sqlmap/doc/THANKS

344 lines
11 KiB
Plaintext
Raw Normal View History

2008-10-15 19:38:22 +04:00
== Individuals ==
2010-02-12 02:46:50 +03:00
David Alvarez <david.alvarez.s@gmail.com>
for reporting a bug
2008-10-15 19:38:22 +04:00
Chip Andrews <chip@sqlsecurity.com>
for his excellent work maintaining the SQL Server versions database
at SQLSecurity.com and permission to implement the update feature
taking data from his site
2010-02-12 02:46:50 +03:00
Otavio Augusto <otavioarj@gmail.com>
for reporting a minor bug
2009-06-29 14:13:39 +04:00
Simon Baker <simonb@sec-1.com>
for reporting some bugs
Daniele Bellucci <daniele.bellucci@gmail.com>
for starting sqlmap project and developing it between July and August
2006
2010-03-11 01:08:54 +03:00
Velky Brat <velkybrat@gmail.com>
for suggesting a minor enhancement to the bisection algorithm
Jack Butler <fattredd@hotmail.com>
for providing me with the sqlmap site favicon
2009-12-21 14:04:54 +03:00
Roberto Castrogiovanni <castrogiovanni.roberto@gmail.com>
for reporting a minor bug
Cesar Cerrudo <cesar@argeniss.com>
for his Windows access token kidnapping tool Churrasco included in
sqlmap tree as a contrib library and used to run the stand-alone
payload stager on the target Windows machine as SYSTEM user if the
user wants to perform a privilege escalation attack,
http://www.argeniss.com/research/TokenKidnapping.pdf
2008-10-15 19:38:22 +04:00
Karl Chen <quarl@cs.berkeley.edu>
for providing with the multithreading patch for the inference
algorithm
Y P Chien <ypchien@cox.net>
for reporting a minor bug
Pierre Chifflier <pollux@debian.org> and Mark Hymers <ftpmaster@debian.org>
for uploading and accepting the sqlmap Debian package to the official
Debian project repository
Ulises U. Cune <ulises2k@gmail.com>
for reporting a bug
Alessandro Curio <alessandro.curio@gmail.com>
for reporting a minor bug
2008-10-15 19:38:22 +04:00
Stefano Di Paola <stefano.dipaola@wisec.it>
for suggesting good features
Dan Guido <dguido@gmail.com>
for promoting sqlmap in the context of the Penetration Testing and
Vulnerability Analysis class at the Polytechnic University of New York,
http://isisblogs.poly.edu/courses/pentest/
2008-10-15 19:38:22 +04:00
Adam Faheem <faheem.adam@is.co.za>
for reporting a few bugs
James Fisher <www@sittinglittleduck.com>
for providing me with two very good feature requests
for his great tool too brute force directories and files names on
web/application servers, Dir Buster, http://tinyurl.com/dirbuster
2008-11-04 22:56:07 +03:00
Jim Forster <jimforster@goldenwest.com>
for reporting a bug
2008-10-15 19:38:22 +04:00
Rong-En Fan <rafan@freebsd.org>
for commiting the sqlmap 0.5 port to the official FreeBSD project
repository
Giorgio Fedon <giorgio.fedon@gmail.com>
for suggesting a speed improvement for bisection algorithm
for reporting a bug when running against Microsoft SQL Server 2005
2010-03-11 01:08:54 +03:00
Kasper Fons <thefeds@mail.dk>
2010-03-15 14:04:57 +03:00
for reporting a few bugs
2010-03-11 01:08:54 +03:00
Alan Franzoni <alan.franzoni@gmail.com>
for helping me out with Python subprocess library
2010-02-12 02:46:50 +03:00
Daniel G. Gamonal <lgrecol@gmail.com>
for reporting a minor bug
2008-10-15 19:38:22 +04:00
Ivan Giacomelli <truemilk@insiberia.net>
for reporting a bug
for suggesting a minor enhancement
2008-12-17 23:58:19 +03:00
for reviewing the documentation
2008-10-15 19:38:22 +04:00
2009-05-20 13:58:22 +04:00
Oliver Gruskovnjak <oliver.gruskovnjak@gmail.com>
for reporting a bug
2009-05-19 19:56:30 +04:00
for providing me with a minor patch
2008-10-15 19:38:22 +04:00
Davide Guerri <d.guerri@caspur.it>
for suggesting an enhancement
2010-03-22 18:43:38 +03:00
David Guimaraes <skysbsb@gmail.com>
2010-04-06 14:32:56 +04:00
for reporting a few bugs
2010-03-22 18:43:38 +03:00
2008-10-15 19:38:22 +04:00
Kristian Erik Hermansen <kristian.hermansen@gmail.com>
for reporting a bug
for donating to sqlmap development
Jorge Hoya <aquinadie@gmail.com>
for suggesting a minor enhancement
Will Holcomb <wholcomb@gmail.com>
for his MultipartPostHandler class to handle multipart POST forms and
permission to include it within sqlmap source code
2010-03-11 01:08:54 +03:00
Daniel Huckmann <sanitybit@gmail.com>
2010-03-01 13:51:17 +03:00
for reporting a couple of bugs
2009-06-24 17:57:50 +04:00
2009-04-30 14:46:50 +04:00
Mounir Idrassi <mounir.idrassi@idrix.net>
for his compiled version of UPX for Mac OS X
2010-04-12 13:34:20 +04:00
Daliev Ilya <daliser@yandex.ru>
for reporting a bug
2009-11-01 15:08:46 +03:00
Dirk Jagdmann <doj@cubic.org>
for reporting a typo in the documentation
Luke Jahnke <luke.jahnke@gmail.com>
for reporting a bug when running against MySQL < 5.0
2010-04-09 17:48:02 +04:00
David Klein <david.klein@ipfocus.com.au>
for reporting a minor code improvement
2009-07-29 14:44:56 +04:00
Sven Klemm <sven@c3d2.de>
for reporting two minor bugs with PostgreSQL
Anant Kochhar <anant.kochhar@secureyes.net>
for providing me with feedback on the user's manual
Alexander Kornbrust <ak@red-database-security.com>
for reporting a couple of bugs
2010-01-04 15:53:58 +03:00
Krzysztof Kotowicz <kkotowicz@gmail.com>
for reporting a minor bug
Nicolas Krassas <krasn@ans.gr>
for reporting a bug
Guido Landi <lists@keamera.org>
for reporting a couple of bugs
for the great technical discussions
for Microsoft SQL Server 2000 and Microsoft SQL Server 2005
'sp_replwritetovarbin' stored procedure heap-based buffer overflow
(MS09-004) exploit development
for presenting with me at SOURCE Conference 2009 in Barcelona (Spain)
2010-02-04 18:24:13 +03:00
on September 21, 2009 and at CONfidence 2009 in Warsaw (Poland) on
November 20, 2009
Lee Lawson <Lee.Lawson@dns.co.uk>
for reporting a minor bug
Nico Leidecker <nico@leidecker.info>
for providing me with feedback on a few features
2009-05-19 19:56:30 +04:00
for reporting a couple of bugs
Gabriel Lima <pato@bugnet.com.br>
2009-04-23 12:42:57 +04:00
for reporting a couple of bugs
2008-10-28 03:08:00 +03:00
Pavol Luptak <pavol.luptak@nethemba.com>
for reporting a bug when injecting on a POST data parameter
2008-10-15 19:38:22 +04:00
Michael Majchrowicz <mmajchrowicz@gmail.com>
for extensively beta-testing sqlmap on various MySQL DBMS
for providing really appreciated feedback
for suggesting a lot of ideas and features
Ferruh Mavituna <ferruh@mavituna.com>
for providing me with ideas on the implementation of a couple of
new features
2008-10-15 19:38:22 +04:00
Enrico Milanese <enricomilanese@gmail.com>
for reporting a bugs when using (-a) a single line User-Agent file
for providing me with some ideas for the PHP backdoor
Roberto Nemirovsky <roberto.paes@gmail.com>
for pointing me out some enhancements
Markus Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>
Laszlo Molnar <ml1050@cdata.tvnet.hu>
John F. Reiser <sales@bitwagon.com>
for their great tool UPX (Ultimate Packer for eXecutables) included
in sqlmap tree as a contrib library and used mainly to pack the
Metasploit Framework 3 payload stager portable executable,
http://upx.sourceforge.net
Simone Onofri <simone.onofri@gmail.com>
for patching the PHP web backdoor to make it work properly also on
Windows
2008-10-15 19:38:22 +04:00
Antonio Parata <s4tan@ictsc.it>
for providing me with some ideas for the PHP backdoor
Adrian Pastor <ap@gnucitizen.org>
for donating to sqlmap development
2008-10-15 19:38:22 +04:00
Chris Patten <cpatten@sunera.com>
for reporting a bug in the blind SQL injection bisection algorithm
Adam Pridgen <adam.pridgen@gmail.com>
for suggesting some features
2010-04-06 14:15:19 +04:00
Ole Rasmussen <olerass@gmail.com>
for reporting a bug
2010-04-15 16:12:53 +04:00
for suggesting a feature
2010-04-06 14:15:19 +04:00
2008-10-15 19:38:22 +04:00
Alberto Revelli <r00t@northernfortress.net>
for inspiring me to write sqlmap user's manual in SGML
for his great Microsoft SQL Server take over tool, sqlninja,
http://sqlninja.sourceforge.net
Andres Riancho <andres.riancho@gmail.com>
for beta-testing sqlmap
for reporting a bug and suggesting some features
for including sqlmap in his great web application audit and attack
framework, w3af, http://w3af.sourceforge.net
Antonio Riva <antonio.riva@gmail.com>
for reporting a bug when running with python 2.5
2010-04-22 14:37:58 +04:00
Ethan Robish <ethan.robish@gmail.com>
for reporting a bug
2008-10-15 19:38:22 +04:00
Richard Safran <allapplyhere@yahoo.com>
for donating the sqlmap.org domain control
Tomoyuki Sakurai <cherry@trombik.org>
for submitting to the FreeBSD project the sqlmap 0.5 port
Philippe A. R. Schaeffer <schaeff@compuphil.de>
for reporting a minor bug
Sven Schluter <sschlueter@netzwerk.cc>
for providing with a patch for waiting a number of seconds between
each HTTP request
Uemit Seren <uemit.seren@gmail.com>
for reporting a minor adjustment when running with python 2.6
2010-03-24 00:24:31 +03:00
Brian Shura <bshura@appsecconsulting.com>
for reporting a bug
Sumit Siddharth <sid@notsosecure.com>
for providing me with ideas on the implementation of a couple of
features
2008-10-15 19:38:22 +04:00
M Simkin <mlsimkin@cox.net>
for suggesting a feature
Konrads Smelkovs <konrads@smelkovs.com>
for reporting a few bugs in --sql-shell and --sql-query on Microsoft
SQL Server
Marek Stiefenhofer <m.stiefenhofer@r-tec.net>
for reporting a bug
Jason Swan <jasoneswan@gmail.com>
for reporting a bug when enumerating columns on Microsoft SQL Server
for suggesting a couple of improvements
2008-10-15 19:38:22 +04:00
Alessandro Tanasi <alessandro@tanasi.it>
for extensively beta-testing sqlmap
for suggesting many features and reporting some bugs
for reviewing the documentation
2008-10-15 19:38:22 +04:00
Andres Tarasco <atarasco@gmail.com>
for providing me with good feedback
2008-10-15 19:38:22 +04:00
Efrain Torres <et@metasploit.com>
for helping me out to improve the Metasploit Framework 3 sqlmap
auxiliary module and for commiting it on the Metasploit official
subversion repository
for his great Metasploit WMAP Framework
2008-10-15 19:38:22 +04:00
Sandro Tosi <matrixhasu@gmail.com>
for helping to create sqlmap Debian package correctly
2010-04-22 14:37:58 +04:00
Vitaly Turenko <dsu@dsu.com.ua>
for reporting a bug
2008-10-15 19:38:22 +04:00
Bedirhan Urgun <bedirhanurgun@gmail.com>
2008-10-16 19:41:26 +04:00
for reporting a few bugs
2008-10-15 19:38:22 +04:00
for suggesting some features and improvements
for benchmarking sqlmap in the context of his SQL injection
benchmark project, OWASP SQLiBench, http://code.google.com/p/sqlibench
2010-02-17 01:54:22 +03:00
Kyprianos Vasilopoulos <kyprianos.vasilopoulos@gmail.com>
for reporting an unhandled connection exception
Anthony Zboralski <anthony.zboralski@bellua.com>
for providing me with detailed feedback
for reporting a few minor bugs
for donating to sqlmap development
2008-10-15 19:38:22 +04:00
fufuh <fufuh@users.sourceforge.net>
for reporting a bug when running on Windows
2008-11-03 01:25:48 +03:00
mariano <marianoso@gmail.com>
for reporting a bug
2009-12-21 14:21:18 +03:00
pacman730 <pacman730@users.sourceforge.net>
for reporting a bug
2010-04-09 17:48:02 +04:00
shiftzwei <shiftzwei@gmail.com>
for reporting a couple of bugs
2009-07-30 16:02:34 +04:00
Stuffe <stuffe.dk@gmail.com>
for reporting a minor bug and a feature request
2008-10-15 19:38:22 +04:00
Sylphid <sylphid.su@sti.com.tw>
for suggesting some features
Mosk Dmitri <ya@darkbyte.ru>
for reporting a minor bug
2008-10-15 19:38:22 +04:00
== Organizations ==
Black Hat team <info@blackhat.com>
for the opportunity to present my research on 'Advanced SQL injection
to operating system full control' at Black Hat Europe 2009 Briefings on
April 16, 2009 in Amsterdam (NL). I unveiled and demonstrated some of
the sqlmap 0.7 release candidate version new features during my
presentation
Metasploit LLC <msfdev@metasploit.com>
for their powerful tool Metasploit Framework 3, used by sqlmap, among
2010-03-24 00:24:31 +03:00
others things, to create the shellcode and establish an out-of-band
connection between sqlmap and the database server,
http://www.metasploit.com/framework
2008-10-15 19:38:22 +04:00
OWASP Board <http://www.owasp.org>
for sponsoring part of the sqlmap development in the context of OWASP
Spring of Code 2007