Miroslav Stampar
|
24e4429bf6
|
or better yet, there is no need for _ or *args on getPrivileges (tried with SQLite and MSSql which crashed)
|
2010-10-21 13:31:06 +00:00 |
|
Miroslav Stampar
|
fe3967bdec
|
fix for --privileges (on MSSql --privileges returned exception)
|
2010-10-21 13:28:29 +00:00 |
|
Miroslav Stampar
|
bc79eec702
|
removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)
|
2010-10-21 13:13:12 +00:00 |
|
Bernardo Damele
|
526694c80c
|
Minor fix
|
2010-10-20 22:24:06 +00:00 |
|
Bernardo Damele
|
e73e06069b
|
Minor code refactoring
|
2010-10-20 22:09:03 +00:00 |
|
Miroslav Stampar
|
82f44989ce
|
update of error based injection and bug fix for --roles on MSSQL server
|
2010-10-20 06:40:33 +00:00 |
|
Miroslav Stampar
|
1b376c99a6
|
removed temp dictionary and replaced with kb.misc
|
2010-10-19 23:00:19 +00:00 |
|
Miroslav Stampar
|
6a8b1046d4
|
first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)
|
2010-10-19 12:02:04 +00:00 |
|
Bernardo Damele
|
60a1b48194
|
Major bug fix for --os-pwn
|
2010-10-17 20:44:16 +00:00 |
|
Bernardo Damele
|
e7c8be1d45
|
Minor layout adjustments
|
2010-10-15 15:37:15 +00:00 |
|
Miroslav Stampar
|
8883918ef9
|
cosmetics
|
2010-10-15 10:03:51 +00:00 |
|
Miroslav Stampar
|
743e6d2655
|
cosmetics
|
2010-10-15 10:02:09 +00:00 |
|
Miroslav Stampar
|
207bef7f19
|
fix for that SQLite3 vs SQLite2 issue
|
2010-10-15 09:39:41 +00:00 |
|
Miroslav Stampar
|
4f7f20b94f
|
sorry, cosmetics
|
2010-10-14 23:18:29 +00:00 |
|
Miroslav Stampar
|
8b48833136
|
large commit with copyright header modifications
|
2010-10-14 14:41:14 +00:00 |
|
Miroslav Stampar
|
a63c2c9f7c
|
just a test
|
2010-10-14 14:16:45 +00:00 |
|
Miroslav Stampar
|
f700692c74
|
added missing files for Sybase
|
2010-10-13 18:55:17 +00:00 |
|
Miroslav Stampar
|
47022071cb
|
removed pdb
|
2010-10-12 19:17:48 +00:00 |
|
Miroslav Stampar
|
b4685aa77c
|
quick fix
|
2010-10-12 19:16:58 +00:00 |
|
Miroslav Stampar
|
f9f79ffbaf
|
basic stuff for sybase
|
2010-10-12 19:05:12 +00:00 |
|
Miroslav Stampar
|
1369529103
|
minor cosmetic update
|
2010-10-11 13:52:32 +00:00 |
|
Miroslav Stampar
|
8abcdae1b5
|
some update
|
2010-09-30 19:45:23 +00:00 |
|
Miroslav Stampar
|
cf8e92699c
|
changes regarding EXISTS feature
|
2010-09-30 12:35:45 +00:00 |
|
Miroslav Stampar
|
e176b36a7f
|
update
|
2010-09-24 22:09:33 +00:00 |
|
Miroslav Stampar
|
78ba5da4f7
|
fix
|
2010-09-23 22:07:33 +00:00 |
|
Miroslav Stampar
|
18db96c45f
|
fix for bug reported by David Guimaraes (colEntry = entry[index] - IndexError: list index out of range)
|
2010-09-01 09:25:21 +00:00 |
|
Miroslav Stampar
|
b0ba559af5
|
minor update
|
2010-08-31 14:31:17 +00:00 |
|
Miroslav Stampar
|
c4040ab297
|
fix for Feature #136
|
2010-08-31 14:25:37 +00:00 |
|
Miroslav Stampar
|
e810fe7b0b
|
no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions
|
2010-08-31 13:37:53 +00:00 |
|
Miroslav Stampar
|
54f9828e06
|
implemented active fingerprinting for MaxDB
|
2010-08-30 14:16:23 +00:00 |
|
Miroslav Stampar
|
48cc87f6a9
|
added support for fingerprinting SAP MaxDB (Issue 143)
|
2010-08-30 13:29:19 +00:00 |
|
Bernardo Damele
|
26d1a07a1d
|
Minor code refactoring and bug fix in the *rare case* that MySQL on Linux runs as root or the plugin dir (/usr/lib/.*?/plugin is world-writable
|
2010-07-01 10:39:04 +00:00 |
|
Bernardo Damele
|
7c3773a5d7
|
Minor bug fix to -d
|
2010-06-30 14:00:49 +00:00 |
|
Bernardo Damele
|
9ea72f9640
|
Minor bug fixes to -d
|
2010-06-25 13:24:43 +00:00 |
|
Miroslav Stampar
|
660bf0b077
|
fix for that struct pack error
|
2010-06-10 12:14:24 +00:00 |
|
Miroslav Stampar
|
ac55e1b75f
|
fix for localhost firebird direct db access
|
2010-06-10 12:02:48 +00:00 |
|
Miroslav Stampar
|
12a5ec9f3d
|
more unicode refactoring
|
2010-06-02 12:45:40 +00:00 |
|
Bernardo Damele
|
b798222dd7
|
Minor fixes
|
2010-05-30 14:53:13 +00:00 |
|
Bernardo Damele
|
b380d34d3c
|
Added unicode support also to SQLite (2 and 3) connector - see #184.
|
2010-05-29 15:35:38 +00:00 |
|
Bernardo Damele
|
0362f4408d
|
Added unicode support also to MSSQL connector - see #184.
|
2010-05-29 15:29:21 +00:00 |
|
Bernardo Damele
|
1387ed0c25
|
This %TEMP% is a mere cause of problems (e.g. --os-cmd in MSSQL the BULK INSERT with '%TEMP%\foo' does not work), stick with C:/WINDOWS/Temp
|
2010-05-29 15:27:49 +00:00 |
|
Bernardo Damele
|
4ba22b5098
|
Added unicode support also to Oracle connector - see #184.
|
2010-05-29 12:14:51 +00:00 |
|
Bernardo Damele
|
e98b049e7f
|
Added unicode support also to PostgreSQL connector - see #184.
|
2010-05-29 11:46:41 +00:00 |
|
Bernardo Damele
|
89c721a451
|
More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files.
|
2010-05-29 10:10:28 +00:00 |
|
Bernardo Damele
|
06af405efd
|
Adapted and merged in patch to support XML output (-x switch) - still in beta.
Minor bug fixes and adjustments.
|
2010-05-28 16:43:04 +00:00 |
|
Miroslav Stampar
|
a3db3c03c1
|
str() -> unicode()
|
2010-05-28 13:05:02 +00:00 |
|
Miroslav Stampar
|
f24187f251
|
few fixes here and there
|
2010-05-28 12:47:03 +00:00 |
|
Miroslav Stampar
|
dc83f794ea
|
fix regarding proper string isinstance checking (including unicode)
|
2010-05-25 10:09:35 +00:00 |
|
Miroslav Stampar
|
20d05cc404
|
way to handle re.I (ignore case) while using getCompiledRegex
|
2010-05-21 15:03:40 +00:00 |
|
Bernardo Damele
|
f8cdde2d51
|
Layout adjustment
|
2010-05-17 16:23:44 +00:00 |
|