Miroslav Stampar
cda8815634
introducing safe deprecation mechanism for HashDB versioning
2012-03-12 22:55:57 +00:00
Miroslav Stampar
11c7cc5224
minor temporary fix
2012-03-08 11:08:43 +00:00
Miroslav Stampar
cd28eb6544
minor update regarding --load-cookies
2012-03-08 10:19:34 +00:00
Miroslav Stampar
f142c0f782
minor update
2012-02-28 14:04:13 +00:00
Miroslav Stampar
a9bf0297f6
moving injection data to HashDB
2012-02-27 13:44:07 +00:00
Miroslav Stampar
85125018a1
minor bug fix
2012-02-25 22:54:32 +00:00
Miroslav Stampar
06ab3fa134
minor update
2012-02-25 10:53:38 +00:00
Miroslav Stampar
74b19a0386
minor update
2012-02-25 10:43:10 +00:00
Miroslav Stampar
b3bd4144f5
removing of unused imports together with some general code refactoring
2012-02-22 10:40:11 +00:00
Miroslav Stampar
95f89ab63a
updating copyright date
2012-01-11 14:59:46 +00:00
Miroslav Stampar
22c3fe49bb
some refactoring
2011-12-28 13:50:03 +00:00
Miroslav Stampar
f622995a29
compatibility with partial union and error technique resumed data
2011-12-22 12:20:21 +00:00
Miroslav Stampar
95cd9e2af3
adding support for scanning Host header values (-p host)
2011-12-20 12:52:41 +00:00
Miroslav Stampar
5f7dbec41f
minor patch
2011-12-03 12:11:46 +00:00
Miroslav Stampar
2ed3efba12
speed optimization and bug fix (kb.absFilePaths were not stored previously; also, they are now extracted only in heuristic phase)
2011-11-22 08:39:13 +00:00
Miroslav Stampar
440b7efe55
minor optimization
2011-11-20 20:14:47 +00:00
Miroslav Stampar
c1486ed4be
adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request
2011-10-25 09:53:44 +00:00
Miroslav Stampar
25f0ec3597
some minor range to xrange conversion (where safe to do)
2011-10-21 22:34:27 +00:00
Miroslav Stampar
b3b4459c72
minor fix
2011-09-26 13:01:43 +00:00
Miroslav Stampar
744636a8c1
switching to SQLite resume support (on error and union techniques this moment)
2011-09-25 20:36:32 +00:00
Bernardo Damele
aedcf8c8d7
Changed homepage address
2011-07-07 20:10:03 +00:00
Miroslav Stampar
faa74cd2bc
introducing results file for multiple target mode
2011-05-15 22:21:38 +00:00
Miroslav Stampar
ec4d9178f8
minor update related to the previous commit
2011-05-08 06:28:58 +00:00
Miroslav Stampar
4d6e7c738c
minor update
2011-05-08 06:17:43 +00:00
Bernardo Damele
f56d135438
Minor code restyling
2011-04-30 13:20:05 +00:00
Bernardo Damele
edc2d75702
Cosmetics and major bug fix
2011-04-21 21:15:23 +00:00
Miroslav Stampar
6fab44d635
minor refactoring and improving of used regex
2011-04-17 22:37:00 +00:00
Miroslav Stampar
9aae447553
minor update for matching SOAP messages
2011-04-17 22:21:32 +00:00
Miroslav Stampar
a7366bf710
SOAP refactoring
2011-04-17 21:39:00 +00:00
Miroslav Stampar
0387654166
update of copyright string (until year)
2011-04-15 12:33:18 +00:00
Miroslav Stampar
139448eeb9
little stabilization regarding POST url(de/en)coding
2011-03-19 16:53:14 +00:00
Bernardo Damele
6e8ebd35f4
Hide switch -x (XML output format) as it is incomplete and bugged and won't make it for 0.9 stable
2011-02-27 12:17:41 +00:00
Miroslav Stampar
417b311475
minor update
2011-02-13 22:02:47 +00:00
Miroslav Stampar
50d25c3b4d
update regarding explicit testing of ua and referer when using -p
2011-02-13 21:58:48 +00:00
Miroslav Stampar
535eb9f3eb
implementation of referer feature
2011-02-11 23:07:03 +00:00
Miroslav Stampar
f83f1a1e06
minor just in case update
2011-02-04 13:08:54 +00:00
Miroslav Stampar
c69b76776e
minor refactoring
2011-02-04 13:04:19 +00:00
Miroslav Stampar
c19d481bb1
little clean up
2011-02-04 12:25:14 +00:00
Miroslav Stampar
fa58a9c86b
update (now URIs like www.site.com/id82 are automatically treated as possible URI injectable)
2011-01-31 20:36:01 +00:00
Miroslav Stampar
ddf23ba7cc
refactoring
2011-01-30 11:36:03 +00:00
Miroslav Stampar
81722b6881
major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values)
2011-01-27 18:36:28 +00:00
Miroslav Stampar
dd7262d9e6
we haven't closed session file for previous target which lead to potentially nasty problems in multi target mode
2011-01-20 17:53:49 +00:00
Miroslav Stampar
fb9d7cdfaa
refactoring, code clearing and removal of obsolete switch --longest-common
2011-01-14 14:37:03 +00:00
Miroslav Stampar
dce9a762f1
important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode
2011-01-02 10:37:32 +00:00
Miroslav Stampar
e355f92f22
bug fix
2010-12-18 10:02:01 +00:00
Miroslav Stampar
ec5c08ca7a
cosmetics
2010-12-09 09:24:20 +00:00
Miroslav Stampar
db39dc32fc
minor update
2010-12-09 00:59:39 +00:00
Miroslav Stampar
258e9fb50e
fix for a "bug" reported by Spencer J. McIntyre (os.makedirs(conf.outputPath, 0755) -> permission denied)
2010-12-08 21:16:18 +00:00
Bernardo Damele
c8f943f5e4
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.
...
Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file.
2010-11-30 22:40:25 +00:00
Bernardo Damele
9d7087e2ff
Proper saving and resuming when more than a parameter are injectable.
...
Minor bug fix to --stacked-test
Minor code refactoring.
2010-11-29 01:04:42 +00:00