sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-29 21:13:51 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,435 Commits 4 Branches 117 Tags 97 MiB
19a6f86954
Commit Graph

202 Commits

Author SHA1 Message Date
Bernardo Damele
3c95d71ea5 Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase 2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. 
Minor bug fixes thanks to previous refactoring too.
 2011-01-13 17:36:54 +00:00
Bernardo Damele
8a67aea754 One more step to fully working UNION exploitation after merge into detection phase 2011-01-12 01:13:32 +00:00
Bernardo Damele
8bdb7ec58c Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet. 2011-01-12 00:47:39 +00:00
Bernardo Damele
06230e4d92 Minor code refactoring and cosmetics 2011-01-11 21:46:21 +00:00
Miroslav Stampar
0676b38063 revert of one thing for Bernardo and minor update 2011-01-10 10:30:17 +00:00
Miroslav Stampar
8e83a26acf minor fix 2011-01-07 17:53:17 +00:00
Bernardo Damele
cc46940159 Minor refactoring 2011-01-07 17:10:32 +00:00
Miroslav Stampar
b313a20a3f some fixes 2011-01-07 16:39:47 +00:00
Bernardo Damele
16a06117f7 Mere cosmetics 2011-01-07 16:36:32 +00:00
Miroslav Stampar
8a48baf789 update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised 2011-01-04 13:23:59 +00:00
Miroslav Stampar
b763feafd9 bug fix (TypeError: object of type 'NoneType' has no len()) 2011-01-02 12:26:31 +00:00
Miroslav Stampar
f0dad2a1e4 minor bug fix (in multiple item search only last item was shown) 2011-01-02 12:23:36 +00:00
Miroslav Stampar
7b9d978cf9 minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax") 2011-01-02 11:01:20 +00:00
Miroslav Stampar
e28b9f26fc minor fix 2011-01-02 08:01:01 +00:00
Miroslav Stampar
7ea3d060f6 some fixes/updates here and there 2011-01-01 12:41:51 +00:00
Miroslav Stampar
6f17e84e19 minor fix 2010-12-30 08:29:20 +00:00
Miroslav Stampar
a77b186aca minor fix 2010-12-27 16:55:27 +00:00
Miroslav Stampar
5015f04826 minor update 2010-12-27 16:36:05 +00:00
Miroslav Stampar
9c1676bdfa minor cosmetics 2010-12-27 14:44:00 +00:00
Miroslav Stampar
9fb0e0fc85 resume of brute forced data is now available 2010-12-27 14:17:20 +00:00
Miroslav Stampar
3d23f226ae minor update 2010-12-27 11:47:50 +00:00
Miroslav Stampar
68462466f2 minor fix for a bug reported by shaohua pan (argument of type 'NoneType' is not iterable) 2010-12-27 11:36:36 +00:00
Miroslav Stampar
51a492e17d pretty important commit (now dumped tables are prone to dictionary attack) 2010-12-27 10:56:28 +00:00
Miroslav Stampar
c8d5a6b980 update 2010-12-27 00:41:16 +00:00
Miroslav Stampar
89c2640d23 basic --search now works with MS Access 2010-12-26 23:50:16 +00:00
Miroslav Stampar
c4d6a367e9 this way order given in -C is preserved 2010-12-26 14:11:42 +00:00
Miroslav Stampar
c93f2a703d minor update 2010-12-26 14:02:16 +00:00
Miroslav Stampar
e41acb6fc2 further ms access improvements 2010-12-26 02:13:56 +00:00
Miroslav Stampar
2c8115eed9 further improvement for ms access table dumping 2010-12-26 01:04:30 +00:00
Miroslav Stampar
5249762794 update 2010-12-25 16:46:33 +00:00
Miroslav Stampar
fb099615e2 minor update 2010-12-25 11:16:35 +00:00
Miroslav Stampar
6845d402fa well, here and there, merry Christmas to all :) 2010-12-24 20:17:53 +00:00
Miroslav Stampar
706d8e0b88 development update (basic ms access dumping implemented) 2010-12-24 19:53:11 +00:00
Miroslav Stampar
7c06dbffc3 bug fix (AttributeError: 'unicode' object has no attribute 'sort') 2010-12-22 18:55:50 +00:00
Bernardo Damele
b3da473840 Minor bug fix when --dbs has only one DB name 2010-12-22 14:29:57 +00:00
Bernardo Damele
c9ab8ae60e Bug fix to properly identify if current user is DBA (--is-dba) on MySQL 2010-12-22 14:06:01 +00:00
Miroslav Stampar
c89021f0bb some fixes 2010-12-22 11:46:18 +00:00
Miroslav Stampar
385e208f38 code refactoring regarding standard output suppression and some threading issues 2010-12-21 14:21:24 +00:00
Miroslav Stampar
6b37ddada4 removed some blank trailing spaces (with extra/shutils/blanks.sh) 2010-12-21 10:31:56 +00:00
Miroslav Stampar
36862e2efa update 2010-12-18 15:57:47 +00:00
Miroslav Stampar
a067e805fa minor update 2010-12-17 22:23:01 +00:00
Miroslav Stampar
e98d9c08e1 dumping table is now possible on Firebird too 2010-12-12 14:38:07 +00:00
Miroslav Stampar
b1babeefe5 update regarding dumping of tables with blind on Sqlite 2010-12-11 22:00:16 +00:00
Miroslav Stampar
b02bd55edc minor refactoring 2010-12-10 13:04:36 +00:00
Miroslav Stampar
5764816891 minor cosmetics 2010-12-03 22:28:09 +00:00
Miroslav Stampar
2cc167a42e fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'" 2010-12-02 18:57:43 +00:00
Bernardo Damele
c22338ce90 Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more). 2010-11-29 11:47:58 +00:00
Miroslav Stampar
ba4ea32603 first working version of dictionary attack 2010-11-23 13:24:02 +00:00
Bernardo Damele
a34c1b287c Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL) 2010-11-12 11:33:11 +00:00
Miroslav Stampar
42272ca78c minor update 2010-11-11 22:26:36 +00:00
Miroslav Stampar
be992b4471 update regarding common columns existance check 2010-11-11 17:09:31 +00:00
Miroslav Stampar
4be0631161 refactoring of brute force techniques 2010-11-09 09:42:43 +00:00
Bernardo Damele
dac7436edf Fix inconsistence with -b --error-test 2010-11-08 15:36:07 +00:00
Miroslav Stampar
862395ced1 further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Miroslav Stampar
c8fe2fa8d8 minor fix 2010-11-04 22:00:14 +00:00
Miroslav Stampar
d7dbf814a0 fix/update for Access 2010-11-04 21:47:21 +00:00
Miroslav Stampar
6adee3792a removed all trailing spaces from blank lines 2010-11-03 10:08:27 +00:00
Miroslav Stampar
4b56fa4f8f now --tables work for MaxDB 2010-11-02 22:11:45 +00:00
Miroslav Stampar
b761523f3f now --users works for MaxDB too 2010-11-02 21:52:48 +00:00
Miroslav Stampar
cd0d4135ac implemented --banner for MaxDB and some minor fixes 2010-11-02 20:51:55 +00:00
Miroslav Stampar
685a8e7d2c refactoring of hard coded dbms names 2010-11-02 11:59:24 +00:00
Miroslav Stampar
9d2c81baa9 more update for ms access 2010-11-02 11:06:47 +00:00
Bernardo Damele
486a113560 Consolidate logger messages for --*-test switches 2010-10-31 16:58:38 +00:00
Bernardo Damele
eab331ebd7 Minor bug fix 2010-10-31 13:46:08 +00:00
Bernardo Damele
65a0a8d285 Delegate urlencoding to agent.py only 2010-10-31 13:28:05 +00:00
Bernardo Damele
17e8abe841 Removed useless call to urlencode() 2010-10-31 12:47:22 +00:00
Miroslav Stampar
a921fe0d5d fix for using --banner --stacked-test together 2010-10-29 15:31:24 +00:00
Miroslav Stampar
d75578c81f some update regarding common tables 2010-10-29 09:00:51 +00:00
Miroslav Stampar
749e25a217 Implementation of --passwords for Sybase 2010-10-26 21:35:30 +00:00
Bernardo Damele
f5904d0bc0 Major bug fix to --union-test 2010-10-25 23:39:55 +00:00
Miroslav Stampar
8a9a57c709 update for Sybase and major bug fix for --passwords on MSSQL 2010-10-25 22:11:38 +00:00
Miroslav Stampar
9b56fbafbe that Sybase is going to be pain in the ass 2010-10-25 21:43:13 +00:00
Bernardo Damele
debaf2215f Consistency between cmdline.py, optiondict.py and sqlmap.conf and got rid of --union-use switch 2010-10-25 15:54:45 +00:00
Bernardo Damele
215175e3b7 Minor code adjustments 2010-10-25 14:11:47 +00:00
Miroslav Stampar
32728d14b7 fix for --union-use with --error-test 2010-10-25 12:25:29 +00:00
Miroslav Stampar
f8850e3f41 update (xml fix and refactoring) 2010-10-23 07:44:34 +00:00
Miroslav Stampar
a7a53af924 update for Sybase 2010-10-23 07:37:43 +00:00
Miroslav Stampar
a8e42a4f2b bug fix 2010-10-23 06:42:21 +00:00
Miroslav Stampar
dec4d858b3 fix for Bug #207 2010-10-22 14:01:48 +00:00
Miroslav Stampar
1b2ec826bf misc fixes regarding new query retrieval format 2010-10-21 23:17:06 +00:00
Miroslav Stampar
bc79eec702 removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO) 2010-10-21 13:13:12 +00:00
Bernardo Damele
e73e06069b Minor code refactoring 2010-10-20 22:09:03 +00:00
Miroslav Stampar
1b376c99a6 removed temp dictionary and replaced with kb.misc 2010-10-19 23:00:19 +00:00
Miroslav Stampar
6a8b1046d4 first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py) 2010-10-19 12:02:04 +00:00
Bernardo Damele
e7c8be1d45 Minor layout adjustments 2010-10-15 15:37:15 +00:00
Miroslav Stampar
4f7f20b94f sorry, cosmetics 2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136 large commit with copyright header modifications 2010-10-14 14:41:14 +00:00
Miroslav Stampar
8abcdae1b5 some update 2010-09-30 19:45:23 +00:00
Miroslav Stampar
cf8e92699c changes regarding EXISTS feature 2010-09-30 12:35:45 +00:00
Miroslav Stampar
e176b36a7f update 2010-09-24 22:09:33 +00:00
Miroslav Stampar
18db96c45f fix for bug reported by David Guimaraes (colEntry = entry[index] - IndexError: list index out of range) 2010-09-01 09:25:21 +00:00
Miroslav Stampar
b0ba559af5 minor update 2010-08-31 14:31:17 +00:00
Miroslav Stampar
c4040ab297 fix for Feature #136 2010-08-31 14:25:37 +00:00
Miroslav Stampar
12a5ec9f3d more unicode refactoring 2010-06-02 12:45:40 +00:00
Bernardo Damele
b798222dd7 Minor fixes 2010-05-30 14:53:13 +00:00
Bernardo Damele
06af405efd Adapted and merged in patch to support XML output (-x switch) - still in beta. 
Minor bug fixes and adjustments.
 2010-05-28 16:43:04 +00:00
Miroslav Stampar
f24187f251 few fixes here and there 2010-05-28 12:47:03 +00:00
Miroslav Stampar
dc83f794ea fix regarding proper string isinstance checking (including unicode) 2010-05-25 10:09:35 +00:00
Bernardo Damele
e0e2349529 Refactor to --search -C and minor bug fix - See #190. 2010-05-17 16:16:49 +00:00