Commit Graph

257 Commits

Author SHA1 Message Date
Miroslav Stampar
1f085a0241 now [SLEEPTIME] is changeable properly in vivo 2012-01-05 14:45:05 +00:00
Miroslav Stampar
9d50c806e1 bug fix 2012-01-05 10:55:58 +00:00
Miroslav Stampar
29f502fe29 some refactoring 2011-12-28 16:27:17 +00:00
Miroslav Stampar
526aacb640 code cleanup 2011-12-21 22:59:23 +00:00
Miroslav Stampar
f39170a2c4 minor update 2011-11-22 15:06:51 +00:00
Miroslav Stampar
e290f2b80b minor update 2011-10-28 11:11:55 +00:00
Miroslav Stampar
8bd3cfdc8e minor update 2011-10-24 00:17:38 +00:00
Miroslav Stampar
e1dbb4443b minor update related to the last commit 2011-08-16 07:01:14 +00:00
Miroslav Stampar
7cc5743c5d minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) 2011-08-16 06:50:20 +00:00
Miroslav Stampar
6bbb8139a0 update (smaller memory footprint in postprocessing phase because of safecharencode part) 2011-07-25 20:40:31 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Miroslav Stampar
34d9a91af1 bulk of fixes 2011-07-02 22:48:56 +00:00
Bernardo Damele
9eb683531d Minor improvement at blind SQL inj technique for DB2 2011-06-27 22:28:12 +00:00
Miroslav Stampar
905fef0eae now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5) 2011-06-18 10:51:14 +00:00
Miroslav Stampar
fde3e4cece better 2011-06-18 09:52:07 +00:00
Miroslav Stampar
2f129b01c0 "Please consider to provide" is a bad English 2011-06-18 09:46:22 +00:00
Miroslav Stampar
9498a3f259 little stabilization of multi threading 2011-06-17 12:50:28 +00:00
Bernardo Damele
0d8d6a4ace Cosmetics 2011-06-08 16:08:20 +00:00
Miroslav Stampar
4a9640160e more concise 2011-06-08 14:35:23 +00:00
Miroslav Stampar
6b81eef65a refactoring 2011-06-08 14:30:12 +00:00
Miroslav Stampar
50dde39e68 minor update 2011-06-07 10:32:18 +00:00
Miroslav Stampar
8227298057 user friendliness uber 9000 2011-05-27 08:30:52 +00:00
Miroslav Stampar
5369657cd5 fix for cases with retrieved binary files (preventing difflib nagging around comparison) 2011-05-25 20:54:30 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Miroslav Stampar
29ee760021 improving time based data retrieval mechanism 2011-04-17 07:24:18 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Miroslav Stampar
277f16d6b3 removing commented out debug print 2011-04-08 22:44:05 +00:00
Miroslav Stampar
ea52d7acad minor revisit of inference 2011-03-24 20:10:40 +00:00
Bernardo Damele
60605b6e7c Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only) 2011-02-27 12:14:13 +00:00
Miroslav Stampar
0edb4ee314 minor fix 2011-02-03 13:28:10 +00:00
Bernardo Damele
6761933f75 Just.. cosmetics ;) 2011-01-31 22:51:14 +00:00
Miroslav Stampar
777a19cfa9 LOL. removing that debug 'True' 2011-01-31 16:22:55 +00:00
Miroslav Stampar
a80fe28631 one more thing ;) 2011-01-31 16:21:28 +00:00
Miroslav Stampar
933d701667 cosmetics 2011-01-31 16:14:44 +00:00
Miroslav Stampar
b1dc928e68 implemented validation for time-based inference 2011-01-31 16:07:23 +00:00
Miroslav Stampar
25463bc67c fix for a bug (--predict-output) noticed by Bernardo 2011-01-31 15:00:41 +00:00
Bernardo Damele
2a0b03e5c6 Unused import 2011-01-30 17:07:27 +00:00
Miroslav Stampar
367d0639f0 refactoring (class names should always be Capital cased) 2011-01-28 16:36:09 +00:00
Miroslav Stampar
ddd296030d added some more info to unhandled exception message(s) 2011-01-28 16:15:45 +00:00
Miroslav Stampar
8d0c2efbe2 unescaping of char marked payloads 2011-01-24 12:00:16 +00:00
Miroslav Stampar
a4a0f10950 minor minor minor 2011-01-20 09:25:34 +00:00
Bernardo Damele
bade0e3124 Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-19 23:06:15 +00:00
Miroslav Stampar
eadaf680de fuck yea 2011-01-19 15:25:48 +00:00
Bernardo Damele
3822b494ea Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns. 2011-01-17 23:43:37 +00:00
Miroslav Stampar
5c857779c1 important fix for unicode based character inference 2011-01-17 10:15:19 +00:00
Miroslav Stampar
30d6791968 update regarding time based data retrieval 2011-01-16 17:52:42 +00:00
Miroslav Stampar
71391874eb slightly faster and thread safer inference 2011-01-16 10:52:42 +00:00
Bernardo Damele
6e4b65a822 Minor refactoring 2011-01-15 23:28:31 +00:00
Bernardo Damele
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Bernardo Damele
06230e4d92 Minor code refactoring and cosmetics 2011-01-11 21:46:21 +00:00
Miroslav Stampar
7ae5192070 adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) 2011-01-05 10:25:07 +00:00
Miroslav Stampar
edcf1a0872 few bug fixes 2010-12-24 18:40:48 +00:00
Miroslav Stampar
385e208f38 code refactoring regarding standard output suppression and some threading issues 2010-12-21 14:21:24 +00:00
Miroslav Stampar
5852bad963 some refactoring 2010-12-20 18:56:06 +00:00
Miroslav Stampar
36862e2efa update 2010-12-18 15:57:47 +00:00
Miroslav Stampar
6a24048aa6 urllib2 doesn't play well with '\n' when non unescaped chars used 2010-12-11 21:17:54 +00:00
Miroslav Stampar
f021548bd0 added inference failsafe (like in for instance Firebirds SUBSTR always returns a string value, no matter which starting index you use) 2010-12-11 10:52:04 +00:00
Miroslav Stampar
c17f444aab minor fix 2010-12-11 10:22:18 +00:00
Miroslav Stampar
fe2039f5ba coollyy little commits 2010-12-10 11:32:46 +00:00
Miroslav Stampar
cdff29ada7 update 2010-12-09 11:23:44 +00:00
Bernardo Damele
f5ce739bdf Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet. 2010-12-08 23:52:31 +00:00
Miroslav Stampar
6223f25dd9 code beautification 2010-12-08 13:04:48 +00:00
Miroslav Stampar
b5e45939e3 sqlmap premiere of blind time based query/bisection 2010-12-08 12:28:54 +00:00
Bernardo Damele
17486e472a Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! 2010-11-17 22:00:09 +00:00
Miroslav Stampar
862395ced1 further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Bernardo Damele
ea1b0d31be Avoid displaying single retrieved character when --verbose > 2 2010-11-07 22:42:56 +00:00
Bernardo Damele
b6da946883 Added one new verbose level, -v 3 now shows the full injected payload.
Fixed also -d verbose output.
2010-11-07 22:34:29 +00:00
Miroslav Stampar
d3e7e89e60 major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces 2010-11-07 21:18:09 +00:00
Miroslav Stampar
3f0a443b83 some updates 2010-11-04 23:08:59 +00:00
Miroslav Stampar
cd0d4135ac implemented --banner for MaxDB and some minor fixes 2010-11-02 20:51:55 +00:00
Miroslav Stampar
5269cb8c08 some code refactoring and beautification 2010-11-02 09:06:38 +00:00
Miroslav Stampar
13e93f564a one bug fix in dynamic content engine and some code refactoring 2010-11-02 07:32:08 +00:00
Miroslav Stampar
73b33ed765 fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic 2010-11-01 20:56:13 +00:00
Miroslav Stampar
5a38ac7ea9 important update regarding (Bug #209) - probably more will be needed 2010-10-29 16:11:50 +00:00
Bernardo Damele
215175e3b7 Minor code adjustments 2010-10-25 14:11:47 +00:00
Miroslav Stampar
98f5586b87 minor update 2010-10-23 08:05:24 +00:00
Miroslav Stampar
bc79eec702 removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO) 2010-10-21 13:13:12 +00:00
Bernardo Damele
64b9f94fcf Renamed --common-prediction switch to --predict-output 2010-10-16 23:50:13 +00:00
Bernardo Damele
2129935e06 Split character for tamper scripts (--tamper option) is now comma, not semi-colon.
Minor enhancement
2010-10-16 21:52:16 +00:00
Miroslav Stampar
1336b97c2c removed --useBetween switch and added new tampering module ./tamper/between.py 2010-10-15 23:48:07 +00:00
Miroslav Stampar
4f7f20b94f sorry, cosmetics 2010-10-14 23:18:29 +00:00
Bernardo Damele
1674142d82 Minor cosmetic fixes 2010-10-14 15:28:54 +00:00
Miroslav Stampar
8b48833136 large commit with copyright header modifications 2010-10-14 14:41:14 +00:00
Miroslav Stampar
b37dca1c2c minor adjustment 2010-07-19 09:06:19 +00:00
Miroslav Stampar
9edd468caf multithreading save to session on abort 2010-07-19 08:37:45 +00:00
Bernardo Damele
7349f3a70f Closes #197 2010-07-01 15:25:57 +00:00
Miroslav Stampar
bb9401ba52 minor minor fixup 2010-07-01 14:14:43 +00:00
Miroslav Stampar
9d28ae23ca fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval) 2010-07-01 14:11:45 +00:00
Bernardo Damele
17e228024b Minor enhancements and bug fixes to "good samaritan" feature - see #4 2010-06-21 14:40:12 +00:00
Bernardo Damele
b98f6ac71c Minor layout adjustment 2010-06-17 13:27:43 +00:00
Bernardo Damele
fd76f048b6 Added common pattern value support to bisection algorithm 2010-06-17 11:38:32 +00:00
Miroslav Stampar
35642a0450 some more adjustments 2010-06-10 15:03:08 +00:00
Miroslav Stampar
1b30c46348 fix for an bug reported by David Guimaraes 2010-06-10 14:52:33 +00:00
Miroslav Stampar
7fbeebc4d9 grammar fix 2010-06-03 08:55:13 +00:00
Miroslav Stampar
bf071d33d2 some comments added 2010-06-02 15:18:33 +00:00
Miroslav Stampar
af2f184464 some comments regarding inference.py 2010-05-31 15:20:20 +00:00
Bernardo Damele
6df2d98fc9 Minor bug fix in common.py goGoodSamaritan().
Minor code cleanup and adjustments.
2010-05-31 15:05:29 +00:00
Miroslav Stampar
4bb5885413 some changes regarding --common-outputs feature 2010-05-31 09:41:41 +00:00
Bernardo Damele
b798222dd7 Minor fixes 2010-05-30 14:53:13 +00:00
Miroslav Stampar
655bd79fc4 some renaming 2010-05-28 10:50:54 +00:00
Miroslav Stampar
838762fb00 previous quick fix removal 2010-05-28 10:38:23 +00:00
Miroslav Stampar
7ef286a76f some speed up 2010-05-28 10:33:09 +00:00
Miroslav Stampar
48c0f4f053 minor fix 2010-05-28 10:17:03 +00:00
Miroslav Stampar
4eccf1a25d quick fix 2010-05-28 10:01:19 +00:00
Bernardo Damele
9de1671b8f Code refactoring and minor bug fixes. 2010-05-27 16:45:09 +00:00
Miroslav Stampar
ce29c841cf some comments added 2010-05-26 11:14:22 +00:00
Miroslav Stampar
bbdbe44e3f fuck yea, first tests (MySQL/--tables & --common-prediction) are great :) 2010-05-26 10:41:37 +00:00
Miroslav Stampar
7f0db26e99 more code updates regarding good samaritan (common output) feature 2010-05-26 09:48:20 +00:00
Miroslav Stampar
8ed76b3024 minor update regarding good samaritan 2010-05-25 14:51:02 +00:00
Miroslav Stampar
065d5b02ec added singleValue parameter for good samaritan (same thing Bernardo wanted :) 2010-05-25 13:51:03 +00:00
Miroslav Stampar
056d1ad76e new commit regarding good samaritan feature 2010-05-25 13:06:23 +00:00
Miroslav Stampar
dc83f794ea fix regarding proper string isinstance checking (including unicode) 2010-05-25 10:09:35 +00:00
Miroslav Stampar
f718425cf4 minor fix 2010-05-24 11:18:47 +00:00
Miroslav Stampar
e9be60e1ac added support for proper unicode session(s) storage/retrieval 2010-05-24 11:00:49 +00:00
Miroslav Stampar
f34e6badfd removed pdb 2010-05-24 09:29:16 +00:00
Miroslav Stampar
f0d3e6c565 fix 2010-05-24 09:28:20 +00:00
Miroslav Stampar
887352746b some speedup (usage of xrange (virtual range) instead of range) 2010-05-23 22:14:57 +00:00
Miroslav Stampar
2c2d6d3623 operator fix 2010-05-23 21:35:42 +00:00
Miroslav Stampar
7dc1bf0324 quick (probably not final) fix for unicode inference (not yet tested) 2010-05-23 21:32:51 +00:00
Miroslav Stampar
64f2afe585 in a mood for more changes 2010-05-21 12:44:09 +00:00
Miroslav Stampar
219628aa01 quick fixes 2010-05-21 12:25:49 +00:00
Miroslav Stampar
68e13c3872 periodical commit 2010-05-21 09:35:36 +00:00
Miroslav Stampar
d96723a135 fix for Feature #157 2010-05-13 11:17:24 +00:00
Bernardo Damele
9efe001515 SQLite does not support BETWEEN 2010-05-12 22:02:47 +00:00
Miroslav Stampar
893bc04fe4 changes regarding Feature #157 (Evaluate BETWEEN for inference algorithm) 2010-05-12 11:30:32 +00:00
Bernardo Damele
8b74c405f5 Minor output bug fix 2010-05-11 14:15:03 +00:00
Miroslav Stampar
430a25407b fixed that thread partial output problem (one character behind) reported by Kasper Fons 2010-05-11 11:06:21 +00:00
Miroslav Stampar
d8e5585c66 fixed a bug reported by Mosk Dmitri (infoMsg UnboundLocalError) 2010-04-29 08:30:29 +00:00
Miroslav Stampar
7d3a200ab8 fix for Bug #183 2010-04-19 15:25:52 +00:00
Bernardo Damele
a0c8adc266 Minor bug fix to add the "hinted" request to the total number of requests performed
Minor layout adjustments.
2010-04-15 10:08:27 +00:00
Miroslav Stampar
17554759b7 implemented feature request from Ole Rasmussen regarding table name retrieval speedup 2010-04-15 09:36:13 +00:00
Bernardo Damele
be81c20298 Minor layout adjustment 2010-03-25 16:26:50 +00:00
Bernardo Damele
8e57767c48 Fixes #180 - properly url encode sqlmap payload in POST/Cookie too, like for GET 2010-03-23 10:27:39 +00:00
Bernardo Damele
f9a135e232 Minor bug fix and layout adjustment regarding --threading and standard output 2010-03-22 17:38:19 +00:00
Bernardo Damele
0d559d14df Initial support for SQLite (90% approx).
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Bernardo Damele
25f8a72414 Minor layout adjustment 2010-03-12 14:48:33 +00:00
Miroslav Stampar
17d0b82fee two dots instead of three 2010-03-12 14:31:14 +00:00
Miroslav Stampar
15c638ac52 some beautification 2010-03-12 13:07:07 +00:00
Miroslav Stampar
7ec04281dd minor adjustments 2010-03-12 12:46:26 +00:00
Miroslav Stampar
fffda32f76 fix for Bug #167 2010-03-12 12:38:19 +00:00
Miroslav Stampar
ec43419ad1 minor makeup fix 2010-03-11 11:20:52 +00:00
Miroslav Stampar
2c053d5cfb fix for Bug #166 (Keyboard interrupt in Python threading) 2010-03-11 11:14:20 +00:00
Miroslav Stampar
91dd609e26 fixed threading bug (difflib :) 2010-03-10 14:14:27 +00:00
Bernardo Damele
156fdd96ef Updated copyright 2010-03-03 15:26:27 +00:00
Bernardo Damele
b08a4efb4b Minor layout adjustments 2010-02-04 17:45:56 +00:00
Miroslav Stampar
5f171340f5 introduced safe string formatting 2010-01-15 16:06:59 +00:00
Bernardo Damele
ce022a3b6e sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup. 2010-01-02 02:02:12 +00:00
Bernardo Damele
89c43893d4 Merged back from personal branch to trunk (svn merge -r846:940 ...)
Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.
2009-09-25 23:03:45 +00:00
Bernardo Damele
3b9303186e Fixed minor bug with --eta 2009-06-24 13:44:14 +00:00
Bernardo Damele
13de8366d0 Major silent bug fix to multi-threading functionality. Thanks Nico Leidecker for reporting! 2009-05-20 09:34:13 +00:00