sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-02-16 19:40:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated ChangeLog

Browse Source
This commit is contained in:
Bernardo Damele 2010-02-26 15:37:24 +00:00
parent f53ef947f1
commit dd3f65f0fb
2 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
doc/ChangeLog
View File

@ -10,19 +10,19 @@ sqlmap (0.8-1) stable; urgency=low
* Support for takeover features on PostgreSQL 8.4 (Bernardo). * Support for takeover features on PostgreSQL 8.4 (Bernardo).
* Enhanced --priv-esc to rely on new Metasploit Meterpreter's * Enhanced --priv-esc to rely on new Metasploit Meterpreter's
'getsystem' command to elevate privileges of the user running the 'getsystem' command to elevate privileges of the user running the
back-end DBMS instance on Windows to SYSTEM (Bernardo). back-end DBMS instance to SYSTEM on Windows (Bernardo).
* Automatic support in --os-pwn to use the web uploader/backdoor to * Automatic support in --os-pwn to use the web uploader/backdoor to
upload and execute the Metasploit payload stager when stacked queries upload and execute the Metasploit payload stager when stacked queries
SQL injection is not supported, for instance on MySQL/PHP and SQL injection is not supported, for instance on MySQL/PHP and
MySQL/ASP but there is a writable folder within the web server MySQL/ASP, but there is a writable folder within the web server
document root (Bernardo). document root (Bernardo and Miroslav).
* Fixed web backdoor functionality for --os-cmd, --os-shell and --os-pwn * Fixed web backdoor functionality for --os-cmd, --os-shell and --os-pwn
useful when web application does not support stacked queries (Bernardo). useful when web application does not support stacked queries (Bernardo).
* Updated active fingerprint and comment injection fingerprint for
MySQL 5.1, MySQL 5.4 and MySQL 5.5 (Bernardo).
* Added support to properly read (--read-file) also binary files via * Added support to properly read (--read-file) also binary files via
PostgreSQL by injecting sqlmap new sys_fileread() user-defined PostgreSQL by injecting sqlmap new sys_fileread() user-defined
function (Bernardo and Miroslav). function (Bernardo and Miroslav).
* Updated active fingerprint and comment injection fingerprint for
MySQL 5.1, MySQL 5.4 and MySQL 5.5 (Bernardo).
* Updated active fingerprint for PostgreSQL 8.4 (Bernardo). * Updated active fingerprint for PostgreSQL 8.4 (Bernardo).
* Support for NTLM authentication via python-ntlm third party library, * Support for NTLM authentication via python-ntlm third party library,
http://code.google.com/p/python-ntlm/, --auth-type NTLM (Bernardo). http://code.google.com/p/python-ntlm/, --auth-type NTLM (Bernardo).
@ -32,7 +32,10 @@ sqlmap (0.8-1) stable; urgency=low
(Miroslav). (Miroslav).
* Added support for regular expression based scope when parsing Burp or * Added support for regular expression based scope when parsing Burp or
Web Scarab proxy log file (-l), --scope (Miroslav). Web Scarab proxy log file (-l), --scope (Miroslav).
* Added option (-r) to load the HTTP request from a text file (Miroslav). * Added option (-r) to load a single HTTP request from a text file
(Miroslav).
* Added option (--ignore-proxy) to ignore system default HTTP proxy
(Miroslav).
* Added support to ignore Set-Cookie in HTTP responses, * Added support to ignore Set-Cookie in HTTP responses,
--drop-set-cookie (Miroslav). --drop-set-cookie (Miroslav).
* Added support to specify which Google dork result page to parse, * Added support to specify which Google dork result page to parse,
@ -47,9 +50,9 @@ sqlmap (0.8-1) stable; urgency=low
https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/udfhack (Bernardo https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/udfhack (Bernardo
and Miroslav). and Miroslav).
* Major code cleanup (Miroslav). * Major code cleanup (Miroslav).
* Added simple file encryption/compression utility, extra/cloak/cloak.py * Added simple file encryption/compression utility, extra/cloak/cloak.py,
used by sqlmap to decrypt on the fly Churrasco and UPX executables and used by sqlmap to decrypt on the fly Churrasco, UPX executable and web
web shells consequently reducing drastically the number of anti virus shells consequently reducing drastically the number of anti-virus
softwares that mistakenly mark sqlmap as a malware (Miroslav). softwares that mistakenly mark sqlmap as a malware (Miroslav).
-- Bernardo Damele A. G. <bernardo.damele@gmail.com> Mon, 1 Mar 2010 10:00:00 +0000 -- Bernardo Damele A. G. <bernardo.damele@gmail.com> Mon, 1 Mar 2010 10:00:00 +0000

2
lib/parse/cmdline.py
View File

@ -434,7 +434,7 @@ def cmdLineParser():
(args, _) = parser.parse_args() (args, _) = parser.parse_args()
if not args.url and not args.list and not args.googleDork and not args.configFile and not args.requestFile and not args.updateAll: if not args.url and not args.list and not args.googleDork and not args.configFile and not args.requestFile and not args.updateAll:
errMsg = "missing a mandatory parameter ('-u', '-l', '-g', '-c', '-r' or '--update'), " errMsg = "missing a mandatory parameter ('-u', '-l', '-r', '-g', '-c' or '--update'), "
errMsg += "-h for help" errMsg += "-h for help"
parser.error(errMsg) parser.error(errMsg)