Commit Graph

724 Commits

Author SHA1 Message Date
Miroslav Stampar
a2c8f1deb1 Update PgSQL fingerprinting payloads 2016-09-19 14:23:51 +02:00
Miroslav Stampar
12dc53f687 Minor update 2016-09-19 13:54:06 +02:00
Miroslav Stampar
91372bff87 Fixes #1932 2016-06-08 08:20:54 +02:00
Miroslav Stampar
d7d565415a Patch for MySQL fingerprinting 2016-06-03 02:31:31 +02:00
Miroslav Stampar
0986ec8948 Update for Oracle fingerprinting 2016-06-03 02:27:59 +02:00
Miroslav Stampar
50bced511f Adding support for fingerprinting MsSQL 2014 and 2016 2016-06-03 02:24:19 +02:00
Miroslav Stampar
030df0353d Removing ugly legacy code (e.g. showing MySQL 5.0 when it is e.g. '5.7.8') 2016-06-01 13:47:20 +02:00
Miroslav Stampar
5810c2b199 Minor patch 2016-06-01 11:30:27 +02:00
Miroslav Stampar
dbbe4c6ddd Fixes #1884 2016-05-22 11:44:21 +02:00
Miroslav Stampar
cc9f4b6102 Minor refactoring for MariaDB 2016-05-14 15:05:50 +02:00
Miroslav Stampar
3b74e99576 Minor update (support for MariaDB) 2016-05-11 15:47:35 +02:00
Miroslav Stampar
21885021e7 Fixes #1731 2016-02-25 13:34:41 +01:00
Miroslav Stampar
f532ad3c9c Minor bug fix 2016-01-26 07:32:47 +01:00
Miroslav Stampar
66eaac862b Minor consistency update 2016-01-14 22:47:56 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
fc5802f461 Fixes #1628 2015-12-29 13:19:25 +01:00
Miroslav Stampar
b269e8418f Fixes #1608 2015-12-15 10:46:37 +01:00
Miroslav Stampar
6c083956f4 Patch related to the #1557 2015-11-23 09:48:43 +01:00
Miroslav Stampar
4335ae8330 Patching previous commit 2015-11-16 16:59:54 +01:00
Miroslav Stampar
94639d11a3 Another update related to the #1539 2015-11-16 15:33:05 +01:00
Miroslav Stampar
51444276c0 Better dealing with MySQL vs HSQLDB 2015-10-10 14:19:47 +02:00
Miroslav Stampar
9641e84dd9 Bug fixes for HSQLDB 2015-10-09 16:52:13 +02:00
Miroslav Stampar
fa4e867035 Bug fix for MySQL fingerprinting (excluding HSQLDB MySQL look-alike) 2015-10-09 14:17:13 +02:00
Miroslav Stampar
ea4cef9c6d Skipping quit exception in case of --search 2015-09-24 13:44:51 +02:00
Miroslav Stampar
aa088aafd2 Looks more technical 2015-09-23 08:47:52 +02:00
Miroslav Stampar
f96edc951c Patches #1419 2015-09-21 11:02:56 +02:00
Miroslav Stampar
1cf012521d Minor refactoring 2015-08-26 16:18:03 +02:00
Miroslav Stampar
ba86153d29 Fixes #1318 2015-07-28 09:33:40 +02:00
Miroslav Stampar
401905b2dd Minor improvement to UNION file write 2015-07-26 17:02:46 +02:00
Miroslav Stampar
ff6b62adf3 Important additional patch for #1170 (for PgSQL >= 9.0) 2015-07-24 15:15:41 +02:00
Miroslav Stampar
b6ea2fdb07 Fixes #1170 2015-07-24 14:56:45 +02:00
Miroslav Stampar
16f8e4c8ba Removing unused imports 2015-07-12 12:25:02 +02:00
Miroslav Stampar
03f32ae2b6 Merge of an Issue #1227 2015-04-22 17:21:55 +02:00
Miroslav Stampar
7b2c27fa8d One more update for #1200 (better implementation) 2015-03-26 01:22:16 +01:00
Miroslav Stampar
ac74184422 Fixes #1200 2015-03-25 23:43:48 +01:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
3056fd4765 Fix for an Issue #1055 2014-12-22 05:56:48 +01:00
Miroslav Stampar
8947f2df96 Patch for an Issue #1047 2014-12-17 23:07:27 +01:00
Miroslav Stampar
87f8753483 Fixing a problem with AV detection 2014-12-14 00:10:43 +01:00
Miroslav Stampar
b42a15d876 Minor patch related to the Issue #1025 2014-12-13 23:37:04 +01:00
Miroslav Stampar
40eb1973d7 Patch for an Issue #961 2014-11-23 15:33:04 +01:00
Miroslav Stampar
954bd54689 Fix for an Issue #895 2014-11-03 08:31:50 +01:00
Miroslav Stampar
65c3dfd651 Bug fix (proper path joining) 2014-10-31 18:40:11 +01:00
Miroslav Stampar
ae8c12c9c3 Fix for an Issue #818 2014-09-09 16:22:13 +02:00
Miroslav Stampar
b1467f4c1f Minor update 2014-09-03 23:09:10 +02:00
Miroslav Stampar
dc2ee8bfa0 Minor update 2014-08-30 21:53:09 +02:00
Miroslav Stampar
5d10bae31f Removing trailing blank lines 2014-08-20 21:07:19 +02:00
Miroslav Stampar
30fb8e8a50 Patch regarding Issue #774 (SELECT is redundant in case of LOAD_FILE) 2014-08-16 14:23:07 +02:00
Bernardo Damele
4e909a2a05 code cleanup 2014-07-01 00:58:49 +01:00
Bernardo Damele
b38bd1e7fd code cleanup - issue #742 2014-07-01 00:35:02 +01:00
Bernardo Damele
5c64a31a9c works now.. can upload arbitrary files via powershell now, closes #742 2014-07-01 00:26:59 +01:00
Bernardo Damele
3e431ec202 working on allowing large files to be uploaded via powershell - issue #742 2014-06-30 23:53:04 +01:00
Bernardo Damele
1218e694ef more on issue #742 2014-06-30 20:43:48 +01:00
Bernardo Damele
8ce98ae22c more on issue #742 2014-06-30 20:43:02 +01:00
Bernardo Damele
0c1b3f2dbc more on issue #742 2014-06-30 20:39:21 +01:00
Bernardo Damele
ce67156d80 trying some more encoding as the file wasnt exactly the same - issue #742 2014-06-30 20:26:05 +01:00
Bernardo Damele
3ec37b14a6 trying some more encoding as the file wasnt exactly the same - issue #742 2014-06-30 20:23:57 +01:00
Bernardo Damele
9c583bc96e trying some more encoding as the file wasnt exactly the same - issue #742 2014-06-30 20:23:01 +01:00
Bernardo Damele
5c4c4c6abe minor cleanup, prefer powershell to the other two techniques to upload files - issue #742 2014-06-30 19:11:01 +01:00
Bernardo Damele
fcc50193b3 working on #742 - working on it 2014-06-30 18:50:33 +01:00
Bernardo Damele
4be0b366eb working on #742 - working on it 2014-06-30 18:38:18 +01:00
Bernardo Damele
6999c3413c working on #742 - working on it 2014-06-30 18:26:40 +01:00
Bernardo Damele
aa076013a7 working on #742 - minor fixes 2014-06-30 18:18:14 +01:00
Bernardo Damele
563c73c4c7 working on #742 - code cleanup 2014-06-30 18:09:11 +01:00
Bernardo Damele
94c09019fd working on #742 - missing import 2014-06-30 18:07:45 +01:00
Bernardo Damele
cd260a7470 working on #742 - powershell support for file write on MSSQL 2014-06-30 18:06:19 +01:00
Bernardo Damele
e2aed41c6f minor fixed 2014-06-30 17:30:20 +01:00
Miroslav Stampar
2beeb178fb Minor patch 2014-06-12 08:56:50 +02:00
Miroslav Stampar
65c4ea1562 Minor update 2014-05-20 22:30:53 +02:00
Miroslav Stampar
c51e219cc1 Fix for an Issue #691 2014-05-15 19:39:18 +02:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
6863436d4e Implementation for an Issue #596 2014-01-13 10:05:56 +01:00
Bernardo Damele
a06a6de193 minor bug fix 2013-12-06 13:26:34 +00:00
Miroslav Stampar
b7244a07cb Changing testing payload for MsSQL (BINARY_CHECKSUM seems to be blocked in some cases) 2013-12-04 11:32:42 +01:00
Miroslav Stampar
24e67289c8 Bug fix 2013-11-25 11:57:20 +01:00
Miroslav Stampar
354aaeae5b Removing unused imports 2013-11-12 14:11:07 +01:00
Miroslav Stampar
2ee4b81a6e Minor fix 2013-10-18 15:59:25 +02:00
Miroslav Stampar
5aaf18f556 Minor update 2013-10-18 15:26:55 +02:00
Miroslav Stampar
7104e00c95 Minor update 2013-10-18 14:47:11 +02:00
Miroslav Stampar
7cb7c6361f Minor fix (Sybase Adaptive Server Anywhere doesn't have support for tempdb_id()) 2013-10-17 16:04:55 +02:00
Miroslav Stampar
3bbe02a714 Bug fix (0 datetime value not liked by direct connector) 2013-08-22 12:05:59 +02:00
Miroslav Stampar
5721f6007e Fix for an Issue #509 2013-08-18 01:24:40 +02:00
Miroslav Stampar
b2855e0281 Minor patch 2013-08-12 14:25:51 +02:00
stamparm
dbb0d7f700 Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used) 2013-07-19 13:24:35 +02:00
stamparm
f97b35dcc1 Patch for an Issue #475 2013-07-01 13:43:38 +02:00
stamparm
b9491317a6 Minor update (Issue #475) 2013-07-01 13:11:16 +02:00
stamparm
017ce22a2f Minor consistency patch (Issue #475) 2013-07-01 13:01:53 +02:00
stamparm
5ff09aff63 Some more adjustments (Issue #475) 2013-07-01 12:50:12 +02:00
stamparm
4fb33bb26c Some more cleanup (Issue #475) 2013-07-01 12:11:09 +02:00
stamparm
b5e644694a Minor cleanup 2013-07-01 12:05:02 +02:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651 Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
stamparm
991cafc4e4 Minor refactoring 2013-06-26 13:53:42 +02:00
stamparm
c83cca4cd4 Minor patch 2013-06-26 13:49:34 +02:00
Meatballs
eb2012c599 Fix escaper 2013-06-24 23:50:33 +01:00
Meatballs
5b6c01d739 Escaper 2013-06-24 23:41:45 +01:00
Meatballs
a393b17513 modify fingerprint value 2013-06-24 15:12:37 +01:00
Meatballs
b886e47b6d Add unimplemented files 2013-06-24 14:53:41 +01:00
Meatballs
d739d5062d hsql plugin folder 2013-06-24 14:34:25 +01:00
Miroslav Stampar
95ed6b7203 Minor patch (Issue #470) 2013-06-24 14:37:45 +02:00
Miroslav Stampar
92dfb0f817 Minor patch 2013-06-16 12:35:20 +02:00
stamparm
1c47b33020 Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple) 2013-04-15 15:23:45 +02:00
stamparm
f936746423 Code restyling 2013-04-15 14:31:27 +02:00
stamparm
ae6ce7db30 Removal of unused imports 2013-03-20 10:44:15 +01:00
Miroslav Stampar
db0a1e58b9 Update for an Issue #352 2013-03-11 14:58:05 +01:00
stamparm
9d81be7af5 Removing redundant piece of code 2013-02-25 14:12:57 +01:00
stamparm
dc9dc233b6 Adding a comment 2013-02-25 14:07:20 +01:00
stamparm
0d2138a4a0 Minor fix for escaping unicode strings in SQLite escaper 2013-02-25 14:06:46 +01:00
Miroslav Stampar
5d068896a9 Minor bug fix 2013-02-15 09:54:51 +01:00
Bernardo Damele
d42d28392a avoid tracebacks because the parameter does not exist 2013-02-14 13:18:33 +00:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Miroslav Stampar
dd6f50a00e Removing unused imports 2013-02-13 11:15:24 +01:00
Miroslav Stampar
dc41484b3f Refactoring of funcionality for finding out if stacking is available 2013-02-13 09:57:16 +01:00
Miroslav Stampar
6d802867fc Bug fix (in some cases if random values are parsable as MMDD they will result as valid non-NULL TIMESTAMPADD value back - e.g. values 1224,0101,0212) 2013-02-11 12:02:03 +01:00
Bernardo Damele
b477c56b52 first steps to allow multiple scans on the same taskid - issue #297 2013-02-07 00:05:26 +00:00
Miroslav Stampar
353c1cb63b Bug fix for escaping in SQLite 3 2013-02-05 11:58:11 +01:00
Miroslav Stampar
7e1ff1bb8e Same refactoring as the last commit 2013-02-04 15:26:44 +01:00
Miroslav Stampar
0cc6e68be2 Refactoring MySQL fingeprint.py (those payloads are now stored into session file too) 2013-02-04 15:12:03 +01:00
Miroslav Stampar
f41460f8d8 Better naming 2013-01-29 20:53:11 +01:00
Miroslav Stampar
adfb862cd5 Trivial style update 2013-01-24 15:12:52 +01:00
Bernardo Damele
f4028bd7d2 minor adjustment 2013-01-23 02:10:38 +00:00
Bernardo Damele
d8a0e7eacb fixes #187 2013-01-23 01:27:01 +00:00
Bernardo Damele
5635776173 proper SQLite 2 library 2013-01-22 18:56:25 +00:00
Bernardo Damele
11413a0f03 added Firebird search test cases 2013-01-22 10:04:17 +00:00
Bernardo Damele
e23340f002 added support for search for tables on Firebird (issue #365) 2013-01-22 09:53:05 +00:00
Miroslav Stampar
069c6acabd Another update for an Issue #362 2013-01-20 22:47:26 +01:00
Miroslav Stampar
a7028af2e9 Patch for an Issue #362 (more work required) 2013-01-20 22:16:34 +01:00
Miroslav Stampar
b4a55a809e Refactoring DBMS string escaping functions 2013-01-20 13:45:58 +01:00
Bernardo Damele
adf97e630f add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL 2013-01-19 18:04:33 +00:00
Bernardo Damele
32a12c7e2b handle exception reported in issue #359 2013-01-19 00:24:15 +00:00
Bernardo Damele
a4b0b98f8f aligned Firebird to recent DB2 string escaping syntax fix 2013-01-18 22:57:57 +00:00
Bernardo Damele
4526e31485 bug fix for Firebird fingerprint (issue #357) 2013-01-18 22:32:58 +00:00
Bernardo Damele
f49657eacc minor fix to previous commit 2013-01-18 15:10:34 +00:00
Miroslav Stampar
601eb1e49a Unescaping is renamed to escaping 2013-01-18 15:40:37 +01:00
Bernardo Damele
a43202f3c0 updated copyright 2013-01-18 14:07:51 +00:00
Miroslav Stampar
aa467cb54c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-18 11:31:25 +01:00
Miroslav Stampar
e7576a3b11 Better naming 2013-01-18 11:21:23 +01:00
Bernardo Damele
a92ae93847 minor bug fix to properly identify if user is admin on Oracle across all techniques 2013-01-18 09:22:53 +00:00
Bernardo Damele
5225375048 proper fix 2013-01-17 22:04:21 +00:00
Bernardo Damele
d2d3878de1 typo fix 2013-01-17 21:58:53 +00:00
Bernardo Damele
a5e9168993 minor fix because boolean-based blind on DB2 is a little bit different from other DBMSes 2013-01-17 21:58:15 +00:00
Bernardo Damele
413b5e7ab4 fixed error message 2013-01-14 16:49:05 +00:00
Bernardo Damele
675e4a026b Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-11 13:31:49 +00:00
Bernardo Damele
2a2d7e886d align to MSSQL connector 2013-01-11 10:52:03 +00:00
Miroslav Stampar
ec4e49d771 Minor refactoring 2013-01-10 16:09:28 +01:00
Miroslav Stampar
da7f63f125 cx_Oracle.DatabaseError is an ancestor of cx_Oracle.InternalError 2013-01-10 15:33:32 +01:00
Miroslav Stampar
934d41dac2 Minor style update (PEP8) 2013-01-10 15:02:28 +01:00
Miroslav Stampar
ca3d35a878 Some PEP8 related style cleaning 2013-01-10 13:18:44 +01:00
Miroslav Stampar
ca1c0c2a1d Minor style update 2013-01-10 11:54:07 +01:00
Miroslav Stampar
ebde4b190e Minor update 2013-01-10 11:42:37 +01:00
Miroslav Stampar
25f01a419f Minor style update (for the sake of consistency over the code and our PEP8 adaptation) 2013-01-09 15:38:41 +01:00
Miroslav Stampar
5b77b20e2e Removing trailing whitespaces (PEP8) 2013-01-03 23:57:07 +01:00
Miroslav Stampar
1712603dce Replacing deprecated has_key() with operator in (PEP8) 2013-01-03 23:28:07 +01:00
Miroslav Stampar
e4a3c015e5 Replacing old and deprecated raise Exception style (PEP8) 2013-01-03 23:20:55 +01:00
Miroslav Stampar
8b7cbe03b0 Replacing CRLF with LF in rest of files 2012-12-26 17:12:17 +01:00
Miroslav Stampar
a77b7f00d9 Fix for an Issue #323 2012-12-23 19:34:35 +01:00
Miroslav Stampar
35728fa443 Fix (and some hidden bug fixes/improvements) regarding an Issue #317 2012-12-21 10:51:35 +01:00
Bernardo Damele
8d9aa2c384 minor refactoring, added possibility to compare the remote file and downloaded file (--file-read), prepping for #223 2012-12-18 17:49:18 +00:00
Miroslav Stampar
eb23b1b1a5 Minor commit related to the last one (uniq roles/privileges) 2012-12-18 12:47:06 +01:00
Miroslav Stampar
cb13735788 Fix for an Issue #294 2012-12-11 12:14:33 +01:00
Miroslav Stampar
974407396e Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods) 2012-12-06 14:14:19 +01:00
Miroslav Stampar
ab67344448 Removed unused imports and variables (pyflake-ing) 2012-12-06 11:15:05 +01:00
Miroslav Stampar
0f191f624c Taking some goodies from Pull request #284 2012-12-06 10:21:53 +01:00
Miroslav Stampar
775e0df04b Update for an Issue #278 2012-12-05 10:45:17 +01:00
Miroslav Stampar
ed40f18796 Minor fix 2012-11-26 14:59:44 +01:00
Miroslav Stampar
c1b8226329 Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery) 2012-10-28 00:36:09 +02:00
Miroslav Stampar
06805b27f2 Bug fix (time was also meant to be disabled in case of error/inband getvalues) 2012-10-27 23:16:25 +02:00
Miroslav Stampar
ba55bed008 More general approach for PostgreSQL concatenation operator precedence problem (Issue #219) 2012-10-25 10:41:16 +02:00
Miroslav Stampar
c0f57f4e90 Minor fix for an Issue #217 2012-10-24 23:43:28 +02:00
Miroslav Stampar
5477c9f7ba Fix for an Issue #216 2012-10-24 22:59:46 +02:00
Miroslav Stampar
6e2fce66aa Patch for an Issue #212 2012-10-23 15:34:59 +02:00
Miroslav Stampar
fb1497aa89 Minor update for Issue #209 2012-10-21 18:53:31 +02:00
Miroslav Stampar
91ea8e52b7 Minor patch for an Issue #201 2012-10-15 18:01:52 +02:00
Miroslav Stampar
ed2d163269 Fix for an Issue #201 2012-10-14 17:53:55 +02:00
Miroslav Stampar
f71b937add Minor language cleanup 2012-10-04 18:28:36 +02:00
Miroslav Stampar
5c21395fe2 Minor update for an Issue #179 2012-09-10 19:26:51 +02:00
Miroslav Stampar
1f49e4ae36 Fix for an Issue #179 2012-09-10 19:23:24 +02:00
Miroslav Stampar
9a631331a5 Fix for an Issue #177 2012-09-08 20:22:13 +02:00
Miroslav Stampar
1bcf5a6b88 Some more dict refactorings 2012-08-21 11:30:01 +02:00
Miroslav Stampar
95e0d46e3e Fix for an Issue #110 2012-07-21 09:15:54 +02:00
Bernardo Damele
34e77a8801 ported fix for issue #81 also to blind techniques 2012-07-21 00:20:32 +01:00
Bernardo Damele
3e21f3d07a fixed --search -C too on MSSQL - issue #81 2012-07-21 00:08:40 +01:00
Bernardo Damele
60242f92c5 made --search -D on MSSQL consistent with other DBMSes - issue #81 2012-07-20 23:37:56 +01:00
Bernardo Damele
86df6037e3 reverted previous ugly hack for issue #110, perhaps a better fix is possible 2012-07-20 16:01:04 +01:00
Bernardo Damele
1928d5464d fixes issue #97 2012-07-20 15:56:14 +01:00
Bernardo Damele
bb8cd788e1 minor fix 2012-07-16 09:56:41 +01:00
Miroslav Stampar
3c81f74823 Minor style update 2012-07-13 12:22:37 +02:00
Bernardo Damele
162da75a04 modified homepage address 2012-07-12 18:38:03 +01:00
Miroslav Stampar
9c4a62f725 Some work on Issue #68 2012-07-11 11:58:47 +02:00
Miroslav Stampar
e948e4d45b Some more refactoring 2012-07-06 17:18:22 +02:00
Bernardo Damele
fb7fe552b7 proper naming 2012-07-06 15:13:50 +01:00
Miroslav Stampar
27fdccc858 Update for Issue #55 (falling back to SELECT DB_NAME(N)) 2012-07-03 20:15:17 +02:00
Bernardo Damele
ab412da27f I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes 2012-07-01 23:25:05 +01:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Miroslav Stampar
06be7bbb18 few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test) 2012-06-15 20:41:53 +00:00
Miroslav Stampar
3f6bc1f3c2 minor fix 2012-05-24 18:05:33 +00:00
Miroslav Stampar
0e8d8577a7 adding a DB2 patch from smcintyre@securestate.com 2012-05-21 08:26:19 +00:00
Miroslav Stampar
079e0e1434 minor bug fix 2012-05-18 08:51:50 +00:00
Bernardo Damele
4da03d898e Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too. Fixes #236 2012-04-25 07:40:42 +00:00