems with chars deletition by logging messages in inference mode
|
2012-02-24 10:48:19 +00:00 |
|
Miroslav Stampar
|
61a25418a9
|
minor update
|
2012-02-22 10:45:10 +00:00 |
|
Miroslav Stampar
|
b3bd4144f5
|
removing of unused imports together with some general code refactoring
|
2012-02-22 10:40:11 +00:00 |
|
Miroslav Stampar
|
aee269cc14
|
gazillion changes, nothing will work, muhahaha
|
2012-02-17 14:22:48 +00:00 |
|
Miroslav Stampar
|
7e9e582eca
|
minor update
|
2012-02-08 14:23:57 +00:00 |
|
Miroslav Stampar
|
2662fe84f7
|
minor update
|
2012-02-08 12:02:50 +00:00 |
|
Miroslav Stampar
|
f7bf1fbe94
|
upgrade/fixes for direct DBMS access
|
2012-02-07 10:46:55 +00:00 |
|
Miroslav Stampar
|
8405ef59ac
|
some estetic updates
|
2012-02-01 14:49:42 +00:00 |
|
Miroslav Stampar
|
9eee6c252d
|
minor update for --scope
|
2012-01-16 10:28:21 +00:00 |
|
Miroslav Stampar
|
95f89ab63a
|
updating copyright date
|
2012-01-11 14:59:46 +00:00 |
|
Miroslav Stampar
|
1d0b43b1a2
|
implemented mechanism for merging cookies by request
|
2012-01-11 14:28:08 +00:00 |
|
Miroslav Stampar
|
5a8fc44119
|
minor update
|
2012-01-07 15:26:54 +00:00 |
|
Miroslav Stampar
|
3f4afdf251
|
minor fix (crashing if no : in value)
|
2012-01-07 14:54:56 +00:00 |
|
Miroslav Stampar
|
29f502fe29
|
some refactoring
|
2011-12-28 16:27:17 +00:00 |
|
Miroslav Stampar
|
dda979a15a
|
minor refactoring
|
2011-12-27 12:31:29 +00:00 |
|
Miroslav Stampar
|
c20546dcaa
|
minor refactoring
|
2011-12-26 12:24:39 +00:00 |
|
Miroslav Stampar
|
b71a81041d
|
implemented --tor-port by request
|
2011-12-23 10:57:09 +00:00 |
|
Miroslav Stampar
|
a6310c0b21
|
minor update
|
2011-12-21 23:04:36 +00:00 |
|
Miroslav Stampar
|
41ccf88990
|
some more refactoring
|
2011-12-21 22:09:21 +00:00 |
|
Miroslav Stampar
|
81bd9a201b
|
minor refactoring
|
2011-12-21 11:50:49 +00:00 |
|
Miroslav Stampar
|
563c0c1066
|
adding switch --tor-type
|
2011-12-15 23:19:55 +00:00 |
|
Miroslav Stampar
|
364113441b
|
adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)
|
2011-12-14 10:19:45 +00:00 |
|
Miroslav Stampar
|
0f5d48ff20
|
minor update
|
2011-12-05 09:25:56 +00:00 |
|
Miroslav Stampar
|
9bc735963b
|
update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself))
|
2011-12-04 22:42:19 +00:00 |
|
Miroslav Stampar
|
ec895c3d1a
|
revert of last commit
|
2011-12-04 16:37:18 +00:00 |
|
Miroslav Stampar
|
393843bf87
|
it seems that SOCKS4 is safer solution for TOR socks access
|
2011-12-04 16:23:08 +00:00 |
|
Miroslav Stampar
|
b9ae28dd5e
|
minor beautification
|
2011-12-02 14:11:43 +00:00 |
|
Miroslav Stampar
|
32ab7171ea
|
minor update
|
2011-12-01 10:07:39 +00:00 |
|
Miroslav Stampar
|
9975ff8d17
|
minor update
|
2011-11-30 19:26:03 +00:00 |
|
Miroslav Stampar
|
872a73f631
|
minor refactoring
|
2011-11-29 19:17:07 +00:00 |
|
Miroslav Stampar
|
885b432808
|
minor update
|
2011-11-23 21:39:53 +00:00 |
|
Miroslav Stampar
|
ba4234dc42
|
switching from HTTP proxy to SOCKS proxy for --tor (sick and tired of Polipo/Privoxy bull; either Tor flag is overwritten every here and there or they are putting all kinds of filter warnings)
|
2011-11-23 21:17:08 +00:00 |
|
Miroslav Stampar
|
14e8ca6d41
|
minor fix
|
2011-11-23 14:26:40 +00:00 |
|
Miroslav Stampar
|
2e10de8921
|
minor update
|
2011-11-22 12:18:24 +00:00 |
|
Miroslav Stampar
|
eee03871d7
|
minor refactoring
|
2011-11-21 21:31:08 +00:00 |
|
Miroslav Stampar
|
65b2b0ad87
|
adding switch --eval
|
2011-11-21 16:41:02 +00:00 |
|
Miroslav Stampar
|
7314de3490
|
language update
|
2011-11-15 11:17:39 +00:00 |
|
Miroslav Stampar
|
030c57a0c8
|
minor update
|
2011-11-06 11:18:16 +00:00 |
|
Miroslav Stampar
|
61e3621855
|
minor update
|
2011-11-02 14:33:23 +00:00 |
|
Miroslav Stampar
|
43340a7ea5
|
language
|
2011-11-01 19:06:27 +00:00 |
|
Miroslav Stampar
|
ef987c6954
|
adding compatibility support for using --crawl and --forms together
|
2011-10-29 09:32:20 +00:00 |
|
Miroslav Stampar
|
ddc4dfe5ff
|
minor refactoring for regarding --forms
|
2011-10-29 08:32:24 +00:00 |
|
Miroslav Stampar
|
d7866ac78d
|
added support for automatic filtering of badly formed HTML in --forms mode
|
2011-10-28 21:28:03 +00:00 |
|
Miroslav Stampar
|
7ce3af68fc
|
fixing support for parsing BURP logs
|
2011-10-27 17:31:34 +00:00 |
|
Miroslav Stampar
|
6b7920d89a
|
minor patch for --tor
|
2011-10-27 10:52:06 +00:00 |
|
Miroslav Stampar
|
64ca01ea0e
|
minor update
|
2011-10-25 22:06:47 +00:00 |
|
Miroslav Stampar
|
35c889a411
|
minor update
|
2011-10-25 18:07:33 +00:00 |
|
Miroslav Stampar
|
ee76fed56a
|
minor update
|
2011-10-25 17:48:20 +00:00 |
|
Miroslav Stampar
|
41ad7f9eab
|
minor update
|
2011-10-25 17:44:30 +00:00 |
|
Miroslav Stampar
|
86b4a3562f
|
added switch --check-tor
|
2011-10-25 17:37:43 +00:00 |
|
Miroslav Stampar
|
c1486ed4be
|
adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request
|
2011-10-25 09:53:44 +00:00 |
|
Miroslav Stampar
|
323aa7bf2f
|
minor update
|
2011-10-09 21:21:41 +00:00 |
|
Miroslav Stampar
|
6d2536f217
|
minor update
|
2011-09-27 22:27:34 +00:00 |
|
Miroslav Stampar
|
c0910ca2c8
|
added one more warning message by request
|
2011-09-27 22:25:15 +00:00 |
|
Miroslav Stampar
|
88f1110c44
|
adding a new (for now) hidden switch --test-filter for filtering tests by their name
|
2011-09-27 14:09:25 +00:00 |
|
Miroslav Stampar
|
7e80274fac
|
refactoring
|
2011-09-25 21:10:45 +00:00 |
|
Miroslav Stampar
|
744636a8c1
|
switching to SQLite resume support (on error and union techniques this moment)
|
2011-09-25 20:36:32 +00:00 |
|
Bernardo Damele
|
f890b29f81
|
Proper reference to Metasploit Framework as now it's version 4, not 3 anymore
|
2011-09-12 17:26:22 +00:00 |
|
Miroslav Stampar
|
02f993583b
|
minor bug fix
|
2011-09-09 11:36:09 +00:00 |
|
Miroslav Stampar
|
9be89422da
|
implemented parameter --skip
|
2011-08-29 13:29:42 +00:00 |
|
Miroslav Stampar
|
e0f521cf9d
|
minor update regarding --randomize
|
2011-08-29 13:08:25 +00:00 |
|
Miroslav Stampar
|
7cc5743c5d
|
minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters)
|
2011-08-16 06:50:20 +00:00 |
|
Bernardo Damele
|
702ed73a65
|
Added --code switch to match in boolean-based tests against the HTTP response code
|
2011-08-12 16:48:11 +00:00 |
|
Miroslav Stampar
|
10bdd90e60
|
minor speed optimizations (as a result of profiling)
|
2011-08-12 13:40:37 +00:00 |
|
Miroslav Stampar
|
2ad267132a
|
minor update for empty normal responses (like AJAX requests)
|
2011-08-05 10:55:21 +00:00 |
|
Miroslav Stampar
|
9423d15fb3
|
ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix
|
2011-08-03 09:08:16 +00:00 |
|
Bernardo Damele
|
938716e361
|
Proper fix for --start and --stop consistency amongst different techniques
|
2011-07-26 10:06:28 +00:00 |
|
Miroslav Stampar
|
6bbb8139a0
|
update (smaller memory footprint in postprocessing phase because of safecharencode part)
|
2011-07-25 20:40:31 +00:00 |
|
Bernardo Damele
|
6cbb927012
|
Partial fix for -o not resumed at following runs if missing from command line
|
2011-07-25 11:05:49 +00:00 |
|
Miroslav Stampar
|
a89140e1ce
|
revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function)
|
2011-07-23 06:07:00 +00:00 |
|
Miroslav Stampar
|
f5e45bf113
|
quick fix for a bug reported by jovon.itwaru@gmail.com
|
2011-07-11 08:54:39 +00:00 |
|
Bernardo Damele
|
651349e229
|
More verbose critical message
|
2011-07-08 13:12:53 +00:00 |
|
Miroslav Stampar
|
c517e97a44
|
few fixes and minor cosmetics
|
2011-07-08 06:02:31 +00:00 |
|
Bernardo Damele
|
aedcf8c8d7
|
Changed homepage address
|
2011-07-07 20:10:03 +00:00 |
|
Bernardo Damele
|
23b4efdcaf
|
Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too.
|
2011-07-06 21:04:45 +00:00 |
|
Miroslav Stampar
|
93b296e02c
|
few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")
|
2011-07-06 05:44:47 +00:00 |
|
Miroslav Stampar
|
b8ffcf9495
|
few fixes here and there and multi-core processing for dictionary based hash attack
|
2011-07-04 19:58:41 +00:00 |
|
Bernardo Damele
|
36c96ef796
|
Added DB2 support - patch provided by Sebastian Bittig
|
2011-06-25 09:44:24 +00:00 |
|
Miroslav Stampar
|
aa83fe5c66
|
minor update
|
2011-06-24 18:19:33 +00:00 |
|
Miroslav Stampar
|
96190cf594
|
minor update
|
2011-06-24 17:15:15 +00:00 |
|
Miroslav Stampar
|
eaa2a4202f
|
changing to: --crawl=CRAWLDEPTH
|
2011-06-24 05:40:03 +00:00 |
|
Miroslav Stampar
|
5190440ea2
|
minor fix
|
2011-06-22 15:36:59 +00:00 |
|
Miroslav Stampar
|
97d8729d71
|
probable fix for a bug reported by m4l1c3 (RuntimeError: maximum recursion depth exceeded)
|
2011-06-22 15:28:49 +00:00 |
|
Miroslav Stampar
|
84bc8c3a37
|
update
|
2011-06-22 14:39:31 +00:00 |
|
Miroslav Stampar
|
938db1b513
|
replacing xmlobject logic with our own
|
2011-06-22 14:33:52 +00:00 |
|
Miroslav Stampar
|
f09340fc89
|
minor update
|
2011-06-20 12:40:14 +00:00 |
|
Miroslav Stampar
|
4d1fa5596b
|
added support for --scope in --crawl mode
|
2011-06-20 12:37:51 +00:00 |
|
Miroslav Stampar
|
b1426b5131
|
bug fix
|
2011-06-20 12:11:09 +00:00 |
|
Miroslav Stampar
|
cda39ca350
|
minor update
|
2011-06-20 11:46:23 +00:00 |
|
Miroslav Stampar
|
07e2c72943
|
adding Beautifulsoup (BSD) into extras; adding --crawl to options
|
2011-06-20 11:32:30 +00:00 |
|
Bernardo Damele
|
cd07139919
|
Layout adjustments
|
2011-06-18 11:58:14 +00:00 |
|
Miroslav Stampar
|
905fef0eae
|
now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5)
|
2011-06-18 10:51:14 +00:00 |
|
Miroslav Stampar
|
f3ee2c09fb
|
cleaner fix
|
2011-06-17 15:32:23 +00:00 |
|
Miroslav Stampar
|
bb987ec98f
|
fix for DNS leakage
|
2011-06-17 15:23:58 +00:00 |
|
Miroslav Stampar
|
6f681b45ad
|
cleaning up a bit for a configuration mess
|
2011-06-16 11:42:13 +00:00 |
|
Miroslav Stampar
|
63d98d8ce6
|
fix for a bug reported by rdsears@mtu.edu (ignored config file items)
|
2011-06-16 08:08:49 +00:00 |
|
Miroslav Stampar
|
4d51fa8155
|
minor update planned for a long time (in case of heuristic test was positive warn the user properly at the end if program fails)
|
2011-06-15 17:37:28 +00:00 |
|
Miroslav Stampar
|
d55a242908
|
minor improvement. messages are now warnings (not errors because lots of them are not causing problems for a normal usage) and most of all it's being checked only if the --dependencies is used (until now this switch has been ignored and turned on by default - always)
|
2011-06-14 19:38:35 +00:00 |
|
Bernardo Damele
|
8978fded03
|
typo fix
|
2011-06-13 19:00:27 +00:00 |
|
Bernardo Damele
|
7152a1ed3b
|
Added --dependences to show which sqlmap dependences are not available
|
2011-06-13 18:44:02 +00:00 |
|
Miroslav Stampar
|
9331abb96f
|
minor update
|
2011-06-11 08:33:36 +00:00 |
|
Miroslav Stampar
|
9202fedf7b
|
minor fix
|
2011-06-09 08:14:54 +00:00 |
|
Bernardo Damele
|
0d8d6a4ace
|
Cosmetics
|
2011-06-08 16:08:20 +00:00 |
|
Miroslav Stampar
|
4eeeb3655e
|
asking and skipping to the next google result page if no usable links found
|
2011-06-07 23:24:17 +00:00 |
|
Miroslav Stampar
|
7a3cc38e3c
|
refactoring and stabilization of multithreading
|
2011-06-07 09:50:00 +00:00 |
|
Miroslav Stampar
|
8aa5625cd0
|
proper fix related to the last commit
|
2011-06-01 23:00:18 +00:00 |
|
Miroslav Stampar
|
20988e58ed
|
warp 5 mr spock :)
|
2011-05-30 09:46:32 +00:00 |
|
Miroslav Stampar
|
86455ceb9c
|
implementation of multithreading for UNION and ERROR techniques
|
2011-05-29 23:17:50 +00:00 |
|
Miroslav Stampar
|
c11ea35d53
|
adding some user input for "refreshing" cases (like redirect ones)
|
2011-05-27 22:42:23 +00:00 |
|
Miroslav Stampar
|
4f46a5ab63
|
minor usability enhancement regarding warning for --text-only switch
|
2011-05-26 20:48:18 +00:00 |
|
Miroslav Stampar
|
ff030e4d24
|
minor cleanup of the leftover
|
2011-05-26 17:37:24 +00:00 |
|
Miroslav Stampar
|
b6fe5b12a4
|
adding --schema to the wizard/Basic as it looks like a cool thingy to put there
|
2011-05-26 14:30:05 +00:00 |
|
Miroslav Stampar
|
2f456bee75
|
minor beautification
|
2011-05-25 08:14:39 +00:00 |
|
Miroslav Stampar
|
8b7a3c5a6b
|
making it easier for totally dummy users
|
2011-05-24 17:24:01 +00:00 |
|
Miroslav Stampar
|
bec2c04671
|
helping dummy users
|
2011-05-24 17:15:25 +00:00 |
|
Miroslav Stampar
|
f774d8fea0
|
proper Tor settings (reverted r3915 and implemented it the right way)
|
2011-05-24 11:06:58 +00:00 |
|
Miroslav Stampar
|
a536bf210f
|
improved redirection mechanism
|
2011-05-23 23:20:03 +00:00 |
|
Miroslav Stampar
|
2ea613b170
|
type correction and adding global flag kb.ignoreTimeout which could be useful
|
2011-05-22 08:24:13 +00:00 |
|
Miroslav Stampar
|
25fff8c135
|
changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux)
|
2011-05-21 11:46:57 +00:00 |
|
Miroslav Stampar
|
9832fc42d4
|
minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)
|
2011-05-18 21:47:40 +00:00 |
|
Miroslav Stampar
|
3048e9f710
|
minor refactoring
|
2011-05-17 23:03:31 +00:00 |
|