sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00

Author	SHA1	Message	Date
Bernardo Damele	2a0b03e5c6	Unused import	2011-01-30 17:07:27 +00:00
Bernardo Damele	71d82e6f57	Minor layout adjustment	2011-01-30 16:19:58 +00:00
Bernardo Damele	02e5c4b1e6	Minor bug fix for --sql-query/-shell with error-based technique	2011-01-30 14:19:50 +00:00
Miroslav Stampar	bc8f1142c9	minor revert	2011-01-30 11:41:58 +00:00
Miroslav Stampar	ddf23ba7cc	refactoring	2011-01-30 11:36:03 +00:00
Miroslav Stampar	367d0639f0	refactoring (class names should always be Capital cased)	2011-01-28 16:36:09 +00:00
Miroslav Stampar	ddd296030d	added some more info to unhandled exception message(s)	2011-01-28 16:15:45 +00:00
Miroslav Stampar	a184a4c772	major of majors bug fix	2011-01-28 14:31:25 +00:00
Miroslav Stampar	8e74c571bc	centralization of urlencoding should be (only) in connect.py and we are from now on handling non-urlencoded data at other levels	2011-01-27 19:44:24 +00:00
Miroslav Stampar	49aeb41be8	quick bug fix for FALSE positives with UNION based technique	2011-01-27 18:49:44 +00:00
Miroslav Stampar	d3ddaba7be	minor refactoring	2011-01-25 13:04:13 +00:00
Miroslav Stampar	5692506131	this was bad thing to have	2011-01-25 01:08:38 +00:00
Miroslav Stampar	8d0c2efbe2	unescaping of char marked payloads	2011-01-24 12:00:16 +00:00
Miroslav Stampar	ff7707579f	minor improvement	2011-01-23 11:35:24 +00:00
Miroslav Stampar	97f66a87c5	minor improvement over last version - case insensitive and takes in count cases like " UNION ALL selects " from MySQL error message	2011-01-23 10:51:57 +00:00
Bernardo Damele	03a880c6f1	Got rid of progression log message as it overlaps with WARNINGS (like "Got 500") and with --parse-errors	2011-01-20 22:02:20 +00:00
Bernardo Damele	0f2634c4b0	Minor bug fix to properly cast to string also the COUNT() query in error-based technique (as it's concatenated to random strings for identification in page response) and int-string concatenation is not supported in all DBMS (like Oracle)	2011-01-20 22:01:21 +00:00
Miroslav Stampar	a4a0f10950	minor minor minor	2011-01-20 09:25:34 +00:00
Bernardo Damele	bade0e3124	Major code refactoring - centralized all kb.dbms* info for both retrieval and set.	2011-01-19 23:06:15 +00:00
Miroslav Stampar	4bdc19d879	minor cosmetics	2011-01-19 22:48:06 +00:00
Miroslav Stampar	eadaf680de	fuck yea	2011-01-19 15:25:48 +00:00
Bernardo Damele	daebb0010b	Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based. Alignment of SQL statement payload packing/unpacking between all of the techniques. Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too. Minor code cleanup.	2011-01-18 23:02:11 +00:00
Miroslav Stampar	38d0958781	minor fix (for numeric columns with all 0)	2011-01-18 11:42:36 +00:00
Bernardo Damele	3822b494ea	Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns.	2011-01-17 23:43:37 +00:00
Bernardo Damele	c2a358561f	Proper support for --union-cols	2011-01-17 22:57:33 +00:00
Miroslav Stampar	5c857779c1	important fix for unicode based character inference	2011-01-17 10:15:19 +00:00
Miroslav Stampar	30d6791968	update regarding time based data retrieval	2011-01-16 17:52:42 +00:00
Miroslav Stampar	71391874eb	slightly faster and thread safer inference	2011-01-16 10:52:42 +00:00
Bernardo Damele	0fc4ebdc1b	Major bug fix. Minor code refactoring.	2011-01-16 01:17:09 +00:00
Bernardo Damele	c0d5daee99	More refactoring and cleanup	2011-01-16 00:15:30 +00:00
Bernardo Damele	6e4b65a822	Minor refactoring	2011-01-15 23:28:31 +00:00
Miroslav Stampar	e105e1ea32	bug fix (some sites raise 404 during union tests)	2011-01-15 16:42:33 +00:00
Miroslav Stampar	e17ac5fdca	update	2011-01-15 15:14:22 +00:00
Miroslav Stampar	5bdb50c224	code review part 3	2011-01-15 13:15:10 +00:00
Miroslav Stampar	1fa8f0cba7	code reviewing part 2	2011-01-15 12:53:40 +00:00
Miroslav Stampar	b2c7ae77d4	minor update	2011-01-14 09:45:47 +00:00
Miroslav Stampar	676b95b30a	minor code refactoring	2011-01-14 09:44:56 +00:00
Bernardo Damele	2ac8debea0	Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. Minor bug fixes thanks to previous refactoring too.	2011-01-13 17:36:54 +00:00
Miroslav Stampar	a1d1f69c3f	revert	2011-01-13 15:28:08 +00:00
Miroslav Stampar	d937e27b19	minor fix	2011-01-13 15:19:37 +00:00
Bernardo Damele	ee4727850c	Minor bug fix	2011-01-13 10:29:47 +00:00
Bernardo Damele	ca33728fbc	Minor fix to avoid query splitting/unpacking when the statement is EXISTS()	2011-01-13 10:00:40 +00:00
Bernardo Damele	be6e2d6a31	Important bug fix. Minor code restyling.	2011-01-13 09:41:55 +00:00
Bernardo Damele	af9725214a	Properly deal with partial (single entry) UNION injections. Got rid of kb.union*, now it's all stored/used from kb.injection. Minor bug fix with where=2 detection phase.	2011-01-12 12:01:32 +00:00
Bernardo Damele	8a67aea754	One more step to fully working UNION exploitation after merge into detection phase	2011-01-12 01:13:32 +00:00
Bernardo Damele	8bdb7ec58c	Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet.	2011-01-12 00:47:39 +00:00
Bernardo Damele	873951ab92	Proper fix to avoid UNION test false positives	2011-01-11 23:59:02 +00:00
Bernardo Damele	5c7c3c76c3	Fixed previous bug in getErrorParsedDBMSes() call in detection phase. Added minor support to escape quotes in UNION payloads during detection phase.	2011-01-11 23:47:32 +00:00
Bernardo Damele	aa49aa579f	Major bug fix	2011-01-11 23:09:06 +00:00
Bernardo Damele	2f5995a7eb	Added generic and mysql UNION tests from 1 to 25 columns. Adapted config file and command line removing now outdated --union-test switch. Minor bug fix. Minor code refactoring. Got rid of some debug messages, standardized logging of UNION tests.	2011-01-11 22:56:21 +00:00

1 2 3 4 5 ...

281 Commits