Commit Graph

461 Commits

Author SHA1 Message Date
Miroslav Stampar
ccbd93cc2e fix for redirect/HOST header bug 2011-11-11 11:28:27 +00:00
Miroslav Stampar
81ca6f00f0 removed by request 2011-11-09 12:49:28 +00:00
Miroslav Stampar
2ad43411ba update 2011-11-06 08:58:20 +00:00
Miroslav Stampar
5f08b90b6c commiting new tampering scripts contributed by Roberto Salgado 2011-11-03 16:04:34 +00:00
Miroslav Stampar
2e5222bfd8 adding INSERT/UPDATE generic boundaries 2011-10-28 11:00:09 +00:00
Miroslav Stampar
7ce3af68fc fixing support for parsing BURP logs 2011-10-27 17:31:34 +00:00
Miroslav Stampar
6b7920d89a minor patch for --tor 2011-10-27 10:52:06 +00:00
Miroslav Stampar
0cbcbf159c minor fix 2011-10-19 21:35:01 +00:00
Miroslav Stampar
323aa7bf2f minor update 2011-10-09 21:21:41 +00:00
Miroslav Stampar
ba5eff1de6 minor bug fix 2011-09-23 18:29:45 +00:00
Miroslav Stampar
0c9944daa8 update for THANKS file 2011-09-20 22:18:20 +00:00
Bernardo Damele
f890b29f81 Proper reference to Metasploit Framework as now it's version 4, not 3 anymore 2011-09-12 17:26:22 +00:00
Miroslav Stampar
ac00014c4a implemented --randomize switch by request 2011-08-29 12:50:52 +00:00
Miroslav Stampar
606debe55c better language 2011-08-23 21:42:34 +00:00
Miroslav Stampar
699cb89711 minor corrections to the definition and minor typos 2011-08-23 16:56:13 +00:00
Miroslav Stampar
dafc4d93bd typo 2011-08-22 15:05:54 +00:00
Miroslav Stampar
8a174248dc fix for a bug reported by blueBoy 2011-08-20 20:08:11 +00:00
Miroslav Stampar
7cc5743c5d minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) 2011-08-16 06:50:20 +00:00
Miroslav Stampar
600ef3eace minor patch 2011-08-16 06:22:04 +00:00
Bernardo Damele
e34787db99 update 2011-08-12 16:06:41 +00:00
Bernardo Damele
6d22d09a61 doc updated 2011-08-12 15:03:39 +00:00
Bernardo Damele
997c9ba1e8 Minor adjustments to user's manual 2011-08-12 12:56:55 +00:00
Miroslav Stampar
41ae9bc7ff minor bug fix 2011-08-09 14:20:25 +00:00
Miroslav Stampar
a3a649ed03 minor update 2011-08-03 09:11:50 +00:00
Miroslav Stampar
9423d15fb3 ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix 2011-08-03 09:08:16 +00:00
Bernardo Damele
c15439ab7f Minor improvement to --passwords output 2011-08-02 09:04:34 +00:00
Miroslav Stampar
0643ced651 minor update 2011-08-02 08:12:43 +00:00
Miroslav Stampar
b9438c3e14 doc/THANKS update 2011-08-01 10:18:00 +00:00
Miroslav Stampar
93ae1dfa2b minor bug fix 2011-07-31 08:52:48 +00:00
Miroslav Stampar
1f06d7d7de update of THANKS file 2011-07-30 21:51:37 +00:00
Miroslav Stampar
107089c00b bug fix 2011-07-27 08:25:51 +00:00
Bernardo Damele
4550fa9e40 update 2011-07-24 22:43:22 +00:00
Miroslav Stampar
ff8fc90ac7 bug fix 2011-07-13 06:44:15 +00:00
Miroslav Stampar
a46b5230f5 minor "patch" 2011-07-11 20:33:16 +00:00
Bernardo Damele
86d28947aa updated 2011-07-11 10:07:36 +00:00
Miroslav Stampar
f5e45bf113 quick fix for a bug reported by jovon.itwaru@gmail.com 2011-07-11 08:54:39 +00:00
Miroslav Stampar
98958f8808 minor minor update 2011-07-10 15:41:45 +00:00
Miroslav Stampar
b3acaf85d8 minor update 2011-07-10 08:58:55 +00:00
Bernardo Damele
3985a81cb9 Update email addresses 2011-07-08 13:39:47 +00:00
Bernardo Damele
b5dd4d4a63 Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection 2011-07-08 10:19:01 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Bernardo Damele
736327c893 Added two tamper scripts contributed by Roberto Salgado 2011-07-07 18:45:07 +00:00
Bernardo Damele
23b4efdcaf Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too. 2011-07-06 21:04:45 +00:00
Bernardo Damele
36c96ef796 Added DB2 support - patch provided by Sebastian Bittig 2011-06-25 09:44:24 +00:00
Miroslav Stampar
f434c3b29e update of THANKS file 2011-06-24 19:06:08 +00:00
Bernardo Damele
1cb12ea659 replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license) 2011-06-22 13:31:07 +00:00
Miroslav Stampar
019f4d344a update of THANKS file 2011-06-21 21:03:50 +00:00
Miroslav Stampar
d9015ed800 fix for a bug reported by krasn@deventum.com 2011-06-20 13:25:19 +00:00
Bernardo Damele
d7da71ce8e politeness 2011-06-20 09:10:04 +00:00
Bernardo Damele
4b94ef2b7c A little bit more polite 2011-06-18 13:03:55 +00:00
Miroslav Stampar
ca8a60dd7a update of doc/THANKS 2011-06-15 19:04:43 +00:00
Miroslav Stampar
60ecf95383 fix for a bug reported by seyi.akin@gmail.com 2011-06-14 08:40:25 +00:00
Miroslav Stampar
03d6031fe7 update of doc/THANKS file 2011-06-09 09:09:52 +00:00
Bernardo Damele
6d2c97d06f updated thanks file 2011-06-08 10:44:55 +00:00
Miroslav Stampar
75c12c5edb fix for a bug reported by cclements@flatearth.​net (TypeError: argument of type 'NoneType' is not iterable) 2011-06-07 21:46:49 +00:00
Miroslav Stampar
e7e23d1b79 fix for a Ctrl+C bug reported by nightman@email.de 2011-06-07 17:16:01 +00:00
Miroslav Stampar
24ed99e5a3 fix for a bug reported by aboynes@gmail.com 2011-06-06 08:50:48 +00:00
Miroslav Stampar
46ceb14f37 update of doc/THANKS 2011-05-26 13:49:42 +00:00
Miroslav Stampar
9077eadf23 update of doc/THANKS 2011-05-26 08:22:52 +00:00
Miroslav Stampar
0072c3af8e fix for a bug reported by aboynes@gmail.com (for elt in self.a) 2011-05-24 15:03:21 +00:00
Miroslav Stampar
2b12b18357 incorporating metasploit patch from oliver.kuckertz@mologie.de 2011-05-23 15:27:10 +00:00
Miroslav Stampar
d2221e4604 fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...) 2011-05-16 00:23:50 +00:00
Bernardo Damele
49b925772b Minor update 2011-05-10 10:56:06 +00:00
Bernardo Damele
6e784e766b Minor bug fix 2011-05-07 21:20:47 +00:00
Miroslav Stampar
d2a71d647b minor update 2011-05-06 13:38:58 +00:00
Miroslav Stampar
9652efa995 minor update 2011-05-06 13:34:03 +00:00
Miroslav Stampar
079ddf84b2 updating FAQ 2011-05-06 11:19:49 +00:00
Bernardo Damele
2976ed7e90 Updated user's manual, added details about URI injection 2011-05-03 14:47:01 +00:00
Bernardo Damele
b2f6ce9716 updated documentation 2011-05-03 10:57:55 +00:00
Miroslav Stampar
845618934d update of doc/THANKS 2011-05-02 18:20:37 +00:00
Miroslav Stampar
900ee0ff93 fix for a major bug reported by k1971@live.co.uk (1..9 99..) 2011-05-01 15:47:00 +00:00
Bernardo Damele
ebe631ea57 doc update 2011-05-01 00:43:42 +00:00
Miroslav Stampar
41fc9f9d54 fix for an issue reported by andrew.gecse@upcmail.hu (unknown web page charset 'hungarian-iso-8859-2') 2011-04-30 22:41:54 +00:00
Bernardo Damele
2f2758b033 Long form contributor name 2011-04-30 14:51:06 +00:00
Bernardo Damele
d3ed3268c3 minor adjustments 2011-04-28 21:17:06 +00:00
Bernardo Damele
8e63e1b70d more people to thanks 2011-04-28 21:15:15 +00:00
Bernardo Damele
3e66dae103 as we don't use UPX anymore.. 2011-04-28 20:54:21 +00:00
Bernardo Damele
6d07dddf60 updated doc and minor layout adjustments 2011-04-21 21:53:35 +00:00
Miroslav Stampar
c6a0209649 update of THANKS file 2011-04-18 14:01:45 +00:00
Miroslav Stampar
ad53e3f551 update of doc/THANKS 2011-04-17 07:39:49 +00:00
Bernardo Damele
d462937a2e added a contributor 2011-04-14 12:42:09 +00:00
Miroslav Stampar
f435f37d71 update of THANKS file 2011-04-12 15:54:00 +00:00
Bernardo Damele
30377621b8 slight update 2011-04-11 00:33:42 +00:00
Bernardo Damele
2f8ddd156c done with the manual 2011-04-11 00:23:47 +00:00
Bernardo Damele
9840a0491d more doc updates 2011-04-10 20:31:29 +00:00
Bernardo Damele
fe16360acb more doc updates 2011-04-10 13:28:14 +00:00
Bernardo Damele
64fcc88be5 typo 2011-04-08 10:26:03 +00:00
Bernardo Damele
1be7f859c6 Minor updates 2011-04-08 10:25:37 +00:00
Miroslav Stampar
bcc4c52cf7 minor update 2011-04-08 10:21:45 +00:00
Bernardo Damele
159789ba81 More user's manual updates 2011-04-08 10:20:42 +00:00
Bernardo Damele
d305183447 More updates to user's manual 2011-04-08 09:50:34 +00:00
Bernardo Damele
bac53eeef1 Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s) 2011-04-07 22:08:10 +00:00
Miroslav Stampar
b288e5ef57 implemented DNS caching mechanism 2011-04-07 21:39:18 +00:00
Bernardo Damele
1880f18367 Minor layout adjustments 2011-04-07 10:07:52 +00:00
Bernardo Damele
17844eb87c Refactoring to --technique 2011-04-07 10:00:47 +00:00
Bernardo Damele
287f74dbd2 update 2011-04-06 14:59:51 +00:00
Bernardo Damele
72555f3b28 user's manual updated.. we are getting close to 0.9 stable, stay tuned! 2011-04-06 08:21:13 +00:00
Bernardo Damele
a1bde071d8 Minor adjustments 2011-04-04 09:26:20 +00:00
Miroslav Stampar
e27afef6be minor update regarding --current-db on Oracle 2011-04-01 15:56:11 +00:00
Bernardo Damele
60afd80460 Change of release date to unknown 2011-03-31 13:06:30 +00:00
Bernardo Damele
19a6f86954 Minor update 2011-03-27 16:37:57 +00:00
Miroslav Stampar
08d052d9b8 minor update of THANKS file 2011-03-27 13:45:19 +00:00
Miroslav Stampar
d2eb4c6a39 update of THANKS file 2011-03-26 21:48:36 +00:00
Miroslav Stampar
0bb08d09d2 fix for a bug reported by Kirill (value is None in attack table phase) and minor fix for loading request file 2011-03-24 08:43:40 +00:00
Miroslav Stampar
bd75fd26e9 implementing a --page-rank switch as requested by l0rda@l0rda.biz 2011-03-23 11:57:57 +00:00
Miroslav Stampar
cbfb10cbd1 fix of a minor bug reported by syssecurity7@googlemail.com (missing iso-8858...) 2011-03-21 16:43:46 +00:00
Miroslav Stampar
7b1021d100 minor update of THANKS file 2011-03-21 13:18:00 +00:00
Miroslav Stampar
f8a2cf0497 minor THANKS update 2011-03-21 09:53:34 +00:00
Bernardo Damele
f7c1b7dc5f Updated 2011-03-21 00:39:54 +00:00
Miroslav Stampar
36233fac42 update regarding a feature request from andyroyalbattle@yahoo.it 2011-03-18 16:35:30 +00:00
Bernardo Damele
3edb30968b Pff.. just layout 2011-03-17 12:37:50 +00:00
Miroslav Stampar
1879a49506 fix for a bug reported by andreoaz@gmail.com 2011-03-10 20:40:12 +00:00
Miroslav Stampar
8e7c3b4666 update of THANKS file 2011-03-07 21:29:06 +00:00
Bernardo Damele
da6a87af43 update 2011-02-28 16:59:39 +00:00
Bernardo Damele
50ba0fa955 More adjustments 2011-02-28 16:14:09 +00:00
Bernardo Damele
021fce5601 Should be done with the ChangeLog - ready for 0.9.
Minor adjustments to user's manual too.
2011-02-28 15:23:05 +00:00
Bernardo Damele
b47d3e1da3 Huge update to user's manual. A lot to be done yet. 2011-02-27 12:19:32 +00:00
Bernardo Damele
6e1a08a805 Documentation update 2011-02-19 21:08:18 +00:00
Bernardo Damele
808b03fc3e Minor reordering 2011-02-14 02:08:11 +00:00
Bernardo Damele
f0f5d3d3e8 Began with the update of the user's manual for 0.9 2011-02-07 00:55:10 +00:00
Bernardo Damele
1bc2ee2fbf Updated 2011-02-06 15:44:27 +00:00
Miroslav Stampar
412a97b7fe fix for a bug reported by ahmed@isecur1ty.org (TypeError: unsupported operand type(s) for -: 'float' and 'NoneType') 2011-02-05 14:17:28 +00:00
Miroslav Stampar
1e8eb27156 update of doc/THANKS 2011-02-04 14:07:54 +00:00
Miroslav Stampar
af99105c27 lol. sybase and maxdb were just ignored while fingerprinted because they weren't in dbmsDict screwing half of dbms related functions (most notably aliasToDbmsEnum) 2011-02-01 22:45:38 +00:00
Bernardo Damele
9fc0bedea8 Minor bug fixes 2011-01-30 21:01:57 +00:00
Miroslav Stampar
81722b6881 major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values) 2011-01-27 18:36:28 +00:00
Miroslav Stampar
3bb4ea2c7a THANKS update 2011-01-25 22:29:36 +00:00
Miroslav Stampar
cab86871fe fix for a bug reported by mhackmail@gmail.com (local variable 'code' referenced before assignment) 2011-01-25 11:02:41 +00:00
Bernardo Damele
ceca64193b Updated 2011-01-24 14:46:41 +00:00
Bernardo Damele
c1f6bf2eda Updated 2011-01-18 23:14:35 +00:00
Miroslav Stampar
bdcb10cdab added MSSQL time based vector 2011-01-18 02:05:18 +00:00
Miroslav Stampar
a835f233ac fix for a bug reported by buawig@gmail.com (AttributeError: 'module' object has no attribute 'set_completer') 2011-01-17 00:17:31 +00:00
Bernardo Damele
f209b7a65e Updated 2011-01-14 09:56:55 +00:00
Miroslav Stampar
a8d660db54 fixes for bugs reported by pragmatk@gmail.com 2011-01-06 16:59:58 +00:00
Miroslav Stampar
1297df66da fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) 2011-01-06 08:04:59 +00:00
Miroslav Stampar
aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) 2011-01-04 15:49:20 +00:00
Miroslav Stampar
08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) 2011-01-03 22:02:58 +00:00
Miroslav Stampar
8067365b93 fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident') 2010-12-20 23:47:53 +00:00
Miroslav Stampar
e3fa3b0e8e fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint') 2010-12-17 07:48:32 +00:00
Miroslav Stampar
5aee1fd8e0 updated THANKS file 2010-12-08 21:19:46 +00:00
Bernardo Damele
ad17e9ed2a Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any) 2010-11-19 14:56:20 +00:00
Bernardo Damele
17486e472a Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! 2010-11-17 22:00:09 +00:00
Bernardo Damele
360aff7a4d sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle 2010-11-17 17:20:32 +00:00
Bernardo Damele
a9152c6723 Updated doc 2010-11-14 22:36:54 +00:00
Bernardo Damele
5e41cd07a3 Updated doc 2010-11-13 23:31:18 +00:00
Bernardo Damele
306e96331d Updated doc 2010-11-12 10:00:49 +00:00
Bernardo Damele
0c8918bf07 Minor bug fix, thanks Alex 2010-11-08 12:45:23 +00:00
Miroslav Stampar
14e9425673 update of doc/THANKS 2010-11-05 16:09:30 +00:00
Miroslav Stampar
7d12dbff41 update of THANKS 2010-11-05 11:36:43 +00:00
Miroslav Stampar
71d0b1bcd7 several bug fixes 2010-11-03 21:51:36 +00:00