| 
							
							
								 Miroslav Stampar | c5de903eab | minor improvement ("quick defense against substr fields") | 2011-03-31 09:35:09 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ce51326bff | quick fix | 2011-03-31 08:43:17 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0916117447 | improvement of error-based testing (no more sqlmap aborting on error-based payloads which happens very often on MySQL servers); also, minor improvement on brute forcing of column names | 2011-03-30 18:32:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | dd01d66f13 | proper update regarding last commit | 2011-03-29 22:10:08 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 850328df6c | minor cosmetics | 2011-03-29 22:03:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b6af80bab3 | refactoring, cleanup and improvement | 2011-03-29 21:54:15 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | adfbfef8c1 | minor refactoring | 2011-03-29 21:01:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 12f3024c8a | removing that boring message "reflective value found and filtered out" for headers case (we always include Uri header) | 2011-03-29 20:45:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9f707febf5 | minor update | 2011-03-29 15:43:17 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d0861a00e2 | minor improvement | 2011-03-29 15:37:57 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d28ca5809b | adding support for meta HTML header 'refresh' - popular one amongst login pages (stumbled when tested blind injections on Mutillidae login page) | 2011-03-29 14:16:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7cf4ba83dc | minor refactoring and comment update | 2011-03-29 12:08:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1821a008af | Ctrl+C in dictionary attack phase will now not abort the whole enumeration; also, question for common suffixes will now be asked only once | 2011-03-29 12:00:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5560196648 | minor fix | 2011-03-29 11:50:12 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e20d460809 | Bernardo will kill me (added --wizard for total beginners) | 2011-03-29 11:42:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4d78eac938 | revert of that thingy as requested by Bernardo | 2011-03-29 10:06:35 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a9f5d828c6 | minor fix avoiding problems with hashing strange characters in usernames | 2011-03-29 07:50:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b7813f9e68 | incrementing level for MySQL stacked payloads | 2011-03-29 07:31:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e8debbe724 | minor cosmetics and one minor fix (|= is a nono with None) | 2011-03-29 06:38:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 86f93713d3 | fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update | 2011-03-29 06:25:17 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a2d5358b08 | minor fix | 2011-03-28 23:40:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9e900ccbac | minor comment update | 2011-03-28 23:12:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a61e287d23 | making updates for dummy Windows users | 2011-03-28 23:09:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bf0e3c4662 | improvement for --forms with empty fields | 2011-03-28 22:48:00 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1823c116bb | minor update for special cases of union testing results | 2011-03-28 21:45:38 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ae53ad4c30 | making an update for special case of timed out response | 2011-03-28 21:05:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1e22ff45de | minor update regarding testing of GET parameters if --data and/or --forms is used | 2011-03-28 16:14:08 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 625f124263 | little info message | 2011-03-28 12:13:17 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4312a42b5d | another minor fix | 2011-03-28 12:04:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 3173adbf6b | minor update | 2011-03-28 12:02:31 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 73e5d20ade | bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries) | 2011-03-28 11:01:55 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 19a6f86954 | Minor update | 2011-03-27 16:37:57 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 08d052d9b8 | minor update of THANKS file | 2011-03-27 13:45:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 47924fb92e | fix for a bug reported by malice.anon@gmail.com (AttributeError: 'unicode' object has no attribute 'geturl') | 2011-03-27 13:41:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 76b7e3517d | minor update | 2011-03-27 07:58:15 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | dba32306b0 | minor update | 2011-03-26 22:03:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d2eb4c6a39 | update of THANKS file | 2011-03-26 21:48:36 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d8f7c4bc4c | minor update regarding support for crypt(3) | 2011-03-26 21:41:37 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4f00b9fa4b | minor fix | 2011-03-26 21:10:31 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | afe2be6a9f | implementation of Standard DES hashing (crypt) | 2011-03-26 20:46:25 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 04c4578df7 | minor fix | 2011-03-26 05:55:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 58f8703ecd | minor update before bedtime | 2011-03-25 22:59:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ae12dee990 | minor update | 2011-03-25 22:08:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c9baa0094b | going global for protection of non-standard identificator naming | 2011-03-25 22:02:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5a1f733a43 | minor update (_ is part of normal identificator naming) | 2011-03-25 21:49:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1a98095a93 | minor improvement for that MySQL identification naming | 2011-03-25 21:46:49 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1119a85f39 | it's a must after all - partial union is specific and as there is no output for fetched value, we have to display something to the user. also, there is a bug fix (removed the leftover parseUnionPage) | 2011-03-25 21:31:26 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 48c4460e2c | bug fixed (there was a huge problem with space containing identifiers - fixed and tested for MySQL) | 2011-03-25 21:22:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6c6133e8aa | revert of the last commit (i was doing some testing against a test case with lots of None(s) which drove me to the conclusion that we need that progress - in normal cases it's fine as it is) | 2011-03-25 20:46:37 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 737b4abf13 | this is a must for partial union. there are lots of cases with dumping of huge tables and user doesn't know a squirt if sqlmap is running or not (compromise is that this is only displayed if the verbose level is not touched by the user) | 2011-03-25 20:30:15 +00:00 |  |