Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							267cf5dd1a 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2010-01-30 00:08:10 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7b8316728c 
							
						 
					 
					
						
						
							
							Major bug fix in takeover functionalities on Microsoft SQL Server  
						
						
						
					 
					
						2010-01-29 00:09:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c6cae7da41 
							
						 
					 
					
						
						
							
							Updated changelog  
						
						
						
					 
					
						2010-01-28 23:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b4ce8fe361 
							
						 
					 
					
						
						
							
							Updated ChangeLog file  
						
						
						
					 
					
						2010-01-18 15:43:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							070ccc30e9 
							
						 
					 
					
						
						
							
							Added automatic support in --os-pwn to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP.  
						
						... 
						
						
						
						Updated ChangeLog.
Major code refactoring. 
						
					 
					
						2010-01-14 14:03:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							055b14a11a 
							
						 
					 
					
						
						
							
							Updated Changelog  
						
						
						
					 
					
						2010-01-13 12:14:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							473024bd6e 
							
						 
					 
					
						
						
							
							Newline  
						
						
						
					 
					
						2010-01-04 14:03:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6319eb6e5c 
							
						 
					 
					
						
						
							
							just added PGP Key ID  
						
						
						
					 
					
						2010-01-04 13:08:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							232f927dd0 
							
						 
					 
					
						
						
							
							Slightly updated the documentation  
						
						
						
					 
					
						2010-01-04 12:53:58 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d5b1863dec 
							
						 
					 
					
						
						
							
							Updated documentation and svn properties  
						
						
						
					 
					
						2010-01-02 02:07:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c1c14dabd9 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2009-12-21 11:21:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e6c4154cac 
							
						 
					 
					
						
						
							
							Fixed minor bug in --reg-del  
						
						
						
					 
					
						2009-12-21 11:04:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e4e081cdc6 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.  
						
						
						
					 
					
						2009-12-17 22:04:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c332c72808 
							
						 
					 
					
						
						
							
							Minor update to user's manual to reflect new Metasploit release  
						
						
						
					 
					
						2009-11-17 23:36:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aa14bea051 
							
						 
					 
					
						
						
							
							Test again  
						
						
						
					 
					
						2009-11-01 12:30:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e518ae82e4 
							
						 
					 
					
						
						
							
							Testing post-commit hook on redmine  
						
						
						
					 
					
						2009-11-01 12:28:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bfd8128693 
							
						 
					 
					
						
						
							
							Updated name  
						
						
						
					 
					
						2009-11-01 12:10:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							de68a499f5 
							
						 
					 
					
						
						
							
							Typo fix  
						
						
						
					 
					
						2009-11-01 12:08:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bb123b2769 
							
						 
					 
					
						
						
							
							Updated changelog  
						
						
						
					 
					
						2009-10-23 10:20:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f1a7d095aa 
							
						 
					 
					
						
						
							
							Minor patch to make the PHP web backdoor work also on Windows  
						
						
						
					 
					
						2009-10-22 16:25:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							89c43893d4 
							
						 
					 
					
						
						
							
							Merged back from personal branch to trunk (svn merge -r846:940 ...)  
						
						... 
						
						
						
						Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring. 
						
					 
					
						2009-09-25 23:03:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							458d59416c 
							
						 
					 
					
						
						
							
							Minor bug fix in MSSQL version fingerprint  
						
						
						
					 
					
						2009-08-11 09:16:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							14578a7a4d 
							
						 
					 
					
						
						
							
							Updated THANKS file  
						
						
						
					 
					
						2009-07-30 12:02:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e608a5ca55 
							
						 
					 
					
						
						
							
							Updated THANKS file  
						
						
						
					 
					
						2009-07-29 10:44:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2c98c11e80 
							
						 
					 
					
						
						
							
							user's manual PDF recreated  
						
						
						
					 
					
						2009-07-25 16:46:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							45e3ce798f 
							
						 
					 
					
						
						
							
							Updated documentation with all new features introduced since sqlmap 0.7-rc1  
						
						
						
					 
					
						2009-07-25 14:31:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							576cc97742 
							
						 
					 
					
						
						
							
							Minor update to the user's manual, almost there to release 0.7 stable!  
						
						
						
					 
					
						2009-07-25 00:25:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b2b2ec8a26 
							
						 
					 
					
						
						
							
							Preparing to release sqlmap 0.7 stable  
						
						
						
					 
					
						2009-07-24 23:20:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							24a3a23159 
							
						 
					 
					
						
						
							
							Minor bug fix to --dbms, updated user's manual  
						
						
						
					 
					
						2009-07-09 11:05:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bc31bd1dd9 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2009-06-29 10:13:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fd7de4bbb8 
							
						 
					 
					
						
						
							
							Updated THANKS file  
						
						
						
					 
					
						2009-06-24 13:57:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cfd8a83655 
							
						 
					 
					
						
						
							
							Minor adjustment to get also the port when parsing burp logs  
						
						
						
					 
					
						2009-06-04 14:36:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							81d1a767ac 
							
						 
					 
					
						
						
							
							Minor bug fix in output manager (dumper) object  
						
						
						
					 
					
						2009-05-20 13:56:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							37d3b3adda 
							
						 
					 
					
						
						
							
							Updated THANKS  
						
						
						
					 
					
						2009-05-20 09:58:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f7ee4d578e 
							
						 
					 
					
						
						
							
							Updated THANKS file  
						
						
						
					 
					
						2009-05-19 15:56:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e8c115500d 
							
						 
					 
					
						
						
							
							Now it works also on Mac OS X  
						
						
						
					 
					
						2009-04-30 10:46:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							16b4530bbe 
							
						 
					 
					
						
						
							
							Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).  
						
						... 
						
						
						
						Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS. 
						
					 
					
						2009-04-27 23:05:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							69259c5984 
							
						 
					 
					
						
						
							
							Updated THANKS  
						
						
						
					 
					
						2009-04-23 08:42:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8c0ac767f4 
							
						 
					 
					
						
						
							
							Updated to sqlmap 0.7 release candidate 1  
						
						
						
					 
					
						2009-04-22 11:48:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							207e96e2b2 
							
						 
					 
					
						
						
							
							Major bug fix in the comparison algorithm to correctly handle also the  
						
						... 
						
						
						
						case that the url is stable and the False response changes the page
content very little. 
						
					 
					
						2009-02-09 10:28:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c405fb51ab 
							
						 
					 
					
						
						
							
							PDF regenerated  
						
						
						
					 
					
						2009-02-04 16:32:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b12d955274 
							
						 
					 
					
						
						
							
							Updated packaging scripts, site and finalized the documentation to release version 0.6.4  
						
						
						
					 
					
						2009-02-03 15:38:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							770e000cb4 
							
						 
					 
					
						
						
							
							Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs  
						
						
						
					 
					
						2009-02-02 23:44:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9ab174a444 
							
						 
					 
					
						
						
							
							Almost ready with the user's manual for 0.6.4 release  
						
						
						
					 
					
						2009-02-01 13:44:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							77d9d22ceb 
							
						 
					 
					
						
						
							
							Minor update to the user's manual  
						
						
						
					 
					
						2009-02-01 00:20:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6054090191 
							
						 
					 
					
						
						
							
							sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.  
						
						
						
					 
					
						2009-01-28 14:53:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a8d57bb031 
							
						 
					 
					
						
						
							
							Avoid DeprecationWarning with Python 2.6+  
						
						
						
					 
					
						2009-01-22 23:53:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							193482a62b 
							
						 
					 
					
						
						
							
							Updated user's manual  
						
						
						
					 
					
						2009-01-22 23:44:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							981c7a4428 
							
						 
					 
					
						
						
							
							Updated Microsoft SQL Server XML signature db  
						
						
						
					 
					
						2009-01-22 22:30:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7adbf5892d 
							
						 
					 
					
						
						
							
							Updated user's manual  
						
						
						
					 
					
						2009-01-19 23:45:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8f973ce574 
							
						 
					 
					
						
						
							
							Minor layout adjustments  
						
						
						
					 
					
						2009-01-18 22:36:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bc3b4c6936 
							
						 
					 
					
						
						
							
							Minor layout adjustments in the user's manual  
						
						
						
					 
					
						2009-01-13 23:16:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9c125a2b57 
							
						 
					 
					
						
						
							
							Minor improvement to use Python ConfigParser library when --save if specified.  
						
						... 
						
						
						
						Minor update to the user's manual 
						
					 
					
						2009-01-03 22:59:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6ff8feb5cf 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2009-01-03 01:25:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c1010c20d8 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2008-12-30 21:24:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0e9873fd4f 
							
						 
					 
					
						
						
							
							Preparing documentation for 0.6.4  
						
						
						
					 
					
						2008-12-29 18:44:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b0ad102efb 
							
						 
					 
					
						
						
							
							Better fingerprint technique for Microsoft SQL Server  
						
						
						
					 
					
						2008-12-22 23:32:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							64bb57d786 
							
						 
					 
					
						
						
							
							Minor bug fix to make the Partial UNION query SQL injection technique  
						
						... 
						
						
						
						work properly also on Oracle and Microsoft SQL Server. 
						
					 
					
						2008-12-22 22:48:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4ae464c80d 
							
						 
					 
					
						
						
							
							Minor enhancement to support an option (--union-tech) to specify the  
						
						... 
						
						
						
						technique to use to detect the number of columns used in the web
application SELECT statement: NULL bruteforcing (default) or ORDER BY
clause. 
						
					 
					
						2008-12-21 21:39:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							374b9ba878 
							
						 
					 
					
						
						
							
							Updated documentation based upon recent developments  
						
						
						
					 
					
						2008-12-21 16:35:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e8ac16245 
							
						 
					 
					
						
						
							
							Added preventive check for stacked queries support when executing DDL,  
						
						... 
						
						
						
						DML & co. statements in SQL query and SQL shell. Minor improvements on    
this new feature.
Increased default connection timeout to 30 seconds (needed for vmware
machine not correctly synched). 
						
					 
					
						2008-12-19 20:48:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ad228e6947 
							
						 
					 
					
						
						
							
							Ahead with the improvements to the comparison algorithm.  
						
						... 
						
						
						
						Added support internally to forge CASE statements, used only by
--is-dba query at the moment.
Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and
SQL shell.
Minor code adjustments. 
						
					 
					
						2008-12-19 20:09:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3fe493b63d 
							
						 
					 
					
						
						
							
							Minor enhancement to support an option (--is-dba) to show if the  
						
						... 
						
						
						
						current user is a database management system administrator. 
						
					 
					
						2008-12-18 20:41:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c32ef9d751 
							
						 
					 
					
						
						
							
							Major bug fix to avoid tracebacks when multiple targets are specified and one  
						
						... 
						
						
						
						of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided. 
						
					 
					
						2008-12-18 20:38:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2efb3ae2ba 
							
						 
					 
					
						
						
							
							Documentation updated, now ready for 0.6.3 release  
						
						
						
					 
					
						2008-12-17 23:26:14 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bb9079aa9d 
							
						 
					 
					
						
						
							
							Minor documentation adjustments  
						
						
						
					 
					
						2008-12-17 20:58:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							94c79e3209 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-12-17 20:17:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ec11f502df 
							
						 
					 
					
						
						
							
							Site and documentation updated, ready to release 0.6.3 in two days  
						
						
						
					 
					
						2008-12-17 00:19:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							36d9ede001 
							
						 
					 
					
						
						
							
							Updated documentation, ready for sqlmap 0.6.3 release  
						
						
						
					 
					
						2008-12-16 23:52:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2b0ec1868d 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-12-16 21:31:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bf2a857b9a 
							
						 
					 
					
						
						
							
							Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.  
						
						
						
					 
					
						2008-12-12 19:06:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							072eb7154c 
							
						 
					 
					
						
						
							
							Major enhancement to support Partial UNION query SQL injection technique too.  
						
						... 
						
						
						
						Minor code cleanup. 
						
					 
					
						2008-12-10 17:23:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9dbad512f1 
							
						 
					 
					
						
						
							
							sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers  
						
						... 
						
						
						
						by providing option --headers. By default Accept, Accept-Language and
Accept-Charset headers are set.
Added support to get the injection payload prefix and postfix from user.
Minor bug fix to exclude image files when parsing (-l) proxies log files.
Minor code adjustments.
Updated documentation. 
						
					 
					
						2008-12-08 21:24:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							15542d2772 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2008-12-05 16:00:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							38c9627700 
							
						 
					 
					
						
						
							
							Minor enhancemet to support also --regexp, --excl-str and --excl-reg  
						
						... 
						
						
						
						options rather than only --string when comparing HTTP responses page
content 
						
					 
					
						2008-12-05 15:34:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7f055924a7 
							
						 
					 
					
						
						
							
							sqlmap 0.6.3-rc4:  
						
						... 
						
						
						
						Minor enhancement to be able to specify the number of seconds before
timeout the connection, default is set to 10 seconds.
Minor improvement to retry the HTTP request up to three times in case
an exception is raised during the connection to the target url.
Minor bug fix to correctly catch connection exceptions and notify to
the user also if they occur within a thread.
Minor code restyling.
Updated documentation. 
						
					 
					
						2008-12-04 17:40:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f97585c593 
							
						 
					 
					
						
						
							
							Show also SVN revision in error message when a traceback raises.  
						
						... 
						
						
						
						Fix typo. 
						
					 
					
						2008-12-01 23:49:14 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3cf1658532 
							
						 
					 
					
						
						
							
							Increased default output level from 0 to 1  
						
						
						
					 
					
						2008-12-01 23:07:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6e548eb2ec 
							
						 
					 
					
						
						
							
							Completed support to get the list of targets from WebScarab/Burp proxies  
						
						... 
						
						
						
						log file and updated the documentation 
						
					 
					
						2008-11-27 22:33:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dc1f2deb74 
							
						 
					 
					
						
						
							
							Minor bug fix to correctly enumerate columns on Microsoft SQL Server.  
						
						... 
						
						
						
						Minor adjustments to XML signatures.
Updated documentation. 
						
					 
					
						2008-11-25 11:33:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8f74fe2ce9 
							
						 
					 
					
						
						
							
							Added new HTTP response headers on which fingerprint web app technology and web server OS.  
						
						... 
						
						
						
						Updated documentation. 
						
					 
					
						2008-11-19 15:33:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							727664aea7 
							
						 
					 
					
						
						
							
							Minor enhancement to fingerprint the web server operating system and  
						
						... 
						
						
						
						the web application technology by parsing also HTTP response Server
header.
Refactor libraries and plugins that parses XML to fingerprint and show
on standard output the information.
Updated changelog. 
						
					 
					
						2008-11-18 17:42:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							654aecedfe 
							
						 
					 
					
						
						
							
							Minor layout adjustments, minor fixes and updated changelog  
						
						
						
					 
					
						2008-11-17 00:00:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fa0507ab39 
							
						 
					 
					
						
						
							
							Minor enhancement to fingerprint the back-end DBMS operating system (type,  
						
						... 
						
						
						
						version, release, distribution, codename and service pack) by parsing the
DBMS banner value when both -f and -b are provided: adapted the code and
added XML files defining regular expressions for matching.
Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu:
--8<--
back-end DBMS:	active fingerprint: MySQL >= 5.0.38 and < 5.1.2
                comment injection fingerprint: MySQL 5.0.67
                banner parsing fingerprint: MySQL 5.0.67
                html error message fingerprint: MySQL
back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid)
--8<-- 
						
					 
					
						2008-11-15 23:41:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							84cbc60659 
							
						 
					 
					
						
						
							
							Major bug fix to correctly handle httplib.BadStatusLine exception.  
						
						... 
						
						
						
						Minor improvement to set by default in all HTTP requests the standard HTTP headers (Accept, Accept-Encoding, etc.)
Updated user's manual. 
						
					 
					
						2008-11-15 12:25:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0bd5b52d95 
							
						 
					 
					
						
						
							
							Minor fixes  
						
						
						
					 
					
						2008-11-13 00:03:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ecc4a98071 
							
						 
					 
					
						
						
							
							Properly moved and improved inject.goStacked() function and newly  
						
						... 
						
						
						
						implemented Time based blind SQL injection now is a single test file
within the lib/techniques/ folder.
Renamed lib/techniques/inference to lib/techniques/blind, it is more
approriate and adapted the rest of the libraries.
Updated ChangeLog file. 
						
					 
					
						2008-11-12 23:44:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0c5d3df546 
							
						 
					 
					
						
						
							
							sqlmap 0.6.3-rc1:  
						
						... 
						
						
						
						* Minor enhancement to be able to specify the number of seconds to wait between each HTTP request.
* Minor bug fix to handle session.error and session.timeout in HTTP requests.
* Updated documentation. 
						
					 
					
						2008-11-09 16:57:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							544ced52b5 
							
						 
					 
					
						
						
							
							Name adjustment  
						
						
						
					 
					
						2008-11-04 19:56:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2a01de3f0b 
							
						 
					 
					
						
						
							
							Minor bug fix to correctly dump table entries when the column is provided  
						
						
						
					 
					
						2008-11-04 19:54:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							be599d5a33 
							
						 
					 
					
						
						
							
							Updated documentation and minor fix in update functionality  
						
						
						
					 
					
						2008-11-04 16:33:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							359b28bbaf 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-11-04 16:09:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							278f0aad7c 
							
						 
					 
					
						
						
							
							Documentation updated  
						
						
						
					 
					
						2008-11-03 01:23:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							95d2a0fcd1 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-11-02 22:25:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							04474e3232 
							
						 
					 
					
						
						
							
							Updated ChangeLog  
						
						
						
					 
					
						2008-11-02 22:20:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							de980ae79f 
							
						 
					 
					
						
						
							
							Updated site and doc to 0.6.2  
						
						
						
					 
					
						2008-11-02 20:23:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3d81f60962 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-11-02 19:29:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							09ca578ca1 
							
						 
					 
					
						
						
							
							Major bug fix so that the users' privileges enumeration now works properly also on both MySQL < 5.0 and MySQL >= 5.0 also if the user has provided one or more users with -U option;  
						
						
						
					 
					
						2008-11-02 18:17:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7ad9639ed0 
							
						 
					 
					
						
						
							
							Updated the database management system fingerprint checks to correctly identify MySQL 5.1.x, MySQL 6.0.x and PostgreSQL 8.3  
						
						
						
					 
					
						2008-10-29 15:32:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a19229cbd8 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-10-29 11:42:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5e47518983 
							
						 
					 
					
						
						
							
							Minor layout fix  
						
						
						
					 
					
						2008-10-28 00:09:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4eef34c532 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-10-28 00:08:00 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5d5bfaf3db 
							
						 
					 
					
						
						
							
							Updated changelog  
						
						
						
					 
					
						2008-10-26 20:07:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							56383cfaad 
							
						 
					 
					
						
						
							
							Updated documentation and removed svn:keyword  
						
						
						
					 
					
						2008-10-26 19:12:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fcc16b2346 
							
						 
					 
					
						
						
							
							Updated site, documentation (dev and user) and packaging scripts for 0.6.1  
						
						
						
					 
					
						2008-10-20 13:43:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fe6e29fbf6 
							
						 
					 
					
						
						
							
							Minor updates to the user's manual, need still to write on new enhancements  
						
						
						
					 
					
						2008-10-17 15:50:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							016118ce7a 
							
						 
					 
					
						
						
							
							Some more fixes and adjustments before 0.6.1 release.  
						
						
						
					 
					
						2008-10-17 15:26:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							66136b48c0 
							
						 
					 
					
						
						
							
							Minor fixes.. should work also for Cookie now the % parsing  
						
						
						
					 
					
						2008-10-17 11:51:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							41f8acf0fd 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2008-10-16 15:41:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e5aa557bd4 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2008-10-16 15:39:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8e3eb45510 
							
						 
					 
					
						
						
							
							After the storm, a restore..  
						
						
						
					 
					
						2008-10-15 15:38:22 +00:00