Commit Graph

3107 Commits

Author SHA1 Message Date
Miroslav Stampar
562a6440d1 fix for a bug reported by nightman (same as http://bugs.python.org/issue8797) 2010-12-26 09:33:04 +00:00
Miroslav Stampar
6c72e41972 minor fix/update 2010-12-26 02:19:10 +00:00
Miroslav Stampar
e41acb6fc2 further ms access improvements 2010-12-26 02:13:56 +00:00
Miroslav Stampar
2c8115eed9 further improvement for ms access table dumping 2010-12-26 01:04:30 +00:00
Miroslav Stampar
64523212a4 added site:cn 2010-12-26 00:06:47 +00:00
Miroslav Stampar
5249762794 update 2010-12-25 16:46:33 +00:00
Miroslav Stampar
f85bb96221 columns updated with localized items 2010-12-25 16:26:05 +00:00
Miroslav Stampar
561121b536 major update adding new table names (based on site:? localization) 2010-12-25 15:15:03 +00:00
Miroslav Stampar
fb099615e2 minor update 2010-12-25 11:16:35 +00:00
Miroslav Stampar
c5c4aae3d5 minor update (to prevent adding too much items) 2010-12-25 10:42:36 +00:00
Miroslav Stampar
b472b96f92 bug fix, refactoring and improved extractErrorMessage capabilities 2010-12-25 10:16:20 +00:00
Miroslav Stampar
ea7ba19f6b minor update 2010-12-25 09:43:14 +00:00
Miroslav Stampar
272476773f getPageTextWordsSet on tableExists is pretty powerful stuff 2010-12-25 09:37:33 +00:00
Miroslav Stampar
9853c1ec7f fix for a bug reported by alessio.dallapiazza@gmail.com (AttributeError: users) 2010-12-25 09:13:57 +00:00
Miroslav Stampar
6845d402fa well, here and there, merry Christmas to all :) 2010-12-24 20:17:53 +00:00
Miroslav Stampar
706d8e0b88 development update (basic ms access dumping implemented) 2010-12-24 19:53:11 +00:00
Miroslav Stampar
2d115e0350 one more fix 2010-12-24 18:44:13 +00:00
Miroslav Stampar
edcf1a0872 few bug fixes 2010-12-24 18:40:48 +00:00
Miroslav Stampar
96a06351a1 minor fix (in testing phase raise404 should be set to False) 2010-12-24 12:36:00 +00:00
Miroslav Stampar
2c23a59ba5 fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside) 2010-12-24 12:13:48 +00:00
Miroslav Stampar
aab14fa2d3 minor refactoring/cosmetics 2010-12-24 11:06:57 +00:00
Miroslav Stampar
23dc408901 prioritization of tests based on DBMS error messages and some comments in common.py 2010-12-24 10:55:41 +00:00
Miroslav Stampar
a09716a701 minor update 2010-12-24 10:07:56 +00:00
Miroslav Stampar
d9f08e4aa3 randomization of user agents 2010-12-24 10:04:27 +00:00
Miroslav Stampar
d5eebb1cbf fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6 2010-12-24 09:49:19 +00:00
Miroslav Stampar
cb17e61f35 bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959) 2010-12-24 02:54:26 +00:00
Miroslav Stampar
3043ed095a bug fix (those two regexes where too generic making false MS ACCESS positives here and there) 2010-12-24 00:11:10 +00:00
Miroslav Stampar
8470de7b76 bug fix for boolean proxy when using time based payloads 2010-12-23 23:46:08 +00:00
Miroslav Stampar
7f7fb93155 cosmetics 2010-12-23 18:44:18 +00:00
Miroslav Stampar
017ea9e686 update 2010-12-23 14:06:22 +00:00
Miroslav Stampar
73f33c1999 bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped) 2010-12-23 11:28:13 +00:00
Miroslav Stampar
5a0aef0f33 fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server 2010-12-23 09:53:13 +00:00
Miroslav Stampar
8fc60215ed lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called. 2010-12-22 19:12:46 +00:00
Miroslav Stampar
7c06dbffc3 bug fix (AttributeError: 'unicode' object has no attribute 'sort') 2010-12-22 18:55:50 +00:00
Bernardo Damele
c1f2534e9a More bug fixes to properly distinguish between full inband and single-entry inband sql injections 2010-12-22 15:47:52 +00:00
Bernardo Damele
b3da473840 Minor bug fix when --dbs has only one DB name 2010-12-22 14:29:57 +00:00
Bernardo Damele
c9ab8ae60e Bug fix to properly identify if current user is DBA (--is-dba) on MySQL 2010-12-22 14:06:01 +00:00
Bernardo Damele
250608660d Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not) 2010-12-22 13:41:36 +00:00
Bernardo Damele
5228f336da Minor fix for ctrl+c during detection phase 2010-12-22 13:15:44 +00:00
Miroslav Stampar
08c88495d0 removed that ugly hack 2010-12-22 13:09:04 +00:00
Miroslav Stampar
8212b7b745 bug fix 2010-12-22 12:16:04 +00:00
Miroslav Stampar
c89021f0bb some fixes 2010-12-22 11:46:18 +00:00
Miroslav Stampar
5be9c04e44 update regarding Sybase syntax 2010-12-22 10:39:56 +00:00
Miroslav Stampar
5d25da5135 better way to handle this one 2010-12-22 00:51:20 +00:00
Miroslav Stampar
306501363c fuck, sorry, 0 was OK (STRCMP() returns 0 if the strings are the same) 2010-12-22 00:41:38 +00:00
Miroslav Stampar
d6e6afd6f2 minor fix ("To clarify a bit: STRCMP() is case-insensitive as of MySQL 4.0." - http://bugs.mysql.com/bug.php?id=2102) 2010-12-22 00:38:54 +00:00
Miroslav Stampar
6f2ce15478 minor refactoring 2010-12-22 00:27:21 +00:00
Miroslav Stampar
cb61401c18 bug fix (http://dev.mysql.com/doc/refman/5.0/es/news-5-0-11.html - "Added support of where clause for queries with FROM DUAL") 2010-12-22 00:20:56 +00:00
Miroslav Stampar
d974a966b8 minor fix for end phase (Ctrl+C) 2010-12-21 23:55:55 +00:00
Miroslav Stampar
fb75d0636b minor update 2010-12-21 23:42:59 +00:00