| 
							
							
								 Bernardo Damele | f704a46341 | silly blank line added | 2012-07-12 01:38:29 +01:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | a5924739f6 | minor code refactoring in preparation of ticket #75 | 2012-07-12 01:12:30 +01:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e948e4d45b | Some more refactoring | 2012-07-06 17:18:22 +02:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1a8ebbfd43 | Minor refactoring | 2012-07-06 17:05:47 +02:00 |  | 
			
				
					| 
							
							
								 jekil | c39e5a85ba | Removed $id$ tags | 2012-06-27 20:56:43 +02:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ec44e88db8 | lots of refactoring regarding removal of already obsolete session file mechanism | 2012-06-21 10:09:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 76c873a222 | minor fix | 2012-06-15 06:22:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | facce2c0df | some more cleanup | 2012-06-14 13:50:36 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4e6fcce9ca | minor update | 2012-05-26 07:04:32 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ce077137c9 | minor language update | 2012-05-26 07:01:37 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d335ec0c34 | turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars | 2012-05-26 07:00:26 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 556b349be3 | minor fix for retrieving non-printable chars in inference and non-multi threading mode | 2012-04-03 14:04:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7fd64df167 | minor code cleaning | 2012-03-28 13:31:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d66056fe39 | one more related commit | 2012-03-16 13:16:53 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ac02a2d92c | minor fix | 2012-03-16 13:14:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b130a9e14e | minor fix (writing to HashDB on any interrupt) | 2012-03-16 10:15:43 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f4e410db16 | minor fix | 2012-03-01 10:17:39 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 37db27b720 | turning back on automatic adjusting of delays in time based queries | 2012-02-29 15:51:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c36cbbb3ae | minor fix | 2012-02-24 14:54:10 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f94b91ad87 | added helper function for HashDB data storing/retrieval | 2012-02-24 13:07:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b481c0352f | minor update | 2012-02-24 11:25:56 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5afbd52b61 | more update related to last commits | 2012-02-24 10:57:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 570d3a19c2 | more general fix | 2012-02-24 10:53:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e8352e504f | fixing problems with chars deletition by logging messages in inference mode | 2012-02-24 10:48:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b3bd4144f5 | removing of unused imports together with some general code refactoring | 2012-02-22 10:40:11 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | bcf3255fe1 | implementation of switch --hex for 4 major DBMSes | 2012-02-21 11:44:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | aee269cc14 | gazillion changes, nothing will work, muhahaha | 2012-02-17 14:22:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c1368053e5 | minor fix | 2012-02-12 18:46:25 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b140ef4a14 | minor update (preparing for switching to HashDB from old sessionFile) | 2012-02-10 10:24:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8405ef59ac | some estetic updates | 2012-02-01 14:49:42 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 46f42f2fe4 | minor fix | 2012-01-30 13:10:35 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 95f89ab63a | updating copyright date | 2012-01-11 14:59:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 1f085a0241 | now [SLEEPTIME] is changeable properly in vivo | 2012-01-05 14:45:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9d50c806e1 | bug fix | 2012-01-05 10:55:58 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 29f502fe29 | some refactoring | 2011-12-28 16:27:17 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 526aacb640 | code cleanup | 2011-12-21 22:59:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f39170a2c4 | minor update | 2011-11-22 15:06:51 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e290f2b80b | minor update | 2011-10-28 11:11:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8bd3cfdc8e | minor update | 2011-10-24 00:17:38 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | e1dbb4443b | minor update related to the last commit | 2011-08-16 07:01:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7cc5743c5d | minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) | 2011-08-16 06:50:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6bbb8139a0 | update (smaller memory footprint in postprocessing phase because of safecharencode part) | 2011-07-25 20:40:31 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | aedcf8c8d7 | Changed homepage address | 2011-07-07 20:10:03 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 34d9a91af1 | bulk of fixes | 2011-07-02 22:48:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 9eb683531d | Minor improvement at blind SQL inj technique for DB2 | 2011-06-27 22:28:12 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 905fef0eae | now user can explicitly state number of UNION affected columns via --union-cols (e.g. --union-cols=5) | 2011-06-18 10:51:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fde3e4cece | better | 2011-06-18 09:52:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 2f129b01c0 | "Please consider to provide" is a bad English | 2011-06-18 09:46:22 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 9498a3f259 | little stabilization of multi threading | 2011-06-17 12:50:28 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 0d8d6a4ace | Cosmetics | 2011-06-08 16:08:20 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 4a9640160e | more concise | 2011-06-08 14:35:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6b81eef65a | refactoring | 2011-06-08 14:30:12 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 50dde39e68 | minor update | 2011-06-07 10:32:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8227298057 | user friendliness uber 9000 | 2011-05-27 08:30:52 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5369657cd5 | fix for cases with retrieved binary files (preventing difflib nagging around comparison) | 2011-05-25 20:54:30 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | f56d135438 | Minor code restyling | 2011-04-30 13:20:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 29ee760021 | improving time based data retrieval mechanism | 2011-04-17 07:24:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0387654166 | update of copyright string (until year) | 2011-04-15 12:33:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 277f16d6b3 | removing commented out debug print | 2011-04-08 22:44:05 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ea52d7acad | minor revisit of inference | 2011-03-24 20:10:40 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 60605b6e7c | Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only) | 2011-02-27 12:14:13 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 0edb4ee314 | minor fix | 2011-02-03 13:28:10 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 6761933f75 | Just.. cosmetics ;) | 2011-01-31 22:51:14 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 777a19cfa9 | LOL. removing that debug 'True' | 2011-01-31 16:22:55 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a80fe28631 | one more thing ;) | 2011-01-31 16:21:28 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 933d701667 | cosmetics | 2011-01-31 16:14:44 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b1dc928e68 | implemented validation for time-based inference | 2011-01-31 16:07:23 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 25463bc67c | fix for a bug (--predict-output) noticed by Bernardo | 2011-01-31 15:00:41 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 2a0b03e5c6 | Unused import | 2011-01-30 17:07:27 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 367d0639f0 | refactoring (class names should always be Capital cased) | 2011-01-28 16:36:09 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | ddd296030d | added some more info to unhandled exception message(s) | 2011-01-28 16:15:45 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 8d0c2efbe2 | unescaping of char marked payloads | 2011-01-24 12:00:16 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | a4a0f10950 | minor minor minor | 2011-01-20 09:25:34 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | bade0e3124 | Major code refactoring - centralized all kb.dbms* info for both retrieval and set. | 2011-01-19 23:06:15 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | eadaf680de | fuck yea | 2011-01-19 15:25:48 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 3822b494ea | Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns. | 2011-01-17 23:43:37 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5c857779c1 | important fix for unicode based character inference | 2011-01-17 10:15:19 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 30d6791968 | update regarding time based data retrieval | 2011-01-16 17:52:42 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 71391874eb | slightly faster and thread safer inference | 2011-01-16 10:52:42 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 6e4b65a822 | Minor refactoring | 2011-01-15 23:28:31 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 2ac8debea0 | Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. Minor bug fixes thanks to previous refactoring too. | 2011-01-13 17:36:54 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 06230e4d92 | Minor code refactoring and cosmetics | 2011-01-11 21:46:21 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 7ae5192070 | adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) | 2011-01-05 10:25:07 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | edcf1a0872 | few bug fixes | 2010-12-24 18:40:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 385e208f38 | code refactoring regarding standard output suppression and some threading issues | 2010-12-21 14:21:24 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 5852bad963 | some refactoring | 2010-12-20 18:56:06 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 36862e2efa | update | 2010-12-18 15:57:47 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6a24048aa6 | urllib2 doesn't play well with '\n' when non unescaped chars used | 2010-12-11 21:17:54 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | f021548bd0 | added inference failsafe (like in for instance Firebirds SUBSTR always returns a string value, no matter which starting index you use) | 2010-12-11 10:52:04 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | c17f444aab | minor fix | 2010-12-11 10:22:18 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | fe2039f5ba | coollyy little commits | 2010-12-10 11:32:46 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | cdff29ada7 | update | 2010-12-09 11:23:44 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | f5ce739bdf | Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet. | 2010-12-08 23:52:31 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 6223f25dd9 | code beautification | 2010-12-08 13:04:48 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | b5e45939e3 | sqlmap premiere of blind time based query/bisection | 2010-12-08 12:28:54 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | 17486e472a | Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! | 2010-11-17 22:00:09 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | 862395ced1 | further refactoring (all enumerations are now put into enums.py) | 2010-11-08 09:20:02 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | ea1b0d31be | Avoid displaying single retrieved character when --verbose > 2 | 2010-11-07 22:42:56 +00:00 |  | 
			
				
					| 
							
							
								 Bernardo Damele | b6da946883 | Added one new verbose level, -v 3 now shows the full injected payload. Fixed also -d verbose output. | 2010-11-07 22:34:29 +00:00 |  | 
			
				
					| 
							
							
								 Miroslav Stampar | d3e7e89e60 | major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces | 2010-11-07 21:18:09 +00:00 |  |