Miroslav Stampar
|
d05bd75068
|
adding experimental for --group-concat
|
2011-02-22 14:35:38 +00:00 |
|
Bernardo Damele
|
8e60acae5d
|
Added support for --scope also in WebScarab logs (-l)
|
2011-02-19 21:03:55 +00:00 |
|
Miroslav Stampar
|
df58bcaf95
|
minor improvement
|
2011-02-18 14:27:02 +00:00 |
|
Miroslav Stampar
|
22cd49a217
|
--technique can now be something like 123 which includes both techniques 1, 2 and 3
|
2011-02-17 21:39:16 +00:00 |
|
Miroslav Stampar
|
199f14df46
|
implementation of MySQL GROUP_CONCAT technique
|
2011-02-15 00:28:27 +00:00 |
|
Miroslav Stampar
|
9f7d666451
|
removing --method per request of buawig
|
2011-02-12 19:50:27 +00:00 |
|
Miroslav Stampar
|
4295a78c5f
|
minor update
|
2011-02-10 19:51:34 +00:00 |
|
Miroslav Stampar
|
b56a77e573
|
removing obsolete switches (--threshold, --excl-reg, --excl-str)
|
2011-02-03 15:55:19 +00:00 |
|
Miroslav Stampar
|
5f49e20cc8
|
adding --random-agent and removing -a
|
2011-02-02 14:51:12 +00:00 |
|
Miroslav Stampar
|
e73a147fb5
|
minor update
|
2011-02-02 11:49:59 +00:00 |
|
Miroslav Stampar
|
99aa38b58f
|
minor refactoring
|
2011-02-02 10:10:28 +00:00 |
|
Miroslav Stampar
|
23c95107ed
|
we must do this because people tend to use ignorantly huge number threads resulting in lots of CRITICAL (timeout) connection messages (also, avoiding DoS)
|
2011-02-02 09:24:37 +00:00 |
|
Bernardo Damele
|
ec9ebb3479
|
Set threads to 4 when optimization switch is provided, -o
|
2011-01-31 21:21:13 +00:00 |
|
Miroslav Stampar
|
ddf23ba7cc
|
refactoring
|
2011-01-30 11:36:03 +00:00 |
|
Miroslav Stampar
|
367d0639f0
|
refactoring (class names should always be Capital cased)
|
2011-01-28 16:36:09 +00:00 |
|
Bernardo Damele
|
e1db2700f0
|
Minor bug fix to properly deal --prefix and --suffix and parameter replace payloads
|
2011-01-24 12:25:45 +00:00 |
|
Miroslav Stampar
|
4441e11f68
|
fix for case -r with no params and cookie available
|
2011-01-24 11:26:51 +00:00 |
|
Bernardo Damele
|
4128b2c87f
|
Enforce that when --prefix is provided, --suffix is too and viceversa.
|
2011-01-20 21:57:54 +00:00 |
|
Miroslav Stampar
|
ad12242151
|
LoL (removing those checks because we use same "logic" for parsing Burp log files and request files)
|
2011-01-20 16:27:59 +00:00 |
|
Miroslav Stampar
|
e8c037de1a
|
minor update
|
2011-01-20 16:17:38 +00:00 |
|
Miroslav Stampar
|
4e5f0da1ae
|
minor update
|
2011-01-20 16:07:08 +00:00 |
|
Miroslav Stampar
|
2fa066f892
|
added support for WebScarab logs
|
2011-01-20 15:55:50 +00:00 |
|
Miroslav Stampar
|
f6f4b5e9dd
|
bug fix for charset used in inference for pages retrieved with --null-connection
|
2011-01-20 11:01:01 +00:00 |
|
Bernardo Damele
|
bade0e3124
|
Major code refactoring - centralized all kb.dbms* info for both retrieval and set.
|
2011-01-19 23:06:15 +00:00 |
|
Miroslav Stampar
|
c106dc829a
|
more proper way to deal with this because without it warn message is just fast scrolled while leaving users confused (why it doesn't run)
|
2011-01-19 22:08:56 +00:00 |
|
Bernardo Damele
|
47565f9459
|
Minor code refactoring
|
2011-01-17 21:13:59 +00:00 |
|
Miroslav Stampar
|
30d6791968
|
update regarding time based data retrieval
|
2011-01-16 17:52:42 +00:00 |
|
Miroslav Stampar
|
71391874eb
|
slightly faster and thread safer inference
|
2011-01-16 10:52:42 +00:00 |
|
Miroslav Stampar
|
fb9d7cdfaa
|
refactoring, code clearing and removal of obsolete switch --longest-common
|
2011-01-14 14:37:03 +00:00 |
|
Bernardo Damele
|
3c95d71ea5
|
Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase
|
2011-01-14 11:55:20 +00:00 |
|
Bernardo Damele
|
2ac8debea0
|
Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
Minor bug fixes thanks to previous refactoring too.
|
2011-01-13 17:36:54 +00:00 |
|
Bernardo Damele
|
af9725214a
|
Properly deal with partial (single entry) UNION injections.
Got rid of kb.union*, now it's all stored/used from kb.injection.
Minor bug fix with where=2 detection phase.
|
2011-01-12 12:01:32 +00:00 |
|
Bernardo Damele
|
8a67aea754
|
One more step to fully working UNION exploitation after merge into detection phase
|
2011-01-12 01:13:32 +00:00 |
|
Bernardo Damele
|
5c7c3c76c3
|
Fixed previous bug in getErrorParsedDBMSes() call in detection phase.
Added minor support to escape quotes in UNION payloads during detection phase.
|
2011-01-11 23:47:32 +00:00 |
|
Bernardo Damele
|
06230e4d92
|
Minor code refactoring and cosmetics
|
2011-01-11 21:46:21 +00:00 |
|
Miroslav Stampar
|
394b6bc029
|
reverting some changes
|
2011-01-11 12:11:33 +00:00 |
|
Miroslav Stampar
|
690281dce1
|
didn't know this to be honest
|
2011-01-11 10:17:22 +00:00 |
|
Miroslav Stampar
|
77b51dae57
|
adding openFile method with an exception block around file opening part
|
2011-01-08 09:30:10 +00:00 |
|
Miroslav Stampar
|
c17714c423
|
suppress session in case of brute methods
|
2011-01-07 16:47:46 +00:00 |
|
Miroslav Stampar
|
b313a20a3f
|
some fixes
|
2011-01-07 16:39:47 +00:00 |
|
Miroslav Stampar
|
a8d660db54
|
fixes for bugs reported by pragmatk@gmail.com
|
2011-01-06 16:59:58 +00:00 |
|
Miroslav Stampar
|
0eabca9fd4
|
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
|
2011-01-03 22:31:29 +00:00 |
|
Miroslav Stampar
|
08ccbf2c1e
|
important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)
|
2011-01-03 22:02:58 +00:00 |
|
Miroslav Stampar
|
da138c46c1
|
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
|
2011-01-02 07:37:47 +00:00 |
|
Miroslav Stampar
|
212035e64d
|
user can now choose if he wants to skip non-heuristic based DBMS tests
|
2011-01-01 23:38:11 +00:00 |
|
Miroslav Stampar
|
9fb0e0fc85
|
resume of brute forced data is now available
|
2010-12-27 14:17:20 +00:00 |
|
Miroslav Stampar
|
51a492e17d
|
pretty important commit (now dumped tables are prone to dictionary attack)
|
2010-12-27 10:56:28 +00:00 |
|
Miroslav Stampar
|
269d6bde24
|
this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion)
|
2010-12-27 00:14:29 +00:00 |
|
Miroslav Stampar
|
562a6440d1
|
fix for a bug reported by nightman (same as http://bugs.python.org/issue8797)
|
2010-12-26 09:33:04 +00:00 |
|
Miroslav Stampar
|
2c23a59ba5
|
fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)
|
2010-12-24 12:13:48 +00:00 |
|