Commit Graph

1048 Commits

Author SHA1 Message Date
Miroslav Stampar
e7e8a3965a Minor fix 2014-04-03 09:00:14 +02:00
Miroslav Stampar
80d4426dbd Patch related to the Issue #661 2014-04-02 22:34:37 +02:00
Miroslav Stampar
e8c1c90f2e Whitespace was being double encoded in case of spaceplus (' '->%2B) 2014-03-25 22:02:14 +01:00
Miroslav Stampar
106102bd3c Fix for an Issue #648 2014-03-21 20:28:29 +01:00
Miroslav Stampar
be3fd8bb29 Fix for an Issue #638 2014-03-14 16:44:56 +01:00
Miroslav Stampar
f1f53a5841 Minor cosmetic update 2014-03-06 21:08:31 +01:00
Miroslav Stampar
cc62a8adc9 Bug fix for JSON-like data (proper escaping of quotes) 2014-02-26 09:30:37 +01:00
Miroslav Stampar
6369a38ebc Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00
Miroslav Stampar
fc02badf40 Minor update 2014-01-23 08:33:21 +01:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
36f3ab5798 Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True) 2014-01-09 15:46:55 +01:00
Miroslav Stampar
5437f8bf36 Fix for an Issue #85 2014-01-02 12:09:58 +01:00
Miroslav Stampar
4de83daf03 Minor style update 2014-01-02 11:06:19 +01:00
Miroslav Stampar
b0ca34ff27 Bug fix (payload character '=' was not being url-encoded in custom (user) post cases - when posthint was None) 2013-12-04 10:09:54 +01:00
Bernardo Damele
59b6791faa minor improvement 2013-11-19 00:24:47 +00:00
Miroslav Stampar
8dac47f7e5 Minor patch (for recognition of x-mac-turkish codec) 2013-10-21 20:04:48 +02:00
Miroslav Stampar
344d3f4b5f Minor patch 2013-10-12 21:05:18 +02:00
Miroslav Stampar
18d9e1dbc3 Minor update due to reported (debug) problems with SSLv23 2013-10-04 10:53:49 +02:00
Miroslav Stampar
a3defc175d Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00
Miroslav Stampar
81409ce6da Minor patch 2013-09-02 10:54:32 +02:00
Miroslav Stampar
dd39913cf6 Improvement for an --eval mechanism 2013-08-31 00:28:51 +02:00
Miroslav Stampar
3a57af1452 Minor fix 2013-08-30 15:26:03 +02:00
Miroslav Stampar
88b992ad83 Fixing a bug noticed during the yesterday's AppSecEU presentation (--headers='user-agent:foobar*' was not working properly) 2013-08-23 11:54:08 +02:00
Miroslav Stampar
23f2c5f166 Finishing implementation for an Issue #58 2013-08-20 19:35:49 +02:00
Miroslav Stampar
4929cff0c0 Minor update 2013-08-13 06:42:49 +02:00
Miroslav Stampar
b2855e0281 Minor patch 2013-08-12 14:25:51 +02:00
Miroslav Stampar
a711c9ed36 Minor cleanup and initial work for #58 2013-08-09 14:13:48 +02:00
Miroslav Stampar
32c1cb20f5 Fix for an Issue #497 2013-08-01 19:48:20 +02:00
Miroslav Stampar
953b5815d8 Implementation for an Issue #496 2013-07-31 21:15:03 +02:00
Miroslav Stampar
6b826ef64d Reintroducing option --cookie-del 2013-07-31 20:41:19 +02:00
Miroslav Stampar
ca44b23d20 Implementation for --eval to support cookies 2013-07-31 17:29:16 +02:00
Miroslav Stampar
eaacbe0b12 Minor language fix 2013-07-31 09:24:34 +02:00
Miroslav Stampar
f54082111d Better way how to deal with required extensions 2013-07-13 19:25:49 +02:00
Miroslav Stampar
3f6d4083a7 Minor language update 2013-07-13 17:19:16 +02:00
Miroslav Stampar
31efabfca1 Appropriate error messaging when one of core libraries are missing due to erroneous Python build 2013-07-13 16:07:36 +02:00
Miroslav Stampar
4d9f8ad0dd Commit related to the last one 2013-07-13 12:00:03 +02:00
stamparm
a53823f9b7 Minor refactoring 2013-06-19 10:59:26 +02:00
Miroslav Stampar
f185e5cdd5 Fix for an Issue #463 2013-06-10 22:26:34 +02:00
Miroslav Stampar
6f49b96a2d Fix for an Issue #462 2013-06-10 12:20:58 +02:00
Miroslav Stampar
39612b5d87 Fix for an Issue #457 2013-06-04 23:46:39 +02:00
Miroslav Stampar
3e0f747fad Minor fix 2013-06-04 00:05:25 +02:00
Miroslav Stampar
edc9da1226 Minor refactoring 2013-06-03 15:14:56 +02:00
stamparm
6b280d8da4 Putting 2 decimal places for debug messages with performed queries (e.g. to handle a problem with 0 seconds roundup) 2013-05-28 14:40:45 +02:00
stamparm
659c0bb418 Minor fix 2013-05-27 10:38:47 +02:00
stamparm
4b2cf07262 Minor style update 2013-05-20 16:15:35 +02:00
Miroslav Stampar
ea5c742595 Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled) 2013-05-18 21:30:21 +02:00
Miroslav Stampar
f24c8c6b6b Changing logging type to warning for parsed error messages 2013-05-18 16:17:56 +02:00
stamparm
03732d2592 Minor fix 2013-05-17 16:04:05 +02:00
stamparm
76b4e1ccb9 Implementation for an Issue #450 2013-05-17 15:04:25 +02:00
stamparm
887109a12d Minor bug fix (for not displaying heuristic detected page charset None) 2013-04-30 18:16:32 +02:00
stamparm
ebe8ee3500 Fix for crawler and redirection case 2013-04-30 18:08:26 +02:00
stamparm
09e7f4f697 Minor bug fix regarding traffic logging of redirected requests 2013-04-30 17:46:26 +02:00
stamparm
1035ee9c3d Patch for an Issue #442 2013-04-26 14:49:24 +02:00
stamparm
e3a02f56e6 Just in case for --force-ssl (if url is returned in e.g. refresh toward the target) 2013-04-24 12:35:39 +02:00
stamparm
6fed1921ed Bug fix (there are cases when provided kwargs containing explicit None values while we want to use the alternative in those kind of cases; there was an intention in original code, while the implementation was buggy) 2013-04-16 14:17:41 +02:00
stamparm
140cffbde2 Patch for an Issue #434 2013-04-15 15:57:28 +02:00
Miroslav Stampar
ed5599f489 In case that cookie file is given and cookie header inside request file clashes with one of contained cookies, give cookie file greater priority 2013-04-12 19:20:33 +02:00
stamparm
8c9da95343 Style and consistency update (url -> URL) 2013-04-09 11:48:42 +02:00
Miroslav Stampar
240e9f3f7e Minor patch 2013-04-07 11:02:43 +02:00
Miroslav Stampar
df4fd82515 Minor update 2013-04-03 23:27:27 +02:00
Miroslav Stampar
c75a2d0c40 Minor patch 2013-04-03 21:31:37 +02:00
stamparm
e1ffdde532 Little cleaning a mess with url encoding and post hint types 2013-03-27 13:39:27 +01:00
Miroslav Stampar
c19a283434 Minor patch 2013-03-26 20:06:50 +01:00
stamparm
7accba4cf9 Minor update 2013-03-26 16:10:41 +01:00
stamparm
7447773237 Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
Miroslav Stampar
8acf033715 Code refactoring 2013-03-19 19:24:14 +01:00
stamparm
6969874c02 Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values) 2013-03-19 10:52:37 +01:00
stamparm
e226006766 Trivial fix 2013-03-18 13:29:55 +01:00
stamparm
5e02bcbd58 Minor adjustment 2013-03-18 12:16:16 +01:00
Miroslav Stampar
eb08c8d752 Another update for an Issue #352 2013-03-13 19:42:22 +01:00
Miroslav Stampar
2f43c3eb9b Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00
Miroslav Stampar
84a5bdb9cf Trivial cosmetics 2013-03-09 19:41:24 +01:00
Miroslav Stampar
79d6a0e9c9 Using binary data in dummy mode 2013-03-09 19:40:24 +01:00
Miroslav Stampar
62980d7d5a Automatically decoding url encoded data in response 2013-03-05 17:32:10 +01:00
Miroslav Stampar
0e89cc62a2 Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections 2013-02-28 20:20:08 +01:00
stamparm
9ef79df23d Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched) 2013-02-28 13:51:08 +01:00
stamparm
69063947b6 Debug message should go with logging.DEBUG 2013-02-19 09:46:51 +01:00
Bernardo Damele
d7247a51ee do not prompt constantly if the page is not found 2013-02-18 18:08:20 +00:00
Miroslav Stampar
11bcf28d86 Fix for an Issue #399 2013-02-15 10:04:13 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Miroslav Stampar
a0b44da5d8 Minor fix for --threads>1 --binary-fields 2013-02-13 20:47:27 +01:00
Miroslav Stampar
d78a3e977b Update (allowing regular char * to be inside SOAP/JSON/XML) 2013-02-13 12:24:42 +01:00
Miroslav Stampar
1d42aba01e Minor update regarding 093a93938c (for goStacked to work properly with stacked conditional payloads - e.g. proper suffix/prefix) 2013-02-12 17:35:14 +01:00
Miroslav Stampar
c34f6e25b2 Minor fix for --eval (urldecoded values should be used inside evaluation) 2013-02-12 17:01:47 +01:00
Bernardo Damele
2fa2f30d21 slighlty better, still not optimal 2013-02-06 17:45:52 +00:00
Bernardo Damele
b272b0574d minor fix to reset partRun value - #297 2013-02-06 17:09:28 +00:00
Miroslav Stampar
62772125e3 Bug fix for HTTPSCertAuthHandler 2013-02-05 12:16:06 +01:00
Miroslav Stampar
6d942f92b5 Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.)) 2013-02-01 10:03:06 +01:00
Miroslav Stampar
f5844eabae Valuable data is potentially lost if page not parsed in dump mode (e.g. --technique=B and error occuring) <- partial revert of previous optimization commit 10bdd90e60 2013-01-31 13:32:14 +01:00
Miroslav Stampar
2420a4b626 Update for an Issue #342 and #372 2013-01-31 10:01:52 +01:00
Miroslav Stampar
f41460f8d8 Better naming 2013-01-29 20:53:11 +01:00
Miroslav Stampar
a59ac8e27f Trivial cosmetics 2013-01-29 16:30:38 +01:00
Miroslav Stampar
479f791112 Minor fix 2013-01-25 12:41:51 +01:00
Chris Frohoff
218a6a9695 fixed response header logging for header names with special chars 2013-01-23 11:10:25 -08:00
Miroslav Stampar
59b02539ca More general approach regarding that last commit 2013-01-22 11:34:34 +01:00
Miroslav Stampar
01f1488f07 Minor patch (annoying trailing spaces for some DBMSes --technique=B --sql-query) 2013-01-22 11:29:51 +01:00
Miroslav Stampar
bb6b89fe93 Patch for an Issue #360 2013-01-19 18:06:36 +01:00
Miroslav Stampar
ac7709204a Better fix for that page/headers/comparison --string candidate problem 2013-01-18 17:00:11 +01:00
Miroslav Stampar
8141d17985 Revert of previous commit (more care has to be done regarding headers dynamicity) 2013-01-18 16:49:35 +01:00