sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-11-04 01:47:37 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	2c4f6d2e99	fix (lol. we were using same comparison payload through the all test. it's a nono :) p.s. this way we are dealing with "reflective" problem too	2011-02-07 21:53:05 +00:00
Miroslav Stampar	a577d0e9a5	restraining "using unescaped version of the test because of zero knowledge of the back-end DBMS" once per test (before was once per boundary)	2011-02-07 21:18:01 +00:00
Bernardo Damele	061f56daf9	More adjustments related to unescape() and cleanupPayload(). Minor code cleanup related to error-based payload.	2011-02-06 23:27:56 +00:00
Bernardo Damele	0800d9e49b	Major bug fix for semi-centralize unescape() and cleanupPayload() into prefixQuery() and suffixQuery()	2011-02-06 22:58:12 +00:00
Miroslav Stampar	078a2207cc	few reverts	2011-02-06 22:10:28 +00:00
Miroslav Stampar	b9b2fe0e7c	little cleanup	2011-02-06 21:52:39 +00:00
Miroslav Stampar	d2b96a66a2	one more update regarding last few "unescape" related commits	2011-02-06 20:23:23 +00:00
Bernardo Damele	c44978862e	Minor reordering of what gets saved into the injection object	2011-02-06 15:20:44 +00:00
Miroslav Stampar	b56a77e573	removing obsolete switches (--threshold, --excl-reg, --excl-str)	2011-02-03 15:55:19 +00:00
Miroslav Stampar	8134c2154a	adding WHERE enum for payloads	2011-02-02 13:34:09 +00:00
Bernardo Damele	d875d848ce	Better sort	2011-02-01 22:04:48 +00:00
Bernardo Damele	6761933f75	Just.. cosmetics ;)	2011-01-31 22:51:14 +00:00
Miroslav Stampar	fa58a9c86b	update (now URIs like www.site.com/id82 are automatically treated as possible URI injectable)	2011-01-31 20:36:01 +00:00
Miroslav Stampar	8ef47307db	added checking of header values for GREP (error); still UNION to do	2011-01-31 12:21:17 +00:00
Bernardo Damele	8278d821ac	Another layout adjustment	2011-01-30 16:23:19 +00:00
Miroslav Stampar	367d0639f0	refactoring (class names should always be Capital cased)	2011-01-28 16:36:09 +00:00
Miroslav Stampar	8e74c571bc	centralization of urlencoding should be (only) in connect.py and we are from now on handling non-urlencoded data at other levels	2011-01-27 19:44:24 +00:00
Miroslav Stampar	10b723f196	minor fix for a bug reported by yonnym@googlemail.com	2011-01-25 22:26:28 +00:00
Bernardo Damele	e1db2700f0	Minor bug fix to properly deal --prefix and --suffix and parameter replace payloads	2011-01-24 12:25:45 +00:00
Miroslav Stampar	7c4c79477d	world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql)	2011-01-21 18:32:10 +00:00
Bernardo Damele	9770db597e	Centralization of unescape()	2011-01-20 21:55:13 +00:00
Miroslav Stampar	496a84c356	minor update	2011-01-20 18:32:04 +00:00
Bernardo Damele	bade0e3124	Major code refactoring - centralized all kb.dbms* info for both retrieval and set.	2011-01-19 23:06:15 +00:00
Bernardo Damele	eda0b41859	Added a precaution when, in some rare circumstances, fingerprinted DBMS differ during detection phase. Adapted UNION tests' titles when --union-char is provided. Lots of comment adjustments. Code cleanup	2011-01-18 23:03:50 +00:00
Bernardo Damele	c2a358561f	Proper support for --union-cols	2011-01-17 22:57:33 +00:00
Bernardo Damele	47565f9459	Minor code refactoring	2011-01-17 21:13:59 +00:00
Miroslav Stampar	f5e36876e7	removing --text-only from that "dynamicity" warning selection (other two are more preferable) and minor cosmetics/consistency	2011-01-16 19:29:06 +00:00
Miroslav Stampar	718eef8753	minor fix	2011-01-16 18:11:35 +00:00
Miroslav Stampar	ec1ab3cd2a	removing timeSec from injection configuration attributes as it highly depends on current connection "variables"	2011-01-16 12:12:01 +00:00
Miroslav Stampar	71391874eb	slightly faster and thread safer inference	2011-01-16 10:52:42 +00:00
Bernardo Damele	0fc4ebdc1b	Major bug fix. Minor code refactoring.	2011-01-16 01:17:09 +00:00
Bernardo Damele	c0d5daee99	More refactoring and cleanup	2011-01-16 00:15:30 +00:00
Bernardo Damele	d3a28124b1	More code cleanup	2011-01-15 23:11:36 +00:00
Bernardo Damele	4a35f598b8	Minor refactoring	2011-01-15 22:09:53 +00:00
Miroslav Stampar	0f565c941e	bug fix and proper warning message	2011-01-15 16:59:53 +00:00
Miroslav Stampar	5bdb50c224	code review part 3	2011-01-15 13:15:10 +00:00
Miroslav Stampar	6a0e0cde3c	code review of modules in lib/core directory	2011-01-15 12:13:45 +00:00
Miroslav Stampar	05b2a338fe	cosmetics	2011-01-14 16:12:44 +00:00
Miroslav Stampar	bff989d348	minor update	2011-01-14 15:43:53 +00:00
Miroslav Stampar	daf5662eab	update	2011-01-14 15:33:49 +00:00
Miroslav Stampar	08f7e20c51	minor code refactoring	2011-01-14 14:55:59 +00:00
Miroslav Stampar	fb9d7cdfaa	refactoring, code clearing and removal of obsolete switch --longest-common	2011-01-14 14:37:03 +00:00
Bernardo Damele	e4e9b11b79	Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms.	2011-01-14 12:47:07 +00:00
Bernardo Damele	3c95d71ea5	Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase	2011-01-14 11:55:20 +00:00
Miroslav Stampar	676b95b30a	minor code refactoring	2011-01-14 09:44:56 +00:00
Bernardo Damele	f8c04ce020	Minor bug fix	2011-01-13 20:59:13 +00:00
Bernardo Damele	2ac8debea0	Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. Minor bug fixes thanks to previous refactoring too.	2011-01-13 17:36:54 +00:00
Miroslav Stampar	ece2eb31ca	minor update	2011-01-13 11:08:29 +00:00
Bernardo Damele	be6e2d6a31	Important bug fix. Minor code restyling.	2011-01-13 09:41:55 +00:00
Bernardo Damele	af9725214a	Properly deal with partial (single entry) UNION injections. Got rid of kb.union*, now it's all stored/used from kb.injection. Minor bug fix with where=2 detection phase.	2011-01-12 12:01:32 +00:00

1 2 3 4 5 ...

350 Commits