diff --git a/doc/ChangeLog b/doc/ChangeLog index 4e8b8bcf8..45c55b029 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -5,17 +5,17 @@ sqlmap (0.6.4-1) stable; urgency=low object; * Major enhancement to support SQL data definition statements, SQL data manipulation statements, etc from user in SQL query and SQL shell if - stacked queries are supported by the web application technology in - use; + stacked queries are supported by the web application technology; * Major speed increase in DBMS basic fingerprint; * Minor enhancement to support an option (--is-dba) to show if the current user is a database management system administrator; * Minor enhancement to support an option (--union-tech) to specify the technique to use to detect the number of columns used in the web application SELECT statement: NULL bruteforcing (default) or ORDER BY - clause; - * Added support internally to forge CASE statements, used only by - --is-dba query at the moment; + clause bruteforcing; + * Added internal support to forge CASE statements, used only by --is-dba + query at the moment; + * Minor layout adjustment to the --update output; * Major bug fix to avoid tracebacks when multiple targets are specified and one of them is not reachable; * Minor bug fix to make the Partial UNION query SQL injection technique diff --git a/doc/README.html b/doc/README.html index 2e063a14b..5c89dc433 100644 --- a/doc/README.html +++ b/doc/README.html @@ -8,7 +8,7 @@

sqlmap user's manual

by -Bernardo Damele A. G.

version 0.6.3, 18th of December 2008 +Bernardo Damele A. G.version 0.6.4, DDth of MMM 2009
This document is the user's manual to use sqlmap. @@ -88,8 +88,9 @@ for x86, AMD64 and Itanium too.

PyReadline library to be able to take advantage of the sqlmap TAB completion and history support functionalities in the SQL shell and OS shell. -Note that these functionalities are available natively by Python official -readline library on other operating systems. +Note that these functionalities are available natively by Python standard +readline +library on other operating systems. You can also choose to install Psyco library to speed up the sqlmap algorithmic operations.

@@ -347,24 +348,24 @@ It is available in various formats:

@@ -402,7 +403,7 @@ and 
 $ python sqlmap.py -h
 
-    sqlmap/0.6.3 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
+    sqlmap/0.6.4 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
                         and Daniele Bellucci <daniele.bellucci@gmail.com>
 
 Usage: sqlmap.py [options]
@@ -619,7 +620,7 @@ Host: 192.168.1.121:80
 Accept-language: en-us,en;q=0.5
 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
 image/png,*/*;q=0.5
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 [hh:mm:55] [INFO] testing MySQL
@@ -632,7 +633,7 @@ Host: 192.168.1.121:80
 Accept-language: en-us,en;q=0.5
 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
 image/png,*/*;q=0.5
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
@@ -654,7 +655,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:44] [TRAFFIC IN] HTTP response (OK - 200): @@ -675,7 +676,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] @@ -697,7 +698,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:17] [TRAFFIC IN] HTTP response (OK - 200): @@ -725,7 +726,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:18] [TRAFFIC IN] HTTP response (OK - 200): @@ -1036,7 +1037,7 @@ Host: 192.168.1.125:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ Connection: close @@ -1052,7 +1053,7 @@ Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 Cookie: ASPSESSIONIDSABTRCAS=469 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic @@ -1104,7 +1105,7 @@ Accept-language: en-us,en;q=0.5 Referer: http://www.google.com Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] @@ -1121,7 +1122,7 @@ Connection: close 

-sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+sqlmap/0.6.4 (http://sqlmap.sourceforge.net)

@@ -1243,7 +1244,7 @@ Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] @@ -1264,7 +1265,7 @@ Authorization: Digest username="testuser", realm="Testing digest authentication" nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d", uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747", algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a" -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] @@ -1437,7 +1438,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&ca 
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/ua_str.php" -v 1 \
-  -p "user-agent" --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
+  -p "user-agent" --user-agent "sqlmap/0.6.4 (http://sqlmap.sourceforge.net)"
 
 [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
 [hh:mm:40] [INFO] testing connection to the target url
@@ -1551,7 +1552,7 @@ Host: 192.168.1.121:80
 Accept-language: en-us,en;q=0.5
 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
 image/png,*/*;q=0.5
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 [...]
 [hh:mm:17] [INFO] GET parameter 'id' is custom injectable 
@@ -1628,7 +1629,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
 [hh:mm:50] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 
 [hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@@ -1650,7 +1651,7 @@ Content-Type: text/html
 [hh:mm:51] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 
 [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@@ -1672,7 +1673,7 @@ Content-Type: text/html
 [hh:mm:51] [TRAFFIC OUT] HTTP request:
 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
 Host: 192.168.1.121:80
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 
 [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@@ -2083,7 +2084,7 @@ Host: 192.168.1.121:80
 Accept-language: en-us,en;q=0.5
 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
 image/png,*/*;q=0.5
-User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net)
+User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
 Connection: close
 
 [hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200):
@@ -3181,7 +3182,7 @@ Table: users
 | 1  | luther                                       | blissett          |
 | 2  | fluffy                                       | bunny             |
 | 3  | wu                                           | ming              |
-| 4  | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header |
+| 4  | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
 | 5  | NULL                                         | nameisnull        |
 +----+----------------------------------------------+-------------------+
@@ -3235,7 +3236,7 @@ Table: users | 1 | luther | blissett | | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 5 | | nameisnull | +----+----------------------------------------------+-------------------+ @@ -3248,7 +3249,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv "1","luther","blissett" "2","fluffy","bunny" "3","wu","ming" -"4","sqlmap/0.6.3 (http://sqlmap.sourceforge.net)","user agent header" +"4","sqlmap/0.6.4 (http://sqlmap.sourceforge.net)","user agent header" "5","","nameisnull"
@@ -3278,7 +3279,7 @@ Table: users +----+----------------------------------------------+-------------------+ | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | +----+----------------------------------------------+-------------------+ @@ -3309,7 +3310,7 @@ Table: users | 1 | luther | blissett | | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 5 | NULL | nameisnull | +----+----------------------------------------------+-------------------+ @@ -3399,7 +3400,7 @@ Table: users +----+----------------------------------------------+-------------------+ | id | name | surname | +----+----------------------------------------------+-------------------+ -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 2 | fluffy | bunny | | 1 | luther | blisset | | 3 | wu | ming | @@ -3962,7 +3963,7 @@ $ python sqlmap.py --update -v 4 [hh:mm:55] [TRAFFIC OUT] HTTP request: GET /doc/VERSION HTTP/1.1 Host: sqlmap.sourceforge.net -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200): @@ -3981,7 +3982,7 @@ X-Pad: avoid browser bug [hh:mm:56] [TRAFFIC OUT] HTTP request: GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1 Host: www.sqlsecurity.com -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0; language=en-US Connection: close diff --git a/doc/README.pdf b/doc/README.pdf index 51966ae50..2300c3778 100644 Binary files a/doc/README.pdf and b/doc/README.pdf differ diff --git a/doc/README.sgml b/doc/README.sgml index 8f71bcf07..ff24cc13a 100644 --- a/doc/README.sgml +++ b/doc/README.sgml @@ -4,7 +4,7 @@ sqlmap user's manual <author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G."> -<date>version 0.6.3, 18th of December 2008 +<date>version 0.6.4, DDth of MMM 2009 <abstract> This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">. Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage"> @@ -46,8 +46,9 @@ Optionally, if you are running sqlmap on Windows, you may wish to install <htmlurl url="http://ipython.scipy.org/moin/PyReadline/Intro" name="PyReadline"> library to be able to take advantage of the sqlmap TAB completion and history support functionalities in the SQL shell and OS shell. -Note that these functionalities are available natively by Python official -readline library on other operating systems. +Note that these functionalities are available natively by Python standard +<htmlurl url="http://docs.python.org/library/readline.html" name="readline"> +library on other operating systems. You can also choose to install <htmlurl url="http://psyco.sourceforge.net/" name="Psyco"> library to speed up the sqlmap algorithmic operations. @@ -304,24 +305,24 @@ name="SourceForge File List page">. It is available in various formats: <itemize> -<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.gz" +<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.tar.gz" name="Source gzip compressed"> operating system independent. -<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.bz2" +<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.tar.bz2" name="Source bzip2 compressed"> operating system independent. -<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.zip" +<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.zip" name="Source zip compressed"> operating system independent. -<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.3-1_all.deb" +<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.4-1_all.deb" name="DEB binary package"> architecture independent for Debian and any other Debian derivated GNU/Linux distribution. -<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3-1.noarch.rpm" +<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4-1.noarch.rpm" name="RPM binary package"> architecture independent for Fedora and any other operating system that can install RPM packages. -<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3_exe.zip" +<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4_exe.zip" name="Portable executable for Windows"> that <bf>does not require the Python interpreter</bf> to be installed on the operating system. </itemize> @@ -358,7 +359,7 @@ and <htmlurl url="mailto:daniele.bellucci@gmail.com" name="Daniele Bellucci">. <tscreen><verb> $ python sqlmap.py -h - sqlmap/0.6.3 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com> + sqlmap/0.6.4 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com> and Daniele Bellucci <daniele.bellucci@gmail.com> Usage: sqlmap.py [options] @@ -570,7 +571,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] [hh:mm:55] [INFO] testing MySQL @@ -583,7 +584,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] </verb></tscreen> @@ -603,7 +604,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:44] [TRAFFIC IN] HTTP response (OK - 200): @@ -624,7 +625,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] </verb></tscreen> @@ -644,7 +645,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:17] [TRAFFIC IN] HTTP response (OK - 200): @@ -672,7 +673,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:18] [TRAFFIC IN] HTTP response (OK - 200): @@ -982,7 +983,7 @@ Host: 192.168.1.125:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ Connection: close @@ -998,7 +999,7 @@ Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 Cookie: ASPSESSIONIDSABTRCAS=469 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic @@ -1049,7 +1050,7 @@ Accept-language: en-us,en;q=0.5 Referer: http://www.google.com Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] </verb></tscreen> @@ -1065,7 +1066,7 @@ By default sqlmap perform HTTP requests providing the following HTTP <tt>User-Agent</tt> header value: <tscreen><verb> -sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +sqlmap/0.6.4 (http://sqlmap.sourceforge.net) </verb></tscreen> <p> @@ -1186,7 +1187,7 @@ Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] @@ -1207,7 +1208,7 @@ Authorization: Digest username="testuser", realm="Testing digest authentication" nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d", uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747", algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a" -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] </verb></tscreen> @@ -1380,7 +1381,7 @@ Example on a <bf>MySQL 5.0.67</bf> target: <tscreen><verb> $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/ua_str.php" -v 1 \ - -p "user-agent" --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)" + -p "user-agent" --user-agent "sqlmap/0.6.4 (http://sqlmap.sourceforge.net)" [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET [hh:mm:40] [INFO] testing connection to the target url @@ -1496,7 +1497,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [...] [hh:mm:17] [INFO] GET parameter 'id' is custom injectable @@ -1568,7 +1569,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id= [hh:mm:50] [TRAFFIC OUT] HTTP request: GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 Host: 192.168.1.121:80 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200): @@ -1590,7 +1591,7 @@ Content-Type: text/html [hh:mm:51] [TRAFFIC OUT] HTTP request: GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 Host: 192.168.1.121:80 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200): @@ -1612,7 +1613,7 @@ Content-Type: text/html [hh:mm:51] [TRAFFIC OUT] HTTP request: GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 Host: 192.168.1.121:80 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200): @@ -2015,7 +2016,7 @@ Host: 192.168.1.121:80 Accept-language: en-us,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, image/png,*/*;q=0.5 -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200): @@ -3090,7 +3091,7 @@ Table: users | 1 | luther | blissett | | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 5 | NULL | nameisnull | +----+----------------------------------------------+-------------------+ </verb></tscreen> @@ -3142,7 +3143,7 @@ Table: users | 1 | luther | blissett | | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 5 | | nameisnull | +----+----------------------------------------------+-------------------+ @@ -3155,7 +3156,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv "1","luther","blissett" "2","fluffy","bunny" "3","wu","ming" -"4","sqlmap/0.6.3 (http://sqlmap.sourceforge.net)","user agent header" +"4","sqlmap/0.6.4 (http://sqlmap.sourceforge.net)","user agent header" "5","","nameisnull" </verb></tscreen> @@ -3183,7 +3184,7 @@ Table: users +----+----------------------------------------------+-------------------+ | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | +----+----------------------------------------------+-------------------+ </verb></tscreen> @@ -3215,7 +3216,7 @@ Table: users | 1 | luther | blissett | | 2 | fluffy | bunny | | 3 | wu | ming | -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 5 | NULL | nameisnull | +----+----------------------------------------------+-------------------+ @@ -3304,7 +3305,7 @@ Table: users +----+----------------------------------------------+-------------------+ | id | name | surname | +----+----------------------------------------------+-------------------+ -| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | +| 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header | | 2 | fluffy | bunny | | 1 | luther | blisset | | 3 | wu | ming | @@ -3855,7 +3856,7 @@ $ python sqlmap.py --update -v 4 [hh:mm:55] [TRAFFIC OUT] HTTP request: GET /doc/VERSION HTTP/1.1 Host: sqlmap.sourceforge.net -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Connection: close [hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200): @@ -3874,7 +3875,7 @@ X-Pad: avoid browser bug [hh:mm:56] [TRAFFIC OUT] HTTP request: GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1 Host: www.sqlsecurity.com -User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) +User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net) Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0; language=en-US Connection: close