Miroslav Stampar
ce51326bff
quick fix
2011-03-31 08:43:17 +00:00
Miroslav Stampar
dd01d66f13
proper update regarding last commit
2011-03-29 22:10:08 +00:00
Miroslav Stampar
b6af80bab3
refactoring, cleanup and improvement
2011-03-29 21:54:15 +00:00
Miroslav Stampar
12f3024c8a
removing that boring message "reflective value found and filtered out" for headers case (we always include Uri header)
2011-03-29 20:45:21 +00:00
Miroslav Stampar
c5b6d377fb
fix for a bug reported by Kirill Morozov (we haven't expected mixed case/copied results in partial union pages)
2011-03-25 12:14:19 +00:00
Miroslav Stampar
1f1c4c0e61
better update related to the last commit
2011-03-24 20:04:20 +00:00
Miroslav Stampar
d79fae724c
minor refactoring
2011-03-24 09:16:21 +00:00
Miroslav Stampar
58e9a074d3
masking some more command line arguments
2011-03-18 16:47:18 +00:00
Miroslav Stampar
00b9d85ffc
fix regarding bug report from andyroyalbattle@yahoo.it
2011-03-18 16:26:39 +00:00
Miroslav Stampar
6cc745f789
removal of deprecated piece of code (replaced later with that getCurrentThreadData().disableStdOut)
2011-03-11 20:04:15 +00:00
Miroslav Stampar
16b286982d
fix for a bug reported by nightman (AttributeError: 'list' object has no attribute 'split')
2011-03-07 09:50:43 +00:00
Miroslav Stampar
f27f05308a
minor update for masking sensitive data in error report (added aCred too)
2011-03-02 10:09:17 +00:00
Miroslav Stampar
2bf212ffa9
minor minor update
2011-02-27 20:43:38 +00:00
Miroslav Stampar
21041f8b90
further reflective value handling improvement
2011-02-27 17:43:41 +00:00
Miroslav Stampar
88faedc0fe
fix for a bug reported by -insane-
2011-02-26 17:48:19 +00:00
Miroslav Stampar
2bbbc9a41e
few updates
2011-02-25 09:35:24 +00:00
Miroslav Stampar
aa88361ab1
incorporation of method for neutralization of reflective values
2011-02-25 09:22:44 +00:00
Miroslav Stampar
dcad5410fe
minor refactoring
2011-02-22 12:54:22 +00:00
Miroslav Stampar
6cdf08b81c
minor fix
2011-02-17 21:51:40 +00:00
Miroslav Stampar
22cd49a217
--technique can now be something like 123 which includes both techniques 1, 2 and 3
2011-02-17 21:39:16 +00:00
Miroslav Stampar
5fb11fd173
update regarding multiple DBMS payloads
2011-02-13 21:20:21 +00:00
Bernardo Damele
c3eb82e60b
Proper fix
2011-02-08 10:08:48 +00:00
Miroslav Stampar
dba2f74588
revert of r3274
2011-02-08 09:44:34 +00:00
Bernardo Damele
cfe2da0195
Minor fix
2011-02-08 00:13:39 +00:00
Miroslav Stampar
e023e0d233
proper fix
2011-02-07 12:32:08 +00:00
Bernardo Damele
3719f085ae
Added back-end dbms' OS based methods to Backend object - will be used for refactoring
2011-02-07 00:21:17 +00:00
Miroslav Stampar
4df8a03c04
using OrderedDict to store parameters in order of appearance
2011-02-04 18:07:21 +00:00
Bernardo Damele
fec88f6a6d
Minor fix
2011-02-04 15:57:53 +00:00
Miroslav Stampar
accf4e6ce0
one important fix (URI injection parameter '*' now can go anywhere)
2011-02-04 12:43:18 +00:00
Miroslav Stampar
c229efba05
revert
2011-02-04 11:33:21 +00:00
Miroslav Stampar
d211def899
minor adjustment (accepting strange new looking uri formats)
2011-02-04 10:55:03 +00:00
Miroslav Stampar
9a1a28c804
adding comments to filtering function
2011-02-03 23:09:08 +00:00
Miroslav Stampar
2dae57a56d
cosmetics
2011-02-02 14:35:21 +00:00
Miroslav Stampar
6c87bd1c63
added maskSensitiveData function
2011-02-02 14:25:16 +00:00
Bernardo Damele
3d966bd569
You never know..
2011-02-01 22:05:12 +00:00
Miroslav Stampar
705d45f4db
minor cosmetics
2011-02-01 11:10:23 +00:00
Miroslav Stampar
196e2d35b2
maybe we could ask user "are you willing to import local data content into error report" and use this function respectably
2011-02-01 11:06:56 +00:00
Bernardo Damele
6761933f75
Just.. cosmetics ;)
2011-01-31 22:51:14 +00:00
Miroslav Stampar
25c175a9a5
minor bug fix
2011-01-31 22:34:57 +00:00
Bernardo Damele
b04e1a0313
More detailed message for unhandled exception
2011-01-31 21:23:40 +00:00
Miroslav Stampar
8ef47307db
added checking of header values for GREP (error); still UNION to do
2011-01-31 12:21:17 +00:00
Miroslav Stampar
5e768be509
minor bug fix
2011-01-31 09:34:54 +00:00
Miroslav Stampar
f7feebe0df
fix for a bug reported by malice.anon@gmail.com (TypeError: encode() takes no keyword arguments)
2011-01-31 09:28:16 +00:00
Miroslav Stampar
ddf23ba7cc
refactoring
2011-01-30 11:36:03 +00:00
Miroslav Stampar
367d0639f0
refactoring (class names should always be Capital cased)
2011-01-28 16:36:09 +00:00
Miroslav Stampar
ddd296030d
added some more info to unhandled exception message(s)
2011-01-28 16:15:45 +00:00
Miroslav Stampar
81722b6881
major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values)
2011-01-27 18:36:28 +00:00
Miroslav Stampar
6cc69f5e16
now --technique is appliable also after the injections have been identified
2011-01-24 16:47:24 +00:00
Miroslav Stampar
81011be0d7
minor update of parseTargetUrl method
2011-01-24 14:52:50 +00:00
Miroslav Stampar
b18397fbc7
major revisit of --os-shell methods
2011-01-23 20:47:06 +00:00
Bernardo Damele
7d1c704575
Moved little precaution from checks.py to common.py.
...
Initial refactoring of kb.os* get/set.
2011-01-20 21:56:10 +00:00
Miroslav Stampar
345e2288e1
important fix regarding encoding stuff
2011-01-20 13:54:18 +00:00
Bernardo Damele
bade0e3124
Major code refactoring - centralized all kb.dbms* info for both retrieval and set.
2011-01-19 23:06:15 +00:00
Miroslav Stampar
aea43a1e43
minor refactoring
2011-01-19 15:26:57 +00:00
Miroslav Stampar
eadaf680de
fuck yea
2011-01-19 15:25:48 +00:00
Miroslav Stampar
89e0fd0709
back to roots
2011-01-19 14:06:26 +00:00
Bernardo Damele
33485198e1
Code cleanup
2011-01-18 23:05:32 +00:00
Bernardo Damele
47565f9459
Minor code refactoring
2011-01-17 21:13:59 +00:00
Miroslav Stampar
041abb56e2
you can't believe how much man can learn when having good testing points
2011-01-17 13:59:22 +00:00
Miroslav Stampar
d225c5c9aa
was wrong about this one (just now tested on a real site)
2011-01-17 11:00:09 +00:00
Miroslav Stampar
ac0b5e6dbc
proper way to handle this (console output has totally different encoding than the page one)
2011-01-17 10:27:36 +00:00
Miroslav Stampar
2041361695
minor cosmetics
2011-01-16 23:20:52 +00:00
Miroslav Stampar
e2c821eb81
minor cosmetics
2011-01-16 22:35:54 +00:00
Miroslav Stampar
e881465a9f
minor improvement
2011-01-16 20:55:07 +00:00
Miroslav Stampar
30d6791968
update regarding time based data retrieval
2011-01-16 17:52:42 +00:00
Miroslav Stampar
2001bad7e1
automatic adjustment of timeSec for delayed queries
2011-01-16 12:04:32 +00:00
Miroslav Stampar
71391874eb
slightly faster and thread safer inference
2011-01-16 10:52:42 +00:00
Miroslav Stampar
29ea0950b6
now False is also affected (along with None and "")
2011-01-15 23:43:26 +00:00
Bernardo Damele
558f3894f4
Minor improvement
2011-01-15 23:20:52 +00:00
Miroslav Stampar
5bdb50c224
code review part 3
2011-01-15 13:15:10 +00:00
Miroslav Stampar
6a0e0cde3c
code review of modules in lib/core directory
2011-01-15 12:13:45 +00:00
Miroslav Stampar
daf5662eab
update
2011-01-14 15:33:49 +00:00
Bernardo Damele
1cfd6a6b9d
Code cleanup
2011-01-14 15:16:34 +00:00
Miroslav Stampar
08f7e20c51
minor code refactoring
2011-01-14 14:55:59 +00:00
Miroslav Stampar
fb9d7cdfaa
refactoring, code clearing and removal of obsolete switch --longest-common
2011-01-14 14:37:03 +00:00
Bernardo Damele
3c95d71ea5
Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase
2011-01-14 11:55:20 +00:00
Bernardo Damele
7d9fd5a7b7
Minor bug fix
2011-01-14 09:49:14 +00:00
Miroslav Stampar
676b95b30a
minor code refactoring
2011-01-14 09:44:56 +00:00
Bernardo Damele
f8c04ce020
Minor bug fix
2011-01-13 20:59:13 +00:00
Bernardo Damele
2ac8debea0
Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
...
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Bernardo Damele
877ea31521
Verbose docstring
2011-01-13 12:05:14 +00:00
Miroslav Stampar
ac5b49f555
update
2011-01-13 11:24:03 +00:00
Bernardo Damele
af4ee81e62
Cosmetics
2011-01-13 11:23:07 +00:00
Miroslav Stampar
ece2eb31ca
minor update
2011-01-13 11:08:29 +00:00
Bernardo Damele
2f5995a7eb
Added generic and mysql UNION tests from 1 to 25 columns.
...
Adapted config file and command line removing now outdated --union-test switch.
Minor bug fix.
Minor code refactoring.
Got rid of some debug messages, standardized logging of UNION tests.
2011-01-11 22:56:21 +00:00
Bernardo Damele
300128042c
First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though.
...
Major refactoring to Agent.payload() method.
Minor bug fixes, some code refactoring and a lot of core adjustments here and there.
Added more checks for injection in GROUP BY and ORDER BY.
2011-01-11 22:18:47 +00:00
Miroslav Stampar
394b6bc029
reverting some changes
2011-01-11 12:11:33 +00:00
Miroslav Stampar
54e0ba935a
minor update
2011-01-11 12:08:36 +00:00
Miroslav Stampar
0676b38063
revert of one thing for Bernardo and minor update
2011-01-10 10:30:17 +00:00
Miroslav Stampar
77b51dae57
adding openFile method with an exception block around file opening part
2011-01-08 09:30:10 +00:00
Bernardo Damele
e373dac1f2
Cosmetics
2011-01-07 16:50:39 +00:00
Miroslav Stampar
c17714c423
suppress session in case of brute methods
2011-01-07 16:47:46 +00:00
Miroslav Stampar
b313a20a3f
some fixes
2011-01-07 16:39:47 +00:00
Miroslav Stampar
1a079c62cb
minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones)
2011-01-07 16:08:01 +00:00
Bernardo Damele
1c86ec374e
Code refactoring and cosmetics
2011-01-07 15:41:09 +00:00
Miroslav Stampar
a8d660db54
fixes for bugs reported by pragmatk@gmail.com
2011-01-06 16:59:58 +00:00
Miroslav Stampar
694a65f6f1
minor fix/update
2011-01-05 13:32:40 +00:00
Miroslav Stampar
7ae5192070
adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data)
2011-01-05 10:25:07 +00:00
Miroslav Stampar
c83e9f6ca5
foundation for filtering binary string values (for example, replacement of non readable chars with #)
2011-01-04 21:56:37 +00:00
Miroslav Stampar
0eabca9fd4
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
2011-01-03 22:31:29 +00:00
Miroslav Stampar
08ccbf2c1e
important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)
2011-01-03 22:02:58 +00:00
Miroslav Stampar
d19a8d53e4
minor update
2011-01-03 08:46:20 +00:00
Miroslav Stampar
8625494ff2
added one new quick check for multiple target(s) mode
2011-01-03 08:32:06 +00:00
Miroslav Stampar
5f9b6b2254
code refactoring
2011-01-02 16:51:21 +00:00
Miroslav Stampar
da138c46c1
added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)
2011-01-02 07:37:47 +00:00
Miroslav Stampar
428e817a32
some refactoring
2011-01-01 23:57:27 +00:00
Miroslav Stampar
0e815177c8
minor update
2011-01-01 19:07:40 +00:00
Miroslav Stampar
8f32c740ff
code refactoring
2010-12-29 19:39:32 +00:00
Miroslav Stampar
93838fb155
"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)
2010-12-28 14:40:34 +00:00
Miroslav Stampar
89c2640d23
basic --search now works with MS Access
2010-12-26 23:50:16 +00:00
Miroslav Stampar
ceeb6374e8
bug fix (TypeError: object of type 'NoneType' has no len())
2010-12-26 13:27:24 +00:00
Miroslav Stampar
569e060aab
important improvement
2010-12-26 13:20:52 +00:00
Miroslav Stampar
a555d1ad68
minor improvement
2010-12-26 11:15:02 +00:00
Miroslav Stampar
b472b96f92
bug fix, refactoring and improved extractErrorMessage capabilities
2010-12-25 10:16:20 +00:00
Miroslav Stampar
2c23a59ba5
fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)
2010-12-24 12:13:48 +00:00
Miroslav Stampar
23dc408901
prioritization of tests based on DBMS error messages and some comments in common.py
2010-12-24 10:55:41 +00:00
Miroslav Stampar
d9f08e4aa3
randomization of user agents
2010-12-24 10:04:27 +00:00
Miroslav Stampar
017ea9e686
update
2010-12-23 14:06:22 +00:00
Miroslav Stampar
7c06dbffc3
bug fix (AttributeError: 'unicode' object has no attribute 'sort')
2010-12-22 18:55:50 +00:00
Miroslav Stampar
6c1133c4d4
some code refactoring
2010-12-21 15:13:13 +00:00
Miroslav Stampar
385e208f38
code refactoring regarding standard output suppression and some threading issues
2010-12-21 14:21:24 +00:00
Miroslav Stampar
6b37ddada4
removed some blank trailing spaces (with extra/shutils/blanks.sh)
2010-12-21 10:31:56 +00:00
Bernardo Damele
1a3f57e5fe
Cosmetics
2010-12-21 09:23:00 +00:00
Miroslav Stampar
116c141dfa
another fix
2010-12-21 00:47:07 +00:00
Miroslav Stampar
8067365b93
fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident')
2010-12-20 23:47:53 +00:00
Miroslav Stampar
8fd3e7ba1f
thread based data added
2010-12-20 22:45:01 +00:00
Miroslav Stampar
c9e8aae8a2
we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads)
2010-12-20 19:34:41 +00:00
Miroslav Stampar
e09bc2406c
minor refactoring
2010-12-20 19:24:20 +00:00
Miroslav Stampar
5852bad963
some refactoring
2010-12-20 18:56:06 +00:00
Miroslav Stampar
19d8733e9a
this is strictly for educational purposes
2010-12-20 17:30:47 +00:00
Miroslav Stampar
fe67d3827c
code refactoring and some fixes
2010-12-18 09:51:34 +00:00
Miroslav Stampar
a19cb2c13a
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")
2010-12-17 21:29:09 +00:00
Miroslav Stampar
7cfeb5447b
minor update
2010-12-15 11:46:28 +00:00
Miroslav Stampar
f8a01ddaf8
minor update
2010-12-15 11:21:47 +00:00
Miroslav Stampar
b75d7fa348
minor cache based optimization
2010-12-14 12:22:17 +00:00
Bernardo Damele
cfcee6439e
Cosmetics
2010-12-13 21:55:30 +00:00
Miroslav Stampar
e98d9c08e1
dumping table is now possible on Firebird too
2010-12-12 14:38:07 +00:00
Miroslav Stampar
c93634b6c7
blind dumping of tables in sqlite implemented
2010-12-11 22:13:19 +00:00
Miroslav Stampar
b1babeefe5
update regarding dumping of tables with blind on Sqlite
2010-12-11 22:00:16 +00:00
Miroslav Stampar
6a24048aa6
urllib2 doesn't play well with '\n' when non unescaped chars used
2010-12-11 21:17:54 +00:00
Miroslav Stampar
d2a3e8f44f
first time firebird error-based query success
2010-12-11 11:17:24 +00:00
Miroslav Stampar
d5e7a8d305
update
2010-12-10 10:54:17 +00:00
Bernardo Damele
9c61adb21d
Cosmetics
2010-12-09 00:26:06 +00:00
Miroslav Stampar
81c16926c1
code refactoring some more
2010-12-08 14:46:07 +00:00
Miroslav Stampar
95b48746a6
cosmetics
2010-12-08 14:29:09 +00:00
Miroslav Stampar
01cf1394a4
code refactoring
2010-12-08 14:26:40 +00:00
Miroslav Stampar
b21eb88905
minor update
2010-12-07 22:45:38 +00:00
Miroslav Stampar
ecd4a5a532
added standard deviation check in time based tests
2010-12-07 16:39:31 +00:00
Miroslav Stampar
294119d2ec
more advanced time technique(s)
2010-12-07 16:04:53 +00:00
Bernardo Damele
effd2ca0e3
Cosmetics
2010-12-07 12:32:58 +00:00