Commit Graph

208 Commits

Author SHA1 Message Date
Miroslav Stampar
1d15c595a4 minor fix 2010-01-27 14:08:09 +00:00
Miroslav Stampar
e63428207c modified a way to handle shell scripts 2010-01-27 13:59:25 +00:00
Bernardo Damele
6437c16156 run kitrap0d script along with listing Windows Impersonation Tokens via meterpreter's incognito extension when --priv-esc is provided (see #149). 2010-01-26 01:14:44 +00:00
Miroslav Stampar
3197fada59 update of IDS checking method 2010-01-25 10:06:52 +00:00
Bernardo Damele
952c280083 Added svn keyword 2010-01-25 09:21:39 +00:00
Miroslav Stampar
e689c2ec99 another minor fix (svn header comment) 2010-01-25 00:29:19 +00:00
Miroslav Stampar
44a74ccee8 minor grammar fix 2010-01-25 00:26:51 +00:00
Miroslav Stampar
b183b9cbb4 contains method for detecting if the generated payload is detectable by the PHPIDS filter rules 2010-01-25 00:25:58 +00:00
Miroslav Stampar
a4d8234875 minor update 2010-01-24 14:23:19 +00:00
Miroslav Stampar
98205cc488 another fix for Bug #148 2010-01-23 23:29:34 +00:00
Miroslav Stampar
39652bfbf4 update regarding Unicode char logging (Bug #148) 2010-01-23 15:36:55 +00:00
Miroslav Stampar
97840535c6 fix for situations where proxy is set in environment, but the user tries to test something on localhost 2010-01-19 13:47:35 +00:00
Bernardo Damele
574880ba73 Warn user of HTTP error codes in HTTP responses 2010-01-19 10:27:54 +00:00
Bernardo Damele
5c58747740 More tweaking on --update 2010-01-18 15:20:50 +00:00
Bernardo Damele
051db588a5 Minor tweaking to --update 2010-01-18 14:59:24 +00:00
Miroslav Stampar
44adbc5776 changes regarding Feature #125 2010-01-18 14:05:23 +00:00
Bernardo Damele
2825ab5e4e Major bug fix in url-encoding 2010-01-16 21:56:40 +00:00
Bernardo Damele
c18a5cb92f Fixed a minor bug when displaying requested page in -v >= 3 2010-01-16 21:47:52 +00:00
Bernardo Damele
f337cd6e0a Minor speedup to check if sqlmap's UDF have already been created 2010-01-16 21:46:35 +00:00
Bernardo Damele
4ce3abc56d Minor adjustments 2010-01-15 17:42:46 +00:00
Miroslav Stampar
1a764e1f08 minor commit 2010-01-15 16:10:21 +00:00
Miroslav Stampar
5f171340f5 introduced safe string formatting 2010-01-15 16:06:59 +00:00
Miroslav Stampar
dcf0b2a3c1 minor update 2010-01-15 11:45:48 +00:00
Miroslav Stampar
f5c422efb4 updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before 2010-01-15 11:44:05 +00:00
Bernardo Damele
505647b00f Minor bug fix to --cookie-urlencode 2010-01-15 11:24:30 +00:00
Bernardo Damele
c4215ce8d2 Minor code refactoring 2010-01-14 20:42:45 +00:00
Miroslav Stampar
26c7b74e65 changes regarding Data (GET/POST/Cookie) encoding (Bug #129) 2010-01-14 18:05:03 +00:00
Bernardo Damele
1d968f51e9 More code refactoring 2010-01-14 15:11:32 +00:00
Bernardo Damele
c9863bc1d2 Minor code refactoring 2010-01-14 14:33:08 +00:00
Bernardo Damele
070ccc30e9 Added automatic support in --os-pwn to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP.
Updated ChangeLog.
Major code refactoring.
2010-01-14 14:03:16 +00:00
Bernardo Damele
50bbb0cf8a Deprecate sqlmap update code, will use pysvn to update from latest development version from subversion repository. 2010-01-13 14:52:23 +00:00
Bernardo Damele
0ad43952bd Minor bug fix 2010-01-12 23:56:43 +00:00
Miroslav Stampar
3434a22872 HTTP header HOST is now mandatory in a HTTP request file 2010-01-12 14:07:58 +00:00
Miroslav Stampar
a193205323 minor update regarding requestFile option 2010-01-12 14:01:58 +00:00
Miroslav Stampar
8817b2884f minor update 2010-01-12 13:16:30 +00:00
Miroslav Stampar
a58b36fe07 code commit regarding Feature #119 2010-01-12 13:11:26 +00:00
Bernardo Damele
df36eb6d11 Minor bug fix in --resume functionality 2010-01-11 14:16:37 +00:00
Bernardo Damele
12f371cd65 Minor bug fix and improvement in displaying of enumerated columns in --dump -C 2010-01-09 21:37:44 +00:00
Bernardo Damele
dc04fa7f06 Minor layout adjustments 2010-01-09 21:08:47 +00:00
Miroslav Stampar
d58ba7ee6d added --scope feature regarding Feature #105 2010-01-09 20:44:50 +00:00
Bernardo Damele
f316e722c1 sqlmap 0.8-rc4: --dump option now can also accept only -C: user can provide a string column and sqlmap will enumerate all databases, tables and columns that contain the 'provided_string' or '%provided_string%' then ask the user to dump the entries of only those columns.
--columns now accepts also -C option: user can provide a string column and sqlmap will enumerate all columns of a specific table like '%provided_string%'.
Minor enhancements.
Minor bug fixes.
2010-01-09 00:05:00 +00:00
Bernardo Damele
6a62a78b0a More generic 2010-01-08 23:50:06 +00:00
Bernardo Damele
067cc07fb9 Make 'field' parameter in limitQuery() method to be option 2010-01-08 23:23:15 +00:00
Miroslav Stampar
82222fcd3a minor update of help text 2010-01-07 13:09:14 +00:00
Miroslav Stampar
d07f60578c implementation of Feature #17 2010-01-07 12:59:09 +00:00
Bernardo Damele
80df1fdcf9 Minor bug fix with --sql-query/shell when providing a statement with DISTINCT 2010-01-05 16:15:31 +00:00
Bernardo Damele
954a927cee Minor bug fix to properly execute --time-test also on MySQL >= 5.0.12 2010-01-05 11:43:16 +00:00
Miroslav Stampar
71547a3496 getDocRoot changes 2010-01-05 11:30:33 +00:00
Bernardo Damele
bb61010a45 Avoid useless checks for --os-bof (no need to check for DBA or for xp_cmdshell). Minor code restyling. 2010-01-04 15:02:56 +00:00
Miroslav Stampar
d71e47ce56 fix regarding dirnames in Feature #110 2010-01-04 12:39:07 +00:00