Miroslav Stampar
|
98958f8808
|
minor minor update
|
2011-07-10 15:41:45 +00:00 |
|
Miroslav Stampar
|
0d6afca7db
|
adding new switch '--smart' by request
|
2011-07-10 15:16:58 +00:00 |
|
Miroslav Stampar
|
1e182e6c72
|
quick fix
|
2011-07-08 22:34:44 +00:00 |
|
Bernardo Damele
|
651349e229
|
More verbose critical message
|
2011-07-08 13:12:53 +00:00 |
|
Bernardo Damele
|
b5dd4d4a63
|
Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection
|
2011-07-08 10:19:01 +00:00 |
|
Miroslav Stampar
|
02bfd05b20
|
more general approach
|
2011-07-08 10:03:14 +00:00 |
|
Miroslav Stampar
|
5443e06430
|
cosmetics (in debug mode [0] is used)
|
2011-07-08 09:43:52 +00:00 |
|
Miroslav Stampar
|
c463c411b9
|
minor update
|
2011-07-08 09:32:58 +00:00 |
|
Miroslav Stampar
|
ba2c06c9dc
|
quick fix
|
2011-07-08 09:01:32 +00:00 |
|
Miroslav Stampar
|
c517e97a44
|
few fixes and minor cosmetics
|
2011-07-08 06:02:31 +00:00 |
|
Bernardo Damele
|
aedcf8c8d7
|
Changed homepage address
|
2011-07-07 20:10:03 +00:00 |
|
Bernardo Damele
|
067354b97f
|
Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access
|
2011-07-07 13:20:40 +00:00 |
|
Bernardo Damele
|
9e1a6beb7a
|
Major bug fix in UNION detection, it was a leftover
|
2011-07-07 00:06:20 +00:00 |
|
Bernardo Damele
|
fcd4e94c04
|
Higher chances to detect UNION query SQL injection against Microsoft Access
|
2011-07-06 23:52:44 +00:00 |
|
Bernardo Damele
|
23b4efdcaf
|
Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too.
|
2011-07-06 21:04:45 +00:00 |
|
Bernardo Damele
|
0d28c1e9e7
|
cosmetics
|
2011-07-06 20:41:13 +00:00 |
|
Bernardo Damele
|
6f6038b534
|
Quick fix (revert..)
|
2011-07-06 11:32:12 +00:00 |
|
Miroslav Stampar
|
93b296e02c
|
few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")
|
2011-07-06 05:44:47 +00:00 |
|
Miroslav Stampar
|
b8ffcf9495
|
few fixes here and there and multi-core processing for dictionary based hash attack
|
2011-07-04 19:58:41 +00:00 |
|
Miroslav Stampar
|
34d9a91af1
|
bulk of fixes
|
2011-07-02 22:48:56 +00:00 |
|
Bernardo Damele
|
861cdb1b14
|
cosmetics
|
2011-07-01 10:04:34 +00:00 |
|
Miroslav Stampar
|
4513ef409e
|
massive (like really massive) dictionary support
|
2011-06-30 23:44:49 +00:00 |
|
Miroslav Stampar
|
43db6b03a7
|
update with a feature request (file with list of wordlist files)
|
2011-06-30 08:42:43 +00:00 |
|
Miroslav Stampar
|
9e453e8709
|
fix for a bug reported by nightman@email.de
|
2011-06-29 17:49:59 +00:00 |
|
Miroslav Stampar
|
be9b8bca78
|
bug fix
|
2011-06-29 17:39:58 +00:00 |
|
Bernardo Damele
|
9eb683531d
|
Minor improvement at blind SQL inj technique for DB2
|
2011-06-27 22:28:12 +00:00 |
|
Miroslav Stampar
|
75524c283d
|
minor update
|
2011-06-27 21:59:31 +00:00 |
|
Miroslav Stampar
|
4be55c811f
|
minor update
|
2011-06-27 21:48:26 +00:00 |
|
Miroslav Stampar
|
831f083223
|
minor update
|
2011-06-27 21:38:12 +00:00 |
|
Miroslav Stampar
|
5b4eaf48d9
|
minor fix (for those blank suffixes out of nowhere at the end of payload - not related to "-- ")
|
2011-06-27 21:34:49 +00:00 |
|
Miroslav Stampar
|
8a8b94883b
|
minor update (that default quit in --batch was bothering me - my original idea and it was bad :)
|
2011-06-27 14:14:49 +00:00 |
|
Miroslav Stampar
|
d72db1bf91
|
minor update (all misc options are alphabetically ordered)
|
2011-06-27 08:21:33 +00:00 |
|
Bernardo Damele
|
36c96ef796
|
Added DB2 support - patch provided by Sebastian Bittig
|
2011-06-25 09:44:24 +00:00 |
|
Miroslav Stampar
|
e00cf81f7e
|
minor update
|
2011-06-24 19:50:13 +00:00 |
|
Miroslav Stampar
|
e9286ddd5b
|
fix for a bug reported by g@brindi.si (UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position
47: ordinal not in range(128))
|
2011-06-24 19:24:11 +00:00 |
|
Miroslav Stampar
|
c4cb367e65
|
looks nicer (though --tor is implicitly converted into --proxy)
|
2011-06-24 19:00:53 +00:00 |
|
Miroslav Stampar
|
aa83fe5c66
|
minor update
|
2011-06-24 18:19:33 +00:00 |
|
Miroslav Stampar
|
21010f702c
|
minor beautification
|
2011-06-24 17:46:54 +00:00 |
|
Miroslav Stampar
|
2de88bd90b
|
minor update
|
2011-06-24 17:19:24 +00:00 |
|
Miroslav Stampar
|
96190cf594
|
minor update
|
2011-06-24 17:15:15 +00:00 |
|
Bernardo Damele
|
406f2cda09
|
Got rid of useless TAB completion in --sql-shell
|
2011-06-24 13:05:13 +00:00 |
|
Bernardo Damele
|
35ce6dedcf
|
Got rid of useless imports
|
2011-06-24 09:59:11 +00:00 |
|
Bernardo Damele
|
a78f5b4eb3
|
Minor adjustment to avoid function and variables with same name
|
2011-06-24 09:29:11 +00:00 |
|
Miroslav Stampar
|
eaa2a4202f
|
changing to: --crawl=CRAWLDEPTH
|
2011-06-24 05:40:03 +00:00 |
|
Miroslav Stampar
|
3717b8423f
|
cleanest fix this moment (conf.dbms will for sure deal problems later in any form)
|
2011-06-22 15:48:44 +00:00 |
|
Miroslav Stampar
|
5190440ea2
|
minor fix
|
2011-06-22 15:36:59 +00:00 |
|
Miroslav Stampar
|
97d8729d71
|
probable fix for a bug reported by m4l1c3 (RuntimeError: maximum recursion depth exceeded)
|
2011-06-22 15:28:49 +00:00 |
|
Miroslav Stampar
|
52ba3c281e
|
minor update
|
2011-06-22 14:59:49 +00:00 |
|
Miroslav Stampar
|
4ca37901da
|
thread safe logging+stdout (no more overlapping of log messages and raw output)
|
2011-06-22 14:53:42 +00:00 |
|
Miroslav Stampar
|
84bc8c3a37
|
update
|
2011-06-22 14:39:31 +00:00 |
|
Miroslav Stampar
|
938db1b513
|
replacing xmlobject logic with our own
|
2011-06-22 14:33:52 +00:00 |
|
Bernardo Damele
|
1cb12ea659
|
replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license)
|
2011-06-22 13:31:07 +00:00 |
|
Miroslav Stampar
|
e76cb19e35
|
minor patch
|
2011-06-22 09:11:12 +00:00 |
|
Miroslav Stampar
|
b16b92fe46
|
minor update
|
2011-06-21 20:59:34 +00:00 |
|
Miroslav Stampar
|
2220afbdf5
|
fix by request
|
2011-06-21 20:50:16 +00:00 |
|
Miroslav Stampar
|
9e232256f4
|
reverting that last commit because there is a mess with default dumping (startLimit is set to 0 which is not so friendly with --start and --stop logic)
|
2011-06-21 18:29:23 +00:00 |
|
Miroslav Stampar
|
3536320fc9
|
--stop is inclusive ("Last query output entry to retrieve")
|
2011-06-21 18:08:33 +00:00 |
|
Miroslav Stampar
|
dfc02d8c3c
|
sorry Bernardo, i hope your mobile is turned off :)))
|
2011-06-20 22:47:24 +00:00 |
|
Miroslav Stampar
|
2a4a284a29
|
crawler fix (skip binary files)
|
2011-06-20 22:41:38 +00:00 |
|
Miroslav Stampar
|
20bb1a685b
|
really minor update
|
2011-06-20 21:57:53 +00:00 |
|
Miroslav Stampar
|
812cd2f19b
|
minor update
|
2011-06-20 21:47:03 +00:00 |
|
Miroslav Stampar
|
e8ac7414f2
|
bug fix
|
2011-06-20 21:36:15 +00:00 |
|
Miroslav Stampar
|
d6062e8fc9
|
minor fix for crawler and far less message overlaps in future
|
2011-06-20 21:18:12 +00:00 |
|
Miroslav Stampar
|
8968c708a0
|
minor update
|
2011-06-20 14:27:24 +00:00 |
|
Miroslav Stampar
|
17fac6f67f
|
minor update
|
2011-06-20 13:53:39 +00:00 |
|
Miroslav Stampar
|
29314f425e
|
minor fix
|
2011-06-20 13:42:31 +00:00 |
|
Miroslav Stampar
|
f09340fc89
|
minor update
|
2011-06-20 12:40:14 +00:00 |
|
Miroslav Stampar
|
4d1fa5596b
|
added support for --scope in --crawl mode
|
2011-06-20 12:37:51 +00:00 |
|
Miroslav Stampar
|
42746cc706
|
bug fix
|
2011-06-20 12:18:46 +00:00 |
|
Miroslav Stampar
|
67fab9f2e2
|
putting this to info messages (user needs to know at this place why is it waiting)
|
2011-06-20 12:17:19 +00:00 |
|
Miroslav Stampar
|
b1426b5131
|
bug fix
|
2011-06-20 12:11:09 +00:00 |
|
Miroslav Stampar
|
cda39ca350
|
minor update
|
2011-06-20 11:46:23 +00:00 |
|
Miroslav Stampar
|
07e2c72943
|
adding Beautifulsoup (BSD) into extras; adding --crawl to options
|
2011-06-20 11:32:30 +00:00 |
|
Miroslav Stampar
|
8c04aa871a
|
english typo
|
2011-06-20 11:00:23 +00:00 |
|
Miroslav Stampar
|
bdb530da1f
|
minor update
|
2011-06-19 10:11:27 +00:00 |
|
Miroslav Stampar
|
d5bc149636
|
made changes by buawig request (504 is treated as a classical timeout)
|
2011-06-19 09:57:41 +00:00 |
|
Miroslav Stampar
|
83af83da9e
|
minor beautification (WordsSet is considered as a bad english)
|
2011-06-18 15:47:19 +00:00 |
|
Bernardo Damele
|
f8c32cf6b9
|
Moved folder
|
2011-06-18 12:34:41 +00:00 |
|
Bernardo Damele
|
28ef61b997
|
Use getPageTextWordsSet() also in --common-columns
|
2011-06-18 12:30:26 +00:00 |
|
Bernardo Damele
|
6b2f44de14
|
Minor layout adjustment
|
2011-06-18 12:27:12 +00:00 |
|
Bernardo Damele
|
cd07139919
|
Layout adjustments
|
2011-06-18 11:58:14 +00:00 |
|
Miroslav Stampar
|
31ad0875b4
|
added by request
|
2011-06-18 11:34:51 +00:00 |
|
Miroslav Stampar
|
e4be141602
|
minor fix for --smoke-test
|
2011-06-18 11:26:17 +00:00 |
|
Bernardo Damele
|
c7e1aeeef2
|
layout
|
2011-06-18 11:02:48 +00:00 |
|
Miroslav Stampar
|
905fef0eae
|
now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5)
|
2011-06-18 10:51:14 +00:00 |
|
Miroslav Stampar
|
fde3e4cece
|
better
|
2011-06-18 09:52:07 +00:00 |
|
Miroslav Stampar
|
2f129b01c0
|
"Please consider to provide" is a bad English
|
2011-06-18 09:46:22 +00:00 |
|
Miroslav Stampar
|
1440c9f2d4
|
minor update
|
2011-06-17 22:28:07 +00:00 |
|
Miroslav Stampar
|
87e9842371
|
better language
|
2011-06-17 22:13:45 +00:00 |
|
Miroslav Stampar
|
ce3170edef
|
minor update/better language
|
2011-06-17 22:11:40 +00:00 |
|
Miroslav Stampar
|
ec6fa384eb
|
update
|
2011-06-17 22:04:25 +00:00 |
|
Miroslav Stampar
|
0c9fa5c550
|
fix
|
2011-06-17 17:12:47 +00:00 |
|
Miroslav Stampar
|
043f2f92c1
|
minor update
|
2011-06-17 17:10:52 +00:00 |
|
Miroslav Stampar
|
c9a6aad5c3
|
minor fix by request
|
2011-06-17 16:58:50 +00:00 |
|
Miroslav Stampar
|
a0129dcbcb
|
this is confusing for normal users (i've just get a mail where dude thinks that he needs to use tamper script because of this :)
|
2011-06-17 16:52:39 +00:00 |
|
Miroslav Stampar
|
f3ee2c09fb
|
cleaner fix
|
2011-06-17 15:32:23 +00:00 |
|
Miroslav Stampar
|
bb987ec98f
|
fix for DNS leakage
|
2011-06-17 15:23:58 +00:00 |
|
Miroslav Stampar
|
9498a3f259
|
little stabilization of multi threading
|
2011-06-17 12:50:28 +00:00 |
|
Miroslav Stampar
|
d27afaed7e
|
some fixes
|
2011-06-16 14:27:44 +00:00 |
|
Miroslav Stampar
|
6b1d5a0ab8
|
minor fix
|
2011-06-16 14:11:30 +00:00 |
|