Commit Graph

4169 Commits

Author SHA1 Message Date
Louis-Philippe Huberdeau
8df4cc3983 Adding initial hook to receive the request/response pairs 2017-06-23 09:44:33 -04:00
Miroslav Stampar
5ec44b8346 Minor refactoring 2017-06-19 23:06:05 +02:00
Miroslav Stampar
e2d3187a78 Fixes #2576 2017-06-18 15:00:12 +02:00
Miroslav Stampar
b4980778dd Fixes #2577 2017-06-18 14:07:48 +02:00
Miroslav Stampar
71457fea0e Fixes #2585 2017-06-18 13:19:11 +02:00
Miroslav Stampar
34281af3f6 Minor cleaning 2017-06-14 08:13:41 -04:00
Miroslav Stampar
7dbbf3ecf5 Fixes 'codewatchorg/sqlipy/issues/12' 2017-06-07 23:19:19 +02:00
Miroslav Stampar
c41c93a404 Fixes #2568 2017-06-07 22:43:28 +02:00
Miroslav Stampar
9a7343e9f7 Fixes #2566 2017-06-07 16:07:27 +02:00
Miroslav Stampar
e0401104f2 Minor update 2017-06-07 12:55:14 +02:00
Miroslav Stampar
9da8d55128 Implements #2557 2017-06-07 11:22:06 +02:00
Miroslav Stampar
864711b434 Minor improvement 2017-06-05 16:48:14 +02:00
Miroslav Stampar
996ad59126 Minor patch 2017-06-05 16:28:19 +02:00
Miroslav Stampar
6d48df2454 Fixes #2562 2017-06-05 10:38:05 +02:00
Miroslav Stampar
55a43a837b Minor update 2017-06-02 00:50:00 +02:00
Miroslav Stampar
eb26dd8984 Fixes #2556 2017-06-02 00:44:01 +02:00
Miroslav Stampar
b9b5d07336 Cleaning leftover 2017-05-30 11:41:42 +02:00
Miroslav Stampar
5f3235ef57 Fixes #2551 2017-05-30 11:40:06 +02:00
Miroslav Stampar
dfe42612be Fixes #2549 2017-05-29 10:57:27 +02:00
Miroslav Stampar
a0202f7bfd Fixes #2538 2017-05-26 16:08:30 +02:00
Miroslav Stampar
6dd9d5b2dd Fixes #2547 2017-05-26 14:34:32 +02:00
Miroslav Stampar
0864387885 Minor update 2017-05-26 14:25:22 +02:00
Miroslav Stampar
359bfb2704 Minor adjustment 2017-05-26 14:14:35 +02:00
Miroslav Stampar
644ea2e3aa Minor patch 2017-05-26 14:08:08 +02:00
Miroslav Stampar
071132cd56 Fixes #2543 2017-05-21 22:52:44 +02:00
Miroslav Stampar
4ce08dcfa3 Patch for an Issue #2536 2017-05-17 00:22:18 +02:00
Miroslav Stampar
2ca5ddce5f Fixes #2534 2017-05-15 17:03:05 +02:00
Miroslav Stampar
addb2445b7 Minor patch 2017-05-15 00:34:13 +02:00
Miroslav Stampar
4736a525b8 Fixes #2532 2017-05-13 17:28:28 +02:00
Miroslav Stampar
d3a08a2d22 Implementation for an Issue #2505 2017-05-07 23:12:42 +02:00
Miroslav Stampar
ee5b5cdcbc Fixes #2514 2017-05-04 15:50:34 +02:00
Miroslav Stampar
f3f2c81cec Minor patch (UTF8 used for HTTP params) 2017-05-04 15:45:15 +02:00
Miroslav Stampar
1e8df40981 Fixes #2499 2017-05-01 23:21:12 +02:00
Miroslav Stampar
389133654e Fixes #2508 2017-05-01 23:06:37 +02:00
Miroslav Stampar
347ce87e27 Fixes #2511 2017-05-01 22:53:12 +02:00
Miroslav Stampar
ff5a954980 Fixes #2508 2017-04-30 08:32:26 +02:00
Miroslav Stampar
1a8de2aee1 Fixes #2504 2017-04-27 13:18:29 +02:00
Miroslav Stampar
ab08273d82 Fixes #2501 2017-04-23 23:50:30 +02:00
Miroslav Stampar
fbb845ad7c Fixes #2500 2017-04-23 23:30:51 +02:00
Miroslav Stampar
15a1d55812 Fixes #2500 2017-04-23 23:14:05 +02:00
Miroslav Stampar
4643bd6517 Quick patch for #2498 2017-04-21 17:44:51 +02:00
Miroslav Stampar
1c5f01e2a2 Fixes #2487 2017-04-20 11:54:27 +02:00
Miroslav Stampar
ebbc68853d Fixes #2496 2017-04-20 10:48:04 +02:00
Miroslav Stampar
3140fd0ca6 Fixes #2495 2017-04-20 10:29:05 +02:00
Miroslav Stampar
5bcbf63ddb Fixes #2491 2017-04-19 16:13:31 +02:00
Miroslav Stampar
01fbda4bc9 Fixes #2490 2017-04-19 16:13:05 +02:00
Miroslav Stampar
ba22171a51 PEP 3113 cleanup 2017-04-19 14:56:32 +02:00
Miroslav Stampar
fc8eede952 Minor cleanup and one bug fix 2017-04-19 14:46:27 +02:00
Miroslav Stampar
c8a0c525fc Fixes #2489 2017-04-19 14:19:39 +02:00
Miroslav Stampar
46c7c28919 Implementation for an Issue #2485 2017-04-19 13:56:29 +02:00
Miroslav Stampar
81e3395975 Minor update 2017-04-19 13:35:36 +02:00
Miroslav Stampar
0340ecd38a Minor patch related to the #2487 2017-04-18 16:49:58 +02:00
Miroslav Stampar
2d05174545 Trivial update 2017-04-18 15:56:24 +02:00
Miroslav Stampar
5f2bb88037 Some code refactoring 2017-04-18 15:48:05 +02:00
Miroslav Stampar
65b02d4ab0 Minor update 2017-04-18 14:22:37 +02:00
Miroslav Stampar
ea58d29e2c Minor update 2017-04-18 14:11:23 +02:00
Miroslav Stampar
47e0fc36c7 Minor consistency update 2017-04-18 14:02:25 +02:00
Miroslav Stampar
7ebba5614a Moving brute from techniques to utils 2017-04-18 13:53:41 +02:00
Miroslav Stampar
686f53a7c6 Minor patch 2017-04-16 23:32:58 +02:00
Miroslav Stampar
67a3e8cd75 Minor patch 2017-04-14 13:19:00 +02:00
Miroslav Stampar
d9a931f77a Minor cleanup 2017-04-14 13:14:53 +02:00
Miroslav Stampar
0e206da7c0 Minor patches (pydiatra) 2017-04-14 13:08:51 +02:00
Miroslav Stampar
81e6dab965 New extra script 2017-04-14 12:54:33 +02:00
Miroslav Stampar
a702dafd03 Fixes #2481 2017-04-14 12:47:24 +02:00
Miroslav Stampar
36dfad192f Better link to user's manual 2017-04-13 12:47:14 +02:00
Miroslav Stampar
9436c43306 Mailing list is dead. Long live the mailing list 2017-04-13 12:40:37 +02:00
Miroslav Stampar
c198fd7939 Update for an Issue #13 2017-04-12 10:54:29 +02:00
Miroslav Stampar
1e092c4e8d Just in case update for an Issue #2474 2017-04-11 13:34:40 +02:00
Miroslav Stampar
1e310631ab Minor stability patch 2017-04-11 10:01:37 +02:00
Miroslav Stampar
47ee1a991f Update for an Issue #2472 2017-04-11 09:47:27 +02:00
Miroslav Stampar
9b3d229294 Fixes #2471 2017-04-10 19:21:22 +02:00
Miroslav Stampar
c74756c3bc Update regarding the #2467 2017-04-10 16:44:12 +02:00
Miroslav Stampar
1196a1b7f8 Fixes #405 2017-04-10 14:50:17 +02:00
Miroslav Stampar
c2262eda1a Update of smalldict.txt with 7 (small) more from SecLists 2017-04-07 16:30:36 +02:00
Miroslav Stampar
02eacc32c1 Minor cleanup 2017-04-07 16:30:02 +02:00
Miroslav Stampar
b1a112f72c Updating wordlist.zip file with 15 dicts from SecLists 2017-04-07 16:18:21 +02:00
Miroslav Stampar
464caf056b Minor update 2017-04-07 15:55:18 +02:00
Miroslav Stampar
44c85f8351 Reverting back the bottle.py revision because of numerous Python 2.6 incompatibilities 2017-04-07 15:10:28 +02:00
Miroslav Stampar
ad3283fd24 Another Python 2.6 patch 2017-04-07 15:05:54 +02:00
Miroslav Stampar
07208c45ef Patch of bottle.py for Python 2.6 2017-04-07 14:59:24 +02:00
Miroslav Stampar
751f423ae0 Adding latest revision of bottle.py 2017-04-07 14:55:25 +02:00
Miroslav Stampar
c124086021 Minor update for #1282 2017-04-07 14:46:41 +02:00
Miroslav Stampar
f285bc7459 Minor update 2017-04-07 14:30:52 +02:00
Miroslav Stampar
b4c4d3f72a Fixes latest Python 2.6 compatibility issues 2017-04-06 11:37:42 +02:00
Miroslav Stampar
cfe34f61b8 Implementation for an Issue #1895 2017-04-06 11:33:59 +02:00
Miroslav Stampar
c1c7ea33fe Minor update 2017-03-30 12:05:05 +02:00
Miroslav Stampar
4458a443ef Fixes #1664 2017-03-30 11:58:03 +02:00
Miroslav Stampar
16bd3a1f02 Fixes #2453 2017-03-30 11:42:34 +02:00
Miroslav Stampar
a358bc0a38 Minor update 2017-03-30 10:24:57 +02:00
Miroslav Stampar
aebae6e27b Added (heuristic) support for #1679 2017-03-30 10:16:35 +02:00
Miroslav Stampar
0a3e771b1b Fixes #2449 2017-03-28 15:22:53 +02:00
Miroslav Stampar
f82c0497fa Fixes #2447 2017-03-27 22:36:04 +02:00
Miroslav Stampar
715763885d Fixes #2306 2017-03-24 14:20:18 +01:00
Miroslav Stampar
4aae5d9a9d Fixes #2444 2017-03-19 21:34:47 +01:00
Miroslav Stampar
1bc583d358 Another patch related to the #2440 2017-03-17 09:43:45 +01:00
Miroslav Stampar
e506a390db Minor patch (prevent message spamming of multiple union column possibilities) 2017-03-15 16:18:20 +01:00
Miroslav Stampar
c5b4af8636 Dummy commit (to provoke rehash) 2017-03-15 16:07:52 +01:00
Miroslav Stampar
c29e47f72f Fixes #2440 2017-03-15 16:04:56 +01:00
Miroslav Stampar
60e8c725f9 Fixes #2437 2017-03-12 23:24:13 +01:00
Miroslav Stampar
5dba32b2e1 Fixes #2431 2017-03-12 09:52:37 +01:00
Miroslav Stampar
ef04c99069 No more dumb usage of '--dbms' 2017-03-06 12:53:04 +01:00
Miroslav Stampar
e2fb16c98c Fixes #2425 2017-03-06 12:05:58 +01:00
Miroslav Stampar
d2b16c5c91 Fixes #2422 2017-03-01 11:09:55 +01:00
Miroslav Stampar
9f0c42dde0 Minor leftover 2017-03-01 10:09:13 +01:00
Miroslav Stampar
78ca371162 Adding option --web-root (Issue #2419) 2017-03-01 10:07:26 +01:00
Miroslav Stampar
a35c976759 Proper implementation for an Issue #2418 2017-02-28 14:00:42 +01:00
Ekultek
71984fc452 updated IP address regex as to not provide false positive 2017-02-28 06:35:37 -06:00
Miroslav Stampar
a0a6702a4e Minor patch (reported via ML) 2017-02-28 13:16:19 +01:00
Miroslav Stampar
b18444f215 Issue #2417 (most probably -> most likely) 2017-02-27 22:14:52 +01:00
Miroslav Stampar
7ea524800a Taking couple of suggestions from #2417 2017-02-27 22:03:15 +01:00
Miroslav Stampar
7960045cf9 Fixes #2277 and #2300 2017-02-27 13:58:07 +01:00
Miroslav Stampar
b2585cc8ea Patch for #2410 2017-02-25 07:58:59 +01:00
Miroslav Stampar
7b263327cc Update for #2410 2017-02-25 07:54:54 +01:00
Miroslav Stampar
5a08b71999 Minor update 2017-02-23 11:36:37 +01:00
Miroslav Stampar
4b420e7579 Removing Google PageRank as it is dead now 2017-02-23 11:33:39 +01:00
Miroslav Stampar
6b580a682a Minor update 2017-02-20 10:06:06 +01:00
Miroslav Stampar
d6e7c2acdc Minor touch 2017-02-19 01:48:12 +01:00
Tomahock
7fe1820ce4 Fix proxyFile regex to properly match an address with a - 2017-02-17 23:32:32 +00:00
Miroslav Stampar
98e449e38c Adding plus2fnconcat tamper script (Issue #2396) 2017-02-17 10:26:25 +01:00
Miroslav Stampar
9acf122ba6 Patch for an Issue #2396 2017-02-16 16:56:54 +01:00
Miroslav Stampar
2ed144ec85 Patch for wrong encoding reported privately via email 2017-02-16 15:52:07 +01:00
Miroslav Stampar
ec0c103952 Bug fix (reported privately) 2017-02-15 10:30:29 +01:00
Miroslav Stampar
a35d1e5373 Minor patch related to the email from ML 2017-02-14 13:14:35 +01:00
Miroslav Stampar
f5cf22a536 Update for an Issue #2377 2017-02-06 13:57:33 +01:00
Miroslav Stampar
38f16decef Update for an Issue #2384 2017-02-06 13:28:33 +01:00
Miroslav Stampar
15f86e85b1 Minor update for #2379 2017-02-06 12:03:18 +01:00
Miroslav Stampar
5217efc69b Fixes #2379 2017-02-06 12:01:46 +01:00
Miroslav Stampar
03bbf552ef Patch for an Issue #2382 2017-02-06 11:14:45 +01:00
Miroslav Stampar
664684ad8f Update for #2378 2017-02-03 23:04:38 +01:00
samogot
1c1f259df4 Update settings.py
fix - looking for any tag
2017-02-03 16:50:16 +02:00
samogot
6249823335 Minor parse-error extension
parse errors produced by Yii PHP Framework
2017-02-03 16:36:57 +02:00
Miroslav Stampar
bad3f80a1c Touch update 2017-01-31 14:18:36 +01:00
Miroslav Stampar
9851a5703a Fixes #2373 2017-01-31 14:00:12 +01:00
Miroslav Stampar
2a3014b606 Fixes #2367 2017-01-24 18:07:06 +01:00
Miroslav Stampar
16d5e22b72 Fixes #2358 2017-01-21 23:58:37 +01:00
Miroslav Stampar
a8a6dce38b Fixes #2366 2017-01-21 23:09:15 +01:00
Miroslav Stampar
f542e828d2 Fixes #2364 2017-01-20 13:11:12 +01:00
Miroslav Stampar
cf182882b1 Minor update 2017-01-18 10:40:39 +01:00
Miroslav Stampar
dd5ac6f1e7 Fixes #2357 2017-01-18 10:33:54 +01:00
Miroslav Stampar
1e7a453ff6 Fixes #2356 2017-01-18 10:19:23 +01:00
Miroslav Stampar
138aa6db65 Patch for an Issue #2351 2017-01-16 15:23:38 +01:00
Miroslav Stampar
121f0376ea Implementation for #2351 2017-01-16 14:29:23 +01:00
Miroslav Stampar
dfc684640a Proper implementation for #2347 2017-01-16 14:01:44 +01:00
Miroslav Stampar
104fbc80af Patch for #2348 2017-01-16 13:53:46 +01:00
Miroslav Stampar
cadba37059 Proper implementation for #2350 2017-01-16 13:44:46 +01:00
Miroslav Stampar
750d57ec96 Fixed bug reported privately via email 2017-01-13 14:41:41 +01:00
Miroslav Stampar
9a86365d92 Fixes #2333 2017-01-08 01:21:31 +01:00
Miroslav Stampar
f794d9d5a5 Fixes #2328 2017-01-02 15:26:32 +01:00
Miroslav Stampar
c29db43bfa Minor refactoring 2017-01-02 15:14:59 +01:00
Miroslav Stampar
e0eeed0a96 Minor update 2017-01-02 14:31:19 +01:00
Miroslav Stampar
55272f7a3b New version preparation 2017-01-02 14:19:18 +01:00
Miroslav Stampar
6ff07f01eb Fixes #2326 2016-12-31 13:39:22 +01:00
Miroslav Stampar
1c737d7515 Fixes #2322 2016-12-28 22:11:14 +01:00
Miroslav Stampar
89bbf5284c Adding new option --param-exclude on private request 2016-12-25 23:16:44 +01:00
Miroslav Stampar
44b00d629d Fixes #2312 2016-12-21 10:33:35 +01:00
Miroslav Stampar
afc3b30c41 Minor refactoring 2016-12-20 09:56:44 +01:00
Miroslav Stampar
17c556a63d Minor patches (and one bug from ML) 2016-12-20 09:53:44 +01:00
Miroslav Stampar
edc6f47758 Some refactoring 2016-12-19 23:47:39 +01:00
Miroslav Stampar
bb6e8fd4ce Minor bug fix (reported privately via email) 2016-12-15 16:09:09 +01:00
Miroslav Stampar
c54c2204a1 Fixes #2303 2016-12-12 10:47:05 +01:00
Miroslav Stampar
f7f33bef9f Minor patches 2016-12-09 23:19:03 +01:00
Miroslav Stampar
4bd7d81cea Patches #2300 2016-12-09 23:14:18 +01:00
Miroslav Stampar
f6815df5c3 Fixes #2302 2016-12-09 23:10:14 +01:00
Miroslav Stampar
42cea2e03c Better git clone (faster; without too much commit history) 2016-12-08 11:04:42 +01:00
Miroslav Stampar
52177065ca Patch for an Issue #2297 2016-12-06 15:43:09 +01:00
Miroslav Stampar
e74149970b Minor debug update 2016-12-03 22:06:18 +01:00
Miroslav Stampar
90b0ac37c8 New WAF script (AWS WAF) 2016-12-01 23:09:06 +01:00
Miroslav Stampar
63a74777f2 Minor update 2016-12-01 23:08:49 +01:00
Miroslav Stampar
4ac319b074 Adding new tamper script plus2concat (thank you Luka Pusic) 2016-12-01 22:28:07 +01:00
Miroslav Stampar
2a754eef1c Adding switch --ignore-redirects (Issue #2286) 2016-11-25 13:32:28 +01:00
Miroslav Stampar
4e1bdb0c70 Minor update 2016-11-25 12:34:13 +01:00
Miroslav Stampar
c35ba8b226 Fixes #2279 2016-11-17 22:34:10 +01:00
Miroslav Stampar
7e6879ec41 Minor patch for #2272 2016-11-11 13:46:41 +01:00
Miroslav Stampar
ea961678ee Fixes #2273 2016-11-11 10:28:50 +01:00
Miroslav Stampar
d4414e6631 Minor misspell 2016-11-11 10:21:57 +01:00
Miroslav Stampar
eb098f6527 Fixes #2268 2016-11-09 12:27:10 +01:00
Miroslav Stampar
5772d8904d Fixes #2266 2016-11-09 12:20:54 +01:00
Miroslav Stampar
7000373c4b Minor patch 2016-11-09 12:18:15 +01:00
Miroslav Stampar
a60c9b0dcc Minor patch 2016-11-09 11:29:08 +01:00
Miroslav Stampar
2eb7a1d264 Patch related to the #2265 2016-11-07 23:14:17 +01:00
Miroslav Stampar
13f0949f9e Another patch for #1596 2016-11-07 09:31:07 +01:00
Miroslav Stampar
076a42cbfe Patch related to the #1596 2016-11-07 09:28:00 +01:00
Miroslav Stampar
ce19525bc3 Fixes #2262 2016-11-05 22:36:58 +01:00
Miroslav Stampar
6da2e49100 Fixes #2261 2016-11-04 15:04:38 +01:00
Miroslav Stampar
1e44c4d669 Patch related to #2257 2016-11-02 12:04:21 +01:00
Miroslav Stampar
10097dd124 Fixes #2253 2016-10-29 00:13:04 +02:00
Miroslav Stampar
f4e36fc049 Patch for an Issue #2252 2016-10-28 11:52:48 +02:00
Miroslav Stampar
083ce111f0 Minor speed up 2016-10-26 22:33:04 +02:00
Miroslav Stampar
044f05e772 Fixes #2246 2016-10-24 23:52:33 +02:00
Miroslav Stampar
6f343080e8 Fixes #2245 2016-10-24 23:33:49 +02:00
Miroslav Stampar
25c34c7728 Fixes #2244 2016-10-24 23:29:18 +02:00
Miroslav Stampar
d2bbe80455 Fixes #2243 2016-10-22 22:07:29 +02:00
Miroslav Stampar
0398cbdc76 Minor refactoring 2016-10-22 21:52:18 +02:00
Miroslav Stampar
e0149e1c5f Minor update 2016-10-21 13:05:45 +02:00
Miroslav Stampar
d605b3af3c Revisiting banner xmls (Issue #2239) 2016-10-21 13:01:28 +02:00
Miroslav Stampar
5c80e988ba Fixes #2238 2016-10-20 00:47:53 +02:00
Miroslav Stampar
10ffcb8b00 Fixes #2237 2016-10-20 00:19:16 +02:00
Miroslav Stampar
38d74cf61c Minor update 2016-10-19 13:07:25 +02:00
Miroslav Stampar
1db6953f08 Proper fix for #2236 2016-10-18 20:17:51 +02:00
Miroslav Stampar
d431c7d155 Fixes #2236 2016-10-18 20:07:19 +02:00
Miroslav Stampar
5ab4d54df0 Minor update of THIRD-PARTY.md 2016-10-18 13:49:29 +02:00
Miroslav Stampar
877d46e9f7 Fixes #2234 2016-10-18 13:46:56 +02:00
Miroslav Stampar
7e69cc112f Fixes #2235 2016-10-18 13:37:36 +02:00
Miroslav Stampar
5b14eecd25 Bug fix (reconnecting in case of timeouted direct connection) 2016-10-17 22:55:07 +02:00
Miroslav Stampar
24eaf55dc8 Removing bad decision for -d (user should be able to choose) 2016-10-17 22:32:23 +02:00
Miroslav Stampar
6be10b307d Minor patch 2016-10-17 22:02:41 +02:00
Miroslav Stampar
91ad71b1e0 Minor cosmetics 2016-10-17 12:36:42 +02:00
Miroslav Stampar
d6255de205 Fixes #2231 2016-10-17 12:33:07 +02:00
Miroslav Stampar
c293a6a25a Fixes #2229 and #2230 2016-10-15 09:53:12 +02:00
Miroslav Stampar
b1175017f9 Minor update regarding to the last commit 2016-10-15 00:54:32 +02:00
Miroslav Stampar
75c9f91f11 Fixes #2226 2016-10-15 00:51:35 +02:00
Miroslav Stampar
9ff2dcf1c1 Fixes #2228 2016-10-15 00:16:53 +02:00
Miroslav Stampar
6c4e9ae427 Updating SocksiPy to PySocks (updated fork) 2016-10-14 23:16:26 +02:00
Miroslav Stampar
748e94dcee Minor update for #2224 2016-10-13 23:25:46 +02:00
Miroslav Stampar
f389bd71c0 Implementation for an Issue #2224 2016-10-13 23:17:54 +02:00
Miroslav Stampar
1126ff86ce Fixes #2223 2016-10-13 23:07:11 +02:00
Miroslav Stampar
79377fedab Minor update 2016-10-13 23:06:04 +02:00
Miroslav Stampar
5d2972f362 Implementation for an Issue #2221 2016-10-11 17:33:36 +02:00
Miroslav Stampar
ae465bbaf8 Minor revert of leftover 2016-10-11 01:09:30 +02:00
Miroslav Stampar
1b95dd2d9d Fix for a bug reported privately by user (in some cases data has not been retrieved) 2016-10-11 01:07:31 +02:00
Miroslav Stampar
6130185ac6 Minor consistency update with the wiki 2016-10-11 00:35:39 +02:00
Miroslav Stampar
c92fde120d Implements #2220 2016-10-10 23:27:41 +02:00
Miroslav Stampar
7eab1bcbf9 Automating even more switch --tor 2016-10-10 14:19:44 +02:00
Miroslav Stampar
4c05307357 Disabling socket pre-connect in case of --tor, --proxy and --proxy-file 2016-10-10 01:57:55 +02:00
Miroslav Stampar
0037c28e9e Preventing obnoxious 'install git' on MacOS 2016-10-10 01:35:22 +02:00
Miroslav Stampar
2b279233b6 Fixes #2219 2016-10-09 14:19:40 +02:00
Miroslav Stampar
b51b80b174 Fix for a privately reported bug 2016-10-08 21:11:43 +02:00
Miroslav Stampar
e4b0ac9ae5 Minor update of common user columns 2016-10-07 14:48:05 +02:00
Miroslav Stampar
7f416846b7 Minor revisit of MsSQL error-based payloads 2016-10-06 23:50:32 +02:00
Miroslav Stampar
5b7254af96 Minor patch 2016-10-06 22:27:29 +02:00
Miroslav Stampar
c83d417298 Fixes #2212 2016-10-05 23:02:20 +02:00
Miroslav Stampar
b42dc6e7a5 Update of Oracle and PostgreSQL system databases/schemas 2016-10-05 17:58:35 +02:00
Miroslav Stampar
8124fe391d Bug fix for using --search in combination with -D CD 2016-10-05 17:43:57 +02:00
Miroslav Stampar
833ca4b640 Minor refactoring 2016-10-05 17:41:02 +02:00
Miroslav Stampar
3b244858f8 Adding performance_schema as one more of MySQL's system database 2016-10-05 17:33:24 +02:00
Miroslav Stampar
6107696e25 Minor patch (--help should display basic help) 2016-10-05 17:01:58 +02:00
Miroslav Stampar
af1c9c7fb2 Related to the last commit 2016-10-04 23:48:09 +02:00
Miroslav Stampar
06b54ab134 Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems) 2016-10-04 23:43:00 +02:00
Miroslav Stampar
fee5c7bd7c Adding two new payloads and minor cosmetics 2016-10-04 23:39:18 +02:00
Miroslav Stampar
fb8afc6add Adding a new payload (Oracle boolean based on error response) 2016-10-04 22:12:00 +02:00
Miroslav Stampar
6c372a09bd Minor update 2016-10-04 11:55:16 +02:00
Miroslav Stampar
171cf6f54d Minor fine tuning for SQLi heuristic check 2016-10-04 11:32:06 +02:00
Miroslav Stampar
029bb5554d Minor cleanup of user-agents 2016-10-04 10:48:10 +02:00
Miroslav Stampar
c69cb79d66 Fixes #2208 2016-10-04 10:39:28 +02:00
Miroslav Stampar
dc8301689e Implementation for an Issue #2204 2016-10-02 11:13:40 +02:00
Miroslav Stampar
d8dd37510c Fixes #2202 2016-10-01 21:02:40 +02:00
Miroslav Stampar
d1680b04f3 Minor code consistency update 2016-09-29 21:26:47 +02:00
Miroslav Stampar
102d4b4119 Bug fix for uploading files in case of web subdirectories 2016-09-29 21:14:28 +02:00
Miroslav Stampar
b3b49b3492 Minor patch for --parse-errors 2016-09-29 18:07:00 +02:00
Miroslav Stampar
7a89433251 Minor patch 2016-09-29 18:02:20 +02:00
Miroslav Stampar
ced6711128 Playing a bit with logo 2016-09-29 15:59:28 +02:00
Miroslav Stampar
bdf76f8d4d Revisiting user-agents (newer versions of mainstream browsers) 2016-09-29 15:21:32 +02:00
Miroslav Stampar
571ae174bd Minor language update 2016-09-29 14:55:43 +02:00
Miroslav Stampar
332726356c Minor language update 2016-09-29 14:03:46 +02:00
Miroslav Stampar
4ea9d3b884 Replacing generic concatenation || with CONCAT (far better choice) 2016-09-29 13:35:16 +02:00
Miroslav Stampar
3409953538 Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows) 2016-09-29 12:59:51 +02:00
Miroslav Stampar
3b3ab072e6 Adding short option(s) for setting verbosity (e.g. -vvv) 2016-09-29 11:19:25 +02:00
Miroslav Stampar
fef407e09c Making HTTP requests up to 20% smaller (fine tuning the request headers) 2016-09-29 10:44:00 +02:00
Miroslav Stampar
5afccce3c6 Minor patch 2016-09-28 16:56:47 +02:00
Miroslav Stampar
e439095593 Bug fix for MySQL's --os-pwn 2016-09-28 15:39:34 +02:00
Miroslav Stampar
e77126e847 Removing obsolete functionality 2016-09-28 15:00:26 +02:00
Miroslav Stampar
3ef01f0e31 Minor update 2016-09-28 14:48:33 +02:00
Miroslav Stampar
d36b5c0a4b Adding time-based blind (heavy query) payloads for Informix (Issue #552) 2016-09-28 10:30:09 +02:00
Miroslav Stampar
e5a758bdf4 Fixes #2192 2016-09-28 09:55:14 +02:00
Miroslav Stampar
617509869d Minor patch for Informix --parse-errors 2016-09-27 14:58:10 +02:00
Miroslav Stampar
5079c42788 Adding Informix parameter replacement payloads (Issue #552) 2016-09-27 14:39:17 +02:00
Miroslav Stampar
bc7ab01066 Bug fix for generic parameter replacement (CASE) 2016-09-27 14:29:18 +02:00
Miroslav Stampar
212c1ec1f2 Couple of fixes and some testing stuff 2016-09-27 14:03:59 +02:00
Miroslav Stampar
381deb68ff Implementation for an Issue #2137 2016-09-27 13:26:11 +02:00
Miroslav Stampar
ba0facb5eb Removal of unused imports 2016-09-27 11:23:31 +02:00
Miroslav Stampar
7151df16f6 Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs) 2016-09-27 11:21:12 +02:00
Miroslav Stampar
8994bf2dba Further dealing with time-based SQLi (Issue #1973) 2016-09-27 10:32:22 +02:00
Miroslav Stampar
09617c8243 Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973 2016-09-27 10:20:36 +02:00
Miroslav Stampar
556b4d289e Minor cosmetic patch (removing multiple same content '...appears...' messages) 2016-09-26 17:02:40 +02:00
Miroslav Stampar
978f56ad10 One more commit for #552 (--passwords) 2016-09-26 16:38:03 +02:00
Miroslav Stampar
aa0b97b562 Support for Informix --roles/--privileges (Issue #552) 2016-09-26 14:20:04 +02:00
Miroslav Stampar
df645d7d3d Update for column types (Issue #552) 2016-09-23 18:03:31 +02:00
Miroslav Stampar
035137ef4e Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used) 2016-09-23 17:38:14 +02:00
Miroslav Stampar
484d9a4825 Implementation of --dump for Informix (Issue #552) 2016-09-23 17:21:48 +02:00
Miroslav Stampar
65c305cff0 Fixes #2174 2016-09-23 15:41:12 +02:00
Miroslav Stampar
9a5fc5ccf4 New auxiliary (extra) file (for administration purposes) 2016-09-23 13:57:18 +02:00
Miroslav Stampar
51a1973224 Stripping PostgreSQL .so files for size issues (Issue #2173) 2016-09-23 13:52:57 +02:00
Miroslav Stampar
2f2a63334a Minor cleanup 2016-09-23 13:39:27 +02:00
Miroslav Stampar
23afeb4c7a Fixes #2176 2016-09-23 13:37:44 +02:00
Miroslav Stampar
b387fb219d Fixes #2175 2016-09-23 12:45:06 +02:00
Miroslav Stampar
1b48ff223d Adding initial support for Informix (Issue #552) 2016-09-23 12:33:27 +02:00
Miroslav Stampar
640e605412 More CTF friendly (common column and table name flag :) 2016-09-23 12:31:28 +02:00
Miroslav Stampar
e10bb42597 Minor tweak 2016-09-22 10:22:48 +02:00
Miroslav Stampar
9902018cab Implementation for an Issue #2172 2016-09-21 15:45:55 +02:00
Miroslav Stampar
56a918c408 Minor refactoring 2016-09-20 10:03:00 +02:00
Miroslav Stampar
bcd62ecc5b Minor optimization (avoiding unnecessary deepcopies) 2016-09-20 09:56:08 +02:00
Miroslav Stampar
e519484230 Patching live-testing 2016-09-19 15:51:28 +02:00
Miroslav Stampar
a2c8f1deb1 Update PgSQL fingerprinting payloads 2016-09-19 14:23:51 +02:00
Miroslav Stampar
12dc53f687 Minor update 2016-09-19 13:54:06 +02:00
Miroslav Stampar
b3b5bd267d Adding new tamper script (on request from @MilanGabor) 2016-09-15 17:59:01 +02:00
Miroslav Stampar
921a53e314 Patch for counter in --smoke-test 2016-09-09 14:59:22 +02:00
Miroslav Stampar
32dd4a938c Minor patch of message 2016-09-09 11:37:16 +02:00
Miroslav Stampar
9930f1b55b Speed optimization(s) 2016-09-09 11:06:38 +02:00
Miroslav Stampar
8581d9e2ca Minor improvement of SELECT_FROM_TABLE_REGEX 2016-09-09 09:45:48 +02:00
Miroslav Stampar
1a613ed9a8 Minor update 2016-09-08 14:08:14 +02:00
Miroslav Stampar
78e398d9c4 Fixes #2136 2016-09-06 15:03:17 +02:00
Miroslav Stampar
e3c3c2c185 Fixes #2148 2016-09-06 14:25:29 +02:00
Miroslav Stampar
4e36bbaff9 Update related to the last commit 2016-09-04 03:09:28 +02:00
Miroslav Stampar
603e9739ae Fixes #2146 2016-09-04 01:33:52 +02:00
Miroslav Stampar
6b91b7b7fa Minor cosmetics 2016-09-02 16:10:11 +02:00
Miroslav Stampar
2e62fda57d Minor update 2016-09-02 15:55:33 +02:00
Miroslav Stampar
5ad27264a2 Patches #2143 2016-09-02 15:52:07 +02:00
Miroslav Stampar
c4d8cab50c Version string bug fix 2016-09-02 14:25:56 +02:00
Miroslav Stampar
577e346774 Fixes #2144 2016-09-02 14:20:17 +02:00
Miroslav Stampar
375abd50ee Minor update for #2134 2016-08-30 12:36:32 +02:00
Miroslav Stampar
4a815ab56f Patch for an Issue #1250 2016-08-27 23:54:09 +02:00
Miroslav Stampar
6564adc984 Minor patch for buffered write into checksum.md5 2016-08-27 23:34:12 +02:00
Miroslav Stampar
ad5b8017f5 Minor refactoring 2016-08-26 12:28:35 +02:00
Miroslav Stampar
72e5a79288 Fixes #2106 2016-08-19 11:07:42 +02:00
Miroslav Stampar
63f4b3462f Fixes #2105 2016-08-15 18:35:04 +02:00
Miroslav Stampar
a45a90df94 Adding new WAF script (Yunsuo) 2016-08-12 14:32:03 +02:00
Miroslav Stampar
ec1ac81e0a Minor refactoring 2016-08-08 16:08:16 +02:00
Miroslav Stampar
6ba46bf7cf Update for #2086 (lowercasing only the command) 2016-08-08 15:55:39 +02:00
Miroslav Stampar
b92fc840fe Adding pypi script to the repository 2016-08-02 13:21:05 +02:00
Miroslav Stampar
ef79bbf7d2 Minor patch 2016-08-02 12:38:57 +02:00
Miroslav Stampar
fba1199cd2 Minor consistency update 2016-08-02 12:05:39 +02:00
Miroslav Stampar
4022a68523 Removing last debug commit 2016-08-02 12:01:49 +02:00
Miroslav Stampar
67bc3ed359 Trying out the last commit 2016-08-02 12:01:02 +02:00
Miroslav Stampar
a0ddd99087 Minor update for automatic PyPI packaging 2016-08-02 12:00:21 +02:00
Miroslav Stampar
2a7ef58c9f Minor refactoring 2016-08-02 11:55:11 +02:00
Miroslav Stampar
35010006a1 Some cosmetic changes 2016-08-02 11:50:42 +02:00
Miroslav Stampar
acfe788c95 Preparing for #1250 2016-08-02 00:17:59 +02:00
Miroslav Stampar
5ccb73a1ee Minor patch for Python3 check 2016-07-29 15:30:59 +02:00
Miroslav Stampar
6ac5b6b759 Minor refactoring 2016-07-28 17:04:15 +02:00
Miroslav Stampar
d82f20abc4 Fixes #2068 2016-07-28 17:02:27 +02:00
Miroslav Stampar
10eafa35fd Adding CloudFlare CAPTCHA warning 2016-07-23 23:02:15 +02:00
Miroslav Stampar
9105f259cd Fixes #2060 (ParseError has been added in Python 2.7) 2016-07-23 15:27:25 +02:00
Miroslav Stampar
7cca56edfa Fixes #2052 2016-07-21 09:38:52 +02:00
Miroslav Stampar
e21d751834 Fixes #2049 2016-07-20 20:04:44 +02:00
Miroslav Stampar
ebb73b71fa Fixes #2045 2016-07-20 16:49:27 +02:00
Miroslav Stampar
1ca633ae64 Fixes #2031 2016-07-17 23:30:40 +02:00
Miroslav Stampar
3e22cbfed7 Minor update 2016-07-17 00:34:14 +02:00
Miroslav Stampar
c7f615f707 Renaming payload files (consistency with the rest of the project) 2016-07-17 00:21:16 +02:00
Miroslav Stampar
b83ee92cd1 Minor modification 2016-07-17 00:09:09 +02:00
Miroslav Stampar
571d669a09 Minor modification 2016-07-17 00:07:58 +02:00
Miroslav Stampar
e485531b71 Adding integrity checks in case of unhandled exceptions 2016-07-17 00:04:30 +02:00
Miroslav Stampar
7427b554e3 Adding support for integrity checks 2016-07-16 23:25:13 +02:00
Miroslav Stampar
1a818ceccd Adding error message regarding #2030 2016-07-16 22:47:16 +02:00
Miroslav Stampar
7fea8d608e Fixes #2028 2016-07-16 22:42:15 +02:00
Miroslav Stampar
1e6191e3b1 Fixes #2026 2016-07-16 15:51:09 +02:00
Miroslav Stampar
c10b2825d7 Patch for --os-shell against Windows/MySQL where resulting \r caused trouble 2016-07-15 11:56:51 +02:00
Miroslav Stampar
c200b2cb19 Another fix (related to the last commit) 2016-07-15 11:45:59 +02:00
Miroslav Stampar
071f4c8a2b Bug fix (reported privately) - better parsing of file paths (especially for Windows cases) 2016-07-15 11:13:47 +02:00
Miroslav Stampar
5097a2c79e Less timeout error messages (because of server dropping of non-active connections) 2016-07-15 00:33:33 +02:00
Miroslav Stampar
bce9db1af5 Adding support for --columns too (Issue #2025) 2016-07-15 00:10:41 +02:00
Miroslav Stampar
ca67456dbe Removing a debugging leftover (Issue #2025) 2016-07-14 23:39:44 +02:00
Miroslav Stampar
6df4d73b09 Implementation for an Issue #2025 2016-07-14 23:18:28 +02:00
Miroslav Stampar
2aaa486f7a Minor code style update 2016-07-13 14:09:33 +02:00
Miroslav Stampar
47ba7d4705 Minor update 2016-07-07 10:37:00 +02:00
Miroslav Stampar
2e42afea6f Update of sucury WAF script 2016-07-06 23:43:21 +02:00
Miroslav Stampar
292a28131d Minor updates 2016-07-06 23:43:10 +02:00
Miroslav Stampar
2e775fbb75 (e.g.) ASPx MsSQL Chinese exception messages don't start with 'Exception: string' 2016-07-06 14:06:18 +02:00
Miroslav Stampar
e1d7641b8a Good for different generic OleDB-alike connectors 2016-07-06 13:48:35 +02:00
Miroslav Stampar
6b0951d1ee Switching default Tor type to SOCKS5 (various bundles are discontinued) 2016-07-06 13:30:46 +02:00
Miroslav Stampar
db1fc621b5 Update for SonicWALL WAF script; lesser false positives with ModSecurity WAF script 2016-07-06 13:19:51 +02:00
Miroslav Stampar
9351756c36 Minor update of format exception strings 2016-07-05 16:02:34 +02:00
Miroslav Stampar
63b645c64c Removing a debugging leftover 2016-07-05 09:32:30 +02:00
Miroslav Stampar
7ad49f4185 Less problematic regexes for MsSQL errors 2016-07-05 09:32:08 +02:00
Miroslav Stampar
d9315830f9 Less problematic regex for MsSQL errors 2016-07-05 09:20:04 +02:00
Miroslav Stampar
2e2c62b6a7 More error regexes 2016-07-04 17:24:17 +02:00
Miroslav Stampar
53289b0234 Some more Informix error regexes 2016-07-04 10:03:36 +02:00
Miroslav Stampar
dd082ef79d Minor update (new error regex for Informix) 2016-07-04 09:49:18 +02:00
Miroslav Stampar
2c968f9a35 Closes #2007 2016-07-04 09:12:30 +02:00
Miroslav Stampar
74d0315fef Update related to the last commit 2016-07-03 02:14:23 +02:00
Miroslav Stampar
ae98159130 Automatic monthly tagging 2016-07-03 02:03:30 +02:00
Miroslav Stampar
3a9e36c52b Reintroducing stacked queries removed in 79d08906a4 (good for WAF bypass) 2016-07-03 02:03:30 +02:00
Miroslav Stampar
cb43c03712 Definite patch for MemoryError(s) (fixes #1991) 2016-06-30 14:57:56 +02:00
Miroslav Stampar
65a0f15f69 Minor update (error regex for PHP's sqlsrv module) 2016-06-28 15:13:37 +02:00
Miroslav Stampar
98b77d32cc Minor update 2016-06-27 11:16:41 +02:00
Miroslav Stampar
86a3569ccb New WAF script (SonicWALL) 2016-06-26 16:42:05 +02:00
Miroslav Stampar
17fca351d3 Minor update 2016-06-26 16:26:13 +02:00
Miroslav Stampar
2614e7bec1 Minor update 2016-06-26 16:23:39 +02:00
Miroslav Stampar
832c6e806f Revert of last commit 2016-06-26 15:59:35 +02:00
Miroslav Stampar
7b334b0808 'Conversion failed' happens in regular SQLi on MsSQL 2016-06-26 15:57:11 +02:00
Miroslav Stampar
aa9151785e Minor update 2016-06-26 15:37:30 +02:00
Miroslav Stampar
6bdef1b7da Minor update 2016-06-26 01:46:49 +02:00
Miroslav Stampar
8b4367d354 Revert of last commit 2016-06-26 01:42:21 +02:00
Miroslav Stampar
0a9d69a7d0 Minor patch 2016-06-26 01:10:47 +02:00
Miroslav Stampar
a4b60dc00f New error regex for MsSQL 2016-06-26 00:40:54 +02:00
Miroslav Stampar
f91ae32284 Minor update (to not confuse S3 vs Cloudfront) 2016-06-24 13:39:13 +02:00
Miroslav Stampar
53fc9d6720 Fixes #1990 2016-06-24 13:31:19 +02:00
Miroslav Stampar
0b31568306 Minor update 2016-06-24 13:28:08 +02:00
Miroslav Stampar
e9407cf791 Cleaning some garbage boundaries (it doesn't make any sense to use %00 as prefix) 2016-06-23 22:57:59 +02:00
Miroslav Stampar
0175acd028 Bug fix (in some cases lack of warning message for SQLi appearing) 2016-06-23 17:52:37 +02:00
Miroslav Stampar
733a32de32 Minor patch 2016-06-23 12:09:51 +02:00
Miroslav Stampar
1b863ecf93 Far better detection of SecureIIS (WAF) 2016-06-23 12:03:05 +02:00
Miroslav Stampar
ec06037335 Update of bigip waf script 2016-06-23 11:41:49 +02:00
Miroslav Stampar
0cdb62a1b5 Adding new waf script (armor) 2016-06-23 11:15:31 +02:00
Miroslav Stampar
99454198b8 Minor refactoring 2016-06-20 10:01:57 +02:00
Miroslav Stampar
dd6287ace8 Fixes #1972 2016-06-20 09:59:50 +02:00
Miroslav Stampar
786460e3b4 Minor just in case patch 2016-06-19 17:44:47 +02:00
Miroslav Stampar
419cf979f1 Showing again the 'shutting down at ...' message 2016-06-19 17:17:01 +02:00
Miroslav Stampar
30be875304 Patch for an Issue #1968 2016-06-18 01:21:57 +02:00
Miroslav Stampar
7d011bc811 Fixes #1964 2016-06-17 17:07:44 +02:00
Miroslav Stampar
b2c4a3b247 Fixes #1960 2016-06-17 16:54:23 +02:00
Miroslav Stampar
9d9592a69b Fixes #1963 2016-06-17 16:51:23 +02:00
Miroslav Stampar
cb42294a7e Minor message update 2016-06-15 07:57:10 +02:00
Miroslav Stampar
146762c109 Minor update 2016-06-15 07:54:47 +02:00
Miroslav Stampar
494b9d1586 Fixes #1943 2016-06-13 15:30:38 +02:00
Miroslav Stampar
2e95fdb52d Fixes #1947 2016-06-13 14:50:44 +02:00
Miroslav Stampar
46736cac7b Fixes #1931 2016-06-10 18:41:41 +02:00
Miroslav Stampar
041213f22d Fixes #1935 2016-06-10 18:18:48 +02:00
Miroslav Stampar
8ca45c5678 Fixes #1936 2016-06-10 18:02:24 +02:00
Miroslav Stampar
c6eec8db97 Fixes #1938 2016-06-10 17:52:22 +02:00
Miroslav Stampar
98fdc493f4 Proper patch for #1923 (Fixes #1940, #1941) 2016-06-10 17:42:11 +02:00
Miroslav Stampar
91372bff87 Fixes #1932 2016-06-08 08:20:54 +02:00
Miroslav Stampar
7fb9db42a7 Performing a backup of old dump file (Issue #841) 2016-06-05 12:37:19 +02:00
Miroslav Stampar
82382957f9 Minor refactoring 2016-06-05 12:25:42 +02:00
Miroslav Stampar
f034122bd0 Fixes #1920 2016-06-05 12:14:01 +02:00
Miroslav Stampar
0df2456f34 Fixes #1923 2016-06-03 16:06:29 +02:00
Miroslav Stampar
78fdb27a0b More improvements 2016-06-03 15:51:52 +02:00
Miroslav Stampar
350baf0a0a Minor update 2016-06-03 14:29:32 +02:00
Miroslav Stampar
9886b646eb Proper update regarding the last commit 2016-06-03 14:18:28 +02:00
Miroslav Stampar
c5197b99a0 Minor patch and minor improvement 2016-06-03 13:59:32 +02:00
Miroslav Stampar
cc313280af Payload that never ever worked (now fixed) 2016-06-03 13:16:00 +02:00
Miroslav Stampar
f06ff42c58 This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE) 2016-06-03 10:42:57 +02:00
Miroslav Stampar
4bc1cf4518 Vastly better patch for MsSQL payloads 2016-06-03 10:29:04 +02:00
Miroslav Stampar
0e65043c84 Minor adjustment 2016-06-03 09:48:49 +02:00
Miroslav Stampar
d7d565415a Patch for MySQL fingerprinting 2016-06-03 02:31:31 +02:00
Miroslav Stampar
0986ec8948 Update for Oracle fingerprinting 2016-06-03 02:27:59 +02:00
Miroslav Stampar
50bced511f Adding support for fingerprinting MsSQL 2014 and 2016 2016-06-03 02:24:19 +02:00
Miroslav Stampar
e275e8c0b0 Fixes #1921 2016-06-03 02:02:11 +02:00
Miroslav Stampar
77dea38ac1 Fixes #1918 2016-06-03 00:37:18 +02:00
Miroslav Stampar
7dc2ec5fd8 Minor touch 2016-06-01 20:42:09 +02:00
Miroslav Stampar
4bf2e3b139 Minor update 2016-06-01 20:37:05 +02:00
Miroslav Stampar
8114c14755 Removing leftover 2016-06-01 16:32:22 +02:00
Miroslav Stampar
ec8cf6aadc Adding support for detecting CAPTCHA 2016-06-01 15:48:04 +02:00
Miroslav Stampar
d326965966 Reordering MySQL's error-based payloads (BIGINT and EXP have crazy bigger chunk lenghts) 2016-06-01 14:12:22 +02:00
Miroslav Stampar
030df0353d Removing ugly legacy code (e.g. showing MySQL 5.0 when it is e.g. '5.7.8') 2016-06-01 13:47:20 +02:00
Miroslav Stampar
5038d7a70a Removing ugly boolean check results (0 or 1) in output of UNION and ERROR SQLi 2016-06-01 13:39:40 +02:00
Miroslav Stampar
f0b8fbb7fd Implemented support for JSON_KEYS error-based SQLi (and tons of fixes for MySQL 'ORDER BY,GROUP BY' payloads) 2016-06-01 13:23:41 +02:00
Miroslav Stampar
5810c2b199 Minor patch 2016-06-01 11:30:27 +02:00
Miroslav Stampar
77f0b5dfa8 Fixes #1919 2016-06-01 10:56:42 +02:00
Miroslav Stampar
b0ea74dc63 Minor warning message update 2016-06-01 10:53:32 +02:00
Miroslav Stampar
0c07c8942c Automatic monthly tagging 2016-06-01 10:44:08 +02:00
Miroslav Stampar
7d1bdb35ca Update of parsed versions 2016-06-01 10:44:08 +02:00
Miroslav Stampar
e823889819 Update for JSP exceptions 2016-05-31 15:35:10 +02:00
Miroslav Stampar
680aedaefc Adding option --tmp-dir 2016-05-31 14:55:56 +02:00
Miroslav Stampar
afdca09ced Minor patches (proper user warnings in case of output directory permissions) 2016-05-31 14:05:35 +02:00
Miroslav Stampar
ac89ee71c3 Minor improvement 2016-05-31 13:29:43 +02:00
Miroslav Stampar
af7c8cff92 Bug fix (previously removing temporary directory even if it is needed afterwards) 2016-05-31 13:21:08 +02:00
Miroslav Stampar
26d4dec5fb Minor refactoring 2016-05-31 13:02:26 +02:00
Miroslav Stampar
cf31d12528 Adding support for python's cgitb tracebacks 2016-05-31 12:33:56 +02:00
Miroslav Stampar
b4c730f8c0 Minor refactoring 2016-05-31 12:23:59 +02:00
Miroslav Stampar
fba1720b31 Minor patch 2016-05-31 11:16:13 +02:00
Miroslav Stampar
9fad72f28b Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion) 2016-05-31 11:08:23 +02:00
Miroslav Stampar
1782bf8e64 Adding support for parsing ODBC/JDBC error messages 2016-05-31 10:49:34 +02:00
Miroslav Stampar
2d59a10515 Better patch than last commit 2016-05-31 10:25:01 +02:00
Miroslav Stampar
21a25c4f00 Bug for fix comments in case of MsAccess 2016-05-31 10:24:13 +02:00
Miroslav Stampar
6b5c16c22c Minor update for ColdFusion error messages 2016-05-31 09:54:14 +02:00
Miroslav Stampar
2c6621c26a Minor upgrade for WAF/IDS/IPS detection 2016-05-31 09:49:50 +02:00
Miroslav Stampar
f0500b1d2f Minor update for ColdFusion path regexes 2016-05-31 09:35:58 +02:00
Miroslav Stampar
6a033bb58c Minor update for ColdFusion type casting 2016-05-31 09:31:32 +02:00
Miroslav Stampar
2fa4b22645 Patch for URL encoding cookie values (asking the user to choose) 2016-05-30 17:47:08 +02:00
Miroslav Stampar
229d3a7dd0 Patch for cases when error page looks more like original, than the False one does 2016-05-30 16:46:23 +02:00
Miroslav Stampar
b965e5bf1c Minor refactoring 2016-05-30 16:06:39 +02:00
Miroslav Stampar
3bd74c5351 Minor patch 2016-05-30 15:20:21 +02:00
Miroslav Stampar
55624ec1a2 Minor message update 2016-05-30 14:40:22 +02:00
Miroslav Stampar
6885afe8c3 Minor update for requestvalidationmode.py waf script 2016-05-30 14:26:55 +02:00
Miroslav Stampar
acc1277246 Minor update 2016-05-30 14:13:57 +02:00
Miroslav Stampar
935cb9c8cb Patch for a custom header cookie urlencoding 2016-05-30 14:09:53 +02:00
Miroslav Stampar
17a4ddad63 Fixes #1916 2016-05-30 13:10:25 +02:00
Miroslav Stampar
5264671f5b Dump formatting patch for MsAccess 2016-05-30 12:03:33 +02:00
Miroslav Stampar
b4ebbae354 New payload(s) 2016-05-30 11:25:24 +02:00
Miroslav Stampar
510197c39e Minor text update 2016-05-30 10:52:30 +02:00
Miroslav Stampar
b6a4bd91fe Minor text update 2016-05-30 10:51:35 +02:00
Miroslav Stampar
83b82a5e98 Bug fix (wrong handler used in case of DBMS resolution) 2016-05-30 10:32:49 +02:00
Miroslav Stampar
0b1efc0759 Minor update (for newer versions of MsSQL) 2016-05-30 01:38:34 +02:00
Miroslav Stampar
2b506d744d Minor update 2016-05-30 01:29:40 +02:00
Miroslav Stampar
79d08906a4 Cleaning some redundant payload(s) 2016-05-27 23:59:48 +02:00
Miroslav Stampar
6327063bd0 Minor patch 2016-05-27 16:43:01 +02:00
Miroslav Stampar
69fd900108 Adding waf script for detection of generic/unknown 2016-05-27 16:34:41 +02:00
Miroslav Stampar
f9d01f682b Cloudflare has tons of HTTP error codes while detecting SQLi 2016-05-27 15:58:16 +02:00
Miroslav Stampar
d7d3db415b Minor update 2016-05-27 15:32:30 +02:00
Miroslav Stampar
31850e4544 Minor bug fixes 2016-05-27 13:58:18 +02:00
Miroslav Stampar
de9f23939f Major bug fix in WAF/IDS/IPS detection (question 'do you want..to try to detect backend WAF/IPS/IDS' never worked) 2016-05-27 13:41:03 +02:00
Miroslav Stampar
154ed2c4e2 Minor patch 2016-05-27 13:33:14 +02:00
Miroslav Stampar
89dfe4e1ac Adding wallarm WAF script (and couple of other WAF script updates) 2016-05-27 11:58:18 +02:00
Miroslav Stampar
b41b07ddd8 Updates for 360 and jiasule WAF scripts 2016-05-27 11:02:05 +02:00
Miroslav Stampar
e36fc02282 Adding sophos WAF script 2016-05-27 10:17:42 +02:00
Miroslav Stampar
49b41c1eca Minor update for cloudflare waf script 2016-05-27 09:43:54 +02:00
Miroslav Stampar
4cd9fdb7df Minor update for F5 waf script 2016-05-27 09:27:45 +02:00
Miroslav Stampar
5aab2d8fb5 Update for Akamai Kona WAF script 2016-05-27 09:22:39 +02:00
Miroslav Stampar
210b65c02d Couple of fixes for --identify-waf 2016-05-27 02:24:59 +02:00
Miroslav Stampar
7a2ac23f0b Adding new waf script (sitelock) 2016-05-27 02:13:01 +02:00
Miroslav Stampar
e435fb2e9e Adding new waf script (comodo) 2016-05-27 01:23:20 +02:00
Miroslav Stampar
6892c94595 Minor update 2016-05-27 01:10:37 +02:00
Miroslav Stampar
831c960216 Update for an Issue #1899 2016-05-26 16:47:38 +02:00
Miroslav Stampar
43af2a4aee Fixes #1899 2016-05-26 16:08:59 +02:00
Miroslav Stampar
1de6996c26 Fixes #1893 2016-05-25 15:43:39 +02:00
Miroslav Stampar
304f2ed308 Minor language patch 2016-05-25 15:32:17 +02:00
Miroslav Stampar
148b35da4f Better extraction of absolute file paths 2016-05-25 15:29:25 +02:00
Miroslav Stampar
3865b3a398 Minor improvement in case of technique E (when waiting for large entry - lots of chunks) 2016-05-25 12:50:53 +02:00
Miroslav Stampar
d6bcbbae1d Minor patch for E technique to be more compatible with output of U technique 2016-05-25 12:42:15 +02:00
Miroslav Stampar
04b3aefc5d Patch for special character output in U and E techniques 2016-05-25 12:24:36 +02:00
Miroslav Stampar
a5f8cae599 Fixes #1892 2016-05-24 17:58:35 +02:00
Miroslav Stampar
29c3037512 Better asciinema recording (shorter width) 2016-05-24 17:26:10 +02:00
Miroslav Stampar
d0d7d3a205 Update of location of a sample run 2016-05-24 17:12:44 +02:00
Miroslav Stampar
7ce36ea1b6 Removal of unused imports 2016-05-24 16:40:44 +02:00
Miroslav Stampar
6f97f4796b Fixes #1891 2016-05-24 16:34:07 +02:00
Miroslav Stampar
39fe96009f Minor improvement (related to the last commit) 2016-05-24 16:20:39 +02:00
Miroslav Stampar
b475a38895 Better ORDER BY detection 2016-05-24 15:46:06 +02:00
Miroslav Stampar
42de887b05 Language update 2016-05-24 15:18:19 +02:00
Miroslav Stampar
28576bf08e Minor output update 2016-05-24 15:08:04 +02:00
Miroslav Stampar
c395958dff Fixes #1888 2016-05-24 14:55:19 +02:00
Miroslav Stampar
798b539eec Minor update 2016-05-24 14:50:56 +02:00
Miroslav Stampar
70cf8edc75 Fixes #1887 2016-05-24 14:17:00 +02:00
Miroslav Stampar
a81ea88eb0 Fixes #1889 2016-05-24 13:59:34 +02:00
Miroslav Stampar
023dda26fc Minor update for --os-shell directories 2016-05-24 12:53:21 +02:00
Miroslav Stampar
3e76895155 Minor update 2016-05-24 12:30:01 +02:00
Miroslav Stampar
2c1bd7f034 Update for an Issue #1531 (MySQL quirk with international letters) 2016-05-24 12:01:02 +02:00
Miroslav Stampar
f7cae68378 More formal language 2016-05-22 21:44:17 +02:00
Miroslav Stampar
f6ff1a115a Better (automatic) picking of a --string candidate (especially in case of international pages) 2016-05-22 21:29:08 +02:00
Miroslav Stampar
32ee586e2a Minor language update 2016-05-22 14:30:32 +02:00
Miroslav Stampar
b9e5655e3c Proper naming 2016-05-22 14:26:36 +02:00
Miroslav Stampar
6623c3f877 Pesky bug fix (nobody noticed :) 2016-05-22 14:22:31 +02:00
Miroslav Stampar
30a4173249 I like users which don't know the difference between detection and identification 2016-05-22 12:40:23 +02:00
Miroslav Stampar
dbbe4c6ddd Fixes #1884 2016-05-22 11:44:21 +02:00
Miroslav Stampar
633e4dfe48 Fixes #1886 2016-05-22 11:37:27 +02:00
Miroslav Stampar
5e8b105677 Fixes #1880 2016-05-19 19:46:12 +02:00
Miroslav Stampar
414dd96bbd Minor update (warning on negative integer values provided) 2016-05-19 18:04:25 +02:00
Miroslav Stampar
e857c2a88a Update for an Issue #1879 2016-05-19 13:50:31 +02:00
Miroslav Stampar
e7aaea2b8e Update for an Issue #1826 2016-05-17 14:10:49 +02:00
Miroslav Stampar
63d7cd607e Minor patch (for late threading issues) 2016-05-17 13:54:42 +02:00
Miroslav Stampar
d886b08dd9 Update for an Issue #1826 2016-05-17 13:45:03 +02:00
Miroslav Stampar
72f3185ae7 Fixes #1878 2016-05-17 10:47:17 +02:00
Miroslav Stampar
03be9f9b65 Minor removal of blank lines 2016-05-17 10:43:16 +02:00
Miroslav Stampar
d9d0865c13 Another patch for an Issue #1874 2016-05-16 17:09:05 +02:00
Miroslav Stampar
e3f54bc226 Minor patch for #1874 2016-05-16 16:53:28 +02:00
Miroslav Stampar
9662f4a56a Minor update 2016-05-16 16:47:29 +02:00
Miroslav Stampar
fea5cc8579 Minor patch 2016-05-16 15:37:49 +02:00
Miroslav Stampar
94091cd0e9 Fixes #1871 2016-05-15 09:37:45 +02:00
Miroslav Stampar
cc9f4b6102 Minor refactoring for MariaDB 2016-05-14 15:05:50 +02:00
Miroslav Stampar
cd7c99c752 Minor revert (it was not necessary - caused other problems) 2016-05-14 14:48:17 +02:00
Miroslav Stampar
75478c1181 Fixes #1868 2016-05-14 14:18:34 +02:00
Miroslav Stampar
ad0ca69579 Fixes #1865 2016-05-13 15:14:56 +02:00
Miroslav Stampar
2d801b7122 Minor patch for an Issue #1861 2016-05-12 17:16:55 +02:00
Miroslav Stampar
1e07269fe3 Patch for an Issue #1860 2016-05-12 16:42:12 +02:00
Miroslav Stampar
3b74e99576 Minor update (support for MariaDB) 2016-05-11 15:47:35 +02:00
Miroslav Stampar
439fff684e Minor update (MSSQL CONCAT payload) 2016-05-11 09:42:54 +02:00
Miroslav Stampar
72cf06119c Patch for an Issue #1852 2016-05-10 09:55:03 +02:00
Miroslav Stampar
808068d70a Minor update 2016-05-10 09:19:59 +02:00
Miroslav Stampar
f09072b2b6 Fixes #1853 2016-05-09 13:13:02 +02:00
Miroslav Stampar
be9381abc5 Implements #1845 2016-05-06 13:06:59 +02:00
Miroslav Stampar
5d09f7b85f Fixes #1822 2016-05-06 10:32:16 +02:00
Miroslav Stampar
8bbfee7591 Cleaning a leftover from be26392057 2016-05-06 10:30:58 +02:00
Miroslav Stampar
be26392057 Update for an Issue #1846 2016-05-06 10:23:57 +02:00
Miroslav Stampar
263730f4ee Fixes #1840 2016-05-04 13:23:59 +02:00
Miroslav Stampar
5d7e1782d9 Fixes #1839 2016-05-04 11:14:42 +02:00
Miroslav Stampar
e27f590c2c Fixes #1838 2016-05-04 11:11:58 +02:00
Miroslav Stampar
7afe655561 Another minor update for #1836 2016-05-03 12:52:46 +02:00
Miroslav Stampar
3bf08290a4 Update for an Issue #1836 2016-05-03 12:37:10 +02:00
Miroslav Stampar
34c2172391 Fixes #1837 2016-05-03 11:38:47 +02:00
Miroslav Stampar
48044f7a46 Minor update of IDS_WAF_CHECK_PAYLOAD 2016-05-03 00:19:19 +02:00
Miroslav Stampar
04e666182f Minor update of FORMAT_EXCEPTION_STRINGS 2016-05-02 23:44:43 +02:00
Miroslav Stampar
c797129956 Fixes #1833 2016-05-02 11:10:12 +02:00
Miroslav Stampar
6928dae956 Minor patch 2016-05-02 10:45:50 +02:00
Miroslav Stampar
6db3bcbb51 Minor update for UrlScan 2016-05-02 10:12:19 +02:00
Miroslav Stampar
d7f0b3566d Automatic monthly tagging 2016-05-02 10:06:30 +02:00
Miroslav Stampar
0c67a90cc0 Minor bug fix 2016-05-02 10:06:30 +02:00
Miroslav Stampar
f06e498fb0 Implementation for an Issue #1826 2016-04-29 14:19:32 +02:00
Miroslav Stampar
ad612bf9e4 Patch for Windows banner display 2016-04-29 00:51:20 +02:00
Miroslav Stampar
9dd5cd8eb6 Removing CloudFlare check 2016-04-29 00:17:07 +02:00
Miroslav Stampar
5ed3cdc819 Minor update 2016-04-22 10:54:55 +02:00
Miroslav Stampar
e07c92bce5 Minor change on banner showing up 2016-04-19 13:45:49 +02:00
Miroslav Stampar
0c5965c7b8 Minor patches 2016-04-19 13:13:37 +02:00
Miroslav Stampar
aa21550712 Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself) 2016-04-15 13:47:19 +02:00
Miroslav Stampar
66061e8c5f Fixes #1811 2016-04-15 12:04:54 +02:00
Miroslav Stampar
c4b74c2e01 Fixes #1810 2016-04-12 22:37:14 +02:00
Miroslav Stampar
55b23e78ee Fixes #1809 2016-04-12 22:10:26 +02:00
Miroslav Stampar
a9526bda92 Minor patch 2016-04-11 22:38:44 +02:00
Miroslav Stampar
0901da3f83 Update for an Issue #1807 2016-04-11 09:43:50 +02:00
Miroslav Stampar
8004652f7b Some more optimization 2016-04-08 15:30:25 +02:00
Miroslav Stampar
c9b410c97f Minor update 2016-04-08 14:59:52 +02:00
Miroslav Stampar
814d710320 Minor speed up 2016-04-08 14:41:34 +02:00
Miroslav Stampar
38fcc5a35a Update for pre-WHERE payloads 2016-04-08 13:19:42 +02:00
Miroslav Stampar
674d516f3e Minor patch 2016-04-08 11:40:09 +02:00
Miroslav Stampar
8ceb4907a5 Another update for Issue #1800 2016-04-08 11:37:38 +02:00
Miroslav Stampar
ce3749622a Minor revisit of payload boundaries (Issue #1800) 2016-04-08 11:28:17 +02:00
Miroslav Stampar
bcfae99701 Adding new WAF script 2016-04-08 10:32:18 +02:00
Miroslav Stampar
44c1c2c6f0 Minor update (reported via email) 2016-04-06 11:43:53 +02:00
Miroslav Stampar
ac08db82b2 Including one more error regex (based on testasp[.]vulnweb[.]com) 2016-04-04 16:14:30 +02:00
Miroslav Stampar
305bfd9d30 Implements #1763 2016-04-04 13:50:10 +02:00
Miroslav Stampar
f9aaec7b4a Minor patch (binary extensions) 2016-04-04 12:43:53 +02:00
Miroslav Stampar
d881a92ee7 Automatic monthly tagging 2016-04-04 12:38:37 +02:00
Miroslav Stampar
60ada89347 Trying once again 2016-04-04 12:38:37 +02:00
Miroslav Stampar
171bfa33a7 Automatic monthly tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
acaef90c7b Minor tuning of auto tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
31d7021d4c Fixes #1794 2016-04-04 12:25:07 +02:00
Miroslav Stampar
e83d8f6143 Updating colorama (Issue #1784) 2016-03-30 15:11:34 +02:00
Miroslav Stampar
7e55af2811 Fixes #1778 2016-03-28 16:13:36 +02:00
Miroslav Stampar
ad3b766b65 Adding in-table name boundaries 2016-03-26 09:39:28 +01:00
Miroslav Stampar
074fbbcea5 Implementation for an Issue #1776 2016-03-23 15:45:49 +01:00
Miroslav Stampar
5b0d5970cc Another patch related to the #1773 2016-03-23 10:33:32 +01:00
Miroslav Stampar
6c2f9859be Potential patch for #1773 2016-03-23 10:26:22 +01:00