Commit Graph

97 Commits

Author SHA1 Message Date
Miroslav Stampar
f412706fee minor update for MSSQL --tables (fallback to other method) 2012-01-03 18:01:14 +00:00
Miroslav Stampar
1ae413a206 some refactoring/speedup around UNION technique 2011-12-22 10:32:21 +00:00
Miroslav Stampar
0a039d84e0 some more refactoring 2011-12-21 19:40:42 +00:00
Miroslav Stampar
641055144a minor beautification 2011-12-16 11:49:20 +00:00
Miroslav Stampar
ebc04a3d5f minor fix 2011-12-16 11:44:33 +00:00
Miroslav Stampar
7d2fce16dc minor fix 2011-12-16 11:40:23 +00:00
Miroslav Stampar
cff21814bb minor patch for MSSQL 2008 2011-12-16 11:23:41 +00:00
Miroslav Stampar
8793fbc9f5 minor update 2011-12-14 12:59:25 +00:00
Miroslav Stampar
bd7da45546 minor update 2011-10-28 13:07:23 +00:00
Miroslav Stampar
f7be0ca4e2 minor fix 2011-10-28 12:49:35 +00:00
Miroslav Stampar
25f0ec3597 some minor range to xrange conversion (where safe to do) 2011-10-21 22:34:27 +00:00
Miroslav Stampar
a6ade08c28 just in case commit to prevent join string iteration over 'None' values 2011-07-30 13:01:37 +00:00
Miroslav Stampar
4ce93221d1 minor update 2011-07-28 09:24:37 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Miroslav Stampar
d27afaed7e some fixes 2011-06-16 14:27:44 +00:00
Miroslav Stampar
a397baa89a fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches 2011-05-26 08:17:21 +00:00
Miroslav Stampar
eceb5eca7b fix for --file-read on MSSQL for error technique (again that unpacking was causing problems); also reverting that check for file paths as one user mentioned that network paths are also possible for usage on Windows machines (e.g. \\bla\bla) 2011-05-02 21:55:06 +00:00
Bernardo Damele
284c69a686 Improved --tables for MSSQL too, like r3798 2011-04-30 22:05:02 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Bernardo Damele
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00
Miroslav Stampar
f909ecb369 bug fix for mssqlserver escape 2011-04-20 13:41:01 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Miroslav Stampar
b6af80bab3 refactoring, cleanup and improvement 2011-03-29 21:54:15 +00:00
Miroslav Stampar
73e5d20ade bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries) 2011-03-28 11:01:55 +00:00
Bernardo Damele
c078de894f Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA 2011-02-10 14:24:04 +00:00
Bernardo Damele
a2c20acf94 Minor fixes once more 2011-02-10 11:34:16 +00:00
Bernardo Damele
d0ddaee3c8 Minor bug fix 2011-02-10 11:28:24 +00:00
Miroslav Stampar
ecaf5729fd revert 2011-02-06 22:14:18 +00:00
Miroslav Stampar
caaac72029 minor update regarding last commit 2011-02-06 20:15:03 +00:00
Miroslav Stampar
367d0639f0 refactoring (class names should always be Capital cased) 2011-01-28 16:36:09 +00:00
Bernardo Damele
b1d6040a48 Minor bug fix so that --search also works when the technique is error-based (which always return a list with lists inside) 2011-01-20 21:46:56 +00:00
Bernardo Damele
50c02fbb37 Done with previous refactoring 2011-01-20 00:01:06 +00:00
Bernardo Damele
bade0e3124 Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-19 23:06:15 +00:00
Bernardo Damele
daebb0010b Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based.
Alignment of SQL statement payload packing/unpacking between all of the techniques.
Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too.
Minor code cleanup.
2011-01-18 23:02:11 +00:00
Bernardo Damele
2d9b151883 Minor bug fix 2011-01-15 10:14:05 +00:00
Bernardo Damele
e4e9b11b79 Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms. 2011-01-14 12:47:07 +00:00
Bernardo Damele
3c95d71ea5 Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase 2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Bernardo Damele
8a67aea754 One more step to fully working UNION exploitation after merge into detection phase 2011-01-12 01:13:32 +00:00
Miroslav Stampar
8e1927fe31 minor fix 2011-01-02 18:12:18 +00:00
Miroslav Stampar
5f9b6b2254 code refactoring 2011-01-02 16:51:21 +00:00
Miroslav Stampar
7c06dbffc3 bug fix (AttributeError: 'unicode' object has no attribute 'sort') 2010-12-22 18:55:50 +00:00
Bernardo Damele
1a3f57e5fe Cosmetics 2010-12-21 09:23:00 +00:00
Miroslav Stampar
03b275ce33 update 2010-12-20 23:27:04 +00:00
Miroslav Stampar
108a96c6b4 some fixes 2010-12-17 21:45:20 +00:00
Miroslav Stampar
a19cb2c13a code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") 2010-12-17 21:29:09 +00:00
Miroslav Stampar
b4450c6ddd added one more level of MSSQL version check (if first fails for some reason) 2010-12-17 21:01:14 +00:00
Bernardo Damele
a02dd6b55b Minor enhancement to speedup active dbms fingerprint (-f).
Code cleanup and refactoring.
2010-12-13 21:33:42 +00:00
Miroslav Stampar
e6c66fa37c update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available 2010-12-11 17:55:28 +00:00
Miroslav Stampar
435f48b8cc polite cosmetics 2010-12-10 15:28:56 +00:00