2666 Commits

Author	SHA1	Message	Date
Ekultek	71984fc452	updated IP address regex as to not provide false positive	2017-02-28 06:35:37 -06:00
Miroslav Stampar	a0a6702a4e	Minor patch (reported via ML)	2017-02-28 13:16:19 +01:00
Miroslav Stampar	b18444f215	Issue #2417 (most probably -> most likely)	2017-02-27 22:14:52 +01:00
Miroslav Stampar	7ea524800a	Taking couple of suggestions from #2417	2017-02-27 22:03:15 +01:00
Miroslav Stampar	7960045cf9	Fixes #2277 and #2300	2017-02-27 13:58:07 +01:00
Miroslav Stampar	b2585cc8ea	Patch for #2410	2017-02-25 07:58:59 +01:00
Miroslav Stampar	7b263327cc	Update for #2410	2017-02-25 07:54:54 +01:00
Miroslav Stampar	5a08b71999	Minor update	2017-02-23 11:36:37 +01:00
Miroslav Stampar	4b420e7579	Removing Google PageRank as it is dead now	2017-02-23 11:33:39 +01:00
Miroslav Stampar	6b580a682a	Minor update	2017-02-20 10:06:06 +01:00
Miroslav Stampar	d6e7c2acdc	Minor touch	2017-02-19 01:48:12 +01:00
Miroslav Stampar	98e449e38c	Adding plus2fnconcat tamper script (Issue #2396)	2017-02-17 10:26:25 +01:00
Miroslav Stampar	9acf122ba6	Patch for an Issue #2396	2017-02-16 16:56:54 +01:00
Miroslav Stampar	2ed144ec85	Patch for wrong encoding reported privately via email	2017-02-16 15:52:07 +01:00
Miroslav Stampar	ec0c103952	Bug fix (reported privately)	2017-02-15 10:30:29 +01:00
Miroslav Stampar	a35d1e5373	Minor patch related to the email from ML	2017-02-14 13:14:35 +01:00
Miroslav Stampar	f5cf22a536	Update for an Issue #2377	2017-02-06 13:57:33 +01:00
Miroslav Stampar	38f16decef	Update for an Issue #2384	2017-02-06 13:28:33 +01:00
Miroslav Stampar	15f86e85b1	Minor update for #2379	2017-02-06 12:03:18 +01:00
Miroslav Stampar	5217efc69b	Fixes #2379	2017-02-06 12:01:46 +01:00
Miroslav Stampar	03bbf552ef	Patch for an Issue #2382	2017-02-06 11:14:45 +01:00
Miroslav Stampar	664684ad8f	Update for #2378	2017-02-03 23:04:38 +01:00
samogot	1c1f259df4	Update settings.py ... fix - looking for any tag	2017-02-03 16:50:16 +02:00
samogot	6249823335	Minor parse-error extension ... parse errors produced by Yii PHP Framework	2017-02-03 16:36:57 +02:00
Miroslav Stampar	bad3f80a1c	Touch update	2017-01-31 14:18:36 +01:00
Miroslav Stampar	9851a5703a	Fixes #2373	2017-01-31 14:00:12 +01:00
Miroslav Stampar	2a3014b606	Fixes #2367	2017-01-24 18:07:06 +01:00
Miroslav Stampar	16d5e22b72	Fixes #2358	2017-01-21 23:58:37 +01:00
Miroslav Stampar	a8a6dce38b	Fixes #2366	2017-01-21 23:09:15 +01:00
Miroslav Stampar	f542e828d2	Fixes #2364	2017-01-20 13:11:12 +01:00
Miroslav Stampar	cf182882b1	Minor update	2017-01-18 10:40:39 +01:00
Miroslav Stampar	dd5ac6f1e7	Fixes #2357	2017-01-18 10:33:54 +01:00
Miroslav Stampar	1e7a453ff6	Fixes #2356	2017-01-18 10:19:23 +01:00
Miroslav Stampar	138aa6db65	Patch for an Issue #2351	2017-01-16 15:23:38 +01:00
Miroslav Stampar	121f0376ea	Implementation for #2351	2017-01-16 14:29:23 +01:00
Miroslav Stampar	dfc684640a	Proper implementation for #2347	2017-01-16 14:01:44 +01:00
Miroslav Stampar	104fbc80af	Patch for #2348	2017-01-16 13:53:46 +01:00
Miroslav Stampar	cadba37059	Proper implementation for #2350	2017-01-16 13:44:46 +01:00
Miroslav Stampar	750d57ec96	Fixed bug reported privately via email	2017-01-13 14:41:41 +01:00
Miroslav Stampar	9a86365d92	Fixes #2333	2017-01-08 01:21:31 +01:00
Miroslav Stampar	f794d9d5a5	Fixes #2328	2017-01-02 15:26:32 +01:00
Miroslav Stampar	c29db43bfa	Minor refactoring	2017-01-02 15:14:59 +01:00
Miroslav Stampar	e0eeed0a96	Minor update	2017-01-02 14:31:19 +01:00
Miroslav Stampar	55272f7a3b	New version preparation	2017-01-02 14:19:18 +01:00
Miroslav Stampar	6ff07f01eb	Fixes #2326	2016-12-31 13:39:22 +01:00
Miroslav Stampar	1c737d7515	Fixes #2322	2016-12-28 22:11:14 +01:00
Miroslav Stampar	89bbf5284c	Adding new option --param-exclude on private request	2016-12-25 23:16:44 +01:00
Miroslav Stampar	44b00d629d	Fixes #2312	2016-12-21 10:33:35 +01:00
Miroslav Stampar	afc3b30c41	Minor refactoring	2016-12-20 09:56:44 +01:00
Miroslav Stampar	17c556a63d	Minor patches (and one bug from ML)	2016-12-20 09:53:44 +01:00
Miroslav Stampar	edc6f47758	Some refactoring	2016-12-19 23:47:39 +01:00
Miroslav Stampar	bb6e8fd4ce	Minor bug fix (reported privately via email)	2016-12-15 16:09:09 +01:00
Miroslav Stampar	c54c2204a1	Fixes #2303	2016-12-12 10:47:05 +01:00
Miroslav Stampar	f7f33bef9f	Minor patches	2016-12-09 23:19:03 +01:00
Miroslav Stampar	4bd7d81cea	Patches #2300	2016-12-09 23:14:18 +01:00
Miroslav Stampar	f6815df5c3	Fixes #2302	2016-12-09 23:10:14 +01:00
Miroslav Stampar	42cea2e03c	Better git clone (faster; without too much commit history)	2016-12-08 11:04:42 +01:00
Miroslav Stampar	52177065ca	Patch for an Issue #2297	2016-12-06 15:43:09 +01:00
Miroslav Stampar	e74149970b	Minor debug update	2016-12-03 22:06:18 +01:00
Miroslav Stampar	90b0ac37c8	New WAF script (AWS WAF)	2016-12-01 23:09:06 +01:00
Miroslav Stampar	63a74777f2	Minor update	2016-12-01 23:08:49 +01:00
Miroslav Stampar	4ac319b074	Adding new tamper script plus2concat (thank you Luka Pusic)	2016-12-01 22:28:07 +01:00
Miroslav Stampar	2a754eef1c	Adding switch --ignore-redirects (Issue #2286)	2016-11-25 13:32:28 +01:00
Miroslav Stampar	4e1bdb0c70	Minor update	2016-11-25 12:34:13 +01:00
Miroslav Stampar	c35ba8b226	Fixes #2279	2016-11-17 22:34:10 +01:00
Miroslav Stampar	7e6879ec41	Minor patch for #2272	2016-11-11 13:46:41 +01:00
Miroslav Stampar	ea961678ee	Fixes #2273	2016-11-11 10:28:50 +01:00
Miroslav Stampar	d4414e6631	Minor misspell	2016-11-11 10:21:57 +01:00
Miroslav Stampar	eb098f6527	Fixes #2268	2016-11-09 12:27:10 +01:00
Miroslav Stampar	5772d8904d	Fixes #2266	2016-11-09 12:20:54 +01:00
Miroslav Stampar	7000373c4b	Minor patch	2016-11-09 12:18:15 +01:00
Miroslav Stampar	a60c9b0dcc	Minor patch	2016-11-09 11:29:08 +01:00
Miroslav Stampar	2eb7a1d264	Patch related to the #2265	2016-11-07 23:14:17 +01:00
Miroslav Stampar	13f0949f9e	Another patch for #1596	2016-11-07 09:31:07 +01:00
Miroslav Stampar	076a42cbfe	Patch related to the #1596	2016-11-07 09:28:00 +01:00
Miroslav Stampar	ce19525bc3	Fixes #2262	2016-11-05 22:36:58 +01:00
Miroslav Stampar	6da2e49100	Fixes #2261	2016-11-04 15:04:38 +01:00
Miroslav Stampar	1e44c4d669	Patch related to #2257	2016-11-02 12:04:21 +01:00
Miroslav Stampar	10097dd124	Fixes #2253	2016-10-29 00:13:04 +02:00
Miroslav Stampar	f4e36fc049	Patch for an Issue #2252	2016-10-28 11:52:48 +02:00
Miroslav Stampar	083ce111f0	Minor speed up	2016-10-26 22:33:04 +02:00
Miroslav Stampar	044f05e772	Fixes #2246	2016-10-24 23:52:33 +02:00
Miroslav Stampar	6f343080e8	Fixes #2245	2016-10-24 23:33:49 +02:00
Miroslav Stampar	25c34c7728	Fixes #2244	2016-10-24 23:29:18 +02:00
Miroslav Stampar	d2bbe80455	Fixes #2243	2016-10-22 22:07:29 +02:00
Miroslav Stampar	0398cbdc76	Minor refactoring	2016-10-22 21:52:18 +02:00
Miroslav Stampar	e0149e1c5f	Minor update	2016-10-21 13:05:45 +02:00
Miroslav Stampar	d605b3af3c	Revisiting banner xmls (Issue #2239)	2016-10-21 13:01:28 +02:00
Miroslav Stampar	5c80e988ba	Fixes #2238	2016-10-20 00:47:53 +02:00
Miroslav Stampar	10ffcb8b00	Fixes #2237	2016-10-20 00:19:16 +02:00
Miroslav Stampar	38d74cf61c	Minor update	2016-10-19 13:07:25 +02:00
Miroslav Stampar	1db6953f08	Proper fix for #2236	2016-10-18 20:17:51 +02:00
Miroslav Stampar	d431c7d155	Fixes #2236	2016-10-18 20:07:19 +02:00
Miroslav Stampar	5ab4d54df0	Minor update of THIRD-PARTY.md	2016-10-18 13:49:29 +02:00
Miroslav Stampar	877d46e9f7	Fixes #2234	2016-10-18 13:46:56 +02:00
Miroslav Stampar	7e69cc112f	Fixes #2235	2016-10-18 13:37:36 +02:00
Miroslav Stampar	5b14eecd25	Bug fix (reconnecting in case of timeouted direct connection)	2016-10-17 22:55:07 +02:00
Miroslav Stampar	24eaf55dc8	Removing bad decision for -d (user should be able to choose)	2016-10-17 22:32:23 +02:00
Miroslav Stampar	6be10b307d	Minor patch	2016-10-17 22:02:41 +02:00
Miroslav Stampar	91ad71b1e0	Minor cosmetics	2016-10-17 12:36:42 +02:00
Miroslav Stampar	c293a6a25a	Fixes #2229 and #2230	2016-10-15 09:53:12 +02:00
Miroslav Stampar	b1175017f9	Minor update regarding to the last commit	2016-10-15 00:54:32 +02:00
Miroslav Stampar	75c9f91f11	Fixes #2226	2016-10-15 00:51:35 +02:00
Miroslav Stampar	9ff2dcf1c1	Fixes #2228	2016-10-15 00:16:53 +02:00
Miroslav Stampar	6c4e9ae427	Updating SocksiPy to PySocks (updated fork)	2016-10-14 23:16:26 +02:00
Miroslav Stampar	748e94dcee	Minor update for #2224	2016-10-13 23:25:46 +02:00
Miroslav Stampar	f389bd71c0	Implementation for an Issue #2224	2016-10-13 23:17:54 +02:00
Miroslav Stampar	1126ff86ce	Fixes #2223	2016-10-13 23:07:11 +02:00
Miroslav Stampar	79377fedab	Minor update	2016-10-13 23:06:04 +02:00
Miroslav Stampar	5d2972f362	Implementation for an Issue #2221	2016-10-11 17:33:36 +02:00
Miroslav Stampar	ae465bbaf8	Minor revert of leftover	2016-10-11 01:09:30 +02:00
Miroslav Stampar	1b95dd2d9d	Fix for a bug reported privately by user (in some cases data has not been retrieved)	2016-10-11 01:07:31 +02:00
Miroslav Stampar	6130185ac6	Minor consistency update with the wiki	2016-10-11 00:35:39 +02:00
Miroslav Stampar	c92fde120d	Implements #2220	2016-10-10 23:27:41 +02:00
Miroslav Stampar	7eab1bcbf9	Automating even more switch --tor	2016-10-10 14:19:44 +02:00
Miroslav Stampar	4c05307357	Disabling socket pre-connect in case of --tor, --proxy and --proxy-file	2016-10-10 01:57:55 +02:00
Miroslav Stampar	0037c28e9e	Preventing obnoxious 'install git' on MacOS	2016-10-10 01:35:22 +02:00
Miroslav Stampar	2b279233b6	Fixes #2219	2016-10-09 14:19:40 +02:00
Miroslav Stampar	b51b80b174	Fix for a privately reported bug	2016-10-08 21:11:43 +02:00
Miroslav Stampar	e4b0ac9ae5	Minor update of common user columns	2016-10-07 14:48:05 +02:00
Miroslav Stampar	7f416846b7	Minor revisit of MsSQL error-based payloads	2016-10-06 23:50:32 +02:00
Miroslav Stampar	5b7254af96	Minor patch	2016-10-06 22:27:29 +02:00
Miroslav Stampar	c83d417298	Fixes #2212	2016-10-05 23:02:20 +02:00
Miroslav Stampar	b42dc6e7a5	Update of Oracle and PostgreSQL system databases/schemas	2016-10-05 17:58:35 +02:00
Miroslav Stampar	8124fe391d	Bug fix for using --search in combination with -D CD	2016-10-05 17:43:57 +02:00
Miroslav Stampar	833ca4b640	Minor refactoring	2016-10-05 17:41:02 +02:00
Miroslav Stampar	3b244858f8	Adding performance_schema as one more of MySQL's system database	2016-10-05 17:33:24 +02:00
Miroslav Stampar	6107696e25	Minor patch (--help should display basic help)	2016-10-05 17:01:58 +02:00
Miroslav Stampar	af1c9c7fb2	Related to the last commit	2016-10-04 23:48:09 +02:00
Miroslav Stampar	06b54ab134	Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems)	2016-10-04 23:43:00 +02:00
Miroslav Stampar	fee5c7bd7c	Adding two new payloads and minor cosmetics	2016-10-04 23:39:18 +02:00
Miroslav Stampar	fb8afc6add	Adding a new payload (Oracle boolean based on error response)	2016-10-04 22:12:00 +02:00
Miroslav Stampar	6c372a09bd	Minor update	2016-10-04 11:55:16 +02:00
Miroslav Stampar	171cf6f54d	Minor fine tuning for SQLi heuristic check	2016-10-04 11:32:06 +02:00
Miroslav Stampar	029bb5554d	Minor cleanup of user-agents	2016-10-04 10:48:10 +02:00
Miroslav Stampar	c69cb79d66	Fixes #2208	2016-10-04 10:39:28 +02:00
Miroslav Stampar	dc8301689e	Implementation for an Issue #2204	2016-10-02 11:13:40 +02:00
Miroslav Stampar	d1680b04f3	Minor code consistency update	2016-09-29 21:26:47 +02:00
Miroslav Stampar	b3b49b3492	Minor patch for --parse-errors	2016-09-29 18:07:00 +02:00
Miroslav Stampar	7a89433251	Minor patch	2016-09-29 18:02:20 +02:00
Miroslav Stampar	ced6711128	Playing a bit with logo	2016-09-29 15:59:28 +02:00
Miroslav Stampar	bdf76f8d4d	Revisiting user-agents (newer versions of mainstream browsers)	2016-09-29 15:21:32 +02:00
Miroslav Stampar	571ae174bd	Minor language update	2016-09-29 14:55:43 +02:00
Miroslav Stampar	332726356c	Minor language update	2016-09-29 14:03:46 +02:00
Miroslav Stampar	4ea9d3b884	Replacing generic concatenation || with CONCAT (far better choice)	2016-09-29 13:35:16 +02:00
Miroslav Stampar	3409953538	Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows)	2016-09-29 12:59:51 +02:00
Miroslav Stampar	3b3ab072e6	Adding short option(s) for setting verbosity (e.g. -vvv)	2016-09-29 11:19:25 +02:00
Miroslav Stampar	fef407e09c	Making HTTP requests up to 20% smaller (fine tuning the request headers)	2016-09-29 10:44:00 +02:00
Miroslav Stampar	5afccce3c6	Minor patch	2016-09-28 16:56:47 +02:00
Miroslav Stampar	e439095593	Bug fix for MySQL's --os-pwn	2016-09-28 15:39:34 +02:00
Miroslav Stampar	e77126e847	Removing obsolete functionality	2016-09-28 15:00:26 +02:00
Miroslav Stampar	3ef01f0e31	Minor update	2016-09-28 14:48:33 +02:00
Miroslav Stampar	d36b5c0a4b	Adding time-based blind (heavy query) payloads for Informix (Issue #552)	2016-09-28 10:30:09 +02:00
Miroslav Stampar	e5a758bdf4	Fixes #2192	2016-09-28 09:55:14 +02:00
Miroslav Stampar	617509869d	Minor patch for Informix --parse-errors	2016-09-27 14:58:10 +02:00
Miroslav Stampar	5079c42788	Adding Informix parameter replacement payloads (Issue #552)	2016-09-27 14:39:17 +02:00
Miroslav Stampar	bc7ab01066	Bug fix for generic parameter replacement (CASE)	2016-09-27 14:29:18 +02:00
Miroslav Stampar	212c1ec1f2	Couple of fixes and some testing stuff	2016-09-27 14:03:59 +02:00
Miroslav Stampar	381deb68ff	Implementation for an Issue #2137	2016-09-27 13:26:11 +02:00
Miroslav Stampar	ba0facb5eb	Removal of unused imports	2016-09-27 11:23:31 +02:00
Miroslav Stampar	7151df16f6	Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs)	2016-09-27 11:21:12 +02:00
Miroslav Stampar	8994bf2dba	Further dealing with time-based SQLi (Issue #1973)	2016-09-27 10:32:22 +02:00
Miroslav Stampar	09617c8243	Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973	2016-09-27 10:20:36 +02:00
Miroslav Stampar	556b4d289e	Minor cosmetic patch (removing multiple same content '...appears...' messages)	2016-09-26 17:02:40 +02:00
Miroslav Stampar	978f56ad10	One more commit for #552 (--passwords)	2016-09-26 16:38:03 +02:00
Miroslav Stampar	aa0b97b562	Support for Informix --roles/--privileges (Issue #552)	2016-09-26 14:20:04 +02:00
Miroslav Stampar	df645d7d3d	Update for column types (Issue #552)	2016-09-23 18:03:31 +02:00
Miroslav Stampar	035137ef4e	Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used)	2016-09-23 17:38:14 +02:00
Miroslav Stampar	484d9a4825	Implementation of --dump for Informix (Issue #552)	2016-09-23 17:21:48 +02:00
Miroslav Stampar	65c305cff0	Fixes #2174	2016-09-23 15:41:12 +02:00
Miroslav Stampar	9a5fc5ccf4	New auxiliary (extra) file (for administration purposes)	2016-09-23 13:57:18 +02:00
Miroslav Stampar	51a1973224	Stripping PostgreSQL .so files for size issues (Issue #2173)	2016-09-23 13:52:57 +02:00
Miroslav Stampar	2f2a63334a	Minor cleanup	2016-09-23 13:39:27 +02:00
Miroslav Stampar	23afeb4c7a	Fixes #2176	2016-09-23 13:37:44 +02:00
Miroslav Stampar	b387fb219d	Fixes #2175	2016-09-23 12:45:06 +02:00
Miroslav Stampar	1b48ff223d	Adding initial support for Informix (Issue #552)	2016-09-23 12:33:27 +02:00
Miroslav Stampar	640e605412	More CTF friendly (common column and table name flag :)	2016-09-23 12:31:28 +02:00
Miroslav Stampar	e10bb42597	Minor tweak	2016-09-22 10:22:48 +02:00
Miroslav Stampar	9902018cab	Implementation for an Issue #2172	2016-09-21 15:45:55 +02:00
Miroslav Stampar	56a918c408	Minor refactoring	2016-09-20 10:03:00 +02:00
Miroslav Stampar	bcd62ecc5b	Minor optimization (avoiding unnecessary deepcopies)	2016-09-20 09:56:08 +02:00
Miroslav Stampar	e519484230	Patching live-testing	2016-09-19 15:51:28 +02:00
Miroslav Stampar	a2c8f1deb1	Update PgSQL fingerprinting payloads	2016-09-19 14:23:51 +02:00
Miroslav Stampar	12dc53f687	Minor update	2016-09-19 13:54:06 +02:00
Miroslav Stampar	b3b5bd267d	Adding new tamper script (on request from @MilanGabor)	2016-09-15 17:59:01 +02:00
Miroslav Stampar	921a53e314	Patch for counter in --smoke-test	2016-09-09 14:59:22 +02:00
Miroslav Stampar	32dd4a938c	Minor patch of message	2016-09-09 11:37:16 +02:00
Miroslav Stampar	9930f1b55b	Speed optimization(s)	2016-09-09 11:06:38 +02:00
Miroslav Stampar	8581d9e2ca	Minor improvement of SELECT_FROM_TABLE_REGEX	2016-09-09 09:45:48 +02:00
Miroslav Stampar	1a613ed9a8	Minor update	2016-09-08 14:08:14 +02:00
Miroslav Stampar	78e398d9c4	Fixes #2136	2016-09-06 15:03:17 +02:00
Miroslav Stampar	e3c3c2c185	Fixes #2148	2016-09-06 14:25:29 +02:00
Miroslav Stampar	4e36bbaff9	Update related to the last commit	2016-09-04 03:09:28 +02:00
Miroslav Stampar	603e9739ae	Fixes #2146	2016-09-04 01:33:52 +02:00
Miroslav Stampar	6b91b7b7fa	Minor cosmetics	2016-09-02 16:10:11 +02:00
Miroslav Stampar	2e62fda57d	Minor update	2016-09-02 15:55:33 +02:00
Miroslav Stampar	5ad27264a2	Patches #2143	2016-09-02 15:52:07 +02:00
Miroslav Stampar	c4d8cab50c	Version string bug fix	2016-09-02 14:25:56 +02:00
Miroslav Stampar	577e346774	Fixes #2144	2016-09-02 14:20:17 +02:00
Miroslav Stampar	375abd50ee	Minor update for #2134	2016-08-30 12:36:32 +02:00
Miroslav Stampar	4a815ab56f	Patch for an Issue #1250	2016-08-27 23:54:09 +02:00
Miroslav Stampar	6564adc984	Minor patch for buffered write into checksum.md5	2016-08-27 23:34:12 +02:00
Miroslav Stampar	ad5b8017f5	Minor refactoring	2016-08-26 12:28:35 +02:00
Miroslav Stampar	72e5a79288	Fixes #2106	2016-08-19 11:07:42 +02:00
Miroslav Stampar	63f4b3462f	Fixes #2105	2016-08-15 18:35:04 +02:00
Miroslav Stampar	a45a90df94	Adding new WAF script (Yunsuo)	2016-08-12 14:32:03 +02:00
Miroslav Stampar	ec1ac81e0a	Minor refactoring	2016-08-08 16:08:16 +02:00
Miroslav Stampar	6ba46bf7cf	Update for #2086 (lowercasing only the command)	2016-08-08 15:55:39 +02:00
Miroslav Stampar	b92fc840fe	Adding pypi script to the repository	2016-08-02 13:21:05 +02:00
Miroslav Stampar	ef79bbf7d2	Minor patch	2016-08-02 12:38:57 +02:00
Miroslav Stampar	fba1199cd2	Minor consistency update	2016-08-02 12:05:39 +02:00
Miroslav Stampar	4022a68523	Removing last debug commit	2016-08-02 12:01:49 +02:00
Miroslav Stampar	67bc3ed359	Trying out the last commit	2016-08-02 12:01:02 +02:00
Miroslav Stampar	a0ddd99087	Minor update for automatic PyPI packaging	2016-08-02 12:00:21 +02:00
Miroslav Stampar	2a7ef58c9f	Minor refactoring	2016-08-02 11:55:11 +02:00
Miroslav Stampar	35010006a1	Some cosmetic changes	2016-08-02 11:50:42 +02:00
Miroslav Stampar	acfe788c95	Preparing for #1250	2016-08-02 00:17:59 +02:00
Miroslav Stampar	5ccb73a1ee	Minor patch for Python3 check	2016-07-29 15:30:59 +02:00
Miroslav Stampar	6ac5b6b759	Minor refactoring	2016-07-28 17:04:15 +02:00
Miroslav Stampar	d82f20abc4	Fixes #2068	2016-07-28 17:02:27 +02:00
Miroslav Stampar	10eafa35fd	Adding CloudFlare CAPTCHA warning	2016-07-23 23:02:15 +02:00
Miroslav Stampar	9105f259cd	Fixes #2060 (ParseError has been added in Python 2.7)	2016-07-23 15:27:25 +02:00
Miroslav Stampar	7cca56edfa	Fixes #2052	2016-07-21 09:38:52 +02:00
Miroslav Stampar	e21d751834	Fixes #2049	2016-07-20 20:04:44 +02:00
Miroslav Stampar	ebb73b71fa	Fixes #2045	2016-07-20 16:49:27 +02:00
Miroslav Stampar	1ca633ae64	Fixes #2031	2016-07-17 23:30:40 +02:00
Miroslav Stampar	3e22cbfed7	Minor update	2016-07-17 00:34:14 +02:00
Miroslav Stampar	c7f615f707	Renaming payload files (consistency with the rest of the project)	2016-07-17 00:21:16 +02:00
Miroslav Stampar	b83ee92cd1	Minor modification	2016-07-17 00:09:09 +02:00
Miroslav Stampar	571d669a09	Minor modification	2016-07-17 00:07:58 +02:00
Miroslav Stampar	e485531b71	Adding integrity checks in case of unhandled exceptions	2016-07-17 00:04:30 +02:00
Miroslav Stampar	7427b554e3	Adding support for integrity checks	2016-07-16 23:25:13 +02:00
Miroslav Stampar	1a818ceccd	Adding error message regarding #2030	2016-07-16 22:47:16 +02:00
Miroslav Stampar	7fea8d608e	Fixes #2028	2016-07-16 22:42:15 +02:00
Miroslav Stampar	1e6191e3b1	Fixes #2026	2016-07-16 15:51:09 +02:00
Miroslav Stampar	c10b2825d7	Patch for --os-shell against Windows/MySQL where resulting \r caused trouble	2016-07-15 11:56:51 +02:00
Miroslav Stampar	c200b2cb19	Another fix (related to the last commit)	2016-07-15 11:45:59 +02:00
Miroslav Stampar	071f4c8a2b	Bug fix (reported privately) - better parsing of file paths (especially for Windows cases)	2016-07-15 11:13:47 +02:00
Miroslav Stampar	5097a2c79e	Less timeout error messages (because of server dropping of non-active connections)	2016-07-15 00:33:33 +02:00
Miroslav Stampar	bce9db1af5	Adding support for --columns too (Issue #2025)	2016-07-15 00:10:41 +02:00
Miroslav Stampar	ca67456dbe	Removing a debugging leftover (Issue #2025)	2016-07-14 23:39:44 +02:00
Miroslav Stampar	6df4d73b09	Implementation for an Issue #2025	2016-07-14 23:18:28 +02:00
Miroslav Stampar	2aaa486f7a	Minor code style update	2016-07-13 14:09:33 +02:00
Miroslav Stampar	47ba7d4705	Minor update	2016-07-07 10:37:00 +02:00
Miroslav Stampar	2e42afea6f	Update of sucury WAF script	2016-07-06 23:43:21 +02:00
Miroslav Stampar	292a28131d	Minor updates	2016-07-06 23:43:10 +02:00
Miroslav Stampar	2e775fbb75	(e.g.) ASPx MsSQL Chinese exception messages don't start with 'Exception: string'	2016-07-06 14:06:18 +02:00
Miroslav Stampar	e1d7641b8a	Good for different generic OleDB-alike connectors	2016-07-06 13:48:35 +02:00
Miroslav Stampar	6b0951d1ee	Switching default Tor type to SOCKS5 (various bundles are discontinued)	2016-07-06 13:30:46 +02:00
Miroslav Stampar	db1fc621b5	Update for SonicWALL WAF script; lesser false positives with ModSecurity WAF script	2016-07-06 13:19:51 +02:00
Miroslav Stampar	9351756c36	Minor update of format exception strings	2016-07-05 16:02:34 +02:00
Miroslav Stampar	63b645c64c	Removing a debugging leftover	2016-07-05 09:32:30 +02:00
Miroslav Stampar	7ad49f4185	Less problematic regexes for MsSQL errors	2016-07-05 09:32:08 +02:00
Miroslav Stampar	d9315830f9	Less problematic regex for MsSQL errors	2016-07-05 09:20:04 +02:00
Miroslav Stampar	2e2c62b6a7	More error regexes	2016-07-04 17:24:17 +02:00
Miroslav Stampar	53289b0234	Some more Informix error regexes	2016-07-04 10:03:36 +02:00
Miroslav Stampar	dd082ef79d	Minor update (new error regex for Informix)	2016-07-04 09:49:18 +02:00
Miroslav Stampar	2c968f9a35	Closes #2007	2016-07-04 09:12:30 +02:00
Miroslav Stampar	74d0315fef	Update related to the last commit	2016-07-03 02:14:23 +02:00
Miroslav Stampar	ae98159130	Automatic monthly tagging	2016-07-03 02:03:30 +02:00
Miroslav Stampar	3a9e36c52b	Reintroducing stacked queries removed in 79d08906a4 (good for WAF bypass)	2016-07-03 02:03:30 +02:00
Miroslav Stampar	cb43c03712	Definite patch for MemoryError(s) (fixes #1991)	2016-06-30 14:57:56 +02:00
Miroslav Stampar	65a0f15f69	Minor update (error regex for PHP's sqlsrv module)	2016-06-28 15:13:37 +02:00
Miroslav Stampar	98b77d32cc	Minor update	2016-06-27 11:16:41 +02:00
Miroslav Stampar	86a3569ccb	New WAF script (SonicWALL)	2016-06-26 16:42:05 +02:00
Miroslav Stampar	17fca351d3	Minor update	2016-06-26 16:26:13 +02:00
Miroslav Stampar	2614e7bec1	Minor update	2016-06-26 16:23:39 +02:00
Miroslav Stampar	832c6e806f	Revert of last commit	2016-06-26 15:59:35 +02:00
Miroslav Stampar	7b334b0808	'Conversion failed' happens in regular SQLi on MsSQL	2016-06-26 15:57:11 +02:00
Miroslav Stampar	aa9151785e	Minor update	2016-06-26 15:37:30 +02:00
Miroslav Stampar	6bdef1b7da	Minor update	2016-06-26 01:46:49 +02:00
Miroslav Stampar	8b4367d354	Revert of last commit	2016-06-26 01:42:21 +02:00
Miroslav Stampar	0a9d69a7d0	Minor patch	2016-06-26 01:10:47 +02:00
Miroslav Stampar	a4b60dc00f	New error regex for MsSQL	2016-06-26 00:40:54 +02:00
Miroslav Stampar	f91ae32284	Minor update (to not confuse S3 vs Cloudfront)	2016-06-24 13:39:13 +02:00
Miroslav Stampar	53fc9d6720	Fixes #1990	2016-06-24 13:31:19 +02:00
Miroslav Stampar	0b31568306	Minor update	2016-06-24 13:28:08 +02:00
Miroslav Stampar	e9407cf791	Cleaning some garbage boundaries (it doesn't make any sense to use %00 as prefix)	2016-06-23 22:57:59 +02:00
Miroslav Stampar	0175acd028	Bug fix (in some cases lack of warning message for SQLi appearing)	2016-06-23 17:52:37 +02:00
Miroslav Stampar	733a32de32	Minor patch	2016-06-23 12:09:51 +02:00
Miroslav Stampar	1b863ecf93	Far better detection of SecureIIS (WAF)	2016-06-23 12:03:05 +02:00
Miroslav Stampar	ec06037335	Update of bigip waf script	2016-06-23 11:41:49 +02:00
Miroslav Stampar	0cdb62a1b5	Adding new waf script (armor)	2016-06-23 11:15:31 +02:00
Miroslav Stampar	99454198b8	Minor refactoring	2016-06-20 10:01:57 +02:00
Miroslav Stampar	dd6287ace8	Fixes #1972	2016-06-20 09:59:50 +02:00
Miroslav Stampar	786460e3b4	Minor just in case patch	2016-06-19 17:44:47 +02:00
Miroslav Stampar	419cf979f1	Showing again the 'shutting down at ...' message	2016-06-19 17:17:01 +02:00
Miroslav Stampar	30be875304	Patch for an Issue #1968	2016-06-18 01:21:57 +02:00
Miroslav Stampar	7d011bc811	Fixes #1964	2016-06-17 17:07:44 +02:00
Miroslav Stampar	b2c4a3b247	Fixes #1960	2016-06-17 16:54:23 +02:00
Miroslav Stampar	9d9592a69b	Fixes #1963	2016-06-17 16:51:23 +02:00
Miroslav Stampar	cb42294a7e	Minor message update	2016-06-15 07:57:10 +02:00
Miroslav Stampar	146762c109	Minor update	2016-06-15 07:54:47 +02:00
Miroslav Stampar	494b9d1586	Fixes #1943	2016-06-13 15:30:38 +02:00
Miroslav Stampar	2e95fdb52d	Fixes #1947	2016-06-13 14:50:44 +02:00
Miroslav Stampar	46736cac7b	Fixes #1931	2016-06-10 18:41:41 +02:00
Miroslav Stampar	041213f22d	Fixes #1935	2016-06-10 18:18:48 +02:00
Miroslav Stampar	8ca45c5678	Fixes #1936	2016-06-10 18:02:24 +02:00
Miroslav Stampar	c6eec8db97	Fixes #1938	2016-06-10 17:52:22 +02:00
Miroslav Stampar	98fdc493f4	Proper patch for #1923 (Fixes #1940, #1941)	2016-06-10 17:42:11 +02:00
Miroslav Stampar	91372bff87	Fixes #1932	2016-06-08 08:20:54 +02:00
Miroslav Stampar	7fb9db42a7	Performing a backup of old dump file (Issue #841)	2016-06-05 12:37:19 +02:00
Miroslav Stampar	82382957f9	Minor refactoring	2016-06-05 12:25:42 +02:00
Miroslav Stampar	f034122bd0	Fixes #1920	2016-06-05 12:14:01 +02:00
Miroslav Stampar	0df2456f34	Fixes #1923	2016-06-03 16:06:29 +02:00
Miroslav Stampar	78fdb27a0b	More improvements	2016-06-03 15:51:52 +02:00
Miroslav Stampar	350baf0a0a	Minor update	2016-06-03 14:29:32 +02:00
Miroslav Stampar	9886b646eb	Proper update regarding the last commit	2016-06-03 14:18:28 +02:00
Miroslav Stampar	c5197b99a0	Minor patch and minor improvement	2016-06-03 13:59:32 +02:00
Miroslav Stampar	cc313280af	Payload that never ever worked (now fixed)	2016-06-03 13:16:00 +02:00
Miroslav Stampar	f06ff42c58	This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE)	2016-06-03 10:42:57 +02:00
Miroslav Stampar	4bc1cf4518	Vastly better patch for MsSQL payloads	2016-06-03 10:29:04 +02:00
Miroslav Stampar	0e65043c84	Minor adjustment	2016-06-03 09:48:49 +02:00
Miroslav Stampar	d7d565415a	Patch for MySQL fingerprinting	2016-06-03 02:31:31 +02:00
Miroslav Stampar	0986ec8948	Update for Oracle fingerprinting	2016-06-03 02:27:59 +02:00
Miroslav Stampar	50bced511f	Adding support for fingerprinting MsSQL 2014 and 2016	2016-06-03 02:24:19 +02:00
Miroslav Stampar	e275e8c0b0	Fixes #1921	2016-06-03 02:02:11 +02:00
Miroslav Stampar	77dea38ac1	Fixes #1918	2016-06-03 00:37:18 +02:00
Miroslav Stampar	7dc2ec5fd8	Minor touch	2016-06-01 20:42:09 +02:00
Miroslav Stampar	4bf2e3b139	Minor update	2016-06-01 20:37:05 +02:00
Miroslav Stampar	8114c14755	Removing leftover	2016-06-01 16:32:22 +02:00
Miroslav Stampar	ec8cf6aadc	Adding support for detecting CAPTCHA	2016-06-01 15:48:04 +02:00
Miroslav Stampar	d326965966	Reordering MySQL's error-based payloads (BIGINT and EXP have crazy bigger chunk lenghts)	2016-06-01 14:12:22 +02:00
Miroslav Stampar	030df0353d	Removing ugly legacy code (e.g. showing MySQL 5.0 when it is e.g. '5.7.8')	2016-06-01 13:47:20 +02:00
Miroslav Stampar	5038d7a70a	Removing ugly boolean check results (0 or 1) in output of UNION and ERROR SQLi	2016-06-01 13:39:40 +02:00
Miroslav Stampar	f0b8fbb7fd	Implemented support for JSON_KEYS error-based SQLi (and tons of fixes for MySQL 'ORDER BY,GROUP BY' payloads)	2016-06-01 13:23:41 +02:00
Miroslav Stampar	5810c2b199	Minor patch	2016-06-01 11:30:27 +02:00
Miroslav Stampar	77f0b5dfa8	Fixes #1919	2016-06-01 10:56:42 +02:00
Miroslav Stampar	b0ea74dc63	Minor warning message update	2016-06-01 10:53:32 +02:00
Miroslav Stampar	0c07c8942c	Automatic monthly tagging	2016-06-01 10:44:08 +02:00
Miroslav Stampar	7d1bdb35ca	Update of parsed versions	2016-06-01 10:44:08 +02:00
Miroslav Stampar	e823889819	Update for JSP exceptions	2016-05-31 15:35:10 +02:00
Miroslav Stampar	680aedaefc	Adding option --tmp-dir	2016-05-31 14:55:56 +02:00
Miroslav Stampar	afdca09ced	Minor patches (proper user warnings in case of output directory permissions)	2016-05-31 14:05:35 +02:00
Miroslav Stampar	ac89ee71c3	Minor improvement	2016-05-31 13:29:43 +02:00
Miroslav Stampar	af7c8cff92	Bug fix (previously removing temporary directory even if it is needed afterwards)	2016-05-31 13:21:08 +02:00
Miroslav Stampar	26d4dec5fb	Minor refactoring	2016-05-31 13:02:26 +02:00
Miroslav Stampar	cf31d12528	Adding support for python's cgitb tracebacks	2016-05-31 12:33:56 +02:00
Miroslav Stampar	b4c730f8c0	Minor refactoring	2016-05-31 12:23:59 +02:00
Miroslav Stampar	fba1720b31	Minor patch	2016-05-31 11:16:13 +02:00
Miroslav Stampar	9fad72f28b	Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion)	2016-05-31 11:08:23 +02:00
Miroslav Stampar	1782bf8e64	Adding support for parsing ODBC/JDBC error messages	2016-05-31 10:49:34 +02:00
Miroslav Stampar	2d59a10515	Better patch than last commit	2016-05-31 10:25:01 +02:00
Miroslav Stampar	21a25c4f00	Bug for fix comments in case of MsAccess	2016-05-31 10:24:13 +02:00
Miroslav Stampar	6b5c16c22c	Minor update for ColdFusion error messages	2016-05-31 09:54:14 +02:00
Miroslav Stampar	2c6621c26a	Minor upgrade for WAF/IDS/IPS detection	2016-05-31 09:49:50 +02:00
Miroslav Stampar	f0500b1d2f	Minor update for ColdFusion path regexes	2016-05-31 09:35:58 +02:00
Miroslav Stampar	6a033bb58c	Minor update for ColdFusion type casting	2016-05-31 09:31:32 +02:00
Miroslav Stampar	2fa4b22645	Patch for URL encoding cookie values (asking the user to choose)	2016-05-30 17:47:08 +02:00
Miroslav Stampar	229d3a7dd0	Patch for cases when error page looks more like original, than the False one does	2016-05-30 16:46:23 +02:00
Miroslav Stampar	b965e5bf1c	Minor refactoring	2016-05-30 16:06:39 +02:00
Miroslav Stampar	3bd74c5351	Minor patch	2016-05-30 15:20:21 +02:00
Miroslav Stampar	55624ec1a2	Minor message update	2016-05-30 14:40:22 +02:00
Miroslav Stampar	6885afe8c3	Minor update for requestvalidationmode.py waf script	2016-05-30 14:26:55 +02:00
Miroslav Stampar	acc1277246	Minor update	2016-05-30 14:13:57 +02:00
Miroslav Stampar	935cb9c8cb	Patch for a custom header cookie urlencoding	2016-05-30 14:09:53 +02:00
Miroslav Stampar	17a4ddad63	Fixes #1916	2016-05-30 13:10:25 +02:00
Miroslav Stampar	5264671f5b	Dump formatting patch for MsAccess	2016-05-30 12:03:33 +02:00
Miroslav Stampar	b4ebbae354	New payload(s)	2016-05-30 11:25:24 +02:00
Miroslav Stampar	510197c39e	Minor text update	2016-05-30 10:52:30 +02:00
Miroslav Stampar	b6a4bd91fe	Minor text update	2016-05-30 10:51:35 +02:00
Miroslav Stampar	83b82a5e98	Bug fix (wrong handler used in case of DBMS resolution)	2016-05-30 10:32:49 +02:00
Miroslav Stampar	0b1efc0759	Minor update (for newer versions of MsSQL)	2016-05-30 01:38:34 +02:00
Miroslav Stampar	2b506d744d	Minor update	2016-05-30 01:29:40 +02:00
Miroslav Stampar	79d08906a4	Cleaning some redundant payload(s)	2016-05-27 23:59:48 +02:00
Miroslav Stampar	6327063bd0	Minor patch	2016-05-27 16:43:01 +02:00
Miroslav Stampar	69fd900108	Adding waf script for detection of generic/unknown	2016-05-27 16:34:41 +02:00
Miroslav Stampar	f9d01f682b	Cloudflare has tons of HTTP error codes while detecting SQLi	2016-05-27 15:58:16 +02:00
Miroslav Stampar	d7d3db415b	Minor update	2016-05-27 15:32:30 +02:00
Miroslav Stampar	31850e4544	Minor bug fixes	2016-05-27 13:58:18 +02:00
Miroslav Stampar	de9f23939f	Major bug fix in WAF/IDS/IPS detection (question 'do you want..to try to detect backend WAF/IPS/IDS' never worked)	2016-05-27 13:41:03 +02:00
Miroslav Stampar	154ed2c4e2	Minor patch	2016-05-27 13:33:14 +02:00
Miroslav Stampar	89dfe4e1ac	Adding wallarm WAF script (and couple of other WAF script updates)	2016-05-27 11:58:18 +02:00
Miroslav Stampar	b41b07ddd8	Updates for 360 and jiasule WAF scripts	2016-05-27 11:02:05 +02:00
Miroslav Stampar	e36fc02282	Adding sophos WAF script	2016-05-27 10:17:42 +02:00
Miroslav Stampar	49b41c1eca	Minor update for cloudflare waf script	2016-05-27 09:43:54 +02:00
Miroslav Stampar	4cd9fdb7df	Minor update for F5 waf script	2016-05-27 09:27:45 +02:00
Miroslav Stampar	5aab2d8fb5	Update for Akamai Kona WAF script	2016-05-27 09:22:39 +02:00
Miroslav Stampar	210b65c02d	Couple of fixes for --identify-waf	2016-05-27 02:24:59 +02:00
Miroslav Stampar	7a2ac23f0b	Adding new waf script (sitelock)	2016-05-27 02:13:01 +02:00
Miroslav Stampar	e435fb2e9e	Adding new waf script (comodo)	2016-05-27 01:23:20 +02:00
Miroslav Stampar	6892c94595	Minor update	2016-05-27 01:10:37 +02:00
Miroslav Stampar	831c960216	Update for an Issue #1899	2016-05-26 16:47:38 +02:00
Miroslav Stampar	43af2a4aee	Fixes #1899	2016-05-26 16:08:59 +02:00
Miroslav Stampar	1de6996c26	Fixes #1893	2016-05-25 15:43:39 +02:00
Miroslav Stampar	304f2ed308	Minor language patch	2016-05-25 15:32:17 +02:00
Miroslav Stampar	148b35da4f	Better extraction of absolute file paths	2016-05-25 15:29:25 +02:00
Miroslav Stampar	3865b3a398	Minor improvement in case of technique E (when waiting for large entry - lots of chunks)	2016-05-25 12:50:53 +02:00
Miroslav Stampar	d6bcbbae1d	Minor patch for E technique to be more compatible with output of U technique	2016-05-25 12:42:15 +02:00
Miroslav Stampar	04b3aefc5d	Patch for special character output in U and E techniques	2016-05-25 12:24:36 +02:00
Miroslav Stampar	a5f8cae599	Fixes #1892	2016-05-24 17:58:35 +02:00
Miroslav Stampar	29c3037512	Better asciinema recording (shorter width)	2016-05-24 17:26:10 +02:00
Miroslav Stampar	d0d7d3a205	Update of location of a sample run	2016-05-24 17:12:44 +02:00
Miroslav Stampar	7ce36ea1b6	Removal of unused imports	2016-05-24 16:40:44 +02:00
Miroslav Stampar	6f97f4796b	Fixes #1891	2016-05-24 16:34:07 +02:00
Miroslav Stampar	39fe96009f	Minor improvement (related to the last commit)	2016-05-24 16:20:39 +02:00
Miroslav Stampar	b475a38895	Better ORDER BY detection	2016-05-24 15:46:06 +02:00
Miroslav Stampar	42de887b05	Language update	2016-05-24 15:18:19 +02:00
Miroslav Stampar	28576bf08e	Minor output update	2016-05-24 15:08:04 +02:00
Miroslav Stampar	c395958dff	Fixes #1888	2016-05-24 14:55:19 +02:00
Miroslav Stampar	798b539eec	Minor update	2016-05-24 14:50:56 +02:00
Miroslav Stampar	70cf8edc75	Fixes #1887	2016-05-24 14:17:00 +02:00
Miroslav Stampar	a81ea88eb0	Fixes #1889	2016-05-24 13:59:34 +02:00
Miroslav Stampar	023dda26fc	Minor update for --os-shell directories	2016-05-24 12:53:21 +02:00
Miroslav Stampar	3e76895155	Minor update	2016-05-24 12:30:01 +02:00
Miroslav Stampar	2c1bd7f034	Update for an Issue #1531 (MySQL quirk with international letters)	2016-05-24 12:01:02 +02:00
Miroslav Stampar	f7cae68378	More formal language	2016-05-22 21:44:17 +02:00
Miroslav Stampar	f6ff1a115a	Better (automatic) picking of a --string candidate (especially in case of international pages)	2016-05-22 21:29:08 +02:00
Miroslav Stampar	32ee586e2a	Minor language update	2016-05-22 14:30:32 +02:00
Miroslav Stampar	b9e5655e3c	Proper naming	2016-05-22 14:26:36 +02:00
Miroslav Stampar	6623c3f877	Pesky bug fix (nobody noticed :)	2016-05-22 14:22:31 +02:00
Miroslav Stampar	30a4173249	I like users which don't know the difference between detection and identification	2016-05-22 12:40:23 +02:00
Miroslav Stampar	dbbe4c6ddd	Fixes #1884	2016-05-22 11:44:21 +02:00
Miroslav Stampar	633e4dfe48	Fixes #1886	2016-05-22 11:37:27 +02:00
Miroslav Stampar	5e8b105677	Fixes #1880	2016-05-19 19:46:12 +02:00
Miroslav Stampar	414dd96bbd	Minor update (warning on negative integer values provided)	2016-05-19 18:04:25 +02:00
Miroslav Stampar	e857c2a88a	Update for an Issue #1879	2016-05-19 13:50:31 +02:00
Miroslav Stampar	e7aaea2b8e	Update for an Issue #1826	2016-05-17 14:10:49 +02:00
Miroslav Stampar	63d7cd607e	Minor patch (for late threading issues)	2016-05-17 13:54:42 +02:00
Miroslav Stampar	d886b08dd9	Update for an Issue #1826	2016-05-17 13:45:03 +02:00
Miroslav Stampar	72f3185ae7	Fixes #1878	2016-05-17 10:47:17 +02:00
Miroslav Stampar	03be9f9b65	Minor removal of blank lines	2016-05-17 10:43:16 +02:00
Miroslav Stampar	d9d0865c13	Another patch for an Issue #1874	2016-05-16 17:09:05 +02:00
Miroslav Stampar	e3f54bc226	Minor patch for #1874	2016-05-16 16:53:28 +02:00
Miroslav Stampar	9662f4a56a	Minor update	2016-05-16 16:47:29 +02:00
Miroslav Stampar	fea5cc8579	Minor patch	2016-05-16 15:37:49 +02:00
Miroslav Stampar	94091cd0e9	Fixes #1871	2016-05-15 09:37:45 +02:00
Miroslav Stampar	cc9f4b6102	Minor refactoring for MariaDB	2016-05-14 15:05:50 +02:00
Miroslav Stampar	cd7c99c752	Minor revert (it was not necessary - caused other problems)	2016-05-14 14:48:17 +02:00
Miroslav Stampar	75478c1181	Fixes #1868	2016-05-14 14:18:34 +02:00
Miroslav Stampar	ad0ca69579	Fixes #1865	2016-05-13 15:14:56 +02:00
Miroslav Stampar	2d801b7122	Minor patch for an Issue #1861	2016-05-12 17:16:55 +02:00
Miroslav Stampar	1e07269fe3	Patch for an Issue #1860	2016-05-12 16:42:12 +02:00
Miroslav Stampar	3b74e99576	Minor update (support for MariaDB)	2016-05-11 15:47:35 +02:00
Miroslav Stampar	439fff684e	Minor update (MSSQL CONCAT payload)	2016-05-11 09:42:54 +02:00
Miroslav Stampar	72cf06119c	Patch for an Issue #1852	2016-05-10 09:55:03 +02:00
Miroslav Stampar	808068d70a	Minor update	2016-05-10 09:19:59 +02:00
Miroslav Stampar	f09072b2b6	Fixes #1853	2016-05-09 13:13:02 +02:00
Miroslav Stampar	be9381abc5	Implements #1845	2016-05-06 13:06:59 +02:00
Miroslav Stampar	5d09f7b85f	Fixes #1822	2016-05-06 10:32:16 +02:00
Miroslav Stampar	8bbfee7591	Cleaning a leftover from be26392057	2016-05-06 10:30:58 +02:00
Miroslav Stampar	be26392057	Update for an Issue #1846	2016-05-06 10:23:57 +02:00
Miroslav Stampar	263730f4ee	Fixes #1840	2016-05-04 13:23:59 +02:00
Miroslav Stampar	5d7e1782d9	Fixes #1839	2016-05-04 11:14:42 +02:00
Miroslav Stampar	e27f590c2c	Fixes #1838	2016-05-04 11:11:58 +02:00
Miroslav Stampar	7afe655561	Another minor update for #1836	2016-05-03 12:52:46 +02:00
Miroslav Stampar	3bf08290a4	Update for an Issue #1836	2016-05-03 12:37:10 +02:00
Miroslav Stampar	34c2172391	Fixes #1837	2016-05-03 11:38:47 +02:00
Miroslav Stampar	48044f7a46	Minor update of IDS_WAF_CHECK_PAYLOAD	2016-05-03 00:19:19 +02:00
Miroslav Stampar	04e666182f	Minor update of FORMAT_EXCEPTION_STRINGS	2016-05-02 23:44:43 +02:00
Miroslav Stampar	c797129956	Fixes #1833	2016-05-02 11:10:12 +02:00
Miroslav Stampar	6928dae956	Minor patch	2016-05-02 10:45:50 +02:00
Miroslav Stampar	6db3bcbb51	Minor update for UrlScan	2016-05-02 10:12:19 +02:00
Miroslav Stampar	d7f0b3566d	Automatic monthly tagging	2016-05-02 10:06:30 +02:00
Miroslav Stampar	0c67a90cc0	Minor bug fix	2016-05-02 10:06:30 +02:00
Miroslav Stampar	f06e498fb0	Implementation for an Issue #1826	2016-04-29 14:19:32 +02:00
Miroslav Stampar	ad612bf9e4	Patch for Windows banner display	2016-04-29 00:51:20 +02:00
Miroslav Stampar	9dd5cd8eb6	Removing CloudFlare check	2016-04-29 00:17:07 +02:00
Miroslav Stampar	5ed3cdc819	Minor update	2016-04-22 10:54:55 +02:00
Miroslav Stampar	0c5965c7b8	Minor patches	2016-04-19 13:13:37 +02:00
Miroslav Stampar	aa21550712	Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself)	2016-04-15 13:47:19 +02:00
Miroslav Stampar	66061e8c5f	Fixes #1811	2016-04-15 12:04:54 +02:00
Miroslav Stampar	c4b74c2e01	Fixes #1810	2016-04-12 22:37:14 +02:00
Miroslav Stampar	55b23e78ee	Fixes #1809	2016-04-12 22:10:26 +02:00
Miroslav Stampar	a9526bda92	Minor patch	2016-04-11 22:38:44 +02:00
Miroslav Stampar	0901da3f83	Update for an Issue #1807	2016-04-11 09:43:50 +02:00
Miroslav Stampar	8004652f7b	Some more optimization	2016-04-08 15:30:25 +02:00
Miroslav Stampar	c9b410c97f	Minor update	2016-04-08 14:59:52 +02:00
Miroslav Stampar	814d710320	Minor speed up	2016-04-08 14:41:34 +02:00
Miroslav Stampar	38fcc5a35a	Update for pre-WHERE payloads	2016-04-08 13:19:42 +02:00
Miroslav Stampar	674d516f3e	Minor patch	2016-04-08 11:40:09 +02:00
Miroslav Stampar	8ceb4907a5	Another update for Issue #1800	2016-04-08 11:37:38 +02:00
Miroslav Stampar	ce3749622a	Minor revisit of payload boundaries (Issue #1800)	2016-04-08 11:28:17 +02:00
Miroslav Stampar	bcfae99701	Adding new WAF script	2016-04-08 10:32:18 +02:00
Miroslav Stampar	44c1c2c6f0	Minor update (reported via email)	2016-04-06 11:43:53 +02:00
Miroslav Stampar	ac08db82b2	Including one more error regex (based on testasp[.]vulnweb[.]com)	2016-04-04 16:14:30 +02:00
Miroslav Stampar	305bfd9d30	Implements #1763	2016-04-04 13:50:10 +02:00
Miroslav Stampar	f9aaec7b4a	Minor patch (binary extensions)	2016-04-04 12:43:53 +02:00
Miroslav Stampar	d881a92ee7	Automatic monthly tagging	2016-04-04 12:38:37 +02:00
Miroslav Stampar	60ada89347	Trying once again	2016-04-04 12:38:37 +02:00
Miroslav Stampar	171bfa33a7	Automatic monthly tagging	2016-04-04 12:34:19 +02:00
Miroslav Stampar	acaef90c7b	Minor tuning of auto tagging	2016-04-04 12:34:19 +02:00
Miroslav Stampar	31d7021d4c	Fixes #1794	2016-04-04 12:25:07 +02:00
Miroslav Stampar	e83d8f6143	Updating colorama (Issue #1784)	2016-03-30 15:11:34 +02:00
Miroslav Stampar	ad3b766b65	Adding in-table name boundaries	2016-03-26 09:39:28 +01:00
Miroslav Stampar	074fbbcea5	Implementation for an Issue #1776	2016-03-23 15:45:49 +01:00
Miroslav Stampar	5b0d5970cc	Another patch related to the #1773	2016-03-23 10:33:32 +01:00
Miroslav Stampar	6c2f9859be	Potential patch for #1773	2016-03-23 10:26:22 +01:00
Miroslav Stampar	d496d99943	Fixes #1774	2016-03-22 13:24:54 +01:00
Miroslav Stampar	d20e9febf2	Fixes #1770	2016-03-19 17:40:05 +01:00
Miroslav Stampar	d76ee8f534	Further update for #1765	2016-03-17 17:06:11 +01:00
Miroslav Stampar	5b88e3e1ad	Minor update of version comment	2016-03-17 16:38:39 +01:00
Miroslav Stampar	a68848faf7	(Auto) adjusting micro version (to current month)	2016-03-17 16:31:34 +01:00
Miroslav Stampar	a4f21399e7	Fixes #1760	2016-03-17 16:23:28 +01:00
Miroslav Stampar	e03b2df58f	Fixes #1761	2016-03-14 17:21:35 +01:00
Miroslav Stampar	252eb97198	Patch related to the #1755	2016-03-12 19:28:28 +01:00
Miroslav Stampar	67ae620182	Another patch related to the #1752	2016-03-12 15:04:19 +01:00
Miroslav Stampar	13366aeb48	Fixes #1752	2016-03-12 12:26:30 +01:00
Miroslav Stampar	e1ce16144a	Fixes #1753	2016-03-10 15:42:01 +01:00
Miroslav Stampar	3307918389	Fixes #1750	2016-03-10 14:48:05 +01:00
Miroslav Stampar	c50849707f	Fixes #1748	2016-03-08 14:35:16 +01:00
Miroslav Stampar	06296bd251	Fixes #1743	2016-03-06 20:04:45 +01:00
Miroslav Stampar	0f6e529fb9	Fixes #1745	2016-03-06 12:14:20 +01:00
Miroslav Stampar	242800c085	Minor update related to the #1740	2016-03-01 15:40:34 +01:00
Miroslav Stampar	679f0cf772	Fixes #1738	2016-03-01 15:36:00 +01:00
Miroslav Stampar	1b5a4651a9	Trivial refactoring	2016-03-01 14:48:53 +01:00
Miroslav Stampar	05fa7eb7c6	Minor update	2016-03-01 11:56:56 +01:00
Miroslav Stampar	336169e181	Update of version display	2016-02-29 08:12:38 +01:00
Miroslav Stampar	b2bc3d49fd	Minor update	2016-02-29 00:52:46 +01:00
Miroslav Stampar	71aa7deefe	Minor beautification	2016-02-29 00:49:45 +01:00
Miroslav Stampar	cf5ae507c8	Minor update of READMEs	2016-02-29 00:44:08 +01:00
Miroslav Stampar	4898a2c332	Dummy commit	2016-02-29 00:30:37 +01:00
Miroslav Stampar	151dcee32e	Minor update	2016-02-29 00:23:59 +01:00
Miroslav Stampar	73f1155847	Adding new shutils file	2016-02-29 00:20:58 +01:00
Miroslav Stampar	adfcb1ad67	Adjusting version number	2016-02-27 15:59:52 +01:00
Miroslav Stampar	ee0439cf11	Update for #1678	2016-01-27 10:03:30 +01:00
Miroslav Stampar	c6c5a937f9	Minor style update	2016-01-21 10:17:17 +01:00
Miroslav Stampar	574b3a79aa	Adding support for detection of CloudFlare responses	2016-01-21 10:16:23 +01:00
Miroslav Stampar	8d42a93fdc	Fixes #1665	2016-01-16 08:13:56 +01:00
Miroslav Stampar	59695af101	Minor improvement of heuristic checks	2016-01-14 22:21:47 +01:00
Miroslav Stampar	4c1fc095d8	Adding heuristic check for FI vulnerability	2016-01-14 09:59:13 +01:00
Miroslav Stampar	6b40e0aa8c	Minor style update (nongit-version)	2016-01-10 02:08:23 +01:00
Miroslav Stampar	5908964db4	Another (better) patch for #1636	2016-01-09 17:32:19 +01:00
Miroslav Stampar	d0d676ccce	Update of copyright string	2016-01-06 00:06:12 +01:00
Miroslav Stampar	dc7f2a71d2	Minor refactoring	2015-12-12 23:48:30 +01:00
Miroslav Stampar	663c976a3b	Fixes #1600	2015-12-09 19:53:48 +01:00
Miroslav Stampar	1c5c937507	Minor update	2015-12-09 10:14:13 +01:00
Miroslav Stampar	5020269f50	Adding extra mark into non-git checkouts	2015-11-24 09:38:28 +01:00
Miroslav Stampar	527dcce08d	Better alternative (on Linux getctime() is the time of the last metadata change)	2015-11-24 09:25:11 +01:00
Miroslav Stampar	19f6eb234b	Revert of #58e049a60d250b881af60091215c75daa3f5c01a (I can imagine couple of things that could go wrong)	2015-11-17 08:52:24 +01:00
Miroslav Stampar	58e049a60d	More generic approach for number of pre-open sockets (Issue #1540)	2015-11-17 02:45:27 +01:00
Miroslav Stampar	41b8dfab86	Implementation for an Issue #1540	2015-11-16 23:46:10 +01:00
Miroslav Stampar	4335ae8330	Patching previous commit	2015-11-16 16:59:54 +01:00
Miroslav Stampar	94639d11a3	Another update related to the #1539	2015-11-16 15:33:05 +01:00
Miroslav Stampar	5593bf2fee	Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars)	2015-11-16 15:02:30 +01:00
Miroslav Stampar	42649005c2	Lots of fixes and refactoring in search department	2015-11-08 16:37:46 +01:00
Miroslav Stampar	fbec463b49	Adding new bold patterns	2015-10-22 15:44:08 +02:00
Miroslav Stampar	80aca35dd1	Removing #1450	2015-10-13 15:00:59 +02:00
Miroslav Stampar	9641e84dd9	Bug fixes for HSQLDB	2015-10-09 16:52:13 +02:00
Miroslav Stampar	551b7e4b45	Patch for an Issue #1450	2015-10-06 13:23:01 +02:00
Miroslav Stampar	56f0b811a6	Minor patch	2015-09-21 13:23:56 +02:00
Miroslav Stampar	265a78b455	Fixes #1379	2015-08-31 14:27:47 +02:00
Miroslav Stampar	d70215ad6c	Fixes #1237	2015-08-31 10:24:05 +02:00
Miroslav Stampar	a33b0454cd	Implementation for an Issue #1360	2015-08-26 15:26:16 +02:00
Miroslav Stampar	b010fda695	Switch --save becomes an option (taking file path where to save config file)	2015-08-14 22:49:32 +02:00
Miroslav Stampar	2c1cde0f59	Minor fix (reported over ML - ignore saving of conf.saveCmdline)	2015-08-13 17:21:36 +02:00
Miroslav Stampar	b6ea2fdb07	Fixes #1170	2015-07-24 14:56:45 +02:00
Miroslav Stampar	16f8e4c8ba	Removing unused imports	2015-07-12 12:25:02 +02:00
Miroslav Stampar	a20da7a677	Patch for automatic reporting (GitHub has robots)	2015-07-12 12:05:19 +02:00
Miroslav Stampar	fa303ef8b1	Minor update	2015-07-10 16:39:18 +02:00
Miroslav Stampar	9e5ef094a3	Closes #1270	2015-06-16 22:20:21 +02:00
Miroslav Stampar	5ee7fd785a	Fixes #1235	2015-05-01 00:48:08 +02:00
Miroslav Stampar	5dfd3ef1e4	Another update	2015-03-26 12:25:32 +01:00
Miroslav Stampar	3be7a447a5	Update	2015-03-26 12:22:49 +01:00
Miroslav Stampar	e35c7fbb7a	Fixes #1172	2015-02-22 13:41:54 +01:00
Bernardo Damele	388c0dfd77	trivial layout fix	2015-02-21 12:57:49 +00:00
Miroslav Stampar	fd632e5ada	Update for unhandled exception mechanism (BADA)	2015-01-26 09:09:38 +01:00
Miroslav Stampar	2655b078d0	Patch for an Issue #1127	2015-01-22 08:52:15 +01:00
Miroslav Stampar	06ff8b3a16	Patch for an Issue #1105	2015-01-13 10:33:51 +01:00
Miroslav Stampar	8e03f4db0f	Patch for an Issue #1062	2015-01-09 15:33:53 +01:00
Miroslav Stampar	c4c4ac13fe	Better patch for an Issue #1095	2015-01-07 09:21:02 +01:00
Miroslav Stampar	2030311d50	Patch for an Issue #1095	2015-01-07 02:04:10 +01:00
Miroslav Stampar	45bdefd29b	Update of copyright	2015-01-06 15:02:16 +01:00
Miroslav Stampar	3d5ca1b25a	Minor update	2015-01-06 14:36:51 +01:00
Miroslav Stampar	6fc41ca940	Heuristically checking for WAF/IDS/IPS by default	2015-01-06 14:01:47 +01:00
Miroslav Stampar	c474c16b4a	Removing ML email address	2015-01-06 12:30:49 +01:00
Miroslav Stampar	e383df8e29	Patch for an Issue #1073	2014-12-30 09:16:50 +00:00
Miroslav Stampar	4f122ee008	Bug fix regarding a problem reported by user @blink2014	2014-12-20 00:23:31 +01:00
Miroslav Stampar	17db587e2c	Adding some friendly warning messages (regarding blocking)	2014-12-03 10:06:21 +01:00
Miroslav Stampar	f71a65a9a0	Patch for an Issue #979	2014-12-01 00:29:25 +01:00
Miroslav Stampar	05d5342f20	Update and patch for an Issue #2	2014-11-17 11:50:05 +01:00
Miroslav Stampar	a91fb4149b	Minor update (using lower frequency alphabet for kb.chars)	2014-11-05 10:56:30 +01:00
Miroslav Stampar	6f45596f28	Minor style update	2014-11-03 23:48:44 +01:00
Miroslav Stampar	19aed90ae5	Implementation for an Issue #874	2014-10-27 00:37:46 +01:00
Miroslav Stampar	01f4b76817	Minor update for the Issue #2	2014-10-23 14:03:44 +02:00
Miroslav Stampar	7143e61619	Minor update	2014-10-23 14:00:53 +02:00
Miroslav Stampar	60f2764c3d	Minor style update	2014-10-22 13:53:18 +02:00
Miroslav Stampar	f94ac8c69d	Second patch related to the Issue #846	2014-10-09 15:21:26 +02:00
Miroslav Stampar	2de12ef4a2	Potential fix for an Issue #843	2014-10-05 00:20:42 +02:00
Miroslav Stampar	fdef53aa67	Minor update of unhandled exception message	2014-10-01 14:23:45 +02:00
Miroslav Stampar	a2b059123a	Minor update of format exception strings	2014-10-01 14:12:30 +02:00
Miroslav Stampar	8c9014c39f	Adding a dummy (auxiliary) XSS check	2014-10-01 13:31:48 +02:00
Miroslav Stampar	7278af01ee	Implementation for an Issue #832	2014-09-16 14:12:43 +02:00
Miroslav Stampar	177fc0376d	Minor fix for HSQLDB	2014-08-30 21:37:38 +02:00
Miroslav Stampar	1a9a331422	Bug fix (proper extending of tests when dbms is known)	2014-08-30 21:34:23 +02:00
Miroslav Stampar	dcaad75a1e	Fix for an Issue #794	2014-08-22 15:08:05 +02:00
Miroslav Stampar	2ce3ccac46	Patch for an Issue #797 (switching to greedy because of performance; it shouldn't be a problem because it was a single line replacement in the first place)	2014-08-22 13:06:53 +02:00
Miroslav Stampar	c5b71cff10	Some filtering	2014-08-21 01:12:44 +02:00
Miroslav Stampar	0296081692	Minor refactoring	2014-08-20 23:42:40 +02:00
Miroslav Stampar	f51ea20bbd	Minor style update	2014-08-20 22:50:00 +02:00
Miroslav Stampar	e0216771ed	Minor update	2014-08-20 15:23:07 +02:00
Miroslav Stampar	c97782cfed	Minor update of banner	2014-08-20 15:10:21 +02:00
Miroslav Stampar	07f881e711	Minor fix	2014-08-20 14:02:04 +02:00
Miroslav Stampar	5a05271097	Minor fix	2014-08-19 22:34:07 +02:00
Miroslav Stampar	b0465a6a76	Adding a revision scheme for nongit checkouts	2014-08-19 22:32:16 +02:00
Miroslav Stampar	cd92de1702	Adding colorful banner	2014-08-19 22:19:22 +02:00
Miroslav Stampar	7d578d395f	Minor update for Apache on Windows	2014-08-16 16:01:18 +02:00
Miroslav Stampar	a8b4b96cd9	Extending list for brute forcing doc root	2014-08-16 15:16:03 +02:00
hydhyd	e7ffe92d8c	Update settings.py ... Modified BRUTE_DOC_PREFIXES to include "/srv/www" used by default in OpenSUSE.	2014-08-06 12:59:18 +04:00
Bernardo Damele	018748f52e	increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections	2014-07-01 00:34:09 +01:00
Miroslav Stampar	0f10cdfa4c	Minor update	2014-05-29 09:24:09 +02:00
Miroslav Stampar	2a55f75f86	Using a more generic XML recognition regex	2014-04-30 21:25:45 +02:00
Miroslav Stampar	ae8b1fe89c	Implementation for an Issue #678	2014-04-25 09:17:10 +02:00
Miroslav Stampar	15f92c4197	Bug fix (port was not being used properly with Burp exported history)	2014-04-03 09:46:37 +02:00
Miroslav Stampar	f6e1d9e026	Fix for an Issue #650	2014-03-24 10:46:23 +01:00
Miroslav Stampar	39ab3b9149	Minor fix for meta refresh	2014-03-20 13:13:47 +01:00
Miroslav Stampar	56d76e6bfd	Updating list of extensions to exclude from crawling	2014-03-14 21:34:16 +01:00
Miroslav Stampar	490d51258e	Raising number of minimum time responses (15 is statistically too low)	2014-03-03 20:49:58 +01:00
Miroslav Stampar	6369a38ebc	Adding support for JSON-like data with single quote	2014-02-26 08:56:17 +01:00
Miroslav Stampar	465f968be6	Minor cosmetic update	2014-02-26 08:41:23 +01:00
Miroslav Stampar	8521265526	Minor fix	2014-02-07 14:40:43 +01:00
Bernardo Damele	43a4e85749	updated copyright	2014-01-13 17:24:49 +00:00
Miroslav Stampar	7718edac9b	Fix for an Issue #570	2013-12-27 09:40:33 +01:00
Miroslav Stampar	bf3fbb0ae0	Ignore Google analytics cookies	2013-12-04 09:56:37 +01:00
Miroslav Stampar	7054586e8a	Update for an Issue #565 (more work TBD - DuckDuckGo has some kind of IP blocking mechanism)	2013-11-25 20:57:07 +01:00
Miroslav Stampar	0a4512e9ae	Implementation for an Issue #557	2013-11-08 09:23:38 +01:00
Miroslav Stampar	e197720def	Fix for an Issue #546	2013-10-19 20:54:52 +02:00
Miroslav Stampar	777d999e71	Minor update	2013-10-18 15:39:46 +02:00
Miroslav Stampar	6ff2b931ff	Another patch for an Issue #545	2013-10-17 23:42:51 +02:00
Miroslav Stampar	304c9822bd	Patch for an Issue #545	2013-10-17 16:38:07 +02:00
Miroslav Stampar	5b8d631dc0	Minor update	2013-10-16 11:48:00 +02:00
Miroslav Stampar	04dbee3bec	Update for a more generic JSON recognition regex	2013-10-16 11:39:04 +02:00
Miroslav Stampar	bc19f40d09	Minor update	2013-08-22 10:44:21 +02:00
Miroslav Stampar	6cc0cf3702	Minor comment update	2013-08-20 18:36:31 +02:00
Miroslav Stampar	1088011bf0	Adding new binary file formats for excluding in crawling	2013-08-02 23:07:13 +02:00
stamparm	be5ce760b6	Fix for an Issue #485 (failing back to single-thread mode if over some bisection length)	2013-07-09 10:24:48 +02:00
stamparm	f7d15cb465	Official naming is HSQLDB (and/or HyperSQL)	2013-07-01 11:57:47 +02:00
Meatballs	7b6cc3d183	Add hsql settings	2013-06-24 14:38:44 +01:00
Miroslav Stampar	cdb434805a	Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases	2013-06-10 22:14:45 +02:00
Miroslav Stampar	351c70b390	Locale module screws string.letters, etc. in some cases (e.g. IDLE run)	2013-06-01 14:06:58 +02:00
stamparm	fc57b7565d	Implementation for an Issue #432	2013-05-09 14:26:29 +02:00
stamparm	46557198a5	Minor update of doc root names	2013-04-29 11:29:59 +02:00
stamparm	10fbeaed7b	Code refactoring	2013-04-15 11:49:11 +02:00
Miroslav Stampar	0b449bb1d9	Fix for an Issue #433	2013-04-10 19:33:31 +02:00
stamparm	8c9da95343	Style and consistency update (url -> URL)	2013-04-09 11:48:42 +02:00
stamparm	e1ffdde532	Little cleaning a mess with url encoding and post hint types	2013-03-27 13:39:27 +01:00
Miroslav Stampar	8acf033715	Code refactoring	2013-03-19 19:24:14 +01:00
Miroslav Stampar	2ada9e9b84	Patch for an Issue Issue #416	2013-03-04 18:05:40 +01:00
Miroslav Stampar	0e89cc62a2	Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections	2013-02-28 20:20:08 +01:00
stamparm	be50192d8d	Refactoring WAF scripts	2013-02-26 15:54:50 +01:00
stamparm	e5e39bc682	Fix for an Issue #410	2013-02-25 11:07:30 +01:00
stamparm	8e49872d7c	Finalizing implementation for an Issue #290	2013-02-21 14:33:12 +01:00
Miroslav Stampar	368a2fd297	Fix for an Issue #393	2013-02-14 16:18:16 +01:00
Bernardo Damele	4b9d8ed673	reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter	2013-02-14 11:32:17 +00:00
Bernardo Damele	a67ef4117f	make sure to use Python 2 interpreter when default system Python is version 3	2013-02-14 11:25:04 +00:00
Miroslav Stampar	6629233de5	Minor update	2013-02-14 10:18:40 +01:00
Miroslav Stampar	d78a3e977b	Update (allowing regular char * to be inside SOAP/JSON/XML)	2013-02-13 12:24:42 +01:00
Miroslav Stampar	72984a578d	Update for --load-cookies	2013-02-12 12:42:12 +01:00
Miroslav Stampar	c0e59d94a9	Better naming	2013-02-08 16:28:58 +01:00
Miroslav Stampar	cdfe43560b	Update for an Issue #207 (and a potential patch for regression tests)	2013-02-08 16:20:48 +01:00
Miroslav Stampar	f4b8a3c1d8	Bug fix for boolean (multithreaded Ctrl+C) resumed values	2013-02-04 15:49:29 +01:00
Miroslav Stampar	e7b93b5b66	Implementation for an Issue #363	2013-02-01 17:24:04 +01:00
Miroslav Stampar	bd08ede117	Minor fine tuning	2013-01-29 21:06:02 +01:00
Miroslav Stampar	c06f94e2c8	Fix for an Issue #378	2013-01-25 16:38:41 +01:00
Miroslav Stampar	8c84a16cb7	Minor style update for an Issue #377	2013-01-25 12:52:31 +01:00
Miroslav Stampar	194a9e7b88	Implementation for an Issue #377	2013-01-25 12:34:57 +01:00
Miroslav Stampar	601eb1e49a	Unescaping is renamed to escaping	2013-01-18 15:40:37 +01:00
Bernardo Damele	a43202f3c0	updated copyright	2013-01-18 14:07:51 +00:00
Miroslav Stampar	bcc907ce09	Minor update	2013-01-18 11:00:21 +01:00
Miroslav Stampar	507f185b69	Revert of patch for an Issue #347	2013-01-17 18:38:37 +01:00
Miroslav Stampar	f7eda07d92	Patch for an Issue #347	2013-01-17 15:30:14 +01:00
Miroslav Stampar	51a77d1fe2	Minor update for an Issue #8	2013-01-17 11:37:45 +01:00
Bernardo Damele	542f6de72e	typo fix	2013-01-16 01:31:03 +00:00
Bernardo Damele	c51358953a	add more Oracle system dbs	2013-01-15 14:51:29 +00:00
Miroslav Stampar	934d41dac2	Minor style update (PEP8)	2013-01-10 15:02:28 +01:00
Miroslav Stampar	ca3d35a878	Some PEP8 related style cleaning	2013-01-10 13:18:44 +01:00
Miroslav Stampar	25f01a419f	Minor style update (for the sake of consistency over the code and our PEP8 adaptation)	2013-01-09 15:38:41 +01:00
Miroslav Stampar	648d91d790	Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)	2012-12-27 22:43:39 +01:00
Bernardo Damele	e9ab33e9dd	standalone REST API, code cleanup (#297)	2012-12-20 14:35:02 +00:00
Bernardo Damele	61a838bb35	added more test cases	2012-12-18 15:59:48 +00:00
Bernardo Damele	2926c815bf	improved test switch --live-test and minor refactoring	2012-12-17 11:29:33 +00:00
Bernardo Damele	a2a71bb37b	cleanup from XML-RPC related stuff	2012-12-14 13:37:36 +00:00
Bernardo Damele	6e31e87de1	added initial support (hidden from -hh and not yet usable) for REST-JSON API	2012-12-14 02:49:25 +00:00
Miroslav Stampar	a6448e8768	Update for an Issue #287	2012-12-12 11:54:59 +01:00
Miroslav Stampar	b9f6fc5f4e	First commit (and working one) for an Issue #287 (XML-RPC server)	2012-12-11 16:02:06 +01:00
Miroslav Stampar	0cbdaaecfa	Revert of 99e9412f74 (because of an Issue #289)	2012-12-08 08:53:25 +01:00
Miroslav Stampar	79fca8e9d5	Fix for an Issue #268	2012-12-03 12:13:59 +01:00
Miroslav Stampar	3b961c2550	Update for an Issue #254	2012-11-29 15:36:38 +01:00
Miroslav Stampar	753d0f18bf	First CSS style added for a HTML table dump format (Issue #254)	2012-11-28 12:46:43 +01:00
Miroslav Stampar	cff0c59630	Implementation for an Issue #264	2012-11-28 11:41:39 +01:00
Miroslav Stampar	87a92ab330	Deprecating --replicate (Issue #254)	2012-11-28 11:10:57 +01:00
Miroslav Stampar	d37be5f97b	Fix for an Issue #248	2012-11-14 15:54:24 +01:00
Miroslav Stampar	81ccf28785	Minor refactoring	2012-10-29 14:08:48 +01:00
Miroslav Stampar	359e734954	Minor refactoring	2012-10-29 10:48:49 +01:00
Miroslav Stampar	ca427af8b3	Minor refactoring/improvement	2012-10-28 01:42:08 +02:00
Miroslav Stampar	c1b8226329	Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)	2012-10-28 00:36:09 +02:00
Miroslav Stampar	8a5844a364	Implementation for an Issue #222	2012-10-25 13:21:32 +02:00
Miroslav Stampar	d65d9e25cd	Implementation for an Issue #2	2012-10-19 11:02:14 +02:00
Miroslav Stampar	2cb1b054bb	Implementation for an Issue #79	2012-10-16 12:32:58 +02:00
Miroslav Stampar	ebc7088f94	Implementation for an Issue #128	2012-10-05 10:24:09 +02:00
Miroslav Stampar	8865fe69d7	Minor cleanup	2012-10-04 18:26:07 +02:00
Miroslav Stampar	3764d230be	Minor fix for Issue #197 and Issue #49	2012-10-04 11:43:37 +02:00
Miroslav Stampar	461e5ebc5f	Work for Issue #197 and Issue #49	2012-10-04 11:25:44 +02:00
Miroslav Stampar	bcbf0571a5	Implementation for an Issue #49	2012-10-02 14:23:58 +02:00
Miroslav Stampar	763dc98311	Minor refactoring	2012-10-02 13:36:15 +02:00
Miroslav Stampar	fccdb824bb	Patch for an Issue #193	2012-09-25 11:21:39 +02:00
Miroslav Stampar	cea5127ffd	Update for an Issue #6	2012-09-06 15:51:38 +02:00
Miroslav Stampar	c3d191e626	Minor update for an Issue #2	2012-09-06 14:13:54 +02:00
Miroslav Stampar	1e238b5a5a	Minor update	2012-09-06 13:36:34 +02:00
Miroslav Stampar	9674b174ee	One more minor update related to last commit	2012-08-23 15:37:17 +02:00
Miroslav Stampar	b79247c197	Minor update	2012-08-23 15:22:14 +02:00
Miroslav Stampar	52351e5d81	Update for an Issue #161 (now detecting format error messages too)	2012-08-22 15:51:47 +02:00
Miroslav Stampar	01f481c332	Minor refactoring of dictionaries	2012-08-21 11:19:15 +02:00
Miroslav Stampar	0d8fca30c9	Fix for an Issue #59	2012-08-16 11:31:43 +02:00
Miroslav Stampar	432b567584	Fix for an Issue #141	2012-08-08 00:03:58 +02:00
Miroslav Stampar	fec8a5cc9d	Fix for an Issue #139	2012-08-07 00:50:58 +02:00
Miroslav Stampar	922ea9d1f4	Update for Issue #118	2012-07-24 15:43:29 +02:00
Miroslav Stampar	a7d1a0c250	Implementation for an Issue #117	2012-07-23 14:14:22 +02:00
Bernardo Damele	5f876bdbbe	minor adjustments	2012-07-16 22:50:29 +01:00
Miroslav Stampar	786686da60	Minor language update	2012-07-13 14:53:42 +02:00
Miroslav Stampar	3c81f74823	Minor style update	2012-07-13 12:22:37 +02:00
Miroslav Stampar	c5ecc8b8db	Closing work on Issue #83	2012-07-13 11:23:21 +02:00
Bernardo Damele	162da75a04	modified homepage address	2012-07-12 18:38:03 +01:00
Miroslav Stampar	569c9214bf	Adding support for boldifying important logging messages	2012-07-12 16:30:35 +02:00
Miroslav Stampar	65639cdda6	First update for Issue #75 (error-based dumping)	2012-07-12 14:31:28 +02:00
Miroslav Stampar	c6464b44be	Some more refactoring	2012-07-11 20:13:23 +02:00
Miroslav Stampar	d7926b8aac	Minor refactoring	2012-07-11 19:54:21 +02:00
Bernardo Damele	eb7ffb8f91	setup for implementing logging colouring - issue #77	2012-07-10 02:54:37 +01:00
Miroslav Stampar	3ff28e58b4	Update regarding Issue #52	2012-07-08 19:24:25 +02:00
Bernardo Damele	4fa6d51d93	improved issues link	2012-07-05 16:26:50 +01:00
Miroslav Stampar	c3c1b9e957	Minor restyling	2012-07-04 20:28:18 +02:00
Bernardo Damele	793fa464e3	website url fix	2012-07-03 13:14:39 +01:00
Miroslav Stampar	481b46a004	Restyling output for Issue #52	2012-07-03 13:06:52 +02:00
Miroslav Stampar	3af1532700	Implementation for Issue #54	2012-07-03 12:09:18 +02:00
Miroslav Stampar	8eefe4b71f	Getting back revision number - displayed like in GitHub commits (Issue #52)	2012-07-02 13:01:20 +02:00
Miroslav Stampar	21d9ae0a2c	some more refactoring	2012-07-01 01:19:54 +02:00
Miroslav Stampar	2a72fcce2b	Fix for Issue #42	2012-06-28 13:55:30 +02:00
jekil	c39e5a85ba	Removed $id$ tags	2012-06-27 20:56:43 +02:00
Miroslav Stampar	452ef202ae	minor fixes	2012-06-17 22:48:23 +00:00
Miroslav Stampar	b9f6943a42	minor update	2012-06-17 21:23:12 +00:00
Miroslav Stampar	06be7bbb18	few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)	2012-06-15 20:41:53 +00:00
Miroslav Stampar	058a9c59a2	fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)	2012-06-05 22:40:55 +00:00
Miroslav Stampar	d335ec0c34	turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars	2012-05-26 07:00:26 +00:00
Miroslav Stampar	37f2709197	making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)	2012-05-09 09:08:23 +00:00
Miroslav Stampar	efd27d7ade	minor renaming	2012-04-17 08:41:19 +00:00
Miroslav Stampar	627bfc589f	some more updates in reflective removal mechanism	2012-04-11 21:26:00 +00:00
Miroslav Stampar	01bd5d0ab2	some more updates for reflective mechanism	2012-04-11 10:41:33 +00:00
Miroslav Stampar	9c2f244d47	minor fix	2012-04-10 22:20:53 +00:00
Miroslav Stampar	119eec3598	improving "boolean detection" by automatic recognition of convenient --string candidate	2012-04-10 21:48:34 +00:00
Miroslav Stampar	b2afa87e48	reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)	2012-04-06 08:42:36 +00:00
Bernardo Damele	d106fb5184	layout adjustments	2012-04-04 12:27:24 +00:00
Miroslav Stampar	1cd3c3f7af	further update of DNS data retrieval mechanism through SQLi	2012-04-02 14:05:30 +00:00
Miroslav Stampar	772ead8d03	fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values	2012-03-29 12:44:20 +00:00
Miroslav Stampar	9433bbe26d	memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)	2012-03-28 19:27:12 +00:00
Miroslav Stampar	a8c9a47092	redirect logic rewritten from scratch	2012-03-15 11:10:58 +00:00
Miroslav Stampar	ca0d068575	distinguishing NULL from BLANK	2012-03-14 13:52:23 +00:00
Miroslav Stampar	e827f41cdb	using pickle HIGHEST_PROTOCOL just in case	2012-03-13 09:35:37 +00:00
Miroslav Stampar	cda8815634	introducing safe deprecation mechanism for HashDB versioning	2012-03-12 22:55:57 +00:00
Miroslav Stampar	b3bd4144f5	removing of unused imports together with some general code refactoring	2012-02-22 10:40:11 +00:00
Miroslav Stampar	bc4dd7c0dd	fix for -g	2012-02-20 10:02:19 +00:00
Miroslav Stampar	aee269cc14	gazillion changes, nothing will work, muhahaha	2012-02-17 14:22:48 +00:00
Miroslav Stampar	dcf7277a0f	some more refactorings	2012-02-16 14:42:28 +00:00
Miroslav Stampar	bcf9fc6c6f	minor refactoring	2012-02-16 09:32:47 +00:00
Miroslav Stampar	23cc8b6974	minor fix for special cases when parameter value contains html encoded characters	2012-02-14 14:08:10 +00:00
Miroslav Stampar	2b05ded9c3	just a makeup	2012-02-07 12:05:23 +00:00
Miroslav Stampar	f7bf1fbe94	upgrade/fixes for direct DBMS access	2012-02-07 10:46:55 +00:00
Bernardo Damele	c0f4b4632d	Minor fix	2012-02-02 12:55:39 +00:00
Miroslav Stampar	f2857e38ba	minor update	2012-01-30 10:19:03 +00:00
Bernardo Damele	7e560eec1f	Minor fix	2012-01-13 12:54:45 +00:00
Miroslav Stampar	95f89ab63a	updating copyright date	2012-01-11 14:59:46 +00:00
Miroslav Stampar	2b5e429dc2	one more level of defense against user himself	2012-01-07 17:16:14 +00:00
Miroslav Stampar	759465bde5	minor fix	2012-01-06 00:06:38 +00:00
Miroslav Stampar	37d78ffe01	minor optimization	2011-12-28 15:59:30 +00:00
Miroslav Stampar	dda979a15a	minor refactoring	2011-12-27 12:31:29 +00:00
Miroslav Stampar	c20546dcaa	minor refactoring	2011-12-26 12:24:39 +00:00
Miroslav Stampar	89d2c7c042	minor update	2011-12-22 20:54:20 +00:00
Miroslav Stampar	abb401879c	minor update	2011-12-22 20:42:57 +00:00
Miroslav Stampar	087e29d272	minor update	2011-12-22 20:14:56 +00:00
Miroslav Stampar	094129a656	minor optimization	2011-12-22 15:42:21 +00:00
Miroslav Stampar	9f68e54fff	minor cleanup	2011-12-22 10:59:28 +00:00
Miroslav Stampar	526aacb640	code cleanup	2011-12-21 22:59:23 +00:00
Miroslav Stampar	81bd9a201b	minor refactoring	2011-12-21 11:50:49 +00:00
Miroslav Stampar	95cd9e2af3	adding support for scanning Host header values (-p host)	2011-12-20 12:52:41 +00:00
Miroslav Stampar	364113441b	adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)	2011-12-14 10:19:45 +00:00
Bernardo Damele	8fe72d87a8	minor bug fix for mysql -d --file-read	2011-12-06 10:57:23 +00:00
Miroslav Stampar	71c46f50aa	adding option --csv-del	2011-11-30 17:39:41 +00:00
Miroslav Stampar	02bd9a54f3	minor update	2011-11-30 17:19:21 +00:00
Miroslav Stampar	885b432808	minor update	2011-11-23 21:39:53 +00:00
Miroslav Stampar	2e10de8921	minor update	2011-11-22 12:18:24 +00:00
Miroslav Stampar	ac041399f0	minor patch	2011-11-22 11:04:43 +00:00
Miroslav Stampar	9697e80013	some more optimizations	2011-11-22 10:54:29 +00:00
Miroslav Stampar	eee03871d7	minor refactoring	2011-11-21 21:31:08 +00:00
Miroslav Stampar	440b7efe55	minor optimization	2011-11-20 20:14:47 +00:00
Miroslav Stampar	e1a92d59de	implementing WordPress phpass hash cracking routine	2011-11-20 19:10:46 +00:00
Miroslav Stampar	f1979936c8	minor update	2011-11-18 15:32:33 +00:00
Miroslav Stampar	d735582536	major speed improvement of hash cracking	2011-11-02 06:53:43 +00:00
Miroslav Stampar	7ce3af68fc	fixing support for parsing BURP logs	2011-10-27 17:31:34 +00:00
Miroslav Stampar	d64c0af461	minor update	2011-10-26 14:31:00 +00:00
Miroslav Stampar	86b4a3562f	added switch --check-tor	2011-10-25 17:37:43 +00:00
Miroslav Stampar	c1486ed4be	adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request	2011-10-25 09:53:44 +00:00
Miroslav Stampar	323aa7bf2f	minor update	2011-10-09 21:21:41 +00:00
Miroslav Stampar	e0f521cf9d	minor update regarding --randomize	2011-08-29 13:08:25 +00:00
Bernardo Damele	9361e633f4	Minor bug fix - some applications do really set cookies like param="value" with double-quotes	2011-08-16 09:21:01 +00:00
Miroslav Stampar	7cc5743c5d	minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters)	2011-08-16 06:50:20 +00:00
Miroslav Stampar	df4abf1af1	lowering constant value from 10 to 7 for da peace in da houz	2011-08-12 17:19:19 +00:00
Miroslav Stampar	9423d15fb3	ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix	2011-08-03 09:08:16 +00:00
Miroslav Stampar	5770c08784	minor optimization and refactoring	2011-07-25 20:17:44 +00:00
Miroslav Stampar	ec1bc0219c	hello big tables, this is sqlmap, sqlmap this is big tables	2011-07-24 09:19:33 +00:00
Miroslav Stampar	094dc91e2d	minor update (prior to some changes regarding large content retrieval)	2011-07-23 19:04:59 +00:00
Miroslav Stampar	9cf33ec997	now status is no longer represented in percentage (impossible in cases where we need to support too small and too large dictionaries - technical issues regarding counting) but by the rotating char	2011-07-15 13:24:13 +00:00
Miroslav Stampar	5c162efbd8	more optimization	2011-07-12 23:21:15 +00:00
Miroslav Stampar	5443e06430	cosmetics (in debug mode [0] is used)	2011-07-08 09:43:52 +00:00
Bernardo Damele	aedcf8c8d7	Changed homepage address	2011-07-07 20:10:03 +00:00
Bernardo Damele	067354b97f	Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access	2011-07-07 13:20:40 +00:00
Bernardo Damele	fcd4e94c04	Higher chances to detect UNION query SQL injection against Microsoft Access	2011-07-06 23:52:44 +00:00
Miroslav Stampar	93b296e02c	few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")	2011-07-06 05:44:47 +00:00
Miroslav Stampar	b8ffcf9495	few fixes here and there and multi-core processing for dictionary based hash attack	2011-07-04 19:58:41 +00:00
Bernardo Damele	36c96ef796	Added DB2 support - patch provided by Sebastian Bittig	2011-06-25 09:44:24 +00:00
Miroslav Stampar	aa83fe5c66	minor update	2011-06-24 18:19:33 +00:00
Miroslav Stampar	21010f702c	minor beautification	2011-06-24 17:46:54 +00:00
Miroslav Stampar	96190cf594	minor update	2011-06-24 17:15:15 +00:00
Bernardo Damele	1cb12ea659	replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license)	2011-06-22 13:31:07 +00:00
Miroslav Stampar	2a4a284a29	crawler fix (skip binary files)	2011-06-20 22:41:38 +00:00
Miroslav Stampar	d6062e8fc9	minor fix for crawler and far less message overlaps in future	2011-06-20 21:18:12 +00:00
Miroslav Stampar	31ad0875b4	added by request	2011-06-18 11:34:51 +00:00
Miroslav Stampar	ec6fa384eb	update	2011-06-17 22:04:25 +00:00
Miroslav Stampar	530c296519	minor fix	2011-06-16 13:56:17 +00:00
Miroslav Stampar	6f681b45ad	cleaning up a bit for a configuration mess	2011-06-16 11:42:13 +00:00
Miroslav Stampar	2da56ea507	fix of a language bug	2011-06-11 21:17:30 +00:00
Miroslav Stampar	f8dde2c23b	adding --titles switch (killer switch for pages with lots of dynamicity and/or international ones)	2011-06-10 23:18:43 +00:00
Bernardo Damele	7da3d8dbd1	minor layout adjustment	2011-06-08 13:01:33 +00:00
Miroslav Stampar	f27181c628	minor improvement for blind based injections with reflected values	2011-06-03 14:41:36 +00:00
Miroslav Stampar	89559d1b0a	better regex and now after we have that automatic switch off for reflective removal mechanism it's not so important to change it	2011-05-30 20:18:30 +00:00
Miroslav Stampar	20988e58ed	warp 5 mr spock :)	2011-05-30 09:46:32 +00:00
Miroslav Stampar	001cbff2a9	speed up of 2 times for partial union technique	2011-05-30 09:07:48 +00:00
Miroslav Stampar	d51efa679d	typo update	2011-05-29 06:26:28 +00:00
Miroslav Stampar	f848cc779e	adding legal disclaimer as latest situation (these days news headlines) seems out of control	2011-05-28 18:54:14 +00:00
Miroslav Stampar	03ef53f00a	update regarding mysql function resolution and versionedkeywords	2011-05-28 17:34:43 +00:00
Miroslav Stampar	4f46a5ab63	minor usability enhancement regarding warning for --text-only switch	2011-05-26 20:48:18 +00:00
Miroslav Stampar	0e480a9921	adding SYS to the ORACLE_SYSTEM_DBS	2011-05-25 10:55:47 +00:00
Miroslav Stampar	f774d8fea0	proper Tor settings (reverted r3915 and implemented it the right way)	2011-05-24 11:06:58 +00:00
Miroslav Stampar	a58aaf2e1a	better format for results file (easier for sorting when lots of files)	2011-05-22 07:02:36 +00:00
Miroslav Stampar	25fff8c135	changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux)	2011-05-21 11:46:57 +00:00
Miroslav Stampar	9e5856caf8	improvement for recognition of scalar vs multiple-row commands	2011-05-19 16:45:05 +00:00
Miroslav Stampar	3048e9f710	minor refactoring	2011-05-17 23:03:31 +00:00
Miroslav Stampar	faa74cd2bc	introducing results file for multiple target mode	2011-05-15 22:21:38 +00:00
Bernardo Damele	aae140080e	SVN roll back, DB2 patch will be recommitted after testing: ... $ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .	2011-05-06 10:27:43 +00:00
Miroslav Stampar	6e392b6054	applying contributed patch for DB2	2011-05-06 09:30:39 +00:00
Miroslav Stampar	742b0ef76e	major improvement of ERROR data retrieval on MSSQL	2011-05-03 13:25:20 +00:00
Bernardo Damele	f56d135438	Minor code restyling	2011-04-30 13:20:05 +00:00
Bernardo Damele	d0dff82ce0	Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch	2011-04-23 16:25:09 +00:00
Miroslav Stampar	f88aa4b165	implemented suppressResumeInfo mechanism (huge slowdown on large tables)	2011-04-22 19:58:10 +00:00
Bernardo Damele	06a00fe85e	For development version, print also the revision number in the banner	2011-04-21 21:34:57 +00:00
Miroslav Stampar	7a06af9a92	added "lagging" critical message	2011-04-19 10:37:20 +00:00
Miroslav Stampar	b79d4f70f3	cleaner solution for the problem solved with last commit	2011-04-18 14:51:48 +00:00
Miroslav Stampar	f5cff067c6	little hack for --time-sec	2011-04-18 14:46:18 +00:00
Miroslav Stampar	6fab44d635	minor refactoring and improving of used regex	2011-04-17 22:37:00 +00:00
Miroslav Stampar	c461fdca54	some refactoring	2011-04-15 13:51:06 +00:00
Miroslav Stampar	0387654166	update of copyright string (until year)	2011-04-15 12:33:18 +00:00
Miroslav Stampar	4d8a49a87c	more standard way to display hex encoded char (\xff instead of \ff) also compatible with python representation	2011-04-15 11:53:20 +00:00
Miroslav Stampar	ded28442fb	minor fixes and refactoring regarding safecharencoding	2011-04-14 15:54:00 +00:00
Miroslav Stampar	eafab03d99	safe decoding values going into --replicate (as we should have a "replicate" and sqlite3 supports all chars)	2011-04-14 13:53:56 +00:00
Miroslav Stampar	30bfefd638	minor fix	2011-04-14 12:58:03 +00:00
Bernardo Damele	5cf38cd0d7	More cookies to ignore	2011-04-14 12:46:14 +00:00
Miroslav Stampar	bb99bd2fbe	one more commit related to the issue with displaying of garbled characters	2011-04-14 09:43:36 +00:00
Miroslav Stampar	5dfb55effc	revert of the last commit because of this http://osvdb.org/show/osvdb/26582	2011-04-14 06:46:32 +00:00
Miroslav Stampar	786f305e1a	minor update	2011-04-14 06:43:08 +00:00
Miroslav Stampar	21114d1748	added IGNORE_PARAMETERS to skip testing of state/session web server parameters	2011-04-13 19:01:02 +00:00
Miroslav Stampar	d06ae9cd47	implemented retrieved items info for partial union too	2011-04-13 14:33:15 +00:00
Miroslav Stampar	f5f2201bbc	minor cosmetics for partial inband retrieval	2011-04-13 11:25:42 +00:00
Miroslav Stampar	c193b896be	just in case update to prevent gibberish "retrieved: " outputs	2011-04-12 23:07:50 +00:00
Miroslav Stampar	941daa1645	just in case to prevent "object of type 'NoneType' has no len()" error reports	2011-04-11 11:59:02 +00:00
Miroslav Stampar	08d14886fd	added new dev version string	2011-04-11 09:44:44 +00:00
Bernardo Damele	07d6b18c4e	cutting for 0.9 stable	2011-04-11 00:24:51 +00:00
Miroslav Stampar	8597409d9e	lowering the value	2011-04-10 22:57:17 +00:00
Bernardo Damele	c3b54cc222	Cosmetics	2011-04-01 16:40:28 +00:00
Miroslav Stampar	220366b6e8	minor update (ip addresses will not be confused any more for crypt_generic hashes)	2011-03-31 16:56:26 +00:00
Miroslav Stampar	c5de903eab	minor improvement ("quick defense against substr fields")	2011-03-31 09:35:09 +00:00
Miroslav Stampar	d28ca5809b	adding support for meta HTML header 'refresh' - popular one amongst login pages (stumbled when tested blind injections on Mutillidae login page)	2011-03-29 14:16:28 +00:00
Miroslav Stampar	7cf4ba83dc	minor refactoring and comment update	2011-03-29 12:08:07 +00:00
Miroslav Stampar	bf0e3c4662	improvement for --forms with empty fields	2011-03-28 22:48:00 +00:00
Miroslav Stampar	76b7e3517d	minor update	2011-03-27 07:58:15 +00:00
Miroslav Stampar	d79fae724c	minor refactoring	2011-03-24 09:16:21 +00:00
Miroslav Stampar	5c97f9a496	improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries)	2011-03-09 09:36:56 +00:00
Miroslav Stampar	f27f05308a	minor update for masking sensitive data in error report (added aCred too)	2011-03-02 10:09:17 +00:00
Miroslav Stampar	7036190e8e	minor improvement of regular expression	2011-02-27 17:58:01 +00:00
Miroslav Stampar	21041f8b90	further reflective value handling improvement	2011-02-27 17:43:41 +00:00
Miroslav Stampar	708ddf5608	added protection mechanism against reflected values	2011-02-24 16:52:46 +00:00
Miroslav Stampar	3f8eadf4fe	minor refactoring	2011-02-22 13:00:58 +00:00
Miroslav Stampar	199f14df46	implementation of MySQL GROUP_CONCAT technique	2011-02-15 00:28:27 +00:00
Miroslav Stampar	50d25c3b4d	update regarding explicit testing of ua and referer when using -p	2011-02-13 21:58:48 +00:00
Miroslav Stampar	4295a78c5f	minor update	2011-02-10 19:51:34 +00:00
Miroslav Stampar	5b57a69f3e	fix	2011-02-09 11:20:03 +00:00
Miroslav Stampar	37f7001143	first commit with mysql/error/substringing	2011-02-08 16:23:33 +00:00
Miroslav Stampar	99e9412f74	minor update	2011-02-07 12:34:23 +00:00
Bernardo Damele	39decebe85	Minor fixes to checking/re-enabling of xp_cmdshell procedure	2011-02-07 12:17:19 +00:00
Miroslav Stampar	096efea282	added BULK to EXCLUDE_UNESCAPE and preventing crashes when output=[]	2011-02-07 10:22:43 +00:00
Bernardo Damele	ba3a8a69d4	More statements to exclude from unescap'ing	2011-02-07 00:33:54 +00:00
Bernardo Damele	2e00656235	Minor fix	2011-02-07 00:20:23 +00:00
Bernardo Damele	f3d6be7868	Code cleanup	2011-02-06 22:32:44 +00:00
Miroslav Stampar	acb986ae80	minor refactoring	2011-02-04 17:40:55 +00:00
Miroslav Stampar	accf4e6ce0	one important fix (URI injection parameter '*' now can go anywhere)	2011-02-04 12:43:18 +00:00
Miroslav Stampar	c19d481bb1	little clean up	2011-02-04 12:25:14 +00:00
Miroslav Stampar	e4933f0c92	refactoring	2011-02-03 23:25:56 +00:00
Miroslav Stampar	e5f54644f0	minor "statistical" update	2011-02-03 16:59:49 +00:00
Miroslav Stampar	6c87bd1c63	added maskSensitiveData function	2011-02-02 14:25:16 +00:00
Miroslav Stampar	d6c9515f78	minor update	2011-02-02 13:03:24 +00:00
Miroslav Stampar	e33428b833	adding __findUnionCharCount function	2011-02-02 11:22:35 +00:00
Miroslav Stampar	99aa38b58f	minor refactoring	2011-02-02 10:10:28 +00:00
Miroslav Stampar	fa58a9c86b	update (now URIs like www.site.com/id82 are automatically treated as possible URI injectable)	2011-01-31 20:36:01 +00:00
Miroslav Stampar	b1dc928e68	implemented validation for time-based inference	2011-01-31 16:07:23 +00:00
Miroslav Stampar	25463bc67c	fix for a bug (--predict-output) noticed by Bernardo	2011-01-31 15:00:41 +00:00
Miroslav Stampar	60a2364f2b	now union technique parses headers too	2011-01-31 12:41:39 +00:00
Miroslav Stampar	f9eac97fe8	refactoring of MSSQL XML banner parsing	2011-01-31 11:38:00 +00:00
Miroslav Stampar	fc9c626f9e	minor refactoring (removed URL_ENCODE_PAYLOAD)	2011-01-30 17:03:06 +00:00
Miroslav Stampar	ddf23ba7cc	refactoring	2011-01-30 11:36:03 +00:00
Miroslav Stampar	03413bd5e0	minor refactoring before a huge bug fix reported by Ahmed Shawky (we are falsely urlencoding ORIGINAL part of the injection payload)	2011-01-27 16:55:58 +00:00
Miroslav Stampar	4e5f0da1ae	minor update	2011-01-20 16:07:08 +00:00
Miroslav Stampar	7a060e756d	dummy fix for SQLite schema retrieval (lots of spaces inside)	2011-01-19 23:16:22 +00:00
Bernardo Damele	daebb0010b	Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based. ... Alignment of SQL statement payload packing/unpacking between all of the techniques. Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too. Minor code cleanup.	2011-01-18 23:02:11 +00:00
Miroslav Stampar	34d13be0d3	minor update regarding default page encoding	2011-01-17 10:23:37 +00:00
Miroslav Stampar	5c857779c1	important fix for unicode based character inference	2011-01-17 10:15:19 +00:00
Miroslav Stampar	0fcca671bd	information update regarding common password suffixes	2011-01-17 09:28:25 +00:00
Miroslav Stampar	5476a8a27e	russian sites are great for testing :)	2011-01-16 19:00:19 +00:00
Miroslav Stampar	30d6791968	update regarding time based data retrieval	2011-01-16 17:52:42 +00:00
Miroslav Stampar	3873d204bb	important update for dictionary attack	2011-01-15 15:56:11 +00:00
Miroslav Stampar	e17ac5fdca	update	2011-01-15 15:14:22 +00:00
Bernardo Damele	97ae7e330f	cosmetics	2011-01-07 17:10:58 +00:00
Miroslav Stampar	7ae5192070	adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data)	2011-01-05 10:25:07 +00:00
Miroslav Stampar	c83e9f6ca5	foundation for filtering binary string values (for example, replacement of non readable chars with #)	2011-01-04 21:56:37 +00:00
Miroslav Stampar	aa81ed4033	implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers)	2011-01-04 15:49:20 +00:00
Miroslav Stampar	8625494ff2	added one new quick check for multiple target(s) mode	2011-01-03 08:32:06 +00:00
Miroslav Stampar	f762f32de8	bug fix for proper --parse-errors on .aspx pages	2011-01-02 13:00:04 +00:00
Miroslav Stampar	51a492e17d	pretty important commit (now dumped tables are prone to dictionary attack)	2010-12-27 10:56:28 +00:00
Miroslav Stampar	b472b96f92	bug fix, refactoring and improved extractErrorMessage capabilities	2010-12-25 10:16:20 +00:00
Miroslav Stampar	aab14fa2d3	minor refactoring/cosmetics	2010-12-24 11:06:57 +00:00
Miroslav Stampar	d5eebb1cbf	fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6	2010-12-24 09:49:19 +00:00
Miroslav Stampar	7a525f28d4	cosmetics	2010-12-21 15:26:23 +00:00
Miroslav Stampar	b2e7f9484d	minor tuning (2 techniques MAX per value used)	2010-12-21 15:24:14 +00:00
Miroslav Stampar	6c1133c4d4	some code refactoring	2010-12-21 15:13:13 +00:00
Miroslav Stampar	fe67d3827c	code refactoring and some fixes	2010-12-18 09:51:34 +00:00
Miroslav Stampar	a19cb2c13a	code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")	2010-12-17 21:29:09 +00:00
Bernardo Damele	04caef6de0	Tuning	2010-12-13 23:04:26 +00:00
Miroslav Stampar	c93634b6c7	blind dumping of tables in sqlite implemented	2010-12-11 22:13:19 +00:00
Miroslav Stampar	f021548bd0	added inference failsafe (like in for instance Firebirds SUBSTR always returns a string value, no matter which starting index you use)	2010-12-11 10:52:04 +00:00
Miroslav Stampar	fe2039f5ba	coollyy little commits	2010-12-10 11:32:46 +00:00
Miroslav Stampar	64cc2588f1	now resume is available for time-based blinds too	2010-12-08 12:49:26 +00:00
Miroslav Stampar	dc651d59ec	little mathematics here and there (used "Rules for normally distributed data")	2010-12-07 19:19:12 +00:00
Miroslav Stampar	ecd4a5a532	added standard deviation check in time based tests	2010-12-07 16:39:31 +00:00
Miroslav Stampar	294119d2ec	more advanced time technique(s)	2010-12-07 16:04:53 +00:00
Miroslav Stampar	3d87489de5	minor update	2010-12-07 08:05:03 +00:00
Miroslav Stampar	61f82fd274	introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic	2010-12-07 00:27:26 +00:00
Miroslav Stampar	2735848ab6	removed ERROR_SPACE	2010-12-06 22:40:07 +00:00
Bernardo Damele	2708aad504	Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.	2010-12-01 10:31:50 +00:00
Miroslav Stampar	2a8e270bef	proper handling of carriage return character from Windows target machines	2010-11-16 15:11:03 +00:00
Miroslav Stampar	88c00e61d3	another update	2010-11-09 23:35:37 +00:00
Miroslav Stampar	5ebd5d935c	another name change	2010-11-09 22:49:31 +00:00
Miroslav Stampar	06f00cf8c1	name change	2010-11-09 22:48:22 +00:00
Miroslav Stampar	fef60d5cb7	some fixes :)	2010-11-09 22:32:05 +00:00
Miroslav Stampar	862395ced1	further refactoring (all enumerations are now put into enums.py)	2010-11-08 09:20:02 +00:00
Bernardo Damele	b6da946883	Added one new verbose level, -v 3 now shows the full injected payload. ... Fixed also -d verbose output.	2010-11-07 22:34:29 +00:00
Miroslav Stampar	685a8e7d2c	refactoring of hard coded dbms names	2010-11-02 11:59:24 +00:00
Miroslav Stampar	5a38ac7ea9	important update regarding (Bug #209) - probably more will be needed	2010-10-29 16:11:50 +00:00
Miroslav Stampar	be443c6947	refactoring regarding __START__,...	2010-10-21 09:51:07 +00:00
Miroslav Stampar	e24bff0497	nice refactoring	2010-10-20 09:46:57 +00:00
Miroslav Stampar	5d3cbec457	no more regex. web server independent.	2010-10-20 09:35:46 +00:00
Miroslav Stampar	8776db872c	minor refactoring	2010-10-19 23:05:24 +00:00
Miroslav Stampar	264e0a6fda	added support for displaying revision number at unhandled exception message	2010-10-19 08:55:14 +00:00
Miroslav Stampar	4f7f20b94f	sorry, cosmetics	2010-10-14 23:18:29 +00:00
Miroslav Stampar	8b48833136	large commit with copyright header modifications	2010-10-14 14:41:14 +00:00
Miroslav Stampar	f9f79ffbaf	basic stuff for sybase	2010-10-12 19:05:12 +00:00
Miroslav Stampar	48cc87f6a9	added support for fingerprinting SAP MaxDB (Issue 143)	2010-08-30 13:29:19 +00:00
Bernardo Damele	a21a7fc56d	Minor code refactoring	2010-05-21 12:09:31 +00:00
Bernardo Damele	a1b1f960cc	Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function	2010-04-23 16:34:20 +00:00
Bernardo Damele	b19de015c5	Minor bugs fixes	2010-03-31 13:52:51 +00:00
Bernardo Damele	0d559d14df	Initial support for SQLite (90% approx). ... Initial support for Firebird (30% approx). Initial support for Access (10% approx). Shared libraries code/installation scripts ported to 64bit, directory structure adapted. Minor code adjustments.	2010-03-18 17:20:54 +00:00
Bernardo Damele	7f5bc5e3fe	Increased version to 0.9-dev	2010-03-15 11:04:57 +00:00
Bernardo Damele	572b6fd920	sqlmap 0.8 stable!	2010-03-15 01:17:27 +00:00
Bernardo Damele	a654a426ef	Minor adjustments	2010-03-03 16:19:17 +00:00
Bernardo Damele	156fdd96ef	Updated copyright	2010-03-03 15:26:27 +00:00
Bernardo Damele	404927d04a	Adjusted banner, increased release candidate to rc7	2010-02-25 17:34:54 +00:00
Bernardo Damele	dcbbad642d	Minor self fix, switched to rc6	2010-01-28 10:27:47 +00:00
Bernardo Damele	c4215ce8d2	Minor code refactoring	2010-01-14 20:42:45 +00:00
Bernardo Damele	f316e722c1	sqlmap 0.8-rc4: --dump option now can also accept only -C: user can provide a string column and sqlmap will enumerate all databases, tables and columns that contain the 'provided_string' or '%provided_string%' then ask the user to dump the entries of only those columns. ... --columns now accepts also -C option: user can provide a string column and sqlmap will enumerate all columns of a specific table like '%provided_string%'. Minor enhancements. Minor bug fixes.	2010-01-09 00:05:00 +00:00
Bernardo Damele	80df1fdcf9	Minor bug fix with --sql-query/shell when providing a statement with DISTINCT	2010-01-05 16:15:31 +00:00
Bernardo Damele	ce022a3b6e	sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.	2010-01-02 02:02:12 +00:00
Bernardo Damele	e4e081cdc6	sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.	2009-12-17 22:04:01 +00:00
Bernardo Damele	89c43893d4	Merged back from personal branch to trunk (svn merge -r846:940 ...) ... Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.	2009-09-25 23:03:45 +00:00
Bernardo Damele	19c6804ded	Fixed two minor bugs with PostgreSQL reported by Sven Klemm, thanks!	2009-07-29 10:44:24 +00:00
Bernardo Damele	b2b2ec8a26	Preparing to release sqlmap 0.7 stable	2009-07-24 23:20:57 +00:00
Bernardo Damele	b4fd71e8b9	Minor adjustment to reflect Metasploit r6849 (http://trac.metasploit.com/changeset/6849) and minor code refactoring.	2009-07-20 14:36:33 +00:00
Bernardo Damele	cb3d2bac16	Minor improvement so that sqlmap tests also all parameters with no value (ig. par=).	2009-07-09 11:25:35 +00:00
Bernardo Damele	150abc0f1e	sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.	2009-06-11 15:01:48 +00:00
Bernardo Damele	16b4530bbe	Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed). ... Minor common library code refactoring. Code cleanup. Set back the default User-Agent to sqlmap for comparison algorithm reasons. Updated THANKS.	2009-04-27 23:05:11 +00:00
Bernardo Damele	5121a4dcba	Send IE7.0 as default User-Agent	2009-04-24 20:13:21 +00:00
Bernardo Damele	8c0ac767f4	Updated to sqlmap 0.7 release candidate 1	2009-04-22 11:48:07 +00:00
Bernardo Damele	2355885712	Minor adjustment	2009-02-09 10:29:07 +00:00
Bernardo Damele	207e96e2b2	Major bug fix in the comparison algorithm to correctly handle also the ... case that the url is stable and the False response changes the page content very little.	2009-02-09 10:28:03 +00:00
Bernardo Damele	b12d955274	Updated packaging scripts, site and finalized the documentation to release version 0.6.4	2009-02-03 15:38:40 +00:00
Bernardo Damele	770e000cb4	Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs	2009-02-02 23:44:19 +00:00
Bernardo Damele	6054090191	sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.	2009-01-28 14:53:11 +00:00
Bernardo Damele	c25b49e80e	Major bugfix to avoid "IFNULL and CAST" on CASE	2009-01-19 21:27:51 +00:00
Bernardo Damele	5560f0b68a	Updated the copyright	2009-01-12 21:35:38 +00:00
Bernardo Damele	e10ab5aa0e	Major bug fixes	2009-01-10 14:39:27 +00:00
Bernardo Damele	d0604ef513	Major bug fix to correctly handle custom SQL "limited" queries on Oracle	2009-01-03 01:19:04 +00:00
Bernardo Damele	9c42a883be	Major bug fix to make it work properly with MSSQL custom limited (SELECT ... TOP ...) queries with both inferential blind and Full UNION query injection	2009-01-02 23:26:45 +00:00
Bernardo Damele	a4d62af2ea	Minor layout adjustments to --union-tech	2008-12-29 18:48:23 +00:00
Bernardo Damele	64bb57d786	Minor bug fix to make the Partial UNION query SQL injection technique ... work properly also on Oracle and Microsoft SQL Server.	2008-12-22 22:48:44 +00:00
Bernardo Damele	2f406b3e56	Minor adjustments	2008-12-22 00:04:28 +00:00
Bernardo Damele	996a872e51	We are already on sqlmap 0.6.4 release candidate 1..	2008-12-20 13:23:26 +00:00
Bernardo Damele	c18efe5084	Minor adjustments	2008-12-20 13:21:47 +00:00
Bernardo Damele	ad228e6947	Ahead with the improvements to the comparison algorithm. ... Added support internally to forge CASE statements, used only by --is-dba query at the moment. Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and SQL shell. Minor code adjustments.	2008-12-19 20:09:46 +00:00
Bernardo Damele	bf2a857b9a	Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.	2008-12-12 19:06:31 +00:00
Bernardo Damele	9dbad512f1	sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers ... by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.	2008-12-08 21:24:24 +00:00
Bernardo Damele	7f055924a7	sqlmap 0.6.3-rc4: ... Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.	2008-12-04 17:40:03 +00:00
Bernardo Damele	0f07e33e1a	Removed REVISION, makes no sense. ... Import and use python psyco library to speed up if it's installed: it's optional.	2008-12-03 17:32:16 +00:00
Bernardo Damele	f97585c593	Show also SVN revision in error message when a traceback raises. ... Fix typo.	2008-12-01 23:49:14 +00:00
Bernardo Damele	dc1f2deb74	Minor bug fix to correctly enumerate columns on Microsoft SQL Server. ... Minor adjustments to XML signatures. Updated documentation.	2008-11-25 11:33:44 +00:00
Bernardo Damele	ecc4a98071	Properly moved and improved inject.goStacked() function and newly ... implemented Time based blind SQL injection now is a single test file within the lib/techniques/ folder. Renamed lib/techniques/inference to lib/techniques/blind, it is more approriate and adapted the rest of the libraries. Updated ChangeLog file.	2008-11-12 23:44:09 +00:00
Bernardo Damele	9329f8c9c4	Minor enhancement to be able to enumerate table columns and dump table ... entries also if the database name is not provided by using the current database on MySQL and MSSQL, the 'public' scheme on PostgreSQL and the 'USERS' TABLESPACE_NAME on Oracle. Minor bug fix so that when the user provide as SELECT statement to be processed an asterisk, now it also work if in the FROM there is no database name specified. Minor layout adjustments.	2008-11-12 22:53:25 +00:00
Bernardo Damele	81ed7c2086	Initial implementation of support for stacked queries. ... Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.	2008-11-12 00:36:50 +00:00
Bernardo Damele	0c5d3df546	sqlmap 0.6.3-rc1: ... * Minor enhancement to be able to specify the number of seconds to wait between each HTTP request. * Minor bug fix to handle session.error and session.timeout in HTTP requests. * Updated documentation.	2008-11-09 16:57:47 +00:00
Bernardo Damele	56a5e8d390	Updated sqlmap packaging scripts, site and documentation, almost ready for sqlmap 0.6.2	2008-11-02 20:12:50 +00:00
Bernardo Damele	fc28372596	Added a comment	2008-10-26 16:06:43 +00:00
Bernardo Damele	892a7b2f8a	propsets..	2008-10-15 15:56:32 +00:00
Bernardo Damele	8e3eb45510	After the storm, a restore..	2008-10-15 15:38:22 +00:00