Commit Graph

107 Commits

Author SHA1 Message Date
Miroslav Stampar
accac776fe some fixes 2012-01-13 14:10:53 +00:00
Miroslav Stampar
95f89ab63a updating copyright date 2012-01-11 14:59:46 +00:00
Miroslav Stampar
6c49af090c minor language patch 2011-12-28 14:18:17 +00:00
Miroslav Stampar
0a039d84e0 some more refactoring 2011-12-21 19:40:42 +00:00
Miroslav Stampar
440b7efe55 minor optimization 2011-11-20 20:14:47 +00:00
Miroslav Stampar
25f0ec3597 some minor range to xrange conversion (where safe to do) 2011-10-21 22:34:27 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Bernardo Damele
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Bernardo Damele
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Bernardo Damele
1c51e11c5c Minor adjustments to PgSQL fingerprint 2011-04-12 10:35:33 +00:00
Miroslav Stampar
7324d53997 reference (http://www.enterprisedb.com/docs/en/9.0/pg/release-9-0.html) 2011-04-12 10:30:33 +00:00
Miroslav Stampar
bc4c2f320c cosmetics 2011-04-12 10:24:09 +00:00
Miroslav Stampar
2f1786e65f added active fingerprint for pgsql >= 9.0.3 (reference: http://www.postgresql.org/docs/9.0/static/release-9-0.html) 2011-04-12 10:22:54 +00:00
Bernardo Damele
fdbd8bfe37 initial support for PostgreSQL 9.0 - #223 2011-04-11 22:02:00 +00:00
Bernardo Damele
d5fb1378cc Gone unnoticed for way too long 2011-04-08 11:15:19 +00:00
Miroslav Stampar
68c7247ee4 bug fix (pgsql drop function requires input arguments - at cleanup() in plugins/generic/misc.py it's already fixed before) 2011-03-08 10:46:23 +00:00
Miroslav Stampar
ecaf5729fd revert 2011-02-06 22:14:18 +00:00
Miroslav Stampar
caaac72029 minor update regarding last commit 2011-02-06 20:15:03 +00:00
Miroslav Stampar
367d0639f0 refactoring (class names should always be Capital cased) 2011-01-28 16:36:09 +00:00
Bernardo Damele
50c02fbb37 Done with previous refactoring 2011-01-20 00:01:06 +00:00
Bernardo Damele
bade0e3124 Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-19 23:06:15 +00:00
Bernardo Damele
e4e9b11b79 Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms. 2011-01-14 12:47:07 +00:00
Bernardo Damele
3c95d71ea5 Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase 2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Miroslav Stampar
5f9b6b2254 code refactoring 2011-01-02 16:51:21 +00:00
Miroslav Stampar
20e3a6d72f fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html) 2010-12-30 21:53:34 +00:00
Bernardo Damele
a02dd6b55b Minor enhancement to speedup active dbms fingerprint (-f).
Code cleanup and refactoring.
2010-12-13 21:33:42 +00:00
Miroslav Stampar
e6c66fa37c update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available 2010-12-11 17:55:28 +00:00
Miroslav Stampar
bbffea2cbc bug fix 2010-12-09 17:10:22 +00:00
Miroslav Stampar
0eb2c408a9 code refactoring 2010-12-09 16:49:02 +00:00
Miroslav Stampar
d77ddbee47 OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND) 2010-12-06 18:20:57 +00:00
Miroslav Stampar
5764816891 minor cosmetics 2010-12-03 22:28:09 +00:00
Bernardo Damele
c8f943f5e4 Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.
Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file.
2010-11-30 22:40:25 +00:00
Bernardo Damele
66c82d72e4 Typo fix 2010-11-12 10:02:02 +00:00
Miroslav Stampar
862395ced1 further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Bernardo Damele
27ce4b0cf0 Set proper verbose level for dbms direct error messages 2010-11-07 22:14:06 +00:00
Miroslav Stampar
d3e7e89e60 major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces 2010-11-07 21:18:09 +00:00
Miroslav Stampar
70f6eab715 minor update 2010-11-02 12:08:28 +00:00
Miroslav Stampar
685a8e7d2c refactoring of hard coded dbms names 2010-11-02 11:59:24 +00:00
Miroslav Stampar
4f7f20b94f sorry, cosmetics 2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136 large commit with copyright header modifications 2010-10-14 14:41:14 +00:00
Miroslav Stampar
1369529103 minor cosmetic update 2010-10-11 13:52:32 +00:00
Miroslav Stampar
12a5ec9f3d more unicode refactoring 2010-06-02 12:45:40 +00:00
Bernardo Damele
e98b049e7f Added unicode support also to PostgreSQL connector - see #184. 2010-05-29 11:46:41 +00:00
Miroslav Stampar
a3db3c03c1 str() -> unicode() 2010-05-28 13:05:02 +00:00
Bernardo Damele
eecee3b274 Added resume functionality to -d and fixed logging with -d 2010-04-12 09:35:20 +00:00
Bernardo Damele
758a858785 Minor adjustments 2010-04-06 20:40:14 +00:00
Miroslav Stampar
e2810003ae more update 2010-04-06 15:12:52 +00:00
Miroslav Stampar
c24f1cc07c some update 2010-04-06 14:59:31 +00:00
Bernardo Damele
5fdebb5d5b Added support to directly connect also to Microsoft SQL Server database.
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00
Miroslav Stampar
1973024ebf added support for reusing connections 2010-03-30 13:52:47 +00:00
Miroslav Stampar
c2a6f21095 refactoring regarding usage of conf.dbmsConnector.connect() 2010-03-30 13:03:19 +00:00
Bernardo Damele
1416cd0d86 Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Bernardo Damele
a63e251b25 Ahead with code refactoring, related to r1502.
Fixed svn:keywords propset to all .py files.
2010-03-23 21:26:45 +00:00
Bernardo Damele
09768a7b62 Major code refactoring: moved and split plugins (mysql, pgsql, mssql, oracle) more granularly and organized.
Todo for firebird, sqlite, access.
2010-03-22 22:57:57 +00:00