Miroslav Stampar
|
244901eda0
|
During --flush-session log file should be cleaned too (especially because of --live-tests)
|
2012-12-19 14:28:54 +01:00 |
|
Bernardo Damele
|
282aeb734f
|
ORDER BY does not play well with UNION query SQLi (related to issue #313)
|
2012-12-19 13:21:16 +00:00 |
|
Bernardo Damele
|
259b345f1f
|
catch ImportError exception if libmagic is not installed
|
2012-12-19 13:10:54 +00:00 |
|
Bernardo Damele
|
128597ee7e
|
--run-case is now case insensitive
|
2012-12-19 12:45:46 +00:00 |
|
Bernardo Damele
|
b91c829103
|
minor bug fix (issue #310)
|
2012-12-19 12:42:31 +00:00 |
|
Bernardo Damele
|
2bc2c0431c
|
fixed test cases
|
2012-12-19 12:33:37 +00:00 |
|
Bernardo Damele
|
9149d77cc8
|
removed duplicate code - fixes issue #310
|
2012-12-19 12:17:56 +00:00 |
|
Bernardo Damele
|
d80744d3d5
|
preparation for issue #310
|
2012-12-19 11:40:00 +00:00 |
|
Bernardo Damele
|
f5450e9f0e
|
layout adjustment
|
2012-12-19 11:39:38 +00:00 |
|
Bernardo Damele
|
dee56b17c3
|
handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308
|
2012-12-19 10:50:15 +00:00 |
|
Miroslav Stampar
|
155c1eddae
|
Debug message with declared page charset
|
2012-12-19 11:16:42 +01:00 |
|
Miroslav Stampar
|
d29dddf5b2
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 10:51:25 +01:00 |
|
Miroslav Stampar
|
92e338251a
|
Finally working inference against MySQL/international letters (even chinese)
|
2012-12-19 10:44:02 +01:00 |
|
Bernardo Damele
|
65ed2304fd
|
comment update
|
2012-12-19 09:38:03 +00:00 |
|
Bernardo Damele
|
0037d52098
|
typo fix
|
2012-12-19 01:11:18 +00:00 |
|
Miroslav Stampar
|
c9b8b51c9c
|
Update lib/core/common.py
Revert of last commit and try 2
|
2012-12-19 01:48:53 +01:00 |
|
Bernardo Damele
|
8e95470415
|
minor refactoring
|
2012-12-19 00:46:23 +00:00 |
|
Bernardo Damele
|
318fcee49c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 00:30:26 +00:00 |
|
Bernardo Damele
|
3c7007097a
|
minor refactoring
|
2012-12-19 00:30:22 +00:00 |
|
Miroslav Stampar
|
50b846b5af
|
Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
|
2012-12-19 01:26:12 +01:00 |
|
Miroslav Stampar
|
9e2f0131b9
|
Update lib/core/agent.py
|
2012-12-18 20:25:00 +01:00 |
|
Bernardo Damele
|
326ed33f31
|
added support for comma separated list of files for --file-read - fixes issue #223
|
2012-12-18 17:55:21 +00:00 |
|
Bernardo Damele
|
58656bbeb5
|
minor bug fix, union query has to be limited 0, 0
|
2012-12-18 16:36:30 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Miroslav Stampar
|
88d8494b5a
|
Implementation for an Issue #307
|
2012-12-18 16:03:35 +01:00 |
|
Miroslav Stampar
|
7f47623876
|
Minor patch
|
2012-12-18 11:10:06 +01:00 |
|
Miroslav Stampar
|
2b64c10710
|
Patch for an Issue #304
|
2012-12-18 09:36:26 +01:00 |
|
Miroslav Stampar
|
4ea0c9e922
|
Another implementation for an Issue #302
|
2012-12-17 15:08:54 +01:00 |
|
Bernardo Damele
|
3c1b696bd6
|
removed more print statements
|
2012-12-17 13:35:32 +00:00 |
|
Bernardo Damele
|
1fdd804e94
|
replaced instances of dataToStdout with logger
|
2012-12-17 13:30:21 +00:00 |
|
Bernardo Damele
|
9f47eb0a59
|
cleaner
|
2012-12-17 13:29:37 +00:00 |
|
Bernardo Damele
|
0500712a03
|
removed unuseful prints
|
2012-12-17 13:29:19 +00:00 |
|
Bernardo Damele
|
ac44cf3ec0
|
minor fix: add also back-end DBMS and web app fingerprint output to log file
|
2012-12-17 13:02:09 +00:00 |
|
Bernardo Damele
|
bbd2adb5fb
|
improvements to --live-test and added --stop-fail switch
|
2012-12-17 11:41:43 +00:00 |
|
Bernardo Damele
|
064d443d60
|
replaced unnecessary dataToStdout() call with appropriate logger.info() call
|
2012-12-17 11:30:08 +00:00 |
|
Bernardo Damele
|
2926c815bf
|
improved test switch --live-test and minor refactoring
|
2012-12-17 11:29:33 +00:00 |
|
Bernardo Damele
|
f40c52cc17
|
comment adjustment
|
2012-12-17 11:28:03 +00:00 |
|
Bernardo Damele
|
2442a58884
|
minor leftover of deprecated XMLRPC service
|
2012-12-17 11:26:31 +00:00 |
|
Miroslav Stampar
|
60baf5071e
|
Patch for an Issue #302
|
2012-12-17 00:40:01 +01:00 |
|
Bernardo Damele
|
d4a061d0c3
|
code cleanup - #297
|
2012-12-15 00:29:35 +00:00 |
|
Bernardo Damele
|
0c3da5c7eb
|
code refactoring and first time logger is handled by a separate file descriptor (issue #297)
|
2012-12-15 00:12:22 +00:00 |
|
Bernardo Damele
|
2f6a31605c
|
code refactoring (#279)
|
2012-12-14 22:00:42 +00:00 |
|
Bernardo Damele
|
8dee8355c2
|
on our way to make it thread safe.. it is a long way actually (issue #297)
|
2012-12-14 18:13:21 +00:00 |
|
Bernardo Damele
|
21ecffb750
|
added more comments, improved cleanup method
|
2012-12-14 17:21:19 +00:00 |
|
Bernardo Damele
|
1421e6a9d4
|
implemented cleanup and status admin methods
|
2012-12-14 16:18:45 +00:00 |
|
Bernardo Damele
|
4fa2f400ec
|
minor fix
|
2012-12-14 15:55:30 +00:00 |
|
Bernardo Damele
|
4c4cb856ff
|
minor bug fix to the /scan/<taskid>output method, forced each taskid to have its own temporary folder for output - issue #297
|
2012-12-14 15:52:35 +00:00 |
|
Bernardo Damele
|
27906f388f
|
added first methods to interact with sqlmap core, it is now possible to launch a scan from the API, hurray! (issue #297)
|
2012-12-14 14:51:01 +00:00 |
|
Bernardo Damele
|
f52d81c834
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-14 13:40:36 +00:00 |
|
Bernardo Damele
|
0b71c85d95
|
refactoring, code cleanup, more security-related headers and first /scan method implementation (issue #297)
|
2012-12-14 13:40:25 +00:00 |
|
Bernardo Damele
|
a2a71bb37b
|
cleanup from XML-RPC related stuff
|
2012-12-14 13:37:36 +00:00 |
|
Miroslav Stampar
|
a3acf72e52
|
Fix for argparse issue
|
2012-12-14 14:35:11 +01:00 |
|
Miroslav Stampar
|
235631808f
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-14 14:25:02 +01:00 |
|
Bernardo Damele
|
3d9779ffd4
|
further improvements to RESTful API: enforce security headers across all HTTP responses properly and make consistent responses across methods (#297)
|
2012-12-14 12:15:04 +00:00 |
|
Bernardo Damele
|
7b43837238
|
cleaner solution for imports as standalone client/server (issue #297)
|
2012-12-14 12:04:44 +00:00 |
|
Bernardo Damele
|
90d5696b25
|
enhanced RESTful API to support JSON requests and improved standalone client/server skeleton (issue #297)
|
2012-12-14 12:01:13 +00:00 |
|
Bernardo Damele
|
156a291e2d
|
typo fix
|
2012-12-14 11:55:54 +00:00 |
|
Miroslav Stampar
|
c41618416c
|
Removing trailing blanks
|
2012-12-14 12:00:45 +01:00 |
|
Bernardo Damele
|
2e97405ffa
|
bundle bottle library in sqlmap (it is MIT license) - issue #297
|
2012-12-14 03:00:30 +00:00 |
|
Bernardo Damele
|
0ec420cc70
|
leftovers
|
2012-12-14 02:54:16 +00:00 |
|
Bernardo Damele
|
a1b83cd56f
|
added first implementation of REST-JSON API library - issue #297
|
2012-12-14 02:52:31 +00:00 |
|
Bernardo Damele
|
6e31e87de1
|
added initial support (hidden from -hh and not yet usable) for REST-JSON API
|
2012-12-14 02:49:25 +00:00 |
|
Miroslav Stampar
|
c040323821
|
Minor update
|
2012-12-13 14:55:20 +01:00 |
|
Miroslav Stampar
|
df0f08bc6a
|
Cleaning some (web upload based) garbage
|
2012-12-13 13:19:47 +01:00 |
|
Miroslav Stampar
|
5150172178
|
Minor update
|
2012-12-13 10:03:21 +01:00 |
|
Miroslav Stampar
|
b78b56d782
|
Update for an Issue #287 regarding read_output returning values
|
2012-12-12 17:17:36 +01:00 |
|
Miroslav Stampar
|
fc4be0a77c
|
Minor fix
|
2012-12-12 16:45:29 +01:00 |
|
Miroslav Stampar
|
e381158058
|
Hmmm... Let me guess. Update for an Issue #287
|
2012-12-12 16:31:20 +01:00 |
|
Miroslav Stampar
|
921000bd87
|
Another update for an Issue #287
|
2012-12-12 14:22:24 +01:00 |
|
Miroslav Stampar
|
c3f20a136f
|
Minor update for an Issue #287
|
2012-12-12 14:03:03 +01:00 |
|
Miroslav Stampar
|
32b39c72e4
|
Minor update
|
2012-12-12 12:07:56 +01:00 |
|
Miroslav Stampar
|
af52e8e8c2
|
Minor update for an Issue #287
|
2012-12-12 12:01:18 +01:00 |
|
Miroslav Stampar
|
a6448e8768
|
Update for an Issue #287
|
2012-12-12 11:54:59 +01:00 |
|
Miroslav Stampar
|
ef33729381
|
Writing only unique hashes to an output file (for eventual cracking with 3rd party tools)
|
2012-12-12 09:59:24 +01:00 |
|
Miroslav Stampar
|
b9f6fc5f4e
|
First commit (and working one) for an Issue #287 (XML-RPC server)
|
2012-12-11 16:02:06 +01:00 |
|
Miroslav Stampar
|
b5884c7eda
|
Minor language update
|
2012-12-11 15:24:02 +01:00 |
|
Miroslav Stampar
|
760519dbe9
|
Removing redundant piece of code
|
2012-12-11 15:21:27 +01:00 |
|
Miroslav Stampar
|
a54c261496
|
Minor update for Issues #292 & #293 (only single alert per target)
|
2012-12-11 14:44:43 +01:00 |
|
Miroslav Stampar
|
5c2451d83c
|
Implementation for an Issue #293
|
2012-12-11 12:48:58 +01:00 |
|
Miroslav Stampar
|
562044577b
|
Implementation for an Issue #292
|
2012-12-11 12:02:06 +01:00 |
|
Miroslav Stampar
|
6433be8b3d
|
Style update
|
2012-12-10 17:20:04 +01:00 |
|
Miroslav Stampar
|
996e882e78
|
Minor update
|
2012-12-10 17:13:00 +01:00 |
|
Miroslav Stampar
|
013dc8bc98
|
Another minor update for an Issue #267
|
2012-12-10 13:07:36 +01:00 |
|
Miroslav Stampar
|
8bd0080bf4
|
Minor update for an Issue #267
|
2012-12-10 13:05:41 +01:00 |
|
Miroslav Stampar
|
96df0ba061
|
Implemented support for plain , chars too (Issue #267)
|
2012-12-10 12:58:17 +01:00 |
|
Miroslav Stampar
|
d0ea4c65c5
|
Minor styl eupdate for an Issue #267
|
2012-12-10 12:54:01 +01:00 |
|
Miroslav Stampar
|
5677db02b7
|
Minor update
|
2012-12-10 12:40:28 +01:00 |
|
Miroslav Stampar
|
5606a860ce
|
Oracle supports inline comments too (Issue #267)
|
2012-12-10 12:00:15 +01:00 |
|
Miroslav Stampar
|
a024884ca7
|
Support for a HTTP parameter pollution (Issue #267)
|
2012-12-10 11:55:31 +01:00 |
|
Miroslav Stampar
|
42f4c2bac9
|
Minor fix when --dbms is enforced
|
2012-12-10 11:42:10 +01:00 |
|
Miroslav Stampar
|
1f7644a691
|
Minor fix when user doesn't want custom injection char marker to be processed
|
2012-12-08 21:23:30 +01:00 |
|
Miroslav Stampar
|
0cbdaaecfa
|
Revert of 99e9412f74 (because of an Issue #289)
|
2012-12-08 08:53:25 +01:00 |
|
Miroslav Stampar
|
73968a448c
|
Minor update
|
2012-12-07 15:29:54 +01:00 |
|
Miroslav Stampar
|
e129a30e6b
|
Removing redundant code in redirect handler (related to an Issue #288)
|
2012-12-07 12:40:19 +01:00 |
|
Miroslav Stampar
|
fccad15cfa
|
Minor update for an Issue #288
|
2012-12-07 12:14:33 +01:00 |
|
Miroslav Stampar
|
75e6d77fbc
|
Minor refactoring
|
2012-12-07 11:54:34 +01:00 |
|
Miroslav Stampar
|
fbaeecdaf9
|
Patch for an Issue #288
|
2012-12-07 11:52:21 +01:00 |
|
Miroslav Stampar
|
c0fc12beb2
|
Minor update for an Issue #288
|
2012-12-07 11:23:18 +01:00 |
|
Miroslav Stampar
|
1028afce37
|
Removal of leftovers
|
2012-12-06 14:15:44 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|