Miroslav Stampar
|
3a1f5744be
|
minor update to make counting variable totally independent of the urllib2's self.retried
|
2011-03-02 10:42:17 +00:00 |
|
Miroslav Stampar
|
a010386a23
|
finally a proper fix for that annoying recursive bug
|
2011-03-02 10:29:38 +00:00 |
|
Miroslav Stampar
|
f27f05308a
|
minor update for masking sensitive data in error report (added aCred too)
|
2011-03-02 10:09:17 +00:00 |
|
Miroslav Stampar
|
ad2e4002ea
|
minor improvement
|
2011-03-01 10:38:27 +00:00 |
|
Miroslav Stampar
|
0f3cc153a3
|
fix for --technique
|
2011-03-01 09:54:06 +00:00 |
|
Miroslav Stampar
|
9856cb71de
|
redo of the last commit with comments added
|
2011-02-28 18:58:05 +00:00 |
|
Miroslav Stampar
|
ade31b2cb0
|
removal of obsolete item
|
2011-02-28 18:49:25 +00:00 |
|
Miroslav Stampar
|
2bf212ffa9
|
minor minor update
|
2011-02-27 20:43:38 +00:00 |
|
Miroslav Stampar
|
7036190e8e
|
minor improvement of regular expression
|
2011-02-27 17:58:01 +00:00 |
|
Miroslav Stampar
|
21041f8b90
|
further reflective value handling improvement
|
2011-02-27 17:43:41 +00:00 |
|
Bernardo Damele
|
6e8ebd35f4
|
Hide switch -x (XML output format) as it is incomplete and bugged and won't make it for 0.9 stable
|
2011-02-27 12:17:41 +00:00 |
|
Bernardo Damele
|
60605b6e7c
|
Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only)
|
2011-02-27 12:14:13 +00:00 |
|
Miroslav Stampar
|
88faedc0fe
|
fix for a bug reported by -insane-
|
2011-02-26 17:48:19 +00:00 |
|
Miroslav Stampar
|
11996ce12e
|
bug fix for international encoded letters
|
2011-02-25 22:43:01 +00:00 |
|
Miroslav Stampar
|
63b8156c00
|
some update (if header key is non-unicode comformant)
|
2011-02-25 09:43:04 +00:00 |
|
Miroslav Stampar
|
2bbbc9a41e
|
few updates
|
2011-02-25 09:35:24 +00:00 |
|
Miroslav Stampar
|
aa88361ab1
|
incorporation of method for neutralization of reflective values
|
2011-02-25 09:22:44 +00:00 |
|
Miroslav Stampar
|
708ddf5608
|
added protection mechanism against reflected values
|
2011-02-24 16:52:46 +00:00 |
|
Miroslav Stampar
|
38dc82e13e
|
If no Accept header field is present, then it is assumed that the client accepts all media types.
|
2011-02-22 22:26:22 +00:00 |
|
Miroslav Stampar
|
d05bd75068
|
adding experimental for --group-concat
|
2011-02-22 14:35:38 +00:00 |
|
Miroslav Stampar
|
12ede1e5de
|
minor JIC (just-in-case) update
|
2011-02-22 13:18:47 +00:00 |
|
Miroslav Stampar
|
3f8eadf4fe
|
minor refactoring
|
2011-02-22 13:00:58 +00:00 |
|
Miroslav Stampar
|
dcad5410fe
|
minor refactoring
|
2011-02-22 12:54:22 +00:00 |
|
Miroslav Stampar
|
17c39fe231
|
fix for that non-HTML stuff
|
2011-02-22 11:32:55 +00:00 |
|
Bernardo Damele
|
3e8c204121
|
Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba
|
2011-02-21 16:00:56 +00:00 |
|
Miroslav Stampar
|
90582ed7dc
|
minor change
|
2011-02-21 11:35:21 +00:00 |
|
Miroslav Stampar
|
aac817935a
|
further improvement of MaxDB support
|
2011-02-20 22:41:42 +00:00 |
|
Miroslav Stampar
|
70449eb01b
|
minor bug fix
|
2011-02-20 21:35:28 +00:00 |
|
Miroslav Stampar
|
345df5968d
|
minor update
|
2011-02-20 21:27:38 +00:00 |
|
Miroslav Stampar
|
0c57f2af0f
|
minor fix
|
2011-02-20 12:20:44 +00:00 |
|
Bernardo Damele
|
023a80c31c
|
Section explanation change to reflect recent enhancements
|
2011-02-19 21:06:24 +00:00 |
|
Bernardo Damele
|
60b05ff49f
|
Reflect new switch name
|
2011-02-19 21:05:15 +00:00 |
|
Bernardo Damele
|
8e60acae5d
|
Added support for --scope also in WebScarab logs (-l)
|
2011-02-19 21:03:55 +00:00 |
|
Miroslav Stampar
|
b71bb321dd
|
some more Sybase updates
|
2011-02-19 18:04:27 +00:00 |
|
Miroslav Stampar
|
cec7694aac
|
some progress regarding SYBASE
|
2011-02-19 14:56:58 +00:00 |
|
Miroslav Stampar
|
e0efe453ab
|
minor update regarding Sybase support
|
2011-02-19 14:07:08 +00:00 |
|
Miroslav Stampar
|
df58bcaf95
|
minor improvement
|
2011-02-18 14:27:02 +00:00 |
|
Miroslav Stampar
|
3badf92ceb
|
not doing "basic" filtering in default cases because of a bug reported by Kazim
|
2011-02-18 07:38:13 +00:00 |
|
Miroslav Stampar
|
6cdf08b81c
|
minor fix
|
2011-02-17 21:51:40 +00:00 |
|
Miroslav Stampar
|
22cd49a217
|
--technique can now be something like 123 which includes both techniques 1, 2 and 3
|
2011-02-17 21:39:16 +00:00 |
|
Miroslav Stampar
|
7ebc1ab90a
|
minor cosmetics
|
2011-02-17 08:59:14 +00:00 |
|
Miroslav Stampar
|
199f14df46
|
implementation of MySQL GROUP_CONCAT technique
|
2011-02-15 00:28:27 +00:00 |
|
Bernardo Damele
|
2ea828e416
|
Proper fix for r3307 (file-write on MySQL via UNION query tech)
|
2011-02-13 22:48:01 +00:00 |
|
Miroslav Stampar
|
417b311475
|
minor update
|
2011-02-13 22:02:47 +00:00 |
|
Miroslav Stampar
|
50d25c3b4d
|
update regarding explicit testing of ua and referer when using -p
|
2011-02-13 21:58:48 +00:00 |
|
Bernardo Damele
|
429ab631fe
|
Minor refactoring
|
2011-02-13 21:25:01 +00:00 |
|
Miroslav Stampar
|
5fb11fd173
|
update regarding multiple DBMS payloads
|
2011-02-13 21:20:21 +00:00 |
|
Bernardo Damele
|
45a005737d
|
Minor adjustment so that User-Agent and Referer headers are tests only when --level >= 3 and Cookie is tested only when --level >= 2
|
2011-02-13 21:08:42 +00:00 |
|
Miroslav Stampar
|
83d7803ce7
|
other techniques use dataToStdout for retrieved string, hence this update (also, fixing ugly retrieved: 0 or 1 while doing fingerprinting --flush-session -f --technique=2)
|
2011-02-12 20:03:28 +00:00 |
|
Miroslav Stampar
|
9f7d666451
|
removing --method per request of buawig
|
2011-02-12 19:50:27 +00:00 |
|
Miroslav Stampar
|
1cd483f42f
|
one more update
|
2011-02-12 10:24:09 +00:00 |
|
Miroslav Stampar
|
25a3a64327
|
we need this because of one pesky little bug going around (when union is recognized and the dbmses are fingerprinted, for those who don't have proper unescaping false TRUE is recognized in form of retrieved: %27%2B%28SELECT%20CAST...). tested on all major DBMSes.
|
2011-02-12 10:15:42 +00:00 |
|
Miroslav Stampar
|
521635c84d
|
quick fix for UA and Referer
|
2011-02-11 23:36:23 +00:00 |
|
Bernardo Damele
|
7253362114
|
Minor bug fix so that --file-write on MySQL via UNION query now works again
|
2011-02-11 23:35:45 +00:00 |
|
Miroslav Stampar
|
535eb9f3eb
|
implementation of referer feature
|
2011-02-11 23:07:03 +00:00 |
|
Miroslav Stampar
|
a6ab24e0b5
|
just a minor fix to stop nagging with "Do you want to skip test payloads specific for other DBMSes?" if n is pressed
|
2011-02-10 22:47:43 +00:00 |
|
Miroslav Stampar
|
5f2fcd1eea
|
minor adjustment regarding "file" switches
|
2011-02-10 19:55:47 +00:00 |
|
Miroslav Stampar
|
4295a78c5f
|
minor update
|
2011-02-10 19:51:34 +00:00 |
|
Bernardo Damele
|
c078de894f
|
Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA
|
2011-02-10 14:24:04 +00:00 |
|
Bernardo Damele
|
864eade744
|
Fixed store and resume of brute-forced tables/columns for MSSQL/Sybase
|
2011-02-10 11:14:05 +00:00 |
|
Bernardo Damele
|
aa0fb276ba
|
More fixes for --common-columns to work against MSSQL too
|
2011-02-09 17:22:07 +00:00 |
|
Miroslav Stampar
|
917b2b0d6b
|
one more commit related to the previous one
|
2011-02-09 17:07:02 +00:00 |
|
Miroslav Stampar
|
6c582343fe
|
.. fix
|
2011-02-09 17:05:06 +00:00 |
|
Miroslav Stampar
|
d9af01d73d
|
imporant fix for boolean expression which return [None]
|
2011-02-09 16:53:22 +00:00 |
|
Miroslav Stampar
|
7d9be18789
|
added one comment
|
2011-02-09 14:34:18 +00:00 |
|
Miroslav Stampar
|
bafc8a1b0f
|
another update
|
2011-02-09 13:29:52 +00:00 |
|
Miroslav Stampar
|
600f729139
|
fix for a bug reported by skysbsb@gmail.com (double ORDER BY)
|
2011-02-09 12:43:09 +00:00 |
|
Miroslav Stampar
|
5b57a69f3e
|
fix
|
2011-02-09 11:20:03 +00:00 |
|
Miroslav Stampar
|
3de6117253
|
revert of the r3247 (output always has to be appended to the outputs - no matter of it's value)
|
2011-02-09 09:53:59 +00:00 |
|
Miroslav Stampar
|
98ca1702ae
|
los cosmeticado
|
2011-02-08 16:30:32 +00:00 |
|
Miroslav Stampar
|
87e36796c6
|
just to not cause confusion
|
2011-02-08 16:29:42 +00:00 |
|
Miroslav Stampar
|
dcb9c93328
|
minor cleanup
|
2011-02-08 16:27:58 +00:00 |
|
Miroslav Stampar
|
37f7001143
|
first commit with mysql/error/substringing
|
2011-02-08 16:23:33 +00:00 |
|
Bernardo Damele
|
c3eb82e60b
|
Proper fix
|
2011-02-08 10:08:48 +00:00 |
|
Miroslav Stampar
|
dba2f74588
|
revert of r3274
|
2011-02-08 09:44:34 +00:00 |
|
Bernardo Damele
|
156d8cd99b
|
Directory restyling
|
2011-02-08 00:15:02 +00:00 |
|
Bernardo Damele
|
cfe2da0195
|
Minor fix
|
2011-02-08 00:13:39 +00:00 |
|
Bernardo Damele
|
0a81415f2f
|
Minor code cleanup
|
2011-02-08 00:02:54 +00:00 |
|
Miroslav Stampar
|
2c4f6d2e99
|
fix (lol. we were using same comparison payload through the all test. it's a nono :) p.s. this way we are dealing with "reflective" problem too
|
2011-02-07 21:53:05 +00:00 |
|
Miroslav Stampar
|
a577d0e9a5
|
restraining "using unescaped version of the test because of zero knowledge of the back-end DBMS" once per test (before was once per boundary)
|
2011-02-07 21:18:01 +00:00 |
|
Miroslav Stampar
|
66adf23532
|
Unbiased approach for searching appropriate usable column
|
2011-02-07 21:00:59 +00:00 |
|
Miroslav Stampar
|
f958b21613
|
there is a pretty strong chance that the columns from the beginning are the INTEGER ones, while we search for STRING ones (not related to that MSSQL union/error problem we discussed earlier today)
|
2011-02-07 16:55:02 +00:00 |
|
Miroslav Stampar
|
771020abd6
|
one more related commit
|
2011-02-07 16:32:08 +00:00 |
|
Miroslav Stampar
|
265e7ca272
|
fix for that MSSQL limit/top problem
|
2011-02-07 16:24:23 +00:00 |
|
Miroslav Stampar
|
71d1b72e0e
|
minor adjustment
|
2011-02-07 12:51:38 +00:00 |
|
Bernardo Damele
|
b33ac19d39
|
Minor fix
|
2011-02-07 12:36:00 +00:00 |
|
Miroslav Stampar
|
99e9412f74
|
minor update
|
2011-02-07 12:34:23 +00:00 |
|
Miroslav Stampar
|
e023e0d233
|
proper fix
|
2011-02-07 12:32:08 +00:00 |
|
Bernardo Damele
|
39decebe85
|
Minor fixes to checking/re-enabling of xp_cmdshell procedure
|
2011-02-07 12:17:19 +00:00 |
|
Miroslav Stampar
|
c0233dcd4f
|
preventing crashes for output=[]
|
2011-02-07 10:24:15 +00:00 |
|
Miroslav Stampar
|
096efea282
|
added BULK to EXCLUDE_UNESCAPE and preventing crashes when output=[]
|
2011-02-07 10:22:43 +00:00 |
|
Bernardo Damele
|
ba3a8a69d4
|
More statements to exclude from unescap'ing
|
2011-02-07 00:33:54 +00:00 |
|
Bernardo Damele
|
3719f085ae
|
Added back-end dbms' OS based methods to Backend object - will be used for refactoring
|
2011-02-07 00:21:17 +00:00 |
|
Bernardo Damele
|
2e00656235
|
Minor fix
|
2011-02-07 00:20:23 +00:00 |
|
Bernardo Damele
|
bf5ca4bd9a
|
No point in unescaping the expression also in suffixQuery() also 'cause it will exit sqlmap if the parameter value is a string hence injection payload starts with single quote (')
|
2011-02-06 23:30:43 +00:00 |
|
Bernardo Damele
|
061f56daf9
|
More adjustments related to unescape() and cleanupPayload().
Minor code cleanup related to error-based payload.
|
2011-02-06 23:27:56 +00:00 |
|
Bernardo Damele
|
6a71629575
|
Converted from DOS format (\n\r to \n only)
|
2011-02-06 23:25:55 +00:00 |
|
Bernardo Damele
|
0800d9e49b
|
Major bug fix for semi-centralize unescape() and cleanupPayload() into prefixQuery() and suffixQuery()
|
2011-02-06 22:58:12 +00:00 |
|
Bernardo Damele
|
9eac2339ca
|
|
2011-02-06 22:55:26 +00:00 |
|
Bernardo Damele
|
f3d6be7868
|
Code cleanup
|
2011-02-06 22:32:44 +00:00 |
|