sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-10-31 07:57:47 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,077 Commits 2 Branches 130 Tags 98 MiB
1abf354630
Commit Graph

2077 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bernardo Damele
8ff7c9a5a1 Works on Oracle's GROUP BY too 2010-12-07 17:17:01 +00:00
Bernardo Damele
81e7465ed2 Cosmetics 2010-12-07 17:16:21 +00:00
Miroslav Stampar
ecd4a5a532 added standard deviation check in time based tests 2010-12-07 16:39:31 +00:00
Miroslav Stampar
294119d2ec more advanced time technique(s) 2010-12-07 16:04:53 +00:00
Miroslav Stampar
4959da3ce6 it's a must to double check time based payloads 2010-12-07 14:59:11 +00:00
Miroslav Stampar
e53fef546e update regarding session page templates 2010-12-07 14:35:31 +00:00
Miroslav Stampar
add6235b16 removed pageTemplate from injection(s), it's not longer stored in session, and it's reloaded when resuming from session 2010-12-07 14:06:54 +00:00
Miroslav Stampar
0dc630203f code refactoring 2010-12-07 13:34:06 +00:00
Miroslav Stampar
4f01d4c109 number crunching based time payloads are now affected by conf.timeSec 2010-12-07 13:24:18 +00:00
Miroslav Stampar
d0936bc8ed adding vectors for SQLite time-based payloads 2010-12-07 13:14:56 +00:00
Bernardo Damele
54b8cb76a1 Messed up with my last merge, all fixed now 2010-12-07 12:59:53 +00:00
Miroslav Stampar
b38a634d95 bug fix 2010-12-07 12:55:31 +00:00
Bernardo Damele
7c32db6e9d Forgot when merged with my last commit 2010-12-07 12:52:09 +00:00
Bernardo Damele
acac0d346f Minor bug fixes and adjustments 2010-12-07 12:45:45 +00:00
Bernardo Damele
8e78057ac8 Added counter of total HTTP(s) requests done during detection phase 2010-12-07 12:33:47 +00:00
Bernardo Damele
effd2ca0e3 Cosmetics 2010-12-07 12:32:58 +00:00
Miroslav Stampar
2b2b7dc3a6 added vectors for time-based Firebird payloads 2010-12-07 12:20:48 +00:00
Miroslav Stampar
36a7fca8d5 added time-based payload vector for MSSQL 2010-12-07 12:06:25 +00:00
Miroslav Stampar
485981c619 added vectors for PostgresSQL time-based payloads 2010-12-07 11:57:33 +00:00
Miroslav Stampar
f9085e01e7 added vectors for Oracle time-based payloads 2010-12-07 11:47:29 +00:00
Miroslav Stampar
2af8835a94 fix for a bug reported by ToR (origValue = paramDict[kb.injection.parameter] -> KeyError in resume with missing injection parameter) 2010-12-07 10:57:32 +00:00
Miroslav Stampar
3d87489de5 minor update 2010-12-07 08:05:03 +00:00
Miroslav Stampar
90b776c1a2 update 2010-12-07 00:58:54 +00:00
Miroslav Stampar
0da1ebde7d introducing PostgreSQL time based blind 2010-12-07 00:51:14 +00:00
Miroslav Stampar
1ba98dc9ec found a fix for a OR time-based MySQL payload :) 2010-12-07 00:31:46 +00:00
Miroslav Stampar
61f82fd274 introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic 2010-12-07 00:27:26 +00:00
Bernardo Damele
32f1909131 Some more "advanced" boundaries 2010-12-06 23:15:41 +00:00
Miroslav Stampar
84a038d0a3 added one more subtag 2010-12-06 23:10:38 +00:00
Miroslav Stampar
1031723c89 added one more time based blind for Oracle 2010-12-06 23:05:53 +00:00
Miroslav Stampar
7697d19292 space replace is not needed in other two Oracle error based payloads; removing incorrect dbms_version for ctxsys.drithsx.sn as it also works on 10g 2010-12-06 22:52:18 +00:00
Miroslav Stampar
2735848ab6 removed ERROR_SPACE 2010-12-06 22:40:07 +00:00
Miroslav Stampar
f516c18a2a minor update 2010-12-06 21:39:57 +00:00
Miroslav Stampar
0c5c2aa807 adding one more error based payload for Oracle 2010-12-06 21:20:26 +00:00
Miroslav Stampar
956a155377 adding one more error based payload for Oracle 2010-12-06 20:43:23 +00:00
Miroslav Stampar
ff43a4a955 minor update to preserve consistency of payload naming 2010-12-06 20:28:26 +00:00
Miroslav Stampar
c0e05d6869 update 2010-12-06 19:11:05 +00:00
Miroslav Stampar
9ccc8f90a3 minor cosmetic update ("heuristics shows" is not grammatically correct) 2010-12-06 18:47:22 +00:00
Miroslav Stampar
d336f1df23 minor update 2010-12-06 18:44:42 +00:00
Miroslav Stampar
d77ddbee47 OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND) 2010-12-06 18:20:57 +00:00
Miroslav Stampar
e4b51dd549 proper way of handling OR based injections (completely compatible with current AND based inference engine) 2010-12-06 17:23:21 +00:00
Miroslav Stampar
27ee9a5ccf minor refactoring 2010-12-06 15:50:19 +00:00
Miroslav Stampar
e8be14e00a minor refactoring 2010-12-06 07:48:14 +00:00
Miroslav Stampar
a43d252ae9 minor update 2010-12-06 00:14:08 +00:00
Miroslav Stampar
5189f138d7 increasing socket timeout in case of time based checks 2010-12-05 23:18:16 +00:00
Bernardo Damele
17449754fe Got rid of UNION false cond 2010-12-05 16:16:15 +00:00
Bernardo Damele
a1e89d3e94 Minor tweak 2010-12-05 13:12:12 +00:00
Bernardo Damele
da3fd17fc3 Adjustment to make it work also in OR based injection 2010-12-05 12:24:23 +00:00
Bernardo Damele
bf425d90bc More tweaking 2010-12-05 12:23:18 +00:00
Bernardo Damele
41e1b95c6c Minor code refactoring and finally make exploitation work also on OR boolean-based injections 2010-12-05 11:25:44 +00:00
Miroslav Stampar
7a5cd3b35f minor comment update 2010-12-05 11:15:09 +00:00