Miroslav Stampar
|
cc62a8adc9
|
Bug fix for JSON-like data (proper escaping of quotes)
|
2014-02-26 09:30:37 +01:00 |
|
Miroslav Stampar
|
6369a38ebc
|
Adding support for JSON-like data with single quote
|
2014-02-26 08:56:17 +01:00 |
|
Miroslav Stampar
|
465f968be6
|
Minor cosmetic update
|
2014-02-26 08:41:23 +01:00 |
|
Miroslav Stampar
|
edc8ef9d5b
|
Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used)
|
2014-02-25 13:48:34 +01:00 |
|
Miroslav Stampar
|
2a423d61ef
|
Raising number of requests for false positive testing in case of higher levels
|
2014-02-23 19:40:01 +01:00 |
|
Miroslav Stampar
|
d405fc1157
|
Minor update (for the consistency sake)
|
2014-02-16 22:04:12 +01:00 |
|
Miroslav Stampar
|
58eac364a2
|
Bug fix
|
2014-02-16 21:57:14 +01:00 |
|
Miroslav Stampar
|
dfa727cbc5
|
Fix for a same bug mentioned in last commit
|
2014-02-16 21:47:14 +01:00 |
|
Miroslav Stampar
|
43df4efd11
|
Bug fix (bad idea is to do os.path.join on web URLs - especially on Windows OS)
|
2014-02-16 21:44:57 +01:00 |
|
Miroslav Stampar
|
d05bfdd7dd
|
Implementing option '--where' (Issue #605)
|
2014-02-11 16:20:45 +01:00 |
|
Bernardo Damele
|
be6767b3b0
|
minor fix for command execution via web shell
|
2014-02-10 09:59:57 +00:00 |
|
Miroslav Stampar
|
fe0ff6e679
|
Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases
|
2014-02-09 17:50:16 +01:00 |
|
Miroslav Stampar
|
8521265526
|
Minor fix
|
2014-02-07 14:40:43 +01:00 |
|
Miroslav Stampar
|
534c2ee0e6
|
Minor update
|
2014-02-01 22:12:00 +01:00 |
|
Miroslav Stampar
|
0e44132778
|
Removing unused imports
|
2014-02-01 21:49:12 +01:00 |
|
Miroslav Stampar
|
f97fcb7bb3
|
Adding a switch --invalid-string
|
2014-01-23 21:56:06 +01:00 |
|
Miroslav Stampar
|
f88f6dcd7e
|
Changing --invalid-bignum from float producing to int producing
|
2014-01-23 09:07:25 +01:00 |
|
Miroslav Stampar
|
fc02badf40
|
Minor update
|
2014-01-23 08:33:21 +01:00 |
|
Bernardo Damele
|
bc29bf6481
|
removed comments
|
2014-01-13 23:57:49 +00:00 |
|
Bernardo Damele
|
1505f1dc74
|
removed useless sink
|
2014-01-13 23:55:32 +00:00 |
|
Bernardo Damele
|
124ebefc7f
|
code cleanup
|
2014-01-13 23:48:15 +00:00 |
|
Bernardo Damele
|
3c79d66569
|
fixed stderr
|
2014-01-13 17:34:38 +00:00 |
|
Bernardo Damele
|
43a4e85749
|
updated copyright
|
2014-01-13 17:24:49 +00:00 |
|
Bernardo Damele
|
dfa9076a70
|
fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d )
|
2014-01-13 17:12:37 +00:00 |
|
Miroslav Stampar
|
6863436d4e
|
Implementation for an Issue #596
|
2014-01-13 10:05:56 +01:00 |
|
Bernardo Damele
|
d9e00adfae
|
minor fix
|
2014-01-10 17:23:16 +00:00 |
|
Miroslav Stampar
|
36f3ab5798
|
Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True)
|
2014-01-09 15:46:55 +01:00 |
|
Miroslav Stampar
|
cb1f17cb04
|
Proper patch for an Issue #591
|
2014-01-02 12:15:56 +01:00 |
|
Miroslav Stampar
|
5437f8bf36
|
Fix for an Issue #85
|
2014-01-02 12:09:58 +01:00 |
|
Miroslav Stampar
|
4de83daf03
|
Minor style update
|
2014-01-02 11:06:19 +01:00 |
|
Miroslav Stampar
|
e0143e397a
|
Consistency fix (down below we use direct SQL)
|
2014-01-02 10:59:53 +01:00 |
|
Miroslav Stampar
|
0b4fcb6845
|
Fix for an Issue #591
|
2014-01-02 10:55:40 +01:00 |
|
Miroslav Stampar
|
854a55166c
|
Fix for an Issue #588
|
2014-01-02 10:29:10 +01:00 |
|
Miroslav Stampar
|
9b4b070ecf
|
Minor cosmetics
|
2014-01-02 10:05:58 +01:00 |
|
Miroslav Stampar
|
192a911b76
|
Patch for an Issue #28
|
2013-12-29 16:16:50 +01:00 |
|
Miroslav Stampar
|
41d6c1af82
|
Patch for an Issue #589
|
2013-12-28 13:47:40 +01:00 |
|
Miroslav Stampar
|
6c80f2903b
|
Patch for an Issue #564
|
2013-12-27 11:02:59 +01:00 |
|
Miroslav Stampar
|
cadbddd607
|
Adding a boundary proposed in Issue #564
|
2013-12-27 10:46:18 +01:00 |
|
Miroslav Stampar
|
7718edac9b
|
Fix for an Issue #570
|
2013-12-27 09:40:33 +01:00 |
|
Miroslav Stampar
|
02de2aee6d
|
Patch for an Issue #582
|
2013-12-26 22:27:04 +01:00 |
|
Miroslav Stampar
|
ab64d385d6
|
Bug fix (stacked queries as in PgSQL and MsSQL DNS tunneling queries MUST end with the comment - not the recognized underlying technique's suffix)
|
2013-12-25 22:18:57 +01:00 |
|
Miroslav Stampar
|
2c2667b2be
|
Minor patch for an Issue #575
|
2013-12-18 00:56:24 +01:00 |
|
Miroslav Stampar
|
fd6dcd8bf5
|
Merge pull request #583 from mattoufoutu/api
RESTful API improvements
|
2013-12-17 14:10:19 -08:00 |
|
Miroslav Stampar
|
f18abb1e9c
|
Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets)
|
2013-12-17 09:30:51 +01:00 |
|
Miroslav Stampar
|
7d8eb148ce
|
Patch for an Issue #565 (DuckDuckGo doesn't like identity encoding)
|
2013-12-17 09:30:04 +01:00 |
|
Miroslav Stampar
|
4819e19200
|
Patch for an Issue #584
|
2013-12-16 22:00:47 +01:00 |
|
Mathieu Deous
|
4c9456dd72
|
moar logging!
|
2013-12-15 16:59:47 +01:00 |
|
Mathieu Deous
|
438ad73016
|
avoid names shadowing
|
2013-12-15 09:22:01 +01:00 |
|
Mathieu Deous
|
eda9a3da67
|
all instance attributes should be defined in constructor
|
2013-12-15 09:16:38 +01:00 |
|
Mathieu Deous
|
3effaee2a1
|
avoid using global variables, use a "store" class
|
2013-12-15 00:19:58 +01:00 |
|