Miroslav Stampar
|
6b826ef64d
|
Reintroducing option --cookie-del
|
2013-07-31 20:41:19 +02:00 |
|
Miroslav Stampar
|
ca44b23d20
|
Implementation for --eval to support cookies
|
2013-07-31 17:29:16 +02:00 |
|
Miroslav Stampar
|
eaacbe0b12
|
Minor language fix
|
2013-07-31 09:24:34 +02:00 |
|
Miroslav Stampar
|
941b2387c0
|
Minor fix
|
2013-07-31 09:22:45 +02:00 |
|
Miroslav Stampar
|
4f58e0af0c
|
Minor fix
|
2013-07-31 08:45:04 +02:00 |
|
Miroslav Stampar
|
a585aa4bff
|
Adding support for ~
|
2013-07-29 20:42:29 +02:00 |
|
Miroslav Stampar
|
de31688c4f
|
Update for an Issue #481
|
2013-07-29 18:25:27 +02:00 |
|
Miroslav Stampar
|
b921ff0729
|
Fix for an Issue #495
|
2013-07-27 11:20:43 +02:00 |
|
stamparm
|
dbb0d7f700
|
Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used)
|
2013-07-19 13:24:35 +02:00 |
|
stamparm
|
28cd50b2f1
|
Patch for an Issue #490
|
2013-07-16 14:08:32 +02:00 |
|
stamparm
|
e6f71c2130
|
Making 10% less requests in futile higher level/risk runs (using static template payloads for where==NEGATIVE)
|
2013-07-15 16:24:49 +02:00 |
|
stamparm
|
c9d3974205
|
Minor fix (templatePayload had duplicate string patterns for where==NEGATIVE)
|
2013-07-15 13:54:02 +02:00 |
|
stamparm
|
ac2d40e259
|
Revert of last commit (there is a chance that that big integer value is really valid :)
|
2013-07-15 13:34:38 +02:00 |
|
stamparm
|
a097ee1505
|
Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant)
|
2013-07-15 13:31:56 +02:00 |
|
Miroslav Stampar
|
f54082111d
|
Better way how to deal with required extensions
|
2013-07-13 19:25:49 +02:00 |
|
Miroslav Stampar
|
3f6d4083a7
|
Minor language update
|
2013-07-13 17:19:16 +02:00 |
|
Miroslav Stampar
|
31efabfca1
|
Appropriate error messaging when one of core libraries are missing due to erroneous Python build
|
2013-07-13 16:07:36 +02:00 |
|
Miroslav Stampar
|
4d9f8ad0dd
|
Commit related to the last one
|
2013-07-13 12:00:03 +02:00 |
|
stamparm
|
dc1623a40f
|
Fix for a bug reported over ML (error: unbalanced parenthesis)
|
2013-07-11 10:20:58 +02:00 |
|
stamparm
|
01159575b2
|
Fix for an Issue #488
|
2013-07-11 10:11:43 +02:00 |
|
stamparm
|
1ae68b9bb3
|
Update for an Issue #405 (fix for usage of old 'complete' data from previous runs)
|
2013-07-10 17:18:09 +02:00 |
|
stamparm
|
f6c7b398fd
|
Update for an Issue #405 (fix for persistent options problem)
|
2013-07-10 16:57:44 +02:00 |
|
stamparm
|
aad102378a
|
Fix for an Issue #487
|
2013-07-09 11:00:43 +02:00 |
|
stamparm
|
be5ce760b6
|
Fix for an Issue #485 (failing back to single-thread mode if over some bisection length)
|
2013-07-09 10:24:48 +02:00 |
|
stamparm
|
d7c0805e7c
|
Removing leftover
|
2013-07-08 12:45:02 +02:00 |
|
stamparm
|
a548eb5c70
|
Minor text update
|
2013-07-08 12:44:14 +02:00 |
|
stamparm
|
d0e79a4d15
|
Minor text update
|
2013-07-08 12:38:36 +02:00 |
|
stamparm
|
a530817727
|
Minor typo fix
|
2013-07-08 11:52:46 +02:00 |
|
stamparm
|
8d3435ab0b
|
Removing reflective warning for parsing heuristic test
|
2013-07-08 11:48:33 +02:00 |
|
stamparm
|
db536427f0
|
Adding a question for storing hashes to a temporary file (after a mention of it on Twitter)
|
2013-07-04 15:34:00 +02:00 |
|
stamparm
|
f97b35dcc1
|
Patch for an Issue #475
|
2013-07-01 13:43:38 +02:00 |
|
stamparm
|
017ce22a2f
|
Minor consistency patch (Issue #475)
|
2013-07-01 13:01:53 +02:00 |
|
stamparm
|
5ff09aff63
|
Some more adjustments (Issue #475)
|
2013-07-01 12:50:12 +02:00 |
|
stamparm
|
04046f38eb
|
Minor update (Issue #475)
|
2013-07-01 12:26:57 +02:00 |
|
stamparm
|
f7d15cb465
|
Official naming is HSQLDB (and/or HyperSQL)
|
2013-07-01 11:57:47 +02:00 |
|
Miroslav Stampar
|
aeb83ba651
|
Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
|
2013-07-01 02:38:04 -07:00 |
|
Miroslav Stampar
|
a1842f44f5
|
Fix for an Issue #477
|
2013-06-29 20:55:48 +02:00 |
|
stamparm
|
fd5b665f7d
|
Removing arithmetic operations from false positive checking to minimize affect of character filtering ('>' and '=' have to stay because those are minimal requirements)
|
2013-06-26 10:55:34 +02:00 |
|
Meatballs
|
4595b2c287
|
decodeHexValue
|
2013-06-24 23:45:39 +01:00 |
|
Meatballs
|
09e1dc814d
|
Fix concat
|
2013-06-24 23:20:34 +01:00 |
|
Meatballs
|
ed40a76c9d
|
Fix dummy table
|
2013-06-24 23:18:47 +01:00 |
|
Meatballs
|
9212b05eeb
|
Add call to execute statements
|
2013-06-24 15:01:44 +01:00 |
|
Meatballs
|
62000c6406
|
Remaining files
|
2013-06-24 14:42:58 +01:00 |
|
Meatballs
|
7b6cc3d183
|
Add hsql settings
|
2013-06-24 14:38:44 +01:00 |
|
Meatballs
|
20a5d9a16e
|
Include HSQL dummy table
|
2013-06-24 14:37:42 +01:00 |
|
Miroslav Stampar
|
0355e29b7c
|
Minor fix (NoneType has no attribute split)
|
2013-06-24 14:49:53 +02:00 |
|
Miroslav Stampar
|
95ed6b7203
|
Minor patch (Issue #470)
|
2013-06-24 14:37:45 +02:00 |
|
Miroslav Stampar
|
fca6772df6
|
Implementation for an Issue #468
|
2013-06-22 00:13:46 +02:00 |
|
Bernardo Damele
|
a72096a345
|
slightly more appropriate definition of output variable
|
2013-06-19 20:25:01 +01:00 |
|
Bernardo Damele
|
cae108d9fc
|
careful at merging pull requests with TABs (#466)
|
2013-06-19 19:49:53 +01:00 |
|
stamparm
|
a53823f9b7
|
Minor refactoring
|
2013-06-19 10:59:26 +02:00 |
|
stamparm
|
690645f6c7
|
Cosmetic fix
|
2013-06-19 10:50:00 +02:00 |
|
stamparm
|
a7787e83b8
|
Minor fix for case-insensitive union duplicates
|
2013-06-18 12:52:36 +02:00 |
|
Miroslav Stampar
|
aff7092736
|
Merge pull request #466 from Meatballs1/xp_cmdshell_output
Unable to retrieve XP_Cmdshell Output
|
2013-06-18 00:47:08 -07:00 |
|
stamparm
|
9a6f5a95f5
|
Minor patch for SQLAlchemy/MSSQL
|
2013-06-18 09:36:09 +02:00 |
|
Meatballs
|
c5087399c1
|
Fix exception if init technique not available
|
2013-06-16 10:47:27 +01:00 |
|
Meatballs
|
2c98507f1e
|
Add better error msg
|
2013-06-16 10:27:08 +01:00 |
|
Meatballs
|
caa326774c
|
Fallback to blind
|
2013-06-16 10:22:20 +01:00 |
|
Miroslav Stampar
|
63d0e9bb12
|
Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881)
|
2013-06-13 21:50:35 +02:00 |
|
Miroslav Stampar
|
f185e5cdd5
|
Fix for an Issue #463
|
2013-06-10 22:26:34 +02:00 |
|
Miroslav Stampar
|
cdb434805a
|
Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases
|
2013-06-10 22:14:45 +02:00 |
|
Miroslav Stampar
|
6f49b96a2d
|
Fix for an Issue #462
|
2013-06-10 12:20:58 +02:00 |
|
Miroslav Stampar
|
3583f45ee7
|
Fix for an Issue #461
|
2013-06-10 11:44:56 +02:00 |
|
Miroslav Stampar
|
39612b5d87
|
Fix for an Issue #457
|
2013-06-04 23:46:39 +02:00 |
|
Miroslav Stampar
|
c1592e8508
|
Code refactoring (moving import ctypes to be used only when needed)
|
2013-06-04 22:23:44 +02:00 |
|
Miroslav Stampar
|
3e0f747fad
|
Minor fix
|
2013-06-04 00:05:25 +02:00 |
|
Miroslav Stampar
|
213d0ecfb9
|
Minor fix
|
2013-06-03 23:32:57 +02:00 |
|
Miroslav Stampar
|
edc9da1226
|
Minor refactoring
|
2013-06-03 15:14:56 +02:00 |
|
Miroslav Stampar
|
351c70b390
|
Locale module screws string.letters, etc. in some cases (e.g. IDLE run)
|
2013-06-01 14:06:58 +02:00 |
|
Miroslav Stampar
|
b7989f93c5
|
Trivial update regarding last commit
|
2013-05-30 12:04:56 +02:00 |
|
Miroslav Stampar
|
ed8f16e754
|
Minor update on user's request
|
2013-05-30 12:01:13 +02:00 |
|
Miroslav Stampar
|
12870e6ff3
|
Minor fix
|
2013-05-30 11:42:27 +02:00 |
|
Miroslav Stampar
|
793a8ad349
|
Minor fix
|
2013-05-30 11:38:24 +02:00 |
|
stamparm
|
f4ca4cd6c5
|
Minor update
|
2013-05-29 15:49:09 +02:00 |
|
stamparm
|
c3038fcb65
|
Minor cosmetic update
|
2013-05-29 15:46:59 +02:00 |
|
stamparm
|
8fbf4b11d2
|
Trivial update regarding last commit
|
2013-05-29 15:45:13 +02:00 |
|
stamparm
|
dfd6ee20bb
|
Patch for an Issue #454
|
2013-05-29 15:26:11 +02:00 |
|
stamparm
|
60df3e9d1e
|
Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access)
|
2013-05-29 15:04:14 +02:00 |
|
stamparm
|
e28b056028
|
Dummy fix
|
2013-05-29 14:26:00 +02:00 |
|
stamparm
|
6b280d8da4
|
Putting 2 decimal places for debug messages with performed queries (e.g. to handle a problem with 0 seconds roundup)
|
2013-05-28 14:40:45 +02:00 |
|
stamparm
|
bc4e1dab19
|
Getting rid of those ugly warning messages
|
2013-05-28 11:24:56 +02:00 |
|
stamparm
|
659c0bb418
|
Minor fix
|
2013-05-27 10:38:47 +02:00 |
|
Miroslav Stampar
|
f3f752d85c
|
Patch for an Issue #452
|
2013-05-25 18:52:59 +02:00 |
|
Miroslav Stampar
|
a85a0e53de
|
Fix for an Issue 'ValueError: Invalid IPv6 URL'
|
2013-05-25 18:00:21 +02:00 |
|
Miroslav Stampar
|
e18796dbe1
|
Minor style update
|
2013-05-25 18:00:20 +02:00 |
|
Miroslav Stampar
|
e7ddc2fcab
|
Minor fix
|
2013-05-23 12:57:33 +04:00 |
|
Miroslav Stampar
|
eb8e12b7c2
|
Minor adjustment (for headers like 'name:http://asdas')
|
2013-05-23 11:29:43 +04:00 |
|
stamparm
|
1b3f1a4016
|
More appropriate naming (also, preventing ambiguities with --smart)
|
2013-05-22 23:21:43 +04:00 |
|
stamparm
|
4b2cf07262
|
Minor style update
|
2013-05-20 16:15:35 +02:00 |
|
Miroslav Stampar
|
1a4ea186ca
|
Consistency fix
|
2013-05-19 23:00:40 +02:00 |
|
Miroslav Stampar
|
d3ad408a21
|
Minor cosmetics
|
2013-05-19 22:17:53 +02:00 |
|
Miroslav Stampar
|
4f49dad2ba
|
Minor cosmetics
|
2013-05-19 01:19:54 +02:00 |
|
Miroslav Stampar
|
6cfcc1af63
|
Minor cosmetic
|
2013-05-19 01:17:22 +02:00 |
|
Miroslav Stampar
|
ea5c742595
|
Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled)
|
2013-05-18 21:30:21 +02:00 |
|
Miroslav Stampar
|
980a0e3adb
|
Trivial update
|
2013-05-18 21:00:53 +02:00 |
|
Miroslav Stampar
|
1ff98c2ff9
|
Another minor text update
|
2013-05-18 21:00:11 +02:00 |
|
Miroslav Stampar
|
967513e1bb
|
Minor message update
|
2013-05-18 20:59:23 +02:00 |
|
Miroslav Stampar
|
caa4ee96cd
|
Minor cosmetic update
|
2013-05-18 18:28:44 +02:00 |
|
Miroslav Stampar
|
6608410320
|
Adding a question after WAF has been identified
|
2013-05-18 18:26:40 +02:00 |
|
Miroslav Stampar
|
b2b3b3b5a6
|
Minor bug fix (level names not properly used in non-logger output)
|
2013-05-18 16:44:21 +02:00 |
|
Miroslav Stampar
|
f24c8c6b6b
|
Changing logging type to warning for parsed error messages
|
2013-05-18 16:17:56 +02:00 |
|
Miroslav Stampar
|
dcea745576
|
Minor update (not displaying safe enclosings in table dumps)
|
2013-05-18 16:13:34 +02:00 |
|
Miroslav Stampar
|
e528ea8208
|
Minor language fix
|
2013-05-18 16:02:34 +02:00 |
|
stamparm
|
03732d2592
|
Minor fix
|
2013-05-17 16:04:05 +02:00 |
|
stamparm
|
b26ecfe087
|
Patch for an Issue #449
|
2013-05-17 15:14:51 +02:00 |
|
stamparm
|
76b4e1ccb9
|
Implementation for an Issue #450
|
2013-05-17 15:04:25 +02:00 |
|
stamparm
|
7ba9e75c97
|
Minor update related to the last commit
|
2013-05-16 15:23:20 +02:00 |
|
stamparm
|
7ea8dd9428
|
MySQL is specific (types are automatically being converted without any warning/error)
|
2013-05-16 15:12:36 +02:00 |
|
stamparm
|
f1f34a65a2
|
Minor update
|
2013-05-15 13:38:26 +02:00 |
|
stamparm
|
41f0e91662
|
Minor update (related to last commit)
|
2013-05-13 14:50:03 +02:00 |
|
stamparm
|
cb9ea67c8d
|
Code refactoring (moving progress.py to lib/utils)
|
2013-05-13 14:48:39 +02:00 |
|
stamparm
|
936815128d
|
Minor fix
|
2013-05-13 13:42:43 +02:00 |
|
Miroslav Stampar
|
034e123b0c
|
Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent)
|
2013-05-12 16:24:13 +02:00 |
|
Miroslav Stampar
|
6676eaf88f
|
Minor fix
|
2013-05-12 14:02:50 +02:00 |
|
Miroslav Stampar
|
f8cef1fc6f
|
Minor fix for a test case 211
|
2013-05-09 21:20:17 +02:00 |
|
stamparm
|
8b64709c17
|
Completing implementation for an Issue #189 (union)
|
2013-05-09 16:36:03 +02:00 |
|
stamparm
|
3873805dab
|
Partial implementation for an Issue #189 (error-based; still partial union left)
|
2013-05-09 16:23:57 +02:00 |
|
stamparm
|
9fe5a8832f
|
Update for an Issue #189 (code refactoring of ProgressBar so it could be ready for usage in non-inference cases out of box)
|
2013-05-09 15:52:18 +02:00 |
|
stamparm
|
fc57b7565d
|
Implementation for an Issue #432
|
2013-05-09 14:26:29 +02:00 |
|
stamparm
|
03be419d5d
|
Fix for an Issue #447
|
2013-05-07 13:25:30 +02:00 |
|
stamparm
|
2bfdac5ebc
|
Minor update for crawler
|
2013-04-30 18:32:46 +02:00 |
|
stamparm
|
887109a12d
|
Minor bug fix (for not displaying heuristic detected page charset None)
|
2013-04-30 18:16:32 +02:00 |
|
stamparm
|
ebe8ee3500
|
Fix for crawler and redirection case
|
2013-04-30 18:08:26 +02:00 |
|
stamparm
|
09e7f4f697
|
Minor bug fix regarding traffic logging of redirected requests
|
2013-04-30 17:46:26 +02:00 |
|
stamparm
|
3c110b3620
|
Minor bug fix
|
2013-04-30 16:40:16 +02:00 |
|
stamparm
|
bdb9219e9b
|
Minor revert
|
2013-04-30 14:41:38 +02:00 |
|
stamparm
|
d2a5548889
|
Some more reordering
|
2013-04-30 14:32:11 +02:00 |
|
stamparm
|
16866119b8
|
Another minor update
|
2013-04-30 14:11:56 +02:00 |
|
stamparm
|
08fbfda5d2
|
Minor update
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
69e3a2cb9e
|
Minor update
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
03c4eb8338
|
Minor update
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
214d9aaf4b
|
Language fix
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
3266c6c1f1
|
Language fix
|
2013-04-30 14:06:04 +02:00 |
|
Bernardo Damele
|
9f1e644f23
|
language fixes
|
2013-04-30 11:44:47 +01:00 |
|
stamparm
|
46557198a5
|
Minor update of doc root names
|
2013-04-29 11:29:59 +02:00 |
|
stamparm
|
1035ee9c3d
|
Patch for an Issue #442
|
2013-04-26 14:49:24 +02:00 |
|
Miroslav Stampar
|
beab72a180
|
Minor language update
|
2013-04-25 19:55:45 +02:00 |
|
stamparm
|
63d7707346
|
Adding support for appending to the existing table dump if --start/--stop is used
|
2013-04-24 16:08:40 +02:00 |
|
stamparm
|
e3a02f56e6
|
Just in case for --force-ssl (if url is returned in e.g. refresh toward the target)
|
2013-04-24 12:35:39 +02:00 |
|
stamparm
|
42a73d8e0b
|
Minor language update
|
2013-04-24 12:10:06 +02:00 |
|
stamparm
|
8d382f00e8
|
Minor style update
|
2013-04-22 11:38:47 +02:00 |
|
Miroslav Stampar
|
a475116853
|
Minor check
|
2013-04-21 21:42:23 +02:00 |
|
stamparm
|
0d92145fc6
|
Minor bug fix
|
2013-04-19 15:40:25 +02:00 |
|
stamparm
|
0cb3ce5765
|
Bug fix (maybe it will have repercusions in future as this was a silent bug)
|
2013-04-19 10:10:06 +02:00 |
|
stamparm
|
b7d4afcc63
|
Moving '--pivot-column' to a General section (Issue #437)
|
2013-04-18 17:12:32 +02:00 |
|
stamparm
|
9d045e14e8
|
Implementation for an Issue #437
|
2013-04-18 17:06:45 +02:00 |
|
stamparm
|
2defc30dc6
|
From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML)
|
2013-04-17 11:12:15 +02:00 |
|
stamparm
|
feed2274c3
|
Patch for an Issue #435
|
2013-04-17 10:48:17 +02:00 |
|
stamparm
|
c73489aff3
|
Adding a couple of new option validation checks
|
2013-04-16 14:31:10 +02:00 |
|
stamparm
|
7204ec5616
|
Adding a basic validation check (-d with --url)
|
2013-04-16 14:23:27 +02:00 |
|
stamparm
|
6fed1921ed
|
Bug fix (there are cases when provided kwargs containing explicit None values while we want to use the alternative in those kind of cases; there was an intention in original code, while the implementation was buggy)
|
2013-04-16 14:17:41 +02:00 |
|
Miroslav Stampar
|
840ee26a14
|
If SQLAlchemy is available and it has problems while connecting then it should be smarter to not force the other (standard) method - if available
|
2013-04-15 18:42:26 +02:00 |
|
stamparm
|
de99717b00
|
Disable sqlalchemy warnings if applicable
|
2013-04-15 16:29:08 +02:00 |
|
stamparm
|
1c2197e8de
|
Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends)
|
2013-04-15 16:18:40 +02:00 |
|
stamparm
|
6ab2e8eca4
|
Trivial style update
|
2013-04-15 16:09:04 +02:00 |
|
stamparm
|
a3d36fcb73
|
Minor update
|
2013-04-15 16:07:27 +02:00 |
|
stamparm
|
140cffbde2
|
Patch for an Issue #434
|
2013-04-15 15:57:28 +02:00 |
|
stamparm
|
9ccbdb3fdf
|
Added a check for an Issue #361
|
2013-04-15 15:36:10 +02:00 |
|
stamparm
|
1c47b33020
|
Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple)
|
2013-04-15 15:23:45 +02:00 |
|
stamparm
|
f936746423
|
Code restyling
|
2013-04-15 14:31:27 +02:00 |
|
stamparm
|
aed738d6e6
|
Update for an Issue #361
|
2013-04-15 14:20:21 +02:00 |
|
stamparm
|
a9a0d1a3f9
|
Minor update
|
2013-04-15 11:56:19 +02:00 |
|
stamparm
|
10fbeaed7b
|
Code refactoring
|
2013-04-15 11:49:11 +02:00 |
|
stamparm
|
349f885f08
|
Minor patch
|
2013-04-15 11:41:53 +02:00 |
|
stamparm
|
8853e43616
|
Applying patch from Brandon Perry via ML
|
2013-04-15 11:01:07 +02:00 |
|
stamparm
|
3e65037a05
|
Introducing lib/utils/sqlalchemy.py (Issue #361)
|
2013-04-15 10:33:25 +02:00 |
|
Miroslav Stampar
|
b6fee638ef
|
Neutralizing time of cookie expiration (in case of --load-cookies)
|
2013-04-14 01:13:08 +02:00 |
|
Miroslav Stampar
|
ed5599f489
|
In case that cookie file is given and cookie header inside request file clashes with one of contained cookies, give cookie file greater priority
|
2013-04-12 19:20:33 +02:00 |
|
stamparm
|
7edd7ee2aa
|
Trivial code change
|
2013-04-12 16:25:24 +02:00 |
|
Miroslav Stampar
|
73917fc9c8
|
Minor update (same, but safer)
|
2013-04-11 21:25:44 +02:00 |
|
Miroslav Stampar
|
0b449bb1d9
|
Fix for an Issue #433
|
2013-04-10 19:33:31 +02:00 |
|
stamparm
|
f67148a9a4
|
Update for an Issue #431
|
2013-04-10 16:43:57 +02:00 |
|
stamparm
|
661b44135d
|
Minor bug fix
|
2013-04-10 11:59:07 +02:00 |
|
stamparm
|
8c9da95343
|
Style and consistency update (url -> URL)
|
2013-04-09 11:48:42 +02:00 |
|
stamparm
|
3948b527dd
|
Update for an Issue #429
|
2013-04-09 11:36:33 +02:00 |
|
stamparm
|
91054099aa
|
Minor style update
|
2013-04-09 10:42:58 +02:00 |
|
stamparm
|
cce541cc33
|
Patch for an Issue #429
|
2013-04-09 10:39:20 +02:00 |
|
stamparm
|
33e9b3c451
|
Minor style update
|
2013-04-09 10:39:20 +02:00 |
|
Miroslav Stampar
|
7614c815ed
|
Minor update/patch
|
2013-04-07 21:32:03 +02:00 |
|
Miroslav Stampar
|
240e9f3f7e
|
Minor patch
|
2013-04-07 11:02:43 +02:00 |
|
Miroslav Stampar
|
50ac3aab7a
|
Minor patch
|
2013-04-06 01:56:24 +02:00 |
|
stamparm
|
a75d3ed0b8
|
Minor style update
|
2013-04-06 01:56:23 +02:00 |
|
Miroslav Stampar
|
df4fd82515
|
Minor update
|
2013-04-03 23:27:27 +02:00 |
|
Miroslav Stampar
|
c75a2d0c40
|
Minor patch
|
2013-04-03 21:31:37 +02:00 |
|
Miroslav Stampar
|
153aa10b77
|
Minor cosmetic update
|
2013-04-03 19:00:54 +02:00 |
|
Miroslav Stampar
|
f387333415
|
Minor cosmetics
|
2013-04-02 17:34:56 +02:00 |
|
Miroslav Stampar
|
4b5335a323
|
Moving --force-ssl from [Request] to [General] options
|
2013-04-02 17:18:21 +02:00 |
|
Miroslav Stampar
|
76a0d20799
|
Minor patch
|
2013-04-01 22:18:41 +02:00 |
|
Miroslav Stampar
|
b67f342975
|
Minor patch
|
2013-04-01 17:32:16 +02:00 |
|
stamparm
|
a371f182ac
|
Minor patch (previous combination is not working well with oriental characters - 0 length normalized unicode string is being returned)
|
2013-03-28 15:37:14 +01:00 |
|
stamparm
|
e1ffdde532
|
Little cleaning a mess with url encoding and post hint types
|
2013-03-27 13:39:27 +01:00 |
|
Miroslav Stampar
|
c19a283434
|
Minor patch
|
2013-03-26 20:06:50 +01:00 |
|
stamparm
|
7accba4cf9
|
Minor update
|
2013-03-26 16:10:41 +01:00 |
|
stamparm
|
0882fe0ce3
|
Minor update related to the last two
|
2013-03-26 16:04:56 +01:00 |
|
stamparm
|
eb1bfc20cb
|
Update related to the last commit
|
2013-03-26 15:36:44 +01:00 |
|
stamparm
|
2fe6aea0eb
|
Minor fix
|
2013-03-26 15:07:14 +01:00 |
|
stamparm
|
825aa4b8dd
|
Minor language update
|
2013-03-26 14:27:51 +01:00 |
|
stamparm
|
5dd2529b02
|
Minor language update
|
2013-03-26 14:18:37 +01:00 |
|
stamparm
|
4d2b77dde3
|
Minor language update
|
2013-03-26 14:15:40 +01:00 |
|
stamparm
|
473a39b820
|
Minor language fix
|
2013-03-26 14:11:17 +01:00 |
|
stamparm
|
3f8dafedae
|
Minor text update
|
2013-03-26 14:08:35 +01:00 |
|
stamparm
|
ad039c335d
|
Implementation for an Issue #423
|
2013-03-21 11:28:44 +01:00 |
|
stamparm
|
3740a97cc9
|
Adding a --version switch like all command line programs have
|
2013-03-20 11:44:09 +01:00 |
|
stamparm
|
7447773237
|
Update for consistency (all other enums are using _ in between words)
|
2013-03-20 11:10:24 +01:00 |
|
stamparm
|
ae6ce7db30
|
Removal of unused imports
|
2013-03-20 10:44:15 +01:00 |
|
Miroslav Stampar
|
8acf033715
|
Code refactoring
|
2013-03-19 19:24:14 +01:00 |
|
Miroslav Stampar
|
a3d9a7b1ff
|
Minor fix
|
2013-03-19 19:06:51 +01:00 |
|
stamparm
|
d1ae62b22b
|
Patch for an Issue #422
|
2013-03-19 12:27:49 +01:00 |
|
stamparm
|
6969874c02
|
Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values)
|
2013-03-19 10:52:37 +01:00 |
|
stamparm
|
10e6c70c22
|
Trivial style update (undoing last dummy commit)
|
2013-03-19 10:43:29 +01:00 |
|
stamparm
|
70265fd3b5
|
Trivial style update
|
2013-03-19 10:43:03 +01:00 |
|
stamparm
|
5adac57ca9
|
Trivial style update
|
2013-03-19 10:42:50 +01:00 |
|
stamparm
|
558ef0aaff
|
Minor fix
|
2013-03-19 10:42:20 +01:00 |
|
stamparm
|
e226006766
|
Trivial fix
|
2013-03-18 13:29:55 +01:00 |
|
stamparm
|
5e02bcbd58
|
Minor adjustment
|
2013-03-18 12:16:16 +01:00 |
|
stamparm
|
7111cdabe3
|
Minor cosmetics
|
2013-03-18 11:41:15 +01:00 |
|
Miroslav Stampar
|
5df1f5528e
|
More general update for an Issue #421
|
2013-03-15 22:49:09 +01:00 |
|
Miroslav Stampar
|
f0a419bdec
|
Patch for an Issue #421
|
2013-03-15 22:08:15 +01:00 |
|
Miroslav Stampar
|
596cf95040
|
Minor fix
|
2013-03-15 17:22:33 +01:00 |
|
Miroslav Stampar
|
ff4e62ff90
|
Minor cosmetics
|
2013-03-15 17:00:01 +01:00 |
|
Miroslav Stampar
|
4010df307e
|
Trivial cosmetics
|
2013-03-15 16:37:52 +01:00 |
|
Miroslav Stampar
|
4cb378ce3e
|
Another update for an Issue #352 and couple of fixes
|
2013-03-13 21:57:09 +01:00 |
|
Miroslav Stampar
|
b35122a42c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-03-13 19:52:17 +01:00 |
|
Miroslav Stampar
|
eb08c8d752
|
Another update for an Issue #352
|
2013-03-13 19:42:22 +01:00 |
|
Bernardo Damele
|
dea62189b2
|
fixes #420
|
2013-03-12 22:16:42 +00:00 |
|
Miroslav Stampar
|
2f43c3eb9b
|
Minor fix (digest live test case) and some refactoring
|
2013-03-12 21:16:44 +01:00 |
|
Miroslav Stampar
|
65306f1ac1
|
Update for an Issue #352
|
2013-03-12 20:10:32 +01:00 |
|
Miroslav Stampar
|
db0a1e58b9
|
Update for an Issue #352
|
2013-03-11 14:58:05 +01:00 |
|
Miroslav Stampar
|
d6fc10092f
|
Minor refactoring
|
2013-03-11 13:31:50 +01:00 |
|
Miroslav Stampar
|
84a5bdb9cf
|
Trivial cosmetics
|
2013-03-09 19:41:24 +01:00 |
|
Miroslav Stampar
|
79d6a0e9c9
|
Using binary data in dummy mode
|
2013-03-09 19:40:24 +01:00 |
|
Miroslav Stampar
|
1e731f87a4
|
Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request)
|
2013-03-09 19:33:04 +01:00 |
|
Miroslav Stampar
|
8e6692d793
|
Minor fix (for JSON values with :)
|
2013-03-05 20:12:24 +01:00 |
|
Miroslav Stampar
|
e9b86350f1
|
Patch for an Issue #403
|
2013-03-05 18:32:31 +01:00 |
|
Miroslav Stampar
|
62980d7d5a
|
Automatically decoding url encoded data in response
|
2013-03-05 17:32:10 +01:00 |
|
Miroslav Stampar
|
9e49d8c68f
|
Adding support for SHA2 hash functions
|
2013-03-05 11:04:46 +01:00 |
|
Miroslav Stampar
|
2ada9e9b84
|
Patch for an Issue Issue #416
|
2013-03-04 18:05:40 +01:00 |
|
Miroslav Stampar
|
084cfc797a
|
Fix for an Issue #415
|
2013-03-02 09:55:12 +01:00 |
|
Martin Bjerregaard Jepsen
|
d7a77c79ad
|
Fixed incorrect call to checkBooleanExpression when testing for false positives
|
2013-03-01 22:51:34 +01:00 |
|
stamparm
|
3a3f9c5ea1
|
Trivial commit related to the last one
|
2013-03-01 12:09:03 +01:00 |
|
stamparm
|
55f33da85a
|
Fix for invalid logical test cases
|
2013-03-01 12:04:49 +01:00 |
|
stamparm
|
440b484bf6
|
Minor update (one more just in case dummy request in false positive check for time-based injections - when DBMS could be unresponsive a bit due to previous heavy-queries)
|
2013-03-01 10:59:04 +01:00 |
|
Miroslav Stampar
|
e42350ddce
|
Minor style update
|
2013-02-28 20:28:34 +01:00 |
|
Miroslav Stampar
|
0e89cc62a2
|
Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections
|
2013-02-28 20:20:08 +01:00 |
|
stamparm
|
9ef79df23d
|
Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched)
|
2013-02-28 13:51:08 +01:00 |
|
stamparm
|
be50192d8d
|
Refactoring WAF scripts
|
2013-02-26 15:54:50 +01:00 |
|
stamparm
|
e5835dc74f
|
Update for WAF scripts
|
2013-02-26 15:30:11 +01:00 |
|
stamparm
|
17fa0f568c
|
Minor patch for an Issue #404
|
2013-02-26 12:55:09 +01:00 |
|
stamparm
|
ecbcd4afe6
|
Minor update
|
2013-02-26 12:55:09 +01:00 |
|
stamparm
|
af4762ace2
|
Minor style update
|
2013-02-26 11:16:09 +01:00 |
|
stamparm
|
f6b43b4b13
|
Minor update for an Issue #290
|
2013-02-26 11:08:06 +01:00 |
|
stamparm
|
e5e39bc682
|
Fix for an Issue #410
|
2013-02-25 11:07:30 +01:00 |
|
stamparm
|
6fbd902265
|
Minor refactoring (Issue #411)
|
2013-02-25 10:44:04 +01:00 |
|
stamparm
|
7127869ede
|
Minor bug fix (live test specific verbosity should be valid only inside of it)
|
2013-02-22 17:26:48 +01:00 |
|
stamparm
|
68ce51bfd4
|
Changing from warn to info for no WAF found
|
2013-02-22 12:15:38 +01:00 |
|
stamparm
|
ad471368f5
|
Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a
|
2013-02-22 11:42:09 +01:00 |
|
stamparm
|
0bbbfc2eac
|
Adding a small warning message (related to the Issue #407)
|
2013-02-22 11:12:41 +01:00 |
|
stamparm
|
42cbd94fa4
|
Better update regarding 6acb2480b8
|
2013-02-22 10:49:45 +01:00 |
|
stamparm
|
44a46d2b10
|
Fix for an Issue #409
|
2013-02-22 10:18:22 +01:00 |
|
Miroslav Stampar
|
6acb2480b8
|
Adding WAF script for SecureIIS
|
2013-02-21 21:34:26 +01:00 |
|
Miroslav Stampar
|
229e4e167b
|
Minor cosmetics
|
2013-02-21 21:06:31 +01:00 |
|
stamparm
|
3a8c0cd3a2
|
Minor style update
|
2013-02-21 14:52:56 +01:00 |
|
stamparm
|
29ba43ee6c
|
Unhidding switch '--identify-waf' (Issue #290)
|
2013-02-21 14:48:19 +01:00 |
|
stamparm
|
08f0670aca
|
Minor refactoring for an Issue #290
|
2013-02-21 14:39:22 +01:00 |
|
stamparm
|
8e49872d7c
|
Finalizing implementation for an Issue #290
|
2013-02-21 14:33:12 +01:00 |
|
stamparm
|
6b2981ef4e
|
Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)
|
2013-02-21 11:14:57 +01:00 |
|
stamparm
|
69063947b6
|
Debug message should go with logging.DEBUG
|
2013-02-19 09:46:51 +01:00 |
|
Bernardo Damele
|
d7247a51ee
|
do not prompt constantly if the page is not found
|
2013-02-18 18:08:20 +00:00 |
|
Miroslav Stampar
|
7f293afe74
|
Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b )
|
2013-02-18 15:18:53 +01:00 |
|
Miroslav Stampar
|
5c099efccc
|
Fix for an Issue #401
|
2013-02-18 11:38:18 +01:00 |
|
Miroslav Stampar
|
9b5f33560b
|
Oracle is too specific (only column names can be enclosed) - removing it
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
bf82506c1b
|
Oracle can't enclose table names with double quotations
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
1b3d749488
|
Proper fix related to the last commit/revert
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
5a793cbc7c
|
Minor revert
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
799bd51c2e
|
Minor fix when two readInput/dataToStdout are called one at a time
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
97c06854a4
|
Minor fixes
|
2013-02-15 17:36:58 +01:00 |
|
Bernardo Damele
|
0e7f771be6
|
minor adjustment
|
2013-02-15 16:28:09 +00:00 |
|
Bernardo Damele
|
35aa785870
|
bug fix to make --predict-output work also with time-based technique
|
2013-02-15 16:25:33 +00:00 |
|
Miroslav Stampar
|
014e4e0055
|
Minor represenation fix
|
2013-02-15 14:48:24 +01:00 |
|
Bernardo Damele
|
63ddeb9008
|
unnecessary variable
|
2013-02-15 13:26:28 +00:00 |
|
Miroslav Stampar
|
345d10a9e0
|
Consistency fix (everywhere else we show unsafe format of identificator names)
|
2013-02-15 14:05:14 +01:00 |
|
Bernardo Damele
|
b472d9809a
|
another consistency fix to readInput()
|
2013-02-15 09:35:09 +00:00 |
|
Bernardo Damele
|
32c8c67888
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-02-15 09:29:41 +00:00 |
|
Bernardo Damele
|
20c5f9a030
|
consistency fix
|
2013-02-15 09:29:36 +00:00 |
|
Miroslav Stampar
|
11bcf28d86
|
Fix for an Issue #399
|
2013-02-15 10:04:13 +01:00 |
|
Bernardo Damele
|
87db5d0dab
|
minor bug fix to avoid duplicates - #297
|
2013-02-15 00:53:05 +00:00 |
|
Bernardo Damele
|
c3f1e196e1
|
added missing parameter
|
2013-02-15 00:43:46 +00:00 |
|
Bernardo Damele
|
4727589135
|
code consistency
|
2013-02-15 00:17:13 +00:00 |
|
Miroslav Stampar
|
515be4ee0b
|
Minor just in case commit related to the last one
|
2013-02-14 19:58:10 +01:00 |
|
Miroslav Stampar
|
fef60b73f4
|
Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases
|
2013-02-14 19:53:26 +01:00 |
|
Bernardo Damele
|
0c79d7b1e2
|
unnecessary import
|
2013-02-14 18:33:47 +00:00 |
|
Bernardo Damele
|
614ff6029d
|
working on #396 - handle the case when we dont have a web backdoor/file stager for the language API, added a few more log messages to give further information about what is going on, minor bug fix to docRoot
|
2013-02-14 18:31:14 +00:00 |
|
Bernardo Damele
|
3b38b20176
|
working on #396 - adaptation for the verification phase
|
2013-02-14 18:29:55 +00:00 |
|
Bernardo Damele
|
261db6ed4f
|
working on #396 - verify shellcodeexec executable has been properly uploaded
|
2013-02-14 18:29:35 +00:00 |
|
Bernardo Damele
|
4d5ecc3b03
|
working on #396 - verify icmpsh executable has been properly uploaded
|
2013-02-14 18:28:48 +00:00 |
|
Bernardo Damele
|
66cee83ca4
|
if needed, allow to reinitialize the environment for takeover - issue #396
|
2013-02-14 17:39:19 +00:00 |
|
Bernardo Damele
|
d91530f885
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-02-14 17:16:55 +00:00 |
|
Bernardo Damele
|
52264f544e
|
minor fix for Windows file paths, do not strip the windows drive letter
|
2013-02-14 17:16:49 +00:00 |
|
Miroslav Stampar
|
fdf00e4842
|
Fix for an Issue #397
|
2013-02-14 17:14:36 +01:00 |
|
Miroslav Stampar
|
368a2fd297
|
Fix for an Issue #393
|
2013-02-14 16:18:16 +01:00 |
|