Miroslav Stampar
|
f7a664b120
|
enablind DNS server for DNS data exfiltration
|
2012-03-31 12:08:27 +00:00 |
|
Miroslav Stampar
|
8be9cd4ac4
|
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
|
2012-03-31 10:22:50 +00:00 |
|
Bernardo Damele
|
40a7232de6
|
Minor fix to avoid useless tests (FROM DUAL is Oracle specific so no point using + to concatenate strings)
|
2012-03-30 16:27:08 +00:00 |
|
Miroslav Stampar
|
429b8396e9
|
minor update for DNSServer support
|
2012-03-30 13:20:29 +00:00 |
|
Miroslav Stampar
|
56638f9e95
|
making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection
|
2012-03-30 10:50:01 +00:00 |
|
Miroslav Stampar
|
79c3d6f2aa
|
minor update
|
2012-03-30 10:37:46 +00:00 |
|
Miroslav Stampar
|
6acf6b193a
|
minor update regarding boolean logic comparison mechanism
|
2012-03-30 09:42:58 +00:00 |
|
Miroslav Stampar
|
5469186540
|
minor comment update
|
2012-03-29 14:35:47 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
ce4c697bbd
|
disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code
|
2012-03-29 13:39:12 +00:00 |
|
Miroslav Stampar
|
772ead8d03
|
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
|
2012-03-29 12:44:20 +00:00 |
|
Miroslav Stampar
|
c9cac957bb
|
adding one more case for false positive check (Generic tests without any DBMS knowledge)
|
2012-03-29 09:56:09 +00:00 |
|
Miroslav Stampar
|
60146481af
|
bug fix(es) (flags were used in place of count parameter in re.sub() calls)
|
2012-03-28 19:33:00 +00:00 |
|
Miroslav Stampar
|
9433bbe26d
|
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
|
2012-03-28 19:27:12 +00:00 |
|
Miroslav Stampar
|
7d131d1fb1
|
minor update
|
2012-03-28 13:46:31 +00:00 |
|
Miroslav Stampar
|
7fd64df167
|
minor code cleaning
|
2012-03-28 13:31:07 +00:00 |
|
Miroslav Stampar
|
769b0d0ae7
|
more minor updates regarding data retrieval through DNS channel
|
2012-03-27 19:29:24 +00:00 |
|
Miroslav Stampar
|
9199ce5054
|
minor update
|
2012-03-27 19:07:17 +00:00 |
|
Miroslav Stampar
|
1b072f6415
|
laying foundation for DNS based data retrieval
|
2012-03-27 18:59:12 +00:00 |
|
Miroslav Stampar
|
645fc8a21c
|
minor refactoring
|
2012-03-27 08:31:48 +00:00 |
|
Miroslav Stampar
|
3abcd6910a
|
strange combination of "Set-Cookie" and interleaved pattern of True/False like responses can result in bypassing of the ABAB test
|
2012-03-22 00:06:50 +00:00 |
|
Miroslav Stampar
|
e88687b1f0
|
revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection)
|
2012-03-21 23:15:59 +00:00 |
|
Miroslav Stampar
|
524c1d38ad
|
making default redirect choice to NO (making fewer requests by default and in lots of cases clearer pages for comparison - original page vs redirect message)
|
2012-03-21 23:03:57 +00:00 |
|
Miroslav Stampar
|
11132ba993
|
fix for a bug in reflection removal mechanism
|
2012-03-19 14:28:18 +00:00 |
|
Miroslav Stampar
|
8e7d360ea2
|
cleaner refactoring regarding last commit
|
2012-03-19 12:03:25 +00:00 |
|
Miroslav Stampar
|
401763b6f8
|
minor fix (it has to be level 1 array like it was with the previous re.findall mechanism)
|
2012-03-19 12:00:22 +00:00 |
|
Miroslav Stampar
|
72c5b034bf
|
minor update
|
2012-03-19 11:50:38 +00:00 |
|
Miroslav Stampar
|
cb8caf7e0f
|
i am not very bright today :)
|
2012-03-19 11:23:23 +00:00 |
|
Miroslav Stampar
|
d5915e5d44
|
one other fix
|
2012-03-19 11:19:26 +00:00 |
|
Miroslav Stampar
|
7abfa2e6d4
|
minor fix
|
2012-03-19 11:18:00 +00:00 |
|
Miroslav Stampar
|
cce5c3c009
|
minor changes for version numbers
|
2012-03-19 11:07:03 +00:00 |
|
Miroslav Stampar
|
037db9b3b8
|
minor removal of older stuff
|
2012-03-19 09:38:27 +00:00 |
|
Miroslav Stampar
|
da7f4eeffd
|
removing left over
|
2012-03-18 17:33:14 +00:00 |
|
Miroslav Stampar
|
0fc4288a7c
|
modifying redirection code for only two choices
|
2012-03-18 17:27:08 +00:00 |
|
Bernardo Damele
|
c03d0e24fb
|
it must stay as is
|
2012-03-16 17:42:00 +00:00 |
|
Bernardo Damele
|
3505503a08
|
no need to return here
|
2012-03-16 17:30:16 +00:00 |
|
Bernardo Damele
|
942d9e4fa8
|
code cleanup
|
2012-03-16 17:27:24 +00:00 |
|
Bernardo Damele
|
a1c943fc79
|
Major bug fix to comparison algorithm with OR based boolean-based injections
|
2012-03-16 17:22:55 +00:00 |
|
Miroslav Stampar
|
d66056fe39
|
one more related commit
|
2012-03-16 13:16:53 +00:00 |
|
Miroslav Stampar
|
ac02a2d92c
|
minor fix
|
2012-03-16 13:14:14 +00:00 |
|
Miroslav Stampar
|
cbdcbdd786
|
minor minor update
|
2012-03-16 11:18:18 +00:00 |
|
Miroslav Stampar
|
b130a9e14e
|
minor fix (writing to HashDB on any interrupt)
|
2012-03-16 10:15:43 +00:00 |
|
Miroslav Stampar
|
577caac4de
|
putting kb.negativeLogic setting to the safe place
|
2012-03-16 09:17:11 +00:00 |
|
Miroslav Stampar
|
209e795369
|
minor just in case update
|
2012-03-16 09:02:17 +00:00 |
|
Miroslav Stampar
|
adb5fff6b2
|
one more update related to the redirection mechanism
|
2012-03-15 20:17:40 +00:00 |
|
Miroslav Stampar
|
7d313ac911
|
few more fixes for proper redirecting mechanism
|
2012-03-15 19:47:59 +00:00 |
|
Bernardo Damele
|
48e8c978fb
|
Minor fix, way more to do for --search -C for MSSQL
|
2012-03-15 17:55:49 +00:00 |
|
Bernardo Damele
|
86c4650058
|
Minor bug fix - revert
|
2012-03-15 17:12:24 +00:00 |
|
Bernardo Damele
|
cc15373769
|
More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later)
|
2012-03-15 16:29:28 +00:00 |
|
Bernardo Damele
|
4520744b4d
|
second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now
|
2012-03-15 16:25:26 +00:00 |
|