| 
							
							
								 Bernardo Damele | c9e6fc7695 | Added new tamper script, tamper/space2mssqlblank.py from RS | 2011-07-11 09:49:58 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | e47f873fa4 | Renamed space2extrarandomblank.py to space2mysqlblank.py | 2011-07-11 09:49:03 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c9ba58acb6 | Moved MS Access UNION query tests after generic as generic test must identify MSSQL | 2011-07-11 09:47:52 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 1e1f429668 | Minor minor fix | 2011-07-11 09:22:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5014475637 | minor update (changing form of payload[i+1] with payload[i+1:i+2] which is much safer for not crashing the script with invalid char index) | 2011-07-11 09:22:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7a6bddf811 | minor fixes pointed by RS | 2011-07-11 09:08:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f5e45bf113 | quick fix for a bug reported by jovon.itwaru@gmail.com | 2011-07-11 08:54:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 98958f8808 | minor minor update | 2011-07-10 15:41:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0d6afca7db | adding new switch '--smart' by request | 2011-07-10 15:16:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5d31eb5ef7 | cosmetics and also tested against testing env - works perfectly | 2011-07-10 09:07:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b3acaf85d8 | minor update | 2011-07-10 08:58:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | eb42cedf2a | adding extractvalue MySQL >= 5.1 error payload (http://www.notsosecure.com/folder2/2010/06/29/mysql-exploitation-with-error-messages/) - untested (lack of particular ver for testing) and prone to level/risk adjustment | 2011-07-10 08:54:22 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b7433011f8 | new tamper script by request | 2011-07-08 22:48:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1e182e6c72 | quick fix | 2011-07-08 22:34:44 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 05cb65b106 | Added one more tamper script from Roberto Salgado and minor adjustment to others | 2011-07-08 13:43:34 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 3985a81cb9 | Update email addresses | 2011-07-08 13:39:47 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 651349e229 | More verbose critical message | 2011-07-08 13:12:53 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 062c156fc0 | Added another tamper script from Roberto Salgado | 2011-07-08 11:03:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 93219b9e13 | i've accidentally left table_schema removed while doing some tests. now it should be ok | 2011-07-08 10:24:46 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | b5dd4d4a63 | Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection | 2011-07-08 10:19:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 02bfd05b20 | more general approach | 2011-07-08 10:03:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5443e06430 | cosmetics (in debug mode [0] is used) | 2011-07-08 09:43:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c463c411b9 | minor update | 2011-07-08 09:32:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ba2c06c9dc | quick fix | 2011-07-08 09:01:32 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c517e97a44 | few fixes and minor cosmetics | 2011-07-08 06:02:31 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | aedcf8c8d7 | Changed homepage address | 2011-07-07 20:10:03 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 736327c893 | Added two tamper scripts contributed by Roberto Salgado | 2011-07-07 18:45:07 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 067354b97f | Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access | 2011-07-07 13:20:40 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c6a0b84242 | Some more common tables and columns | 2011-07-07 00:23:54 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 9e1a6beb7a | Major bug fix in UNION detection, it was a leftover | 2011-07-07 00:06:20 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | fcd4e94c04 | Higher chances to detect UNION query SQL injection against Microsoft Access | 2011-07-06 23:52:44 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 9d2aadd4a6 | missing docstring details | 2011-07-06 22:53:22 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 23b4efdcaf | Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too. | 2011-07-06 21:04:45 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 0d28c1e9e7 | cosmetics | 2011-07-06 20:41:13 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 6f6038b534 | Quick fix (revert..) | 2011-07-06 11:32:12 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 93b296e02c | few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation") | 2011-07-06 05:44:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b8ffcf9495 | few fixes here and there and multi-core processing for dictionary based hash attack | 2011-07-04 19:58:41 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | da049110df | Minor revert | 2011-07-04 15:23:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a1fe9d07ca | minor revert | 2011-07-02 23:00:22 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 34d9a91af1 | bulk of fixes | 2011-07-02 22:48:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 861cdb1b14 | cosmetics | 2011-07-01 10:04:34 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4513ef409e | massive (like really massive) dictionary support | 2011-06-30 23:44:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 43db6b03a7 | update with a feature request (file with list of wordlist files) | 2011-06-30 08:42:43 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 366c2d279d | minor update | 2011-06-30 08:02:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d063ae91eb | propset update | 2011-06-30 07:55:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b361f60644 | minor changes | 2011-06-30 07:52:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f3013e4a29 | minor update | 2011-06-30 06:39:32 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | caf22b58bc | new tamper script | 2011-06-30 06:34:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8a36f7fc03 | fix for a bug reported by aboynes@gmail.com (UnboundLocalError: local variable 'infoMsg' referenced before assignment) | 2011-06-29 18:04:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9e453e8709 | fix for a bug reported by nightman@email.de | 2011-06-29 17:49:59 +00:00 |  |