Commit Graph

851 Commits

Author SHA1 Message Date
Miroslav Stampar
9a7343e9f7 Fixes #2566 2017-06-07 16:07:27 +02:00
Miroslav Stampar
9da8d55128 Implements #2557 2017-06-07 11:22:06 +02:00
Miroslav Stampar
dfe42612be Fixes #2549 2017-05-29 10:57:27 +02:00
Miroslav Stampar
fc8eede952 Minor cleanup and one bug fix 2017-04-19 14:46:27 +02:00
Miroslav Stampar
2d05174545 Trivial update 2017-04-18 15:56:24 +02:00
Miroslav Stampar
5f2bb88037 Some code refactoring 2017-04-18 15:48:05 +02:00
Miroslav Stampar
7ebba5614a Moving brute from techniques to utils 2017-04-18 13:53:41 +02:00
Miroslav Stampar
686f53a7c6 Minor patch 2017-04-16 23:32:58 +02:00
Miroslav Stampar
0e206da7c0 Minor patches (pydiatra) 2017-04-14 13:08:51 +02:00
Miroslav Stampar
0a3e771b1b Fixes #2449 2017-03-28 15:22:53 +02:00
Miroslav Stampar
e2fb16c98c Fixes #2425 2017-03-06 12:05:58 +01:00
Miroslav Stampar
9851a5703a Fixes #2373 2017-01-31 14:00:12 +01:00
Miroslav Stampar
c29db43bfa Minor refactoring 2017-01-02 15:14:59 +01:00
Miroslav Stampar
55272f7a3b New version preparation 2017-01-02 14:19:18 +01:00
Miroslav Stampar
edc6f47758 Some refactoring 2016-12-19 23:47:39 +01:00
Miroslav Stampar
8124fe391d Bug fix for using --search in combination with -D CD 2016-10-05 17:43:57 +02:00
Miroslav Stampar
833ca4b640 Minor refactoring 2016-10-05 17:41:02 +02:00
Miroslav Stampar
978f56ad10 One more commit for #552 (--passwords) 2016-09-26 16:38:03 +02:00
Miroslav Stampar
aa0b97b562 Support for Informix --roles/--privileges (Issue #552) 2016-09-26 14:20:04 +02:00
Miroslav Stampar
df645d7d3d Update for column types (Issue #552) 2016-09-23 18:03:31 +02:00
Miroslav Stampar
484d9a4825 Implementation of --dump for Informix (Issue #552) 2016-09-23 17:21:48 +02:00
Miroslav Stampar
1b48ff223d Adding initial support for Informix (Issue #552) 2016-09-23 12:33:27 +02:00
Miroslav Stampar
bce9db1af5 Adding support for --columns too (Issue #2025) 2016-07-15 00:10:41 +02:00
Miroslav Stampar
6df4d73b09 Implementation for an Issue #2025 2016-07-14 23:18:28 +02:00
Miroslav Stampar
786460e3b4 Minor just in case patch 2016-06-19 17:44:47 +02:00
Miroslav Stampar
b4c730f8c0 Minor refactoring 2016-05-31 12:23:59 +02:00
Miroslav Stampar
5264671f5b Dump formatting patch for MsAccess 2016-05-30 12:03:33 +02:00
Miroslav Stampar
7ce36ea1b6 Removal of unused imports 2016-05-24 16:40:44 +02:00
Miroslav Stampar
3e76895155 Minor update 2016-05-24 12:30:01 +02:00
Miroslav Stampar
d9d0865c13 Another patch for an Issue #1874 2016-05-16 17:09:05 +02:00
Miroslav Stampar
0c5965c7b8 Minor patches 2016-04-19 13:13:37 +02:00
Miroslav Stampar
5b0d5970cc Another patch related to the #1773 2016-03-23 10:33:32 +01:00
Miroslav Stampar
6c2f9859be Potential patch for #1773 2016-03-23 10:26:22 +01:00
Miroslav Stampar
6fef2948ff Minor consistency update 2016-01-14 22:51:26 +01:00
Miroslav Stampar
5908964db4 Another (better) patch for #1636 2016-01-09 17:32:19 +01:00
Miroslav Stampar
0f8a551227 Potential patch for #1636 2016-01-09 00:55:01 +01:00
Miroslav Stampar
3c9be947c5 Fixes #1649 2016-01-09 00:15:05 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
7d334cca48 Minor style patch 2016-01-04 12:08:56 +01:00
Miroslav Stampar
fc5802f461 Fixes #1628 2015-12-29 13:19:25 +01:00
Miroslav Stampar
b2dc443835 Fixes #1559 2015-11-23 09:20:35 +01:00
Miroslav Stampar
763b72a3ed Fixes #1551 2015-11-20 17:01:41 +01:00
Miroslav Stampar
94639d11a3 Another update related to the #1539 2015-11-16 15:33:05 +01:00
Miroslav Stampar
570562369b Further fixes for sqlmap to work properly with HSQLDB (WebGoat) 2015-10-13 13:04:59 +02:00
Miroslav Stampar
9641e84dd9 Bug fixes for HSQLDB 2015-10-09 16:52:13 +02:00
Miroslav Stampar
906cb6d3c2 Removing a hard limit to use --start/--stop only for --dump scenarios 2015-09-28 11:11:39 +02:00
Miroslav Stampar
ea4cef9c6d Skipping quit exception in case of --search 2015-09-24 13:44:51 +02:00
Miroslav Stampar
e19b097ab5 Bug fix (--columns has been broken for last couple of days) 2015-09-24 11:49:05 +02:00
Miroslav Stampar
aa088aafd2 Looks more technical 2015-09-23 08:47:52 +02:00
Miroslav Stampar
058f63a050 Patch for annoying retrieval of columns during dump (if -C used) 2015-09-22 12:33:11 +02:00
Miroslav Stampar
03da24b249 Minor cosmetics 2015-09-22 12:03:47 +02:00
Miroslav Stampar
f494004f44 Switching to the getSafeExString (where it can be used) 2015-09-10 15:51:33 +02:00
Miroslav Stampar
72cf9041bf Fixes #1401 2015-09-09 14:46:06 +02:00
Miroslav Stampar
d06646e412 Miniscule change 2015-09-03 10:32:22 +02:00
Miroslav Stampar
41c21ab7f2 Minor consistency patch 2015-09-03 10:19:59 +02:00
Miroslav Stampar
69563fc24f Language fix 2015-09-03 10:18:00 +02:00
Miroslav Stampar
1cf012521d Minor refactoring 2015-08-26 16:18:03 +02:00
Miroslav Stampar
76c8ce0e70 More flexible --sql-file 2015-08-23 22:54:08 +02:00
Miroslav Stampar
e623ee66ad Better approach for #1320 2015-07-30 23:29:31 +02:00
Miroslav Stampar
bcb25823e6 Fixes #1320 2015-07-30 23:19:38 +02:00
Miroslav Stampar
64b45f2ac2 Fixes #1316 2015-07-26 16:34:11 +02:00
Miroslav Stampar
b6ea2fdb07 Fixes #1170 2015-07-24 14:56:45 +02:00
Miroslav Stampar
21e8182ac6 Fixes #1305 2015-07-18 17:01:34 +02:00
Miroslav Stampar
1aafe85a3a Fixes #1299 2015-07-15 11:15:06 +02:00
Bernardo Damele
32373996ee standard message 2015-02-15 20:53:40 +00:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
e2edebd406 Patch for an Issue #1069 2014-12-30 09:04:41 +00:00
Miroslav Stampar
0b91a6098f Patch for an Issue #1050 2014-12-18 15:13:44 +01:00
Miroslav Stampar
bd99470a4a Minor update to cleanup properly new xp_cmdshell 2014-12-05 22:01:59 +01:00
Miroslav Stampar
821e4bf507 Patch for an Issue #987 2014-12-03 08:46:02 +01:00
Miroslav Stampar
636e0588d5 Patch for an Issue #981 2014-12-02 10:29:09 +01:00
Miroslav Stampar
a827453eb7 Update for an Issue #907 2014-11-16 08:31:01 +01:00
Miroslav Stampar
c98bd521c5 Patch for an Issue #923 2014-11-11 11:53:51 +01:00
Miroslav Stampar
d400dc27f2 Patch for an Issue #907 2014-11-08 21:54:34 +01:00
Miroslav Stampar
d087565051 Fix for Issues #905 and #906 2014-11-06 11:41:10 +01:00
Miroslav Stampar
3b3b8d4ef2 Potential bug fix (escaping formatted regular expressions) 2014-10-28 14:02:55 +01:00
Miroslav Stampar
be213bc657 Bug fix for crashes caused by '--search --exclude-sysdbs --current-db' 2014-10-12 22:41:53 +02:00
Miroslav Stampar
57eb19377e Minor code refactoring 2014-09-16 09:07:31 +02:00
Miroslav Stampar
1069399668 Minor style update 2014-08-21 00:32:15 +02:00
Miroslav Stampar
77ba63b060 Minor language update 2014-08-19 23:56:04 +02:00
Miroslav Stampar
30fb8e8a50 Patch regarding Issue #774 (SELECT is redundant in case of LOAD_FILE) 2014-08-16 14:23:07 +02:00
Miroslav Stampar
5436635acb Minor update 2014-08-13 13:32:22 +02:00
Miroslav Stampar
ac43051df2 Patch for an Issue #553 2014-06-23 21:24:45 +02:00
Miroslav Stampar
11dee4c8cd Patch for an Issue #731 2014-06-22 00:19:10 +02:00
Miroslav Stampar
401f896175 Patch related to the Issue #696 2014-05-20 13:44:10 +02:00
Miroslav Stampar
67115ed558 Minor fix (for a bug reported via ML) 2014-05-17 15:00:09 +02:00
Miroslav Stampar
fc3c321b01 Minor update 2014-05-15 19:08:41 +02:00
Miroslav Stampar
e7bc57b00b Fix for an Issue #683 2014-05-04 20:44:11 +02:00
Miroslav Stampar
3beb1ae2a1 Trivial fix (backslashes should be escaped) 2014-04-06 18:15:06 +02:00
Miroslav Stampar
fca57da1cf Fix for --tables on HSQLDB 2014-03-07 15:57:41 +01:00
Miroslav Stampar
d05bfdd7dd Implementing option '--where' (Issue #605) 2014-02-11 16:20:45 +01:00
Miroslav Stampar
de8cb15350 Fix for an Issue #601 2014-02-05 15:11:39 +01:00
Miroslav Stampar
ab36e5a2f0 Fix for an Issue #597 2014-01-15 10:29:58 +01:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
6863436d4e Implementation for an Issue #596 2014-01-13 10:05:56 +01:00
Miroslav Stampar
ebccba922b Fix for an Issue #543 2013-10-16 11:25:55 +02:00
Miroslav Stampar
6a3d804af5 Minor update (display NULL instead of FALSE when non-query statement is sqlQueried) 2013-09-02 11:32:32 +02:00
Miroslav Stampar
de31688c4f Update for an Issue #481 2013-07-29 18:25:27 +02:00
stamparm
dbb0d7f700 Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used) 2013-07-19 13:24:35 +02:00
stamparm
e498694928 Fix for a NoneType/--columns issue reported over ML 2013-07-02 15:02:07 +02:00
Bernardo Damele
5882ab59d8 fixed #478 2013-07-01 22:30:59 +01:00
Bernardo Damele
6468211f65 tables and databases names on MSQLDB are capitalized 2013-07-01 11:54:31 +01:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Meatballs
550693032b Remote whitespace in databases.py 2013-06-24 15:03:08 +01:00
Meatballs
62000c6406 Remaining files 2013-06-24 14:42:58 +01:00
Miroslav Stampar
c2dce66a46 Fix for an user reported bug (tbl can be None) 2013-06-16 12:35:05 +02:00
Miroslav Stampar
540493a69f Fix for empty strings (previously '' was just removed) 2013-06-11 12:56:20 +02:00
Miroslav Stampar
ca53dfad84 Minor fix 2013-06-01 13:44:50 +02:00
stamparm
1c2197e8de Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends) 2013-04-15 16:18:40 +02:00
stamparm
f936746423 Code restyling 2013-04-15 14:31:27 +02:00
stamparm
aed738d6e6 Update for an Issue #361 2013-04-15 14:20:21 +02:00
stamparm
3e65037a05 Introducing lib/utils/sqlalchemy.py (Issue #361) 2013-04-15 10:33:25 +02:00
Bernardo Damele
34ce8742f1 removed leftover 2013-02-26 10:12:18 +00:00
Miroslav Stampar
f817105db3 Minor bug fix 2013-02-18 14:40:39 +01:00
Miroslav Stampar
046f347f5d Minor fix 2013-02-15 17:36:58 +01:00
Miroslav Stampar
834ae6aac0 Another minor update 2013-02-15 17:36:58 +01:00
Miroslav Stampar
97c06854a4 Minor fixes 2013-02-15 17:36:58 +01:00
Miroslav Stampar
67157fa2ba Some more minor fixes 2013-02-15 14:28:05 +01:00
Miroslav Stampar
b1c0cabde5 Minor fixes 2013-02-15 14:21:51 +01:00
Miroslav Stampar
2fb599619a Bug fix 2013-02-15 13:55:09 +01:00
Bernardo Damele
d8942d2ae0 fixes #396 - adapted the engine to properly verify all steps of takeover were successul, minor code refactoring too 2013-02-14 18:32:22 +00:00
Bernardo Damele
d42d28392a avoid tracebacks because the parameter does not exist 2013-02-14 13:18:33 +00:00
Bernardo Damele
c9c520a325 no need to repeat the debug message each time this function is called 2013-02-14 13:18:15 +00:00
Bernardo Damele
1de109747f minor bug fix introduced in 2267dd8f47 2013-02-14 12:39:17 +00:00
Miroslav Stampar
0b8de94ace Putting cases with INTO here too 2013-02-14 12:35:17 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
2267dd8f47 working on #392 to fix --os-cmd and --os-shell output parsing 2013-02-14 11:31:20 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Bernardo Damele
cbb5c79d29 typo fix 2013-02-13 13:07:47 +00:00
Bernardo Damele
d9e716b95d added two debug messages for clarity 2013-02-13 12:46:45 +00:00
Miroslav Stampar
dd6f50a00e Removing unused imports 2013-02-13 11:15:24 +01:00
Miroslav Stampar
dc41484b3f Refactoring of funcionality for finding out if stacking is available 2013-02-13 09:57:16 +01:00
Miroslav Stampar
c9447fbbe7 Minor patch to return False if --is-dba returns None 2013-02-12 13:04:42 +01:00
Miroslav Stampar
093a93938c Bug fix (making non-query statements available for stacked conditional-error blind cases too) 2013-02-11 20:43:12 +01:00
Bernardo Damele
8bfee3b802 started to work on #373 to improve usability when user is not DBA 2013-02-11 18:07:58 +00:00
Miroslav Stampar
2f69a94bcf Bug fix for --search -C 2013-02-05 12:24:57 +01:00
Miroslav Stampar
e836629215 Bug fixes for search (safeStringFormat should not replace all if given scalar values) 2013-02-05 11:37:49 +01:00
Miroslav Stampar
31230c5a42 Minor fix 2013-02-05 11:23:22 +01:00
Miroslav Stampar
87ad96bf01 Minor cosmetic fix 2013-02-05 11:18:46 +01:00
Miroslav Stampar
81d4f9f7d1 Bug fix for last regression test (--search related) 2013-01-31 16:41:23 +01:00
Miroslav Stampar
6b6e36b2ec Continuation of work on fixing DISTINCT/--search issues (Oracle) 2013-01-30 18:08:34 +01:00
Miroslav Stampar
838e98192e Consistency update (we are not using DISTINCT in inband counterparts too) 2013-01-30 17:25:36 +01:00
Miroslav Stampar
93c59c7277 Fix for a --privileges --technique=B --dbms=Oracle (when one user has no privileges everything is foobared) 2013-01-30 16:41:57 +01:00
Miroslav Stampar
95998e3989 Implementing undocumented way how to retrieve w+ temporary directory name on MsSQL (suggested by Vlado Velichkovski) 2013-01-30 14:38:21 +01:00
Miroslav Stampar
6005046280 Bug fix (--dbms=mysql --tables -D testdb --exclude-sysdbs --technique=E was not working) 2013-01-30 11:36:04 +01:00
Miroslav Stampar
7e73825ece Minor cosmetics 2013-01-29 15:34:41 +01:00
Miroslav Stampar
c83f468a37 Trivial changes 2013-01-23 15:34:20 +01:00
Miroslav Stampar
9825e247db Refactoring search module 2013-01-23 14:22:35 +01:00
Bernardo Damele
ff160abf10 minor bug fix 2013-01-23 13:02:02 +00:00
Bernardo Damele
45af22872a fixes #370 (the bug was introduced with commit edb977a74e)# 2013-01-23 13:00:58 +00:00