Miroslav Stampar
|
e24bff0497
|
nice refactoring
|
2010-10-20 09:46:57 +00:00 |
|
Miroslav Stampar
|
5d3cbec457
|
no more regex. web server independent.
|
2010-10-20 09:35:46 +00:00 |
|
Miroslav Stampar
|
934adb5e8d
|
code refactoring
|
2010-10-20 09:09:04 +00:00 |
|
Miroslav Stampar
|
b032fdbf74
|
added randInt to error injection vectors
|
2010-10-20 08:56:58 +00:00 |
|
Miroslav Stampar
|
dabbcf9e23
|
fix for that 'Subquery returns more than 1 row'
|
2010-10-20 08:50:05 +00:00 |
|
Miroslav Stampar
|
82f44989ce
|
update of error based injection and bug fix for --roles on MSSQL server
|
2010-10-20 06:40:33 +00:00 |
|
Miroslav Stampar
|
f2dae98448
|
fix for MySQL error queries
|
2010-10-19 23:30:08 +00:00 |
|
Bernardo Damele
|
0817d1b78d
|
Cosmetics
|
2010-10-19 23:09:30 +00:00 |
|
Miroslav Stampar
|
8776db872c
|
minor refactoring
|
2010-10-19 23:05:24 +00:00 |
|
Miroslav Stampar
|
1b376c99a6
|
removed temp dictionary and replaced with kb.misc
|
2010-10-19 23:00:19 +00:00 |
|
Bernardo Damele
|
813f44da16
|
Minor bug fix for MSSQL connector --tables option
|
2010-10-19 22:11:17 +00:00 |
|
Miroslav Stampar
|
7927e97007
|
update
|
2010-10-19 18:34:57 +00:00 |
|
Miroslav Stampar
|
415524bd5a
|
remove --error, now it's only --error-test (it needs to return True to be able to use it)
|
2010-10-19 18:34:14 +00:00 |
|
Miroslav Stampar
|
8d9201a3dc
|
minor update
|
2010-10-19 18:23:21 +00:00 |
|
Miroslav Stampar
|
4009ef385e
|
more update regarding error based injection support
|
2010-10-19 18:17:34 +00:00 |
|
Miroslav Stampar
|
b2e0b615f8
|
fix for that MySQL checking
|
2010-10-19 17:38:39 +00:00 |
|
Miroslav Stampar
|
34d7de1d46
|
cosmetics
|
2010-10-19 15:28:54 +00:00 |
|
Miroslav Stampar
|
d7622bb9cf
|
major fix for MySQL error based injections
|
2010-10-19 15:17:16 +00:00 |
|
Miroslav Stampar
|
1fce9683f8
|
now --users work for MSSQL too
|
2010-10-19 15:05:32 +00:00 |
|
Miroslav Stampar
|
80505de15b
|
now --users work on Oracle and Postgre (tested)
|
2010-10-19 14:56:57 +00:00 |
|
Miroslav Stampar
|
4bc541ec3c
|
error based update
|
2010-10-19 14:47:13 +00:00 |
|
Miroslav Stampar
|
d0ebe428da
|
i've left error flag
|
2010-10-19 14:12:34 +00:00 |
|
Miroslav Stampar
|
bf850af2d8
|
fix for Oracle error based query "space" problem
|
2010-10-19 14:10:09 +00:00 |
|
Miroslav Stampar
|
878135fe40
|
minor fix
|
2010-10-19 14:00:27 +00:00 |
|
Miroslav Stampar
|
6a8b1046d4
|
first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)
|
2010-10-19 12:02:04 +00:00 |
|
Miroslav Stampar
|
0c286d8db2
|
minor update
|
2010-10-19 09:17:01 +00:00 |
|
Miroslav Stampar
|
ccda92536f
|
added header
|
2010-10-19 09:13:30 +00:00 |
|
Miroslav Stampar
|
264e0a6fda
|
added support for displaying revision number at unhandled exception message
|
2010-10-19 08:55:14 +00:00 |
|
Miroslav Stampar
|
9a7fd29d4f
|
using pushValue and popValue
|
2010-10-18 22:22:41 +00:00 |
|
Miroslav Stampar
|
a97319656c
|
optimization - now if DBMS was detected by error based HTML parser, then it's moved at the first place for testing
|
2010-10-18 21:47:11 +00:00 |
|
Miroslav Stampar
|
729156e91c
|
proper fix
|
2010-10-18 21:39:46 +00:00 |
|
Miroslav Stampar
|
3d5494845c
|
minor bug fix
|
2010-10-18 21:32:50 +00:00 |
|
Miroslav Stampar
|
d123bb741a
|
added error based queries for MySQL, Postgre, MS SQL and Oracle
|
2010-10-18 21:26:13 +00:00 |
|
Miroslav Stampar
|
8b8fff41fe
|
cosmetics (adding html parsed DBMS) regarding heuristic check
|
2010-10-18 12:11:16 +00:00 |
|
Bernardo Damele
|
955ae5cd2e
|
Fixed svn:keywords
|
2010-10-18 12:09:59 +00:00 |
|
Miroslav Stampar
|
351a7f5769
|
setting property Id
|
2010-10-18 11:43:00 +00:00 |
|
Miroslav Stampar
|
3570b4a705
|
minor fix
|
2010-10-18 11:41:17 +00:00 |
|
Miroslav Stampar
|
fff7fe83c1
|
new tamper script
|
2010-10-18 11:39:28 +00:00 |
|
Bernardo Damele
|
1d74036ee3
|
Minor cosmetic fixes
|
2010-10-18 11:34:53 +00:00 |
|
Bernardo Damele
|
1a9aabf49d
|
Minor fix
|
2010-10-18 10:40:05 +00:00 |
|
Bernardo Damele
|
c6cd8ae72b
|
Added another tamper script
|
2010-10-18 10:34:38 +00:00 |
|
Bernardo Damele
|
36bc410333
|
Minor bug fix
|
2010-10-18 09:50:23 +00:00 |
|
Miroslav Stampar
|
6b70dadfb2
|
minor cosmetics
|
2010-10-18 09:09:22 +00:00 |
|
Miroslav Stampar
|
149837ebf5
|
added the same for proxy authorization header
|
2010-10-18 09:02:56 +00:00 |
|
Miroslav Stampar
|
aaebb4336e
|
fix for Bug #202
|
2010-10-18 08:54:08 +00:00 |
|
Bernardo Damele
|
683184cc8f
|
Minor refactoring
|
2010-10-17 21:06:52 +00:00 |
|
Bernardo Damele
|
60a1b48194
|
Major bug fix for --os-pwn
|
2010-10-17 20:44:16 +00:00 |
|
Miroslav Stampar
|
73ececd903
|
added that "default" "Connection: keep-alive" header
|
2010-10-17 06:44:54 +00:00 |
|
Bernardo Damele
|
cd0fe8dde0
|
Updated sample configuration file and cmdline help
|
2010-10-17 00:07:53 +00:00 |
|
Bernardo Damele
|
64b9f94fcf
|
Renamed --common-prediction switch to --predict-output
|
2010-10-16 23:50:13 +00:00 |
|