Miroslav Stampar
|
e81168af0f
|
Minor adjustment
|
2014-10-01 13:59:51 +02:00 |
|
Miroslav Stampar
|
f67a38dba9
|
Minor adjustment
|
2014-10-01 13:42:10 +02:00 |
|
Miroslav Stampar
|
a9454fbb43
|
Minor commit related to the last one (bypassing DBMS error trimming problem)
|
2014-10-01 13:35:20 +02:00 |
|
Miroslav Stampar
|
8c9014c39f
|
Adding a dummy (auxiliary) XSS check
|
2014-10-01 13:31:48 +02:00 |
|
Miroslav Stampar
|
4d23744430
|
Bug fix (there was a problem using --tamper=varnish with --identify-waf because of same named modules)
|
2014-09-30 09:58:02 +02:00 |
|
Miroslav Stampar
|
ff42720c62
|
Minor fix
|
2014-09-29 14:07:59 +02:00 |
|
Miroslav Stampar
|
1e636fb925
|
Minor patch regarding Issue #840
|
2014-09-28 13:38:09 +02:00 |
|
Miroslav Stampar
|
767c278a0f
|
Fix for an Issue #838
|
2014-09-26 17:00:50 +02:00 |
|
Miroslav Stampar
|
00fc842c6f
|
Update agent.py
|
2014-09-20 10:20:57 +02:00 |
|
Miroslav Stampar
|
69701ba08c
|
Minor refactoring
|
2014-09-17 18:29:01 +02:00 |
|
Miroslav Stampar
|
09064a4a24
|
Minor just in case patch
|
2014-09-17 18:25:24 +02:00 |
|
Miroslav Stampar
|
bbc6dd9ac8
|
Minor fix
|
2014-09-17 10:28:18 +02:00 |
|
Miroslav Stampar
|
6888d2fc34
|
Minor cosmetic update
|
2014-09-16 16:32:54 +02:00 |
|
Miroslav Stampar
|
0e8090381c
|
Minor cosmetic update
|
2014-09-16 16:21:29 +02:00 |
|
Miroslav Stampar
|
c5294f2cbb
|
Minor patch for an Issue #832
|
2014-09-16 16:18:13 +02:00 |
|
Miroslav Stampar
|
5b0732e9f9
|
Minor update for Issue #832
|
2014-09-16 15:17:50 +02:00 |
|
Miroslav Stampar
|
7278af01ee
|
Implementation for an Issue #832
|
2014-09-16 14:12:43 +02:00 |
|
Miroslav Stampar
|
57eb19377e
|
Minor code refactoring
|
2014-09-16 09:07:31 +02:00 |
|
Miroslav Stampar
|
45f5548113
|
Minor update regarding shell history file
|
2014-09-16 08:58:25 +02:00 |
|
Miroslav Stampar
|
637d3cbaf7
|
Fix for cases when parameter name is urlencoded
|
2014-09-12 13:29:30 +02:00 |
|
Miroslav Stampar
|
bfc8ab0e35
|
Language update
|
2014-09-08 14:48:31 +02:00 |
|
Miroslav Stampar
|
53d0d5bf8b
|
Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved)
|
2014-09-08 14:33:13 +02:00 |
|
Miroslav Stampar
|
055b759145
|
Minor update
|
2014-09-03 23:13:57 +02:00 |
|
Miroslav Stampar
|
bbf0be1f8d
|
Bug fix (Issue #813)
|
2014-09-03 22:09:12 +02:00 |
|
Miroslav Stampar
|
112a0cb1ae
|
Patch for output directory (using unicode for international support)
|
2014-09-03 21:49:30 +02:00 |
|
Miroslav Stampar
|
7e40890f32
|
Patch for an Issue #815
|
2014-09-01 16:16:12 +02:00 |
|
Miroslav Stampar
|
25c6fca20e
|
Minor fix
|
2014-09-01 15:48:00 +02:00 |
|
Miroslav Stampar
|
d5d01e91ad
|
Warning message
|
2014-08-30 22:15:14 +02:00 |
|
Miroslav Stampar
|
20ff402103
|
Minor patch
|
2014-08-30 22:04:55 +02:00 |
|
Miroslav Stampar
|
dc2ee8bfa0
|
Minor update
|
2014-08-30 21:53:09 +02:00 |
|
Miroslav Stampar
|
177fc0376d
|
Minor fix for HSQLDB
|
2014-08-30 21:37:38 +02:00 |
|
Miroslav Stampar
|
1a9a331422
|
Bug fix (proper extending of tests when dbms is known)
|
2014-08-30 21:34:23 +02:00 |
|
Miroslav Stampar
|
e501b2a80b
|
Minor patch
|
2014-08-30 20:58:59 +02:00 |
|
Miroslav Stampar
|
03c8e7b7a2
|
Patch for an Issue #810
|
2014-08-30 17:13:02 +02:00 |
|
Miroslav Stampar
|
77cb35dcf6
|
Fix for an Issue #804
|
2014-08-28 14:26:55 +02:00 |
|
Miroslav Stampar
|
9476359255
|
Bug fix
|
2014-08-28 12:50:39 +02:00 |
|
Miroslav Stampar
|
834f8e18c8
|
Minor patch for an Issue #802
|
2014-08-28 00:45:57 +02:00 |
|
Miroslav Stampar
|
b77d8d617b
|
Minor patch for an Issue #800
|
2014-08-28 00:31:49 +02:00 |
|
Miroslav Stampar
|
7595f2b73e
|
Minor fix
|
2014-08-28 00:13:27 +02:00 |
|
Miroslav Stampar
|
fce671c899
|
Patch for an Issue #801
|
2014-08-28 00:00:16 +02:00 |
|
Miroslav Stampar
|
fd36250026
|
Proper fix for an Issue #757
|
2014-08-26 23:36:04 +02:00 |
|
Miroslav Stampar
|
2a268199d4
|
Patch for an Issue #798
|
2014-08-26 23:11:44 +02:00 |
|
Miroslav Stampar
|
e68326c0fe
|
expandAsteriskForColumns changes value of conf.db and conf.tbl potentially causing problems in further work
|
2014-08-26 22:57:08 +02:00 |
|
Miroslav Stampar
|
decd092b2a
|
Minor patch
|
2014-08-26 22:40:50 +02:00 |
|
Miroslav Stampar
|
2be0ebd883
|
Minor fix (e.g. Oracle identifier names can contain character $)
|
2014-08-26 22:40:15 +02:00 |
|
Miroslav Stampar
|
dcaad75a1e
|
Fix for an Issue #794
|
2014-08-22 15:08:05 +02:00 |
|
Miroslav Stampar
|
d74b803306
|
Minor patch
|
2014-08-22 14:45:23 +02:00 |
|
Miroslav Stampar
|
e0a8b89069
|
Minor patch when trailing space is used with comma to split option items (e.g. '-C id, name')
|
2014-08-22 14:19:53 +02:00 |
|
Miroslav Stampar
|
e3a0f25db0
|
Patch for an Issue #795
|
2014-08-22 14:11:23 +02:00 |
|
Miroslav Stampar
|
2ce3ccac46
|
Patch for an Issue #797 (switching to greedy because of performance; it shouldn't be a problem because it was a single line replacement in the first place)
|
2014-08-22 13:06:53 +02:00 |
|
Miroslav Stampar
|
77513e1de9
|
Minor style update
|
2014-08-21 01:19:10 +02:00 |
|
Miroslav Stampar
|
c5b71cff10
|
Some filtering
|
2014-08-21 01:12:44 +02:00 |
|
Miroslav Stampar
|
3cfdb5ff0f
|
Removing / from auto directories (it doesn't make sense to auto-test for uploading to /)
|
2014-08-21 00:43:37 +02:00 |
|
Miroslav Stampar
|
acb3b1d1fe
|
Bug fix for common table/column existence check
|
2014-08-21 00:12:19 +02:00 |
|
Miroslav Stampar
|
074b57804e
|
Minor style update
|
2014-08-21 00:03:46 +02:00 |
|
Miroslav Stampar
|
58d93ffb2b
|
Fix for falling back to partial union (excluding scalar queries)
|
2014-08-20 23:53:15 +02:00 |
|
Miroslav Stampar
|
90882f081d
|
Language update
|
2014-08-20 23:47:57 +02:00 |
|
Miroslav Stampar
|
0296081692
|
Minor refactoring
|
2014-08-20 23:42:40 +02:00 |
|
Miroslav Stampar
|
f51ea20bbd
|
Minor style update
|
2014-08-20 22:50:00 +02:00 |
|
Miroslav Stampar
|
5d10bae31f
|
Removing trailing blank lines
|
2014-08-20 21:07:19 +02:00 |
|
Miroslav Stampar
|
e0216771ed
|
Minor update
|
2014-08-20 15:23:07 +02:00 |
|
Miroslav Stampar
|
c97782cfed
|
Minor update of banner
|
2014-08-20 15:10:21 +02:00 |
|
Miroslav Stampar
|
07f881e711
|
Minor fix
|
2014-08-20 14:02:04 +02:00 |
|
Miroslav Stampar
|
b4fbb9cafe
|
Minor upgrade
|
2014-08-20 13:52:48 +02:00 |
|
Miroslav Stampar
|
7828f61642
|
Minor style update
|
2014-08-20 13:35:41 +02:00 |
|
Miroslav Stampar
|
dfa426fbb5
|
Minor style update
|
2014-08-20 13:32:32 +02:00 |
|
Miroslav Stampar
|
6795b51c7e
|
Another minor update
|
2014-08-20 01:59:30 +02:00 |
|
Miroslav Stampar
|
d08c1b7c04
|
Minor update
|
2014-08-20 01:45:42 +02:00 |
|
Miroslav Stampar
|
6caccc3d93
|
Bug fix for ultra-slow processing of binary data
|
2014-08-20 01:38:01 +02:00 |
|
Miroslav Stampar
|
ebc964267f
|
Better reporting on filtered-chars cases
|
2014-08-20 01:11:26 +02:00 |
|
Miroslav Stampar
|
c12e51173a
|
Minor style update
|
2014-08-20 00:28:33 +02:00 |
|
Miroslav Stampar
|
5a05271097
|
Minor fix
|
2014-08-19 22:34:07 +02:00 |
|
Miroslav Stampar
|
b0465a6a76
|
Adding a revision scheme for nongit checkouts
|
2014-08-19 22:32:16 +02:00 |
|
Miroslav Stampar
|
cd92de1702
|
Adding colorful banner
|
2014-08-19 22:19:22 +02:00 |
|
Miroslav Stampar
|
7d578d395f
|
Minor update for Apache on Windows
|
2014-08-16 16:01:18 +02:00 |
|
Miroslav Stampar
|
a8b4b96cd9
|
Extending list for brute forcing doc root
|
2014-08-16 15:16:03 +02:00 |
|
Miroslav Stampar
|
0fb576724e
|
Implementation for cases when there are multiple copies/variations of the same result(s) in response for partial UNION SQLi
|
2014-08-13 22:50:42 +02:00 |
|
Miroslav Stampar
|
0809a61fc3
|
Bug fix (whole page output as a result of partial union runs)
|
2014-08-13 15:18:11 +02:00 |
|
Miroslav Stampar
|
0a74ae736f
|
Probable fix for an Issue #788
|
2014-08-13 14:01:57 +02:00 |
|
Miroslav Stampar
|
658110e644
|
Minor fix
|
2014-08-11 12:46:37 +02:00 |
|
hydhyd
|
e7ffe92d8c
|
Update settings.py
Modified BRUTE_DOC_PREFIXES to include "/srv/www" used by default in OpenSUSE.
|
2014-08-06 12:59:18 +04:00 |
|
Miroslav Stampar
|
8599005115
|
Implementation for an Issue #771
|
2014-08-01 14:19:32 +02:00 |
|
Miroslav Stampar
|
208d51e0e9
|
Revert of last trigger happy commit
|
2014-08-01 13:57:43 +02:00 |
|
Miroslav Stampar
|
d300f99b0b
|
Removing a redundant code (similar check is being done upper in code)
|
2014-08-01 13:57:07 +02:00 |
|
Miroslav Stampar
|
8bc6154f06
|
Removing a redundant code (similar check is being done upper in code)
|
2014-08-01 13:53:22 +02:00 |
|
Miroslav Stampar
|
b31e141012
|
Fix for an Issue #772
|
2014-07-29 14:37:48 +02:00 |
|
Miroslav Stampar
|
20d75cc52e
|
Patch for an Issue #767
|
2014-07-29 13:32:26 +02:00 |
|
Miroslav Stampar
|
9fff88d6e4
|
Minor update
|
2014-07-19 23:23:55 +02:00 |
|
Miroslav Stampar
|
3cfa63646b
|
Minor bug fix
|
2014-07-19 23:17:23 +02:00 |
|
Miroslav Stampar
|
0eb5fb1e5a
|
Update for an Issue #757
|
2014-07-19 23:02:14 +02:00 |
|
Miroslav Stampar
|
cd1c100cc0
|
Another patch for an Issue #757
|
2014-07-14 21:10:45 +02:00 |
|
Miroslav Stampar
|
e66a81ab4e
|
Fix for an Issue #757
|
2014-07-11 16:24:57 +02:00 |
|
Miroslav Stampar
|
32af0b17b0
|
Update for an Issue #760
|
2014-07-10 08:49:20 +02:00 |
|
Miroslav Stampar
|
33b6d189cd
|
Bug fix for some cases (in cases of working where=ORIGINAL, workflow switched to where=NEGATIVE because of false assumptions that it would be better than ORIGINAL; this kind of behaviour caused reported problems)
|
2014-07-07 22:22:56 +02:00 |
|
Miroslav Stampar
|
79a66ef22c
|
Minor patch
|
2014-07-06 09:09:44 +02:00 |
|
Miroslav Stampar
|
b5838ae7a4
|
Adding missing module (Issue #674 and Issue #747)
|
2014-07-03 00:29:20 +02:00 |
|
Miroslav Stampar
|
9d571c7800
|
Minor language update
|
2014-07-02 22:31:18 +02:00 |
|
Miroslav Stampar
|
e6d0d5a1c7
|
Implementation for an Issue #674
|
2014-07-02 22:27:51 +02:00 |
|
Miroslav Stampar
|
1eecabaea8
|
Patch for an Issue #746
|
2014-07-02 10:11:31 +02:00 |
|
Bernardo Damele
|
4e909a2a05
|
code cleanup
|
2014-07-01 00:58:49 +01:00 |
|
Bernardo Damele
|
018748f52e
|
increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections
|
2014-07-01 00:34:09 +01:00 |
|
Conny Brunnkvist
|
f0e23c9441
|
Use the selected random User-Agent
|
2014-07-01 00:27:14 +07:00 |
|
Miroslav Stampar
|
c2f14e57e7
|
Patch for an Issue #740
|
2014-06-29 00:27:23 +02:00 |
|
Miroslav Stampar
|
686fe4d0e9
|
Another patch for DNS exfiltration and boolean checks
|
2014-06-27 14:22:00 +02:00 |
|
Miroslav Stampar
|
8e660e6911
|
Minor fix
|
2014-06-27 14:14:29 +02:00 |
|
Miroslav Stampar
|
2f8d17bcb7
|
Appendix to last commit
|
2014-06-27 13:45:40 +02:00 |
|
Miroslav Stampar
|
75279ea75a
|
Fix for DNS exfiltration of boolean checks
|
2014-06-27 13:07:34 +02:00 |
|
Miroslav Stampar
|
5b5a765f96
|
Patch for an Issue #734
|
2014-06-23 12:24:08 +02:00 |
|
Miroslav Stampar
|
a47072eced
|
Patch for an Issue #732
|
2014-06-22 00:09:08 +02:00 |
|
Miroslav Stampar
|
2a88436417
|
Patch for an Issue #724
|
2014-06-16 09:51:24 +02:00 |
|
Miroslav Stampar
|
f558b800ac
|
Patch for an Issue #719
|
2014-06-12 09:08:55 +02:00 |
|
Miroslav Stampar
|
c50560c3a6
|
Patch for an Issue #716
|
2014-06-10 21:57:54 +02:00 |
|
Miroslav Stampar
|
5e9334ab79
|
Implementation for an Issue #715
|
2014-06-08 23:55:15 +02:00 |
|
Miroslav Stampar
|
54be398e83
|
Patch for an Issue #711
|
2014-06-04 16:35:07 +02:00 |
|
Miroslav Stampar
|
27ebc02535
|
Minor fix (user reported problem via email)
|
2014-05-29 09:33:14 +02:00 |
|
Miroslav Stampar
|
0f10cdfa4c
|
Minor update
|
2014-05-29 09:24:09 +02:00 |
|
Miroslav Stampar
|
9e02816cbd
|
Raising number of used md5 digits in hashdb key value because of birthday paradox (Python can handle it - automatically expanding to long if required; SQLite can handle it - it will use 6 bytes per INTEGERs instead of 4)
|
2014-05-29 09:21:48 +02:00 |
|
Miroslav Stampar
|
680ab10ca6
|
Patch for an Issue #703
|
2014-05-27 21:41:07 +02:00 |
|
Miroslav Stampar
|
2d5461d250
|
Minor fix (related to the unknown encoding reported by ML)
|
2014-05-22 09:03:14 +02:00 |
|
Miroslav Stampar
|
24954776a5
|
Patch for an Issue #697
|
2014-05-20 22:00:26 +02:00 |
|
Miroslav Stampar
|
babe49f086
|
Minor update (added new warning message)
|
2014-05-20 17:14:40 +02:00 |
|
Miroslav Stampar
|
c181e909b5
|
Minor fix
|
2014-05-16 23:47:00 +02:00 |
|
Miroslav Stampar
|
0f581ccb6c
|
Minor fix
|
2014-05-13 15:36:28 +02:00 |
|
Miroslav Stampar
|
4e8b41b869
|
Patch for an Issue #688
|
2014-05-13 00:50:36 +02:00 |
|
Miroslav Stampar
|
3a2916724c
|
Minor style update
|
2014-05-11 17:12:15 +02:00 |
|
Miroslav Stampar
|
a72d73804e
|
Revert of 9255174890 (bug was introduced with it)
|
2014-05-10 01:31:44 +02:00 |
|
Miroslav Stampar
|
93bf8e2a13
|
Bug fix
|
2014-05-10 01:11:19 +02:00 |
|
Miroslav Stampar
|
8f0807d7f9
|
Another fix related to the last commit
|
2014-05-09 22:55:16 +02:00 |
|
Miroslav Stampar
|
5eae002084
|
Minor fix
|
2014-05-09 22:45:43 +02:00 |
|
Miroslav Stampar
|
9255174890
|
Minor fix
|
2014-05-09 22:39:56 +02:00 |
|
Miroslav Stampar
|
bc4369be06
|
Fix for an Issue #687
|
2014-05-07 09:16:17 +02:00 |
|
Miroslav Stampar
|
2a55f75f86
|
Using a more generic XML recognition regex
|
2014-04-30 21:25:45 +02:00 |
|
Miroslav Stampar
|
2e96e3c924
|
Adding a hidden switch --ignore-401
|
2014-04-29 23:26:45 +02:00 |
|
Miroslav Stampar
|
eb8e31c23f
|
Adding a failsafe output directory
|
2014-04-27 22:40:41 +02:00 |
|
Miroslav Stampar
|
b54651b5a2
|
Minor patch (while saving configuration file)
|
2014-04-25 09:32:57 +02:00 |
|
Miroslav Stampar
|
ae8b1fe89c
|
Implementation for an Issue #678
|
2014-04-25 09:17:10 +02:00 |
|
Miroslav Stampar
|
e0fb21c26a
|
Patch for an Issue #673
|
2014-04-21 21:57:30 +02:00 |
|
Miroslav Stampar
|
f29769b7d0
|
Minor patch
|
2014-04-16 09:06:17 +02:00 |
|
Miroslav Stampar
|
ef5ce7e66c
|
Fix for an Issue #670
|
2014-04-12 17:22:47 +02:00 |
|
Miroslav Stampar
|
fd884ec67b
|
Adding another comment
|
2014-04-12 17:22:47 +02:00 |
|
Miroslav Stampar
|
b5cca742e4
|
Adding a comment
|
2014-04-12 17:22:47 +02:00 |
|
Miroslav Stampar
|
7f371c499d
|
Commit related to the last one
|
2014-04-10 21:29:59 +02:00 |
|
Miroslav Stampar
|
096ce7881e
|
Minor beauty patch
|
2014-04-10 21:18:24 +02:00 |
|
Miroslav Stampar
|
0d1690de61
|
Minor fix
|
2014-04-10 21:18:24 +02:00 |
|
Miroslav Stampar
|
1e8349eeaa
|
Minor fix
|
2014-04-10 21:18:24 +02:00 |
|
Miroslav Stampar
|
2d3a74a0fe
|
Patch for an Issue #667
|
2014-04-07 21:01:40 +02:00 |
|
Miroslav Stampar
|
cb0044b2c4
|
Minor beauty patch
|
2014-04-07 20:28:17 +02:00 |
|
Miroslav Stampar
|
fdad787681
|
Graceful abort in case of an invalid option in configuration file
|
2014-04-07 20:22:51 +02:00 |
|
Miroslav Stampar
|
e3ccf45503
|
Graceful abort in case of an invalid configuration file
|
2014-04-07 20:17:47 +02:00 |
|
Miroslav Stampar
|
bcf754fb17
|
Consistency patch (to be the same as in help listing)
|
2014-04-07 20:10:21 +02:00 |
|
Miroslav Stampar
|
b74de19213
|
Trivial style update
|
2014-04-07 20:06:03 +02:00 |
|
Miroslav Stampar
|
75f447ccf8
|
Renaming lib/core/purge to lib/utils/purge
|
2014-04-07 20:04:07 +02:00 |
|
Miroslav Stampar
|
9c7fbd1a90
|
Minor refactoring
|
2014-04-06 18:19:54 +02:00 |
|
Miroslav Stampar
|
4f4c50c4d5
|
Minor language update
|
2014-04-06 18:12:59 +02:00 |
|
Miroslav Stampar
|
bf18b025d6
|
Minor removal of redundant code
|
2014-04-06 18:09:54 +02:00 |
|
Miroslav Stampar
|
e931344617
|
More elegant implementation for --random-agent
|
2014-04-06 18:05:43 +02:00 |
|
Miroslav Stampar
|
9456dc68e7
|
Minor patch
|
2014-04-06 17:24:27 +02:00 |
|
Miroslav Stampar
|
1c92d8d51f
|
More generic implementation for --proxy-file (accepting public lists format)
|
2014-04-06 17:23:13 +02:00 |
|
Miroslav Stampar
|
bbf08a825e
|
Minor language fix
|
2014-04-06 17:12:43 +02:00 |
|
Miroslav Stampar
|
cf250a0381
|
Minor patch (it would go boom if special character was inside the --param-del)
|
2014-04-06 17:02:32 +02:00 |
|
Miroslav Stampar
|
053b0fd0e9
|
Renaming conf.oDir to conf.outputDir
|
2014-04-06 16:54:46 +02:00 |
|
Miroslav Stampar
|
7cc4159316
|
Renaming conf.cDel to conf.cookieDel
|
2014-04-06 16:50:58 +02:00 |
|
Miroslav Stampar
|
0ae8ac707e
|
Renaming conf.pDel to conf.paramDel
|
2014-04-06 16:48:46 +02:00 |
|
Miroslav Stampar
|
95e7ca02f0
|
Minor bug fix (-d was not recognized as one of mandatory in case of config file)
|
2014-04-06 16:45:25 +02:00 |
|
Miroslav Stampar
|
1b3a98b8ef
|
Trivial update (for consistency sake)
|
2014-04-06 13:42:15 +02:00 |
|
Miroslav Stampar
|
492a410bcc
|
Minor fix
|
2014-04-04 16:14:53 +02:00 |
|
Miroslav Stampar
|
15f92c4197
|
Bug fix (port was not being used properly with Burp exported history)
|
2014-04-03 09:46:37 +02:00 |
|
Miroslav Stampar
|
1632bec10b
|
Another fix related to the last commit
|
2014-04-03 09:05:12 +02:00 |
|
Miroslav Stampar
|
e7e8a3965a
|
Minor fix
|
2014-04-03 09:00:14 +02:00 |
|
Miroslav Stampar
|
80d4426dbd
|
Patch related to the Issue #661
|
2014-04-02 22:34:37 +02:00 |
|
Miroslav Stampar
|
d8bacc904e
|
Minor language update
|
2014-04-01 16:38:50 +02:00 |
|
Miroslav Stampar
|
3e024ac8e6
|
Minor update (consistency patch)
|
2014-03-30 16:51:31 +02:00 |
|
Miroslav Stampar
|
76b9fad24a
|
Fix for an Issue #656
|
2014-03-30 16:21:18 +02:00 |
|
Miroslav Stampar
|
b2cc8f00ef
|
Bug fix (ORACLE_OLD on Windows - resulted in multiple entry per line output due to no locking used)
|
2014-03-28 00:41:22 +01:00 |
|
Miroslav Stampar
|
e8c1c90f2e
|
Whitespace was being double encoded in case of spaceplus (' '->%2B)
|
2014-03-25 22:02:14 +01:00 |
|
Miroslav Stampar
|
3710a7051b
|
Fix for an Issue #653
|
2014-03-25 21:26:22 +01:00 |
|
Miroslav Stampar
|
930c3e3c5a
|
Minor update (added check for --limit and --risk)
|
2014-03-25 09:28:12 +01:00 |
|
Miroslav Stampar
|
f6e1d9e026
|
Fix for an Issue #650
|
2014-03-24 10:46:23 +01:00 |
|
Miroslav Stampar
|
106102bd3c
|
Fix for an Issue #648
|
2014-03-21 20:28:29 +01:00 |
|
Bernardo Damele
|
9f838c3d5b
|
typo fix
|
2014-03-21 11:37:34 +00:00 |
|
Bernardo Damele
|
8091a88d3e
|
minor code cleanup and bug fix
|
2014-03-21 11:35:30 +00:00 |
|
Bernardo Damele
|
c211255773
|
replaced outfile with dumpfile so works even if the original statement outputs blob
|
2014-03-21 11:01:57 +00:00 |
|
Miroslav Stampar
|
39ab3b9149
|
Minor fix for meta refresh
|
2014-03-20 13:13:47 +01:00 |
|
Miroslav Stampar
|
d7f0da5599
|
Minor patch for an Issue #646
|
2014-03-20 13:08:28 +01:00 |
|
Miroslav Stampar
|
97fe5e52c2
|
Fix for an Issue #644
|
2014-03-18 16:41:05 +01:00 |
|
Miroslav Stampar
|
97f603af4a
|
Fix for an Issue #641
|
2014-03-17 20:20:25 +01:00 |
|
Miroslav Stampar
|
0622cdf3d8
|
Bug fix (credentials used in combination with request file)
|
2014-03-15 09:29:21 +01:00 |
|
Miroslav Stampar
|
3b47418a1d
|
Fix for an Issue #640
|
2014-03-14 22:20:20 +01:00 |
|
Miroslav Stampar
|
56d76e6bfd
|
Updating list of extensions to exclude from crawling
|
2014-03-14 21:34:16 +01:00 |
|
Miroslav Stampar
|
be3fd8bb29
|
Fix for an Issue #638
|
2014-03-14 16:44:56 +01:00 |
|
Miroslav Stampar
|
17742df0fa
|
Update for an Issue #636 (to prevent eventual future reports with lack of stack trace)
|
2014-03-11 21:18:31 +01:00 |
|
Miroslav Stampar
|
2f8846caec
|
Fix for an Issue #636
|
2014-03-11 21:11:51 +01:00 |
|
Miroslav Stampar
|
d1a6a775f1
|
Patch for an Issue #636
|
2014-03-11 21:00:15 +01:00 |
|
Miroslav Stampar
|
f1f53a5841
|
Minor cosmetic update
|
2014-03-06 21:08:31 +01:00 |
|
Miroslav Stampar
|
490d51258e
|
Raising number of minimum time responses (15 is statistically too low)
|
2014-03-03 20:49:58 +01:00 |
|
Miroslav Stampar
|
291a0d772a
|
Update for an Issue #615
|
2014-02-27 14:23:14 +01:00 |
|
Miroslav Stampar
|
2ffdee5733
|
Bug fix for PAYLOAD.WHERE.REPLACE payloads containing custom injection marker ([ORIGVALUE] was screwed)
|
2014-02-26 11:41:48 +01:00 |
|
Miroslav Stampar
|
cc62a8adc9
|
Bug fix for JSON-like data (proper escaping of quotes)
|
2014-02-26 09:30:37 +01:00 |
|
Miroslav Stampar
|
6369a38ebc
|
Adding support for JSON-like data with single quote
|
2014-02-26 08:56:17 +01:00 |
|
Miroslav Stampar
|
465f968be6
|
Minor cosmetic update
|
2014-02-26 08:41:23 +01:00 |
|
Miroslav Stampar
|
edc8ef9d5b
|
Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used)
|
2014-02-25 13:48:34 +01:00 |
|
Miroslav Stampar
|
2a423d61ef
|
Raising number of requests for false positive testing in case of higher levels
|
2014-02-23 19:40:01 +01:00 |
|
Miroslav Stampar
|
d405fc1157
|
Minor update (for the consistency sake)
|
2014-02-16 22:04:12 +01:00 |
|
Miroslav Stampar
|
58eac364a2
|
Bug fix
|
2014-02-16 21:57:14 +01:00 |
|
Miroslav Stampar
|
dfa727cbc5
|
Fix for a same bug mentioned in last commit
|
2014-02-16 21:47:14 +01:00 |
|
Miroslav Stampar
|
43df4efd11
|
Bug fix (bad idea is to do os.path.join on web URLs - especially on Windows OS)
|
2014-02-16 21:44:57 +01:00 |
|
Miroslav Stampar
|
d05bfdd7dd
|
Implementing option '--where' (Issue #605)
|
2014-02-11 16:20:45 +01:00 |
|
Bernardo Damele
|
be6767b3b0
|
minor fix for command execution via web shell
|
2014-02-10 09:59:57 +00:00 |
|
Miroslav Stampar
|
fe0ff6e679
|
Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases
|
2014-02-09 17:50:16 +01:00 |
|
Miroslav Stampar
|
8521265526
|
Minor fix
|
2014-02-07 14:40:43 +01:00 |
|
Miroslav Stampar
|
534c2ee0e6
|
Minor update
|
2014-02-01 22:12:00 +01:00 |
|
Miroslav Stampar
|
0e44132778
|
Removing unused imports
|
2014-02-01 21:49:12 +01:00 |
|
Miroslav Stampar
|
f97fcb7bb3
|
Adding a switch --invalid-string
|
2014-01-23 21:56:06 +01:00 |
|
Miroslav Stampar
|
f88f6dcd7e
|
Changing --invalid-bignum from float producing to int producing
|
2014-01-23 09:07:25 +01:00 |
|
Miroslav Stampar
|
fc02badf40
|
Minor update
|
2014-01-23 08:33:21 +01:00 |
|
Bernardo Damele
|
bc29bf6481
|
removed comments
|
2014-01-13 23:57:49 +00:00 |
|
Bernardo Damele
|
1505f1dc74
|
removed useless sink
|
2014-01-13 23:55:32 +00:00 |
|
Bernardo Damele
|
124ebefc7f
|
code cleanup
|
2014-01-13 23:48:15 +00:00 |
|
Bernardo Damele
|
3c79d66569
|
fixed stderr
|
2014-01-13 17:34:38 +00:00 |
|
Bernardo Damele
|
43a4e85749
|
updated copyright
|
2014-01-13 17:24:49 +00:00 |
|
Bernardo Damele
|
dfa9076a70
|
fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d )
|
2014-01-13 17:12:37 +00:00 |
|
Miroslav Stampar
|
6863436d4e
|
Implementation for an Issue #596
|
2014-01-13 10:05:56 +01:00 |
|
Bernardo Damele
|
d9e00adfae
|
minor fix
|
2014-01-10 17:23:16 +00:00 |
|
Miroslav Stampar
|
36f3ab5798
|
Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True)
|
2014-01-09 15:46:55 +01:00 |
|
Miroslav Stampar
|
cb1f17cb04
|
Proper patch for an Issue #591
|
2014-01-02 12:15:56 +01:00 |
|
Miroslav Stampar
|
5437f8bf36
|
Fix for an Issue #85
|
2014-01-02 12:09:58 +01:00 |
|
Miroslav Stampar
|
4de83daf03
|
Minor style update
|
2014-01-02 11:06:19 +01:00 |
|
Miroslav Stampar
|
e0143e397a
|
Consistency fix (down below we use direct SQL)
|
2014-01-02 10:59:53 +01:00 |
|
Miroslav Stampar
|
0b4fcb6845
|
Fix for an Issue #591
|
2014-01-02 10:55:40 +01:00 |
|
Miroslav Stampar
|
854a55166c
|
Fix for an Issue #588
|
2014-01-02 10:29:10 +01:00 |
|
Miroslav Stampar
|
9b4b070ecf
|
Minor cosmetics
|
2014-01-02 10:05:58 +01:00 |
|
Miroslav Stampar
|
192a911b76
|
Patch for an Issue #28
|
2013-12-29 16:16:50 +01:00 |
|
Miroslav Stampar
|
41d6c1af82
|
Patch for an Issue #589
|
2013-12-28 13:47:40 +01:00 |
|
Miroslav Stampar
|
6c80f2903b
|
Patch for an Issue #564
|
2013-12-27 11:02:59 +01:00 |
|
Miroslav Stampar
|
cadbddd607
|
Adding a boundary proposed in Issue #564
|
2013-12-27 10:46:18 +01:00 |
|
Miroslav Stampar
|
7718edac9b
|
Fix for an Issue #570
|
2013-12-27 09:40:33 +01:00 |
|
Miroslav Stampar
|
02de2aee6d
|
Patch for an Issue #582
|
2013-12-26 22:27:04 +01:00 |
|
Miroslav Stampar
|
ab64d385d6
|
Bug fix (stacked queries as in PgSQL and MsSQL DNS tunneling queries MUST end with the comment - not the recognized underlying technique's suffix)
|
2013-12-25 22:18:57 +01:00 |
|
Miroslav Stampar
|
2c2667b2be
|
Minor patch for an Issue #575
|
2013-12-18 00:56:24 +01:00 |
|
Miroslav Stampar
|
fd6dcd8bf5
|
Merge pull request #583 from mattoufoutu/api
RESTful API improvements
|
2013-12-17 14:10:19 -08:00 |
|
Miroslav Stampar
|
f18abb1e9c
|
Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets)
|
2013-12-17 09:30:51 +01:00 |
|
Miroslav Stampar
|
7d8eb148ce
|
Patch for an Issue #565 (DuckDuckGo doesn't like identity encoding)
|
2013-12-17 09:30:04 +01:00 |
|
Miroslav Stampar
|
4819e19200
|
Patch for an Issue #584
|
2013-12-16 22:00:47 +01:00 |
|
Mathieu Deous
|
4c9456dd72
|
moar logging!
|
2013-12-15 16:59:47 +01:00 |
|
Mathieu Deous
|
438ad73016
|
avoid names shadowing
|
2013-12-15 09:22:01 +01:00 |
|
Mathieu Deous
|
eda9a3da67
|
all instance attributes should be defined in constructor
|
2013-12-15 09:16:38 +01:00 |
|
Mathieu Deous
|
3effaee2a1
|
avoid using global variables, use a "store" class
|
2013-12-15 00:19:58 +01:00 |
|
Mathieu Deous
|
c70f2a4e6d
|
unused imports
|
2013-12-15 00:00:08 +01:00 |
|
Mathieu Deous
|
aa02019638
|
return file content in a json message when calling download endpoint
|
2013-12-14 16:33:17 +01:00 |
|
Mathieu Deous
|
c87ad1bab5
|
make returned values more coherent
|
2013-12-14 16:22:30 +01:00 |
|