sqlmap 0.6.3-rc1:

* Minor enhancement to be able to specify the number of seconds to wait between each HTTP request. * Minor bug fix to handle session.error and session.timeout in HTTP requests. * Updated documentation.
2024-11-22 09:36:35 +03:00 · 2008-11-09 16:57:47 +00:00 · 2008-11-09 16:57:47 +00:00 · 0c5d3df546
commit 0c5d3df546
parent 544ced52b5
11 changed files with 139 additions and 80 deletions
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,11 +1,16 @@
 sqlmap (0.6.3-1) stable; urgency=low
  * Minor enhancement to be able to specify the number of seconds to wait
    between each HTTP request;
  * Minor improvements to sqlmap Debian package files: sqlmap uploaded
    to official Debian project repository;
  * Minor bug fix to handle session.error and session.timeout in HTTP
    requests;
  * Minor bug fix to correctly dump table entries when the column is
    provided;
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Day,  X YYY 2008 10:00:00 +0000
 sqlmap (0.6.2-1) stable; urgency=low
  * Major bug fix to correctly dump tables entries when --stop is not
@ -32,7 +37,6 @@ sqlmap (0.6.2-1) stable; urgency=low
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Sun,  2 Nov 2008 19:00:00 +0000
 sqlmap (0.6.1-1) stable; urgency=low
  * Major bug fix to blind SQL injection bisection algorithm to handle an
@ -54,7 +58,6 @@ sqlmap (0.6.1-1) stable; urgency=low
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Fri, 20 Oct 2008 10:00:00 +0000
 sqlmap (0.6-1) stable; urgency=low
  * Complete code refactor and many bugs fixed;
@ -120,7 +123,6 @@ sqlmap (0.6-1) stable; urgency=low
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Mon,  1 Sep 2008 10:00:00 +0100
 sqlmap (0.5-1) stable; urgency=low
  * Added support for Oracle database management system
@ -168,7 +170,6 @@ sqlmap (0.5-1) stable; urgency=low
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Sun,  4 Nov 2007 20:00:00 +0100
 sqlmap (0.4-1) stable; urgency=low
  * Added DBMS fingerprint based also upon HTML error messages parsing
@ -214,7 +215,6 @@ sqlmap (0.4-1) stable; urgency=low
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Fri, 15 Jun 2007 20:00:00 +0100
 sqlmap (0.3-1) stable; urgency=low
  * Added module for MS SQL Server;
@ -235,7 +235,6 @@ sqlmap (0.3-1) stable; urgency=low
 -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Sat, 20 Jan 2007 20:00:00 +0100
 sqlmap (0.2-1) stable; urgency=low
  * complete refactor of entire program;
--- a/doc/README.html
+++ b/doc/README.html
@ -8,7 +8,7 @@
 <H1>sqlmap user's manual</H1>
 <H2>by 
-<A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A></H2>version 0.6.2, 4th of November 2008
+<A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A></H2>version 0.6.3, DDth of November 2008
 <HR>
 <EM>This document is the user's manual to use 
 <A HREF="http://sqlmap.sourceforge.net">sqlmap</A>.
@ -295,19 +295,19 @@ It is available in various formats:</P>
 <P>
 <UL>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.tar.gz">Source gzip compressed</A> operating system independent.</LI>
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.gz">Source gzip compressed</A> operating system independent.</LI>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.tar.bz2">Source bzip2 compressed</A> operating system independent.</LI>
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.bz2">Source bzip2 compressed</A> operating system independent.</LI>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.zip">Source zip compressed</A> operating system independent.</LI>
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.zip">Source zip compressed</A> operating system independent.</LI>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.2-1_all.deb">DEB binary package</A> architecture independent for Debian and any
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.3-1_all.deb">DEB binary package</A> architecture independent for Debian and any
 other Debian derivated GNU/Linux distribution.</LI>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any
 other operating system that can install RPM packages.</LI>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2_exe.zip">Portable executable for Windows</A> that <B>does not require the Python
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3_exe.zip">Portable executable for Windows</A> that <B>does not require the Python
 interpreter</B> to be installed on the operating system.</LI>
 </UL>
 </P>
@ -334,7 +334,7 @@ and
 <PRE>
 $ python sqlmap.py -h
-    sqlmap/0.6.2 coded by Bernardo Damele A. G. &lt;bernardo.damele@gmail.com>
+    sqlmap/0.6.3 coded by Bernardo Damele A. G. &lt;bernardo.damele@gmail.com>
                        and Daniele Bellucci &lt;daniele.bellucci@gmail.com>
 Usage: sqlmap.py [options] {-u &lt;URL> | -g &lt;google dork> | -c &lt;config file>}
@ -535,7 +535,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 [hh:mm:28] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 [hh:mm:29] [INFO] testing MySQL
@ -544,7 +544,7 @@ Connection: close
 GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
 CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%207994=7994&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 </PRE>
@ -562,7 +562,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 [hh:mm:32] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:32] [TRAFFIC IN] HTTP response (OK - 200):
@ -580,7 +580,7 @@ Content-Type: text/html
 GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
 CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%204435=4435&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:33] [TRAFFIC IN] HTTP response (OK - 200):
@ -607,7 +607,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 [hh:mm:23] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:23] [TRAFFIC IN] HTTP response (OK - 200):
@ -632,7 +632,7 @@ Content-Type: text/html
 GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2851%29%2C%20
 CHAR%2851%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%201855=1855&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:24] [TRAFFIC IN] HTTP response (OK - 200):
@ -749,7 +749,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
 <BLOCKQUOTE><CODE>
 <PRE>
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p user-agent --user-agent "sqlmap/0.6.2 (http://sqlmap.sourceforge.net)"
+  -p user-agent --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
 [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
 [hh:mm:40] [INFO] testing connection to the target url
@ -895,7 +895,7 @@ $ python sqlmap.py -u "http://192.168.1.125/sqlmap/get_str.asp?name=luther" -v 3
 [hh:mm:39] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/get_str.asp?name=luther HTTP/1.1
 Host: 192.168.1.125:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
 Connection: close
@ -907,7 +907,7 @@ Connection: close
 GET /sqlmap/get_str.asp?name=luther HTTP/1.1
 Host: 192.168.1.125:80
 Cookie: ASPSESSIONIDSABTRCAS=469
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
@ -955,7 +955,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
 GET /sqlmap/pgsql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
 Referer: http://www.google.com
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 </PRE>
@ -972,7 +972,7 @@ Connection: close
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
@ -1058,7 +1058,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/basic/get_int.php?id=1&
 GET /sqlmap/mysql/basic/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
 Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
@ -1075,7 +1075,7 @@ nonce="qcL9udlSBAA=f3b77da349fcfbf1a59ba37b21e291341159598f",
 uri="/sqlmap/mysql/digest/get_int.php?id=1&amp;cat=2", 
 response="e1bf3738b4bbe04e197a12fb134e13a2", algorithm="MD5", qop=auth, nc=00000001, 
 cnonce="df1c0902c931b640"
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 </PRE>
@ -1164,6 +1164,14 @@ character of the query output. The thread then ends after approximately
 seven HTTP requests, the maximum to retrieve a query output character.</P>
 <H3>Delay in seconds between each HTTP request</H3>
 <P>Option: <CODE>--delay</CODE></P>
 <P>It is possible to specify a number of seconds to wait between each HTTP
 request. The valid value is a float, for instance 0.5.</P>
 <H2><A NAME="ss5.2">5.2</A> <A HREF="#toc5.2">Injection</A>
 </H2>
@ -1200,7 +1208,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
 [hh:mm:50] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@ -1222,7 +1230,7 @@ Content-Type: text/html
 [hh:mm:51] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1244,7 +1252,7 @@ Content-Type: text/html
 [hh:mm:51] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -2072,7 +2080,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  | NULL                                         | nameisnull        |
 +----+----------------------------------------------+-------------------+
 </PRE>
@ -2126,7 +2134,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  |                                              | nameisnull        |
 +----+----------------------------------------------+-------------------+
@ -2140,7 +2148,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv
 "1","luther","blissett"
 "2","fluffy","bunny"
 "3","wu","ming"
-"4","sqlmap/0.6.2 (http://sqlmap.sourceforge.net)","user agent header"
+"4","sqlmap/0.6.3 (http://sqlmap.sourceforge.net)","user agent header"
 "5","","nameisnull"
 </PRE>
 </CODE></BLOCKQUOTE>
@ -2170,7 +2178,7 @@ Table: users
 +----+----------------------------------------------+-------------------+
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 +----+----------------------------------------------+-------------------+
 </PRE>
 </CODE></BLOCKQUOTE>
@ -2201,7 +2209,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  | NULL                                         | nameisnull        |
 +----+----------------------------------------------+-------------------+
@ -2291,7 +2299,7 @@ Table: users
 +----+----------------------------------------------+-------------------+
 | id | name                                         | surname           |
 +----+----------------------------------------------+-------------------+
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 2  | fluffy                                       | bunny             |
 | 1  | luther                                       | blisset           |
 | 3  | wu                                           | ming              |
@ -2854,7 +2862,7 @@ GET /sqlmap/mysql/get_int.php?id=1%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28C
 %2C%20CHAR%2832%29%29%2CCHAR%28122%2C110%2C105%2C89%2C121%2C65%29%29%2C%20NULL--%20AND%2
 06043=6043&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:25] [TRAFFIC IN] HTTP response (OK - 200):
@ -2996,7 +3004,7 @@ $ python sqlmap.py --update -v 4
 [hh:mm:55] [TRAFFIC OUT] HTTP request:
 GET /doc/VERSION HTTP/1.1
 Host: sqlmap.sourceforge.net
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200):
@ -3015,7 +3023,7 @@ X-Pad: avoid browser bug
 [hh:mm:56] [TRAFFIC OUT] HTTP request:
 GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1
 Host: www.sqlsecurity.com
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0; 
 language=en-US
 Connection: close
--- a/doc/README.pdf
+++ b/doc/README.pdf
--- a/doc/README.sgml
+++ b/doc/README.sgml
@ -4,7 +4,7 @@
 <title>sqlmap user's manual
 <author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G.">
-<date>version 0.6.2, 4th of November 2008
+<date>version 0.6.3, DDth of November 2008
 <abstract>
 This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">.
 Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage">
@ -257,19 +257,19 @@ name="SourceForge File List page">.
 It is available in various formats:
 <itemize>
-<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.tar.gz"
+<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.gz"
 name="Source gzip compressed"> operating system independent.
-<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.tar.bz2"
+<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.bz2"
 name="Source bzip2 compressed"> operating system independent.
-<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2.zip"
+<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.zip"
 name="Source zip compressed"> operating system independent.
-<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.2-1_all.deb"
+<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.3-1_all.deb"
 name="DEB binary package"> architecture independent for Debian and any
 other Debian derivated GNU/Linux distribution.
-<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2-1.noarch.rpm"
+<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3-1.noarch.rpm"
 name="RPM binary package"> architecture independent for Fedora and any
 other operating system that can install RPM packages.
-<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.2_exe.zip"
+<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3_exe.zip"
 name="Portable executable for Windows"> that <bf>does not require the Python
 interpreter</bf> to be installed on the operating system.
 </itemize>
@ -297,7 +297,7 @@ and <htmlurl url="mailto:daniele.bellucci@gmail.com" name="Daniele Bellucci">.
 <tscreen><verb>
 $ python sqlmap.py -h
-    sqlmap/0.6.2 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
+    sqlmap/0.6.3 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
                        and Daniele Bellucci <daniele.bellucci@gmail.com>
 Usage: sqlmap.py [options] {-u <URL> | -g <google dork> | -c <config file>}
@ -493,7 +493,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 [hh:mm:28] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 [hh:mm:29] [INFO] testing MySQL
@ -502,7 +502,7 @@ Connection: close
 GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
 CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%207994=7994&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 </verb></tscreen>
@ -518,7 +518,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 [hh:mm:32] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:32] [TRAFFIC IN] HTTP response (OK - 200):
@ -536,7 +536,7 @@ Content-Type: text/html
 GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
 CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%204435=4435&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:33] [TRAFFIC IN] HTTP response (OK - 200):
@ -561,7 +561,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 [hh:mm:23] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:23] [TRAFFIC IN] HTTP response (OK - 200):
@ -586,7 +586,7 @@ Content-Type: text/html
 GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2851%29%2C%20
 CHAR%2851%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%201855=1855&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:24] [TRAFFIC IN] HTTP response (OK - 200):
@ -701,7 +701,7 @@ Example on a <bf>MySQL 5.0.51</bf> target:
 <tscreen><verb>
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p user-agent --user-agent "sqlmap/0.6.2 (http://sqlmap.sourceforge.net)"
+  -p user-agent --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
 [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
 [hh:mm:40] [INFO] testing connection to the target url
@ -846,7 +846,7 @@ $ python sqlmap.py -u "http://192.168.1.125/sqlmap/get_str.asp?name=luther" -v 3
 [hh:mm:39] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/get_str.asp?name=luther HTTP/1.1
 Host: 192.168.1.125:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
 Connection: close
@ -858,7 +858,7 @@ Connection: close
 GET /sqlmap/get_str.asp?name=luther HTTP/1.1
 Host: 192.168.1.125:80
 Cookie: ASPSESSIONIDSABTRCAS=469
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
@ -905,7 +905,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
 GET /sqlmap/pgsql/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
 Referer: http://www.google.com
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 </verb></tscreen>
@ -921,7 +921,7 @@ By default sqlmap perform HTTP requests providing the following HTTP
 <tt>User-Agent</tt> header value:
 <tscreen><verb>
-sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 </verb></tscreen>
 <p>
@ -1006,7 +1006,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/basic/get_int.php?id=1&
 GET /sqlmap/mysql/basic/get_int.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
 Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
@ -1023,7 +1023,7 @@ nonce="qcL9udlSBAA=f3b77da349fcfbf1a59ba37b21e291341159598f",
 uri="/sqlmap/mysql/digest/get_int.php?id=1&amp;cat=2", 
 response="e1bf3738b4bbe04e197a12fb134e13a2", algorithm="MD5", qop=auth, nc=00000001, 
 cnonce="df1c0902c931b640"
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 </verb></tscreen>
@ -1108,6 +1108,16 @@ character of the query output. The thread then ends after approximately
 seven HTTP requests, the maximum to retrieve a query output character.
 <sect2>Delay in seconds between each HTTP request
 <p>
 Option: <tt>--delay</tt>
 <p>
 It is possible to specify a number of seconds to wait between each HTTP
 request. The valid value is a float, for instance 0.5.
 <sect1>Injection
 <sect2>String match
@ -1145,7 +1155,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
 [hh:mm:50] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@ -1167,7 +1177,7 @@ Content-Type: text/html
 [hh:mm:51] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1189,7 +1199,7 @@ Content-Type: text/html
 [hh:mm:51] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -2008,7 +2018,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  | NULL                                         | nameisnull        |
 +----+----------------------------------------------+-------------------+
 </verb></tscreen>
@ -2060,7 +2070,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  |                                              | nameisnull        |
 +----+----------------------------------------------+-------------------+
@ -2074,7 +2084,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv
 "1","luther","blissett"
 "2","fluffy","bunny"
 "3","wu","ming"
-"4","sqlmap/0.6.2 (http://sqlmap.sourceforge.net)","user agent header"
+"4","sqlmap/0.6.3 (http://sqlmap.sourceforge.net)","user agent header"
 "5","","nameisnull"
 </verb></tscreen>
@ -2102,7 +2112,7 @@ Table: users
 +----+----------------------------------------------+-------------------+
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 +----+----------------------------------------------+-------------------+
 </verb></tscreen>
@ -2134,7 +2144,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  | NULL                                         | nameisnull        |
 +----+----------------------------------------------+-------------------+
@ -2223,7 +2233,7 @@ Table: users
 +----+----------------------------------------------+-------------------+
 | id | name                                         | surname           |
 +----+----------------------------------------------+-------------------+
-| 4  | sqlmap/0.6.2 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
 | 2  | fluffy                                       | bunny             |
 | 1  | luther                                       | blisset           |
 | 3  | wu                                           | ming              |
@ -2774,7 +2784,7 @@ GET /sqlmap/mysql/get_int.php?id=1%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28C
 %2C%20CHAR%2832%29%29%2CCHAR%28122%2C110%2C105%2C89%2C121%2C65%29%29%2C%20NULL--%20AND%2
 06043=6043&amp;cat=2 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:25] [TRAFFIC IN] HTTP response (OK - 200):
@ -2913,7 +2923,7 @@ $ python sqlmap.py --update -v 4
 [hh:mm:55] [TRAFFIC OUT] HTTP request:
 GET /doc/VERSION HTTP/1.1
 Host: sqlmap.sourceforge.net
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Connection: close
 [hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200):
@ -2932,7 +2942,7 @@ X-Pad: avoid browser bug
 [hh:mm:56] [TRAFFIC OUT] HTTP request:
 GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1
 Host: www.sqlsecurity.com
-User-agent: sqlmap/0.6.2 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
 Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0; 
 language=en-US
 Connection: close
--- a/doc/THANKS
+++ b/doc/THANKS
@ -9,6 +9,10 @@ Karl Chen <quarl@cs.berkeley.edu>
    for providing with the multithreading patch for the inference
    algorithm
 Pierre Chifflier <pollux@debian.org>
    for uploading the sqlmap 0.6.2 Debian package to the official Debian
    project repository
 Stefano Di Paola <stefano.dipaola@wisec.it>
    for suggesting good features
@ -91,6 +95,10 @@ Richard Safran <allapplyhere@yahoo.com>
 Tomoyuki Sakurai <cherry@trombik.org>
    for submitting to the FreeBSD project the sqlmap 0.5 port
 Sven Schluter <sschlueter@netzwerk.cc>
    for providing with a patch for waiting a number of seconds between
    each HTTP request
 M Simkin <mlsimkin@cox.net>
    for suggesting a feature
@ -113,6 +121,9 @@ Bedirhan Urgun <bedirhanurgun@gmail.com>
    for benchmarking sqlmap in the context of his SQL injection
    benchmark project, OWASP SQLiBench, http://code.google.com/p/sqlibench
 Kyprianos Vassilopoulos <kyprianos.vasilopoulos@gmail.com>
    for reporting an unhandled connection exception
 fufuh <fufuh@users.sourceforge.net>
    for reporting a bug when running on Windows
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -402,6 +402,9 @@ def __cleanupOptions():
    if conf.user:
        conf.user = conf.user.replace(" ", "")
    if conf.delay:
        conf.delay = float(conf.delay)
 def __setConfAttributes():
    """
@ -488,7 +491,7 @@ def __saveCmdline():
            if value == None:
                if datatype == "boolean":
                    value = "False"
-                elif datatype == "integer":
+                elif datatype in ( "integer", "float" ):
                    if option == "threads":
                        value = "1"
                    else:
--- a/lib/core/optiondict.py
+++ b/lib/core/optiondict.py
@ -40,6 +40,7 @@ optDict = {
                               "aCred":             "string",
                               "proxy":             "string",
                               "threads":           "integer",
                               "delay":             "float",
                             },
            "Injection":     {
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -30,7 +30,7 @@ import sys
 # sqlmap version and site
-VERSION            = "0.6.2"
+VERSION            = "0.6.3-rc1"
 VERSION_STRING     = "sqlmap/%s" % VERSION
 SITE               = "http://sqlmap.sourceforge.net"
--- a/lib/parse/cmdline.py
+++ b/lib/parse/cmdline.py
@ -89,6 +89,10 @@ def cmdLineParser():
                           help="Maximum number of concurrent HTTP "
                                "requests (default 1)")
        request.add_option("--delay", dest="delay", type="float",
                           help="Delay in seconds between each HTTP request")
        # Injection options
        injection = OptionGroup(parser, "Injection")
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -26,6 +26,8 @@ Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 import md5
 import re
 import socket
 import time
 import urllib2
 import urlparse
@ -156,7 +158,7 @@ class Connect:
                status = e.msg
                responseHeaders = e.info()
-        except urllib2.URLError, e:
+        except (urllib2.URLError, socket.error), _:
            warnMsg = "unable to connect to the target url"
            if conf.googleDork:
@ -168,6 +170,18 @@ class Connect:
                warnMsg += " or proxy"
                raise sqlmapConnectionException, warnMsg
        except socket.timeout, _:
            warnMsg = "connection timed out to the target url"
            if conf.googleDork:
                warnMsg += ", skipping to next url"
                logger.warn(warnMsg)
                return None
            else:
                warnMsg += " or proxy"
                raise sqlmapConnectionException, warnMsg
        parsePage(page)
        responseMsg += "(%s - %d):\n" % (status, code)
@ -178,6 +192,9 @@ class Connect:
        logger.log(8, responseMsg)
        if conf.delay != None and isinstance(conf.delay, (int, float)) and conf.delay > 0:
            time.sleep(conf.delay)
        return page
--- a/sqlmap.conf
+++ b/sqlmap.conf
@ -56,9 +56,15 @@ proxy =
 # Maximum number of concurrent HTTP requests (handled with Python threads)
 # to be used in the inference SQL injection attack.
 # Valid: integer
 # Default: 1
 threads = 1
 # Delay in seconds between each HTTP request.
 # Valid: float
 # Default: 0
 delay = 0
 [Injection]
@ -151,12 +157,12 @@ user =
 excludeSysDbs = False
 # First table entry to dump (cursor start)
-# Valid: number
+# Valid: integer
 # Default: 0 (sqlmap will start to dump the table entries from the first)
 limitStart = 0
 # Last table entry to dump (cursor stop)
-# Valid: number
+# Valid: integer
 # Default: 0 (sqlmap will detect the number of table entries and dump
 # until the last)
 limitStop = 0
@ -173,7 +179,7 @@ sqlShell = False
 [File system]
 # Read a specific OS file content (only on MySQL).
-# Examples: '/etc/passwd' or 'C:\boot.ini'
+# Examples: /etc/passwd or C:\boot.ini
 rFile = 
 # Write to a specific OS file (not yet available).
@ -206,7 +212,7 @@ unionUse = False
 eta = False
 # Verbosity level.
-# Valid values:
+# Valid: integer between 0 and 5
 # 0: Silent
 # 1: Show info messages
 # 2: Show also debug messages