Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f91843540f 
							
						 
					 
					
						
						
							
							Major bug fix when the CU alias (current user) is given (with -U option)  
						
						... 
						
						
						
						together with --privileges or --password to work properly also on
MySQL >= 5.0. 
						
					 
					
						2009-01-19 21:25:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8f973ce574 
							
						 
					 
					
						
						
							
							Minor layout adjustments  
						
						
						
					 
					
						2009-01-18 22:36:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							161590e121 
							
						 
					 
					
						
						
							
							Added MySQL UDF to execute commands on the underlying system:  
						
						... 
						
						
						
						* sys_eval() to return the standard output
* sys_exec() to return the exit status
It's a patched version of http://mysqludf.org/lib_mysqludf_sys/index.php  
						
					 
					
						2009-01-17 00:13:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6690b4c00a 
							
						 
					 
					
						
						
							
							Added svn executable property  
						
						
						
					 
					
						2009-01-17 00:05:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bc3b4c6936 
							
						 
					 
					
						
						
							
							Minor layout adjustments in the user's manual  
						
						
						
					 
					
						2009-01-13 23:16:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fd7cb9101c 
							
						 
					 
					
						
						
							
							Major bug fix to forge SQL injection payload on Oracle  
						
						
						
					 
					
						2009-01-13 23:15:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bc448211c5 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2009-01-13 23:15:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							73e713c5ba 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2009-01-12 23:59:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							26cb082fc3 
							
						 
					 
					
						
						
							
							Added a README for dbgtool  
						
						
						
					 
					
						2009-01-12 23:17:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							de393628d0 
							
						 
					 
					
						
						
							
							Added dbgtool to extras, a port in python of toolcrypt.org dbgtool. Inspired by sqlninja perl script makescr.pl.  
						
						
						
					 
					
						2009-01-12 23:02:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5560f0b68a 
							
						 
					 
					
						
						
							
							Updated the copyright  
						
						
						
					 
					
						2009-01-12 21:35:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							92645dd264 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2009-01-10 14:51:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9b0f11f879 
							
						 
					 
					
						
						
							
							Added an ASP uploader  
						
						
						
					 
					
						2009-01-10 14:40:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e10ab5aa0e 
							
						 
					 
					
						
						
							
							Major bug fixes  
						
						
						
					 
					
						2009-01-10 14:39:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9c125a2b57 
							
						 
					 
					
						
						
							
							Minor improvement to use Python ConfigParser library when --save if specified.  
						
						... 
						
						
						
						Minor update to the user's manual 
						
					 
					
						2009-01-03 22:59:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6ff8feb5cf 
							
						 
					 
					
						
						
							
							Updated documentation  
						
						
						
					 
					
						2009-01-03 01:25:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0604ef513 
							
						 
					 
					
						
						
							
							Major bug fix to correctly handle custom SQL "limited" queries on Oracle  
						
						
						
					 
					
						2009-01-03 01:19:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2d87a3349f 
							
						 
					 
					
						
						
							
							Fixed custom MSSQL "limited" query support also for Partial UNION query technique  
						
						
						
					 
					
						2009-01-03 00:27:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9c42a883be 
							
						 
					 
					
						
						
							
							Major bug fix to make it work properly with MSSQL custom limited (SELECT  
						
						... 
						
						
						
						TOP ...) queries with both inferential blind and Full UNION query
injection 
						
					 
					
						2009-01-02 23:26:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2cc3bb2f6a 
							
						 
					 
					
						
						
							
							Minor improvement to PostgreSQL signatures file to identify Windows.  
						
						... 
						
						
						
						Minor improvement to Microsoft SQL Server "limit" queries. 
						
					 
					
						2009-01-02 23:23:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9e0d890171 
							
						 
					 
					
						
						
							
							Fixed MySQL 5.1 extensive fingerprint  
						
						
						
					 
					
						2009-01-02 23:21:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c1010c20d8 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2008-12-30 21:24:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a4d62af2ea 
							
						 
					 
					
						
						
							
							Minor layout adjustments to --union-tech  
						
						
						
					 
					
						2008-12-29 18:48:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9340bf59fb 
							
						 
					 
					
						
						
							
							Updated Microsoft SQL Server signature XML file.  
						
						... 
						
						
						
						Minor layout adjustments to --update output messages/diff 
						
					 
					
						2008-12-29 18:46:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0e9873fd4f 
							
						 
					 
					
						
						
							
							Preparing documentation for 0.6.4  
						
						
						
					 
					
						2008-12-29 18:44:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c83593c044 
							
						 
					 
					
						
						
							
							Limited custom query now works also on Oracle in inferential blind SQL  
						
						... 
						
						
						
						injection technique 
						
					 
					
						2008-12-23 23:34:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							24ddbdc89d 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2008-12-22 23:34:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b0ad102efb 
							
						 
					 
					
						
						
							
							Better fingerprint technique for Microsoft SQL Server  
						
						
						
					 
					
						2008-12-22 23:32:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							79c8d63b88 
							
						 
					 
					
						
						
							
							Major speed increase in DBMS basic fingerprint  
						
						
						
					 
					
						2008-12-22 23:26:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							64bb57d786 
							
						 
					 
					
						
						
							
							Minor bug fix to make the Partial UNION query SQL injection technique  
						
						... 
						
						
						
						work properly also on Oracle and Microsoft SQL Server. 
						
					 
					
						2008-12-22 22:48:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1f7810e46a 
							
						 
					 
					
						
						
							
							Major bug fix to make partial UNION query sql injection work properly  
						
						... 
						
						
						
						also on Microsoft SQL Server 
						
					 
					
						2008-12-22 19:36:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							064029cb2d 
							
						 
					 
					
						
						
							
							Addd one more MS Access signature  
						
						
						
					 
					
						2008-12-22 19:35:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							04c187c66a 
							
						 
					 
					
						
						
							
							Working on a bug (fix for Partial UNION query SQL injection technique  
						
						... 
						
						
						
						both Oracle and Microsoft SQL Server). 
						
					 
					
						2008-12-22 00:51:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2f406b3e56 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2008-12-22 00:04:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c05f600e90 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2008-12-21 21:40:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4ae464c80d 
							
						 
					 
					
						
						
							
							Minor enhancement to support an option (--union-tech) to specify the  
						
						... 
						
						
						
						technique to use to detect the number of columns used in the web
application SELECT statement: NULL bruteforcing (default) or ORDER BY
clause. 
						
					 
					
						2008-12-21 21:39:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f92b76a8b0 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2008-12-21 16:39:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							374b9ba878 
							
						 
					 
					
						
						
							
							Updated documentation based upon recent developments  
						
						
						
					 
					
						2008-12-21 16:35:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							35708a0b97 
							
						 
					 
					
						
						
							
							Minor adjustment to UNION query SQL injection detection function.  
						
						... 
						
						
						
						Updated command line help message based upon recent developments.
Updated copyright note of lib/contrib/multipartpost.py. 
						
					 
					
						2008-12-21 16:35:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							996a872e51 
							
						 
					 
					
						
						
							
							We are already on sqlmap 0.6.4 release candidate 1..  
						
						
						
					 
					
						2008-12-20 13:23:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c18efe5084 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2008-12-20 13:21:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8d06975142 
							
						 
					 
					
						
						
							
							Major enhancement to make the comparison algorithm work properly also  
						
						... 
						
						
						
						on url not stables automatically by using the difflib SequenceMatcher
object: this changed a lot into the structure of the code, has to be
extensively beta-tested!
Please, do report bugs on sqlmap-users mailing list if you scout them.
Cheers,
Bernardo 
						
					 
					
						2008-12-20 01:54:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e8ac16245 
							
						 
					 
					
						
						
							
							Added preventive check for stacked queries support when executing DDL,  
						
						... 
						
						
						
						DML & co. statements in SQL query and SQL shell. Minor improvements on    
this new feature.
Increased default connection timeout to 30 seconds (needed for vmware
machine not correctly synched). 
						
					 
					
						2008-12-19 20:48:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ad228e6947 
							
						 
					 
					
						
						
							
							Ahead with the improvements to the comparison algorithm.  
						
						... 
						
						
						
						Added support internally to forge CASE statements, used only by
--is-dba query at the moment.
Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and
SQL shell.
Minor code adjustments. 
						
					 
					
						2008-12-19 20:09:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							68354be45a 
							
						 
					 
					
						
						
							
							Ahead with enhancements on comparison algorithm: implemented content-length technique  
						
						
						
					 
					
						2008-12-18 22:49:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							afbd66f6d9 
							
						 
					 
					
						
						
							
							Added some comments  
						
						
						
					 
					
						2008-12-18 21:58:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0d6632c22 
							
						 
					 
					
						
						
							
							Initial support to automatically work around the dynamic page at each refresh  
						
						... 
						
						
						
						(Major refactor to the comparison algorithm (True/False response)) 
						
					 
					
						2008-12-18 20:48:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3fe493b63d 
							
						 
					 
					
						
						
							
							Minor enhancement to support an option (--is-dba) to show if the  
						
						... 
						
						
						
						current user is a database management system administrator. 
						
					 
					
						2008-12-18 20:41:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c32ef9d751 
							
						 
					 
					
						
						
							
							Major bug fix to avoid tracebacks when multiple targets are specified and one  
						
						... 
						
						
						
						of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided. 
						
					 
					
						2008-12-18 20:38:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2efb3ae2ba 
							
						 
					 
					
						
						
							
							Documentation updated, now ready for 0.6.3 release  
						
						
						
					 
					
						2008-12-17 23:26:14 +00:00