| 
							
							
								 Bernardo Damele | 0a81415f2f | Minor code cleanup | 2011-02-08 00:02:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2c4f6d2e99 | fix (lol. we were using same comparison payload through the all test. it's a nono :) p.s. this way we are dealing with "reflective" problem too | 2011-02-07 21:53:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a577d0e9a5 | restraining "using unescaped version of the test because of zero knowledge of the back-end DBMS" once per test (before was once per boundary) | 2011-02-07 21:18:01 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 061f56daf9 | More adjustments related to unescape() and cleanupPayload(). Minor code cleanup related to error-based payload. | 2011-02-06 23:27:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 0800d9e49b | Major bug fix for semi-centralize unescape() and cleanupPayload() into prefixQuery() and suffixQuery() | 2011-02-06 22:58:12 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 078a2207cc | few reverts | 2011-02-06 22:10:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b9b2fe0e7c | little cleanup | 2011-02-06 21:52:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d2b96a66a2 | one more update regarding last few "unescape" related commits | 2011-02-06 20:23:23 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c44978862e | Minor reordering of what gets saved into the injection object | 2011-02-06 15:20:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b56a77e573 | removing obsolete switches (--threshold, --excl-reg, --excl-str) | 2011-02-03 15:55:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8134c2154a | adding WHERE enum for payloads | 2011-02-02 13:34:09 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | d875d848ce | Better sort | 2011-02-01 22:04:48 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 6761933f75 | Just.. cosmetics ;) | 2011-01-31 22:51:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fa58a9c86b | update (now URIs like www.site.com/id82 are automatically treated as possible URI injectable) | 2011-01-31 20:36:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8ef47307db | added checking of header values for GREP (error); still UNION to do | 2011-01-31 12:21:17 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 8278d821ac | Another layout adjustment | 2011-01-30 16:23:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 367d0639f0 | refactoring (class names should always be Capital cased) | 2011-01-28 16:36:09 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8e74c571bc | centralization of urlencoding should be (only) in connect.py and we are from now on handling non-urlencoded data at other levels | 2011-01-27 19:44:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 10b723f196 | minor fix for a bug reported by yonnym@googlemail.com | 2011-01-25 22:26:28 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | e1db2700f0 | Minor bug fix to properly deal --prefix and --suffix and parameter replace payloads | 2011-01-24 12:25:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7c4c79477d | world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql) | 2011-01-21 18:32:10 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 9770db597e | Centralization of unescape() | 2011-01-20 21:55:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 496a84c356 | minor update | 2011-01-20 18:32:04 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | bade0e3124 | Major code refactoring - centralized all kb.dbms* info for both retrieval and set. | 2011-01-19 23:06:15 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | eda0b41859 | Added a precaution when, in some rare circumstances, fingerprinted DBMS differ during detection phase. Adapted UNION tests' titles when --union-char is provided.
Lots of comment adjustments.
Code cleanup | 2011-01-18 23:03:50 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c2a358561f | Proper support for --union-cols | 2011-01-17 22:57:33 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 47565f9459 | Minor code refactoring | 2011-01-17 21:13:59 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f5e36876e7 | removing --text-only from that "dynamicity" warning selection (other two are more preferable) and minor cosmetics/consistency | 2011-01-16 19:29:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 718eef8753 | minor fix | 2011-01-16 18:11:35 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ec1ab3cd2a | removing timeSec from injection configuration attributes as it highly depends on current connection "variables" | 2011-01-16 12:12:01 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 71391874eb | slightly faster and thread safer inference | 2011-01-16 10:52:42 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 0fc4ebdc1b | Major bug fix. Minor code refactoring. | 2011-01-16 01:17:09 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | c0d5daee99 | More refactoring and cleanup | 2011-01-16 00:15:30 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | d3a28124b1 | More code cleanup | 2011-01-15 23:11:36 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 4a35f598b8 | Minor refactoring | 2011-01-15 22:09:53 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0f565c941e | bug fix and proper warning message | 2011-01-15 16:59:53 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5bdb50c224 | code review part 3 | 2011-01-15 13:15:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6a0e0cde3c | code review of modules in lib/core directory | 2011-01-15 12:13:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 05b2a338fe | cosmetics | 2011-01-14 16:12:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bff989d348 | minor update | 2011-01-14 15:43:53 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | daf5662eab | update | 2011-01-14 15:33:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 08f7e20c51 | minor code refactoring | 2011-01-14 14:55:59 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fb9d7cdfaa | refactoring, code clearing and removal of obsolete switch --longest-common | 2011-01-14 14:37:03 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | e4e9b11b79 | Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms. | 2011-01-14 12:47:07 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 3c95d71ea5 | Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase | 2011-01-14 11:55:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 676b95b30a | minor code refactoring | 2011-01-14 09:44:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | f8c04ce020 | Minor bug fix | 2011-01-13 20:59:13 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 2ac8debea0 | Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. Minor bug fixes thanks to previous refactoring too. | 2011-01-13 17:36:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ece2eb31ca | minor update | 2011-01-13 11:08:29 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | be6e2d6a31 | Important bug fix. Minor code restyling. | 2011-01-13 09:41:55 +00:00 |  |