Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bdff4aba6a 
							
						 
					 
					
						
						
							
							switching to quick_ratio  
						
						
						
					 
					
						2010-12-07 23:57:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1b82cf09c 
							
						 
					 
					
						
						
							
							ratio() gives a considerable lag on real life cases, as real_quick_ratio() gives almost as good results  
						
						
						
					 
					
						2010-12-07 23:53:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eeb199375b 
							
						 
					 
					
						
						
							
							usage of compiled regexes in case of dynamic markings and other refactoring  
						
						
						
					 
					
						2010-12-04 13:23:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0fc7a8f9e8 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-04 10:13:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							04714374f9 
							
						 
					 
					
						
						
							
							now you can use kb.pageTemplate to set a page which will be used as a template in comparison process (at least in '-[RANDNUM] OR' cases we'll need to use different template(s))  
						
						
						
					 
					
						2010-12-04 10:05:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							17486e472a 
							
						 
					 
					
						
						
							
							Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!  
						
						
						
					 
					
						2010-11-17 22:00:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6ef3846400 
							
						 
					 
					
						
						
							
							update regarding error parsing (and reporting)  
						
						
						
					 
					
						2010-11-16 10:42:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							27735b14df 
							
						 
					 
					
						
						
							
							update (--string and --regex should be done regardless of wasLastRequestError)  
						
						
						
					 
					
						2010-11-12 22:44:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19c1bfa368 
							
						 
					 
					
						
						
							
							just a precaution (now i really need to go for a sleep)  
						
						
						
					 
					
						2010-11-09 23:38:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							88c00e61d3 
							
						 
					 
					
						
						
							
							another update  
						
						
						
					 
					
						2010-11-09 23:35:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							47720a43dd 
							
						 
					 
					
						
						
							
							minor fix (while we've calculated conf.matchRation for stable pages, we've put a constant value (0.900) for dynamic ones - so putting (ratio - conf.matchRatio) > DIFF_TOLERANCE for dynamic pages too would just effectively increase it's value to 0.900 + DIFF_TOLERANCE (in our case to 0.950) which is too narrow space for True result)  
						
						
						
					 
					
						2010-11-09 23:21:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5ebd5d935c 
							
						 
					 
					
						
						
							
							another name change  
						
						
						
					 
					
						2010-11-09 22:49:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06f00cf8c1 
							
						 
					 
					
						
						
							
							name change  
						
						
						
					 
					
						2010-11-09 22:48:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fef60d5cb7 
							
						 
					 
					
						
						
							
							some fixes :)  
						
						
						
					 
					
						2010-11-09 22:32:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1cc99e2247 
							
						 
					 
					
						
						
							
							Possible quick fix for missing of True/False comparison of stable-but-not-really pages  
						
						
						
					 
					
						2010-11-09 21:39:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							620fa1c8fb 
							
						 
					 
					
						
						
							
							trust me, i know what i am doing :)  
						
						
						
					 
					
						2010-11-07 20:33:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4d81da6bc8 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-11-07 16:23:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							00dfd55830 
							
						 
					 
					
						
						
							
							added powerful switch --longest-common for dealing with heavy dynamicity  
						
						
						
					 
					
						2010-11-07 08:52:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							508b9cc763 
							
						 
					 
					
						
						
							
							dynamicity engine update  
						
						
						
					 
					
						2010-11-07 00:12:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3619fc5127 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-06 08:31:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0e895fa512 
							
						 
					 
					
						
						
							
							update of dynamicity testing and few misc fixes  
						
						
						
					 
					
						2010-11-05 13:14:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							29b7c5366c 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2010-11-04 17:22:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e1cec8c02b 
							
						 
					 
					
						
						
							
							fix for all that stable, dynamic mambo jambo :)  
						
						
						
					 
					
						2010-11-04 16:44:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71d0b1bcd7 
							
						 
					 
					
						
						
							
							several bug fixes  
						
						
						
					 
					
						2010-11-03 21:51:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							44678fa320 
							
						 
					 
					
						
						
							
							fix for a bug reported by ToR (TypeError: unsupported operand type(s) for *: 'float' and 'NoneType')  
						
						
						
					 
					
						2010-11-03 12:40:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5269cb8c08 
							
						 
					 
					
						
						
							
							some code refactoring and beautification  
						
						
						
					 
					
						2010-11-02 09:06:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							13e93f564a 
							
						 
					 
					
						
						
							
							one bug fix in dynamic content engine and some code refactoring  
						
						
						
					 
					
						2010-11-02 07:32:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							24c5d7b313 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-10-25 14:06:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9c94a233a1 
							
						 
					 
					
						
						
							
							conf.md5hash thrown out  
						
						
						
					 
					
						2010-10-25 13:52:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71543092b7 
							
						 
					 
					
						
						
							
							update regarding comparison engine  
						
						
						
					 
					
						2010-10-25 12:00:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8df7c88174 
							
						 
					 
					
						
						
							
							implementation of a new dynamic content removal engine  
						
						
						
					 
					
						2010-10-25 10:41:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f7f20b94f 
							
						 
					 
					
						
						
							
							sorry, cosmetics  
						
						
						
					 
					
						2010-10-14 23:18:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8b48833136 
							
						 
					 
					
						
						
							
							large commit with copyright header modifications  
						
						
						
					 
					
						2010-10-14 14:41:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d2ec132469 
							
						 
					 
					
						
						
							
							added --text-only switch  
						
						
						
					 
					
						2010-10-12 19:41:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1741801ade 
							
						 
					 
					
						
						
							
							implementation of HEAD/Range methods  
						
						
						
					 
					
						2010-09-16 09:32:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							798ab4989b 
							
						 
					 
					
						
						
							
							fix for a Bug  #200  
						
						
						
					 
					
						2010-09-14 10:35:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19fb2e3dcf 
							
						 
					 
					
						
						
							
							fix for Bug  #165  
						
						
						
					 
					
						2010-09-13 13:31:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							057ec8a6b2 
							
						 
					 
					
						
						
							
							added --ratio option for direct manipulation of conf.matchRatio parameter  
						
						
						
					 
					
						2010-08-10 19:53:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							131789a6e4 
							
						 
					 
					
						
						
							
							some code refactoring  
						
						
						
					 
					
						2010-05-14 14:21:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							91dd609e26 
							
						 
					 
					
						
						
							
							fixed threading bug (difflib :)  
						
						
						
					 
					
						2010-03-10 14:14:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							156fdd96ef 
							
						 
					 
					
						
						
							
							Updated copyright  
						
						
						
					 
					
						2010-03-03 15:26:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ce022a3b6e 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.  
						
						
						
					 
					
						2010-01-02 02:02:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							16b4530bbe 
							
						 
					 
					
						
						
							
							Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).  
						
						... 
						
						
						
						Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS. 
						
					 
					
						2009-04-27 23:05:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8c0ac767f4 
							
						 
					 
					
						
						
							
							Updated to sqlmap 0.7 release candidate 1  
						
						
						
					 
					
						2009-04-22 11:48:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2efee058ea 
							
						 
					 
					
						
						
							
							Major enhancement in comparison algorithm  
						
						
						
					 
					
						2009-02-12 00:17:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ba00a17205 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2009-02-09 10:58:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							207e96e2b2 
							
						 
					 
					
						
						
							
							Major bug fix in the comparison algorithm to correctly handle also the  
						
						... 
						
						
						
						case that the url is stable and the False response changes the page
content very little. 
						
					 
					
						2009-02-09 10:28:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5560f0b68a 
							
						 
					 
					
						
						
							
							Updated the copyright  
						
						
						
					 
					
						2009-01-12 21:35:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							35708a0b97 
							
						 
					 
					
						
						
							
							Minor adjustment to UNION query SQL injection detection function.  
						
						... 
						
						
						
						Updated command line help message based upon recent developments.
Updated copyright note of lib/contrib/multipartpost.py. 
						
					 
					
						2008-12-21 16:35:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c18efe5084 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2008-12-20 13:21:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8d06975142 
							
						 
					 
					
						
						
							
							Major enhancement to make the comparison algorithm work properly also  
						
						... 
						
						
						
						on url not stables automatically by using the difflib SequenceMatcher
object: this changed a lot into the structure of the code, has to be
extensively beta-tested!
Please, do report bugs on sqlmap-users mailing list if you scout them.
Cheers,
Bernardo 
						
					 
					
						2008-12-20 01:54:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ad228e6947 
							
						 
					 
					
						
						
							
							Ahead with the improvements to the comparison algorithm.  
						
						... 
						
						
						
						Added support internally to forge CASE statements, used only by
--is-dba query at the moment.
Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and
SQL shell.
Minor code adjustments. 
						
					 
					
						2008-12-19 20:09:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							68354be45a 
							
						 
					 
					
						
						
							
							Ahead with enhancements on comparison algorithm: implemented content-length technique  
						
						
						
					 
					
						2008-12-18 22:49:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							afbd66f6d9 
							
						 
					 
					
						
						
							
							Added some comments  
						
						
						
					 
					
						2008-12-18 21:58:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0d6632c22 
							
						 
					 
					
						
						
							
							Initial support to automatically work around the dynamic page at each refresh  
						
						... 
						
						
						
						(Major refactor to the comparison algorithm (True/False response)) 
						
					 
					
						2008-12-18 20:48:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9dbad512f1 
							
						 
					 
					
						
						
							
							sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers  
						
						... 
						
						
						
						by providing option --headers. By default Accept, Accept-Language and
Accept-Charset headers are set.
Added support to get the injection payload prefix and postfix from user.
Minor bug fix to exclude image files when parsing (-l) proxies log files.
Minor code adjustments.
Updated documentation. 
						
					 
					
						2008-12-08 21:24:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							38c9627700 
							
						 
					 
					
						
						
							
							Minor enhancemet to support also --regexp, --excl-str and --excl-reg  
						
						... 
						
						
						
						options rather than only --string when comparing HTTP responses page
content 
						
					 
					
						2008-12-05 15:34:13 +00:00