Miroslav Stampar
|
5772c52f46
|
minor refactoring/fix (randQuery is just a part (e.g. abc) of phrase (def🔤ghi) - phrase should be searched for, not just randQuery); both phrases should be inside the content for it to be full-inband injectable (...UNION ALL SELECT phrase UNION ALL SELECT phrase2....)
|
2012-04-15 16:33:47 +00:00 |
|
Miroslav Stampar
|
ae8c70e895
|
another cosmetics
|
2012-04-13 15:11:44 +00:00 |
|
Miroslav Stampar
|
d765cdc3a3
|
minor cosmetics
|
2012-04-13 15:10:40 +00:00 |
|
Miroslav Stampar
|
831f79b851
|
minor generalization
|
2012-04-12 09:30:19 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
a5b69eaea4
|
removing unused imports
|
2012-04-04 13:18:14 +00:00 |
|
Bernardo Damele
|
52796bb4da
|
revert
|
2012-04-04 13:02:50 +00:00 |
|
Miroslav Stampar
|
a4b95ab7dd
|
works against MySQL/Windows
|
2012-04-04 12:49:45 +00:00 |
|
Bernardo Damele
|
a1d97e9d7b
|
Add a space after a comment
|
2012-04-04 12:48:21 +00:00 |
|
Bernardo Damele
|
025c531d22
|
leftover
|
2012-04-04 12:44:25 +00:00 |
|
Bernardo Damele
|
c0946ce2c9
|
Minor refactoring
|
2012-04-04 12:42:58 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
556b349be3
|
minor fix for retrieving non-printable chars in inference and non-multi threading mode
|
2012-04-03 14:04:07 +00:00 |
|
Miroslav Stampar
|
33bb9c5f19
|
much cleaner approach in that "flat" representation of retrieved items in union technique
|
2012-04-03 13:56:11 +00:00 |
|
Miroslav Stampar
|
7fb190f3b1
|
minor fix
|
2012-04-03 12:35:19 +00:00 |
|
Miroslav Stampar
|
886aa22efc
|
minor update
|
2012-04-03 12:19:37 +00:00 |
|
Miroslav Stampar
|
78f51fd2e5
|
minor fix
|
2012-04-03 10:18:03 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
5f94987b0f
|
fix for DNS method for MSSQL
|
2012-04-02 17:28:18 +00:00 |
|
Miroslav Stampar
|
2c28423cb8
|
minor update
|
2012-04-02 14:57:15 +00:00 |
|
Miroslav Stampar
|
8a9d09f79b
|
minor fixes
|
2012-04-02 14:11:23 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
7fd64df167
|
minor code cleaning
|
2012-03-28 13:31:07 +00:00 |
|
Miroslav Stampar
|
1b072f6415
|
laying foundation for DNS based data retrieval
|
2012-03-27 18:59:12 +00:00 |
|
Miroslav Stampar
|
8e7d360ea2
|
cleaner refactoring regarding last commit
|
2012-03-19 12:03:25 +00:00 |
|
Miroslav Stampar
|
401763b6f8
|
minor fix (it has to be level 1 array like it was with the previous re.findall mechanism)
|
2012-03-19 12:00:22 +00:00 |
|
Miroslav Stampar
|
d66056fe39
|
one more related commit
|
2012-03-16 13:16:53 +00:00 |
|
Miroslav Stampar
|
ac02a2d92c
|
minor fix
|
2012-03-16 13:14:14 +00:00 |
|
Miroslav Stampar
|
b130a9e14e
|
minor fix (writing to HashDB on any interrupt)
|
2012-03-16 10:15:43 +00:00 |
|
Miroslav Stampar
|
e38b59a2ae
|
minor update
|
2012-03-14 13:16:49 +00:00 |
|
Miroslav Stampar
|
cee9ff7885
|
proper parsing of content in partial union technique
|
2012-03-14 11:23:30 +00:00 |
|
Miroslav Stampar
|
5a83f1c5f7
|
minor update
|
2012-03-08 15:43:22 +00:00 |
|
Miroslav Stampar
|
9ca8bc4d51
|
minor bug fix
|
2012-03-08 09:52:33 +00:00 |
|
Miroslav Stampar
|
ac5a752b12
|
Oracle's XMLType doesn't like '#' char too
|
2012-03-01 11:59:37 +00:00 |
|
Miroslav Stampar
|
f4e410db16
|
minor fix
|
2012-03-01 10:17:39 +00:00 |
|
Miroslav Stampar
|
37db27b720
|
turning back on automatic adjusting of delays in time based queries
|
2012-02-29 15:51:23 +00:00 |
|
Miroslav Stampar
|
1bdc07c279
|
minor update
|
2012-02-29 15:02:24 +00:00 |
|
Miroslav Stampar
|
c36cbbb3ae
|
minor fix
|
2012-02-24 14:54:10 +00:00 |
|
Miroslav Stampar
|
f94b91ad87
|
added helper function for HashDB data storing/retrieval
|
2012-02-24 13:07:20 +00:00 |
|
Miroslav Stampar
|
b481c0352f
|
minor update
|
2012-02-24 11:25:56 +00:00 |
|
Miroslav Stampar
|
5afbd52b61
|
more update related to last commits
|
2012-02-24 10:57:23 +00:00 |
|
Miroslav Stampar
|
570d3a19c2
|
more general fix
|
2012-02-24 10:53:28 +00:00 |
|
Miroslav Stampar
|
e8352e504f
|
fixing problems with chars deletition by logging messages in inference mode
|
2012-02-24 10:48:19 +00:00 |
|
Miroslav Stampar
|
086c3a3662
|
minor fix
|
2012-02-23 13:31:50 +00:00 |
|
Miroslav Stampar
|
b3bd4144f5
|
removing of unused imports together with some general code refactoring
|
2012-02-22 10:40:11 +00:00 |
|
Miroslav Stampar
|
386e98a0e3
|
using UNION SELECT for where=..NEGATIVE
|
2012-02-22 09:41:58 +00:00 |
|
Miroslav Stampar
|
c9d570c83b
|
minor update
|
2012-02-21 13:49:30 +00:00 |
|
Miroslav Stampar
|
bcf3255fe1
|
implementation of switch --hex for 4 major DBMSes
|
2012-02-21 11:44:48 +00:00 |
|
Miroslav Stampar
|
aee269cc14
|
gazillion changes, nothing will work, muhahaha
|
2012-02-17 14:22:48 +00:00 |
|
Miroslav Stampar
|
e1f86c97c4
|
minor refactoring
|
2012-02-16 09:46:41 +00:00 |
|
Miroslav Stampar
|
8a2bd3897d
|
minor output fix
|
2012-02-12 19:11:54 +00:00 |
|
Miroslav Stampar
|
c1368053e5
|
minor fix
|
2012-02-12 18:46:25 +00:00 |
|
Miroslav Stampar
|
b140ef4a14
|
minor update (preparing for switching to HashDB from old sessionFile)
|
2012-02-10 10:24:48 +00:00 |
|
Miroslav Stampar
|
e50d64546f
|
minor fix
|
2012-02-07 14:57:48 +00:00 |
|
Miroslav Stampar
|
2b05ded9c3
|
just a makeup
|
2012-02-07 12:05:23 +00:00 |
|
Miroslav Stampar
|
8c45ff0d57
|
bug fix
|
2012-02-03 10:38:04 +00:00 |
|
Miroslav Stampar
|
8405ef59ac
|
some estetic updates
|
2012-02-01 14:49:42 +00:00 |
|
Miroslav Stampar
|
df43157284
|
minor patch
|
2012-02-01 12:28:06 +00:00 |
|
Miroslav Stampar
|
2ee198a381
|
minor "patch"
|
2012-02-01 11:00:01 +00:00 |
|
Miroslav Stampar
|
4d9dcbf5db
|
minor fix
|
2012-02-01 10:14:23 +00:00 |
|
Miroslav Stampar
|
46f42f2fe4
|
minor fix
|
2012-01-30 13:10:35 +00:00 |
|
Miroslav Stampar
|
95f89ab63a
|
updating copyright date
|
2012-01-11 14:59:46 +00:00 |
|
Miroslav Stampar
|
18930539cd
|
more concise language
|
2012-01-07 17:45:45 +00:00 |
|
Miroslav Stampar
|
1f085a0241
|
now [SLEEPTIME] is changeable properly in vivo
|
2012-01-05 14:45:05 +00:00 |
|
Miroslav Stampar
|
9d50c806e1
|
bug fix
|
2012-01-05 10:55:58 +00:00 |
|
Miroslav Stampar
|
29f502fe29
|
some refactoring
|
2011-12-28 16:27:17 +00:00 |
|
Miroslav Stampar
|
22c3fe49bb
|
some refactoring
|
2011-12-28 13:50:03 +00:00 |
|
Miroslav Stampar
|
abb401879c
|
minor update
|
2011-12-22 20:42:57 +00:00 |
|
Miroslav Stampar
|
8585107e3d
|
minor update
|
2011-12-22 12:21:30 +00:00 |
|
Miroslav Stampar
|
f622995a29
|
compatibility with partial union and error technique resumed data
|
2011-12-22 12:20:21 +00:00 |
|
Miroslav Stampar
|
9f68e54fff
|
minor cleanup
|
2011-12-22 10:59:28 +00:00 |
|
Miroslav Stampar
|
4a1a0773b7
|
speedup of UNION dumping
|
2011-12-22 10:44:14 +00:00 |
|
Miroslav Stampar
|
b77e2042f2
|
some optimization
|
2011-12-21 23:23:00 +00:00 |
|
Miroslav Stampar
|
526aacb640
|
code cleanup
|
2011-12-21 22:59:23 +00:00 |
|
Miroslav Stampar
|
81bd9a201b
|
minor refactoring
|
2011-12-21 11:50:49 +00:00 |
|
Miroslav Stampar
|
316e27a809
|
minor update
|
2011-12-15 10:19:31 +00:00 |
|
Miroslav Stampar
|
d6f936b98d
|
minor update
|
2011-11-23 15:51:48 +00:00 |
|
Miroslav Stampar
|
40f21c3917
|
minor update
|
2011-11-23 15:38:31 +00:00 |
|
Miroslav Stampar
|
f39170a2c4
|
minor update
|
2011-11-22 15:06:51 +00:00 |
|
Miroslav Stampar
|
e94efff187
|
some more optimization
|
2011-11-22 09:00:00 +00:00 |
|
Miroslav Stampar
|
2ed3efba12
|
speed optimization and bug fix (kb.absFilePaths were not stored previously; also, they are now extracted only in heuristic phase)
|
2011-11-22 08:39:13 +00:00 |
|
Miroslav Stampar
|
1b45c5b56a
|
bug fix
|
2011-10-28 15:24:35 +00:00 |
|
Miroslav Stampar
|
e290f2b80b
|
minor update
|
2011-10-28 11:11:55 +00:00 |
|
Miroslav Stampar
|
23bf52e496
|
minor refactoring
|
2011-10-24 09:55:50 +00:00 |
|
Miroslav Stampar
|
6d64f87190
|
minor update
|
2011-10-24 00:46:54 +00:00 |
|
Miroslav Stampar
|
8bd3cfdc8e
|
minor update
|
2011-10-24 00:17:38 +00:00 |
|
Miroslav Stampar
|
7c626f1dbe
|
minor fix
|
2011-10-23 23:18:39 +00:00 |
|
Miroslav Stampar
|
d77a5f5928
|
update (generalizing ORDER BY approach)
|
2011-10-23 23:02:01 +00:00 |
|
Miroslav Stampar
|
1c3f4e9e54
|
minor update
|
2011-10-23 08:44:21 +00:00 |
|
Miroslav Stampar
|
25f0ec3597
|
some minor range to xrange conversion (where safe to do)
|
2011-10-21 22:34:27 +00:00 |
|
Miroslav Stampar
|
7a3096ce25
|
some refactoring
|
2011-10-21 21:12:48 +00:00 |
|
Miroslav Stampar
|
9356f8005c
|
important bug fix
|
2011-10-21 21:07:06 +00:00 |
|
Miroslav Stampar
|
0a8e45955c
|
minor update
|
2011-10-21 20:44:18 +00:00 |
|
Miroslav Stampar
|
e3a719e7d2
|
minor update
|
2011-10-11 22:40:00 +00:00 |
|
Miroslav Stampar
|
7956390631
|
minor update
|
2011-10-11 22:27:49 +00:00 |
|
Miroslav Stampar
|
a7a29f33ad
|
minor update
|
2011-10-11 21:58:57 +00:00 |
|
Miroslav Stampar
|
7e80274fac
|
refactoring
|
2011-09-25 21:10:45 +00:00 |
|
Miroslav Stampar
|
744636a8c1
|
switching to SQLite resume support (on error and union techniques this moment)
|
2011-09-25 20:36:32 +00:00 |
|
Miroslav Stampar
|
8fe069b495
|
minor fix
|
2011-08-23 21:48:39 +00:00 |
|
Miroslav Stampar
|
cfc1f2b70b
|
minor update
|
2011-08-22 22:43:14 +00:00 |
|