Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							08697e60a9 
							
						 
					 
					
						
						
							
							added some Microsoft Access payloads  
						
						
						
					 
					
						2011-02-21 20:04:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3e8c204121 
							
						 
					 
					
						
						
							
							Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba  
						
						
						
					 
					
						2011-02-21 16:00:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68a95fd1b1 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-20 22:45:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aac817935a 
							
						 
					 
					
						
						
							
							further improvement of MaxDB support  
						
						
						
					 
					
						2011-02-20 22:41:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3ba8b6928 
							
						 
					 
					
						
						
							
							--dump now works on MaxDB too  
						
						
						
					 
					
						2011-02-20 22:07:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							59e666d16e 
							
						 
					 
					
						
						
							
							--is-dba (related) update for Sybase  
						
						
						
					 
					
						2011-02-20 17:28:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							67ec691eb1 
							
						 
					 
					
						
						
							
							more updates regarding Sybase  
						
						
						
					 
					
						2011-02-20 16:28:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							823e4351b5 
							
						 
					 
					
						
						
							
							minor change  
						
						
						
					 
					
						2011-02-20 12:34:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f30dea74f3 
							
						 
					 
					
						
						
							
							more Sybase updates  
						
						
						
					 
					
						2011-02-19 18:36:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b71bb321dd 
							
						 
					 
					
						
						
							
							some more Sybase updates  
						
						
						
					 
					
						2011-02-19 18:04:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e0efe453ab 
							
						 
					 
					
						
						
							
							minor update regarding Sybase support  
						
						
						
					 
					
						2011-02-19 14:07:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f4ffc9287 
							
						 
					 
					
						
						
							
							update regarding Sybase dumping  
						
						
						
					 
					
						2011-02-19 00:36:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5fb11fd173 
							
						 
					 
					
						
						
							
							update regarding multiple DBMS payloads  
						
						
						
					 
					
						2011-02-13 21:20:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							394ccb5cc5 
							
						 
					 
					
						
						
							
							Added query for MSSQL/--privileges  
						
						
						
					 
					
						2011-02-10 15:52:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5050a76b59 
							
						 
					 
					
						
						
							
							update regarding reading of table names from access system tables  
						
						
						
					 
					
						2011-02-09 10:33:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1a5a66870e 
							
						 
					 
					
						
						
							
							problem fixed  
						
						
						
					 
					
						2011-02-07 11:57:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7dcfcca87f 
							
						 
					 
					
						
						
							
							Tests' titles adjustments  
						
						
						
					 
					
						2011-02-06 23:17:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5ecb75cc56 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-06 15:14:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f754953c4f 
							
						 
					 
					
						
						
							
							reverting this one. spotted a major bug. dbms is not properly enforced at this moment, don't know why. if it was this would be properly encoded.  
						
						
						
					 
					
						2011-02-06 12:33:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							97f9c9d119 
							
						 
					 
					
						
						
							
							bug fix (playing with wavsep i've realized that we are sending in this payload quoted 'string' (causing problems), while MD5 also accepts integer values  
						
						
						
					 
					
						2011-02-06 12:24:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							27601babb4 
							
						 
					 
					
						
						
							
							Minor adjustments to levels of boundaries  
						
						
						
					 
					
						2011-02-04 11:57:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							76ab14f20f 
							
						 
					 
					
						
						
							
							revert of r3203  
						
						
						
					 
					
						2011-02-04 09:30:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							78d696fd4f 
							
						 
					 
					
						
						
							
							i believe that this one should be the first level 1 boundary  
						
						
						
					 
					
						2011-02-03 21:27:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							64f18724ad 
							
						 
					 
					
						
						
							
							new default UNION test(s) ranges  
						
						
						
					 
					
						2011-02-03 16:26:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4bb7ffcb3a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-03 13:18:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8397c526d8 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2011-01-31 21:20:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9eac97fe8 
							
						 
					 
					
						
						
							
							refactoring of MSSQL XML banner parsing  
						
						
						
					 
					
						2011-01-31 11:38:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							14de5809ea 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2011-01-31 11:08:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5aa958a146 
							
						 
					 
					
						
						
							
							ASCII & CHR is quite common, so removing this one  
						
						
						
					 
					
						2011-01-24 22:51:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a1619f84b6 
							
						 
					 
					
						
						
							
							changing level of last payload  
						
						
						
					 
					
						2011-01-24 22:31:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8155f95b82 
							
						 
					 
					
						
						
							
							new payload - PostgreSQL boolean-based blind - Parameter replace (based on CHR(0) - "SQL error: ERROR: null character not permitted")  
						
						
						
					 
					
						2011-01-24 22:28:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9f76468005 
							
						 
					 
					
						
						
							
							another premiere, yeeej. IDSes, watch yourself :)  
						
						
						
					 
					
						2011-01-24 21:30:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2fb0c946d2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 21:21:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							15645f50d4 
							
						 
					 
					
						
						
							
							world premiere :)  
						
						
						
					 
					
						2011-01-24 21:21:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440264341c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 17:43:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0eea5665b2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 17:41:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b0dc6c24eb 
							
						 
					 
					
						
						
							
							Moved  
						
						
						
					 
					
						2011-01-24 17:04:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c188996627 
							
						 
					 
					
						
						
							
							patch for possible query optimization (avoid precalculation of 1/0)  
						
						
						
					 
					
						2011-01-24 16:21:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							47fa600c04 
							
						 
					 
					
						
						
							
							Minor fix and cosmetics  
						
						
						
					 
					
						2011-01-24 11:12:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							db76bcb327 
							
						 
					 
					
						
						
							
							fix for cases when mixing ingres dbms with spanish word "ingresa"  
						
						
						
					 
					
						2011-01-23 11:19:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7bf05bf2cb 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-22 00:12:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d6d8d54eda 
							
						 
					 
					
						
						
							
							implemented Johannes Dahse / Reiners' technique  
						
						
						
					 
					
						2011-01-22 00:06:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0743202879 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-21 23:54:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cb0e7080c5 
							
						 
					 
					
						
						
							
							more appropriate name (on  http://websec.wordpress.com/  they use term "conditional" for something very similar, although not stacked)  
						
						
						
					 
					
						2011-01-21 23:47:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c4c79477d 
							
						 
					 
					
						
						
							
							world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql)  
						
						
						
					 
					
						2011-01-21 18:32:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							79e4b1efd5 
							
						 
					 
					
						
						
							
							added new signature for SQLite error messages  
						
						
						
					 
					
						2011-01-20 22:47:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6c490bfc8f 
							
						 
					 
					
						
						
							
							Avoid a traceback elsewhere  
						
						
						
					 
					
						2011-01-20 21:43:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7ce49bcf0d 
							
						 
					 
					
						
						
							
							Sorted boundaries so that the ones with parenthesis are tested first - it has to be like this!  
						
						... 
						
						
						
						Adjusted comments accordingly to new UNION-specific tags. 
						
					 
					
						2011-01-20 21:42:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f6d79f58bc 
							
						 
					 
					
						
						
							
							another fix (LIMIT is not a good idea to have in inband queries)  
						
						
						
					 
					
						2011-01-20 21:13:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff1a44c335 
							
						 
					 
					
						
						
							
							probably a fix for that SQLite bug reported by Ahmed Shawky  
						
						
						
					 
					
						2011-01-20 20:30:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a1d77737f5 
							
						 
					 
					
						
						
							
							minor grammar update (this should be a better form)  
						
						
						
					 
					
						2011-01-20 18:35:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							81be23976e 
							
						 
					 
					
						
						
							
							Confirmed HAVING payloads work as WHERE ones.  
						
						... 
						
						
						
						Changed <risk> value of all 'heavy query' tests to 2 as it can potentially lead to a DoS.
Proper handling of title for UNION tests when --union-char is provided. 
						
					 
					
						2011-01-18 22:55:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7d9b22510 
							
						 
					 
					
						
						
							
							because other major DBMSes have at least one level 1 time based payload  
						
						
						
					 
					
						2011-01-18 20:32:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bdcb10cdab 
							
						 
					 
					
						
						
							
							added MSSQL time based vector  
						
						
						
					 
					
						2011-01-18 02:05:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c2a358561f 
							
						 
					 
					
						
						
							
							Proper support for --union-cols  
						
						
						
					 
					
						2011-01-17 22:57:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb166e9445 
							
						 
					 
					
						
						
							
							adding USER_LOCK stacked query support for ORACLE (older versions)  
						
						
						
					 
					
						2011-01-16 10:31:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f31c028232 
							
						 
					 
					
						
						
							
							Oracle stacked vector based on DBMS_LOCK.SLEEP ( https://foro.undersecurity.net/read.php?46,1436 )  
						
						
						
					 
					
						2011-01-16 10:07:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1b3717c79c 
							
						 
					 
					
						
						
							
							Improvement to make time-based blind to work also against login forms  
						
						
						
					 
					
						2011-01-12 16:20:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d7a7993e0d 
							
						 
					 
					
						
						
							
							Minor comment fix  
						
						
						
					 
					
						2011-01-12 11:57:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2f5995a7eb 
							
						 
					 
					
						
						
							
							Added generic and mysql UNION tests from 1 to 25 columns.  
						
						... 
						
						
						
						Adapted config file and command line removing now outdated --union-test switch.
Minor bug fix.
Minor code refactoring.
Got rid of some debug messages, standardized logging of UNION tests. 
						
					 
					
						2011-01-11 22:56:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							300128042c 
							
						 
					 
					
						
						
							
							First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though.  
						
						... 
						
						
						
						Major refactoring to Agent.payload() method.
Minor bug fixes, some code refactoring and a lot of core adjustments here and there.
Added more checks for injection in GROUP BY and ORDER BY. 
						
					 
					
						2011-01-11 22:18:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c86ec374e 
							
						 
					 
					
						
						
							
							Code refactoring and cosmetics  
						
						
						
					 
					
						2011-01-07 15:41:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2efe7928c0 
							
						 
					 
					
						
						
							
							more concise than previously  
						
						
						
					 
					
						2011-01-02 17:06:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a56934e68b 
							
						 
					 
					
						
						
							
							one more MSSQL/ASPX error banner regex  
						
						
						
					 
					
						2011-01-02 15:36:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e6f0c4d857 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-02 15:32:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1d0dde769 
							
						 
					 
					
						
						
							
							added support for .NET banners ( http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx )  
						
						
						
					 
					
						2011-01-02 14:46:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93cb75ff65 
							
						 
					 
					
						
						
							
							added Nginx  
						
						
						
					 
					
						2011-01-02 08:50:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ded9798e3d 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-01-01 23:07:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c3065f6ecc 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-29 20:38:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							96c3ffd3d7 
							
						 
					 
					
						
						
							
							changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload  
						
						
						
					 
					
						2010-12-27 19:02:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2c8115eed9 
							
						 
					 
					
						
						
							
							further improvement for ms access table dumping  
						
						
						
					 
					
						2010-12-26 01:04:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb099615e2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-25 11:16:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							272476773f 
							
						 
					 
					
						
						
							
							getPageTextWordsSet on tableExists is pretty powerful stuff  
						
						
						
					 
					
						2010-12-25 09:37:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							706d8e0b88 
							
						 
					 
					
						
						
							
							development update (basic ms access dumping implemented)  
						
						
						
					 
					
						2010-12-24 19:53:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							edcf1a0872 
							
						 
					 
					
						
						
							
							few bug fixes  
						
						
						
					 
					
						2010-12-24 18:40:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3043ed095a 
							
						 
					 
					
						
						
							
							bug fix (those two regexes where too generic making false MS ACCESS positives here and there)  
						
						
						
					 
					
						2010-12-24 00:11:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a0aef0f33 
							
						 
					 
					
						
						
							
							fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server  
						
						
						
					 
					
						2010-12-23 09:53:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fc60215ed 
							
						 
					 
					
						
						
							
							lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.  
						
						
						
					 
					
						2010-12-22 19:12:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c9ab8ae60e 
							
						 
					 
					
						
						
							
							Bug fix to properly identify if current user is DBA (--is-dba) on MySQL  
						
						
						
					 
					
						2010-12-22 14:06:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e791f8f2b7 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2010-12-20 10:33:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bfdc4fa000 
							
						 
					 
					
						
						
							
							new error vector for MS SQL (from David Guimaraes' mail)  
						
						
						
					 
					
						2010-12-17 19:00:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3ee44584d4 
							
						 
					 
					
						
						
							
							i've found a way! thank you hesus! fyea (ASC(MID) was just crashing when MID returned 'empty string')  
						
						
						
					 
					
						2010-12-14 12:57:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							207f63cebc 
							
						 
					 
					
						
						
							
							Prepare for UNION query tests at detection phase  
						
						
						
					 
					
						2010-12-13 21:31:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							33639578ee 
							
						 
					 
					
						
						
							
							minor update for MS Access  
						
						
						
					 
					
						2010-12-12 15:25:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b1babeefe5 
							
						 
					 
					
						
						
							
							update regarding dumping of tables with blind on Sqlite  
						
						
						
					 
					
						2010-12-11 22:00:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							acc7d6d40c 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-12-11 11:03:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac9080c07b 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-11 08:24:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe2039f5ba 
							
						 
					 
					
						
						
							
							coollyy little commits  
						
						
						
					 
					
						2010-12-10 11:32:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7e2984b4b6 
							
						 
					 
					
						
						
							
							added stacked query support for Oracle  
						
						
						
					 
					
						2010-12-09 15:24:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4bb40c0a06 
							
						 
					 
					
						
						
							
							Higher the level for Oracle stacked tests just in case the SQL inj is within a PL/SQL function ('cause of no support for stacked queries by design on Oracle)  
						
						
						
					 
					
						2010-12-09 15:14:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d8edc5b244 
							
						 
					 
					
						
						
							
							adding stacked-query vector for Firebird  
						
						
						
					 
					
						2010-12-09 15:11:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							13b522efc2 
							
						 
					 
					
						
						
							
							Added error-based support for MySQL < 5.0 -  closes   #14  
						
						
						
					 
					
						2010-12-09 15:09:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5aafd19957 
							
						 
					 
					
						
						
							
							added vector for SQLite's stacked query payload  
						
						
						
					 
					
						2010-12-09 15:06:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71761ba9a5 
							
						 
					 
					
						
						
							
							another fix for another beautiful heavy query payload which took a few 100 megs and 5 mins to run  
						
						
						
					 
					
						2010-12-09 10:35:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							094baadc5b 
							
						 
					 
					
						
						
							
							bug fix (in SELECT based heavy queries COUNT(*) should be used; otherwise multiple row error happens without proper delay)  
						
						
						
					 
					
						2010-12-09 10:17:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b293c4ea7 
							
						 
					 
					
						
						
							
							Added possible stacked queries time-based blind vector for MSSQL  
						
						
						
					 
					
						2010-12-08 23:55:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f5ce739bdf 
							
						 
					 
					
						
						
							
							Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.  
						
						
						
					 
					
						2010-12-08 23:52:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							69c4f94980 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-08 15:40:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ad00fe13c1 
							
						 
					 
					
						
						
							
							another fix for MySQL time based payloads  
						
						
						
					 
					
						2010-12-08 12:00:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8227e6d3cf 
							
						 
					 
					
						
						
							
							bug fix for BENCHMARK time-based vectors  
						
						
						
					 
					
						2010-12-08 11:49:55 +00:00