Commit Graph

7944 Commits

Author SHA1 Message Date
Miroslav Stampar
06ca058300 Fixes #2812 2017-12-04 15:40:59 +01:00
Miroslav Stampar
370884d07a Fixes #2811 2017-12-04 14:59:05 +01:00
Miroslav Stampar
91bffe988b Minor patch 2017-12-04 14:22:51 +01:00
Miroslav Stampar
220dffbcfa Couple of wording updates 2017-12-04 13:59:35 +01:00
Miroslav Stampar
9fab2c9764 Minor refactoring 2017-12-04 13:41:02 +01:00
Miroslav Stampar
7244e8e4e2 Minor patches 2017-12-04 13:24:51 +01:00
Miroslav Stampar
e7268ffb4d Fixes #2809 2017-12-01 10:32:44 +01:00
Miroslav Stampar
7c5b051d60 Fixes #2808 2017-11-29 15:59:00 +01:00
Miroslav Stampar
5899fd5ef2 Update related to the #2806 2017-11-27 22:24:44 +01:00
Miroslav Stampar
f60727a891 Minor update of sitelock.py 2017-11-26 12:11:09 +01:00
Miroslav Stampar
792ed52ab5 New WAF scripts 2017-11-26 12:06:23 +01:00
Miroslav Stampar
132a72c9bd Minor update of logging messages 2017-11-24 12:20:57 +01:00
Miroslav Stampar
8735a49f63 Some more refactoring 2017-11-24 11:49:31 +01:00
Miroslav Stampar
b9e2e8b74d Minor refactoring 2017-11-24 11:44:14 +01:00
Miroslav Stampar
b23626db70 Minor update 2017-11-24 11:36:27 +01:00
Miroslav Stampar
33d8ce8923 Minor patches 2017-11-24 10:54:03 +01:00
Miroslav Stampar
72f7caa23b Minor refactoring 2017-11-24 10:38:29 +01:00
Miroslav Stampar
284bdac72c Minor patch 2017-11-22 16:17:14 +01:00
Miroslav Stampar
7d6a3c4034 Refactoring shell files 2017-11-22 15:59:29 +01:00
Miroslav Stampar
02274f6db1 Minor patch (smoke test failed) 2017-11-22 13:31:44 +01:00
Miroslav Stampar
bf8b2eb21e Minor update regarding #2791 2017-11-22 13:29:39 +01:00
Miroslav Stampar
d7677f322d Fixes #2793 2017-11-22 13:07:04 +01:00
Miroslav Stampar
ab641e9242 Minor improvement for sonicwall WAF script 2017-11-21 09:23:16 +01:00
Miroslav Stampar
ec83837342 Fixes #2786 2017-11-19 02:51:29 +01:00
Miroslav Stampar
2333903b68 Fixes #2785 2017-11-19 02:16:52 +01:00
Miroslav Stampar
d54ec88648 Adding compression to BigArray mechanism (to save disk space on big dumps) 2017-11-17 11:45:02 +01:00
Miroslav Stampar
a651c8a637 Fixes #2779 2017-11-15 10:36:32 +01:00
Miroslav Stampar
b608c21dff Fixes #2778 2017-11-15 09:51:20 +01:00
Miroslav Stampar
88df293a1a Better approach as @cachedmethod got improved 2017-11-13 22:53:22 +01:00
Miroslav Stampar
323f1285b6 Fixes #2774 2017-11-13 14:07:12 +01:00
Miroslav Stampar
26b81f58bb Fixes #2772 2017-11-13 11:19:25 +01:00
Miroslav Stampar
839070d6ee Minor refactoring 2017-11-10 13:03:24 +01:00
Miroslav Stampar
28ee12c4d2 Adding delayed imports 2017-11-10 12:34:54 +01:00
Miroslav Stampar
bc61a6828c Quick patch for #2770 2017-11-10 10:45:20 +01:00
Miroslav Stampar
e9380627e1 Better one for Issue #2769 2017-11-10 00:44:33 +01:00
Miroslav Stampar
e80e841b25 Update related to the Issue #2769 2017-11-10 00:41:03 +01:00
Miroslav Stampar
4102d87521 Better SELECT_FROM_TABLE_REGEX regex 2017-11-09 13:56:01 +01:00
Miroslav Stampar
67b470245e Minor cleanup of NULL connection 2017-11-09 13:45:52 +01:00
Miroslav Stampar
d148694a4b Minor refactoring 2017-11-09 12:24:58 +01:00
Miroslav Stampar
9404b63a42 Some memory improvements of @cachedmethod 2017-11-09 12:24:11 +01:00
Miroslav Stampar
58b87e4b6b Some more refactoring 2017-11-08 15:58:23 +01:00
Miroslav Stampar
5c35aff22a Minor refactoring 2017-11-08 15:47:12 +01:00
Miroslav Stampar
18d78a34cc Removing unused methods 2017-11-06 13:53:35 +01:00
Miroslav Stampar
e5f96102af Fixes #2763 2017-11-06 10:53:50 +01:00
Miroslav Stampar
d9bf33ea1d Minor beauty patch 2017-11-06 10:36:17 +01:00
Miroslav Stampar
0d1ea50785 Fixes #2762 2017-11-06 10:00:29 +01:00
Miroslav Stampar
cc37b12d37 Minor update 2017-11-02 14:31:16 +01:00
Miroslav Stampar
c671acb62e Minor patch of normalizePath() 2017-11-02 13:09:31 +01:00
Miroslav Stampar
cdd0e6f0ac Minor patch 2017-11-02 13:02:38 +01:00
Miroslav Stampar
ce8d0befd0 Fixes #2755 2017-11-02 11:49:36 +01:00
Miroslav Stampar
14676bdffb Switching proxies when Google detects unusual traffic 2017-11-01 10:35:01 +01:00
Miroslav Stampar
01d24cbb42 Minor adjustment of logging messages 2017-10-31 11:48:17 +01:00
Miroslav Stampar
9c3c9a9315 Minor bug fix 2017-10-31 11:39:12 +01:00
Miroslav Stampar
66d37112d1 If it works, don't touch. I touched 2017-10-31 11:38:09 +01:00
Miroslav Stampar
6bf84151e4 Silent bug fix (.encode() is not safe for base64 encoding because of whitespaces) 2017-10-31 11:07:28 +01:00
Miroslav Stampar
22907d5085 Some more trivial refactoring 2017-10-31 11:05:25 +01:00
Miroslav Stampar
b1a898662d Some more trivial refactoring 2017-10-31 10:27:58 +01:00
Miroslav Stampar
496075ef20 Trivial refactoring 2017-10-31 10:10:22 +01:00
Miroslav Stampar
ac2359f8df Patch of potential silent bug (digits charset) 2017-10-31 10:03:23 +01:00
Miroslav Stampar
ff5bdbefe8 Minor refactoring 2017-10-31 09:55:14 +01:00
Miroslav Stampar
190cf4b14d Minor patch (missing scheme case) 2017-10-31 09:51:07 +01:00
Miroslav Stampar
8d7796f41c Trivial refactoring 2017-10-28 23:27:19 +02:00
Miroslav Stampar
5497a6e58d Adding support for Base64 format of md5, sha1, sha256 and sha512 hashes (Issue #1881) 2017-10-28 22:40:55 +02:00
Miroslav Stampar
9ae713bcec Adding support for DJANGO_MD5 and DJANGO_SHA1 (Issue #1881) 2017-10-20 13:56:47 +02:00
Miroslav Stampar
7c874350d2 Adding support for SSHA, SSHA256 and SSHA512 (Issue #1881) 2017-10-20 13:32:40 +02:00
Miroslav Stampar
311444a4ac Update related to the #2677 2017-10-20 10:00:26 +02:00
Miroslav Stampar
4e611133c6 Fixes #2747 2017-10-17 16:34:09 +02:00
Miroslav Stampar
5f25a77eab Adding support for vBulletin password hashes (Issue #1881) 2017-10-17 11:21:03 +02:00
Miroslav Stampar
ae3c013054 Minor update 2017-10-17 10:38:33 +02:00
Miroslav Stampar
7b0f1fd7fc Couple of patches and implementation for SHA256 (Issue #1881) 2017-10-16 15:15:44 +02:00
Miroslav Stampar
1f60dfc835 Minor patch for WAF mechanism 2017-10-16 11:42:11 +02:00
Miroslav Stampar
94579aa80d Minor patch (salt should be 32 bytes in length) 2017-10-13 15:53:45 +02:00
Miroslav Stampar
0f4d202db4 Implemented support for Joomla passwd (Issue #1881) 2017-10-13 15:37:16 +02:00
Miroslav Stampar
a1dd7363d4 Implemented support for Apache SHA1 (Issue #1881) 2017-10-13 15:19:50 +02:00
Miroslav Stampar
12b331170b Minor bug fix 2017-10-12 15:08:09 +02:00
Miroslav Stampar
3ca4b7c0a9 Update for #1881 (unix_md5_passwd and apache_md5_passwd) 2017-10-12 15:05:32 +02:00
Miroslav Stampar
8c6b761044 Replacing doc/COPYING to LICENSE 2017-10-11 14:50:46 +02:00
Miroslav Stampar
c768fe4617 Changing file permissions to remove execute bit 2017-10-11 14:16:48 +02:00
Miroslav Stampar
b7db28a89b Minor refactoring (unused imports) 2017-10-10 16:14:39 +02:00
Miroslav Stampar
94a337b2e3 Implementation for an Issue #1306 2017-10-10 16:08:13 +02:00
Miroslav Stampar
df135a5b0c Sponsorship update (link) 2017-10-10 14:27:10 +02:00
Miroslav Stampar
d8caf7818d Sponsorship update (bold text) 2017-10-10 14:20:56 +02:00
Miroslav Stampar
339dc7ce37 Sponsorship update 2017-10-10 13:46:45 +02:00
Miroslav Stampar
5df7abb0ee Fixes #2737 2017-10-10 11:04:17 +02:00
Miroslav Stampar
1f5f2aff0b Adding support for Bing (as a fallback) 2017-10-09 14:25:08 +02:00
Miroslav Stampar
8c88a095fb disconnect.me turned into a DuckDuckGo proxy 2017-10-09 14:07:27 +02:00
Miroslav Stampar
09ddb3bd8b Minor update for #2731 (--smoke-test failed) 2017-10-04 14:02:47 +02:00
Miroslav Stampar
f1c102a020 Minor touch for internal re-hashing purposes 2017-10-02 16:32:37 +02:00
Syed Afzal
ae972de8fc Added identification for waf NAXSI 2017-10-01 22:15:02 +05:30
Miroslav Stampar
62519eed04 Minor patch (breaking lines on longer outputs - 100%) 2017-09-26 13:18:37 +02:00
Miroslav Stampar
222fd856fa Implementation for #2709 2017-09-25 11:32:40 +02:00
Miroslav Stampar
db94d24db1 Initial support for #2709 (more work to be done) 2017-09-21 14:35:24 +02:00
Miroslav Stampar
116c1c8b5c Minor refactoring 2017-09-20 15:49:18 +02:00
Miroslav Stampar
afc2a42383 Revisiting regexes for DBMS errors 2017-09-20 15:28:33 +02:00
Miroslav Stampar
44664dd7d6 Minor update (based on user request) 2017-09-19 14:36:34 +02:00
Miroslav Stampar
35ba94b3a9 Fixes #2696 2017-09-17 23:56:48 +02:00
Miroslav Stampar
24c261d630 Minor patch 2017-09-17 23:12:57 +02:00
Miroslav Stampar
6a8ea0557c Minor update 2017-09-15 14:23:55 +02:00
Miroslav Stampar
721bf4d243 Minor update related to the #2695 2017-09-14 13:28:24 +02:00
Miroslav Stampar
7de63a7efb Fixes #2694 2017-09-12 10:32:22 +02:00
Miroslav Stampar
12f802c70f Minor text update 2017-09-11 10:41:50 +02:00
Miroslav Stampar
96ffb4b911 Fixes #2693 2017-09-11 10:38:19 +02:00
Miroslav Stampar
93cb879e5d Fixes #2692 2017-09-11 10:17:02 +02:00
Miroslav Stampar
f67f26cebd Minor update 2017-09-11 10:00:35 +02:00
Miroslav Stampar
942ac7733a Fixes #2691 2017-09-09 22:27:40 +02:00
Miroslav Stampar
2496db9d96 Update for #2690 2017-09-08 11:59:26 +02:00
Miroslav Stampar
a3249019d9 Patch for an Issue #2690 2017-09-08 11:43:10 +02:00
Miroslav Stampar
96f80879ff Fixes #2688 2017-09-06 23:41:56 +02:00
Miroslav Stampar
96b9950f96 Fixes #2684 2017-09-05 13:13:08 +02:00
Miroslav Stampar
30ea219228 Fixes #2604 2017-09-05 12:48:51 +02:00
Miroslav Stampar
7c41bc57e7 Fixes #2683 2017-09-05 10:51:58 +02:00
Miroslav Stampar
e609bd04ad Fixes #2678 2017-09-04 23:00:16 +02:00
Miroslav Stampar
511f2a6d12 Update for #2680 2017-09-04 17:16:00 +02:00
Miroslav Stampar
415ce05a2f Fixes #2677 2017-09-04 17:05:48 +02:00
Miroslav Stampar
06deda3223 Fixes #2672 2017-09-01 14:29:52 +02:00
Miroslav Stampar
d4170f11f0 Patch for #2654 2017-08-28 17:29:46 +02:00
Miroslav Stampar
cb2258fea4 Fixes #2603 2017-08-28 13:02:08 +02:00
Miroslav Stampar
c871cedae4 Adding hidden option '--force-dbms' to skip fingerprinting 2017-08-28 12:30:42 +02:00
Miroslav Stampar
3e4130c5e6 Update for #2665 2017-08-28 11:08:36 +02:00
Miroslav Stampar
a6c04a59cb Minor update 2017-08-23 14:10:11 +02:00
Miroslav Stampar
53eb44304f Proper patch for #2666 2017-08-23 14:08:40 +02:00
Miroslav Stampar
400339a884 Fixes #2665 2017-08-23 13:52:51 +02:00
Miroslav Stampar
8b0c50f25d Update related to the #2663 2017-08-23 13:17:37 +02:00
Miroslav Stampar
e42b63f51c Typo fix 2017-08-20 10:02:26 +02:00
Miroslav Stampar
b8f88a079a Fixes #2659 2017-08-20 10:00:04 +02:00
Miroslav Stampar
a761e1d165 Fixes #2656 2017-08-16 03:08:58 +02:00
Miroslav Stampar
5b6926ae05 Fixes #2654 2017-08-11 11:48:05 +02:00
Miroslav Stampar
e862da6d4e Update for an Issue #2653 2017-08-11 10:47:32 +02:00
Miroslav Stampar
1ac0704c09 Fixes #2651 2017-08-09 16:52:36 +02:00
Miroslav Stampar
b6b51bea9d Fixes #2649 2017-08-07 11:27:22 +02:00
Miroslav Stampar
672abe8416 Minor just in case update 2017-08-04 13:59:15 +02:00
Miroslav Stampar
fac6712a35 Implements #2647 (Basic authorization for sqlmapapi) 2017-08-04 13:37:49 +02:00
Miroslav Stampar
68ee1f361b Fixes #2640 2017-07-31 14:20:59 +02:00
Miroslav Stampar
62ae149464 Minor patch 2017-07-29 03:35:05 +02:00
Miroslav Stampar
f071c8500c Fixes #2634 2017-07-29 03:18:49 +02:00
Miroslav Stampar
5745d650f8 Fixes #2635 2017-07-29 02:42:20 +02:00
Miroslav Stampar
de8ea53d46 Fixes #2628 2017-07-28 00:37:33 +02:00
Miroslav Stampar
23081f83db Fixes #2626 2017-07-28 00:16:06 +02:00
Miroslav Stampar
4d56a806e8 Minor patch 2017-07-28 00:00:09 +02:00
Miroslav Stampar
1745bac0ab Fixes #2625 2017-07-26 00:54:29 +02:00
Miroslav Stampar
0f9c81965b Implementation on request 2017-07-26 00:24:13 +02:00
Miroslav Stampar
d12b65d38c Fixes #2624 2017-07-25 23:32:30 +02:00
Miroslav Stampar
38c70d9799 Minor update 2017-07-21 11:09:00 +02:00
Miroslav Stampar
a9a744fec6 Merge pull request #2620 from delvelabs/mark-steps-in-har
Fix HAR validation for HAR viewer
2017-07-21 11:07:16 +02:00
Louis-Philippe Huberdeau
3c5ee552f0 Make sure non-optional properties are present 2017-07-20 08:50:03 -04:00
Miroslav Stampar
8ca45695ab Minor update 2017-07-20 03:09:09 +02:00
Miroslav Stampar
bf40526785 Merge pull request #2618 from delvelabs/mark-steps-in-har
Mark steps in HAR file
2017-07-20 02:52:57 +02:00
Miroslav Stampar
9b41efcbe1 Minor patch 2017-07-20 02:50:34 +02:00
Miroslav Stampar
36f3fd72e6 Update for an Issue #2616 2017-07-20 02:41:47 +02:00
Louis-Philippe Huberdeau
facc54f60b Receiving some messages with a differerent header line 2017-07-19 15:40:07 -04:00
Louis-Philippe Huberdeau
4c7da11331 Make sure the comment is not set to None 2017-07-19 14:46:36 -04:00
Louis-Philippe Huberdeau
e21f67715c List is not a valid input type for timings, expecting object 2017-07-19 14:12:30 -04:00
Louis-Philippe Huberdeau
e38267a61e Include tracking properties in the HAR to identify which test the requests were associated to 2017-07-18 15:46:52 -04:00
Miroslav Stampar
7d147f613f Fixes #2611 2017-07-17 22:24:51 +02:00
Miroslav Stampar
591a60bbde Fixes #2606 2017-07-11 14:48:22 +02:00
Miroslav Stampar
3f40bf1101 Fixes #2387 2017-07-06 11:44:18 +02:00
Miroslav Stampar
d248317b89 Update for people that just download 'sqlmap.py' <- they exist 2017-07-05 16:42:54 +02:00
Miroslav Stampar
75fd878242 Minor patch 2017-07-05 15:41:53 +02:00
Miroslav Stampar
30378c8ae3 Minor patch 2017-07-05 15:27:29 +02:00
Miroslav Stampar
c9b3b47d6f Minor update 2017-07-05 14:07:21 +02:00
Miroslav Stampar
d038d027f9 Minor updates 2017-07-05 13:51:48 +02:00
Miroslav Stampar
c6577b80d9 Minor update 2017-07-05 13:35:02 +02:00
Miroslav Stampar
4a4fa07bdd Minor update 2017-07-05 12:35:48 +02:00
Miroslav Stampar
a4ebd5418f Patch for an Issue reported privately via email 2017-07-05 12:15:14 +02:00
Miroslav Stampar
ba369b73d3 Fixes #2601 2017-07-05 11:31:42 +02:00
Miroslav Stampar
614f290217 Update for #2597 2017-07-04 12:14:17 +02:00
Miroslav Stampar
1678b606a2 Update for #2597 2017-07-03 16:55:24 +02:00
Miroslav Stampar
aef5d6667f Merge pull request #2597 from delvelabs/generate-har
Generate HAR
2017-07-03 15:27:00 +02:00
Miroslav Stampar
b622c25f9d Fixes #2598 2017-07-03 14:17:11 +02:00
Miroslav Stampar
e07ff7168b Fixes #2599 2017-07-02 00:03:34 +02:00
Miroslav Stampar
ce48217ada Minor update 2017-07-01 23:46:28 +02:00
Louis-Philippe Huberdeau
b6969df52a Add missing httpVersion in request render, avoid encoding to base64 unless binary data is included 2017-06-29 10:14:20 -04:00
Miroslav Stampar
0e728aa73e Changing default encoding of sys.argv 2017-06-29 15:33:34 +02:00
Miroslav Stampar
f93c19ba9d Fixes #2596 2017-06-29 15:29:54 +02:00
Louis-Philippe Huberdeau
dd19527e9c Remove debug _raw entry from output 2017-06-29 09:00:02 -04:00
Miroslav Stampar
a42ddad9c1 Implements #2583 2017-06-29 14:57:35 +02:00
Miroslav Stampar
a2973296a2 Fixes #2595 2017-06-29 14:26:25 +02:00
Miroslav Stampar
0961f6a5e9 Fixes #2592 2017-06-23 23:46:25 +02:00
Louis-Philippe Huberdeau
fae965f8b6 Parse and build the response block 2017-06-23 13:28:22 -04:00
Louis-Philippe Huberdeau
0d756a8823 Parse request data and convert to HAR, include in injection data 2017-06-23 11:50:21 -04:00
Louis-Philippe Huberdeau
8df4cc3983 Adding initial hook to receive the request/response pairs 2017-06-23 09:44:33 -04:00
Miroslav Stampar
5ec44b8346 Minor refactoring 2017-06-19 23:06:05 +02:00
Miroslav Stampar
e2d3187a78 Fixes #2576 2017-06-18 15:00:12 +02:00
Miroslav Stampar
b4980778dd Fixes #2577 2017-06-18 14:07:48 +02:00
Miroslav Stampar
71457fea0e Fixes #2585 2017-06-18 13:19:11 +02:00
Miroslav Stampar
34281af3f6 Minor cleaning 2017-06-14 08:13:41 -04:00
Miroslav Stampar
7dbbf3ecf5 Fixes 'codewatchorg/sqlipy/issues/12' 2017-06-07 23:19:19 +02:00
Miroslav Stampar
c41c93a404 Fixes #2568 2017-06-07 22:43:28 +02:00
Miroslav Stampar
9a7343e9f7 Fixes #2566 2017-06-07 16:07:27 +02:00
Miroslav Stampar
e0401104f2 Minor update 2017-06-07 12:55:14 +02:00
Miroslav Stampar
9da8d55128 Implements #2557 2017-06-07 11:22:06 +02:00
Miroslav Stampar
864711b434 Minor improvement 2017-06-05 16:48:14 +02:00
Miroslav Stampar
996ad59126 Minor patch 2017-06-05 16:28:19 +02:00
Miroslav Stampar
6d48df2454 Fixes #2562 2017-06-05 10:38:05 +02:00
Miroslav Stampar
55a43a837b Minor update 2017-06-02 00:50:00 +02:00
Miroslav Stampar
eb26dd8984 Fixes #2556 2017-06-02 00:44:01 +02:00
Miroslav Stampar
b9b5d07336 Cleaning leftover 2017-05-30 11:41:42 +02:00
Miroslav Stampar
5f3235ef57 Fixes #2551 2017-05-30 11:40:06 +02:00
Miroslav Stampar
dfe42612be Fixes #2549 2017-05-29 10:57:27 +02:00
Miroslav Stampar
a0202f7bfd Fixes #2538 2017-05-26 16:08:30 +02:00
Miroslav Stampar
6dd9d5b2dd Fixes #2547 2017-05-26 14:34:32 +02:00
Miroslav Stampar
0864387885 Minor update 2017-05-26 14:25:22 +02:00
Miroslav Stampar
359bfb2704 Minor adjustment 2017-05-26 14:14:35 +02:00
Miroslav Stampar
644ea2e3aa Minor patch 2017-05-26 14:08:08 +02:00
Miroslav Stampar
071132cd56 Fixes #2543 2017-05-21 22:52:44 +02:00
Miroslav Stampar
4ce08dcfa3 Patch for an Issue #2536 2017-05-17 00:22:18 +02:00
Miroslav Stampar
2ca5ddce5f Fixes #2534 2017-05-15 17:03:05 +02:00
Miroslav Stampar
addb2445b7 Minor patch 2017-05-15 00:34:13 +02:00
Miroslav Stampar
4736a525b8 Fixes #2532 2017-05-13 17:28:28 +02:00
Miroslav Stampar
d3a08a2d22 Implementation for an Issue #2505 2017-05-07 23:12:42 +02:00
Miroslav Stampar
ee5b5cdcbc Fixes #2514 2017-05-04 15:50:34 +02:00
Miroslav Stampar
f3f2c81cec Minor patch (UTF8 used for HTTP params) 2017-05-04 15:45:15 +02:00
Miroslav Stampar
1e8df40981 Fixes #2499 2017-05-01 23:21:12 +02:00
Miroslav Stampar
389133654e Fixes #2508 2017-05-01 23:06:37 +02:00
Miroslav Stampar
347ce87e27 Fixes #2511 2017-05-01 22:53:12 +02:00
Miroslav Stampar
ff5a954980 Fixes #2508 2017-04-30 08:32:26 +02:00
Miroslav Stampar
1a8de2aee1 Fixes #2504 2017-04-27 13:18:29 +02:00
Miroslav Stampar
ab08273d82 Fixes #2501 2017-04-23 23:50:30 +02:00
Miroslav Stampar
fbb845ad7c Fixes #2500 2017-04-23 23:30:51 +02:00
Miroslav Stampar
15a1d55812 Fixes #2500 2017-04-23 23:14:05 +02:00
Miroslav Stampar
4643bd6517 Quick patch for #2498 2017-04-21 17:44:51 +02:00
Miroslav Stampar
1c5f01e2a2 Fixes #2487 2017-04-20 11:54:27 +02:00
Miroslav Stampar
ebbc68853d Fixes #2496 2017-04-20 10:48:04 +02:00
Miroslav Stampar
3140fd0ca6 Fixes #2495 2017-04-20 10:29:05 +02:00
Miroslav Stampar
5bcbf63ddb Fixes #2491 2017-04-19 16:13:31 +02:00
Miroslav Stampar
01fbda4bc9 Fixes #2490 2017-04-19 16:13:05 +02:00
Miroslav Stampar
ba22171a51 PEP 3113 cleanup 2017-04-19 14:56:32 +02:00
Miroslav Stampar
fc8eede952 Minor cleanup and one bug fix 2017-04-19 14:46:27 +02:00
Miroslav Stampar
c8a0c525fc Fixes #2489 2017-04-19 14:19:39 +02:00
Miroslav Stampar
46c7c28919 Implementation for an Issue #2485 2017-04-19 13:56:29 +02:00
Miroslav Stampar
81e3395975 Minor update 2017-04-19 13:35:36 +02:00
Miroslav Stampar
0340ecd38a Minor patch related to the #2487 2017-04-18 16:49:58 +02:00
Miroslav Stampar
2d05174545 Trivial update 2017-04-18 15:56:24 +02:00
Miroslav Stampar
5f2bb88037 Some code refactoring 2017-04-18 15:48:05 +02:00
Miroslav Stampar
65b02d4ab0 Minor update 2017-04-18 14:22:37 +02:00
Miroslav Stampar
ea58d29e2c Minor update 2017-04-18 14:11:23 +02:00
Miroslav Stampar
47e0fc36c7 Minor consistency update 2017-04-18 14:02:25 +02:00
Miroslav Stampar
7ebba5614a Moving brute from techniques to utils 2017-04-18 13:53:41 +02:00
Miroslav Stampar
686f53a7c6 Minor patch 2017-04-16 23:32:58 +02:00
Miroslav Stampar
67a3e8cd75 Minor patch 2017-04-14 13:19:00 +02:00
Miroslav Stampar
d9a931f77a Minor cleanup 2017-04-14 13:14:53 +02:00
Miroslav Stampar
0e206da7c0 Minor patches (pydiatra) 2017-04-14 13:08:51 +02:00
Miroslav Stampar
81e6dab965 New extra script 2017-04-14 12:54:33 +02:00
Miroslav Stampar
a702dafd03 Fixes #2481 2017-04-14 12:47:24 +02:00
Miroslav Stampar
36dfad192f Better link to user's manual 2017-04-13 12:47:14 +02:00
Miroslav Stampar
9436c43306 Mailing list is dead. Long live the mailing list 2017-04-13 12:40:37 +02:00
Miroslav Stampar
c198fd7939 Update for an Issue #13 2017-04-12 10:54:29 +02:00
Miroslav Stampar
1e092c4e8d Just in case update for an Issue #2474 2017-04-11 13:34:40 +02:00
Miroslav Stampar
1e310631ab Minor stability patch 2017-04-11 10:01:37 +02:00
Miroslav Stampar
47ee1a991f Update for an Issue #2472 2017-04-11 09:47:27 +02:00
Miroslav Stampar
9b3d229294 Fixes #2471 2017-04-10 19:21:22 +02:00
Miroslav Stampar
c74756c3bc Update regarding the #2467 2017-04-10 16:44:12 +02:00
Miroslav Stampar
1196a1b7f8 Fixes #405 2017-04-10 14:50:17 +02:00
Miroslav Stampar
c2262eda1a Update of smalldict.txt with 7 (small) more from SecLists 2017-04-07 16:30:36 +02:00
Miroslav Stampar
02eacc32c1 Minor cleanup 2017-04-07 16:30:02 +02:00
Miroslav Stampar
b1a112f72c Updating wordlist.zip file with 15 dicts from SecLists 2017-04-07 16:18:21 +02:00
Miroslav Stampar
464caf056b Minor update 2017-04-07 15:55:18 +02:00
Miroslav Stampar
44c85f8351 Reverting back the bottle.py revision because of numerous Python 2.6 incompatibilities 2017-04-07 15:10:28 +02:00
Miroslav Stampar
ad3283fd24 Another Python 2.6 patch 2017-04-07 15:05:54 +02:00
Miroslav Stampar
07208c45ef Patch of bottle.py for Python 2.6 2017-04-07 14:59:24 +02:00
Miroslav Stampar
751f423ae0 Adding latest revision of bottle.py 2017-04-07 14:55:25 +02:00
Miroslav Stampar
c124086021 Minor update for #1282 2017-04-07 14:46:41 +02:00
Miroslav Stampar
f285bc7459 Minor update 2017-04-07 14:30:52 +02:00
Miroslav Stampar
b4c4d3f72a Fixes latest Python 2.6 compatibility issues 2017-04-06 11:37:42 +02:00
Miroslav Stampar
cfe34f61b8 Implementation for an Issue #1895 2017-04-06 11:33:59 +02:00
Miroslav Stampar
c1c7ea33fe Minor update 2017-03-30 12:05:05 +02:00
Miroslav Stampar
4458a443ef Fixes #1664 2017-03-30 11:58:03 +02:00
Miroslav Stampar
16bd3a1f02 Fixes #2453 2017-03-30 11:42:34 +02:00
Miroslav Stampar
a358bc0a38 Minor update 2017-03-30 10:24:57 +02:00
Miroslav Stampar
aebae6e27b Added (heuristic) support for #1679 2017-03-30 10:16:35 +02:00
Miroslav Stampar
0a3e771b1b Fixes #2449 2017-03-28 15:22:53 +02:00
Miroslav Stampar
f82c0497fa Fixes #2447 2017-03-27 22:36:04 +02:00
Miroslav Stampar
715763885d Fixes #2306 2017-03-24 14:20:18 +01:00
Miroslav Stampar
4aae5d9a9d Fixes #2444 2017-03-19 21:34:47 +01:00
Miroslav Stampar
1bc583d358 Another patch related to the #2440 2017-03-17 09:43:45 +01:00
Miroslav Stampar
e506a390db Minor patch (prevent message spamming of multiple union column possibilities) 2017-03-15 16:18:20 +01:00
Miroslav Stampar
c5b4af8636 Dummy commit (to provoke rehash) 2017-03-15 16:07:52 +01:00
Miroslav Stampar
c29e47f72f Fixes #2440 2017-03-15 16:04:56 +01:00
Miroslav Stampar
60e8c725f9 Fixes #2437 2017-03-12 23:24:13 +01:00
Miroslav Stampar
5dba32b2e1 Fixes #2431 2017-03-12 09:52:37 +01:00
Miroslav Stampar
ef04c99069 No more dumb usage of '--dbms' 2017-03-06 12:53:04 +01:00
Miroslav Stampar
e2fb16c98c Fixes #2425 2017-03-06 12:05:58 +01:00
Miroslav Stampar
d2b16c5c91 Fixes #2422 2017-03-01 11:09:55 +01:00
Miroslav Stampar
9f0c42dde0 Minor leftover 2017-03-01 10:09:13 +01:00
Miroslav Stampar
78ca371162 Adding option --web-root (Issue #2419) 2017-03-01 10:07:26 +01:00
Miroslav Stampar
a35c976759 Proper implementation for an Issue #2418 2017-02-28 14:00:42 +01:00
Ekultek
71984fc452 updated IP address regex as to not provide false positive 2017-02-28 06:35:37 -06:00
Miroslav Stampar
a0a6702a4e Minor patch (reported via ML) 2017-02-28 13:16:19 +01:00
Miroslav Stampar
b18444f215 Issue #2417 (most probably -> most likely) 2017-02-27 22:14:52 +01:00
Miroslav Stampar
7ea524800a Taking couple of suggestions from #2417 2017-02-27 22:03:15 +01:00
Miroslav Stampar
7960045cf9 Fixes #2277 and #2300 2017-02-27 13:58:07 +01:00
Brie Carranza
1475ba441c Correct typo in basic.py 2017-02-26 09:05:36 -05:00
Miroslav Stampar
b2585cc8ea Patch for #2410 2017-02-25 07:58:59 +01:00
Miroslav Stampar
7b263327cc Update for #2410 2017-02-25 07:54:54 +01:00
Niklas Femerstrand
1b938c758f Adds option command to api client 2017-02-25 10:24:00 +07:00
Miroslav Stampar
5a08b71999 Minor update 2017-02-23 11:36:37 +01:00
Miroslav Stampar
4b420e7579 Removing Google PageRank as it is dead now 2017-02-23 11:33:39 +01:00
Miroslav Stampar
6b580a682a Minor update 2017-02-20 10:06:06 +01:00
Miroslav Stampar
d6e7c2acdc Minor touch 2017-02-19 01:48:12 +01:00
Tomahock
7fe1820ce4 Fix proxyFile regex to properly match an address with a - 2017-02-17 23:32:32 +00:00
Miroslav Stampar
98e449e38c Adding plus2fnconcat tamper script (Issue #2396) 2017-02-17 10:26:25 +01:00
Miroslav Stampar
9acf122ba6 Patch for an Issue #2396 2017-02-16 16:56:54 +01:00
Miroslav Stampar
2ed144ec85 Patch for wrong encoding reported privately via email 2017-02-16 15:52:07 +01:00
Miroslav Stampar
ec0c103952 Bug fix (reported privately) 2017-02-15 10:30:29 +01:00
Miroslav Stampar
a35d1e5373 Minor patch related to the email from ML 2017-02-14 13:14:35 +01:00
Miroslav Stampar
f5cf22a536 Update for an Issue #2377 2017-02-06 13:57:33 +01:00
Miroslav Stampar
38f16decef Update for an Issue #2384 2017-02-06 13:28:33 +01:00
Miroslav Stampar
15f86e85b1 Minor update for #2379 2017-02-06 12:03:18 +01:00
Miroslav Stampar
5217efc69b Fixes #2379 2017-02-06 12:01:46 +01:00
Miroslav Stampar
03bbf552ef Patch for an Issue #2382 2017-02-06 11:14:45 +01:00
Miroslav Stampar
664684ad8f Update for #2378 2017-02-03 23:04:38 +01:00
samogot
1c1f259df4 Update settings.py
fix - looking for any tag
2017-02-03 16:50:16 +02:00
samogot
6249823335 Minor parse-error extension
parse errors produced by Yii PHP Framework
2017-02-03 16:36:57 +02:00
Miroslav Stampar
bad3f80a1c Touch update 2017-01-31 14:18:36 +01:00
Miroslav Stampar
9851a5703a Fixes #2373 2017-01-31 14:00:12 +01:00
Miroslav Stampar
2a3014b606 Fixes #2367 2017-01-24 18:07:06 +01:00
Miroslav Stampar
16d5e22b72 Fixes #2358 2017-01-21 23:58:37 +01:00
Miroslav Stampar
a8a6dce38b Fixes #2366 2017-01-21 23:09:15 +01:00
Miroslav Stampar
f542e828d2 Fixes #2364 2017-01-20 13:11:12 +01:00
Miroslav Stampar
cf182882b1 Minor update 2017-01-18 10:40:39 +01:00
Miroslav Stampar
dd5ac6f1e7 Fixes #2357 2017-01-18 10:33:54 +01:00
Miroslav Stampar
1e7a453ff6 Fixes #2356 2017-01-18 10:19:23 +01:00
Miroslav Stampar
138aa6db65 Patch for an Issue #2351 2017-01-16 15:23:38 +01:00
Miroslav Stampar
121f0376ea Implementation for #2351 2017-01-16 14:29:23 +01:00
Miroslav Stampar
dfc684640a Proper implementation for #2347 2017-01-16 14:01:44 +01:00
Miroslav Stampar
104fbc80af Patch for #2348 2017-01-16 13:53:46 +01:00
Miroslav Stampar
cadba37059 Proper implementation for #2350 2017-01-16 13:44:46 +01:00
Miroslav Stampar
750d57ec96 Fixed bug reported privately via email 2017-01-13 14:41:41 +01:00
Miroslav Stampar
9a86365d92 Fixes #2333 2017-01-08 01:21:31 +01:00
Miroslav Stampar
f794d9d5a5 Fixes #2328 2017-01-02 15:26:32 +01:00
Miroslav Stampar
c29db43bfa Minor refactoring 2017-01-02 15:14:59 +01:00
Miroslav Stampar
e0eeed0a96 Minor update 2017-01-02 14:31:19 +01:00
Miroslav Stampar
55272f7a3b New version preparation 2017-01-02 14:19:18 +01:00
Miroslav Stampar
6ff07f01eb Fixes #2326 2016-12-31 13:39:22 +01:00
Miroslav Stampar
1c737d7515 Fixes #2322 2016-12-28 22:11:14 +01:00
Francisco Blas Izquierdo Riera (klondike)
025e9ac5b4
Fix the logic used for --param-exclude
The current logic will skip all existing parameters if no param-exclude is defined.
This breaks previous behaviour, makes it harder to use the tool and is quite confusing.

The new logic will always check the parameter is set before running any other checks instead of shortcircuit an empoty(always true) regexp.
2016-12-28 12:25:05 +01:00
Miroslav Stampar
89bbf5284c Adding new option --param-exclude on private request 2016-12-25 23:16:44 +01:00
Miroslav Stampar
44b00d629d Fixes #2312 2016-12-21 10:33:35 +01:00
Miroslav Stampar
afc3b30c41 Minor refactoring 2016-12-20 09:56:44 +01:00
Miroslav Stampar
17c556a63d Minor patches (and one bug from ML) 2016-12-20 09:53:44 +01:00
Miroslav Stampar
edc6f47758 Some refactoring 2016-12-19 23:47:39 +01:00
Miroslav Stampar
bb6e8fd4ce Minor bug fix (reported privately via email) 2016-12-15 16:09:09 +01:00
Miroslav Stampar
c54c2204a1 Fixes #2303 2016-12-12 10:47:05 +01:00
Miroslav Stampar
f7f33bef9f Minor patches 2016-12-09 23:19:03 +01:00
Miroslav Stampar
4bd7d81cea Patches #2300 2016-12-09 23:14:18 +01:00
Miroslav Stampar
f6815df5c3 Fixes #2302 2016-12-09 23:10:14 +01:00
Miroslav Stampar
42cea2e03c Better git clone (faster; without too much commit history) 2016-12-08 11:04:42 +01:00
Miroslav Stampar
52177065ca Patch for an Issue #2297 2016-12-06 15:43:09 +01:00
Miroslav Stampar
e74149970b Minor debug update 2016-12-03 22:06:18 +01:00
Miroslav Stampar
90b0ac37c8 New WAF script (AWS WAF) 2016-12-01 23:09:06 +01:00
Miroslav Stampar
63a74777f2 Minor update 2016-12-01 23:08:49 +01:00
Miroslav Stampar
4ac319b074 Adding new tamper script plus2concat (thank you Luka Pusic) 2016-12-01 22:28:07 +01:00
Miroslav Stampar
2a754eef1c Adding switch --ignore-redirects (Issue #2286) 2016-11-25 13:32:28 +01:00
Miroslav Stampar
4e1bdb0c70 Minor update 2016-11-25 12:34:13 +01:00
Miroslav Stampar
c35ba8b226 Fixes #2279 2016-11-17 22:34:10 +01:00
Miroslav Stampar
7e6879ec41 Minor patch for #2272 2016-11-11 13:46:41 +01:00
Miroslav Stampar
ea961678ee Fixes #2273 2016-11-11 10:28:50 +01:00
Miroslav Stampar
d4414e6631 Minor misspell 2016-11-11 10:21:57 +01:00
Miroslav Stampar
eb098f6527 Fixes #2268 2016-11-09 12:27:10 +01:00
Miroslav Stampar
5772d8904d Fixes #2266 2016-11-09 12:20:54 +01:00
Miroslav Stampar
7000373c4b Minor patch 2016-11-09 12:18:15 +01:00
Miroslav Stampar
a60c9b0dcc Minor patch 2016-11-09 11:29:08 +01:00
Miroslav Stampar
2eb7a1d264 Patch related to the #2265 2016-11-07 23:14:17 +01:00
Miroslav Stampar
13f0949f9e Another patch for #1596 2016-11-07 09:31:07 +01:00
Miroslav Stampar
076a42cbfe Patch related to the #1596 2016-11-07 09:28:00 +01:00
Miroslav Stampar
ce19525bc3 Fixes #2262 2016-11-05 22:36:58 +01:00
Miroslav Stampar
6da2e49100 Fixes #2261 2016-11-04 15:04:38 +01:00
Miroslav Stampar
1e44c4d669 Patch related to #2257 2016-11-02 12:04:21 +01:00
Miroslav Stampar
10097dd124 Fixes #2253 2016-10-29 00:13:04 +02:00
Miroslav Stampar
f4e36fc049 Patch for an Issue #2252 2016-10-28 11:52:48 +02:00
Miroslav Stampar
083ce111f0 Minor speed up 2016-10-26 22:33:04 +02:00
Hanno Heinrichs
2cc604e356 Fix several typos 2016-10-26 21:41:57 +02:00
Miroslav Stampar
044f05e772 Fixes #2246 2016-10-24 23:52:33 +02:00
Miroslav Stampar
6f343080e8 Fixes #2245 2016-10-24 23:33:49 +02:00
Miroslav Stampar
25c34c7728 Fixes #2244 2016-10-24 23:29:18 +02:00
Miroslav Stampar
d2bbe80455 Fixes #2243 2016-10-22 22:07:29 +02:00
Miroslav Stampar
0398cbdc76 Minor refactoring 2016-10-22 21:52:18 +02:00
Miroslav Stampar
e0149e1c5f Minor update 2016-10-21 13:05:45 +02:00
Miroslav Stampar
98c6d8f582 Merge pull request #2240 from lightos/master
Support for timeout param when using Websockets
2016-10-21 13:03:08 +02:00
Miroslav Stampar
d605b3af3c Revisiting banner xmls (Issue #2239) 2016-10-21 13:01:28 +02:00
Roberto Salgado
a6cbbc5ea9 Support for timeout param when using Websockets
A fix for the timeout parameter being ignored when using Web-sockets.
2016-10-20 12:13:39 -07:00
Miroslav Stampar
5c80e988ba Fixes #2238 2016-10-20 00:47:53 +02:00
Miroslav Stampar
10ffcb8b00 Fixes #2237 2016-10-20 00:19:16 +02:00
Miroslav Stampar
38d74cf61c Minor update 2016-10-19 13:07:25 +02:00
Miroslav Stampar
1db6953f08 Proper fix for #2236 2016-10-18 20:17:51 +02:00
Miroslav Stampar
d431c7d155 Fixes #2236 2016-10-18 20:07:19 +02:00
Miroslav Stampar
5ab4d54df0 Minor update of THIRD-PARTY.md 2016-10-18 13:49:29 +02:00
Miroslav Stampar
877d46e9f7 Fixes #2234 2016-10-18 13:46:56 +02:00
Miroslav Stampar
7e69cc112f Fixes #2235 2016-10-18 13:37:36 +02:00
Miroslav Stampar
5b14eecd25 Bug fix (reconnecting in case of timeouted direct connection) 2016-10-17 22:55:07 +02:00
Miroslav Stampar
24eaf55dc8 Removing bad decision for -d (user should be able to choose) 2016-10-17 22:32:23 +02:00
Miroslav Stampar
6be10b307d Minor patch 2016-10-17 22:02:41 +02:00
Miroslav Stampar
91ad71b1e0 Minor cosmetics 2016-10-17 12:36:42 +02:00
Miroslav Stampar
d6255de205 Fixes #2231 2016-10-17 12:33:07 +02:00
Miroslav Stampar
c293a6a25a Fixes #2229 and #2230 2016-10-15 09:53:12 +02:00
Miroslav Stampar
b1175017f9 Minor update regarding to the last commit 2016-10-15 00:54:32 +02:00
Miroslav Stampar
75c9f91f11 Fixes #2226 2016-10-15 00:51:35 +02:00
Miroslav Stampar
9ff2dcf1c1 Fixes #2228 2016-10-15 00:16:53 +02:00
Miroslav Stampar
6c4e9ae427 Updating SocksiPy to PySocks (updated fork) 2016-10-14 23:16:26 +02:00
Miroslav Stampar
748e94dcee Minor update for #2224 2016-10-13 23:25:46 +02:00
Miroslav Stampar
f389bd71c0 Implementation for an Issue #2224 2016-10-13 23:17:54 +02:00
Miroslav Stampar
1126ff86ce Fixes #2223 2016-10-13 23:07:11 +02:00
Miroslav Stampar
79377fedab Minor update 2016-10-13 23:06:04 +02:00
Miroslav Stampar
5d2972f362 Implementation for an Issue #2221 2016-10-11 17:33:36 +02:00
Miroslav Stampar
ae465bbaf8 Minor revert of leftover 2016-10-11 01:09:30 +02:00
Miroslav Stampar
1b95dd2d9d Fix for a bug reported privately by user (in some cases data has not been retrieved) 2016-10-11 01:07:31 +02:00
Miroslav Stampar
6130185ac6 Minor consistency update with the wiki 2016-10-11 00:35:39 +02:00
Miroslav Stampar
c92fde120d Implements #2220 2016-10-10 23:27:41 +02:00
Miroslav Stampar
7eab1bcbf9 Automating even more switch --tor 2016-10-10 14:19:44 +02:00
Miroslav Stampar
4c05307357 Disabling socket pre-connect in case of --tor, --proxy and --proxy-file 2016-10-10 01:57:55 +02:00
Miroslav Stampar
0037c28e9e Preventing obnoxious 'install git' on MacOS 2016-10-10 01:35:22 +02:00
Miroslav Stampar
2b279233b6 Fixes #2219 2016-10-09 14:19:40 +02:00
Miroslav Stampar
b51b80b174 Fix for a privately reported bug 2016-10-08 21:11:43 +02:00
Miroslav Stampar
e4b0ac9ae5 Minor update of common user columns 2016-10-07 14:48:05 +02:00
Miroslav Stampar
7f416846b7 Minor revisit of MsSQL error-based payloads 2016-10-06 23:50:32 +02:00
Miroslav Stampar
5b7254af96 Minor patch 2016-10-06 22:27:29 +02:00
Miroslav Stampar
c83d417298 Fixes #2212 2016-10-05 23:02:20 +02:00
Miroslav Stampar
b42dc6e7a5 Update of Oracle and PostgreSQL system databases/schemas 2016-10-05 17:58:35 +02:00
Miroslav Stampar
8124fe391d Bug fix for using --search in combination with -D CD 2016-10-05 17:43:57 +02:00
Miroslav Stampar
833ca4b640 Minor refactoring 2016-10-05 17:41:02 +02:00
Miroslav Stampar
3b244858f8 Adding performance_schema as one more of MySQL's system database 2016-10-05 17:33:24 +02:00
Miroslav Stampar
6107696e25 Minor patch (--help should display basic help) 2016-10-05 17:01:58 +02:00
Miroslav Stampar
af1c9c7fb2 Related to the last commit 2016-10-04 23:48:09 +02:00
Miroslav Stampar
06b54ab134 Better choice of used table (INFORMATION_SCHEMA.CHARACTER_SETS can also be found in MsSQL and PgSQL; mysql.db can have permission problems) 2016-10-04 23:43:00 +02:00
Miroslav Stampar
fee5c7bd7c Adding two new payloads and minor cosmetics 2016-10-04 23:39:18 +02:00
Miroslav Stampar
fb8afc6add Adding a new payload (Oracle boolean based on error response) 2016-10-04 22:12:00 +02:00
Miroslav Stampar
6c372a09bd Minor update 2016-10-04 11:55:16 +02:00
Miroslav Stampar
171cf6f54d Minor fine tuning for SQLi heuristic check 2016-10-04 11:32:06 +02:00
Miroslav Stampar
029bb5554d Minor cleanup of user-agents 2016-10-04 10:48:10 +02:00
Miroslav Stampar
c69cb79d66 Fixes #2208 2016-10-04 10:39:28 +02:00
Miroslav Stampar
dc8301689e Implementation for an Issue #2204 2016-10-02 11:13:40 +02:00
Miroslav Stampar
d8dd37510c Fixes #2202 2016-10-01 21:02:40 +02:00
Miroslav Stampar
d1680b04f3 Minor code consistency update 2016-09-29 21:26:47 +02:00
Miroslav Stampar
102d4b4119 Bug fix for uploading files in case of web subdirectories 2016-09-29 21:14:28 +02:00
Miroslav Stampar
b3b49b3492 Minor patch for --parse-errors 2016-09-29 18:07:00 +02:00
Miroslav Stampar
7a89433251 Minor patch 2016-09-29 18:02:20 +02:00
Miroslav Stampar
ced6711128 Playing a bit with logo 2016-09-29 15:59:28 +02:00
Miroslav Stampar
bdf76f8d4d Revisiting user-agents (newer versions of mainstream browsers) 2016-09-29 15:21:32 +02:00
Miroslav Stampar
571ae174bd Minor language update 2016-09-29 14:55:43 +02:00
Miroslav Stampar
332726356c Minor language update 2016-09-29 14:03:46 +02:00
Miroslav Stampar
4ea9d3b884 Replacing generic concatenation || with CONCAT (far better choice) 2016-09-29 13:35:16 +02:00
Miroslav Stampar
3409953538 Revisiting default level 1 payloads (MySQL stacked queries are as frequent as double rainbows) 2016-09-29 12:59:51 +02:00
Miroslav Stampar
3b3ab072e6 Adding short option(s) for setting verbosity (e.g. -vvv) 2016-09-29 11:19:25 +02:00
Miroslav Stampar
fef407e09c Making HTTP requests up to 20% smaller (fine tuning the request headers) 2016-09-29 10:44:00 +02:00
Miroslav Stampar
5afccce3c6 Minor patch 2016-09-28 16:56:47 +02:00
Miroslav Stampar
e439095593 Bug fix for MySQL's --os-pwn 2016-09-28 15:39:34 +02:00
Miroslav Stampar
e77126e847 Removing obsolete functionality 2016-09-28 15:00:26 +02:00
Miroslav Stampar
3ef01f0e31 Minor update 2016-09-28 14:48:33 +02:00
Miroslav Stampar
d36b5c0a4b Adding time-based blind (heavy query) payloads for Informix (Issue #552) 2016-09-28 10:30:09 +02:00
Miroslav Stampar
e5a758bdf4 Fixes #2192 2016-09-28 09:55:14 +02:00
Miroslav Stampar
617509869d Minor patch for Informix --parse-errors 2016-09-27 14:58:10 +02:00
Miroslav Stampar
5079c42788 Adding Informix parameter replacement payloads (Issue #552) 2016-09-27 14:39:17 +02:00
Miroslav Stampar
bc7ab01066 Bug fix for generic parameter replacement (CASE) 2016-09-27 14:29:18 +02:00
Miroslav Stampar
212c1ec1f2 Couple of fixes and some testing stuff 2016-09-27 14:03:59 +02:00
Miroslav Stampar
381deb68ff Implementation for an Issue #2137 2016-09-27 13:26:11 +02:00
Miroslav Stampar
ba0facb5eb Removal of unused imports 2016-09-27 11:23:31 +02:00
Miroslav Stampar
7151df16f6 Adding extra validation step in case of boolean-based blind (e.g. if unexpected 500 occurs) 2016-09-27 11:21:12 +02:00
Miroslav Stampar
8994bf2dba Further dealing with time-based SQLi (Issue #1973) 2016-09-27 10:32:22 +02:00
Miroslav Stampar
09617c8243 Introducing extra validation property in case of time-based SQLi (HTTP code) - Issue #1973 2016-09-27 10:20:36 +02:00
Miroslav Stampar
556b4d289e Minor cosmetic patch (removing multiple same content '...appears...' messages) 2016-09-26 17:02:40 +02:00
Miroslav Stampar
978f56ad10 One more commit for #552 (--passwords) 2016-09-26 16:38:03 +02:00
Miroslav Stampar
aa0b97b562 Support for Informix --roles/--privileges (Issue #552) 2016-09-26 14:20:04 +02:00
Miroslav Stampar
df645d7d3d Update for column types (Issue #552) 2016-09-23 18:03:31 +02:00
Miroslav Stampar
035137ef4e Bug fix in detection engine (abstract URI header sometimes caused problems - e.g. when automatic --string used) 2016-09-23 17:38:14 +02:00
Miroslav Stampar
484d9a4825 Implementation of --dump for Informix (Issue #552) 2016-09-23 17:21:48 +02:00
Miroslav Stampar
65c305cff0 Fixes #2174 2016-09-23 15:41:12 +02:00
Miroslav Stampar
9a5fc5ccf4 New auxiliary (extra) file (for administration purposes) 2016-09-23 13:57:18 +02:00
Miroslav Stampar
51a1973224 Stripping PostgreSQL .so files for size issues (Issue #2173) 2016-09-23 13:52:57 +02:00
Miroslav Stampar
2f2a63334a Minor cleanup 2016-09-23 13:39:27 +02:00
Miroslav Stampar
23afeb4c7a Fixes #2176 2016-09-23 13:37:44 +02:00
Miroslav Stampar
b387fb219d Fixes #2175 2016-09-23 12:45:06 +02:00
Miroslav Stampar
1b48ff223d Adding initial support for Informix (Issue #552) 2016-09-23 12:33:27 +02:00
Miroslav Stampar
640e605412 More CTF friendly (common column and table name flag :) 2016-09-23 12:31:28 +02:00
Miroslav Stampar
e10bb42597 Minor tweak 2016-09-22 10:22:48 +02:00
Miroslav Stampar
9902018cab Implementation for an Issue #2172 2016-09-21 15:45:55 +02:00
Miroslav Stampar
56a918c408 Minor refactoring 2016-09-20 10:03:00 +02:00
Miroslav Stampar
bcd62ecc5b Minor optimization (avoiding unnecessary deepcopies) 2016-09-20 09:56:08 +02:00
Miroslav Stampar
e519484230 Patching live-testing 2016-09-19 15:51:28 +02:00
Miroslav Stampar
a2c8f1deb1 Update PgSQL fingerprinting payloads 2016-09-19 14:23:51 +02:00
Miroslav Stampar
12dc53f687 Minor update 2016-09-19 13:54:06 +02:00
Miroslav Stampar
b3b5bd267d Adding new tamper script (on request from @MilanGabor) 2016-09-15 17:59:01 +02:00
Miroslav Stampar
921a53e314 Patch for counter in --smoke-test 2016-09-09 14:59:22 +02:00
Miroslav Stampar
32dd4a938c Minor patch of message 2016-09-09 11:37:16 +02:00
Miroslav Stampar
9930f1b55b Speed optimization(s) 2016-09-09 11:06:38 +02:00
Miroslav Stampar
8581d9e2ca Minor improvement of SELECT_FROM_TABLE_REGEX 2016-09-09 09:45:48 +02:00
Miroslav Stampar
1a613ed9a8 Minor update 2016-09-08 14:08:14 +02:00
Miroslav Stampar
78e398d9c4 Fixes #2136 2016-09-06 15:03:17 +02:00
Miroslav Stampar
e3c3c2c185 Fixes #2148 2016-09-06 14:25:29 +02:00
Miroslav Stampar
4e36bbaff9 Update related to the last commit 2016-09-04 03:09:28 +02:00
Miroslav Stampar
603e9739ae Fixes #2146 2016-09-04 01:33:52 +02:00
Miroslav Stampar
6b91b7b7fa Minor cosmetics 2016-09-02 16:10:11 +02:00
Miroslav Stampar
2e62fda57d Minor update 2016-09-02 15:55:33 +02:00
Miroslav Stampar
5ad27264a2 Patches #2143 2016-09-02 15:52:07 +02:00
Miroslav Stampar
c4d8cab50c Version string bug fix 2016-09-02 14:25:56 +02:00
Miroslav Stampar
577e346774 Fixes #2144 2016-09-02 14:20:17 +02:00
Miroslav Stampar
375abd50ee Minor update for #2134 2016-08-30 12:36:32 +02:00
Miroslav Stampar
4a815ab56f Patch for an Issue #1250 2016-08-27 23:54:09 +02:00
Miroslav Stampar
6564adc984 Minor patch for buffered write into checksum.md5 2016-08-27 23:34:12 +02:00
Miroslav Stampar
ad5b8017f5 Minor refactoring 2016-08-26 12:28:35 +02:00
Miroslav Stampar
72e5a79288 Fixes #2106 2016-08-19 11:07:42 +02:00
Miroslav Stampar
63f4b3462f Fixes #2105 2016-08-15 18:35:04 +02:00
Miroslav Stampar
a45a90df94 Adding new WAF script (Yunsuo) 2016-08-12 14:32:03 +02:00
Miroslav Stampar
ec1ac81e0a Minor refactoring 2016-08-08 16:08:16 +02:00
Miroslav Stampar
6ba46bf7cf Update for #2086 (lowercasing only the command) 2016-08-08 15:55:39 +02:00
deadworoz
9c2c3894d6 Converting a command to lowercase breaks a case-sensitive URL
To reproduce the bug:
1. Start the server: ./sqlmapapi.py -s
2. Start the client: ./sqlmapapi.py -c
3. Add a new task with a case-sensitive URL: new -u "http://vbox.lc/bWAPP/sqli_4.php?title=iron+man&action=search"
4. Check the log: 
...
"message": "testing connection to the target URL"
...
"message": "page not found (404)"
...
"message": "HTTP error codes detected during run:\n404 (Not Found) - 1 times"

5. Check that sqlmap.py correcty work with same parameters: ./sqlmap.py -u "http://vbox.lc/bWAPP/sqli_4.php?title=iron+man&action=search"

[INFO] testing connection to the target URL
[INFO] checking if the target is protected by some kind of WAF/IPS/IDS
2016-08-08 14:48:25 +04:00
Miroslav Stampar
b92fc840fe Adding pypi script to the repository 2016-08-02 13:21:05 +02:00
Miroslav Stampar
ef79bbf7d2 Minor patch 2016-08-02 12:38:57 +02:00
Miroslav Stampar
fba1199cd2 Minor consistency update 2016-08-02 12:05:39 +02:00
Miroslav Stampar
4022a68523 Removing last debug commit 2016-08-02 12:01:49 +02:00
Miroslav Stampar
67bc3ed359 Trying out the last commit 2016-08-02 12:01:02 +02:00
Miroslav Stampar
a0ddd99087 Minor update for automatic PyPI packaging 2016-08-02 12:00:21 +02:00
Miroslav Stampar
2a7ef58c9f Minor refactoring 2016-08-02 11:55:11 +02:00
Miroslav Stampar
35010006a1 Some cosmetic changes 2016-08-02 11:50:42 +02:00
Miroslav Stampar
acfe788c95 Preparing for #1250 2016-08-02 00:17:59 +02:00
Miroslav Stampar
5ccb73a1ee Minor patch for Python3 check 2016-07-29 15:30:59 +02:00
Miroslav Stampar
6ac5b6b759 Minor refactoring 2016-07-28 17:04:15 +02:00
Miroslav Stampar
d82f20abc4 Fixes #2068 2016-07-28 17:02:27 +02:00
Miroslav Stampar
10eafa35fd Adding CloudFlare CAPTCHA warning 2016-07-23 23:02:15 +02:00
Miroslav Stampar
9105f259cd Fixes #2060 (ParseError has been added in Python 2.7) 2016-07-23 15:27:25 +02:00
Miroslav Stampar
7cca56edfa Fixes #2052 2016-07-21 09:38:52 +02:00
Miroslav Stampar
e21d751834 Fixes #2049 2016-07-20 20:04:44 +02:00
Miroslav Stampar
ebb73b71fa Fixes #2045 2016-07-20 16:49:27 +02:00
Miroslav Stampar
1ca633ae64 Fixes #2031 2016-07-17 23:30:40 +02:00
Miroslav Stampar
3e22cbfed7 Minor update 2016-07-17 00:34:14 +02:00
Miroslav Stampar
c7f615f707 Renaming payload files (consistency with the rest of the project) 2016-07-17 00:21:16 +02:00
Miroslav Stampar
b83ee92cd1 Minor modification 2016-07-17 00:09:09 +02:00
Miroslav Stampar
571d669a09 Minor modification 2016-07-17 00:07:58 +02:00
Miroslav Stampar
e485531b71 Adding integrity checks in case of unhandled exceptions 2016-07-17 00:04:30 +02:00
Miroslav Stampar
7427b554e3 Adding support for integrity checks 2016-07-16 23:25:13 +02:00
Miroslav Stampar
1a818ceccd Adding error message regarding #2030 2016-07-16 22:47:16 +02:00
Miroslav Stampar
7fea8d608e Fixes #2028 2016-07-16 22:42:15 +02:00
Miroslav Stampar
1e6191e3b1 Fixes #2026 2016-07-16 15:51:09 +02:00
Miroslav Stampar
c10b2825d7 Patch for --os-shell against Windows/MySQL where resulting \r caused trouble 2016-07-15 11:56:51 +02:00
Miroslav Stampar
c200b2cb19 Another fix (related to the last commit) 2016-07-15 11:45:59 +02:00
Miroslav Stampar
071f4c8a2b Bug fix (reported privately) - better parsing of file paths (especially for Windows cases) 2016-07-15 11:13:47 +02:00
Miroslav Stampar
5097a2c79e Less timeout error messages (because of server dropping of non-active connections) 2016-07-15 00:33:33 +02:00
Miroslav Stampar
bce9db1af5 Adding support for --columns too (Issue #2025) 2016-07-15 00:10:41 +02:00
Miroslav Stampar
ca67456dbe Removing a debugging leftover (Issue #2025) 2016-07-14 23:39:44 +02:00
Miroslav Stampar
6df4d73b09 Implementation for an Issue #2025 2016-07-14 23:18:28 +02:00
Miroslav Stampar
2aaa486f7a Minor code style update 2016-07-13 14:09:33 +02:00
Miroslav Stampar
47ba7d4705 Minor update 2016-07-07 10:37:00 +02:00
Miroslav Stampar
2e42afea6f Update of sucury WAF script 2016-07-06 23:43:21 +02:00
Miroslav Stampar
292a28131d Minor updates 2016-07-06 23:43:10 +02:00
Miroslav Stampar
2e775fbb75 (e.g.) ASPx MsSQL Chinese exception messages don't start with 'Exception: string' 2016-07-06 14:06:18 +02:00
Miroslav Stampar
e1d7641b8a Good for different generic OleDB-alike connectors 2016-07-06 13:48:35 +02:00
Miroslav Stampar
6b0951d1ee Switching default Tor type to SOCKS5 (various bundles are discontinued) 2016-07-06 13:30:46 +02:00
Miroslav Stampar
db1fc621b5 Update for SonicWALL WAF script; lesser false positives with ModSecurity WAF script 2016-07-06 13:19:51 +02:00
Miroslav Stampar
9351756c36 Minor update of format exception strings 2016-07-05 16:02:34 +02:00
Miroslav Stampar
63b645c64c Removing a debugging leftover 2016-07-05 09:32:30 +02:00
Miroslav Stampar
7ad49f4185 Less problematic regexes for MsSQL errors 2016-07-05 09:32:08 +02:00
Miroslav Stampar
d9315830f9 Less problematic regex for MsSQL errors 2016-07-05 09:20:04 +02:00
Miroslav Stampar
2e2c62b6a7 More error regexes 2016-07-04 17:24:17 +02:00
Miroslav Stampar
53289b0234 Some more Informix error regexes 2016-07-04 10:03:36 +02:00
Miroslav Stampar
dd082ef79d Minor update (new error regex for Informix) 2016-07-04 09:49:18 +02:00
Miroslav Stampar
2c968f9a35 Closes #2007 2016-07-04 09:12:30 +02:00
Miroslav Stampar
74d0315fef Update related to the last commit 2016-07-03 02:14:23 +02:00
Miroslav Stampar
ae98159130 Automatic monthly tagging 2016-07-03 02:03:30 +02:00
Miroslav Stampar
3a9e36c52b Reintroducing stacked queries removed in 79d08906a4 (good for WAF bypass) 2016-07-03 02:03:30 +02:00
Miroslav Stampar
cb43c03712 Definite patch for MemoryError(s) (fixes #1991) 2016-06-30 14:57:56 +02:00
Miroslav Stampar
65a0f15f69 Minor update (error regex for PHP's sqlsrv module) 2016-06-28 15:13:37 +02:00
Miroslav Stampar
98b77d32cc Minor update 2016-06-27 11:16:41 +02:00
Miroslav Stampar
86a3569ccb New WAF script (SonicWALL) 2016-06-26 16:42:05 +02:00
Miroslav Stampar
17fca351d3 Minor update 2016-06-26 16:26:13 +02:00
Miroslav Stampar
2614e7bec1 Minor update 2016-06-26 16:23:39 +02:00
Miroslav Stampar
832c6e806f Revert of last commit 2016-06-26 15:59:35 +02:00
Miroslav Stampar
7b334b0808 'Conversion failed' happens in regular SQLi on MsSQL 2016-06-26 15:57:11 +02:00
Miroslav Stampar
aa9151785e Minor update 2016-06-26 15:37:30 +02:00
Miroslav Stampar
6bdef1b7da Minor update 2016-06-26 01:46:49 +02:00
Miroslav Stampar
8b4367d354 Revert of last commit 2016-06-26 01:42:21 +02:00
Miroslav Stampar
0a9d69a7d0 Minor patch 2016-06-26 01:10:47 +02:00
Miroslav Stampar
a4b60dc00f New error regex for MsSQL 2016-06-26 00:40:54 +02:00
Miroslav Stampar
f91ae32284 Minor update (to not confuse S3 vs Cloudfront) 2016-06-24 13:39:13 +02:00
Miroslav Stampar
53fc9d6720 Fixes #1990 2016-06-24 13:31:19 +02:00
Miroslav Stampar
0b31568306 Minor update 2016-06-24 13:28:08 +02:00
Miroslav Stampar
e9407cf791 Cleaning some garbage boundaries (it doesn't make any sense to use %00 as prefix) 2016-06-23 22:57:59 +02:00
Miroslav Stampar
0175acd028 Bug fix (in some cases lack of warning message for SQLi appearing) 2016-06-23 17:52:37 +02:00
Miroslav Stampar
733a32de32 Minor patch 2016-06-23 12:09:51 +02:00
Miroslav Stampar
1b863ecf93 Far better detection of SecureIIS (WAF) 2016-06-23 12:03:05 +02:00
Miroslav Stampar
ec06037335 Update of bigip waf script 2016-06-23 11:41:49 +02:00
Miroslav Stampar
0cdb62a1b5 Adding new waf script (armor) 2016-06-23 11:15:31 +02:00
Miroslav Stampar
99454198b8 Minor refactoring 2016-06-20 10:01:57 +02:00
Miroslav Stampar
dd6287ace8 Fixes #1972 2016-06-20 09:59:50 +02:00
Miroslav Stampar
786460e3b4 Minor just in case patch 2016-06-19 17:44:47 +02:00
Miroslav Stampar
419cf979f1 Showing again the 'shutting down at ...' message 2016-06-19 17:17:01 +02:00
Miroslav Stampar
30be875304 Patch for an Issue #1968 2016-06-18 01:21:57 +02:00
Miroslav Stampar
7d011bc811 Fixes #1964 2016-06-17 17:07:44 +02:00
Miroslav Stampar
b2c4a3b247 Fixes #1960 2016-06-17 16:54:23 +02:00
Miroslav Stampar
9d9592a69b Fixes #1963 2016-06-17 16:51:23 +02:00
Miroslav Stampar
cb42294a7e Minor message update 2016-06-15 07:57:10 +02:00
Miroslav Stampar
146762c109 Minor update 2016-06-15 07:54:47 +02:00
Miroslav Stampar
494b9d1586 Fixes #1943 2016-06-13 15:30:38 +02:00
Miroslav Stampar
2e95fdb52d Fixes #1947 2016-06-13 14:50:44 +02:00
Miroslav Stampar
46736cac7b Fixes #1931 2016-06-10 18:41:41 +02:00
Miroslav Stampar
041213f22d Fixes #1935 2016-06-10 18:18:48 +02:00
Miroslav Stampar
8ca45c5678 Fixes #1936 2016-06-10 18:02:24 +02:00
Miroslav Stampar
c6eec8db97 Fixes #1938 2016-06-10 17:52:22 +02:00
Miroslav Stampar
98fdc493f4 Proper patch for #1923 (Fixes #1940, #1941) 2016-06-10 17:42:11 +02:00
Miroslav Stampar
91372bff87 Fixes #1932 2016-06-08 08:20:54 +02:00
Miroslav Stampar
7fb9db42a7 Performing a backup of old dump file (Issue #841) 2016-06-05 12:37:19 +02:00
Miroslav Stampar
82382957f9 Minor refactoring 2016-06-05 12:25:42 +02:00
Miroslav Stampar
f034122bd0 Fixes #1920 2016-06-05 12:14:01 +02:00
Miroslav Stampar
0df2456f34 Fixes #1923 2016-06-03 16:06:29 +02:00
Miroslav Stampar
78fdb27a0b More improvements 2016-06-03 15:51:52 +02:00
Miroslav Stampar
350baf0a0a Minor update 2016-06-03 14:29:32 +02:00
Miroslav Stampar
9886b646eb Proper update regarding the last commit 2016-06-03 14:18:28 +02:00
Miroslav Stampar
c5197b99a0 Minor patch and minor improvement 2016-06-03 13:59:32 +02:00
Miroslav Stampar
cc313280af Payload that never ever worked (now fixed) 2016-06-03 13:16:00 +02:00
Miroslav Stampar
f06ff42c58 This never worked. Not sure who incorporated it (WAITFOR DELAY can't go to SELECT/CASE) 2016-06-03 10:42:57 +02:00
Miroslav Stampar
4bc1cf4518 Vastly better patch for MsSQL payloads 2016-06-03 10:29:04 +02:00
Miroslav Stampar
0e65043c84 Minor adjustment 2016-06-03 09:48:49 +02:00
Miroslav Stampar
d7d565415a Patch for MySQL fingerprinting 2016-06-03 02:31:31 +02:00
Miroslav Stampar
0986ec8948 Update for Oracle fingerprinting 2016-06-03 02:27:59 +02:00
Miroslav Stampar
50bced511f Adding support for fingerprinting MsSQL 2014 and 2016 2016-06-03 02:24:19 +02:00
Miroslav Stampar
e275e8c0b0 Fixes #1921 2016-06-03 02:02:11 +02:00
Miroslav Stampar
77dea38ac1 Fixes #1918 2016-06-03 00:37:18 +02:00
Miroslav Stampar
7dc2ec5fd8 Minor touch 2016-06-01 20:42:09 +02:00
Miroslav Stampar
4bf2e3b139 Minor update 2016-06-01 20:37:05 +02:00
Miroslav Stampar
8114c14755 Removing leftover 2016-06-01 16:32:22 +02:00
Miroslav Stampar
ec8cf6aadc Adding support for detecting CAPTCHA 2016-06-01 15:48:04 +02:00
Miroslav Stampar
d326965966 Reordering MySQL's error-based payloads (BIGINT and EXP have crazy bigger chunk lenghts) 2016-06-01 14:12:22 +02:00
Miroslav Stampar
030df0353d Removing ugly legacy code (e.g. showing MySQL 5.0 when it is e.g. '5.7.8') 2016-06-01 13:47:20 +02:00
Miroslav Stampar
5038d7a70a Removing ugly boolean check results (0 or 1) in output of UNION and ERROR SQLi 2016-06-01 13:39:40 +02:00
Miroslav Stampar
f0b8fbb7fd Implemented support for JSON_KEYS error-based SQLi (and tons of fixes for MySQL 'ORDER BY,GROUP BY' payloads) 2016-06-01 13:23:41 +02:00
Miroslav Stampar
5810c2b199 Minor patch 2016-06-01 11:30:27 +02:00
Miroslav Stampar
77f0b5dfa8 Fixes #1919 2016-06-01 10:56:42 +02:00
Miroslav Stampar
b0ea74dc63 Minor warning message update 2016-06-01 10:53:32 +02:00
Miroslav Stampar
0c07c8942c Automatic monthly tagging 2016-06-01 10:44:08 +02:00
Miroslav Stampar
7d1bdb35ca Update of parsed versions 2016-06-01 10:44:08 +02:00
Miroslav Stampar
e823889819 Update for JSP exceptions 2016-05-31 15:35:10 +02:00
Miroslav Stampar
680aedaefc Adding option --tmp-dir 2016-05-31 14:55:56 +02:00
Miroslav Stampar
afdca09ced Minor patches (proper user warnings in case of output directory permissions) 2016-05-31 14:05:35 +02:00
Miroslav Stampar
ac89ee71c3 Minor improvement 2016-05-31 13:29:43 +02:00
Miroslav Stampar
af7c8cff92 Bug fix (previously removing temporary directory even if it is needed afterwards) 2016-05-31 13:21:08 +02:00
Miroslav Stampar
26d4dec5fb Minor refactoring 2016-05-31 13:02:26 +02:00
Miroslav Stampar
cf31d12528 Adding support for python's cgitb tracebacks 2016-05-31 12:33:56 +02:00
Miroslav Stampar
b4c730f8c0 Minor refactoring 2016-05-31 12:23:59 +02:00
Miroslav Stampar
fba1720b31 Minor patch 2016-05-31 11:16:13 +02:00
Miroslav Stampar
9fad72f28b Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion) 2016-05-31 11:08:23 +02:00
Miroslav Stampar
1782bf8e64 Adding support for parsing ODBC/JDBC error messages 2016-05-31 10:49:34 +02:00
Miroslav Stampar
2d59a10515 Better patch than last commit 2016-05-31 10:25:01 +02:00
Miroslav Stampar
21a25c4f00 Bug for fix comments in case of MsAccess 2016-05-31 10:24:13 +02:00
Miroslav Stampar
6b5c16c22c Minor update for ColdFusion error messages 2016-05-31 09:54:14 +02:00
Miroslav Stampar
2c6621c26a Minor upgrade for WAF/IDS/IPS detection 2016-05-31 09:49:50 +02:00
Miroslav Stampar
f0500b1d2f Minor update for ColdFusion path regexes 2016-05-31 09:35:58 +02:00
Miroslav Stampar
6a033bb58c Minor update for ColdFusion type casting 2016-05-31 09:31:32 +02:00
Miroslav Stampar
2fa4b22645 Patch for URL encoding cookie values (asking the user to choose) 2016-05-30 17:47:08 +02:00
Miroslav Stampar
229d3a7dd0 Patch for cases when error page looks more like original, than the False one does 2016-05-30 16:46:23 +02:00
Miroslav Stampar
b965e5bf1c Minor refactoring 2016-05-30 16:06:39 +02:00
Miroslav Stampar
3bd74c5351 Minor patch 2016-05-30 15:20:21 +02:00
Miroslav Stampar
55624ec1a2 Minor message update 2016-05-30 14:40:22 +02:00
Miroslav Stampar
6885afe8c3 Minor update for requestvalidationmode.py waf script 2016-05-30 14:26:55 +02:00
Miroslav Stampar
acc1277246 Minor update 2016-05-30 14:13:57 +02:00
Miroslav Stampar
935cb9c8cb Patch for a custom header cookie urlencoding 2016-05-30 14:09:53 +02:00
Miroslav Stampar
17a4ddad63 Fixes #1916 2016-05-30 13:10:25 +02:00
Miroslav Stampar
5264671f5b Dump formatting patch for MsAccess 2016-05-30 12:03:33 +02:00
Miroslav Stampar
b4ebbae354 New payload(s) 2016-05-30 11:25:24 +02:00
Miroslav Stampar
510197c39e Minor text update 2016-05-30 10:52:30 +02:00
Miroslav Stampar
b6a4bd91fe Minor text update 2016-05-30 10:51:35 +02:00
Miroslav Stampar
83b82a5e98 Bug fix (wrong handler used in case of DBMS resolution) 2016-05-30 10:32:49 +02:00
Miroslav Stampar
0b1efc0759 Minor update (for newer versions of MsSQL) 2016-05-30 01:38:34 +02:00
Miroslav Stampar
2b506d744d Minor update 2016-05-30 01:29:40 +02:00
Miroslav Stampar
79d08906a4 Cleaning some redundant payload(s) 2016-05-27 23:59:48 +02:00
Miroslav Stampar
6327063bd0 Minor patch 2016-05-27 16:43:01 +02:00
Miroslav Stampar
69fd900108 Adding waf script for detection of generic/unknown 2016-05-27 16:34:41 +02:00
Miroslav Stampar
f9d01f682b Cloudflare has tons of HTTP error codes while detecting SQLi 2016-05-27 15:58:16 +02:00
Miroslav Stampar
d7d3db415b Minor update 2016-05-27 15:32:30 +02:00
Miroslav Stampar
31850e4544 Minor bug fixes 2016-05-27 13:58:18 +02:00
Miroslav Stampar
de9f23939f Major bug fix in WAF/IDS/IPS detection (question 'do you want..to try to detect backend WAF/IPS/IDS' never worked) 2016-05-27 13:41:03 +02:00
Miroslav Stampar
154ed2c4e2 Minor patch 2016-05-27 13:33:14 +02:00
Miroslav Stampar
89dfe4e1ac Adding wallarm WAF script (and couple of other WAF script updates) 2016-05-27 11:58:18 +02:00
Miroslav Stampar
b41b07ddd8 Updates for 360 and jiasule WAF scripts 2016-05-27 11:02:05 +02:00
Miroslav Stampar
e36fc02282 Adding sophos WAF script 2016-05-27 10:17:42 +02:00
Miroslav Stampar
49b41c1eca Minor update for cloudflare waf script 2016-05-27 09:43:54 +02:00
Miroslav Stampar
4cd9fdb7df Minor update for F5 waf script 2016-05-27 09:27:45 +02:00
Miroslav Stampar
5aab2d8fb5 Update for Akamai Kona WAF script 2016-05-27 09:22:39 +02:00
Miroslav Stampar
210b65c02d Couple of fixes for --identify-waf 2016-05-27 02:24:59 +02:00
Miroslav Stampar
7a2ac23f0b Adding new waf script (sitelock) 2016-05-27 02:13:01 +02:00
Miroslav Stampar
e435fb2e9e Adding new waf script (comodo) 2016-05-27 01:23:20 +02:00
Miroslav Stampar
6892c94595 Minor update 2016-05-27 01:10:37 +02:00
Miroslav Stampar
831c960216 Update for an Issue #1899 2016-05-26 16:47:38 +02:00
Miroslav Stampar
43af2a4aee Fixes #1899 2016-05-26 16:08:59 +02:00
Miroslav Stampar
1de6996c26 Fixes #1893 2016-05-25 15:43:39 +02:00
Miroslav Stampar
304f2ed308 Minor language patch 2016-05-25 15:32:17 +02:00
Miroslav Stampar
148b35da4f Better extraction of absolute file paths 2016-05-25 15:29:25 +02:00
Miroslav Stampar
3865b3a398 Minor improvement in case of technique E (when waiting for large entry - lots of chunks) 2016-05-25 12:50:53 +02:00
Miroslav Stampar
d6bcbbae1d Minor patch for E technique to be more compatible with output of U technique 2016-05-25 12:42:15 +02:00
Miroslav Stampar
04b3aefc5d Patch for special character output in U and E techniques 2016-05-25 12:24:36 +02:00
Miroslav Stampar
a5f8cae599 Fixes #1892 2016-05-24 17:58:35 +02:00
Miroslav Stampar
29c3037512 Better asciinema recording (shorter width) 2016-05-24 17:26:10 +02:00
Miroslav Stampar
d0d7d3a205 Update of location of a sample run 2016-05-24 17:12:44 +02:00
Miroslav Stampar
7ce36ea1b6 Removal of unused imports 2016-05-24 16:40:44 +02:00
Miroslav Stampar
6f97f4796b Fixes #1891 2016-05-24 16:34:07 +02:00
Miroslav Stampar
39fe96009f Minor improvement (related to the last commit) 2016-05-24 16:20:39 +02:00
Miroslav Stampar
b475a38895 Better ORDER BY detection 2016-05-24 15:46:06 +02:00
Miroslav Stampar
42de887b05 Language update 2016-05-24 15:18:19 +02:00
Miroslav Stampar
28576bf08e Minor output update 2016-05-24 15:08:04 +02:00
Miroslav Stampar
c395958dff Fixes #1888 2016-05-24 14:55:19 +02:00
Miroslav Stampar
798b539eec Minor update 2016-05-24 14:50:56 +02:00
Miroslav Stampar
70cf8edc75 Fixes #1887 2016-05-24 14:17:00 +02:00
Miroslav Stampar
a81ea88eb0 Fixes #1889 2016-05-24 13:59:34 +02:00
Miroslav Stampar
023dda26fc Minor update for --os-shell directories 2016-05-24 12:53:21 +02:00
Miroslav Stampar
3e76895155 Minor update 2016-05-24 12:30:01 +02:00
Miroslav Stampar
2c1bd7f034 Update for an Issue #1531 (MySQL quirk with international letters) 2016-05-24 12:01:02 +02:00
Miroslav Stampar
f7cae68378 More formal language 2016-05-22 21:44:17 +02:00
Miroslav Stampar
f6ff1a115a Better (automatic) picking of a --string candidate (especially in case of international pages) 2016-05-22 21:29:08 +02:00
Miroslav Stampar
32ee586e2a Minor language update 2016-05-22 14:30:32 +02:00
Miroslav Stampar
b9e5655e3c Proper naming 2016-05-22 14:26:36 +02:00
Miroslav Stampar
6623c3f877 Pesky bug fix (nobody noticed :) 2016-05-22 14:22:31 +02:00
Miroslav Stampar
30a4173249 I like users which don't know the difference between detection and identification 2016-05-22 12:40:23 +02:00
Miroslav Stampar
dbbe4c6ddd Fixes #1884 2016-05-22 11:44:21 +02:00
Miroslav Stampar
633e4dfe48 Fixes #1886 2016-05-22 11:37:27 +02:00
Miroslav Stampar
5e8b105677 Fixes #1880 2016-05-19 19:46:12 +02:00
Miroslav Stampar
414dd96bbd Minor update (warning on negative integer values provided) 2016-05-19 18:04:25 +02:00
Miroslav Stampar
e857c2a88a Update for an Issue #1879 2016-05-19 13:50:31 +02:00
Miroslav Stampar
e7aaea2b8e Update for an Issue #1826 2016-05-17 14:10:49 +02:00
Miroslav Stampar
63d7cd607e Minor patch (for late threading issues) 2016-05-17 13:54:42 +02:00
Miroslav Stampar
d886b08dd9 Update for an Issue #1826 2016-05-17 13:45:03 +02:00
Miroslav Stampar
72f3185ae7 Fixes #1878 2016-05-17 10:47:17 +02:00
Miroslav Stampar
03be9f9b65 Minor removal of blank lines 2016-05-17 10:43:16 +02:00
Miroslav Stampar
d9d0865c13 Another patch for an Issue #1874 2016-05-16 17:09:05 +02:00
Miroslav Stampar
e3f54bc226 Minor patch for #1874 2016-05-16 16:53:28 +02:00
Miroslav Stampar
9662f4a56a Minor update 2016-05-16 16:47:29 +02:00
Miroslav Stampar
fea5cc8579 Minor patch 2016-05-16 15:37:49 +02:00
Miroslav Stampar
94091cd0e9 Fixes #1871 2016-05-15 09:37:45 +02:00
Miroslav Stampar
cc9f4b6102 Minor refactoring for MariaDB 2016-05-14 15:05:50 +02:00
Miroslav Stampar
cd7c99c752 Minor revert (it was not necessary - caused other problems) 2016-05-14 14:48:17 +02:00
Miroslav Stampar
75478c1181 Fixes #1868 2016-05-14 14:18:34 +02:00
Miroslav Stampar
ad0ca69579 Fixes #1865 2016-05-13 15:14:56 +02:00
Miroslav Stampar
2d801b7122 Minor patch for an Issue #1861 2016-05-12 17:16:55 +02:00
Miroslav Stampar
1e07269fe3 Patch for an Issue #1860 2016-05-12 16:42:12 +02:00
Miroslav Stampar
3b74e99576 Minor update (support for MariaDB) 2016-05-11 15:47:35 +02:00
Miroslav Stampar
439fff684e Minor update (MSSQL CONCAT payload) 2016-05-11 09:42:54 +02:00
Miroslav Stampar
72cf06119c Patch for an Issue #1852 2016-05-10 09:55:03 +02:00
Miroslav Stampar
808068d70a Minor update 2016-05-10 09:19:59 +02:00
Miroslav Stampar
f09072b2b6 Fixes #1853 2016-05-09 13:13:02 +02:00
Miroslav Stampar
be9381abc5 Implements #1845 2016-05-06 13:06:59 +02:00
Miroslav Stampar
5d09f7b85f Fixes #1822 2016-05-06 10:32:16 +02:00
Miroslav Stampar
8bbfee7591 Cleaning a leftover from be26392057 2016-05-06 10:30:58 +02:00
Miroslav Stampar
be26392057 Update for an Issue #1846 2016-05-06 10:23:57 +02:00
Miroslav Stampar
263730f4ee Fixes #1840 2016-05-04 13:23:59 +02:00
Miroslav Stampar
5d7e1782d9 Fixes #1839 2016-05-04 11:14:42 +02:00
Miroslav Stampar
e27f590c2c Fixes #1838 2016-05-04 11:11:58 +02:00
Miroslav Stampar
7afe655561 Another minor update for #1836 2016-05-03 12:52:46 +02:00
Miroslav Stampar
3bf08290a4 Update for an Issue #1836 2016-05-03 12:37:10 +02:00
Miroslav Stampar
34c2172391 Fixes #1837 2016-05-03 11:38:47 +02:00
Miroslav Stampar
48044f7a46 Minor update of IDS_WAF_CHECK_PAYLOAD 2016-05-03 00:19:19 +02:00
Miroslav Stampar
04e666182f Minor update of FORMAT_EXCEPTION_STRINGS 2016-05-02 23:44:43 +02:00
Miroslav Stampar
c797129956 Fixes #1833 2016-05-02 11:10:12 +02:00
Miroslav Stampar
6928dae956 Minor patch 2016-05-02 10:45:50 +02:00
Miroslav Stampar
6db3bcbb51 Minor update for UrlScan 2016-05-02 10:12:19 +02:00
Miroslav Stampar
d7f0b3566d Automatic monthly tagging 2016-05-02 10:06:30 +02:00
Miroslav Stampar
0c67a90cc0 Minor bug fix 2016-05-02 10:06:30 +02:00
Miroslav Stampar
f06e498fb0 Implementation for an Issue #1826 2016-04-29 14:19:32 +02:00
Miroslav Stampar
ad612bf9e4 Patch for Windows banner display 2016-04-29 00:51:20 +02:00
Miroslav Stampar
9dd5cd8eb6 Removing CloudFlare check 2016-04-29 00:17:07 +02:00
Miroslav Stampar
5ed3cdc819 Minor update 2016-04-22 10:54:55 +02:00
Miroslav Stampar
e07c92bce5 Minor change on banner showing up 2016-04-19 13:45:49 +02:00
Miroslav Stampar
0c5965c7b8 Minor patches 2016-04-19 13:13:37 +02:00
Miroslav Stampar
aa21550712 Minor patch for integer casting heuristics (circumvent auto-casting by DBMS itself) 2016-04-15 13:47:19 +02:00
Miroslav Stampar
66061e8c5f Fixes #1811 2016-04-15 12:04:54 +02:00
Miroslav Stampar
c4b74c2e01 Fixes #1810 2016-04-12 22:37:14 +02:00
Miroslav Stampar
55b23e78ee Fixes #1809 2016-04-12 22:10:26 +02:00
Miroslav Stampar
a9526bda92 Minor patch 2016-04-11 22:38:44 +02:00
Miroslav Stampar
0901da3f83 Update for an Issue #1807 2016-04-11 09:43:50 +02:00
Miroslav Stampar
8004652f7b Some more optimization 2016-04-08 15:30:25 +02:00
Miroslav Stampar
c9b410c97f Minor update 2016-04-08 14:59:52 +02:00
Miroslav Stampar
814d710320 Minor speed up 2016-04-08 14:41:34 +02:00
Miroslav Stampar
38fcc5a35a Update for pre-WHERE payloads 2016-04-08 13:19:42 +02:00
Miroslav Stampar
674d516f3e Minor patch 2016-04-08 11:40:09 +02:00
Miroslav Stampar
8ceb4907a5 Another update for Issue #1800 2016-04-08 11:37:38 +02:00
Miroslav Stampar
ce3749622a Minor revisit of payload boundaries (Issue #1800) 2016-04-08 11:28:17 +02:00
Miroslav Stampar
bcfae99701 Adding new WAF script 2016-04-08 10:32:18 +02:00
Miroslav Stampar
44c1c2c6f0 Minor update (reported via email) 2016-04-06 11:43:53 +02:00
Miroslav Stampar
ac08db82b2 Including one more error regex (based on testasp[.]vulnweb[.]com) 2016-04-04 16:14:30 +02:00
Miroslav Stampar
305bfd9d30 Implements #1763 2016-04-04 13:50:10 +02:00
Miroslav Stampar
f9aaec7b4a Minor patch (binary extensions) 2016-04-04 12:43:53 +02:00
Miroslav Stampar
d881a92ee7 Automatic monthly tagging 2016-04-04 12:38:37 +02:00
Miroslav Stampar
60ada89347 Trying once again 2016-04-04 12:38:37 +02:00
Miroslav Stampar
171bfa33a7 Automatic monthly tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
acaef90c7b Minor tuning of auto tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
31d7021d4c Fixes #1794 2016-04-04 12:25:07 +02:00
Miroslav Stampar
e83d8f6143 Updating colorama (Issue #1784) 2016-03-30 15:11:34 +02:00
Miroslav Stampar
0245ce6228 Fixes #1782 2016-03-28 19:55:33 +02:00
Miroslav Stampar
7e55af2811 Fixes #1778 2016-03-28 16:13:36 +02:00
Miroslav Stampar
ad3b766b65 Adding in-table name boundaries 2016-03-26 09:39:28 +01:00
Miroslav Stampar
074fbbcea5 Implementation for an Issue #1776 2016-03-23 15:45:49 +01:00
Miroslav Stampar
5b0d5970cc Another patch related to the #1773 2016-03-23 10:33:32 +01:00
Miroslav Stampar
6c2f9859be Potential patch for #1773 2016-03-23 10:26:22 +01:00
Miroslav Stampar
d496d99943 Fixes #1774 2016-03-22 13:24:54 +01:00
Miroslav Stampar
d20e9febf2 Fixes #1770 2016-03-19 17:40:05 +01:00
Miroslav Stampar
d76ee8f534 Further update for #1765 2016-03-17 17:06:11 +01:00
Miroslav Stampar
5b88e3e1ad Minor update of version comment 2016-03-17 16:38:39 +01:00
Miroslav Stampar
a68848faf7 (Auto) adjusting micro version (to current month) 2016-03-17 16:31:34 +01:00
Miroslav Stampar
a4f21399e7 Fixes #1760 2016-03-17 16:23:28 +01:00
Miroslav Stampar
e03b2df58f Fixes #1761 2016-03-14 17:21:35 +01:00
Miroslav Stampar
252eb97198 Patch related to the #1755 2016-03-12 19:28:28 +01:00
Miroslav Stampar
67ae620182 Another patch related to the #1752 2016-03-12 15:04:19 +01:00
Miroslav Stampar
13366aeb48 Fixes #1752 2016-03-12 12:26:30 +01:00
Miroslav Stampar
e1ce16144a Fixes #1753 2016-03-10 15:42:01 +01:00
Miroslav Stampar
3307918389 Fixes #1750 2016-03-10 14:48:05 +01:00
Miroslav Stampar
c50849707f Fixes #1748 2016-03-08 14:35:16 +01:00
Miroslav Stampar
06296bd251 Fixes #1743 2016-03-06 20:04:45 +01:00
Miroslav Stampar
0f6e529fb9 Fixes #1745 2016-03-06 12:14:20 +01:00
Miroslav Stampar
242800c085 Minor update related to the #1740 2016-03-01 15:40:34 +01:00
Miroslav Stampar
679f0cf772 Fixes #1738 2016-03-01 15:36:00 +01:00
Miroslav Stampar
1b5a4651a9 Trivial refactoring 2016-03-01 14:48:53 +01:00
Miroslav Stampar
05fa7eb7c6 Minor update 2016-03-01 11:56:56 +01:00
Miroslav Stampar
336169e181 Update of version display 2016-02-29 08:12:38 +01:00
Miroslav Stampar
b2bc3d49fd Minor update 2016-02-29 00:52:46 +01:00
Miroslav Stampar
71aa7deefe Minor beautification 2016-02-29 00:49:45 +01:00
Miroslav Stampar
cf5ae507c8 Minor update of READMEs 2016-02-29 00:44:08 +01:00
Miroslav Stampar
4898a2c332 Dummy commit 2016-02-29 00:30:37 +01:00
Miroslav Stampar
151dcee32e Minor update 2016-02-29 00:23:59 +01:00
Miroslav Stampar
73f1155847 Adding new shutils file 2016-02-29 00:20:58 +01:00
Miroslav Stampar
26b895dd2e Merge pull request #1733 from Aikes/master
Fixes file path traversal issue on win platform.
2016-02-28 23:35:09 +01:00
Miroslav Stampar
adfcb1ad67 Adjusting version number 2016-02-27 15:59:52 +01:00
Aikes
b4bb4c393b Fixes file path traversal issue on win platform.
POC: GET /download/b31146dcdb92e5db/C:\windows\win.ini/a
2016-02-27 00:10:32 +08:00
Miroslav Stampar
c5ecdb5403 Minor update related to the Issue #1730 2016-02-25 01:20:48 +01:00
Miroslav Stampar
a90913c57d Proper patch for #1723 2016-02-23 11:46:04 +01:00
Lion Yang
bc6cc4bc1d Remove a whitespace tail 2016-02-23 16:57:06 +08:00
Miroslav Stampar
d6bac363af Minor patch for combo -r and --method 2016-02-18 11:13:51 +01:00
Miroslav Stampar
82abf1f742 Fixes #1714 2016-02-16 09:56:53 +01:00
Miroslav Stampar
cc06871075 Adding some debug messages for future-self 2016-02-16 08:58:18 +01:00
Noelkd
0514946efa Removed dead links. 2016-02-14 15:57:55 +00:00
Miroslav Stampar
78e503d7b2 Minor patch related to the #1706 2016-02-13 21:25:01 +01:00
Miroslav Stampar
410df455ab Minor consistency patch 2016-02-13 21:03:05 +01:00
Miroslav Stampar
d7cdb6cbd8 Minor update 2016-02-06 20:16:33 +01:00
Miroslav Stampar
cedfdc78f4 Adding escapequotes.py (utility tamper script) 2016-02-05 12:00:57 +01:00
Miroslav Stampar
08aae2b7c5 Bug fix (--prefix should not fix the origValue in REPLACEMENT payloads) 2016-02-05 11:53:24 +01:00
Miroslav Stampar
b07685a386 Added checking of localhost for another DNS service on *:53 2016-02-03 11:55:13 +01:00
Miroslav Stampar
4916f1b2b2 Minor path related to the #1676 2016-01-28 09:10:04 +01:00
Miroslav Stampar
954b4ec32b Fix for #1676 2016-01-27 21:25:34 +01:00
Miroslav Stampar
ee0439cf11 Update for #1678 2016-01-27 10:03:30 +01:00
Miroslav Stampar
3605b98e84 Merge pull request #1678 from dozysun/servername-option
add --adapter option to support various of  bottle server adapter
2016-01-27 09:44:31 +01:00
dozysun
997362f61b change option name to adapter 2016-01-27 10:35:18 +08:00
Miroslav Stampar
62f94f6587 Adding comments (Issue #1681) 2016-01-26 07:52:25 +01:00
Miroslav Stampar
c34eaa1ce8 Minor patch 2016-01-24 22:05:08 +01:00
dozysun
f5ffd9fa02 add --servername option to support various of bottle server adapter 2016-01-22 11:33:12 +08:00
Miroslav Stampar
c6c5a937f9 Minor style update 2016-01-21 10:17:17 +01:00
Miroslav Stampar
574b3a79aa Adding support for detection of CloudFlare responses 2016-01-21 10:16:23 +01:00
Miroslav Stampar
8d42a93fdc Fixes #1665 2016-01-16 08:13:56 +01:00
Miroslav Stampar
6fef2948ff Minor consistency update 2016-01-14 22:51:26 +01:00
Miroslav Stampar
66eaac862b Minor consistency update 2016-01-14 22:47:56 +01:00
Miroslav Stampar
59695af101 Minor improvement of heuristic checks 2016-01-14 22:21:47 +01:00
Miroslav Stampar
8b90d146f6 Update of file attributes 2016-01-14 18:02:15 +01:00
Miroslav Stampar
bdcf3fffba Minor update related to the last (error results in OR boolean-based blind should not be the same as True to be able to do proper comparison) 2016-01-14 13:40:50 +01:00
Miroslav Stampar
c7ef9429ae Minor check for problematic injections 2016-01-14 13:16:44 +01:00
Miroslav Stampar
c78a9cd156 Consistency patch 2016-01-14 12:14:00 +01:00
Miroslav Stampar
4c1fc095d8 Adding heuristic check for FI vulnerability 2016-01-14 09:59:13 +01:00
Miroslav Stampar
a8c6c6fca1 Minor update related to the last one 2016-01-13 23:47:34 +01:00
Miroslav Stampar
4e29e1b351 Fixing wrong commit #4f939b5719716dfe9bd085c4f67696bc11064edd 2016-01-13 23:34:42 +01:00
Miroslav Stampar
8362bdcf66 Fix for screw up made by #52dd92748a50bcee4fb979ea49185840ff6743b9 2016-01-13 23:16:27 +01:00
Miroslav Stampar
87676eb4bb Minor update for #1660 2016-01-13 23:05:28 +01:00
Miroslav Stampar
c410f16f3f Fixes #1660 2016-01-13 23:02:11 +01:00
Miroslav Stampar
0c8c4fa0d9 Fixes #1663 2016-01-13 14:38:59 +01:00
Miroslav Stampar
c37f4855bb Another patch for Issue #1659 2016-01-12 10:34:56 +01:00
Miroslav Stampar
eb989469f3 Minor just in case update 2016-01-12 10:27:04 +01:00
Miroslav Stampar
9b716fcce9 Patch related to the #1659 2016-01-12 10:24:28 +01:00
Miroslav Stampar
a0b67418c7 Just in case update 2016-01-11 00:34:03 +01:00
Miroslav Stampar
7e78554e97 For frenzy Ctrl-C pressing 2016-01-11 00:08:38 +01:00
Miroslav Stampar
1f01d6022c Minor style update 2016-01-10 23:50:24 +01:00
Miroslav Stampar
2280cd191a Fixes #1654 2016-01-10 23:15:43 +01:00
Miroslav Stampar
e53e4dddf1 Minor patch 2016-01-10 23:12:46 +01:00
Miroslav Stampar
e519ed2e18 Another patch related to the #1655 2016-01-10 23:07:11 +01:00
Miroslav Stampar
8b01996adf Patch related to the #1655 2016-01-10 22:59:40 +01:00
Miroslav Stampar
6b40e0aa8c Minor style update (nongit-version) 2016-01-10 02:08:23 +01:00
Miroslav Stampar
5908964db4 Another (better) patch for #1636 2016-01-09 17:32:19 +01:00
Miroslav Stampar
0f8a551227 Potential patch for #1636 2016-01-09 00:55:01 +01:00
Miroslav Stampar
3c9be947c5 Fixes #1649 2016-01-09 00:15:05 +01:00
Miroslav Stampar
48ac2101f2 Using only once the dummy checkWaf payload 2016-01-08 23:23:41 +01:00
Miroslav Stampar
de06ae6803 Fixes #1647 2016-01-08 23:10:32 +01:00
Miroslav Stampar
c7ea3d65be Fixes #1644 2016-01-08 15:33:14 +01:00
Miroslav Stampar
e3650342bd Fixes #1639 2016-01-08 11:47:12 +01:00
Miroslav Stampar
b427f6c03e Minor bug fix 2016-01-08 10:52:02 +01:00
Miroslav Stampar
6f3511dcc3 Error chunk length bug fix (reported privately) 2016-01-08 10:45:31 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
59ff8114ff Fixes #1635 2016-01-04 12:09:08 +01:00
Miroslav Stampar
03160d99eb Fixes #1630 2015-12-30 13:39:08 +01:00
Miroslav Stampar
42066cfb3d Minor refactoring 2015-12-30 12:41:56 +01:00
Miroslav Stampar
dd8fcaeb43 Minor refactoring of some revisited code 2015-12-29 14:32:13 +01:00
Miroslav Stampar
24d95ab6b3 Fixes #1624 2015-12-24 10:34:42 +01:00
Miroslav Stampar
3454e356f9 Fixes #1621 2015-12-23 08:55:45 +01:00
Miroslav Stampar
ae7481081e Patch for an Issue reported via email 2015-12-19 23:45:10 +01:00
Miroslav Stampar
89e0fc8ffa Minor update 2015-12-19 17:50:12 +01:00
Miroslav Stampar
e4ed1c058b Minor error message improvement (SSL issues) 2015-12-18 17:15:59 +01:00
Miroslav Stampar
aee47d32c5 Patch for #1601 2015-12-15 12:13:03 +01:00
Miroslav Stampar
d7d786d3b5 Fixes #1607 2015-12-15 11:29:37 +01:00
Miroslav Stampar
b269e8418f Fixes #1608 2015-12-15 10:46:37 +01:00
Miroslav Stampar
dc7f2a71d2 Minor refactoring 2015-12-12 23:48:30 +01:00
Miroslav Stampar
273679f542 Adding new charset replacement (reported via email) 2015-12-10 13:23:50 +01:00
Miroslav Stampar
663c976a3b Fixes #1600 2015-12-09 19:53:48 +01:00
Miroslav Stampar
2eb5f5e841 Handling 'address already in use' for sqlmapapi server instance 2015-12-09 12:20:09 +01:00
Miroslav Stampar
31d250f98e Fixes #1592 2015-12-09 12:00:34 +01:00
Miroslav Stampar
1c5c937507 Minor update 2015-12-09 10:14:13 +01:00
Miroslav Stampar
efc91b015d Fixes #1589 2015-12-09 10:07:37 +01:00
Miroslav Stampar
af60f11319 Fixes #1584 (hello @w3af looking for the patch of this one ;) 2015-12-07 16:17:28 +01:00
Miroslav Stampar
b5b3411f16 Fixes #1574 2015-12-06 23:49:22 +01:00
Miroslav Stampar
d5e6be41db Fixes #1582 2015-12-06 23:24:09 +01:00
Miroslav Stampar
7517e64417 Minor bug fix (reported via email) 2015-12-05 00:52:58 +01:00
Miroslav Stampar
d50c0b7103 Fixes #1581 2015-12-03 12:16:00 +01:00
Miroslav Stampar
c6d4217495 Minor update (just in case) 2015-12-03 02:08:59 +01:00
Miroslav Stampar
a7c135174c Fixes #1579 2015-12-03 02:00:16 +01:00
Miroslav Stampar
6397704456 Patch for an Issue #1578 2015-12-03 01:43:37 +01:00
Miroslav Stampar
80d3ff6706 Adding hidden switch for disabling socket preconnect (debugging purposes) 2015-12-02 12:05:40 +01:00
Miroslav Stampar
a219ff9a92 Fixes #1572 2015-11-29 19:40:14 +01:00
Miroslav Stampar
795777b7c5 Minor patch 2015-11-28 22:44:42 +01:00
Miroslav Stampar
5f2c31f8ec Minor consistency patch 2015-11-28 22:42:25 +01:00
Miroslav Stampar
f9da29284c Minor bug fix (reported via email) 2015-11-27 18:35:58 +01:00
Miroslav Stampar
c7ec1534a6 Patch related to #1256 2015-11-25 13:04:34 +01:00
Miroslav Stampar
a18c69d78b Fixes #1564 2015-11-25 10:21:32 +01:00
Miroslav Stampar
829351421f Minor cosmetics 2015-11-25 10:12:07 +01:00
Miroslav Stampar
5020269f50 Adding extra mark into non-git checkouts 2015-11-24 09:38:28 +01:00
Miroslav Stampar
527dcce08d Better alternative (on Linux getctime() is the time of the last metadata change) 2015-11-24 09:25:11 +01:00
Miroslav Stampar
bdb496eaa5 Fixes #1558 2015-11-23 09:24:30 +01:00
Miroslav Stampar
4d576928a7 Fixes #1554 2015-11-22 16:05:48 +01:00
Miroslav Stampar
376037123b Minor fix 2015-11-22 15:33:00 +01:00
Miroslav Stampar
a5489516eb Fixes #1550 2015-11-20 16:52:59 +01:00
Miroslav Stampar
7fa9c8e938 Patch for an Issue #1546 2015-11-20 11:38:26 +01:00
Miroslav Stampar
efe41fbdc7 Fixes #1547 2015-11-20 11:32:54 +01:00
Miroslav Stampar
19f6eb234b Revert of #58e049a60d250b881af60091215c75daa3f5c01a (I can imagine couple of things that could go wrong) 2015-11-17 08:52:24 +01:00
Miroslav Stampar
58e049a60d More generic approach for number of pre-open sockets (Issue #1540) 2015-11-17 02:45:27 +01:00
Miroslav Stampar
fd2908336a Minor just in case patch 2015-11-17 02:35:53 +01:00
Miroslav Stampar
5be0a83e94 Minor patch 2015-11-17 01:38:43 +01:00
Miroslav Stampar
89abeb0244 Patch for 'Exception in thread Thread-1 (most likely raised during interpreter shutdown)' 2015-11-17 01:09:57 +01:00
Miroslav Stampar
abb1c6a621 Less intensive loop 2015-11-17 00:12:04 +01:00
Miroslav Stampar
41b8dfab86 Implementation for an Issue #1540 2015-11-16 23:46:10 +01:00
Miroslav Stampar
4335ae8330 Patching previous commit 2015-11-16 16:59:54 +01:00
Miroslav Stampar
94639d11a3 Another update related to the #1539 2015-11-16 15:33:05 +01:00
Miroslav Stampar
c1e3431877 Minor patch 2015-11-16 15:32:28 +01:00
Miroslav Stampar
768e5da589 Removing leftover (from 5593bf2fee) 2015-11-16 15:04:09 +01:00
Miroslav Stampar
5593bf2fee Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars) 2015-11-16 15:02:30 +01:00
Miroslav Stampar
ca933fcf1d Another patch for #1539 2015-11-16 14:08:43 +01:00
Miroslav Stampar
a212f0c240 Another patch for #1539 2015-11-16 12:56:15 +01:00
Miroslav Stampar
9c69f56a34 Proper patch for an Issue #1539 2015-11-16 11:59:09 +01:00
Miroslav Stampar
fb2cb25afe Bug fix for an Issue #1539 2015-11-16 11:56:15 +01:00
Miroslav Stampar
d772e7e1d5 Fixes #1529 2015-11-11 16:07:11 +01:00
Miroslav Stampar
07b1407345 Patches #1530 2015-11-11 15:55:28 +01:00
Miroslav Stampar
bc215d1b19 I believe that this was a wrong decision. Patching 2015-11-09 14:11:08 +01:00
Miroslav Stampar
17350fb4ec Proper fix for #1146 (/ has been escaped with \/ in output) 2015-11-09 14:05:53 +01:00
Miroslav Stampar
22484c8599 Bug fix (-p Host didn't work, while -p host worked) 2015-11-09 13:19:55 +01:00
Miroslav Stampar
42649005c2 Lots of fixes and refactoring in search department 2015-11-08 16:37:46 +01:00
Miroslav Stampar
b4526a3d51 Bug fix (usage of socks and http proxies in --proxy-file didn't work together) 2015-11-08 02:20:29 +01:00
Miroslav Stampar
193f8190c4 Adding new warning message 2015-11-07 23:30:24 +01:00
Miroslav Stampar
c31e23e514 Patch for an Issue #1516 2015-11-06 11:19:55 +01:00
Miroslav Stampar
5198e4c816 Minor bug fix (based on private user report) 2015-11-04 15:04:38 +01:00
Miroslav Stampar
3451372d4e Fixes #1521 2015-11-04 14:48:40 +01:00
Miroslav Stampar
6adb6eabec Fixes #1517 2015-11-03 14:53:41 +01:00
Miroslav Stampar
064c2a71ed Fixes #1510 2015-11-01 22:56:26 +01:00
Miroslav Stampar
4dc0c05172 Fixes #1505 2015-10-31 10:16:44 +01:00
Miroslav Stampar
04aaa5985b Fixes #1497 2015-10-29 17:02:47 +01:00
Miroslav Stampar
0b64cf803c Fixes #1496 2015-10-29 16:52:17 +01:00
Miroslav Stampar
d41cd53d31 Minor style fix (distinguish form from URL testing when --forms --crawl combo used) 2015-10-28 14:03:21 +01:00
Miroslav Stampar
caafa377a6 Fixes #1495 2015-10-28 10:29:12 +01:00
Miroslav Stampar
8fbac5a99e Patch for --proxy-file 2015-10-25 15:58:43 +01:00
Miroslav Stampar
89e36392f7 Fixes #1486 2015-10-25 15:32:02 +01:00
Miroslav Stampar
1b81084106 Fixes #1484 2015-10-23 23:48:41 +02:00
Miroslav Stampar
2c754b57bb Minor patch 2015-10-23 14:29:48 +02:00
Miroslav Stampar
8f9979c302 Patch for an Issue #541 2015-10-22 20:51:05 +02:00
Miroslav Stampar
5fb8ae9d3c Fixes #1479 2015-10-22 19:59:16 +02:00
Miroslav Stampar
fbec463b49 Adding new bold patterns 2015-10-22 15:44:08 +02:00
Miroslav Stampar
7c1cff6749 Fixing ancient bug (introduced with #6c80f29) - that removes original value when --prefix used 2015-10-22 15:14:12 +02:00
Miroslav Stampar
90ad914c1e Patch related to the #1477 2015-10-22 14:58:06 +02:00
Miroslav Stampar
8aada250f3 Fixes #1471 2015-10-19 11:08:58 +02:00
Miroslav Stampar
3dc8820caa Fixes #1474 2015-10-19 10:38:38 +02:00
Miroslav Stampar
441196f360 Fixes #1470 2015-10-16 23:59:39 +02:00
Miroslav Stampar
f793a26095 Removing ugly duplicating of \ (hidden bugs came - e.g. DNS exfiltration) 2015-10-15 16:00:59 +02:00
Miroslav Stampar
956047b43f Patch for an Issue #1468 2015-10-15 13:07:43 +02:00
Miroslav Stampar
475ca5277a Minor information update regarding #541 2015-10-14 16:11:11 +02:00
Miroslav Stampar
e3ae026077 Fixes #1467 2015-10-14 15:19:44 +02:00
Miroslav Stampar
80aca35dd1 Removing #1450 2015-10-13 15:00:59 +02:00
Miroslav Stampar
c4df6f3a22 Fixes #1465 2015-10-13 13:31:28 +02:00
Miroslav Stampar
570562369b Further fixes for sqlmap to work properly with HSQLDB (WebGoat) 2015-10-13 13:04:59 +02:00
Miroslav Stampar
b9a44555ff Fixes #1462 2015-10-11 15:20:10 +02:00
Miroslav Stampar
47a42c234e Fixes #1459 2015-10-10 19:19:50 +02:00
Miroslav Stampar
9641e84dd9 Bug fixes for HSQLDB 2015-10-09 16:52:13 +02:00
Miroslav Stampar
41db0e0eea range to xrange (leftovers) 2015-10-09 13:48:21 +02:00
Miroslav Stampar
d424d4cdc7 Fixes #1457 2015-10-09 11:54:28 +02:00
Miroslav Stampar
8bf236ce11 Minor patch for SQLite parsing of schemas 2015-10-07 10:01:48 +02:00
Miroslav Stampar
fd686fb691 Patch related to the #1455 2015-10-07 09:43:25 +02:00
Miroslav Stampar
eb7c18d1f8 Fixes #1452 2015-10-07 09:25:14 +02:00
Miroslav Stampar
657d71119b Fixes #1453 2015-10-07 09:22:11 +02:00
Miroslav Stampar
78bbf5d63c Fixes #1451 2015-10-06 14:17:35 +02:00
Miroslav Stampar
551b7e4b45 Patch for an Issue #1450 2015-10-06 13:23:01 +02:00
Miroslav Stampar
95ce5a4a09 Fixes #1444 2015-10-05 16:33:10 +02:00
Miroslav Stampar
b98f84a610 Fixes #1443 2015-10-05 16:26:12 +02:00
Miroslav Stampar
1258b354c3 Minor refactoring 2015-10-05 16:09:58 +02:00
Miroslav Stampar
20c19f33dc Minor update 2015-10-05 15:51:21 +02:00
Miroslav Stampar
1c6e288eb1 Fixes #1447 2015-10-05 15:33:29 +02:00
Miroslav Stampar
acd6b7797f Fixes #1446 2015-10-05 15:18:54 +02:00
Miroslav Stampar
53de0e8949 Implements #1442 2015-10-01 11:57:33 +02:00
Miroslav Stampar
29edb4f75c Fixes #1440 2015-09-30 11:26:56 +02:00
Miroslav Stampar
a1a7161fab Fixes #1441 2015-09-30 10:13:19 +02:00
Miroslav Stampar
5ce4d4d2ec Fixes #1439 2015-09-29 10:10:39 +02:00
Miroslav Stampar
906cb6d3c2 Removing a hard limit to use --start/--stop only for --dump scenarios 2015-09-28 11:11:39 +02:00
Miroslav Stampar
ac467bc453 Fixes #1437 2015-09-28 09:54:41 +02:00
Miroslav Stampar
1fd6b007ab Less critical messages when something goes wrong with connection 2015-09-27 16:36:20 +02:00
Miroslav Stampar
ef22f31fdf Fixes #1433 2015-09-27 16:17:58 +02:00
Miroslav Stampar
5bade7947b Fixes #1435 2015-09-27 16:09:02 +02:00
Miroslav Stampar
5ed106ecea Patch for an Issue #1434 2015-09-27 15:59:17 +02:00
Miroslav Stampar
38541b021a Implementing hidden switch '--force-threads' on request (to force multi-threading in time-based SQLi) 2015-09-26 00:09:17 +02:00
Miroslav Stampar
b68891050d Better word used 2015-09-25 23:41:47 +02:00
Miroslav Stampar
f16389232f Bug fix for --proxy-file (only first element was fetched in case of fail) 2015-09-25 15:23:42 +02:00
Miroslav Stampar
4774795d8c Fixes #1429 2015-09-25 14:59:21 +02:00
Miroslav Stampar
d28c72b6f1 Another fix for Python 2.6 (bug introduced with ff7be9d0eb) 2015-09-24 16:26:52 +02:00
Miroslav Stampar
74294ae105 Bug fix for --common-tables in case of MsSQL/Sybase (safeSQLIdentificatorNaming already used) 2015-09-22 11:28:56 +02:00
Miroslav Stampar
0e22a0ca5f Minor cosmetics 2015-09-21 16:41:54 +02:00
Miroslav Stampar
81caf14b6d Adding switch --skip-waf 2015-09-21 14:57:44 +02:00
Miroslav Stampar
e81e474646 Minor adjustment 2015-09-21 14:46:34 +02:00
Miroslav Stampar
56f0b811a6 Minor patch 2015-09-21 13:23:56 +02:00
Miroslav Stampar
3fca379f29 Minor patch (avoiding message 'can't establish SSL connection' in --check-tor) 2015-09-21 11:25:59 +02:00
Miroslav Stampar
27707be467 Fixes #1416 2015-09-17 17:09:36 +02:00
Miroslav Stampar
aa2112b360 Update for #1414 2015-09-17 16:18:58 +02:00
Miroslav Stampar
7cfa90830d Merge pull request #1414 from daremon/api-client-2
Added commands stop, kill, list to API client
2015-09-17 15:51:12 +02:00
Miroslav Stampar
65a8f0fe32 Minor enhancement 2015-09-17 15:25:40 +02:00
Miroslav Stampar
2cea977e12 Fixes #1415 2015-09-17 14:58:01 +02:00
daremon
c2fb2161d3 Added flush command 2015-09-16 00:15:16 +03:00
daremon
ff7be9d0eb Fixed list command 2015-09-16 00:01:57 +03:00
Miroslav Stampar
c59ead36ce Patch for Python 2.6 (SyntaxError) 2015-09-15 17:23:59 +02:00
Miroslav Stampar
058870635b Update for an #1414 2015-09-15 14:37:30 +02:00
Miroslav Stampar
ee38574449 Fixes #1411 2015-09-15 13:26:25 +02:00
Miroslav Stampar
5de1825d0c Fixes #1412 2015-09-15 10:48:23 +02:00
daremon
1417decdf1 Added commands stop, kill, list to API client 2015-09-14 17:31:02 +03:00
Miroslav Stampar
f89ce2173f Fixes #1404 2015-09-12 15:13:30 +02:00
Miroslav Stampar
c4f9e66a6f Patch related to the #1403 2015-09-10 16:21:31 +02:00
Miroslav Stampar
c05c0ff435 Minor patch with imports 2015-09-10 15:55:49 +02:00
Miroslav Stampar
f494004f44 Switching to the getSafeExString (where it can be used) 2015-09-10 15:51:33 +02:00
Miroslav Stampar
7a261ef447 Just in case commit related to the aee4c93c8b 2015-09-10 15:19:33 +02:00
Miroslav Stampar
b06a34ab1a Another update for #1402 2015-09-10 15:06:07 +02:00
Miroslav Stampar
2453b02b63 Update for #1402 2015-09-10 15:01:30 +02:00
Miroslav Stampar
b3fdbe24c2 Merge pull request #1402 from daremon/api-client
Minimal API client
2015-09-10 12:03:25 +02:00
Miroslav Stampar
263665637e Minor bug fix 2015-09-10 11:34:03 +02:00
daremon
a29a3a4e5c Minimal API client 2015-09-09 16:14:04 +03:00
Miroslav Stampar
90329a8b01 Minor patch 2015-09-09 11:53:44 +02:00
Miroslav Stampar
b6206692e0 Fixes #1392 2015-09-08 11:53:29 +02:00
Miroslav Stampar
c1f829d131 Removing last remnants of bad handling the exceptions as strings 2015-09-08 11:15:31 +02:00
Miroslav Stampar
e59a220199 Fixes #1393 2015-09-08 11:10:47 +02:00
Miroslav Stampar
924e31c414 Fixes #1394 2015-09-08 11:04:36 +02:00
Miroslav Stampar
28a60f5be2 Fixes #1391 2015-09-06 20:22:07 +02:00
Miroslav Stampar
aee4c93c8b Fixes #1384 2015-09-03 10:32:45 +02:00
Miroslav Stampar
51a4cb04a5 Another minor language patch 2015-09-03 10:26:46 +02:00
Miroslav Stampar
7511023bc2 Fixes #1385 2015-09-03 10:11:36 +02:00
Miroslav Stampar
401564898d Adding support for 'empty' POST body (if forced by --method) 2015-08-31 14:43:41 +02:00
Miroslav Stampar
265a78b455 Fixes #1379 2015-08-31 14:27:47 +02:00
Miroslav Stampar
d70215ad6c Fixes #1237 2015-08-31 10:24:05 +02:00
Miroslav Stampar
d2a9c7584f Minor patch 2015-08-31 09:51:35 +02:00
Miroslav Stampar
50d39d0252 Closes #1372 2015-08-30 23:15:50 +02:00
Miroslav Stampar
89292ce1f9 Closes #1376 2015-08-30 22:52:24 +02:00
Miroslav Stampar
6a01d2e430 Fixes #1366 2015-08-30 02:13:07 +02:00
Miroslav Stampar
737a37bfda Fixes #1367 2015-08-30 01:58:43 +02:00
Miroslav Stampar
06c8704179 Fixes #1365 2015-08-28 15:30:28 +02:00
Miroslav Stampar
43f3900ffe Fixes #1362 2015-08-27 12:25:25 +02:00
Miroslav Stampar
1cf012521d Minor refactoring 2015-08-26 16:18:03 +02:00
Miroslav Stampar
a33b0454cd Implementation for an Issue #1360 2015-08-26 15:26:16 +02:00
Miroslav Stampar
2c2f83f67b Minor code consistency patch 2015-08-26 11:30:48 +02:00
Miroslav Stampar
1f5e6606a7 Fixes #1357 2015-08-25 02:03:56 +02:00
Miroslav Stampar
337eb9861a Fixes #1347 2015-08-23 22:11:59 +02:00
Miroslav Stampar
690347a170 Bug fix (non-ASCII chars in command line caused gibberish in unhandled messages) 2015-08-23 21:48:31 +02:00
Miroslav Stampar
9fb0eb3dd7 Blank removal 2015-08-23 21:41:59 +02:00
Miroslav Stampar
1204141278 Fixes #1350 2015-08-23 21:09:20 +02:00
Miroslav Stampar
fef8f20565 Minor reporting patch 2015-08-23 20:27:14 +02:00
KingX
3ebb3e6f4f fix removeDynamicContent bug
double re.escape() in "findDynamicContent" function and "removeDynamicContent" function leads an bug in finding dynamic content,
2015-08-22 14:05:03 +08:00
Miroslav Stampar
f609158d1b Adding new error message (when short options carry illegal '=') 2015-08-19 21:00:16 +02:00
Miroslav Stampar
383316fcb3 Fixing issues caused by 9ad1d122f4 (better approach) 2015-08-18 22:48:55 +02:00
Miroslav Stampar
8806ce72c1 Patch for an Issue #1341 2015-08-18 22:03:42 +02:00
Miroslav Stampar
54d65328bc Patch for negative logic (e.g. OR) cases (reported privately) 2015-08-18 03:09:01 +02:00
Miroslav Stampar
023def3203 Fixes #1336 2015-08-16 23:47:11 +02:00
Miroslav Stampar
c9d1c4d7b1 Fixes #1337 2015-08-16 23:29:39 +02:00
Miroslav Stampar
713d5384bc Potential patch for an Issue #1337 2015-08-16 23:15:04 +02:00
Miroslav Stampar
310d79b8f1 Adding special variable 'lastPage' to the eval code (by request from ML) 2015-08-14 23:29:31 +02:00
Miroslav Stampar
b010fda695 Switch --save becomes an option (taking file path where to save config file) 2015-08-14 22:49:32 +02:00
flsf
9adefb3ffd Minor change 2015-08-14 16:18:51 +08:00
Miroslav Stampar
2c1cde0f59 Minor fix (reported over ML - ignore saving of conf.saveCmdline) 2015-08-13 17:21:36 +02:00
Miroslav Stampar
8ea8b168b1 Minor cosmetics 2015-08-13 17:10:35 +02:00
Miroslav Stampar
9ad1d122f4 Minor patch (Issue #1327) 2015-08-12 22:09:31 +02:00
Miroslav Stampar
e5863d8b89 Minor patch 2015-08-12 21:43:13 +02:00
Jiang Jie
1ac27e9305 fixed pipe and zoombie problems
1.we don't need stdin here, and it'll cause OSError: too many openfiles problem.
2. after using /scan/taskid/stop , process turned into a zoombie, need add wait()
2015-08-12 16:25:33 +08:00
Miroslav Stampar
62f35698ee Bug fix (ML) - when cookies have blank expiration time 2015-08-06 13:07:16 +02:00
Miroslav Stampar
c5f3c0cc32 Fixes #1324 2015-08-03 17:21:35 +02:00
Miroslav Stampar
e623ee66ad Better approach for #1320 2015-07-30 23:29:31 +02:00
Miroslav Stampar
bcb25823e6 Fixes #1320 2015-07-30 23:19:38 +02:00
Miroslav Stampar
301aca57e6 Fixes #1319 2015-07-29 10:00:15 +02:00
Miroslav Stampar
401905b2dd Minor improvement to UNION file write 2015-07-26 17:02:46 +02:00
Miroslav Stampar
e3553ae893 Missing import 2015-07-26 16:19:44 +02:00
Miroslav Stampar
b0bc3149f9 Fixes #1315 2015-07-26 16:18:41 +02:00
Miroslav Stampar
e7af081447 Minor patch 2015-07-26 16:08:30 +02:00
Miroslav Stampar
314df093f1 Fixes #1314 2015-07-26 16:06:01 +02:00
Miroslav Stampar
b6ea2fdb07 Fixes #1170 2015-07-24 14:56:45 +02:00
Miroslav Stampar
a905b8d8f5 Fixes #1312 2015-07-23 10:07:21 +02:00
Miroslav Stampar
58002c5057 Minor cosmetics 2015-07-23 09:55:59 +02:00
Miroslav Stampar
cece2cb12d Minor cosmetics 2015-07-23 00:42:29 +02:00
Miroslav Stampar
358651b19c Fixes #1313 2015-07-23 00:41:03 +02:00
Miroslav Stampar
75ed5f767c Fixes #1309 2015-07-20 17:03:20 +02:00
Miroslav Stampar
2afb5687f6 Fixes #1307 2015-07-20 15:47:27 +02:00
Miroslav Stampar
21e8182ac6 Fixes #1305 2015-07-18 17:01:34 +02:00
Miroslav Stampar
a7c4400cc9 Fixes #1304 2015-07-17 14:20:51 +02:00
Miroslav Stampar
00f190fc92 Fixes #1303 2015-07-17 10:14:35 +02:00
Miroslav Stampar
49212ec920 Fixes #1302 2015-07-17 09:56:24 +02:00
Miroslav Stampar
1aafe85a3a Fixes #1299 2015-07-15 11:15:06 +02:00
Miroslav Stampar
fdc8e664df Updating --beep functionality (ML request) 2015-07-13 23:55:46 +02:00
Miroslav Stampar
16f8e4c8ba Removing unused imports 2015-07-12 12:25:02 +02:00
Miroslav Stampar
a20da7a677 Patch for automatic reporting (GitHub has robots) 2015-07-12 12:05:19 +02:00
Miroslav Stampar
fa303ef8b1 Minor update 2015-07-10 16:39:18 +02:00
Miroslav Stampar
10f8c6a0b6 Introducing --offline switch (to perform session only lookups) 2015-07-10 16:10:24 +02:00
Miroslav Stampar
9bdbdc136f Minor cosmetics update 2015-07-10 11:33:12 +02:00
Miroslav Stampar
0ba264bfa0 Minor patch 2015-07-10 09:51:11 +02:00
Miroslav Stampar
4baaa4a5ad Minor improvement 2015-07-10 09:24:14 +02:00
Miroslav Stampar
9ff115ce71 Minor patch 2015-07-10 01:33:53 +02:00
Miroslav Stampar
02470ea683 Further decreasing number of testing payloads 2015-07-10 01:19:46 +02:00
Miroslav Stampar
48b627f3ff Prevent double tests (e.g. in same final tests where suffix is cut by the comment) 2015-07-10 00:54:02 +02:00
Miroslav Stampar
ca2f63c672 Test speed up in case of boolean based blind 2015-07-10 00:37:59 +02:00
Miroslav Stampar
3a5cc98976 -Z is/are a pseudo-option (just like -H) expanded during the run 2015-07-07 09:27:18 +02:00
Miroslav Stampar
2080fcaa37 Fixes #1293 2015-07-07 09:24:16 +02:00
Miroslav Stampar
f488377001 Fixes #1293 2015-07-07 08:47:07 +02:00
Miroslav Stampar
6a1b3895f9 Patch for an Issue #1285 2015-07-06 11:50:59 +02:00
Miroslav Stampar
96327b6701 Fixes #1290 2015-07-05 01:47:01 +02:00
Miroslav Stampar
166dc98e81 Minor patch 2015-07-05 00:03:29 +02:00
Miroslav Stampar
1f71d809d4 Fixes #1288 2015-07-03 08:55:33 +02:00
Miroslav Stampar
7b95a2d80d Patch for an Issue #1280 2015-06-29 10:05:16 +02:00
Miroslav Stampar
8b63ee9bc3 Minor update for #1281 2015-06-29 01:12:14 +02:00
Miroslav Stampar
97244f5e5e Fixes #1279 2015-06-29 00:20:35 +02:00
Miroslav Stampar
b212321c07 Fixes #1278 2015-06-26 10:30:53 +02:00
Miroslav Stampar
b02be9674f Fixes #1277 2015-06-26 10:11:34 +02:00
Miroslav Stampar
7d418af274 Fix for a bug reported privately by email 2015-06-22 16:28:35 +02:00
Miroslav Stampar
9e5ef094a3 Closes #1270 2015-06-16 22:20:21 +02:00
Miroslav Stampar
e4b23c9beb Minor fix regarding POST redirects (ML) 2015-06-16 12:00:56 +02:00
Miroslav Stampar
04c1d439a7 Minor patch for #1260 2015-06-05 17:18:21 +02:00
Miroslav Stampar
8d7e915af7 Minor patch for #1260 2015-06-05 17:02:56 +02:00
Miroslav Stampar
ec87d8ebda Adding a support for SNI (Issue #1256) 2015-06-01 10:45:16 +02:00
Miroslav Stampar
341d2a6028 Minor fix for (hidden) switch '--dummy' 2015-05-29 17:30:02 +02:00
Miroslav Stampar
08caca387b Minor patch of automatic WAF heuristic check 2015-05-29 16:01:41 +02:00
Miroslav Stampar
699c965bc0 Fixes #1248 2015-05-19 18:40:45 +02:00
Miroslav Stampar
17bfda1b9c Adding new switch ('--skip-static') 2015-05-18 20:57:15 +02:00
Miroslav Stampar
e8f87bfa41 Minor patches related to the #1206 2015-05-11 11:01:21 +02:00
Miroslav Stampar
91bc02e3ba Fixes related to the #1206 2015-05-11 10:56:10 +02:00
Miroslav Stampar
9010e157e9 Conflict fix 2015-05-11 10:11:33 +02:00
Miroslav Stampar
5b8df7984c Minor update (for Windows-31j charset) 2015-05-09 14:32:55 +02:00
Miroslav Stampar
4b2ff4339a Fixes #1243 2015-05-07 12:36:23 +02:00
Miroslav Stampar
18e62fd507 Fix for an Issue #1240 2015-05-05 14:36:21 +02:00
Miroslav Stampar
84ba3d45c1 Patch for an Issue #1238 2015-05-04 21:47:10 +02:00
Miroslav Stampar
5ee7fd785a Fixes #1235 2015-05-01 00:48:08 +02:00
Miroslav Stampar
03f32ae2b6 Merge of an Issue #1227 2015-04-22 17:21:55 +02:00
Miroslav Stampar
a94dcf94e9 Patch for an Issue #1226đ 2015-04-22 16:41:20 +02:00
Miroslav Stampar
bb98894dc1 Adding option --safe-req 2015-04-22 16:28:54 +02:00
Miroslav Stampar
4ded9a9966 Small patch for existing option validation 2015-04-22 15:32:14 +02:00
Miroslav Stampar
77c96de4ea Minor patch related to the last commit 2015-04-22 10:33:22 +02:00
Miroslav Stampar
95b52a02ec Minor patch for custom injection into HTTP Authorization header 2015-04-22 10:28:16 +02:00
Miroslav Stampar
c5138d4696 Minor refactoring 2015-04-21 00:02:47 +02:00
Miroslav Stampar
349dfbf2ae Adding an option --safe-post 2015-04-20 23:55:59 +02:00
Miroslav Stampar
7517db76d1 Minor fix for SQLite's schema parsing 2015-04-16 18:40:43 +02:00
Miroslav Stampar
dbfa8f1cfc Fix for a bug reported by the user (conf.scheme/conf.hostname/conf.port were None in multiple targets mode) 2015-04-14 11:05:17 +02:00
Miroslav Stampar
0e4800f73c Changing default answer for sitemap checking to N 2015-04-14 09:30:01 +02:00
Miroslav Stampar
1e7f2d6da2 Implements #1215 2015-04-06 22:07:22 +02:00
Miroslav Stampar
c35fa63a48 Fixes #1212 2015-03-30 11:58:09 +02:00
Miroslav Stampar
99c1cc9937 Fixes #1208 2015-03-26 17:17:46 +01:00
Miroslav Stampar
a19bccc84f Fixes #1205 2015-03-26 15:31:29 +01:00
Miroslav Stampar
770cfb6102 Removing test print 2015-03-26 15:20:54 +01:00
Miroslav Stampar
fc0186e029 Minor update 2015-03-26 12:39:44 +01:00
Miroslav Stampar
5dfd3ef1e4 Another update 2015-03-26 12:25:32 +01:00
Miroslav Stampar
3be7a447a5 Update 2015-03-26 12:22:49 +01:00
Miroslav Stampar
7587528ebd Fixes #1202 2015-03-26 11:40:19 +01:00
ricterz
bbfdb02a0e fix mandatorily depend of websocket #1198 2015-03-24 22:25:16 +08:00
ricterz
811f5c11c6 remove Host header field and add cookie support #1198 2015-03-24 18:50:57 +08:00
ricterz
9b5dcbbbb2 modified error handle #1198 2015-03-24 18:21:50 +08:00
ricterz
78dbe080d7 determine whether it's websocket when connect #1198 2015-03-24 17:19:37 +08:00
ricterz
50fd6ce7f7 add websocket support for parse url #1198 2015-03-24 10:30:38 +08:00
Miroslav Stampar
05a496c275 Fixes #1196 2015-03-20 00:56:52 +01:00
Miroslav Stampar
25b23750e8 Bug fix for crawling over non-80 port 2015-03-12 11:49:52 +01:00
Miroslav Stampar
adc8ac267d Fixes #1190 2015-03-10 09:23:26 +01:00
Miroslav Stampar
9bd41ed99d Fixes #1189 2015-03-09 22:02:20 +01:00
Christ van Willegen
80fb2e29cc Fix some spelling errors in help texts (through -> thorough) 2015-03-04 13:31:29 +01:00
Miroslav Stampar
3347fc25ca Fixes #1185 2015-03-03 15:10:06 +01:00
Miroslav Stampar
3f6c3b40dd Minor update (not overriding user given 'Accept-Encoding' header value) 2015-03-03 14:37:36 +01:00
Bernardo Damele
8281fe48e5 bug fix: test for boundaries with high levels if the test was extended 2015-03-01 11:02:05 +00:00
Bernardo Damele
260643241a prioritized fingerprinted DBMS to error-based and user provided one 2015-02-27 14:19:30 +00:00
Bernardo Damele
2f08c8b666 bug fix: do not skil heuristic check if previous page (test for dynamicity) had DBMS message. Code cleanup 2015-02-27 13:57:28 +00:00
Miroslav Stampar
dde400ab8f More suitable version of 6bcc95a (suggested by user) 2015-02-25 10:19:51 +01:00
Miroslav Stampar
6bcc95a20d Restricting evaluated code variable names to Python valid characters ([_0-9a-zA-Z]) 2015-02-24 15:05:44 +01:00
Miroslav Stampar
e35c7fbb7a Fixes #1172 2015-02-22 13:41:54 +01:00
Bernardo Damele
475cc8b24b trivial code cleanup 2015-02-21 13:12:30 +00:00
Bernardo Damele
383929c0c2 if the user forces the DBMS, then sort the tests accordingly to perform first the DBMS-specific tests, then the others 2015-02-21 13:12:03 +00:00
Bernardo Damele
d235ee375b code cleanup 2015-02-21 12:59:44 +00:00
Bernardo Damele
8be24d3e9b minor enhancement, prefer intersect() each time DBMS values are comfronted 2015-02-21 12:59:27 +00:00
Bernardo Damele
388c0dfd77 trivial layout fix 2015-02-21 12:57:49 +00:00
Bernardo Damele
52dd92748a rework some of the logic of the detection phase based on identified DBMS along the way 2015-02-21 02:23:42 +00:00
Bernardo Damele
4f939b5719 avoid false positive message when extensive heuristic check is performed following detection of boolean blind injection detection: do only heuristic DBMS fingerprint for DBMS specific tables 2015-02-20 18:36:34 +00:00
Bernardo Damele
1ecb921ba7 Consistency in enums 2015-02-20 18:31:47 +00:00
Bernardo Damele
214b9360e9 Minor fix to check for inline query payloads regardless of previously identified payloads and code cleanup 2015-02-20 18:30:42 +00:00
Bernardo Damele
79d4d970a5 trivial code cleanup 2015-02-20 15:42:28 +00:00
Bernardo Damele
201b605f9b Minor fix and consistency: do not ask to include all tests if level and risk are at the max settings already 2015-02-20 10:21:44 +00:00
Bernardo Damele
daa8e0d8c5 minor fix 2015-02-18 10:13:28 +00:00
Miroslav Stampar
1636088b75 Minor update 2015-02-16 11:48:53 +01:00
Bernardo Damele
e17d212c23 bug fix introduced with 863d5a6281 2015-02-15 20:07:52 +00:00
Bernardo Damele
32ab52b8ca code refactoring: split boundaries and payloads XML files 2015-02-15 16:31:35 +00:00
Bernardo Damele
863d5a6281 --test-filter now ignores values of --risk and --level 2015-02-15 16:28:37 +00:00
Miroslav Stampar
2e5c11e427 Closes #1163 2015-02-13 10:59:03 +01:00
Miroslav Stampar
247384858e Patch for an Issue #1159 (undo commit with single-quotes problem on windows) 2015-02-04 16:21:21 +01:00
Miroslav Stampar
38011743bb Patch for an Issue #1157 2015-02-04 15:01:19 +01:00
Miroslav Stampar
eecc0b924b Patch for an Issue #1148 2015-02-03 10:06:00 +01:00
Miroslav Stampar
2af2aef43e Minor patch for masking sensitive information (when formation -u=... is used) 2015-02-03 09:48:05 +01:00
Miroslav Stampar
59f0da369d Patch for a bug reported via ML (Accept header ignored in --headers) 2015-02-02 22:07:16 +01:00
Miroslav Stampar
8b135e45bd Patch for an Issue #1147 2015-02-02 22:05:31 +01:00
Miroslav Stampar
bf1c08a8a6 Bug fix 2015-01-30 22:43:40 +01:00
Miroslav Stampar
2e9bf47703 Heuristic check for WAF/IDS/IPS is now prone to tamper functions (Issue #1145) 2015-01-30 22:12:35 +01:00
Miroslav Stampar
9e90e357cf Patch for an Issue #1146 2015-01-30 21:59:03 +01:00
Miroslav Stampar
9563e429d3 Removal of fun code 2015-01-30 21:49:22 +01:00
Miroslav Stampar
9f679a952f Minor update 2015-01-29 10:44:36 +01:00
Miroslav Stampar
024c500d8e Minor fix 2015-01-28 00:54:39 +01:00
Miroslav Stampar
5400bb2c95 Patch for an Issue #1142 2015-01-28 00:52:40 +01:00
Miroslav Stampar
fd632e5ada Update for unhandled exception mechanism (BADA) 2015-01-26 09:09:38 +01:00
Miroslav Stampar
eb548959b3 Minor update 2015-01-26 08:59:10 +01:00
Miroslav Stampar
f0eac38ab4 Minor fix 2015-01-26 08:48:37 +01:00
Miroslav Stampar
32bf2dbe6d Patch for an Issue #1133 2015-01-23 23:00:28 +01:00
Miroslav Stampar
779db7cbc3 Minor enhancement 2015-01-22 09:17:45 +01:00
Miroslav Stampar
b7cfaa6ca5 Minor style update 2015-01-22 08:55:37 +01:00
Miroslav Stampar
2655b078d0 Patch for an Issue #1127 2015-01-22 08:52:15 +01:00
Miroslav Stampar
02b3eb941f Patch for an Issue #1124 2015-01-21 09:26:30 +01:00
Miroslav Stampar
cd743ab098 Minor update 2015-01-21 09:12:12 +01:00
Miroslav Stampar
9f4a32ca2b Automatically checking for sitemap existence in case of --crawl 2015-01-20 10:03:35 +01:00
Miroslav Stampar
a603002acd Adding a choice to automatically turn on --identify-waf if protection has been detected 2015-01-20 09:38:18 +01:00
Miroslav Stampar
a66b0c91bb Patch for an Issue #1120 2015-01-19 09:19:30 +01:00
Miroslav Stampar
393659ffbf Patch for an Issue #1121 2015-01-19 09:17:16 +01:00
Miroslav Stampar
e73ac6c8e3 Minor patch on request of an user 2015-01-17 21:47:57 +01:00
Miroslav Stampar
c2b2ccd2b5 Minor bug fix 2015-01-17 17:31:00 +01:00
Miroslav Stampar
da737d23ed Fixing a leftover for #1117 2015-01-15 17:34:14 +01:00
Miroslav Stampar
20a9d94f56 Patch for an Issue #1117 2015-01-15 17:32:07 +01:00
Miroslav Stampar
1dd2b7aceb Important fix for dumping location of databases/tables with international letters 2015-01-15 14:01:19 +01:00
Miroslav Stampar
ccbe424e23 Patch for an Issue #1115 2015-01-15 12:42:32 +01:00
Miroslav Stampar
54e9a1fb2d Minor style update 2015-01-14 16:11:55 +01:00
Miroslav Stampar
570d30789b Patch for an Issue #1113 2015-01-14 14:20:33 +01:00
nixawk
7388c3bf49 datatype.py 2015-01-14 09:40:24 +00:00
Miroslav Stampar
7e7513aa5e Patch for an Issue #1107 2015-01-14 05:30:08 +01:00
Miroslav Stampar
f9a9ededb1 Patch for an Issue #1106 2015-01-14 05:16:32 +01:00
Miroslav Stampar
06ff8b3a16 Patch for an Issue #1105 2015-01-13 10:33:51 +01:00
Miroslav Stampar
8e03f4db0f Patch for an Issue #1062 2015-01-09 15:33:53 +01:00
Miroslav Stampar
f96f33a984 Fix for an Issue #1100 2015-01-08 22:15:04 +01:00
Miroslav Stampar
7bcb3ce599 Patch for an Issue #1099 2015-01-08 09:22:47 +01:00
Miroslav Stampar
0c4d63fb00 Bug fix (reported by user over ML) 2015-01-08 09:00:21 +01:00
Miroslav Stampar
c8d4df6eba Adding names to parameters in structured POST requests (e.g. JSON) 2015-01-07 22:09:40 +01:00
Miroslav Stampar
49982bce9c Trivial update 2015-01-07 16:03:37 +01:00
Miroslav Stampar
450b3c93cb Potential patch for an Issue #1093 2015-01-07 11:40:11 +01:00
Miroslav Stampar
30b9f3d556 Minor update 2015-01-07 10:53:57 +01:00
Miroslav Stampar
47af7dfe6a Another minor patch 2015-01-07 10:49:15 +01:00
Miroslav Stampar
83add9fd9b Minor patch 2015-01-07 10:46:06 +01:00
Miroslav Stampar
c4c4ac13fe Better patch for an Issue #1095 2015-01-07 09:21:02 +01:00
Miroslav Stampar
2030311d50 Patch for an Issue #1095 2015-01-07 02:04:10 +01:00
Miroslav Stampar
5920d16cf6 Adding a warning message for deprecated switch '--check-waf+ 2015-01-06 15:25:24 +01:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
3d5ca1b25a Minor update 2015-01-06 14:36:51 +01:00
Miroslav Stampar
6fc41ca940 Heuristically checking for WAF/IDS/IPS by default 2015-01-06 14:01:47 +01:00
Miroslav Stampar
c474c16b4a Removing ML email address 2015-01-06 12:30:49 +01:00
Miroslav Stampar
7b144f03ea Fix for an Issue #1092 2015-01-05 01:31:06 +01:00
Miroslav Stampar
beffe85d6c Patch for an Issue #1085 2015-01-03 22:30:21 +01:00
Miroslav Stampar
f042a7392d Patch for an Issue #1083 2014-12-31 17:10:45 +01:00
Miroslav Stampar
2985050fce Minor patch 2014-12-30 16:07:08 +00:00
Miroslav Stampar
33508e3bae Patch for an Issue #1077 2014-12-30 16:11:33 +01:00
Miroslav Stampar
41c2f889b2 Fix related to the SSLv3 disabling 2014-12-30 15:44:55 +01:00
Miroslav Stampar
d3c6cf1932 Patch for an Issue #1079 2014-12-30 14:14:47 +00:00
Miroslav Stampar
4f602daa5b Minor patch 2014-12-30 09:35:56 +00:00
Miroslav Stampar
e383df8e29 Patch for an Issue #1073 2014-12-30 09:16:50 +00:00
Miroslav Stampar
02d20ccd13 Patch for an Issue #1078 2014-12-30 08:48:50 +00:00
Miroslav Stampar
1e014de6be Patch for an Issue #1066 2014-12-26 22:24:28 +01:00
Miroslav Stampar
bc91884c4d Fix for an Issue #1065 2014-12-25 23:05:34 +01:00
Miroslav Stampar
45886cb9ca Patch for an Issue #1060 2014-12-23 22:04:23 +01:00
Miroslav Stampar
483158c371 Minor style update 2014-12-23 09:07:33 +01:00
Miroslav Stampar
3c23d616e7 Adding a more user friendly (copy-pastable) client example for sqlmapapi client 2014-12-23 09:01:29 +01:00
Miroslav Stampar
59a3407322 Patch for an Issue #1057 2014-12-23 08:36:00 +01:00
Miroslav Stampar
f93bca4564 Patch for an Issue #1058 2014-12-23 08:23:40 +01:00
Miroslav Stampar
fc7dd2a9b9 Patch for an Issue #1056 2014-12-22 06:02:39 +01:00
Miroslav Stampar
76f79ece13 run like --threads=20! will skip the maximum number of threads check 2014-12-21 05:15:42 +01:00
Miroslav Stampar
4f122ee008 Bug fix regarding a problem reported by user @blink2014 2014-12-20 00:23:31 +01:00
Miroslav Stampar
6cb76bcf85 Adding one new smart ass warning message 2014-12-19 15:48:54 +01:00
Miroslav Stampar
1ea2f5bfe2 Patch for an Issue #1052 2014-12-19 09:37:06 +01:00
Miroslav Stampar
cf3b02ee04 Proper fix for #1053 2014-12-19 09:26:01 +01:00
Miroslav Stampar
6972020faf Bug fix for login-like SQLi (OR with 500 result) 2014-12-18 15:58:19 +01:00
Miroslav Stampar
0cb7852754 Patch for an Issue #1046 2014-12-17 10:02:36 +01:00
Miroslav Stampar
180ede0cb3 Minor patch 2014-12-15 14:07:28 +01:00
Miroslav Stampar
9d06b71862 Minor revert 2014-12-15 13:51:00 +01:00
Miroslav Stampar
e6de92ce88 Minor patch (unicode related) 2014-12-15 13:36:08 +01:00
Miroslav Stampar
35c8e016a8 Minor patch 2014-12-15 13:26:15 +01:00
Miroslav Stampar
3f3a873b10 Merge pull request #1037 from flsf/master
fix comments error
2014-12-15 13:23:39 +01:00
flsf
21837f236f fix comments error 2014-12-15 20:07:38 +08:00
Miroslav Stampar
4c6331daa6 Patch for an Issue #1028 2014-12-15 09:30:54 +01:00
Miroslav Stampar
e794c7f246 Patch for an Issue #1027 2014-12-15 09:13:13 +01:00
Miroslav Stampar
eb15a19532 Patch for an Issue #1032 2014-12-15 09:11:40 +01:00
Miroslav Stampar
ecbba4ea20 Patch for an Issue #1030 2014-12-15 07:18:47 +01:00
Miroslav Stampar
e17e703e3e Minor bug fix (for Windows nagging message about Unicode data) 2014-12-14 00:17:43 +01:00
Miroslav Stampar
fb645b90f7 Minor update 2014-12-14 00:14:18 +01:00
Miroslav Stampar
5166675ff5 Patch for an Issue #1024 2014-12-13 23:32:18 +01:00
Miroslav Stampar
9c225557d1 Patch for an Issue #1020 2014-12-13 14:08:37 +01:00
Miroslav Stampar
25196b4572 Patch for an Issue #1021 2014-12-13 13:48:50 +01:00
Miroslav Stampar
84ba5f35ac Minor update for #1022 2014-12-13 13:41:39 +01:00
Miroslav Stampar
fe58aff26c Patch for an Issue #1019 2014-12-13 00:08:18 +01:00
Miroslav Stampar
650dfe9526 Patch for an Issue #1018 2014-12-12 14:54:47 +01:00
Miroslav Stampar
23d33bb5b5 Patch for an Issue #1017 2014-12-12 09:58:42 +01:00
Miroslav Stampar
bb4ac41ff7 Patch for an Issue #1016 2014-12-12 04:40:44 +01:00
Miroslav Stampar
785e3d0317 Patch for an Issue #1014 2014-12-11 13:29:42 +01:00
Miroslav Stampar
1e06e7c386 Adding a debug message during name resolution 2014-12-11 13:29:26 +01:00
Miroslav Stampar
6f211f9d3e Patch for an Issue #1013 2014-12-11 00:35:51 +01:00
Miroslav Stampar
6d13b67822 Patch for an Issue #1012 2014-12-11 00:32:26 +01:00
Miroslav Stampar
2bcaae3a0b Another just in case update for an Issue #1011 2014-12-11 00:14:35 +01:00
Miroslav Stampar
763f720675 Patch for an Issue #1011 2014-12-11 00:11:52 +01:00
Miroslav Stampar
10ed97b0df Patch for an Issue #1010 2014-12-10 13:50:29 +01:00
Miroslav Stampar
ee20d98bca Minor fix for --forms 2014-12-10 12:13:37 +01:00
Miroslav Stampar
d700e50b36 Minor update related to the Issue #993 2014-12-10 06:37:17 +01:00
Miroslav Stampar
a7b21a2f62 Rerun advice update 2014-12-09 09:02:06 +01:00
Miroslav Stampar
20c272b77d More generic patch for an Issue #994 2014-12-07 16:14:48 +01:00
Miroslav Stampar
4e7f835eae Patch for an Issue #994 2014-12-07 16:11:07 +01:00
Miroslav Stampar
0d931a7b09 Fix for an Issue #999 2014-12-07 15:55:22 +01:00
Miroslav Stampar
bd99470a4a Minor update to cleanup properly new xp_cmdshell 2014-12-05 22:01:59 +01:00
Miroslav Stampar
d726050bc4 Patch for an Issue #991 2014-12-05 11:46:03 +01:00
Miroslav Stampar
034fae0f47 Patch for an Issue #992 2014-12-05 11:24:43 +01:00
Miroslav Stampar
7673f3e045 Minor style update 2014-12-05 11:15:33 +01:00
Miroslav Stampar
56965e3608 Patch for an Issue #990 2014-12-04 13:36:41 +01:00
Miroslav Stampar
9b32e69f26 Adding new WAF script (UrlScan) 2014-12-04 10:06:15 +01:00
Miroslav Stampar
a3507d65fd Minor update 2014-12-04 09:34:37 +01:00
Miroslav Stampar
d3060f20d7 Minor improvement 2014-12-03 13:22:55 +01:00
Miroslav Stampar
aa95a05477 Minor update 2014-12-03 13:14:06 +01:00
Miroslav Stampar
17db587e2c Adding some friendly warning messages (regarding blocking) 2014-12-03 10:06:21 +01:00
Miroslav Stampar
e4b00bdbcb Patch for an Issue #983 2014-12-02 10:57:50 +01:00
Miroslav Stampar
2358e34bb8 Minor refactoring 2014-12-02 10:50:15 +01:00
Miroslav Stampar
e03aaa7542 Patch for an Issue #982 2014-12-02 10:23:10 +01:00
Miroslav Stampar
7a04595f5e Added a reference url (http charset priority) 2014-12-01 11:15:45 +01:00
Miroslav Stampar
f71a65a9a0 Patch for an Issue #979 2014-12-01 00:29:25 +01:00
Miroslav Stampar
56b6bf72f4 Patch for an Issue #978 2014-11-29 23:33:24 +01:00
Miroslav Stampar
605b126758 Patch for an Issue #976 2014-11-26 13:38:21 +01:00
Miroslav Stampar
8cd40f8917 Patch for an Issue #971 2014-11-25 13:54:26 +01:00
Miroslav Stampar
a0d95a8ec4 Refactoring of #952 2014-11-24 12:56:39 +01:00
Miroslav Stampar
27cd9e7064 Merge pull request #952 from Rexikon/patch-1
Update httpshandler.py, AttributeError PROTOCOL_SSLv3
2014-11-24 12:52:27 +01:00
Miroslav Stampar
816348f1ab Patch for an Issue #963 2014-11-24 11:54:04 +01:00
Miroslav Stampar
05f7b1f121 Patch for an Issue #970 2014-11-24 10:55:19 +01:00
Miroslav Stampar
2f744139fc Patch for an Issue #968 2014-11-24 10:13:56 +01:00
Miroslav Stampar
2284535267 Update for an Issue #963 2014-11-24 05:44:38 +01:00
Miroslav Stampar
69cdad4148 Patch for an Issue #958 2014-11-23 15:55:12 +01:00
Miroslav Stampar
28d6af6237 Minor update 2014-11-23 15:42:41 +01:00
Miroslav Stampar
f853f8973f Minor refactorign 2014-11-23 15:41:24 +01:00
Miroslav Stampar
080a873922 Patch for an Issue #964 2014-11-23 15:39:08 +01:00
Miroslav Stampar
5c182a0ec4 Update for an Issue #431 2014-11-21 11:33:57 +01:00
Miroslav Stampar
f0802c6fb9 Update for an Issue #431 2014-11-21 11:20:54 +01:00
Miroslav Stampar
1fc4d0e3c4 Update for an Issue #431 2014-11-21 10:31:55 +01:00
Miroslav Stampar
cf2d5fd453 Update for an Issue #431 2014-11-21 09:41:49 +01:00
Miroslav Stampar
34ce774acd Patch for an Issue #956 2014-11-21 09:41:49 +01:00
Miroslav Stampar
1a8b58fca6 Minor update 2014-11-20 16:42:06 +01:00
Miroslav Stampar
f8a8cbf9a6 Storing crawling results to a temporary file (for eventual further processing) 2014-11-20 16:29:17 +01:00
Miroslav Stampar
d3551631c4 Minor update 2014-11-20 16:10:25 +01:00
Miroslav Stampar
484fa61afc Patch for an Issue #954 2014-11-20 15:08:08 +01:00
Miroslav Stampar
ee8b3ee664 Patch for an Issue #953 2014-11-20 09:49:04 +01:00
Rexikon
4da20679ee Update httpshandler.py
ssl.PROTOCOL_SSLv3 removed
affecting error: AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'
2014-11-19 16:36:30 +01:00
Miroslav Stampar
05d5342f20 Update and patch for an Issue #2 2014-11-17 11:50:05 +01:00
Miroslav Stampar
733e06e31f Patch for an Issue #944 2014-11-16 14:25:44 +01:00
Miroslav Stampar
bb56eb583a Minor update 2014-11-16 13:34:35 +01:00
Miroslav Stampar
d8d9678947 Patch for an Issue #935 2014-11-14 00:21:04 +01:00
Miroslav Stampar
74eacf95fd Patch for an Issue #929 2014-11-13 10:52:33 +01:00
Miroslav Stampar
671facc6d9 Patch for an Issue #930 2014-11-13 10:28:38 +01:00
Miroslav Stampar
d0afa7f325 Bug fix for not displaying proper version in unhandled exception win cases 2014-11-12 11:53:42 +01:00
Miroslav Stampar
06e6d2aaeb Patch for an Issue #921 2014-11-11 11:38:14 +01:00
Miroslav Stampar
c5df45a14f Minor bug fix (skipping HTML decoding in heuristic mode) 2014-11-11 11:23:14 +01:00
Miroslav Stampar
dfa8e0456d Potential patch for an Issue #914 2014-11-10 14:51:31 +01:00
Miroslav Stampar
cdbfb17408 Patch for an Issue #919 2014-11-10 13:41:53 +01:00
Miroslav Stampar
06bb957d13 Preventing a run of duplicate issues 2014-11-09 22:07:11 +01:00
Miroslav Stampar
de1cf26fe6 Minor patch 2014-11-09 18:58:25 +01:00
Miroslav Stampar
80af465ce3 Fix for an Issue #911 2014-11-09 18:40:49 +01:00
Miroslav Stampar
9fe6ab749b Bug fix for occureance of ANSI color codes in multiprocessing hash cracking on Windows OS 2014-11-09 15:08:44 +01:00
Miroslav Stampar
62a73bf30b Minor fix for automatic removal of temporary files 2014-11-09 14:52:50 +01:00
Miroslav Stampar
5e9c73f9c1 Just in case update (for unhandled exceptions happening too soon) 2014-11-08 21:44:46 +01:00
Miroslav Stampar
3b06665c9f Patch for an Issue #910 2014-11-08 21:22:03 +01:00
Miroslav Stampar
8fdf9ff746 Probable fix for an Issue #908 2014-11-07 15:47:42 +01:00
Miroslav Stampar
31f8d6e612 Fix for an Issue #904 2014-11-06 11:19:05 +01:00
Miroslav Stampar
a91fb4149b Minor update (using lower frequency alphabet for kb.chars) 2014-11-05 10:56:30 +01:00
Miroslav Stampar
a074efe75e Minor improvement of error-based SQLi when trimmed output is detected (trying to reconstruct) 2014-11-05 10:46:11 +01:00
Miroslav Stampar
71c43be53a Patch for an Issue #901 2014-11-05 10:03:19 +01:00
Miroslav Stampar
78cc3853b6 Fix for an Issue #902 2014-11-05 09:56:50 +01:00
Miroslav Stampar
97cc679f9c Fix for an Issue #900 2014-11-04 15:15:58 +01:00
Miroslav Stampar
4d5b48b2ae Patch for an Issue #896 2014-11-04 00:34:35 +01:00
Miroslav Stampar
6f45596f28 Minor style update 2014-11-03 23:48:44 +01:00
Miroslav Stampar
05b446b95d Patch for an Issue #893 2014-11-02 23:38:52 +01:00
Miroslav Stampar
9652e41226 Path for an Issue #891 2014-11-02 23:32:19 +01:00
Miroslav Stampar
1ef2c4006d Patch for an Issue #892 2014-11-02 11:01:46 +01:00
Miroslav Stampar
a4d058d70c More anonymization of unhanded exception data 2014-11-02 10:55:38 +01:00
Miroslav Stampar
baf9ada28d Fix for an Issue #889 2014-11-01 17:13:33 +01:00
Miroslav Stampar
4e0e64d06b Bug fix for DNS Exfiltration in PgSQL case ('invalid URI') 2014-10-31 20:28:37 +01:00
Miroslav Stampar
49d3860b1f Minor fix 2014-10-31 20:22:15 +01:00
Miroslav Stampar
ab269f315f Fix for an Issue #886 2014-10-31 18:58:30 +01:00
Miroslav Stampar
c33e493e0d Fix for an Issue #885 2014-10-31 17:06:09 +01:00
Miroslav Stampar
38978c3e54 Fix for an Issue #884 2014-10-31 16:45:26 +01:00
Miroslav Stampar
0feb379b47 Fix for an Issue #887 2014-10-31 16:39:29 +01:00
Miroslav Stampar
5b0d74146e Fix for an Issue #883 2014-10-31 01:01:35 +01:00
Miroslav Stampar
8ea22c5124 Fix for an Issue #878 2014-10-28 15:34:53 +01:00
Miroslav Stampar
455ea9922c Minor update 2014-10-28 15:26:28 +01:00
Miroslav Stampar
258a700b2e More anonymization of unhandled exception messages 2014-10-28 15:14:41 +01:00
Miroslav Stampar
df73be32f1 Fix for an Issue #876 2014-10-28 14:41:21 +01:00
Miroslav Stampar
725c3a6a95 Minor update 2014-10-28 14:08:06 +01:00
Miroslav Stampar
3b3b8d4ef2 Potential bug fix (escaping formatted regular expressions) 2014-10-28 14:02:55 +01:00
Miroslav Stampar
268e774087 Minor refactoring 2014-10-28 13:44:55 +01:00
Miroslav Stampar
f89e94fb8c Minor refactoring 2014-10-28 13:42:13 +01:00
Miroslav Stampar
e08c8f272a Fix for an Issue #875 2014-10-28 13:10:07 +01:00
Miroslav Stampar
19aed90ae5 Implementation for an Issue #874 2014-10-27 00:37:46 +01:00
Miroslav Stampar
6448d3caf4 Implementing support for csrfcookie (Issue #2) 2014-10-24 09:37:51 +02:00
Miroslav Stampar
5e31229d48 Minor cosmetic update 2014-10-23 15:18:22 +02:00
Miroslav Stampar
abbd352392 Support for X-CSRF-TOKEN header (Issue #2) 2014-10-23 14:33:22 +02:00
Miroslav Stampar
95f2e61ca1 Minor fix related to the Issue #2 2014-10-23 14:23:01 +02:00
Miroslav Stampar
01f4b76817 Minor update for the Issue #2 2014-10-23 14:03:44 +02:00
Miroslav Stampar
7143e61619 Minor update 2014-10-23 14:00:53 +02:00
Miroslav Stampar
32bcca0aae Basic options check for Issue #2 2014-10-23 11:54:29 +02:00
Miroslav Stampar
7fc9e82d28 Minor style update 2014-10-23 11:44:38 +02:00
Miroslav Stampar
780dbd1c64 Update for an Issue #2 2014-10-23 11:42:30 +02:00
Miroslav Stampar
a52c8811e6 Minor style update 2014-10-23 11:25:44 +02:00
Miroslav Stampar
fc1b05bec9 Implementation for an Issue #2 2014-10-23 11:23:53 +02:00
Miroslav Stampar
8dcad46805 Update basic.py 2014-10-22 23:16:46 +02:00
Miroslav Stampar
73a3db67eb Fix for an Issue #862 2014-10-22 14:54:49 +02:00
Miroslav Stampar
60f2764c3d Minor style update 2014-10-22 13:53:18 +02:00
Miroslav Stampar
34aed7cde0 Bug fix (now it's possible to use multiple parsed requests without mixing associated headers) 2014-10-22 13:49:29 +02:00
Miroslav Stampar
2f18df345e Minor patch 2014-10-22 13:41:36 +02:00
Miroslav Stampar
268095495e Minor patch 2014-10-22 13:32:49 +02:00
Miroslav Stampar
e239fefe67 Minor patch for JSON requests 2014-10-22 10:38:49 +02:00
Miroslav Stampar
a2f578dbf4 Patch to also include JSON array elements into automatic recognition 2014-10-22 10:28:10 +02:00
Miroslav Stampar
3ebc5faa34 Falling back to partial UNION if large dump connects out 2014-10-21 09:23:34 +02:00
Miroslav Stampar
006d9d1859 Bug fix for a problem reported by a user via ML (--os-shell) 2014-10-13 12:00:34 +02:00
Miroslav Stampar
fb65caabd2 Unhidding switch --ignore-401 2014-10-13 09:19:25 +02:00
Miroslav Stampar
4e3a4eb0ff Added a prompt for choosing a number of threads when in crawling mode 2014-10-10 12:09:08 +02:00
Miroslav Stampar
2aadfc0fd3 Fix for an Issue #851 2014-10-10 10:38:17 +02:00
Miroslav Stampar
d4610890ca Minor patch (flushing log file output at the end of program run) 2014-10-10 10:07:17 +02:00
Miroslav Stampar
7811a958ae Another minor patch for Issue #846 2014-10-09 15:42:44 +02:00
Miroslav Stampar
f94ac8c69d Second patch related to the Issue #846 2014-10-09 15:21:26 +02:00
Miroslav Stampar
c823c58d47 One patch related to the Issue #846 2014-10-09 14:39:54 +02:00
Miroslav Stampar
70215a95a1 Patch for an Issue #847 2014-10-07 13:02:47 +02:00
Miroslav Stampar
c6a8feea8a Fix for an Issue #831 2014-10-07 12:00:11 +02:00
Miroslav Stampar
2ab4558859 Potential fix for an Issue #846 2014-10-07 11:49:53 +02:00
Miroslav Stampar
ddfec1c668 Initial patch for an Issue #846 2014-10-07 11:34:47 +02:00
Miroslav Stampar
2de12ef4a2 Potential fix for an Issue #843 2014-10-05 00:20:42 +02:00
Miroslav Stampar
fdef53aa67 Minor update of unhandled exception message 2014-10-01 14:23:45 +02:00
Miroslav Stampar
a2b059123a Minor update of format exception strings 2014-10-01 14:12:30 +02:00
Miroslav Stampar
e81168af0f Minor adjustment 2014-10-01 13:59:51 +02:00
Miroslav Stampar
f67a38dba9 Minor adjustment 2014-10-01 13:42:10 +02:00
Miroslav Stampar
a9454fbb43 Minor commit related to the last one (bypassing DBMS error trimming problem) 2014-10-01 13:35:20 +02:00
Miroslav Stampar
8c9014c39f Adding a dummy (auxiliary) XSS check 2014-10-01 13:31:48 +02:00
Miroslav Stampar
4d23744430 Bug fix (there was a problem using --tamper=varnish with --identify-waf because of same named modules) 2014-09-30 09:58:02 +02:00
Miroslav Stampar
ff42720c62 Minor fix 2014-09-29 14:07:59 +02:00
Miroslav Stampar
1e636fb925 Minor patch regarding Issue #840 2014-09-28 13:38:09 +02:00
Miroslav Stampar
767c278a0f Fix for an Issue #838 2014-09-26 17:00:50 +02:00
Miroslav Stampar
00fc842c6f Update agent.py 2014-09-20 10:20:57 +02:00
Miroslav Stampar
69701ba08c Minor refactoring 2014-09-17 18:29:01 +02:00
Miroslav Stampar
09064a4a24 Minor just in case patch 2014-09-17 18:25:24 +02:00
Miroslav Stampar
bbc6dd9ac8 Minor fix 2014-09-17 10:28:18 +02:00
Miroslav Stampar
6888d2fc34 Minor cosmetic update 2014-09-16 16:32:54 +02:00
Miroslav Stampar
0e8090381c Minor cosmetic update 2014-09-16 16:21:29 +02:00
Miroslav Stampar
c5294f2cbb Minor patch for an Issue #832 2014-09-16 16:18:13 +02:00
Miroslav Stampar
5b0732e9f9 Minor update for Issue #832 2014-09-16 15:17:50 +02:00
Miroslav Stampar
7278af01ee Implementation for an Issue #832 2014-09-16 14:12:43 +02:00
Miroslav Stampar
57eb19377e Minor code refactoring 2014-09-16 09:07:31 +02:00
Miroslav Stampar
45f5548113 Minor update regarding shell history file 2014-09-16 08:58:25 +02:00
Miroslav Stampar
637d3cbaf7 Fix for cases when parameter name is urlencoded 2014-09-12 13:29:30 +02:00
Miroslav Stampar
bfc8ab0e35 Language update 2014-09-08 14:48:31 +02:00
Miroslav Stampar
53d0d5bf8b Minor update (adding a warning message about potential dropping of requests because of protection mechanisms involved) 2014-09-08 14:33:13 +02:00
Miroslav Stampar
055b759145 Minor update 2014-09-03 23:13:57 +02:00
Miroslav Stampar
bbf0be1f8d Bug fix (Issue #813) 2014-09-03 22:09:12 +02:00
Miroslav Stampar
112a0cb1ae Patch for output directory (using unicode for international support) 2014-09-03 21:49:30 +02:00
Miroslav Stampar
7e40890f32 Patch for an Issue #815 2014-09-01 16:16:12 +02:00
Miroslav Stampar
25c6fca20e Minor fix 2014-09-01 15:48:00 +02:00
Miroslav Stampar
d5d01e91ad Warning message 2014-08-30 22:15:14 +02:00
Miroslav Stampar
20ff402103 Minor patch 2014-08-30 22:04:55 +02:00
Miroslav Stampar
dc2ee8bfa0 Minor update 2014-08-30 21:53:09 +02:00
Miroslav Stampar
177fc0376d Minor fix for HSQLDB 2014-08-30 21:37:38 +02:00
Miroslav Stampar
1a9a331422 Bug fix (proper extending of tests when dbms is known) 2014-08-30 21:34:23 +02:00
Miroslav Stampar
e501b2a80b Minor patch 2014-08-30 20:58:59 +02:00
Miroslav Stampar
03c8e7b7a2 Patch for an Issue #810 2014-08-30 17:13:02 +02:00
Miroslav Stampar
77cb35dcf6 Fix for an Issue #804 2014-08-28 14:26:55 +02:00
Miroslav Stampar
9476359255 Bug fix 2014-08-28 12:50:39 +02:00
Miroslav Stampar
834f8e18c8 Minor patch for an Issue #802 2014-08-28 00:45:57 +02:00
Miroslav Stampar
b77d8d617b Minor patch for an Issue #800 2014-08-28 00:31:49 +02:00
Miroslav Stampar
7595f2b73e Minor fix 2014-08-28 00:13:27 +02:00
Miroslav Stampar
fce671c899 Patch for an Issue #801 2014-08-28 00:00:16 +02:00
Miroslav Stampar
fd36250026 Proper fix for an Issue #757 2014-08-26 23:36:04 +02:00
Miroslav Stampar
2a268199d4 Patch for an Issue #798 2014-08-26 23:11:44 +02:00
Miroslav Stampar
e68326c0fe expandAsteriskForColumns changes value of conf.db and conf.tbl potentially causing problems in further work 2014-08-26 22:57:08 +02:00
Miroslav Stampar
decd092b2a Minor patch 2014-08-26 22:40:50 +02:00
Miroslav Stampar
2be0ebd883 Minor fix (e.g. Oracle identifier names can contain character $) 2014-08-26 22:40:15 +02:00
Miroslav Stampar
dcaad75a1e Fix for an Issue #794 2014-08-22 15:08:05 +02:00
Miroslav Stampar
d74b803306 Minor patch 2014-08-22 14:45:23 +02:00
Miroslav Stampar
e0a8b89069 Minor patch when trailing space is used with comma to split option items (e.g. '-C id, name') 2014-08-22 14:19:53 +02:00
Miroslav Stampar
e3a0f25db0 Patch for an Issue #795 2014-08-22 14:11:23 +02:00
Miroslav Stampar
2ce3ccac46 Patch for an Issue #797 (switching to greedy because of performance; it shouldn't be a problem because it was a single line replacement in the first place) 2014-08-22 13:06:53 +02:00
Miroslav Stampar
77513e1de9 Minor style update 2014-08-21 01:19:10 +02:00
Miroslav Stampar
c5b71cff10 Some filtering 2014-08-21 01:12:44 +02:00
Miroslav Stampar
3cfdb5ff0f Removing / from auto directories (it doesn't make sense to auto-test for uploading to /) 2014-08-21 00:43:37 +02:00
Miroslav Stampar
acb3b1d1fe Bug fix for common table/column existence check 2014-08-21 00:12:19 +02:00
Miroslav Stampar
074b57804e Minor style update 2014-08-21 00:03:46 +02:00
Miroslav Stampar
58d93ffb2b Fix for falling back to partial union (excluding scalar queries) 2014-08-20 23:53:15 +02:00
Miroslav Stampar
90882f081d Language update 2014-08-20 23:47:57 +02:00
Miroslav Stampar
0296081692 Minor refactoring 2014-08-20 23:42:40 +02:00
Miroslav Stampar
f51ea20bbd Minor style update 2014-08-20 22:50:00 +02:00
Miroslav Stampar
5d10bae31f Removing trailing blank lines 2014-08-20 21:07:19 +02:00
Miroslav Stampar
e0216771ed Minor update 2014-08-20 15:23:07 +02:00
Miroslav Stampar
c97782cfed Minor update of banner 2014-08-20 15:10:21 +02:00
Miroslav Stampar
07f881e711 Minor fix 2014-08-20 14:02:04 +02:00
Miroslav Stampar
b4fbb9cafe Minor upgrade 2014-08-20 13:52:48 +02:00
Miroslav Stampar
7828f61642 Minor style update 2014-08-20 13:35:41 +02:00
Miroslav Stampar
dfa426fbb5 Minor style update 2014-08-20 13:32:32 +02:00
Miroslav Stampar
6795b51c7e Another minor update 2014-08-20 01:59:30 +02:00
Miroslav Stampar
d08c1b7c04 Minor update 2014-08-20 01:45:42 +02:00
Miroslav Stampar
6caccc3d93 Bug fix for ultra-slow processing of binary data 2014-08-20 01:38:01 +02:00
Miroslav Stampar
ebc964267f Better reporting on filtered-chars cases 2014-08-20 01:11:26 +02:00
Miroslav Stampar
c12e51173a Minor style update 2014-08-20 00:28:33 +02:00
Miroslav Stampar
5a05271097 Minor fix 2014-08-19 22:34:07 +02:00
Miroslav Stampar
b0465a6a76 Adding a revision scheme for nongit checkouts 2014-08-19 22:32:16 +02:00
Miroslav Stampar
cd92de1702 Adding colorful banner 2014-08-19 22:19:22 +02:00
Miroslav Stampar
7d578d395f Minor update for Apache on Windows 2014-08-16 16:01:18 +02:00
Miroslav Stampar
a8b4b96cd9 Extending list for brute forcing doc root 2014-08-16 15:16:03 +02:00
Miroslav Stampar
0fb576724e Implementation for cases when there are multiple copies/variations of the same result(s) in response for partial UNION SQLi 2014-08-13 22:50:42 +02:00
Miroslav Stampar
0809a61fc3 Bug fix (whole page output as a result of partial union runs) 2014-08-13 15:18:11 +02:00
Miroslav Stampar
0a74ae736f Probable fix for an Issue #788 2014-08-13 14:01:57 +02:00
Miroslav Stampar
658110e644 Minor fix 2014-08-11 12:46:37 +02:00
hydhyd
e7ffe92d8c Update settings.py
Modified BRUTE_DOC_PREFIXES to include "/srv/www" used by default in OpenSUSE.
2014-08-06 12:59:18 +04:00
Miroslav Stampar
8599005115 Implementation for an Issue #771 2014-08-01 14:19:32 +02:00
Miroslav Stampar
208d51e0e9 Revert of last trigger happy commit 2014-08-01 13:57:43 +02:00
Miroslav Stampar
d300f99b0b Removing a redundant code (similar check is being done upper in code) 2014-08-01 13:57:07 +02:00
Miroslav Stampar
8bc6154f06 Removing a redundant code (similar check is being done upper in code) 2014-08-01 13:53:22 +02:00
Miroslav Stampar
b31e141012 Fix for an Issue #772 2014-07-29 14:37:48 +02:00
Miroslav Stampar
20d75cc52e Patch for an Issue #767 2014-07-29 13:32:26 +02:00
Miroslav Stampar
9fff88d6e4 Minor update 2014-07-19 23:23:55 +02:00
Miroslav Stampar
3cfa63646b Minor bug fix 2014-07-19 23:17:23 +02:00
Miroslav Stampar
0eb5fb1e5a Update for an Issue #757 2014-07-19 23:02:14 +02:00
Miroslav Stampar
cd1c100cc0 Another patch for an Issue #757 2014-07-14 21:10:45 +02:00
Miroslav Stampar
e66a81ab4e Fix for an Issue #757 2014-07-11 16:24:57 +02:00
Miroslav Stampar
32af0b17b0 Update for an Issue #760 2014-07-10 08:49:20 +02:00
Miroslav Stampar
33b6d189cd Bug fix for some cases (in cases of working where=ORIGINAL, workflow switched to where=NEGATIVE because of false assumptions that it would be better than ORIGINAL; this kind of behaviour caused reported problems) 2014-07-07 22:22:56 +02:00
Miroslav Stampar
79a66ef22c Minor patch 2014-07-06 09:09:44 +02:00
Miroslav Stampar
b5838ae7a4 Adding missing module (Issue #674 and Issue #747) 2014-07-03 00:29:20 +02:00
Miroslav Stampar
9d571c7800 Minor language update 2014-07-02 22:31:18 +02:00
Miroslav Stampar
e6d0d5a1c7 Implementation for an Issue #674 2014-07-02 22:27:51 +02:00
Miroslav Stampar
1eecabaea8 Patch for an Issue #746 2014-07-02 10:11:31 +02:00
Bernardo Damele
4e909a2a05 code cleanup 2014-07-01 00:58:49 +01:00
Bernardo Damele
018748f52e increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections 2014-07-01 00:34:09 +01:00
Conny Brunnkvist
f0e23c9441 Use the selected random User-Agent 2014-07-01 00:27:14 +07:00
Miroslav Stampar
c2f14e57e7 Patch for an Issue #740 2014-06-29 00:27:23 +02:00
Miroslav Stampar
686fe4d0e9 Another patch for DNS exfiltration and boolean checks 2014-06-27 14:22:00 +02:00
Miroslav Stampar
8e660e6911 Minor fix 2014-06-27 14:14:29 +02:00
Miroslav Stampar
2f8d17bcb7 Appendix to last commit 2014-06-27 13:45:40 +02:00
Miroslav Stampar
75279ea75a Fix for DNS exfiltration of boolean checks 2014-06-27 13:07:34 +02:00
Miroslav Stampar
5b5a765f96 Patch for an Issue #734 2014-06-23 12:24:08 +02:00
Miroslav Stampar
a47072eced Patch for an Issue #732 2014-06-22 00:09:08 +02:00
Miroslav Stampar
2a88436417 Patch for an Issue #724 2014-06-16 09:51:24 +02:00
Miroslav Stampar
f558b800ac Patch for an Issue #719 2014-06-12 09:08:55 +02:00
Miroslav Stampar
c50560c3a6 Patch for an Issue #716 2014-06-10 21:57:54 +02:00
Miroslav Stampar
5e9334ab79 Implementation for an Issue #715 2014-06-08 23:55:15 +02:00
Miroslav Stampar
54be398e83 Patch for an Issue #711 2014-06-04 16:35:07 +02:00
Miroslav Stampar
27ebc02535 Minor fix (user reported problem via email) 2014-05-29 09:33:14 +02:00
Miroslav Stampar
0f10cdfa4c Minor update 2014-05-29 09:24:09 +02:00
Miroslav Stampar
9e02816cbd Raising number of used md5 digits in hashdb key value because of birthday paradox (Python can handle it - automatically expanding to long if required; SQLite can handle it - it will use 6 bytes per INTEGERs instead of 4) 2014-05-29 09:21:48 +02:00
Miroslav Stampar
680ab10ca6 Patch for an Issue #703 2014-05-27 21:41:07 +02:00
Miroslav Stampar
2d5461d250 Minor fix (related to the unknown encoding reported by ML) 2014-05-22 09:03:14 +02:00
Miroslav Stampar
24954776a5 Patch for an Issue #697 2014-05-20 22:00:26 +02:00
Miroslav Stampar
babe49f086 Minor update (added new warning message) 2014-05-20 17:14:40 +02:00
Miroslav Stampar
c181e909b5 Minor fix 2014-05-16 23:47:00 +02:00
Miroslav Stampar
0f581ccb6c Minor fix 2014-05-13 15:36:28 +02:00
Miroslav Stampar
4e8b41b869 Patch for an Issue #688 2014-05-13 00:50:36 +02:00
Miroslav Stampar
3a2916724c Minor style update 2014-05-11 17:12:15 +02:00
Miroslav Stampar
a72d73804e Revert of 9255174890 (bug was introduced with it) 2014-05-10 01:31:44 +02:00
Miroslav Stampar
93bf8e2a13 Bug fix 2014-05-10 01:11:19 +02:00
Miroslav Stampar
8f0807d7f9 Another fix related to the last commit 2014-05-09 22:55:16 +02:00
Miroslav Stampar
5eae002084 Minor fix 2014-05-09 22:45:43 +02:00
Miroslav Stampar
9255174890 Minor fix 2014-05-09 22:39:56 +02:00
Miroslav Stampar
bc4369be06 Fix for an Issue #687 2014-05-07 09:16:17 +02:00
Miroslav Stampar
2a55f75f86 Using a more generic XML recognition regex 2014-04-30 21:25:45 +02:00
Miroslav Stampar
2e96e3c924 Adding a hidden switch --ignore-401 2014-04-29 23:26:45 +02:00
Miroslav Stampar
eb8e31c23f Adding a failsafe output directory 2014-04-27 22:40:41 +02:00
Miroslav Stampar
b54651b5a2 Minor patch (while saving configuration file) 2014-04-25 09:32:57 +02:00
Miroslav Stampar
ae8b1fe89c Implementation for an Issue #678 2014-04-25 09:17:10 +02:00
Miroslav Stampar
e0fb21c26a Patch for an Issue #673 2014-04-21 21:57:30 +02:00
Miroslav Stampar
f29769b7d0 Minor patch 2014-04-16 09:06:17 +02:00
Miroslav Stampar
ef5ce7e66c Fix for an Issue #670 2014-04-12 17:22:47 +02:00
Miroslav Stampar
fd884ec67b Adding another comment 2014-04-12 17:22:47 +02:00
Miroslav Stampar
b5cca742e4 Adding a comment 2014-04-12 17:22:47 +02:00
Miroslav Stampar
7f371c499d Commit related to the last one 2014-04-10 21:29:59 +02:00
Miroslav Stampar
096ce7881e Minor beauty patch 2014-04-10 21:18:24 +02:00
Miroslav Stampar
0d1690de61 Minor fix 2014-04-10 21:18:24 +02:00
Miroslav Stampar
1e8349eeaa Minor fix 2014-04-10 21:18:24 +02:00
Miroslav Stampar
2d3a74a0fe Patch for an Issue #667 2014-04-07 21:01:40 +02:00
Miroslav Stampar
cb0044b2c4 Minor beauty patch 2014-04-07 20:28:17 +02:00
Miroslav Stampar
fdad787681 Graceful abort in case of an invalid option in configuration file 2014-04-07 20:22:51 +02:00
Miroslav Stampar
e3ccf45503 Graceful abort in case of an invalid configuration file 2014-04-07 20:17:47 +02:00
Miroslav Stampar
bcf754fb17 Consistency patch (to be the same as in help listing) 2014-04-07 20:10:21 +02:00
Miroslav Stampar
b74de19213 Trivial style update 2014-04-07 20:06:03 +02:00
Miroslav Stampar
75f447ccf8 Renaming lib/core/purge to lib/utils/purge 2014-04-07 20:04:07 +02:00
Miroslav Stampar
9c7fbd1a90 Minor refactoring 2014-04-06 18:19:54 +02:00
Miroslav Stampar
4f4c50c4d5 Minor language update 2014-04-06 18:12:59 +02:00
Miroslav Stampar
bf18b025d6 Minor removal of redundant code 2014-04-06 18:09:54 +02:00
Miroslav Stampar
e931344617 More elegant implementation for --random-agent 2014-04-06 18:05:43 +02:00
Miroslav Stampar
9456dc68e7 Minor patch 2014-04-06 17:24:27 +02:00
Miroslav Stampar
1c92d8d51f More generic implementation for --proxy-file (accepting public lists format) 2014-04-06 17:23:13 +02:00
Miroslav Stampar
bbf08a825e Minor language fix 2014-04-06 17:12:43 +02:00
Miroslav Stampar
cf250a0381 Minor patch (it would go boom if special character was inside the --param-del) 2014-04-06 17:02:32 +02:00
Miroslav Stampar
053b0fd0e9 Renaming conf.oDir to conf.outputDir 2014-04-06 16:54:46 +02:00
Miroslav Stampar
7cc4159316 Renaming conf.cDel to conf.cookieDel 2014-04-06 16:50:58 +02:00
Miroslav Stampar
0ae8ac707e Renaming conf.pDel to conf.paramDel 2014-04-06 16:48:46 +02:00
Miroslav Stampar
95e7ca02f0 Minor bug fix (-d was not recognized as one of mandatory in case of config file) 2014-04-06 16:45:25 +02:00
Miroslav Stampar
1b3a98b8ef Trivial update (for consistency sake) 2014-04-06 13:42:15 +02:00
Miroslav Stampar
492a410bcc Minor fix 2014-04-04 16:14:53 +02:00
Miroslav Stampar
15f92c4197 Bug fix (port was not being used properly with Burp exported history) 2014-04-03 09:46:37 +02:00
Miroslav Stampar
1632bec10b Another fix related to the last commit 2014-04-03 09:05:12 +02:00
Miroslav Stampar
e7e8a3965a Minor fix 2014-04-03 09:00:14 +02:00
Miroslav Stampar
80d4426dbd Patch related to the Issue #661 2014-04-02 22:34:37 +02:00
Miroslav Stampar
d8bacc904e Minor language update 2014-04-01 16:38:50 +02:00
Miroslav Stampar
3e024ac8e6 Minor update (consistency patch) 2014-03-30 16:51:31 +02:00
Miroslav Stampar
76b9fad24a Fix for an Issue #656 2014-03-30 16:21:18 +02:00
Miroslav Stampar
b2cc8f00ef Bug fix (ORACLE_OLD on Windows - resulted in multiple entry per line output due to no locking used) 2014-03-28 00:41:22 +01:00
Miroslav Stampar
e8c1c90f2e Whitespace was being double encoded in case of spaceplus (' '->%2B) 2014-03-25 22:02:14 +01:00
Miroslav Stampar
3710a7051b Fix for an Issue #653 2014-03-25 21:26:22 +01:00
Miroslav Stampar
930c3e3c5a Minor update (added check for --limit and --risk) 2014-03-25 09:28:12 +01:00
Miroslav Stampar
f6e1d9e026 Fix for an Issue #650 2014-03-24 10:46:23 +01:00
Miroslav Stampar
106102bd3c Fix for an Issue #648 2014-03-21 20:28:29 +01:00
Bernardo Damele
9f838c3d5b typo fix 2014-03-21 11:37:34 +00:00
Bernardo Damele
8091a88d3e minor code cleanup and bug fix 2014-03-21 11:35:30 +00:00
Bernardo Damele
c211255773 replaced outfile with dumpfile so works even if the original statement outputs blob 2014-03-21 11:01:57 +00:00
Miroslav Stampar
39ab3b9149 Minor fix for meta refresh 2014-03-20 13:13:47 +01:00
Miroslav Stampar
d7f0da5599 Minor patch for an Issue #646 2014-03-20 13:08:28 +01:00
Miroslav Stampar
97fe5e52c2 Fix for an Issue #644 2014-03-18 16:41:05 +01:00
Miroslav Stampar
97f603af4a Fix for an Issue #641 2014-03-17 20:20:25 +01:00
Miroslav Stampar
0622cdf3d8 Bug fix (credentials used in combination with request file) 2014-03-15 09:29:21 +01:00
Miroslav Stampar
3b47418a1d Fix for an Issue #640 2014-03-14 22:20:20 +01:00
Miroslav Stampar
56d76e6bfd Updating list of extensions to exclude from crawling 2014-03-14 21:34:16 +01:00
Miroslav Stampar
be3fd8bb29 Fix for an Issue #638 2014-03-14 16:44:56 +01:00
Miroslav Stampar
17742df0fa Update for an Issue #636 (to prevent eventual future reports with lack of stack trace) 2014-03-11 21:18:31 +01:00
Miroslav Stampar
2f8846caec Fix for an Issue #636 2014-03-11 21:11:51 +01:00
Miroslav Stampar
d1a6a775f1 Patch for an Issue #636 2014-03-11 21:00:15 +01:00
Miroslav Stampar
f1f53a5841 Minor cosmetic update 2014-03-06 21:08:31 +01:00
Miroslav Stampar
490d51258e Raising number of minimum time responses (15 is statistically too low) 2014-03-03 20:49:58 +01:00
Miroslav Stampar
291a0d772a Update for an Issue #615 2014-02-27 14:23:14 +01:00
Miroslav Stampar
2ffdee5733 Bug fix for PAYLOAD.WHERE.REPLACE payloads containing custom injection marker ([ORIGVALUE] was screwed) 2014-02-26 11:41:48 +01:00
Miroslav Stampar
cc62a8adc9 Bug fix for JSON-like data (proper escaping of quotes) 2014-02-26 09:30:37 +01:00
Miroslav Stampar
6369a38ebc Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00
Miroslav Stampar
465f968be6 Minor cosmetic update 2014-02-26 08:41:23 +01:00
Miroslav Stampar
edc8ef9d5b Patch for an Issue #611 (original page used in case of tamper functions was wrong - e.g. if --tamper=base64encode was used) 2014-02-25 13:48:34 +01:00
Miroslav Stampar
2a423d61ef Raising number of requests for false positive testing in case of higher levels 2014-02-23 19:40:01 +01:00
Miroslav Stampar
d405fc1157 Minor update (for the consistency sake) 2014-02-16 22:04:12 +01:00
Miroslav Stampar
58eac364a2 Bug fix 2014-02-16 21:57:14 +01:00
Miroslav Stampar
dfa727cbc5 Fix for a same bug mentioned in last commit 2014-02-16 21:47:14 +01:00
Miroslav Stampar
43df4efd11 Bug fix (bad idea is to do os.path.join on web URLs - especially on Windows OS) 2014-02-16 21:44:57 +01:00
Miroslav Stampar
d05bfdd7dd Implementing option '--where' (Issue #605) 2014-02-11 16:20:45 +01:00
Bernardo Damele
be6767b3b0 minor fix for command execution via web shell 2014-02-10 09:59:57 +00:00
Miroslav Stampar
fe0ff6e679 Changing 'is injectable' to 'seems to be injectable' for boolean and time-based blind injection cases - for false positive cases 2014-02-09 17:50:16 +01:00
Miroslav Stampar
8521265526 Minor fix 2014-02-07 14:40:43 +01:00
Miroslav Stampar
534c2ee0e6 Minor update 2014-02-01 22:12:00 +01:00
Miroslav Stampar
0e44132778 Removing unused imports 2014-02-01 21:49:12 +01:00
Miroslav Stampar
f97fcb7bb3 Adding a switch --invalid-string 2014-01-23 21:56:06 +01:00
Miroslav Stampar
f88f6dcd7e Changing --invalid-bignum from float producing to int producing 2014-01-23 09:07:25 +01:00
Miroslav Stampar
fc02badf40 Minor update 2014-01-23 08:33:21 +01:00
Bernardo Damele
bc29bf6481 removed comments 2014-01-13 23:57:49 +00:00
Bernardo Damele
1505f1dc74 removed useless sink 2014-01-13 23:55:32 +00:00
Bernardo Damele
124ebefc7f code cleanup 2014-01-13 23:48:15 +00:00
Bernardo Damele
3c79d66569 fixed stderr 2014-01-13 17:34:38 +00:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Bernardo Damele
dfa9076a70 fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d) 2014-01-13 17:12:37 +00:00
Miroslav Stampar
6863436d4e Implementation for an Issue #596 2014-01-13 10:05:56 +01:00
Bernardo Damele
d9e00adfae minor fix 2014-01-10 17:23:16 +00:00
Miroslav Stampar
36f3ab5798 Minor bug fix (for cases when race between thread and main thread is causing server._running to not be set to True) 2014-01-09 15:46:55 +01:00
Miroslav Stampar
cb1f17cb04 Proper patch for an Issue #591 2014-01-02 12:15:56 +01:00
Miroslav Stampar
5437f8bf36 Fix for an Issue #85 2014-01-02 12:09:58 +01:00
Miroslav Stampar
4de83daf03 Minor style update 2014-01-02 11:06:19 +01:00
Miroslav Stampar
e0143e397a Consistency fix (down below we use direct SQL) 2014-01-02 10:59:53 +01:00
Miroslav Stampar
0b4fcb6845 Fix for an Issue #591 2014-01-02 10:55:40 +01:00
Miroslav Stampar
854a55166c Fix for an Issue #588 2014-01-02 10:29:10 +01:00
Miroslav Stampar
9b4b070ecf Minor cosmetics 2014-01-02 10:05:58 +01:00
Miroslav Stampar
192a911b76 Patch for an Issue #28 2013-12-29 16:16:50 +01:00
Miroslav Stampar
41d6c1af82 Patch for an Issue #589 2013-12-28 13:47:40 +01:00
Miroslav Stampar
6c80f2903b Patch for an Issue #564 2013-12-27 11:02:59 +01:00
Miroslav Stampar
cadbddd607 Adding a boundary proposed in Issue #564 2013-12-27 10:46:18 +01:00
Miroslav Stampar
7718edac9b Fix for an Issue #570 2013-12-27 09:40:33 +01:00
Miroslav Stampar
02de2aee6d Patch for an Issue #582 2013-12-26 22:27:04 +01:00
Miroslav Stampar
ab64d385d6 Bug fix (stacked queries as in PgSQL and MsSQL DNS tunneling queries MUST end with the comment - not the recognized underlying technique's suffix) 2013-12-25 22:18:57 +01:00
Miroslav Stampar
2c2667b2be Minor patch for an Issue #575 2013-12-18 00:56:24 +01:00
Miroslav Stampar
fd6dcd8bf5 Merge pull request #583 from mattoufoutu/api
RESTful API improvements
2013-12-17 14:10:19 -08:00
Miroslav Stampar
f18abb1e9c Minor update (proxy can be also a https one (e.g. Burp for HTTPS targets) 2013-12-17 09:30:51 +01:00
Miroslav Stampar
7d8eb148ce Patch for an Issue #565 (DuckDuckGo doesn't like identity encoding) 2013-12-17 09:30:04 +01:00
Miroslav Stampar
4819e19200 Patch for an Issue #584 2013-12-16 22:00:47 +01:00
Mathieu Deous
4c9456dd72 moar logging! 2013-12-15 16:59:47 +01:00
Mathieu Deous
438ad73016 avoid names shadowing 2013-12-15 09:22:01 +01:00
Mathieu Deous
eda9a3da67 all instance attributes should be defined in constructor 2013-12-15 09:16:38 +01:00
Mathieu Deous
3effaee2a1 avoid using global variables, use a "store" class 2013-12-15 00:19:58 +01:00
Mathieu Deous
c70f2a4e6d unused imports 2013-12-15 00:00:08 +01:00
Mathieu Deous
aa02019638 return file content in a json message when calling download endpoint 2013-12-14 16:33:17 +01:00
Mathieu Deous
c87ad1bab5 make returned values more coherent 2013-12-14 16:22:30 +01:00
Mathieu Deous
72137e85f9 do not reset options when firing a scan 2013-12-14 15:59:47 +01:00
Mathieu Deous
af7ad31182 fix commit method usage (belongs to connection, not cursor) 2013-12-14 15:58:09 +01:00
Mathieu Deous
c5a3f54b89 remove unused imports 2013-12-14 15:47:26 +01:00
Mathieu Deous
8a946509b9 PEP8 2013-12-14 15:44:10 +01:00
Miroslav Stampar
5b2ded0b18 Fix for an Issue #577 2013-12-13 21:00:26 +01:00
Miroslav Stampar
437278e32d Fix for an Issue #580 2013-12-13 19:48:05 +01:00
Mathieu Deous
c3dd6e1e32 api's get_option function doesn't lookup the right object 2013-12-08 17:46:02 +01:00
Miroslav Stampar
b0ca34ff27 Bug fix (payload character '=' was not being url-encoded in custom (user) post cases - when posthint was None) 2013-12-04 10:09:54 +01:00
Miroslav Stampar
bf3fbb0ae0 Ignore Google analytics cookies 2013-12-04 09:56:37 +01:00
Miroslav Stampar
dd2ddec79a Minor fix (better extraction of original value in case of replacement and custom POST injection mark) 2013-12-03 13:37:04 +01:00
Miroslav Stampar
59d667d94c Minor update 2013-12-01 22:25:12 +01:00
Miroslav Stampar
7054586e8a Update for an Issue #565 (more work TBD - DuckDuckGo has some kind of IP blocking mechanism) 2013-11-25 20:57:07 +01:00
Miroslav Stampar
cda27ec20b Patch for an Issue #563 2013-11-24 15:01:51 +01:00
Bernardo Damele
59b6791faa minor improvement 2013-11-19 00:24:47 +00:00
Bernardo Damele
c37ad88283 minor bug fix 2013-11-13 14:34:19 +00:00
Miroslav Stampar
3c67ba08c5 Minor fix 2013-11-12 14:53:05 +01:00
Miroslav Stampar
354aaeae5b Removing unused imports 2013-11-12 14:11:07 +01:00
Miroslav Stampar
d84ddf23bd Replacing os.sep constructs with os.path.join 2013-11-12 14:08:41 +01:00
Miroslav Stampar
2f1607b4d5 Minor fix for dumping non-alphanumeric database names 2013-11-12 13:13:47 +01:00
Miroslav Stampar
0a4512e9ae Implementation for an Issue #557 2013-11-08 09:23:38 +01:00
Miroslav Stampar
48bd2e75e9 Minor patch 2013-10-28 13:59:38 +01:00
Miroslav Stampar
7ed05f01b3 Minor update 2013-10-27 00:24:57 +02:00
Miroslav Stampar
fabbe63f00 Proper fix for re.sub() call with repl value containing backslash 2013-10-23 18:07:38 +02:00
Miroslav Stampar
28529a92a7 Minor fix (for parameters with \ in value) 2013-10-23 10:49:50 +02:00
Miroslav Stampar
9f21406a4b Using cPickle in BigArray (faster and potentially less memory used) 2013-10-21 20:48:00 +02:00
Miroslav Stampar
8dac47f7e5 Minor patch (for recognition of x-mac-turkish codec) 2013-10-21 20:04:48 +02:00
Miroslav Stampar
e197720def Fix for an Issue #546 2013-10-19 20:54:52 +02:00
Miroslav Stampar
777d999e71 Minor update 2013-10-18 15:39:46 +02:00
Miroslav Stampar
6ff2b931ff Another patch for an Issue #545 2013-10-17 23:42:51 +02:00
Miroslav Stampar
334c698d53 Adding change verbosity level in testing phase when Ctrl+C pressed 2013-10-17 16:54:53 +02:00
Miroslav Stampar
304c9822bd Patch for an Issue #545 2013-10-17 16:38:07 +02:00
Miroslav Stampar
5b8d631dc0 Minor update 2013-10-16 11:48:00 +02:00
Miroslav Stampar
04dbee3bec Update for a more generic JSON recognition regex 2013-10-16 11:39:04 +02:00
Moshe Kaplan
8cd641a2a6 minor typos corrected
"choosen" -> "chosen"
2013-10-15 13:26:24 -04:00
Miroslav Stampar
d7906e8f18 Minor fix 2013-10-15 09:49:27 +02:00
Miroslav Stampar
344d3f4b5f Minor patch 2013-10-12 21:05:18 +02:00
Miroslav Stampar
b8d49c2ea2 Minor usability patch 2013-10-12 20:41:25 +02:00
Miroslav Stampar
98d27ef200 Bug fix (missing permissions when creating dump directory) 2013-10-11 21:17:12 +02:00
Ben Buchacher
54a6c01005 Fix - Custom objects cannot be serialized in JSON
Custom objects cannot be serialized in JSON, convert tasks into list before serializing.
2013-10-10 16:06:29 -07:00
Miroslav Stampar
2dc570d7a8 Minor patch (for ORDER BY 'col' cases) 2013-10-10 23:08:20 +02:00
Miroslav Stampar
dd87233fe4 Minor patch (to accept * inside urls in request files too) 2013-10-10 15:04:48 +02:00
Miroslav Stampar
369006ca73 Bug fix 2013-10-07 12:54:25 +02:00
Miroslav Stampar
18d9e1dbc3 Minor update due to reported (debug) problems with SSLv23 2013-10-04 10:53:49 +02:00
Miroslav Stampar
a944028114 Revert of last commit 2013-10-02 22:14:50 +02:00
Miroslav Stampar
9ceb518a50 Minor patch 2013-10-02 22:03:53 +02:00
Miroslav Stampar
8e2f4669d8 Removing dependency for bz2 as there are some reported problems with the library on non-standard platforms 2013-10-02 20:32:18 +02:00
Miroslav Stampar
45c88b36c6 Fix for an Issue #532 2013-09-30 09:33:39 +02:00
Miroslav Stampar
2fbd7e8929 Minor fix 2013-09-24 21:56:40 +02:00
Miroslav Stampar
df9b1d72de Minor update 2013-09-24 21:44:59 +02:00
Miroslav Stampar
f11e15a180 Minor update 2013-09-11 23:22:10 +02:00
Miroslav Stampar
a3defc175d Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00
Miroslav Stampar
176f744ac6 Minor cosmetic update 2013-09-11 15:05:37 +02:00
Miroslav Stampar
696fb6530e Cosmetic fix (Kali shows ugly 'python ./sqlmap.py' in usage) 2013-09-11 14:57:38 +02:00
Miroslav Stampar
4cf49bc0cc Minor fix for an Issue #517 2013-09-05 09:22:11 +02:00
Miroslav Stampar
b17bb07301 Minor regex update 2013-09-04 19:28:59 +02:00
Miroslav Stampar
bf57f636a3 Fix for an Issue #517 2013-09-04 19:22:24 +02:00
Miroslav Stampar
81409ce6da Minor patch 2013-09-02 10:54:32 +02:00
Miroslav Stampar
dd39913cf6 Improvement for an --eval mechanism 2013-08-31 00:28:51 +02:00
Miroslav Stampar
3a57af1452 Minor fix 2013-08-30 15:26:03 +02:00
Miroslav Stampar
9e975210ac Implementation for an Issue #515 2013-08-30 10:22:43 +02:00
Miroslav Stampar
e0bfb0503c Minor language update 2013-08-30 09:55:57 +02:00
Miroslav Stampar
28eca2116f Fix for an Issue #513 2013-08-27 13:55:38 +02:00
Miroslav Stampar
7cb3ea20dd Minor patch for a problem noticed yesterday too (in some cases if Ctrl-C is pressed sent is most probably a None value) 2013-08-23 11:59:58 +02:00
Miroslav Stampar
88b992ad83 Fixing a bug noticed during the yesterday's AppSecEU presentation (--headers='user-agent:foobar*' was not working properly) 2013-08-23 11:54:08 +02:00
Miroslav Stampar
0cf2bdeb1c Minor language update 2013-08-22 11:11:30 +02:00
Miroslav Stampar
bc19f40d09 Minor update 2013-08-22 10:44:21 +02:00
Miroslav Stampar
23f2c5f166 Finishing implementation for an Issue #58 2013-08-20 19:35:49 +02:00
Miroslav Stampar
c586559e30 Patch for an Issue #510 2013-08-20 18:54:32 +02:00
Miroslav Stampar
6cc0cf3702 Minor comment update 2013-08-20 18:36:31 +02:00
Miroslav Stampar
1f2c8fbf59 Fix for an Issue #500 2013-08-13 20:40:36 +02:00
Miroslav Stampar
38ee95e2c9 Minor language update 2013-08-13 18:58:24 +02:00
Miroslav Stampar
52a71546d0 Implementation for an Issue #507 2013-08-13 18:55:23 +02:00
Miroslav Stampar
4929cff0c0 Minor update 2013-08-13 06:42:49 +02:00
bladeswords
6d756317c3 Remove debugging which prevents sqlmap from running smoothly 2013-08-13 13:58:45 +10:00
Miroslav Stampar
b2855e0281 Minor patch 2013-08-12 14:25:51 +02:00
Miroslav Stampar
a711c9ed36 Minor cleanup and initial work for #58 2013-08-09 14:13:48 +02:00
Miroslav Stampar
4beef0900d Minor language fix (we support SOCKS proxy settings too) 2013-08-09 13:58:42 +02:00
Miroslav Stampar
1088011bf0 Adding new binary file formats for excluding in crawling 2013-08-02 23:07:13 +02:00
Miroslav Stampar
32c1cb20f5 Fix for an Issue #497 2013-08-01 19:48:20 +02:00
Miroslav Stampar
953b5815d8 Implementation for an Issue #496 2013-07-31 21:15:03 +02:00
Miroslav Stampar
6b826ef64d Reintroducing option --cookie-del 2013-07-31 20:41:19 +02:00
Miroslav Stampar
ca44b23d20 Implementation for --eval to support cookies 2013-07-31 17:29:16 +02:00
Miroslav Stampar
eaacbe0b12 Minor language fix 2013-07-31 09:24:34 +02:00
Miroslav Stampar
941b2387c0 Minor fix 2013-07-31 09:22:45 +02:00
Miroslav Stampar
4f58e0af0c Minor fix 2013-07-31 08:45:04 +02:00
Miroslav Stampar
a585aa4bff Adding support for ~ 2013-07-29 20:42:29 +02:00
Miroslav Stampar
de31688c4f Update for an Issue #481 2013-07-29 18:25:27 +02:00
Miroslav Stampar
b921ff0729 Fix for an Issue #495 2013-07-27 11:20:43 +02:00
stamparm
dbb0d7f700 Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used) 2013-07-19 13:24:35 +02:00
stamparm
28cd50b2f1 Patch for an Issue #490 2013-07-16 14:08:32 +02:00
stamparm
e6f71c2130 Making 10% less requests in futile higher level/risk runs (using static template payloads for where==NEGATIVE) 2013-07-15 16:24:49 +02:00
stamparm
c9d3974205 Minor fix (templatePayload had duplicate string patterns for where==NEGATIVE) 2013-07-15 13:54:02 +02:00
stamparm
ac2d40e259 Revert of last commit (there is a chance that that big integer value is really valid :) 2013-07-15 13:34:38 +02:00
stamparm
a097ee1505 Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant) 2013-07-15 13:31:56 +02:00
Miroslav Stampar
f54082111d Better way how to deal with required extensions 2013-07-13 19:25:49 +02:00
Miroslav Stampar
3f6d4083a7 Minor language update 2013-07-13 17:19:16 +02:00
Miroslav Stampar
31efabfca1 Appropriate error messaging when one of core libraries are missing due to erroneous Python build 2013-07-13 16:07:36 +02:00
Miroslav Stampar
4d9f8ad0dd Commit related to the last one 2013-07-13 12:00:03 +02:00
stamparm
dc1623a40f Fix for a bug reported over ML (error: unbalanced parenthesis) 2013-07-11 10:20:58 +02:00
stamparm
01159575b2 Fix for an Issue #488 2013-07-11 10:11:43 +02:00
stamparm
1ae68b9bb3 Update for an Issue #405 (fix for usage of old 'complete' data from previous runs) 2013-07-10 17:18:09 +02:00
stamparm
f6c7b398fd Update for an Issue #405 (fix for persistent options problem) 2013-07-10 16:57:44 +02:00
stamparm
aad102378a Fix for an Issue #487 2013-07-09 11:00:43 +02:00
stamparm
be5ce760b6 Fix for an Issue #485 (failing back to single-thread mode if over some bisection length) 2013-07-09 10:24:48 +02:00
stamparm
d7c0805e7c Removing leftover 2013-07-08 12:45:02 +02:00
stamparm
a548eb5c70 Minor text update 2013-07-08 12:44:14 +02:00
stamparm
d0e79a4d15 Minor text update 2013-07-08 12:38:36 +02:00
stamparm
a530817727 Minor typo fix 2013-07-08 11:52:46 +02:00
stamparm
8d3435ab0b Removing reflective warning for parsing heuristic test 2013-07-08 11:48:33 +02:00
stamparm
db536427f0 Adding a question for storing hashes to a temporary file (after a mention of it on Twitter) 2013-07-04 15:34:00 +02:00
stamparm
f97b35dcc1 Patch for an Issue #475 2013-07-01 13:43:38 +02:00
stamparm
017ce22a2f Minor consistency patch (Issue #475) 2013-07-01 13:01:53 +02:00
stamparm
5ff09aff63 Some more adjustments (Issue #475) 2013-07-01 12:50:12 +02:00
stamparm
04046f38eb Minor update (Issue #475) 2013-07-01 12:26:57 +02:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651 Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
Miroslav Stampar
a1842f44f5 Fix for an Issue #477 2013-06-29 20:55:48 +02:00
stamparm
fd5b665f7d Removing arithmetic operations from false positive checking to minimize affect of character filtering ('>' and '=' have to stay because those are minimal requirements) 2013-06-26 10:55:34 +02:00
Meatballs
4595b2c287 decodeHexValue 2013-06-24 23:45:39 +01:00
Meatballs
09e1dc814d Fix concat 2013-06-24 23:20:34 +01:00
Meatballs
ed40a76c9d Fix dummy table 2013-06-24 23:18:47 +01:00
Meatballs
9212b05eeb Add call to execute statements 2013-06-24 15:01:44 +01:00
Meatballs
62000c6406 Remaining files 2013-06-24 14:42:58 +01:00
Meatballs
7b6cc3d183 Add hsql settings 2013-06-24 14:38:44 +01:00
Meatballs
20a5d9a16e Include HSQL dummy table 2013-06-24 14:37:42 +01:00
Miroslav Stampar
0355e29b7c Minor fix (NoneType has no attribute split) 2013-06-24 14:49:53 +02:00
Miroslav Stampar
95ed6b7203 Minor patch (Issue #470) 2013-06-24 14:37:45 +02:00
Miroslav Stampar
fca6772df6 Implementation for an Issue #468 2013-06-22 00:13:46 +02:00
Bernardo Damele
a72096a345 slightly more appropriate definition of output variable 2013-06-19 20:25:01 +01:00
Bernardo Damele
cae108d9fc careful at merging pull requests with TABs (#466) 2013-06-19 19:49:53 +01:00
stamparm
a53823f9b7 Minor refactoring 2013-06-19 10:59:26 +02:00
stamparm
690645f6c7 Cosmetic fix 2013-06-19 10:50:00 +02:00
stamparm
a7787e83b8 Minor fix for case-insensitive union duplicates 2013-06-18 12:52:36 +02:00
Miroslav Stampar
aff7092736 Merge pull request #466 from Meatballs1/xp_cmdshell_output
Unable to retrieve XP_Cmdshell Output
2013-06-18 00:47:08 -07:00
stamparm
9a6f5a95f5 Minor patch for SQLAlchemy/MSSQL 2013-06-18 09:36:09 +02:00
Meatballs
c5087399c1 Fix exception if init technique not available 2013-06-16 10:47:27 +01:00
Meatballs
2c98507f1e Add better error msg 2013-06-16 10:27:08 +01:00
Meatballs
caa326774c Fallback to blind 2013-06-16 10:22:20 +01:00
Miroslav Stampar
63d0e9bb12 Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881) 2013-06-13 21:50:35 +02:00
Miroslav Stampar
f185e5cdd5 Fix for an Issue #463 2013-06-10 22:26:34 +02:00
Miroslav Stampar
cdb434805a Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases 2013-06-10 22:14:45 +02:00
Miroslav Stampar
6f49b96a2d Fix for an Issue #462 2013-06-10 12:20:58 +02:00
Miroslav Stampar
3583f45ee7 Fix for an Issue #461 2013-06-10 11:44:56 +02:00
Miroslav Stampar
39612b5d87 Fix for an Issue #457 2013-06-04 23:46:39 +02:00
Miroslav Stampar
c1592e8508 Code refactoring (moving import ctypes to be used only when needed) 2013-06-04 22:23:44 +02:00
Miroslav Stampar
3e0f747fad Minor fix 2013-06-04 00:05:25 +02:00
Miroslav Stampar
213d0ecfb9 Minor fix 2013-06-03 23:32:57 +02:00
Miroslav Stampar
edc9da1226 Minor refactoring 2013-06-03 15:14:56 +02:00
Miroslav Stampar
351c70b390 Locale module screws string.letters, etc. in some cases (e.g. IDLE run) 2013-06-01 14:06:58 +02:00
Miroslav Stampar
b7989f93c5 Trivial update regarding last commit 2013-05-30 12:04:56 +02:00
Miroslav Stampar
ed8f16e754 Minor update on user's request 2013-05-30 12:01:13 +02:00
Miroslav Stampar
12870e6ff3 Minor fix 2013-05-30 11:42:27 +02:00
Miroslav Stampar
793a8ad349 Minor fix 2013-05-30 11:38:24 +02:00
stamparm
f4ca4cd6c5 Minor update 2013-05-29 15:49:09 +02:00
stamparm
c3038fcb65 Minor cosmetic update 2013-05-29 15:46:59 +02:00
stamparm
8fbf4b11d2 Trivial update regarding last commit 2013-05-29 15:45:13 +02:00
stamparm
dfd6ee20bb Patch for an Issue #454 2013-05-29 15:26:11 +02:00
stamparm
60df3e9d1e Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access) 2013-05-29 15:04:14 +02:00
stamparm
e28b056028 Dummy fix 2013-05-29 14:26:00 +02:00
stamparm
6b280d8da4 Putting 2 decimal places for debug messages with performed queries (e.g. to handle a problem with 0 seconds roundup) 2013-05-28 14:40:45 +02:00
stamparm
bc4e1dab19 Getting rid of those ugly warning messages 2013-05-28 11:24:56 +02:00
stamparm
659c0bb418 Minor fix 2013-05-27 10:38:47 +02:00
Miroslav Stampar
f3f752d85c Patch for an Issue #452 2013-05-25 18:52:59 +02:00
Miroslav Stampar
a85a0e53de Fix for an Issue 'ValueError: Invalid IPv6 URL' 2013-05-25 18:00:21 +02:00
Miroslav Stampar
e18796dbe1 Minor style update 2013-05-25 18:00:20 +02:00
Miroslav Stampar
e7ddc2fcab Minor fix 2013-05-23 12:57:33 +04:00
Miroslav Stampar
eb8e12b7c2 Minor adjustment (for headers like 'name:http://asdas') 2013-05-23 11:29:43 +04:00
stamparm
1b3f1a4016 More appropriate naming (also, preventing ambiguities with --smart) 2013-05-22 23:21:43 +04:00
stamparm
4b2cf07262 Minor style update 2013-05-20 16:15:35 +02:00
Miroslav Stampar
1a4ea186ca Consistency fix 2013-05-19 23:00:40 +02:00
Miroslav Stampar
d3ad408a21 Minor cosmetics 2013-05-19 22:17:53 +02:00
Miroslav Stampar
4f49dad2ba Minor cosmetics 2013-05-19 01:19:54 +02:00
Miroslav Stampar
6cfcc1af63 Minor cosmetic 2013-05-19 01:17:22 +02:00
Miroslav Stampar
ea5c742595 Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled) 2013-05-18 21:30:21 +02:00
Miroslav Stampar
980a0e3adb Trivial update 2013-05-18 21:00:53 +02:00
Miroslav Stampar
1ff98c2ff9 Another minor text update 2013-05-18 21:00:11 +02:00
Miroslav Stampar
967513e1bb Minor message update 2013-05-18 20:59:23 +02:00
Miroslav Stampar
caa4ee96cd Minor cosmetic update 2013-05-18 18:28:44 +02:00
Miroslav Stampar
6608410320 Adding a question after WAF has been identified 2013-05-18 18:26:40 +02:00
Miroslav Stampar
b2b3b3b5a6 Minor bug fix (level names not properly used in non-logger output) 2013-05-18 16:44:21 +02:00
Miroslav Stampar
f24c8c6b6b Changing logging type to warning for parsed error messages 2013-05-18 16:17:56 +02:00
Miroslav Stampar
dcea745576 Minor update (not displaying safe enclosings in table dumps) 2013-05-18 16:13:34 +02:00
Miroslav Stampar
e528ea8208 Minor language fix 2013-05-18 16:02:34 +02:00
stamparm
03732d2592 Minor fix 2013-05-17 16:04:05 +02:00
stamparm
b26ecfe087 Patch for an Issue #449 2013-05-17 15:14:51 +02:00
stamparm
76b4e1ccb9 Implementation for an Issue #450 2013-05-17 15:04:25 +02:00
stamparm
7ba9e75c97 Minor update related to the last commit 2013-05-16 15:23:20 +02:00
stamparm
7ea8dd9428 MySQL is specific (types are automatically being converted without any warning/error) 2013-05-16 15:12:36 +02:00
stamparm
f1f34a65a2 Minor update 2013-05-15 13:38:26 +02:00
stamparm
41f0e91662 Minor update (related to last commit) 2013-05-13 14:50:03 +02:00
stamparm
cb9ea67c8d Code refactoring (moving progress.py to lib/utils) 2013-05-13 14:48:39 +02:00
stamparm
936815128d Minor fix 2013-05-13 13:42:43 +02:00
Miroslav Stampar
034e123b0c Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent) 2013-05-12 16:24:13 +02:00
Miroslav Stampar
6676eaf88f Minor fix 2013-05-12 14:02:50 +02:00
Miroslav Stampar
f8cef1fc6f Minor fix for a test case 211 2013-05-09 21:20:17 +02:00
stamparm
8b64709c17 Completing implementation for an Issue #189 (union) 2013-05-09 16:36:03 +02:00
stamparm
3873805dab Partial implementation for an Issue #189 (error-based; still partial union left) 2013-05-09 16:23:57 +02:00
stamparm
9fe5a8832f Update for an Issue #189 (code refactoring of ProgressBar so it could be ready for usage in non-inference cases out of box) 2013-05-09 15:52:18 +02:00
stamparm
fc57b7565d Implementation for an Issue #432 2013-05-09 14:26:29 +02:00
stamparm
03be419d5d Fix for an Issue #447 2013-05-07 13:25:30 +02:00
stamparm
2bfdac5ebc Minor update for crawler 2013-04-30 18:32:46 +02:00
stamparm
887109a12d Minor bug fix (for not displaying heuristic detected page charset None) 2013-04-30 18:16:32 +02:00
stamparm
ebe8ee3500 Fix for crawler and redirection case 2013-04-30 18:08:26 +02:00
stamparm
09e7f4f697 Minor bug fix regarding traffic logging of redirected requests 2013-04-30 17:46:26 +02:00
stamparm
3c110b3620 Minor bug fix 2013-04-30 16:40:16 +02:00
stamparm
bdb9219e9b Minor revert 2013-04-30 14:41:38 +02:00
stamparm
d2a5548889 Some more reordering 2013-04-30 14:32:11 +02:00
stamparm
16866119b8 Another minor update 2013-04-30 14:11:56 +02:00
stamparm
08fbfda5d2 Minor update 2013-04-30 14:06:04 +02:00
stamparm
69e3a2cb9e Minor update 2013-04-30 14:06:04 +02:00
stamparm
03c4eb8338 Minor update 2013-04-30 14:06:04 +02:00
stamparm
214d9aaf4b Language fix 2013-04-30 14:06:04 +02:00
stamparm
3266c6c1f1 Language fix 2013-04-30 14:06:04 +02:00
Bernardo Damele
9f1e644f23 language fixes 2013-04-30 11:44:47 +01:00
stamparm
46557198a5 Minor update of doc root names 2013-04-29 11:29:59 +02:00
stamparm
1035ee9c3d Patch for an Issue #442 2013-04-26 14:49:24 +02:00
Miroslav Stampar
beab72a180 Minor language update 2013-04-25 19:55:45 +02:00
stamparm
63d7707346 Adding support for appending to the existing table dump if --start/--stop is used 2013-04-24 16:08:40 +02:00
stamparm
e3a02f56e6 Just in case for --force-ssl (if url is returned in e.g. refresh toward the target) 2013-04-24 12:35:39 +02:00
stamparm
42a73d8e0b Minor language update 2013-04-24 12:10:06 +02:00
stamparm
8d382f00e8 Minor style update 2013-04-22 11:38:47 +02:00
Miroslav Stampar
a475116853 Minor check 2013-04-21 21:42:23 +02:00
stamparm
0d92145fc6 Minor bug fix 2013-04-19 15:40:25 +02:00
stamparm
0cb3ce5765 Bug fix (maybe it will have repercusions in future as this was a silent bug) 2013-04-19 10:10:06 +02:00
stamparm
b7d4afcc63 Moving '--pivot-column' to a General section (Issue #437) 2013-04-18 17:12:32 +02:00
stamparm
9d045e14e8 Implementation for an Issue #437 2013-04-18 17:06:45 +02:00
stamparm
2defc30dc6 From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML) 2013-04-17 11:12:15 +02:00
stamparm
feed2274c3 Patch for an Issue #435 2013-04-17 10:48:17 +02:00
stamparm
c73489aff3 Adding a couple of new option validation checks 2013-04-16 14:31:10 +02:00
stamparm
7204ec5616 Adding a basic validation check (-d with --url) 2013-04-16 14:23:27 +02:00
stamparm
6fed1921ed Bug fix (there are cases when provided kwargs containing explicit None values while we want to use the alternative in those kind of cases; there was an intention in original code, while the implementation was buggy) 2013-04-16 14:17:41 +02:00
Miroslav Stampar
840ee26a14 If SQLAlchemy is available and it has problems while connecting then it should be smarter to not force the other (standard) method - if available 2013-04-15 18:42:26 +02:00
stamparm
de99717b00 Disable sqlalchemy warnings if applicable 2013-04-15 16:29:08 +02:00
stamparm
1c2197e8de Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends) 2013-04-15 16:18:40 +02:00
stamparm
6ab2e8eca4 Trivial style update 2013-04-15 16:09:04 +02:00
stamparm
a3d36fcb73 Minor update 2013-04-15 16:07:27 +02:00
stamparm
140cffbde2 Patch for an Issue #434 2013-04-15 15:57:28 +02:00
stamparm
9ccbdb3fdf Added a check for an Issue #361 2013-04-15 15:36:10 +02:00
stamparm
1c47b33020 Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple) 2013-04-15 15:23:45 +02:00
stamparm
f936746423 Code restyling 2013-04-15 14:31:27 +02:00
stamparm
aed738d6e6 Update for an Issue #361 2013-04-15 14:20:21 +02:00
stamparm
a9a0d1a3f9 Minor update 2013-04-15 11:56:19 +02:00
stamparm
10fbeaed7b Code refactoring 2013-04-15 11:49:11 +02:00
stamparm
349f885f08 Minor patch 2013-04-15 11:41:53 +02:00
stamparm
8853e43616 Applying patch from Brandon Perry via ML 2013-04-15 11:01:07 +02:00
stamparm
3e65037a05 Introducing lib/utils/sqlalchemy.py (Issue #361) 2013-04-15 10:33:25 +02:00
Miroslav Stampar
b6fee638ef Neutralizing time of cookie expiration (in case of --load-cookies) 2013-04-14 01:13:08 +02:00
Miroslav Stampar
ed5599f489 In case that cookie file is given and cookie header inside request file clashes with one of contained cookies, give cookie file greater priority 2013-04-12 19:20:33 +02:00
stamparm
7edd7ee2aa Trivial code change 2013-04-12 16:25:24 +02:00
Miroslav Stampar
73917fc9c8 Minor update (same, but safer) 2013-04-11 21:25:44 +02:00
Miroslav Stampar
0b449bb1d9 Fix for an Issue #433 2013-04-10 19:33:31 +02:00
stamparm
f67148a9a4 Update for an Issue #431 2013-04-10 16:43:57 +02:00
stamparm
661b44135d Minor bug fix 2013-04-10 11:59:07 +02:00
stamparm
8c9da95343 Style and consistency update (url -> URL) 2013-04-09 11:48:42 +02:00
stamparm
3948b527dd Update for an Issue #429 2013-04-09 11:36:33 +02:00
stamparm
91054099aa Minor style update 2013-04-09 10:42:58 +02:00
stamparm
cce541cc33 Patch for an Issue #429 2013-04-09 10:39:20 +02:00
stamparm
33e9b3c451 Minor style update 2013-04-09 10:39:20 +02:00
Miroslav Stampar
7614c815ed Minor update/patch 2013-04-07 21:32:03 +02:00
Miroslav Stampar
240e9f3f7e Minor patch 2013-04-07 11:02:43 +02:00
Miroslav Stampar
50ac3aab7a Minor patch 2013-04-06 01:56:24 +02:00
stamparm
a75d3ed0b8 Minor style update 2013-04-06 01:56:23 +02:00
Miroslav Stampar
df4fd82515 Minor update 2013-04-03 23:27:27 +02:00
Miroslav Stampar
c75a2d0c40 Minor patch 2013-04-03 21:31:37 +02:00
Miroslav Stampar
153aa10b77 Minor cosmetic update 2013-04-03 19:00:54 +02:00
Miroslav Stampar
f387333415 Minor cosmetics 2013-04-02 17:34:56 +02:00
Miroslav Stampar
4b5335a323 Moving --force-ssl from [Request] to [General] options 2013-04-02 17:18:21 +02:00
Miroslav Stampar
76a0d20799 Minor patch 2013-04-01 22:18:41 +02:00
Miroslav Stampar
b67f342975 Minor patch 2013-04-01 17:32:16 +02:00
stamparm
a371f182ac Minor patch (previous combination is not working well with oriental characters - 0 length normalized unicode string is being returned) 2013-03-28 15:37:14 +01:00
stamparm
e1ffdde532 Little cleaning a mess with url encoding and post hint types 2013-03-27 13:39:27 +01:00
Miroslav Stampar
c19a283434 Minor patch 2013-03-26 20:06:50 +01:00
stamparm
7accba4cf9 Minor update 2013-03-26 16:10:41 +01:00
stamparm
0882fe0ce3 Minor update related to the last two 2013-03-26 16:04:56 +01:00
stamparm
eb1bfc20cb Update related to the last commit 2013-03-26 15:36:44 +01:00
stamparm
2fe6aea0eb Minor fix 2013-03-26 15:07:14 +01:00
stamparm
825aa4b8dd Minor language update 2013-03-26 14:27:51 +01:00
stamparm
5dd2529b02 Minor language update 2013-03-26 14:18:37 +01:00
stamparm
4d2b77dde3 Minor language update 2013-03-26 14:15:40 +01:00
stamparm
473a39b820 Minor language fix 2013-03-26 14:11:17 +01:00
stamparm
3f8dafedae Minor text update 2013-03-26 14:08:35 +01:00
stamparm
ad039c335d Implementation for an Issue #423 2013-03-21 11:28:44 +01:00
stamparm
3740a97cc9 Adding a --version switch like all command line programs have 2013-03-20 11:44:09 +01:00
stamparm
7447773237 Update for consistency (all other enums are using _ in between words) 2013-03-20 11:10:24 +01:00
stamparm
ae6ce7db30 Removal of unused imports 2013-03-20 10:44:15 +01:00
Miroslav Stampar
8acf033715 Code refactoring 2013-03-19 19:24:14 +01:00
Miroslav Stampar
a3d9a7b1ff Minor fix 2013-03-19 19:06:51 +01:00
stamparm
d1ae62b22b Patch for an Issue #422 2013-03-19 12:27:49 +01:00
stamparm
6969874c02 Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values) 2013-03-19 10:52:37 +01:00
stamparm
10e6c70c22 Trivial style update (undoing last dummy commit) 2013-03-19 10:43:29 +01:00
stamparm
70265fd3b5 Trivial style update 2013-03-19 10:43:03 +01:00
stamparm
5adac57ca9 Trivial style update 2013-03-19 10:42:50 +01:00
stamparm
558ef0aaff Minor fix 2013-03-19 10:42:20 +01:00
stamparm
e226006766 Trivial fix 2013-03-18 13:29:55 +01:00
stamparm
5e02bcbd58 Minor adjustment 2013-03-18 12:16:16 +01:00
stamparm
7111cdabe3 Minor cosmetics 2013-03-18 11:41:15 +01:00
Miroslav Stampar
5df1f5528e More general update for an Issue #421 2013-03-15 22:49:09 +01:00
Miroslav Stampar
f0a419bdec Patch for an Issue #421 2013-03-15 22:08:15 +01:00
Miroslav Stampar
596cf95040 Minor fix 2013-03-15 17:22:33 +01:00
Miroslav Stampar
ff4e62ff90 Minor cosmetics 2013-03-15 17:00:01 +01:00
Miroslav Stampar
4010df307e Trivial cosmetics 2013-03-15 16:37:52 +01:00
Miroslav Stampar
4cb378ce3e Another update for an Issue #352 and couple of fixes 2013-03-13 21:57:09 +01:00
Miroslav Stampar
b35122a42c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-03-13 19:52:17 +01:00
Miroslav Stampar
eb08c8d752 Another update for an Issue #352 2013-03-13 19:42:22 +01:00
Bernardo Damele
dea62189b2 fixes #420 2013-03-12 22:16:42 +00:00
Miroslav Stampar
2f43c3eb9b Minor fix (digest live test case) and some refactoring 2013-03-12 21:16:44 +01:00
Miroslav Stampar
65306f1ac1 Update for an Issue #352 2013-03-12 20:10:32 +01:00
Miroslav Stampar
db0a1e58b9 Update for an Issue #352 2013-03-11 14:58:05 +01:00
Miroslav Stampar
d6fc10092f Minor refactoring 2013-03-11 13:31:50 +01:00
Miroslav Stampar
84a5bdb9cf Trivial cosmetics 2013-03-09 19:41:24 +01:00
Miroslav Stampar
79d6a0e9c9 Using binary data in dummy mode 2013-03-09 19:40:24 +01:00
Miroslav Stampar
1e731f87a4 Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request) 2013-03-09 19:33:04 +01:00
Miroslav Stampar
8e6692d793 Minor fix (for JSON values with :) 2013-03-05 20:12:24 +01:00
Miroslav Stampar
e9b86350f1 Patch for an Issue #403 2013-03-05 18:32:31 +01:00
Miroslav Stampar
62980d7d5a Automatically decoding url encoded data in response 2013-03-05 17:32:10 +01:00
Miroslav Stampar
9e49d8c68f Adding support for SHA2 hash functions 2013-03-05 11:04:46 +01:00
Miroslav Stampar
2ada9e9b84 Patch for an Issue Issue #416 2013-03-04 18:05:40 +01:00
Miroslav Stampar
084cfc797a Fix for an Issue #415 2013-03-02 09:55:12 +01:00
Martin Bjerregaard Jepsen
d7a77c79ad Fixed incorrect call to checkBooleanExpression when testing for false positives 2013-03-01 22:51:34 +01:00
stamparm
3a3f9c5ea1 Trivial commit related to the last one 2013-03-01 12:09:03 +01:00
stamparm
55f33da85a Fix for invalid logical test cases 2013-03-01 12:04:49 +01:00
stamparm
440b484bf6 Minor update (one more just in case dummy request in false positive check for time-based injections - when DBMS could be unresponsive a bit due to previous heavy-queries) 2013-03-01 10:59:04 +01:00
Miroslav Stampar
e42350ddce Minor style update 2013-02-28 20:28:34 +01:00
Miroslav Stampar
0e89cc62a2 Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections 2013-02-28 20:20:08 +01:00
stamparm
9ef79df23d Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched) 2013-02-28 13:51:08 +01:00
stamparm
be50192d8d Refactoring WAF scripts 2013-02-26 15:54:50 +01:00
stamparm
e5835dc74f Update for WAF scripts 2013-02-26 15:30:11 +01:00
stamparm
17fa0f568c Minor patch for an Issue #404 2013-02-26 12:55:09 +01:00
stamparm
ecbcd4afe6 Minor update 2013-02-26 12:55:09 +01:00
stamparm
af4762ace2 Minor style update 2013-02-26 11:16:09 +01:00
stamparm
f6b43b4b13 Minor update for an Issue #290 2013-02-26 11:08:06 +01:00
stamparm
e5e39bc682 Fix for an Issue #410 2013-02-25 11:07:30 +01:00
stamparm
6fbd902265 Minor refactoring (Issue #411) 2013-02-25 10:44:04 +01:00
stamparm
7127869ede Minor bug fix (live test specific verbosity should be valid only inside of it) 2013-02-22 17:26:48 +01:00
stamparm
68ce51bfd4 Changing from warn to info for no WAF found 2013-02-22 12:15:38 +01:00
stamparm
ad471368f5 Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a 2013-02-22 11:42:09 +01:00
stamparm
0bbbfc2eac Adding a small warning message (related to the Issue #407) 2013-02-22 11:12:41 +01:00
stamparm
42cbd94fa4 Better update regarding 6acb2480b8 2013-02-22 10:49:45 +01:00
stamparm
44a46d2b10 Fix for an Issue #409 2013-02-22 10:18:22 +01:00
Miroslav Stampar
6acb2480b8 Adding WAF script for SecureIIS 2013-02-21 21:34:26 +01:00
Miroslav Stampar
229e4e167b Minor cosmetics 2013-02-21 21:06:31 +01:00
stamparm
3a8c0cd3a2 Minor style update 2013-02-21 14:52:56 +01:00
stamparm
29ba43ee6c Unhidding switch '--identify-waf' (Issue #290) 2013-02-21 14:48:19 +01:00
stamparm
08f0670aca Minor refactoring for an Issue #290 2013-02-21 14:39:22 +01:00
stamparm
8e49872d7c Finalizing implementation for an Issue #290 2013-02-21 14:33:12 +01:00
stamparm
6b2981ef4e Update for an Issue #290 (adding tamper-like scripts into (new) directory waf) 2013-02-21 11:14:57 +01:00
stamparm
69063947b6 Debug message should go with logging.DEBUG 2013-02-19 09:46:51 +01:00
Bernardo Damele
d7247a51ee do not prompt constantly if the page is not found 2013-02-18 18:08:20 +00:00
Miroslav Stampar
7f293afe74 Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b) 2013-02-18 15:18:53 +01:00
Miroslav Stampar
5c099efccc Fix for an Issue #401 2013-02-18 11:38:18 +01:00
Miroslav Stampar
9b5f33560b Oracle is too specific (only column names can be enclosed) - removing it 2013-02-15 17:36:58 +01:00
Miroslav Stampar
bf82506c1b Oracle can't enclose table names with double quotations 2013-02-15 17:36:58 +01:00
Miroslav Stampar
1b3d749488 Proper fix related to the last commit/revert 2013-02-15 17:36:58 +01:00
Miroslav Stampar
5a793cbc7c Minor revert 2013-02-15 17:36:58 +01:00
Miroslav Stampar
799bd51c2e Minor fix when two readInput/dataToStdout are called one at a time 2013-02-15 17:36:58 +01:00
Miroslav Stampar
97c06854a4 Minor fixes 2013-02-15 17:36:58 +01:00
Bernardo Damele
0e7f771be6 minor adjustment 2013-02-15 16:28:09 +00:00
Bernardo Damele
35aa785870 bug fix to make --predict-output work also with time-based technique 2013-02-15 16:25:33 +00:00
Miroslav Stampar
014e4e0055 Minor represenation fix 2013-02-15 14:48:24 +01:00
Bernardo Damele
63ddeb9008 unnecessary variable 2013-02-15 13:26:28 +00:00
Miroslav Stampar
345d10a9e0 Consistency fix (everywhere else we show unsafe format of identificator names) 2013-02-15 14:05:14 +01:00
Bernardo Damele
b472d9809a another consistency fix to readInput() 2013-02-15 09:35:09 +00:00
Bernardo Damele
32c8c67888 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-15 09:29:41 +00:00
Bernardo Damele
20c5f9a030 consistency fix 2013-02-15 09:29:36 +00:00
Miroslav Stampar
11bcf28d86 Fix for an Issue #399 2013-02-15 10:04:13 +01:00
Bernardo Damele
87db5d0dab minor bug fix to avoid duplicates - #297 2013-02-15 00:53:05 +00:00
Bernardo Damele
c3f1e196e1 added missing parameter 2013-02-15 00:43:46 +00:00
Bernardo Damele
4727589135 code consistency 2013-02-15 00:17:13 +00:00
Miroslav Stampar
515be4ee0b Minor just in case commit related to the last one 2013-02-14 19:58:10 +01:00
Miroslav Stampar
fef60b73f4 Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases 2013-02-14 19:53:26 +01:00
Bernardo Damele
0c79d7b1e2 unnecessary import 2013-02-14 18:33:47 +00:00
Bernardo Damele
614ff6029d working on #396 - handle the case when we dont have a web backdoor/file stager for the language API, added a few more log messages to give further information about what is going on, minor bug fix to docRoot 2013-02-14 18:31:14 +00:00
Bernardo Damele
3b38b20176 working on #396 - adaptation for the verification phase 2013-02-14 18:29:55 +00:00
Bernardo Damele
261db6ed4f working on #396 - verify shellcodeexec executable has been properly uploaded 2013-02-14 18:29:35 +00:00
Bernardo Damele
4d5ecc3b03 working on #396 - verify icmpsh executable has been properly uploaded 2013-02-14 18:28:48 +00:00
Bernardo Damele
66cee83ca4 if needed, allow to reinitialize the environment for takeover - issue #396 2013-02-14 17:39:19 +00:00
Bernardo Damele
d91530f885 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-14 17:16:55 +00:00
Bernardo Damele
52264f544e minor fix for Windows file paths, do not strip the windows drive letter 2013-02-14 17:16:49 +00:00
Miroslav Stampar
fdf00e4842 Fix for an Issue #397 2013-02-14 17:14:36 +01:00
Miroslav Stampar
368a2fd297 Fix for an Issue #393 2013-02-14 16:18:16 +01:00
Miroslav Stampar
f97f575018 Trivial restyling 2013-02-14 15:41:27 +01:00
Miroslav Stampar
605c5b089e Minor style update 2013-02-14 15:38:44 +01:00
Miroslav Stampar
06d8547916 Implementation for an Issue #394 2013-02-14 15:38:44 +01:00
Miroslav Stampar
7944684ff2 This was supposed to be a separate commit (going to commit it in next one) 2013-02-14 15:38:44 +01:00
Miroslav Stampar
6c0054bc5f Putting that ugly parameter xyz is not inside the Cookie into the debug messages 2013-02-14 15:38:44 +01:00
Bernardo Damele
d42d28392a avoid tracebacks because the parameter does not exist 2013-02-14 13:18:33 +00:00
Bernardo Damele
646df37884 minor bug fix for --reg-read 2013-02-14 13:17:30 +00:00
Miroslav Stampar
c72353321d Minor update for an Issue #392 2013-02-14 13:36:33 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
2267dd8f47 working on #392 to fix --os-cmd and --os-shell output parsing 2013-02-14 11:31:20 +00:00
Bernardo Damele
cb6d549e57 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-14 11:25:12 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Miroslav Stampar
efe1bf0ded Minor fix (for those multiline cases like in MsSQL) 2013-02-14 12:20:40 +01:00
Miroslav Stampar
6629233de5 Minor update 2013-02-14 10:18:40 +01:00
Miroslav Stampar
a0b44da5d8 Minor fix for --threads>1 --binary-fields 2013-02-13 20:47:27 +01:00
Miroslav Stampar
0a4605644e Minor fix for previous commit 2013-02-13 16:31:03 +01:00
Miroslav Stampar
2b121c938b Minor fix 2013-02-13 16:24:21 +01:00
Miroslav Stampar
9b231f87d6 Minor bug fix (regarding Issue #379) - in case that two processes enter the same proc_count decrementing line sqlmap would halt 2013-02-13 15:31:50 +01:00
Miroslav Stampar
8138d1318e Minor fix 2013-02-13 15:10:49 +01:00
Miroslav Stampar
c6d29e093e Fixing issue with newlines after the data in -r mode 2013-02-13 12:36:01 +01:00
Miroslav Stampar
965fa04a33 Trivial update 2013-02-13 12:28:51 +01:00
Miroslav Stampar
d78a3e977b Update (allowing regular char * to be inside SOAP/JSON/XML) 2013-02-13 12:24:42 +01:00
Miroslav Stampar
6314d64a70 Renaming --binary to --binary-fields 2013-02-13 11:27:03 +01:00
Miroslav Stampar
dd6f50a00e Removing unused imports 2013-02-13 11:15:24 +01:00
Miroslav Stampar
7c802ed8cc Minor fix 2013-02-13 11:14:45 +01:00
Miroslav Stampar
dc41484b3f Refactoring of funcionality for finding out if stacking is available 2013-02-13 09:57:16 +01:00
Miroslav Stampar
8b4f72322a Adding (for now hidden) option --binary (works like -C but deliberately retrieves data in hex format and displays in hex format) 2013-02-13 09:56:44 +01:00
Miroslav Stampar
1d42aba01e Minor update regarding 093a93938c (for goStacked to work properly with stacked conditional payloads - e.g. proper suffix/prefix) 2013-02-12 17:35:14 +01:00
Miroslav Stampar
c34f6e25b2 Minor fix for --eval (urldecoded values should be used inside evaluation) 2013-02-12 17:01:47 +01:00
Miroslav Stampar
6a98d375b1 More general except 2013-02-12 14:39:21 +01:00
Miroslav Stampar
212e92ea01 Minor update regarding --load-cookies (warning about expired ones) 2013-02-12 14:29:56 +01:00
Miroslav Stampar
c67b39d14d Update for a last update 2013-02-12 12:58:15 +01:00
Miroslav Stampar
72984a578d Update for --load-cookies 2013-02-12 12:42:12 +01:00
Miroslav Stampar
c2672e78fc Support for multiple injection marks inside the same header value (Issue #48) 2013-02-12 12:06:13 +01:00
Miroslav Stampar
c75560ba69 Minor bug fix (getting ? in < 0xf char cases) 2013-02-11 21:16:35 +01:00
Miroslav Stampar
7c06a937e5 Minor refactoring 2013-02-09 20:21:17 +01:00
Bernardo Damele
f970b4f240 minor adjustment fixing the regression test stall 2013-02-09 12:19:21 +00:00
Bernardo Damele
e48181e28d another attempt to fix the stall during regression test 2013-02-09 12:16:56 +00:00
Bernardo Damele
138a846cf1 possible fix for regression test stall 2013-02-09 10:50:06 +00:00
Bernardo Damele
1596b9ed59 revert 2013-02-08 16:43:49 +00:00
Bernardo Damele
98864e425f minor "fix" 2013-02-08 16:30:34 +00:00
Bernardo Damele
8b510c55fb minor code cleanup 2013-02-08 16:29:16 +00:00
Miroslav Stampar
5aaf7f1aa6 BUG fix 2013-02-08 16:44:30 +01:00
Miroslav Stampar
c0e59d94a9 Better naming 2013-02-08 16:28:58 +01:00
Miroslav Stampar
cdfe43560b Update for an Issue #207 (and a potential patch for regression tests) 2013-02-08 16:20:48 +01:00
Miroslav Stampar
ee1017a5a7 Minor fix 2013-02-08 13:46:39 +01:00
Bernardo Damele
d015bf98fc renamed variable to avoid confusion 2013-02-07 14:19:07 +00:00
Bernardo Damele
07fe6d44fb unnecessary condition here 2013-02-07 14:18:52 +00:00
Bernardo Damele
b477c56b52 first steps to allow multiple scans on the same taskid - issue #297 2013-02-07 00:05:26 +00:00
Bernardo Damele
dd6c73ea24 fixed --passwords output for API - #297 2013-02-06 21:45:51 +00:00
Bernardo Damele
21afba9571 got the partial output finally properly replaced by complete output in IPC database - #297 2013-02-06 21:32:26 +00:00
Bernardo Damele
5c8335876f minor bug fix to make --disable-coloring work on log messages too 2013-02-06 21:04:54 +00:00
Bernardo Damele
2fa2f30d21 slighlty better, still not optimal 2013-02-06 17:45:52 +00:00
Bernardo Damele
477c66ac4b minor refactoring and trivial bug fix 2013-02-06 17:45:25 +00:00
Bernardo Damele
e439c3d3f5 minor refactoring - #297 2013-02-06 17:09:43 +00:00
Bernardo Damele
b272b0574d minor fix to reset partRun value - #297 2013-02-06 17:09:28 +00:00
Miroslav Stampar
060eac110a Cleaner version checking 2013-02-06 10:28:17 +01:00
Miroslav Stampar
b1f31103f9 Removing that ugly disk I/O error in live testing mode 2013-02-05 17:04:42 +01:00
Miroslav Stampar
934808f53b Fix for an Issue #379 2013-02-05 16:13:45 +01:00
Bernardo Damele
e03010f48b got rid of unnecessary output for API - #297 2013-02-05 15:00:06 +00:00
Bernardo Damele
4428ad5345 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-05 14:43:14 +00:00
Bernardo Damele
f7d826fee1 first case where partial output is retrievable via RESTful API - issue #297 2013-02-05 14:43:03 +00:00
Miroslav Stampar
01219219fc Minor bug fix (for --first/--last through problematic DBMSes) 2013-02-05 15:03:55 +01:00
Miroslav Stampar
31daefc7c9 Minor fix (skipping one uneccesary request in single-threaded --first/--last mode) 2013-02-05 13:51:35 +01:00
Miroslav Stampar
62772125e3 Bug fix for HTTPSCertAuthHandler 2013-02-05 12:16:06 +01:00
Miroslav Stampar
e836629215 Bug fixes for search (safeStringFormat should not replace all if given scalar values) 2013-02-05 11:37:49 +01:00
Miroslav Stampar
1618086027 Minor fix 2013-02-05 10:58:02 +01:00
Miroslav Stampar
9296bdd959 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-05 10:27:43 +01:00
Miroslav Stampar
4faa5f0f49 Fix for stalling in retrieving international letters (--technique=B) 2013-02-05 10:27:31 +01:00
Bernardo Damele
9d04ae5db5 minor improvement to temporary folder name 2013-02-05 09:11:38 +00:00
Miroslav Stampar
44579120b5 Cosmetics 2013-02-05 10:02:11 +01:00
Miroslav Stampar
74e82b2b53 Removing redundant check 2013-02-04 20:42:28 +01:00
Miroslav Stampar
cf8e5d535d Minor cleanup 2013-02-04 20:15:44 +01:00
Miroslav Stampar
c5ae967fe0 Potential fix for an Issue #379 2013-02-04 17:43:58 +01:00
Miroslav Stampar
6cab3d4759 Minor update 2013-02-04 16:46:08 +01:00
Miroslav Stampar
4f2981f163 Minor fix 2013-02-04 16:37:54 +01:00
Miroslav Stampar
f4b8a3c1d8 Bug fix for boolean (multithreaded Ctrl+C) resumed values 2013-02-04 15:49:29 +01:00
Miroslav Stampar
5e4e863986 Bug fix (introduced with f1ab887c55) 2013-02-04 15:31:28 +01:00
Miroslav Stampar
235153ab39 Removal of unused imports 2013-02-04 15:29:13 +01:00
Miroslav Stampar
7e1ff1bb8e Same refactoring as the last commit 2013-02-04 15:26:44 +01:00
Bernardo Damele
9370f96a67 step by step getting there to partial output presentation to restful API (issue #297), not quite yet though.. 2013-02-03 22:09:33 +00:00
Bernardo Damele
b55555e4e5 minor bug fix 2013-02-03 21:39:26 +00:00
Bernardo Damele
dc2bbbeaa7 minor revert 2013-02-03 20:55:58 +00:00
Bernardo Damele
df3cc38cd9 minor improvements 2013-02-03 15:39:07 +00:00
Bernardo Damele
bd1ea13b8d Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-02-03 11:31:12 +00:00
Bernardo Damele
f8bc74758c improvement to restful API to store to IPC database partial entries, not yet functional (issue #297) 2013-02-03 11:31:05 +00:00
Miroslav Stampar
e7b93b5b66 Implementation for an Issue #363 2013-02-01 17:24:04 +01:00
Miroslav Stampar
993372aae4 Bug fix (causing search problems) 2013-02-01 11:24:17 +01:00
Miroslav Stampar
6d942f92b5 Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.)) 2013-02-01 10:03:06 +01:00