Bernardo Damele
a06a6de193
minor bug fix
2013-12-06 13:26:34 +00:00
Miroslav Stampar
b7244a07cb
Changing testing payload for MsSQL (BINARY_CHECKSUM seems to be blocked in some cases)
2013-12-04 11:32:42 +01:00
Miroslav Stampar
24e67289c8
Bug fix
2013-11-25 11:57:20 +01:00
Miroslav Stampar
354aaeae5b
Removing unused imports
2013-11-12 14:11:07 +01:00
Miroslav Stampar
2ee4b81a6e
Minor fix
2013-10-18 15:59:25 +02:00
Miroslav Stampar
5aaf18f556
Minor update
2013-10-18 15:26:55 +02:00
Miroslav Stampar
7104e00c95
Minor update
2013-10-18 14:47:11 +02:00
Miroslav Stampar
7cb7c6361f
Minor fix (Sybase Adaptive Server Anywhere doesn't have support for tempdb_id())
2013-10-17 16:04:55 +02:00
Miroslav Stampar
3bbe02a714
Bug fix (0 datetime value not liked by direct connector)
2013-08-22 12:05:59 +02:00
Miroslav Stampar
5721f6007e
Fix for an Issue #509
2013-08-18 01:24:40 +02:00
Miroslav Stampar
b2855e0281
Minor patch
2013-08-12 14:25:51 +02:00
stamparm
dbb0d7f700
Important fix (Issue #489 ) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used)
2013-07-19 13:24:35 +02:00
stamparm
f97b35dcc1
Patch for an Issue #475
2013-07-01 13:43:38 +02:00
stamparm
b9491317a6
Minor update (Issue #475 )
2013-07-01 13:11:16 +02:00
stamparm
017ce22a2f
Minor consistency patch (Issue #475 )
2013-07-01 13:01:53 +02:00
stamparm
5ff09aff63
Some more adjustments (Issue #475 )
2013-07-01 12:50:12 +02:00
stamparm
4fb33bb26c
Some more cleanup (Issue #475 )
2013-07-01 12:11:09 +02:00
stamparm
b5e644694a
Minor cleanup
2013-07-01 12:05:02 +02:00
stamparm
f7d15cb465
Official naming is HSQLDB (and/or HyperSQL)
2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651
Merge pull request #475 from Meatballs1/hsql_clean
...
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
stamparm
991cafc4e4
Minor refactoring
2013-06-26 13:53:42 +02:00
stamparm
c83cca4cd4
Minor patch
2013-06-26 13:49:34 +02:00
Meatballs
eb2012c599
Fix escaper
2013-06-24 23:50:33 +01:00
Meatballs
5b6c01d739
Escaper
2013-06-24 23:41:45 +01:00
Meatballs
a393b17513
modify fingerprint value
2013-06-24 15:12:37 +01:00
Meatballs
b886e47b6d
Add unimplemented files
2013-06-24 14:53:41 +01:00
Meatballs
d739d5062d
hsql plugin folder
2013-06-24 14:34:25 +01:00
Miroslav Stampar
95ed6b7203
Minor patch (Issue #470 )
2013-06-24 14:37:45 +02:00
Miroslav Stampar
92dfb0f817
Minor patch
2013-06-16 12:35:20 +02:00
stamparm
1c47b33020
Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple)
2013-04-15 15:23:45 +02:00
stamparm
f936746423
Code restyling
2013-04-15 14:31:27 +02:00
stamparm
ae6ce7db30
Removal of unused imports
2013-03-20 10:44:15 +01:00
Miroslav Stampar
db0a1e58b9
Update for an Issue #352
2013-03-11 14:58:05 +01:00
stamparm
9d81be7af5
Removing redundant piece of code
2013-02-25 14:12:57 +01:00
stamparm
dc9dc233b6
Adding a comment
2013-02-25 14:07:20 +01:00
stamparm
0d2138a4a0
Minor fix for escaping unicode strings in SQLite escaper
2013-02-25 14:06:46 +01:00
Miroslav Stampar
5d068896a9
Minor bug fix
2013-02-15 09:54:51 +01:00
Bernardo Damele
d42d28392a
avoid tracebacks because the parameter does not exist
2013-02-14 13:18:33 +00:00
Bernardo Damele
4b9d8ed673
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f
make sure to use Python 2 interpreter when default system Python is version 3
2013-02-14 11:25:04 +00:00
Miroslav Stampar
dd6f50a00e
Removing unused imports
2013-02-13 11:15:24 +01:00
Miroslav Stampar
dc41484b3f
Refactoring of funcionality for finding out if stacking is available
2013-02-13 09:57:16 +01:00
Miroslav Stampar
6d802867fc
Bug fix (in some cases if random values are parsable as MMDD they will result as valid non-NULL TIMESTAMPADD value back - e.g. values 1224,0101,0212)
2013-02-11 12:02:03 +01:00
Bernardo Damele
b477c56b52
first steps to allow multiple scans on the same taskid - issue #297
2013-02-07 00:05:26 +00:00
Miroslav Stampar
353c1cb63b
Bug fix for escaping in SQLite 3
2013-02-05 11:58:11 +01:00
Miroslav Stampar
7e1ff1bb8e
Same refactoring as the last commit
2013-02-04 15:26:44 +01:00
Miroslav Stampar
0cc6e68be2
Refactoring MySQL fingeprint.py (those payloads are now stored into session file too)
2013-02-04 15:12:03 +01:00
Miroslav Stampar
f41460f8d8
Better naming
2013-01-29 20:53:11 +01:00
Miroslav Stampar
adfb862cd5
Trivial style update
2013-01-24 15:12:52 +01:00
Bernardo Damele
f4028bd7d2
minor adjustment
2013-01-23 02:10:38 +00:00
Bernardo Damele
d8a0e7eacb
fixes #187
2013-01-23 01:27:01 +00:00
Bernardo Damele
5635776173
proper SQLite 2 library
2013-01-22 18:56:25 +00:00
Bernardo Damele
11413a0f03
added Firebird search test cases
2013-01-22 10:04:17 +00:00
Bernardo Damele
e23340f002
added support for search for tables on Firebird (issue #365 )
2013-01-22 09:53:05 +00:00
Miroslav Stampar
069c6acabd
Another update for an Issue #362
2013-01-20 22:47:26 +01:00
Miroslav Stampar
a7028af2e9
Patch for an Issue #362 (more work required)
2013-01-20 22:16:34 +01:00
Miroslav Stampar
b4a55a809e
Refactoring DBMS string escaping functions
2013-01-20 13:45:58 +01:00
Bernardo Damele
adf97e630f
add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL
2013-01-19 18:04:33 +00:00
Bernardo Damele
32a12c7e2b
handle exception reported in issue #359
2013-01-19 00:24:15 +00:00
Bernardo Damele
a4b0b98f8f
aligned Firebird to recent DB2 string escaping syntax fix
2013-01-18 22:57:57 +00:00
Bernardo Damele
4526e31485
bug fix for Firebird fingerprint (issue #357 )
2013-01-18 22:32:58 +00:00
Bernardo Damele
f49657eacc
minor fix to previous commit
2013-01-18 15:10:34 +00:00
Miroslav Stampar
601eb1e49a
Unescaping is renamed to escaping
2013-01-18 15:40:37 +01:00
Bernardo Damele
a43202f3c0
updated copyright
2013-01-18 14:07:51 +00:00
Miroslav Stampar
aa467cb54c
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-01-18 11:31:25 +01:00
Miroslav Stampar
e7576a3b11
Better naming
2013-01-18 11:21:23 +01:00
Bernardo Damele
a92ae93847
minor bug fix to properly identify if user is admin on Oracle across all techniques
2013-01-18 09:22:53 +00:00
Bernardo Damele
5225375048
proper fix
2013-01-17 22:04:21 +00:00
Bernardo Damele
d2d3878de1
typo fix
2013-01-17 21:58:53 +00:00
Bernardo Damele
a5e9168993
minor fix because boolean-based blind on DB2 is a little bit different from other DBMSes
2013-01-17 21:58:15 +00:00
Bernardo Damele
413b5e7ab4
fixed error message
2013-01-14 16:49:05 +00:00
Bernardo Damele
675e4a026b
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-01-11 13:31:49 +00:00
Bernardo Damele
2a2d7e886d
align to MSSQL connector
2013-01-11 10:52:03 +00:00
Miroslav Stampar
ec4e49d771
Minor refactoring
2013-01-10 16:09:28 +01:00
Miroslav Stampar
da7f63f125
cx_Oracle.DatabaseError is an ancestor of cx_Oracle.InternalError
2013-01-10 15:33:32 +01:00
Miroslav Stampar
934d41dac2
Minor style update (PEP8)
2013-01-10 15:02:28 +01:00
Miroslav Stampar
ca3d35a878
Some PEP8 related style cleaning
2013-01-10 13:18:44 +01:00
Miroslav Stampar
ca1c0c2a1d
Minor style update
2013-01-10 11:54:07 +01:00
Miroslav Stampar
ebde4b190e
Minor update
2013-01-10 11:42:37 +01:00
Miroslav Stampar
25f01a419f
Minor style update (for the sake of consistency over the code and our PEP8 adaptation)
2013-01-09 15:38:41 +01:00
Miroslav Stampar
5b77b20e2e
Removing trailing whitespaces (PEP8)
2013-01-03 23:57:07 +01:00
Miroslav Stampar
1712603dce
Replacing deprecated has_key() with operator in (PEP8)
2013-01-03 23:28:07 +01:00
Miroslav Stampar
e4a3c015e5
Replacing old and deprecated raise Exception style (PEP8)
2013-01-03 23:20:55 +01:00
Miroslav Stampar
8b7cbe03b0
Replacing CRLF with LF in rest of files
2012-12-26 17:12:17 +01:00
Miroslav Stampar
a77b7f00d9
Fix for an Issue #323
2012-12-23 19:34:35 +01:00
Miroslav Stampar
35728fa443
Fix (and some hidden bug fixes/improvements) regarding an Issue #317
2012-12-21 10:51:35 +01:00
Bernardo Damele
8d9aa2c384
minor refactoring, added possibility to compare the remote file and downloaded file (--file-read), prepping for #223
2012-12-18 17:49:18 +00:00
Miroslav Stampar
eb23b1b1a5
Minor commit related to the last one (uniq roles/privileges)
2012-12-18 12:47:06 +01:00
Miroslav Stampar
cb13735788
Fix for an Issue #294
2012-12-11 12:14:33 +01:00
Miroslav Stampar
974407396e
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
2012-12-06 14:14:19 +01:00
Miroslav Stampar
ab67344448
Removed unused imports and variables (pyflake-ing)
2012-12-06 11:15:05 +01:00
Miroslav Stampar
0f191f624c
Taking some goodies from Pull request #284
2012-12-06 10:21:53 +01:00
Miroslav Stampar
775e0df04b
Update for an Issue #278
2012-12-05 10:45:17 +01:00
Miroslav Stampar
ed40f18796
Minor fix
2012-11-26 14:59:44 +01:00
Miroslav Stampar
c1b8226329
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
2012-10-28 00:36:09 +02:00
Miroslav Stampar
06805b27f2
Bug fix (time was also meant to be disabled in case of error/inband getvalues)
2012-10-27 23:16:25 +02:00
Miroslav Stampar
ba55bed008
More general approach for PostgreSQL concatenation operator precedence problem (Issue #219 )
2012-10-25 10:41:16 +02:00
Miroslav Stampar
c0f57f4e90
Minor fix for an Issue #217
2012-10-24 23:43:28 +02:00
Miroslav Stampar
5477c9f7ba
Fix for an Issue #216
2012-10-24 22:59:46 +02:00
Miroslav Stampar
6e2fce66aa
Patch for an Issue #212
2012-10-23 15:34:59 +02:00
Miroslav Stampar
fb1497aa89
Minor update for Issue #209
2012-10-21 18:53:31 +02:00
Miroslav Stampar
91ea8e52b7
Minor patch for an Issue #201
2012-10-15 18:01:52 +02:00
Miroslav Stampar
ed2d163269
Fix for an Issue #201
2012-10-14 17:53:55 +02:00
Miroslav Stampar
f71b937add
Minor language cleanup
2012-10-04 18:28:36 +02:00
Miroslav Stampar
5c21395fe2
Minor update for an Issue #179
2012-09-10 19:26:51 +02:00
Miroslav Stampar
1f49e4ae36
Fix for an Issue #179
2012-09-10 19:23:24 +02:00
Miroslav Stampar
9a631331a5
Fix for an Issue #177
2012-09-08 20:22:13 +02:00
Miroslav Stampar
1bcf5a6b88
Some more dict refactorings
2012-08-21 11:30:01 +02:00
Miroslav Stampar
95e0d46e3e
Fix for an Issue #110
2012-07-21 09:15:54 +02:00
Bernardo Damele
34e77a8801
ported fix for issue #81 also to blind techniques
2012-07-21 00:20:32 +01:00
Bernardo Damele
3e21f3d07a
fixed --search -C too on MSSQL - issue #81
2012-07-21 00:08:40 +01:00
Bernardo Damele
60242f92c5
made --search -D on MSSQL consistent with other DBMSes - issue #81
2012-07-20 23:37:56 +01:00
Bernardo Damele
86df6037e3
reverted previous ugly hack for issue #110 , perhaps a better fix is possible
2012-07-20 16:01:04 +01:00
Bernardo Damele
1928d5464d
fixes issue #97
2012-07-20 15:56:14 +01:00
Bernardo Damele
bb8cd788e1
minor fix
2012-07-16 09:56:41 +01:00
Miroslav Stampar
3c81f74823
Minor style update
2012-07-13 12:22:37 +02:00
Bernardo Damele
162da75a04
modified homepage address
2012-07-12 18:38:03 +01:00
Miroslav Stampar
9c4a62f725
Some work on Issue #68
2012-07-11 11:58:47 +02:00
Miroslav Stampar
e948e4d45b
Some more refactoring
2012-07-06 17:18:22 +02:00
Bernardo Damele
fb7fe552b7
proper naming
2012-07-06 15:13:50 +01:00
Miroslav Stampar
27fdccc858
Update for Issue #55 (falling back to SELECT DB_NAME(N))
2012-07-03 20:15:17 +02:00
Bernardo Damele
ab412da27f
I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes
2012-07-01 23:25:05 +01:00
jekil
c39e5a85ba
Removed $id$ tags
2012-06-27 20:56:43 +02:00
Miroslav Stampar
06be7bbb18
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
2012-06-15 20:41:53 +00:00
Miroslav Stampar
3f6bc1f3c2
minor fix
2012-05-24 18:05:33 +00:00
Miroslav Stampar
0e8d8577a7
adding a DB2 patch from smcintyre@securestate.com
2012-05-21 08:26:19 +00:00
Miroslav Stampar
079e0e1434
minor bug fix
2012-05-18 08:51:50 +00:00
Bernardo Damele
4da03d898e
Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too. Fixes #236
2012-04-25 07:40:42 +00:00
Bernardo Damele
6116853025
Minor layout adjustments
2012-04-24 17:01:24 +00:00
Bernardo Damele
072e08836f
Falling back to unionReadFile() when --file-read does not work against MySQL. This happens when the session user does not have INSERT privilege, required to run LOAD DATA INFILE
2012-04-19 14:05:45 +00:00
Miroslav Stampar
5e358b51f9
few fixes related to bug report by Shadow Folder (AttributeError: 'list' object has no attribute 'isdigit')
2012-04-04 09:25:05 +00:00
Miroslav Stampar
886aa22efc
minor update
2012-04-03 12:19:37 +00:00
Miroslav Stampar
645fc8a21c
minor refactoring
2012-03-27 08:31:48 +00:00
Miroslav Stampar
72c5b034bf
minor update
2012-03-19 11:50:38 +00:00
Miroslav Stampar
cb8caf7e0f
i am not very bright today :)
2012-03-19 11:23:23 +00:00
Miroslav Stampar
d5915e5d44
one other fix
2012-03-19 11:19:26 +00:00
Miroslav Stampar
7abfa2e6d4
minor fix
2012-03-19 11:18:00 +00:00
Miroslav Stampar
cce5c3c009
minor changes for version numbers
2012-03-19 11:07:03 +00:00
Bernardo Damele
48e8c978fb
Minor fix, way more to do for --search -C for MSSQL
2012-03-15 17:55:49 +00:00
Bernardo Damele
d9e499af9f
Set Id property
2012-03-09 12:05:21 +00:00
Miroslav Stampar
e678219a8c
minor update
2012-03-08 15:51:30 +00:00
Miroslav Stampar
2ab80bfb2c
minor bug fix
2012-03-08 15:24:05 +00:00
Miroslav Stampar
761ec7529a
minor appereance fix
2012-03-01 11:52:30 +00:00
Miroslav Stampar
8b9c5c66cc
code refactoring regarding charsetType inside inference/bisection
2012-02-29 14:36:23 +00:00
Miroslav Stampar
10dd9096f7
one more just in case fix for safeSQLIdentificator naming on MSSQL --tables
2012-02-29 14:05:53 +00:00
Miroslav Stampar
d06182347f
fixing few potential problems
2012-02-29 13:56:40 +00:00
Miroslav Stampar
61a25418a9
minor update
2012-02-22 10:45:10 +00:00
Miroslav Stampar
b3bd4144f5
removing of unused imports together with some general code refactoring
2012-02-22 10:40:11 +00:00
Bernardo Damele
121148f27f
There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.
...
Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones
2012-02-17 15:54:49 +00:00
Bernardo Damele
ebd40b3933
Minor bug fix to make --file-read and --os-bof syntactically work also with -d (direct connection)
2012-02-17 15:16:05 +00:00