Miroslav Stampar
|
194a9e7b88
|
Implementation for an Issue #377
|
2013-01-25 12:34:57 +01:00 |
|
Bernardo Damele
|
5b3c8d8991
|
first implementation of asynchronous inter-protocol communication between the sqlmap RESTful API and the sqlmap engine with SQLite
|
2013-01-24 12:57:24 +00:00 |
|
Miroslav Stampar
|
232f8d3585
|
Fix for an Issue #368
|
2013-01-23 13:36:17 +01:00 |
|
Bernardo Damele
|
5635776173
|
proper SQLite 2 library
|
2013-01-22 18:56:25 +00:00 |
|
Miroslav Stampar
|
719c7f622b
|
Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions)
|
2013-01-22 15:51:06 +01:00 |
|
Miroslav Stampar
|
2ec828f1cb
|
Fix for an Issue #367
|
2013-01-22 14:27:17 +01:00 |
|
Miroslav Stampar
|
09c02c6c72
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-22 14:08:31 +01:00 |
|
Miroslav Stampar
|
15b0ab1b44
|
Fix for a 'no parameter found' problem when user says N on 'custom injection mark found in POST...'
|
2013-01-22 14:08:19 +01:00 |
|
Bernardo Damele
|
061aef57ba
|
missing import
|
2013-01-22 11:25:01 +00:00 |
|
Bernardo Damele
|
e558040810
|
minor fix to previous commit
|
2013-01-21 17:10:56 +00:00 |
|
Bernardo Damele
|
d43b04c582
|
better detection if vulnerable of not for regression test
|
2013-01-21 17:09:35 +00:00 |
|
Miroslav Stampar
|
b35a0810ef
|
Fix for an Issue #364
|
2013-01-21 17:01:52 +01:00 |
|
Miroslav Stampar
|
1e3f68c7ff
|
Rewriting some query crafting parts (especially those .find(' FROM '))
|
2013-01-21 16:15:38 +01:00 |
|
Miroslav Stampar
|
832d95984c
|
IFNULL-like mechanism now works on SQLite 2 too
|
2013-01-21 15:04:27 +01:00 |
|
Miroslav Stampar
|
c55a002f95
|
Language fix
|
2013-01-21 13:19:08 +01:00 |
|
Miroslav Stampar
|
80255433b0
|
Trivial style update
|
2013-01-21 13:18:34 +01:00 |
|
Miroslav Stampar
|
0e86175342
|
Adding new common function for further refactoring
|
2013-01-21 11:50:47 +01:00 |
|
Miroslav Stampar
|
3200134b3b
|
Fix for a regression test #30 test case fail (Firebird inline)
|
2013-01-21 10:12:54 +01:00 |
|
Bernardo Damele
|
3373e30808
|
minor fix for a bug introduced with commit 1ad9e26a21
|
2013-01-20 02:40:40 +00:00 |
|
Bernardo Damele
|
115be9d7b5
|
minor fixes
|
2013-01-20 01:26:46 +00:00 |
|
Miroslav Stampar
|
0a4f5d2e51
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-19 19:08:18 +01:00 |
|
Miroslav Stampar
|
e9641e30db
|
This last commit was in haste :)
|
2013-01-19 19:07:38 +01:00 |
|
Miroslav Stampar
|
6a87dd9225
|
Minor update (just for consistency with the rest of code)
|
2013-01-19 19:07:06 +01:00 |
|
Miroslav Stampar
|
979e108c87
|
Minor update (just for consistency with the rest of code)
|
2013-01-19 19:06:51 +01:00 |
|
Bernardo Damele
|
f89b25fdb6
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-19 18:04:38 +00:00 |
|
Bernardo Damele
|
adf97e630f
|
add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL
|
2013-01-19 18:04:33 +00:00 |
|
Miroslav Stampar
|
9ce2395405
|
Minor refactoring
|
2013-01-19 18:40:44 +01:00 |
|
Miroslav Stampar
|
3f4c010370
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-19 18:28:52 +01:00 |
|
Miroslav Stampar
|
efe26ac3f8
|
In case that content-length header was not in a desired case ('Content-length') POST request file would fail badly (repeating original content-length header value)
|
2013-01-19 18:28:37 +01:00 |
|
Bernardo Damele
|
6a62292a3f
|
layout adjustment
|
2013-01-19 17:11:16 +00:00 |
|
Miroslav Stampar
|
bb6b89fe93
|
Patch for an Issue #360
|
2013-01-19 18:06:36 +01:00 |
|
Bernardo Damele
|
dcf2dcd03d
|
all we need to debug failed test cases while regression test run..
|
2013-01-19 17:04:57 +00:00 |
|
Bernardo Damele
|
f22fd396ef
|
write the test case name before it is run so if the test case crashes badly, we can trace back what test case it was at a later stage
|
2013-01-19 16:41:19 +00:00 |
|
Bernardo Damele
|
1923ef691e
|
just in case, add also the test case name inside the temp folder for debug purposes
|
2013-01-19 16:06:46 +00:00 |
|
Bernardo Damele
|
0e78fbef56
|
correctly format SQLi payload for inline query technique
|
2013-01-19 00:28:03 +00:00 |
|
Bernardo Damele
|
6be7eee8d6
|
more fixes
|
2013-01-18 23:35:16 +00:00 |
|
Bernardo Damele
|
56eaa073ce
|
fixed test cases for Firebird - #312
|
2013-01-18 23:32:39 +00:00 |
|
Bernardo Damele
|
1f4c6a8371
|
avoid blank line if password hashes have not been fetched
|
2013-01-18 22:10:36 +00:00 |
|
Bernardo Damele
|
1ad9e26a21
|
bug fix for ORDER BY users provided statements (issue #354)
|
2013-01-18 21:40:50 +00:00 |
|
Miroslav Stampar
|
ac7709204a
|
Better fix for that page/headers/comparison --string candidate problem
|
2013-01-18 17:00:11 +01:00 |
|
Miroslav Stampar
|
8141d17985
|
Revert of previous commit (more care has to be done regarding headers dynamicity)
|
2013-01-18 16:49:35 +01:00 |
|
Miroslav Stampar
|
33094a118c
|
Fix for an Issue where '--string' is being automatically picked not looking properly in headers too
|
2013-01-18 16:35:09 +01:00 |
|
Miroslav Stampar
|
601eb1e49a
|
Unescaping is renamed to escaping
|
2013-01-18 15:40:37 +01:00 |
|
Bernardo Damele
|
a43202f3c0
|
updated copyright
|
2013-01-18 14:07:51 +00:00 |
|
Bernardo Damele
|
1bb061f68c
|
improvements to --live-test
|
2013-01-18 13:02:35 +00:00 |
|
Bernardo Damele
|
738ccb643d
|
minor output adjustment
|
2013-01-18 11:41:09 +00:00 |
|
Miroslav Stampar
|
33ea811c6c
|
Removing some unused stuff (mainly imports)
|
2013-01-18 11:50:02 +01:00 |
|
Miroslav Stampar
|
aa467cb54c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-18 11:31:25 +01:00 |
|
Miroslav Stampar
|
17d36684b5
|
Removing obsolete proxy handling code (Python < 2.6)
|
2013-01-18 11:30:52 +01:00 |
|
Miroslav Stampar
|
4d5bae7131
|
Removing some obsolete functions
|
2013-01-18 11:18:56 +01:00 |
|
Miroslav Stampar
|
bcc907ce09
|
Minor update
|
2013-01-18 11:00:21 +01:00 |
|
Miroslav Stampar
|
d1008b45b5
|
Minor removal of unused function
|
2013-01-18 10:46:06 +01:00 |
|
Miroslav Stampar
|
caae773b2d
|
Minor removal of redundant code
|
2013-01-18 10:44:57 +01:00 |
|
Bernardo Damele
|
d66f7e22b1
|
more fixes to test cases
|
2013-01-18 09:32:05 +00:00 |
|
Miroslav Stampar
|
e941e60b20
|
Minor just in place update for an Issue #348
|
2013-01-17 22:44:55 +01:00 |
|
Bernardo Damele
|
1d6e642d41
|
fixed url
|
2013-01-17 21:29:00 +00:00 |
|
Miroslav Stampar
|
507f185b69
|
Revert of patch for an Issue #347
|
2013-01-17 18:38:37 +01:00 |
|
Miroslav Stampar
|
f7eda07d92
|
Patch for an Issue #347
|
2013-01-17 15:30:14 +01:00 |
|
Miroslav Stampar
|
a38b3e397c
|
Patch for an Issue #286
|
2013-01-17 14:17:39 +01:00 |
|
Miroslav Stampar
|
65273295e3
|
Implementing a check for an Issue #25
|
2013-01-17 13:56:04 +01:00 |
|
Miroslav Stampar
|
9428d1819e
|
Fix for an Issue #346
|
2013-01-17 12:03:02 +01:00 |
|
Miroslav Stampar
|
3ab4a5e36d
|
Fix for an Issue #345
|
2013-01-17 11:50:12 +01:00 |
|
Miroslav Stampar
|
51a77d1fe2
|
Minor update for an Issue #8
|
2013-01-17 11:37:45 +01:00 |
|
Miroslav Stampar
|
14b7e655a9
|
Minor refactoring
|
2013-01-16 16:33:04 +01:00 |
|
Miroslav Stampar
|
053b7d12b4
|
Minor language update
|
2013-01-16 16:07:12 +01:00 |
|
Miroslav Stampar
|
fb7243c237
|
Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs
|
2013-01-16 16:04:00 +01:00 |
|
Miroslav Stampar
|
c0a6e1c3a7
|
Finishing first usable prototype for an Issue #8
|
2013-01-16 14:54:37 +01:00 |
|
Miroslav Stampar
|
ff5ec48abd
|
Minor update for an Issue #8
|
2013-01-16 14:16:22 +01:00 |
|
Bernardo Damele
|
3464a70ac2
|
bug fix: without this generic concatenation of strings in concatQuery(), detection of UNION query SQLi only (--technique U) when the page did not disclose any DBMS error message and it was not MySQL (for which there are UNION SQLi specific payloads) was not detected
|
2013-01-16 01:53:33 +00:00 |
|
Bernardo Damele
|
542f6de72e
|
typo fix
|
2013-01-16 01:31:03 +00:00 |
|
Bernardo Damele
|
2a751e075d
|
more work on #342
|
2013-01-15 17:14:44 +00:00 |
|
Bernardo Damele
|
ec076f5f8a
|
write console output to temporary folder in any case the test case fails, even if no traceback is raised
|
2013-01-15 15:51:03 +00:00 |
|
Miroslav Stampar
|
7a1d484115
|
Implementation for an Issue #340
|
2013-01-15 16:05:33 +01:00 |
|
Bernardo Damele
|
c51358953a
|
add more Oracle system dbs
|
2013-01-15 14:51:29 +00:00 |
|
Bernardo Damele
|
3e2c3851f3
|
Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312)
|
2013-01-14 13:42:50 +00:00 |
|
Bernardo Damele
|
515c1c6205
|
removed leftover
|
2013-01-14 10:26:22 +00:00 |
|
Bernardo Damele
|
83000de9e1
|
improved handling and storing of exceptions with --live-test (#312)
|
2013-01-14 10:23:40 +00:00 |
|
Bernardo Damele
|
8125fe90a7
|
code refactoring
|
2013-01-14 10:22:38 +00:00 |
|
Bernardo Damele
|
036b612bcb
|
bug fix to be able to write unicode chars to debug file
|
2013-01-14 01:11:42 +00:00 |
|
Miroslav Stampar
|
fc560f2b75
|
Minor revert and proper fix
|
2013-01-14 00:47:29 +01:00 |
|
Bernardo Damele
|
b74cfbf336
|
minor enhancements for debug purposes (issue #312)
|
2013-01-13 23:15:56 +00:00 |
|
Bernardo Damele
|
fdd6075859
|
temporary patch to fix UNION query enumeration
|
2013-01-13 23:08:23 +00:00 |
|
Miroslav Stampar
|
92ea8841f8
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-13 16:23:09 +01:00 |
|
Miroslav Stampar
|
03dd958d96
|
Implementation for an Issue #48
|
2013-01-13 16:22:43 +01:00 |
|
Bernardo Damele
|
675e4a026b
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-11 13:31:49 +00:00 |
|
Bernardo Damele
|
41834e7a5b
|
working on #8 - still not usable though
|
2013-01-11 13:31:44 +00:00 |
|
Miroslav Stampar
|
bc4d8d3e02
|
Implementation for an Issue #332
|
2013-01-11 11:17:41 +01:00 |
|
Miroslav Stampar
|
5571d09354
|
Minor revert
|
2013-01-11 11:13:55 +01:00 |
|
Miroslav Stampar
|
ec4e49d771
|
Minor refactoring
|
2013-01-10 16:09:28 +01:00 |
|
Miroslav Stampar
|
1363f26367
|
Minor refactoring
|
2013-01-10 15:59:02 +01:00 |
|
Miroslav Stampar
|
834be1eddc
|
Restyling redundant 'except Exception' form
|
2013-01-10 15:54:28 +01:00 |
|
Miroslav Stampar
|
acfeeb4f51
|
Restyling old form of urlparse
|
2013-01-10 15:41:07 +01:00 |
|
Miroslav Stampar
|
8686c20fa5
|
Removing one obsolete instantiation line
|
2013-01-10 15:27:35 +01:00 |
|
Miroslav Stampar
|
934d41dac2
|
Minor style update (PEP8)
|
2013-01-10 15:02:28 +01:00 |
|
Miroslav Stampar
|
ca3d35a878
|
Some PEP8 related style cleaning
|
2013-01-10 13:18:44 +01:00 |
|
Miroslav Stampar
|
6cfa9cb0b3
|
Removing unused imports
|
2013-01-10 12:15:12 +01:00 |
|
Miroslav Stampar
|
05705857a9
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-10 12:09:48 +01:00 |
|
Miroslav Stampar
|
ca1c0c2a1d
|
Minor style update
|
2013-01-10 11:54:07 +01:00 |
|
Bernardo Damele
|
ca337159f5
|
added reminder TODO
|
2013-01-10 01:11:22 +00:00 |
|
Bernardo Damele
|
10f1099944
|
remove logging handler that shows logging messages to stdout - issue #297
|
2013-01-10 00:51:56 +00:00 |
|
Bernardo Damele
|
ccc3c3d1a3
|
minor fix to distinguish stdout from stderr
|
2013-01-10 00:51:05 +00:00 |
|
Bernardo Damele
|
2126a5ba12
|
minor index fix
|
2013-01-10 00:00:00 +00:00 |
|
Bernardo Damele
|
794700eb37
|
preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297
|
2013-01-09 22:08:50 +00:00 |
|
Bernardo Damele
|
d120dc18d1
|
cleanup
|
2013-01-09 22:06:27 +00:00 |
|
Bernardo Damele
|
58a60562ac
|
avoid exiting with a traceback for missing dependency, handle properly at some point
|
2013-01-09 16:05:55 +00:00 |
|
Bernardo Damele
|
7f4ce4afbb
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 16:04:29 +00:00 |
|
Bernardo Damele
|
510ceb6e19
|
first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28
|
2013-01-09 16:04:23 +00:00 |
|
Miroslav Stampar
|
bf5544903b
|
Minor style update
|
2013-01-09 16:10:26 +01:00 |
|
Miroslav Stampar
|
9bdcb1176d
|
Update for an Issue #169
|
2013-01-09 15:58:13 +01:00 |
|
Miroslav Stampar
|
25f01a419f
|
Minor style update (for the sake of consistency over the code and our PEP8 adaptation)
|
2013-01-09 15:38:41 +01:00 |
|
Miroslav Stampar
|
bdd2592848
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 15:22:30 +01:00 |
|
Miroslav Stampar
|
3d4f381ab5
|
Patch for an Issue #169
|
2013-01-09 15:22:21 +01:00 |
|
Bernardo Damele
|
c44a829b9b
|
pass a pickled options object to sqlmap engine when called from API
|
2013-01-09 12:34:45 +00:00 |
|
Bernardo Damele
|
8457cff278
|
added variable to store the live test traceback if any
|
2013-01-09 12:33:18 +00:00 |
|
Bernardo Damele
|
f11747732e
|
added missing command line options
|
2013-01-09 12:30:13 +00:00 |
|
Miroslav Stampar
|
55a552ddc4
|
Update for an Issue #24
|
2013-01-08 10:55:25 +01:00 |
|
Miroslav Stampar
|
ad85c4c964
|
Minor refactoring for an Issue #295
|
2013-01-08 10:23:02 +01:00 |
|
Bernardo Damele
|
1e35b3c8c9
|
proper link
|
2013-01-07 16:59:59 +00:00 |
|
Miroslav Stampar
|
74552bea87
|
Cleaning some garbage (hard coded paths with linux native slashes)
|
2013-01-07 16:51:00 +01:00 |
|
Bernardo Damele
|
7fa75792dd
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-07 11:10:08 +00:00 |
|
Bernardo Damele
|
a30d7014b9
|
removed unused var
|
2013-01-07 11:05:33 +00:00 |
|
Miroslav Stampar
|
5b77b20e2e
|
Removing trailing whitespaces (PEP8)
|
2013-01-03 23:57:07 +01:00 |
|
Miroslav Stampar
|
82b468211d
|
Minor update
|
2013-01-03 23:38:29 +01:00 |
|
Miroslav Stampar
|
f340ce8b4b
|
Minor style update
|
2013-01-03 23:35:29 +01:00 |
|
Miroslav Stampar
|
1712603dce
|
Replacing deprecated has_key() with operator in (PEP8)
|
2013-01-03 23:28:07 +01:00 |
|
Miroslav Stampar
|
e4a3c015e5
|
Replacing old and deprecated raise Exception style (PEP8)
|
2013-01-03 23:20:55 +01:00 |
|
Miroslav Stampar
|
304e52cb4d
|
Minor language update
|
2013-01-02 22:11:59 +01:00 |
|
Miroslav Stampar
|
09f1cdd8e1
|
Minor style update
|
2013-01-02 21:52:50 +01:00 |
|
Miroslav Stampar
|
0795760255
|
Minor fix
|
2012-12-30 11:22:23 +01:00 |
|
Miroslav Stampar
|
648d91d790
|
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)
|
2012-12-27 22:43:39 +01:00 |
|
Miroslav Stampar
|
3d01890147
|
Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode)
|
2012-12-27 21:15:44 +01:00 |
|
Miroslav Stampar
|
6ae4590edc
|
Removing problematic per-MySQL LIMIT prefix
|
2012-12-26 19:48:01 +01:00 |
|
Miroslav Stampar
|
77625e5af7
|
Minor revert
|
2012-12-21 19:31:05 +01:00 |
|
Miroslav Stampar
|
00e55828e4
|
Minor style update
|
2012-12-21 15:06:03 +01:00 |
|
Miroslav Stampar
|
8b3e17ed4d
|
Minor update (better approach for those old NOT IN cases in MsSQL - instead of standard pivot dump table)
|
2012-12-21 14:52:47 +01:00 |
|
Miroslav Stampar
|
35728fa443
|
Fix (and some hidden bug fixes/improvements) regarding an Issue #317
|
2012-12-21 10:51:35 +01:00 |
|
Miroslav Stampar
|
b94a5d42d4
|
Removing a leftover
|
2012-12-21 09:49:09 +01:00 |
|
Miroslav Stampar
|
0a122ccce4
|
Related to an Issue #319
|
2012-12-21 09:47:58 +01:00 |
|
Miroslav Stampar
|
1073ebc697
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 20:51:41 +01:00 |
|
Bernardo Damele
|
912323c12d
|
minor bug fix (#297)
|
2012-12-20 17:05:44 +00:00 |
|
Bernardo Damele
|
7adaffa71b
|
fixed options initiation
|
2012-12-20 16:53:43 +00:00 |
|
Miroslav Stampar
|
8efe056671
|
Minor refactoring
|
2012-12-20 15:51:03 +01:00 |
|
Bernardo Damele
|
e9ab33e9dd
|
standalone REST API, code cleanup (#297)
|
2012-12-20 14:35:02 +00:00 |
|
Miroslav Stampar
|
63d9b7a1f8
|
No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset)
|
2012-12-20 12:23:37 +01:00 |
|
Miroslav Stampar
|
c2c4601d6e
|
Minor restyling
|
2012-12-20 11:06:52 +01:00 |
|
Bernardo Damele
|
076b4063e6
|
these edits got overwritten from last commits
|
2012-12-20 09:42:44 +00:00 |
|
Miroslav Stampar
|
3cbe60b586
|
Proper fix
|
2012-12-20 10:37:20 +01:00 |
|
Miroslav Stampar
|
0d1ea7f05a
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
Conflicts:
lib/core/testing.py
|
2012-12-20 10:37:11 +01:00 |
|
Miroslav Stampar
|
da93e77eb2
|
Proper fix
|
2012-12-20 10:34:51 +01:00 |
|
Bernardo Damele
|
ac77724970
|
attempt to handle standard input from --live-test
|
2012-12-20 09:30:48 +00:00 |
|
Bernardo Damele
|
2b6ee06de0
|
minor bug fix to correctly parse unicode chars
|
2012-12-20 09:30:13 +00:00 |
|
Miroslav Stampar
|
69310e47ce
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 09:54:39 +01:00 |
|
Miroslav Stampar
|
06d8213ffd
|
minor fix (reading of unicode xml files)
|
2012-12-20 09:53:08 +01:00 |
|
Bernardo Damele
|
86872956d5
|
minor bug fix (for PostgreSQL)
|
2012-12-19 22:55:31 +00:00 |
|
Bernardo Damele
|
77843f44fb
|
minor bug fix (issue #314)
|
2012-12-19 22:49:02 +00:00 |
|
Bernardo Damele
|
357da43cea
|
slight improvement of live test engine and added misc test cases to xml
|
2012-12-19 17:28:41 +00:00 |
|
Bernardo Damele
|
85fcd27e2d
|
added support for random global variables
|
2012-12-19 15:58:06 +00:00 |
|
Bernardo Damele
|
12d34587cc
|
minor restyling
|
2012-12-19 14:34:34 +00:00 |
|
Bernardo Damele
|
326ff404fc
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:25:35 +00:00 |
|
Bernardo Damele
|
12eed58485
|
pointless restyling
|
2012-12-19 14:25:29 +00:00 |
|
Miroslav Stampar
|
37346fe8a3
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 15:23:57 +01:00 |
|
Miroslav Stampar
|
7ee98c7bff
|
Just for one girl out there waiting for this patch ;)
|
2012-12-19 15:23:38 +01:00 |
|
Bernardo Damele
|
3be90c97aa
|
forgot these
|
2012-12-19 14:12:45 +00:00 |
|
Bernardo Damele
|
cefb03c835
|
fixed bug related to issue #223
|
2012-12-19 14:12:09 +00:00 |
|
Bernardo Damele
|
27a12ae85b
|
restyling
|
2012-12-19 13:47:17 +00:00 |
|
Bernardo Damele
|
4b3b4eb374
|
commented out partial work
|
2012-12-19 13:47:04 +00:00 |
|
Bernardo Damele
|
3655d1f12a
|
revert change of name for now
|
2012-12-19 13:45:52 +00:00 |
|
Bernardo Damele
|
874e2176c6
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 13:43:00 +00:00 |
|
Bernardo Damele
|
4f0f729982
|
be more specific in standard output message as to whether or not the read file is same as remote file
|
2012-12-19 13:42:56 +00:00 |
|
Miroslav Stampar
|
23153e8088
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:29:08 +01:00 |
|
Miroslav Stampar
|
244901eda0
|
During --flush-session log file should be cleaned too (especially because of --live-tests)
|
2012-12-19 14:28:54 +01:00 |
|
Bernardo Damele
|
282aeb734f
|
ORDER BY does not play well with UNION query SQLi (related to issue #313)
|
2012-12-19 13:21:16 +00:00 |
|
Bernardo Damele
|
128597ee7e
|
--run-case is now case insensitive
|
2012-12-19 12:45:46 +00:00 |
|
Bernardo Damele
|
b91c829103
|
minor bug fix (issue #310)
|
2012-12-19 12:42:31 +00:00 |
|
Bernardo Damele
|
2bc2c0431c
|
fixed test cases
|
2012-12-19 12:33:37 +00:00 |
|
Bernardo Damele
|
9149d77cc8
|
removed duplicate code - fixes issue #310
|
2012-12-19 12:17:56 +00:00 |
|
Bernardo Damele
|
f5450e9f0e
|
layout adjustment
|
2012-12-19 11:39:38 +00:00 |
|
Miroslav Stampar
|
92e338251a
|
Finally working inference against MySQL/international letters (even chinese)
|
2012-12-19 10:44:02 +01:00 |
|
Miroslav Stampar
|
c9b8b51c9c
|
Update lib/core/common.py
Revert of last commit and try 2
|
2012-12-19 01:48:53 +01:00 |
|
Bernardo Damele
|
318fcee49c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 00:30:26 +00:00 |
|
Bernardo Damele
|
3c7007097a
|
minor refactoring
|
2012-12-19 00:30:22 +00:00 |
|
Miroslav Stampar
|
50b846b5af
|
Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
|
2012-12-19 01:26:12 +01:00 |
|
Miroslav Stampar
|
9e2f0131b9
|
Update lib/core/agent.py
|
2012-12-18 20:25:00 +01:00 |
|
Bernardo Damele
|
326ed33f31
|
added support for comma separated list of files for --file-read - fixes issue #223
|
2012-12-18 17:55:21 +00:00 |
|
Bernardo Damele
|
58656bbeb5
|
minor bug fix, union query has to be limited 0, 0
|
2012-12-18 16:36:30 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Miroslav Stampar
|
88d8494b5a
|
Implementation for an Issue #307
|
2012-12-18 16:03:35 +01:00 |
|
Bernardo Damele
|
3c1b696bd6
|
removed more print statements
|
2012-12-17 13:35:32 +00:00 |
|
Bernardo Damele
|
9f47eb0a59
|
cleaner
|
2012-12-17 13:29:37 +00:00 |
|
Bernardo Damele
|
0500712a03
|
removed unuseful prints
|
2012-12-17 13:29:19 +00:00 |
|
Bernardo Damele
|
ac44cf3ec0
|
minor fix: add also back-end DBMS and web app fingerprint output to log file
|
2012-12-17 13:02:09 +00:00 |
|
Bernardo Damele
|
bbd2adb5fb
|
improvements to --live-test and added --stop-fail switch
|
2012-12-17 11:41:43 +00:00 |
|
Bernardo Damele
|
2926c815bf
|
improved test switch --live-test and minor refactoring
|
2012-12-17 11:29:33 +00:00 |
|
Bernardo Damele
|
0c3da5c7eb
|
code refactoring and first time logger is handled by a separate file descriptor (issue #297)
|
2012-12-15 00:12:22 +00:00 |
|
Bernardo Damele
|
a2a71bb37b
|
cleanup from XML-RPC related stuff
|
2012-12-14 13:37:36 +00:00 |
|
Bernardo Damele
|
6e31e87de1
|
added initial support (hidden from -hh and not yet usable) for REST-JSON API
|
2012-12-14 02:49:25 +00:00 |
|
Miroslav Stampar
|
df0f08bc6a
|
Cleaning some (web upload based) garbage
|
2012-12-13 13:19:47 +01:00 |
|
Miroslav Stampar
|
5150172178
|
Minor update
|
2012-12-13 10:03:21 +01:00 |
|
Miroslav Stampar
|
fc4be0a77c
|
Minor fix
|
2012-12-12 16:45:29 +01:00 |
|
Miroslav Stampar
|
921000bd87
|
Another update for an Issue #287
|
2012-12-12 14:22:24 +01:00 |
|
Miroslav Stampar
|
c3f20a136f
|
Minor update for an Issue #287
|
2012-12-12 14:03:03 +01:00 |
|
Miroslav Stampar
|
a6448e8768
|
Update for an Issue #287
|
2012-12-12 11:54:59 +01:00 |
|
Miroslav Stampar
|
b9f6fc5f4e
|
First commit (and working one) for an Issue #287 (XML-RPC server)
|
2012-12-11 16:02:06 +01:00 |
|
Miroslav Stampar
|
b5884c7eda
|
Minor language update
|
2012-12-11 15:24:02 +01:00 |
|
Miroslav Stampar
|
760519dbe9
|
Removing redundant piece of code
|
2012-12-11 15:21:27 +01:00 |
|
Miroslav Stampar
|
a54c261496
|
Minor update for Issues #292 & #293 (only single alert per target)
|
2012-12-11 14:44:43 +01:00 |
|
Miroslav Stampar
|
5c2451d83c
|
Implementation for an Issue #293
|
2012-12-11 12:48:58 +01:00 |
|
Miroslav Stampar
|
562044577b
|
Implementation for an Issue #292
|
2012-12-11 12:02:06 +01:00 |
|
Miroslav Stampar
|
6433be8b3d
|
Style update
|
2012-12-10 17:20:04 +01:00 |
|
Miroslav Stampar
|
a024884ca7
|
Support for a HTTP parameter pollution (Issue #267)
|
2012-12-10 11:55:31 +01:00 |
|
Miroslav Stampar
|
1f7644a691
|
Minor fix when user doesn't want custom injection char marker to be processed
|
2012-12-08 21:23:30 +01:00 |
|
Miroslav Stampar
|
0cbdaaecfa
|
Revert of 99e9412f74 (because of an Issue #289)
|
2012-12-08 08:53:25 +01:00 |
|
Miroslav Stampar
|
1028afce37
|
Removal of leftovers
|
2012-12-06 14:15:44 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|
Miroslav Stampar
|
baccbd6f48
|
Implementation for an Issue #283
|
2012-12-06 11:57:57 +01:00 |
|
Miroslav Stampar
|
ab67344448
|
Removed unused imports and variables (pyflake-ing)
|
2012-12-06 11:15:05 +01:00 |
|
Miroslav Stampar
|
b6650add46
|
Introducing 'new style classes' (idea from Pull request #284)
|
2012-12-06 10:42:53 +01:00 |
|
Miroslav Stampar
|
0f191f624c
|
Taking some goodies from Pull request #284
|
2012-12-06 10:21:53 +01:00 |
|
Miroslav Stampar
|
6b39e661a7
|
Fix for an issue #279
|
2012-12-05 12:15:14 +01:00 |
|
Miroslav Stampar
|
775e0df04b
|
Update for an Issue #278
|
2012-12-05 10:45:17 +01:00 |
|
Miroslav Stampar
|
6b007ab188
|
Minor patch for an Issue #274 (just in case to avoid this kind of problems)
|
2012-12-04 16:14:14 +01:00 |
|
Miroslav Stampar
|
e2aa695655
|
Minor update
|
2012-12-03 17:20:18 +01:00 |
|
Miroslav Stampar
|
42a8234c6f
|
Update for an Issue #12
|
2012-12-03 14:27:01 +01:00 |
|
Miroslav Stampar
|
79fca8e9d5
|
Fix for an Issue #268
|
2012-12-03 12:13:59 +01:00 |
|
Miroslav Stampar
|
8410fc5a9d
|
Minor update
|
2012-12-02 08:00:55 +01:00 |
|
redshark1802
|
1675386093
|
fixed typo that created an invalid configuration file with the option '--save'
|
2012-11-30 23:00:03 +01:00 |
|
Miroslav Stampar
|
5b61e9ce12
|
Minor update for an Issue #254
|
2012-11-30 11:43:50 +01:00 |
|
Miroslav Stampar
|
7e2db762d6
|
Minor update
|
2012-11-29 15:45:04 +01:00 |
|
Miroslav Stampar
|
8f10023523
|
Fix for an Issue #266
|
2012-11-29 15:44:14 +01:00 |
|
Miroslav Stampar
|
3b961c2550
|
Update for an Issue #254
|
2012-11-29 15:36:38 +01:00 |
|
Miroslav Stampar
|
a7e1e856d4
|
Fix for an Issue #260
|
2012-11-28 17:00:26 +01:00 |
|
Miroslav Stampar
|
35d1146fd1
|
Minor update for an (Issue #254)
|
2012-11-28 12:53:11 +01:00 |
|
Miroslav Stampar
|
753d0f18bf
|
First CSS style added for a HTML table dump format (Issue #254)
|
2012-11-28 12:46:43 +01:00 |
|
Miroslav Stampar
|
b6ea337937
|
First style-less prototype for an HTML dump output (Issue #254)
|
2012-11-28 12:28:42 +01:00 |
|
Miroslav Stampar
|
e2d8b53e97
|
Minor update for an Issue #264
|
2012-11-28 11:45:33 +01:00 |
|
Miroslav Stampar
|
cff0c59630
|
Implementation for an Issue #264
|
2012-11-28 11:41:39 +01:00 |
|
Miroslav Stampar
|
5bf5b95588
|
More refactoring for an Issue #254
|
2012-11-28 11:16:00 +01:00 |
|
Miroslav Stampar
|
87a92ab330
|
Deprecating --replicate (Issue #254)
|
2012-11-28 11:10:57 +01:00 |
|
Miroslav Stampar
|
f08eb0fd9f
|
Minor style update
|
2012-11-28 10:59:15 +01:00 |
|
Miroslav Stampar
|
d95dd2d16e
|
Preparation for an Issue #254
|
2012-11-28 10:58:18 +01:00 |
|
Miroslav Stampar
|
d490ffb163
|
Fix for an Issue #259
|
2012-11-27 11:45:22 +01:00 |
|
Miroslav Stampar
|
bd33128085
|
Fix for an Issue #262
|
2012-11-27 10:08:22 +01:00 |
|
Miroslav Stampar
|
38c96a366b
|
Patch for an Issue #260
|
2012-11-26 11:16:59 +01:00 |
|
Miroslav Stampar
|
ef2038f1c8
|
Implementation for an Issue #253
|
2012-11-21 10:16:13 +01:00 |
|
Miroslav Stampar
|
93e071fc33
|
Fix for an Issue #251
|
2012-11-20 11:19:23 +01:00 |
|
Miroslav Stampar
|
302348b0cd
|
Minor update
|
2012-11-19 11:59:28 +01:00 |
|
Miroslav Stampar
|
d37be5f97b
|
Fix for an Issue #248
|
2012-11-14 15:54:24 +01:00 |
|
Miroslav Stampar
|
9a54a911a8
|
Patch for an Issue #231
|
2012-11-14 11:30:29 +01:00 |
|
Miroslav Stampar
|
6f7f9dd8eb
|
Patch for an Issue #242
|
2012-11-13 10:41:13 +01:00 |
|
Miroslav Stampar
|
a52dbc575b
|
Patch for an Issue #246
|
2012-11-13 10:21:11 +01:00 |
|
Miroslav Stampar
|
f305dde413
|
Patch for an Issue #235
|
2012-11-10 11:01:29 +01:00 |
|
Miroslav Stampar
|
181c3534f0
|
Patch for an Issue #237
|
2012-11-08 19:16:37 +01:00 |
|
Miroslav Stampar
|
e7e83defaa
|
Minor update
|
2012-11-08 11:09:34 +01:00 |
|
Miroslav Stampar
|
1ee0d9ce5e
|
Fix for an Issue #229
|
2012-11-05 15:58:54 +01:00 |
|
Miroslav Stampar
|
2de52927f3
|
Code refactoring (epecially Google search code)
|
2012-10-30 18:38:10 +01:00 |
|
Miroslav Stampar
|
5cfc066ac4
|
Minor update
|
2012-10-30 10:30:22 +01:00 |
|
Miroslav Stampar
|
7c7aff12c6
|
Update for an Issue #225
|
2012-10-30 01:26:19 +01:00 |
|
Miroslav Stampar
|
b0f5b4f9bc
|
Update for an Issue #225
|
2012-10-30 00:59:31 +01:00 |
|
Miroslav Stampar
|
a9094a35fe
|
Fix for an Issue #227
|
2012-10-30 00:20:49 +01:00 |
|
Miroslav Stampar
|
1d07b93730
|
Bug fix for --os-shell on MySQL (it was not working for a long time because of this)
|
2012-10-29 15:45:30 +01:00 |
|
Miroslav Stampar
|
5358d85d37
|
Important refactoring for web-based functionality
|
2012-10-29 15:09:05 +01:00 |
|
Miroslav Stampar
|
81ccf28785
|
Minor refactoring
|
2012-10-29 14:08:48 +01:00 |
|
Miroslav Stampar
|
359e734954
|
Minor refactoring
|
2012-10-29 10:48:49 +01:00 |
|
Miroslav Stampar
|
c1eb803ef5
|
Bug fix for MsSQL --hex --technique=E (NOT IN based queries were not working properly)
|
2012-10-28 21:16:51 +01:00 |
|
Miroslav Stampar
|
25a5073281
|
Bug fix for --hex/--technique=B (especially MsSQL)
|
2012-10-28 12:22:33 +01:00 |
|
Miroslav Stampar
|
8617fe0d65
|
Bug fix for international letters decoded with --hex on MsSQL
|
2012-10-28 11:50:16 +01:00 |
|
Miroslav Stampar
|
ca427af8b3
|
Minor refactoring/improvement
|
2012-10-28 01:42:08 +02:00 |
|
Miroslav Stampar
|
43ddf39bea
|
Minor refactoring
|
2012-10-28 01:16:02 +02:00 |
|
Miroslav Stampar
|
bcdba7b7bb
|
Dealing with rare cases when getIdentifiedDbms is needed prior to DBMS isfingerprinted and there are multiples of dbmses inside details
|
2012-10-28 01:11:50 +02:00 |
|
Miroslav Stampar
|
c1b8226329
|
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
|
2012-10-28 00:36:09 +02:00 |
|
Miroslav Stampar
|
965d7eee17
|
Minor bug fix for a reflection removal mechanism
|
2012-10-26 00:06:15 +02:00 |
|
Miroslav Stampar
|
8a5844a364
|
Implementation for an Issue #222
|
2012-10-25 13:21:32 +02:00 |
|
Miroslav Stampar
|
12fc9442b9
|
Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)
|
2012-10-25 10:10:23 +02:00 |
|
Miroslav Stampar
|
65ec715828
|
Fix for an Issue #218
|
2012-10-25 00:03:00 +02:00 |
|
Miroslav Stampar
|
5477c9f7ba
|
Fix for an Issue #216
|
2012-10-24 22:59:46 +02:00 |
|
Miroslav Stampar
|
056be32ac1
|
Fix for Issue #213
|
2012-10-23 17:06:31 +02:00 |
|
Miroslav Stampar
|
4365c48e83
|
Minor style update
|
2012-10-23 14:38:24 +02:00 |
|
Miroslav Stampar
|
06f226c494
|
Fix for an Issue #211
|
2012-10-23 14:37:45 +02:00 |
|
Miroslav Stampar
|
b82eb3a1ae
|
Fix for an Issue #210
|
2012-10-23 13:58:25 +02:00 |
|
Miroslav Stampar
|
f2bbf1ead9
|
Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)
|
2012-10-23 11:05:00 +02:00 |
|
Miroslav Stampar
|
5ff2e33c43
|
Minor fix
|
2012-10-23 10:54:26 +02:00 |
|
Miroslav Stampar
|
68d5faa287
|
Minor update
|
2012-10-23 10:46:17 +02:00 |
|
Miroslav Stampar
|
f11a640e99
|
Undo of a previous commit (pdb left inside)
|
2012-10-22 14:39:35 +02:00 |
|
Miroslav Stampar
|
b913e2123d
|
Displaying hex-decoded resulting output in --hex mode
|
2012-10-22 14:39:11 +02:00 |
|
Miroslav Stampar
|
39f565533a
|
In case on --no-cast DUMP_REPLACEMENTS should not be used
|
2012-10-22 14:13:30 +02:00 |
|
Miroslav Stampar
|
d65d9e25cd
|
Implementation for an Issue #2
|
2012-10-19 11:02:14 +02:00 |
|
Miroslav Stampar
|
64b4586883
|
Minor update
|
2012-10-18 11:36:12 +02:00 |
|
Miroslav Stampar
|
ea49fa2db2
|
Fix for an Issue #206
|
2012-10-18 11:11:20 +02:00 |
|
Miroslav Stampar
|
1cb2ca4195
|
Minor update
|
2012-10-18 10:55:27 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
3e64ab214e
|
Minor update
|
2012-10-16 10:28:59 +02:00 |
|
Miroslav Stampar
|
8b57e1fce6
|
Minor update for an Issue #203
|
2012-10-15 23:15:52 +02:00 |
|
Miroslav Stampar
|
048e720f69
|
Minor refactoring for an Issue #203
|
2012-10-15 17:55:57 +02:00 |
|
Miroslav Stampar
|
9aba690a60
|
Patch for an Issue #203
|
2012-10-15 16:23:41 +02:00 |
|
Miroslav Stampar
|
e440b096c5
|
Fix for an Issue #202
|
2012-10-15 12:24:30 +02:00 |
|
Miroslav Stampar
|
56832fe9c4
|
Better adjustTimeDelay() candidate algorithm
|
2012-10-11 14:23:53 +02:00 |
|
Miroslav Stampar
|
e61c4c22c9
|
Implementation for an Issue #200
|
2012-10-09 15:19:47 +02:00 |
|
Miroslav Stampar
|
cd9a47835b
|
Minor consistency update
|
2012-10-09 14:48:26 +02:00 |
|
Miroslav Stampar
|
8c5fb1b064
|
Minor update
|
2012-10-09 14:46:45 +02:00 |
|
Miroslav Stampar
|
ea12ccec77
|
Minor refactoring
|
2012-10-09 11:33:19 +02:00 |
|
Miroslav Stampar
|
10b0fd21dc
|
Fix for an Issue #198
|
2012-10-09 11:27:19 +02:00 |
|
Miroslav Stampar
|
8e7449ccd5
|
Minor update
|
2012-10-07 20:28:24 +02:00 |
|
Miroslav Stampar
|
ebc7088f94
|
Implementation for an Issue #128
|
2012-10-05 10:24:09 +02:00 |
|
Miroslav Stampar
|
098e446ca4
|
Adding support for generic XML POST data
|
2012-10-04 18:44:12 +02:00 |
|
Miroslav Stampar
|
8865fe69d7
|
Minor cleanup
|
2012-10-04 18:26:07 +02:00 |
|
Miroslav Stampar
|
d464678e10
|
Minor update for an Issue #49
|
2012-10-04 18:01:42 +02:00 |
|
Miroslav Stampar
|
84b05e2d18
|
Better treating of numeric values (Issue #49)
|
2012-10-04 16:08:37 +02:00 |
|
Miroslav Stampar
|
31aa9be1c7
|
Minor update
|
2012-10-04 15:40:11 +02:00 |
|
Miroslav Stampar
|
9129dac77b
|
Minor fix for an Issue #134
|
2012-10-04 15:33:26 +02:00 |
|
Miroslav Stampar
|
5d2b534908
|
Minor update (Issue #49)
|
2012-10-04 15:23:01 +02:00 |
|
Miroslav Stampar
|
5b59b6feb4
|
Removing junk part
|
2012-10-04 12:09:09 +02:00 |
|
Miroslav Stampar
|
d570e25b1b
|
Minor workflow update
|
2012-10-04 12:05:59 +02:00 |
|
Miroslav Stampar
|
eddc634ceb
|
Minor improvement (custom injection marks are now processed in order of appearance)
|
2012-10-04 11:52:40 +02:00 |
|
Miroslav Stampar
|
3764d230be
|
Minor fix for Issue #197 and Issue #49
|
2012-10-04 11:43:37 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
bcbf0571a5
|
Implementation for an Issue #49
|
2012-10-02 14:23:58 +02:00 |
|
Miroslav Stampar
|
763dc98311
|
Minor refactoring
|
2012-10-02 13:36:15 +02:00 |
|
Miroslav Stampar
|
687f3991de
|
Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.
|
2012-09-26 11:27:43 +02:00 |
|
Miroslav Stampar
|
6bc5f44b20
|
Minor just in case update for an Issue #195 (safer behavior on forced charsets)
|
2012-09-25 15:09:07 +02:00 |
|
Miroslav Stampar
|
efe4c13ed1
|
Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments)
|
2012-09-25 14:36:15 +02:00 |
|
Miroslav Stampar
|
fccdb824bb
|
Patch for an Issue #193
|
2012-09-25 11:21:39 +02:00 |
|
Miroslav Stampar
|
c9e7e71ea2
|
Implementation for an Issue #195
|
2012-09-25 10:17:25 +02:00 |
|
Miroslav Stampar
|
9ca7b3e20e
|
Implementation for an Issue #194
|
2012-09-25 09:25:35 +02:00 |
|
Miroslav Stampar
|
d175decdfc
|
Fix for an Issue #190
|
2012-09-22 20:59:40 +02:00 |
|
Miroslav Stampar
|
9a1fbb8941
|
Fix for an Issue #185
|
2012-09-13 14:22:26 +02:00 |
|
Miroslav Stampar
|
a64438fb5c
|
Minor language update
|
2012-09-11 19:45:40 +02:00 |
|
Miroslav Stampar
|
05dced5418
|
Minor language update
|
2012-09-11 19:43:03 +02:00 |
|
Miroslav Stampar
|
511c3b8dcc
|
Update and fix for an Issue #182
|
2012-09-11 14:58:52 +02:00 |
|
Miroslav Stampar
|
f26ea04e38
|
Fix for an Issue #175
|
2012-09-07 17:06:38 +02:00 |
|
Miroslav Stampar
|
e4bc471f81
|
Fix for an Issue #173
|
2012-09-07 10:09:19 +02:00 |
|
Miroslav Stampar
|
a3baf94e9b
|
Minor style update
|
2012-09-07 10:09:00 +02:00 |
|
Miroslav Stampar
|
cea5127ffd
|
Update for an Issue #6
|
2012-09-06 15:51:38 +02:00 |
|
Miroslav Stampar
|
c3d191e626
|
Minor update for an Issue #2
|
2012-09-06 14:13:54 +02:00 |
|
Miroslav Stampar
|
1e238b5a5a
|
Minor update
|
2012-09-06 13:36:34 +02:00 |
|
Miroslav Stampar
|
f6716cf7c0
|
Fix for an Issue #170
|
2012-09-01 23:52:00 +02:00 |
|
Miroslav Stampar
|
2170e64ca5
|
Minor bug fix
|
2012-08-31 19:48:45 +02:00 |
|
Miroslav Stampar
|
33980adaef
|
Another update for an Issue #79
|
2012-08-31 12:46:38 +02:00 |
|
Miroslav Stampar
|
7286d89cb6
|
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
|
2012-08-31 12:15:09 +02:00 |
|
Miroslav Stampar
|
2806185989
|
Minor refactoring
|
2012-08-31 10:43:06 +02:00 |
|
Miroslav Stampar
|
74a5d41272
|
Minor update for an Issue #79
|
2012-08-31 10:24:47 +02:00 |
|
Miroslav Stampar
|
a89d61415a
|
'Patch' for an Issue #167
|
2012-08-29 21:29:27 +02:00 |
|
Miroslav Stampar
|
9674b174ee
|
One more minor update related to last commit
|
2012-08-23 15:37:17 +02:00 |
|
Miroslav Stampar
|
b79247c197
|
Minor update
|
2012-08-23 15:22:14 +02:00 |
|
Miroslav Stampar
|
e9ae44c6fc
|
Implementation for an #162
|
2012-08-22 16:50:01 +02:00 |
|
Miroslav Stampar
|
a62a874d59
|
Update for an Issue #161 (changing default readInput value regarding the conf.multipleTargets)
|
2012-08-22 16:06:09 +02:00 |
|
Miroslav Stampar
|
52351e5d81
|
Update for an Issue #161 (now detecting format error messages too)
|
2012-08-22 15:51:47 +02:00 |
|
Miroslav Stampar
|
a6d743ec4c
|
Minor console output fix (redundant newline has been displayed in case of rawInput)
|
2012-08-22 14:43:57 +02:00 |
|
Miroslav Stampar
|
8a5042b6a4
|
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)
|
2012-08-22 11:56:30 +02:00 |
|
Miroslav Stampar
|
61151447fe
|
Implementation of an Issue #161
|
2012-08-22 11:27:58 +02:00 |
|
Miroslav Stampar
|
2c66ca39f1
|
Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0)
|
2012-08-22 09:53:53 +02:00 |
|
Miroslav Stampar
|
ad59abe018
|
Cleaning leftover
|
2012-08-21 14:37:09 +02:00 |
|
Miroslav Stampar
|
1b86fffc6d
|
Fix for an Issue #157
|
2012-08-21 14:36:04 +02:00 |
|
Miroslav Stampar
|
d421f9a618
|
Fix for an Issue #157
|
2012-08-21 14:34:19 +02:00 |
|
Miroslav Stampar
|
1bcf5a6b88
|
Some more dict refactorings
|
2012-08-21 11:30:01 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
b7415d36df
|
Minor refactoring
|
2012-08-21 10:28:25 +02:00 |
|
Miroslav Stampar
|
8ee9feafb9
|
Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries)
|
2012-08-20 21:57:25 +02:00 |
|
Miroslav Stampar
|
823dde73ab
|
Minor cleanup
|
2012-08-20 11:40:49 +02:00 |
|
Miroslav Stampar
|
e0d9fa8666
|
Minor style update
|
2012-08-20 11:28:41 +02:00 |
|
Miroslav Stampar
|
59078bb1b8
|
Fix for an Issue #154
|
2012-08-20 10:05:13 +02:00 |
|
Miroslav Stampar
|
4649450603
|
Fix for an Issue #137
|
2012-08-16 22:20:24 +02:00 |
|
Miroslav Stampar
|
0d8fca30c9
|
Fix for an Issue #59
|
2012-08-16 11:31:43 +02:00 |
|
Miroslav Stampar
|
1af81c0de4
|
Implementation of an Issue #149
|
2012-08-15 22:31:25 +02:00 |
|
Miroslav Stampar
|
f358ab2e73
|
Implementation of an Issue #147
|
2012-08-15 16:37:18 +02:00 |
|
Miroslav Stampar
|
36b55cf209
|
Proper fix for an Issue #145
|
2012-08-14 22:28:42 +02:00 |
|
Miroslav Stampar
|
ab35ab4e2a
|
Fix for an Issue #145
|
2012-08-14 18:52:45 +02:00 |
|
Miroslav Stampar
|
432b567584
|
Fix for an Issue #141
|
2012-08-08 00:03:58 +02:00 |
|
Miroslav Stampar
|
31ceb0cb6c
|
Fix for an Issue #140
|
2012-08-07 10:57:29 +02:00 |
|
Miroslav Stampar
|
fec8a5cc9d
|
Fix for an Issue #139
|
2012-08-07 00:50:58 +02:00 |
|
Miroslav Stampar
|
f797a6d813
|
Fix for an Issue #125
|
2012-07-31 13:06:45 +02:00 |
|
Miroslav Stampar
|
6f529542e3
|
Making those --string tips (containing escaped characters) decodable by sqlmap
|
2012-07-31 11:32:53 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Miroslav Stampar
|
bdbe8ff9d9
|
Fix for an Issue #132
|
2012-07-30 22:39:45 +02:00 |
|
Miroslav Stampar
|
b9ac50faef
|
Minor bug fix
|
2012-07-30 12:09:20 +02:00 |
|
Miroslav Stampar
|
a86f9798b2
|
Minor refactoring together with a wider support for html entities
|
2012-07-30 11:21:32 +02:00 |
|
Miroslav Stampar
|
20a66567a3
|
Minor refactoring
|
2012-07-30 10:06:14 +02:00 |
|
Miroslav Stampar
|
1669c6bdb4
|
Another update for an Issue #28
|
2012-07-27 17:05:21 +02:00 |
|
Miroslav Stampar
|
6ffc5665d0
|
Update for Issue #28
|
2012-07-27 16:29:33 +02:00 |
|
Bernardo Damele
|
92c2b3bd4c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-26 23:11:11 +01:00 |
|
Bernardo Damele
|
d492291744
|
working on issue #12
|
2012-07-26 23:11:07 +01:00 |
|
Miroslav Stampar
|
efa99c4519
|
Implementation for an Issue #4
|
2012-07-26 14:07:05 +02:00 |
|
Miroslav Stampar
|
b3552494c4
|
Minor preparation for an Issue #48
|
2012-07-26 12:26:57 +02:00 |
|
Miroslav Stampar
|
3e9f1fe410
|
Minor style update
|
2012-07-26 12:13:16 +02:00 |
|
Miroslav Stampar
|
30f8d09651
|
Implementation for an Issue #70
|
2012-07-26 12:06:02 +02:00 |
|
Miroslav Stampar
|
231f0f76b5
|
Fix for an Issue #119
|
2012-07-26 00:49:51 +02:00 |
|
Miroslav Stampar
|
cba77410a9
|
Minor style update
|
2012-07-26 00:08:49 +02:00 |
|
Miroslav Stampar
|
18b1d1efd6
|
Fix for an Issue #121
|
2012-07-26 00:02:38 +02:00 |
|
Miroslav Stampar
|
922ea9d1f4
|
Update for Issue #118
|
2012-07-24 15:43:29 +02:00 |
|
Miroslav Stampar
|
f8c9868cb6
|
Implementation for an Issue #118
|
2012-07-24 15:34:50 +02:00 |
|
Miroslav Stampar
|
42f518b2d6
|
Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized
|
2012-07-24 14:44:44 +02:00 |
|
Miroslav Stampar
|
b820975217
|
Improvement of decodeIntToUnicode()
|
2012-07-23 19:31:06 +02:00 |
|
Miroslav Stampar
|
ab9cb80602
|
Implementing Issue #111
|
2012-07-23 15:14:52 +02:00 |
|
Miroslav Stampar
|
6809449e31
|
Minor style update
|
2012-07-23 15:06:49 +02:00 |
|
Miroslav Stampar
|
a7d1a0c250
|
Implementation for an Issue #117
|
2012-07-23 14:14:22 +02:00 |
|
Miroslav Stampar
|
1b6cb9442f
|
Fix for an Issue #114
|
2012-07-21 23:31:36 +02:00 |
|
Miroslav Stampar
|
95e0d46e3e
|
Fix for an Issue #110
|
2012-07-21 09:15:54 +02:00 |
|
Miroslav Stampar
|
dcf8a27f12
|
Implementation for an Issue #67
|
2012-07-18 14:24:10 +02:00 |
|
Miroslav Stampar
|
4fc462c4d9
|
Minor update for an Issue #105
|
2012-07-18 14:09:04 +02:00 |
|
Miroslav Stampar
|
655dd55a6f
|
Implementation of an Issue #105
|
2012-07-18 13:32:34 +02:00 |
|
Miroslav Stampar
|
08244c7ebf
|
Fix for an Issue #104
|
2012-07-17 15:05:50 +02:00 |
|
Miroslav Stampar
|
e30646a54f
|
Fix for an Issue #103
|
2012-07-17 10:36:22 +02:00 |
|
Miroslav Stampar
|
d6ceb7af5e
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-17 00:19:52 +02:00 |
|
Miroslav Stampar
|
81d15e5051
|
Fix for an Issue #101
|
2012-07-17 00:19:33 +02:00 |
|
Bernardo Damele
|
5f876bdbbe
|
minor adjustments
|
2012-07-16 22:50:29 +01:00 |
|
Miroslav Stampar
|
c96e44b30c
|
Fix for an Issue #100
|
2012-07-16 23:28:01 +02:00 |
|
Miroslav Stampar
|
ffbbb10abb
|
Support for dotted identificator names
|
2012-07-16 23:13:21 +02:00 |
|
Miroslav Stampar
|
0eff977c63
|
Refactoring for Issue #91
|
2012-07-16 12:24:54 +02:00 |
|
Miroslav Stampar
|
4d759984b2
|
Implementation for Issue #91
|
2012-07-16 12:12:52 +02:00 |
|
Miroslav Stampar
|
c1a14257a4
|
Removing --disable... switches and making changes in default choice(s) for respectable sections
|
2012-07-16 11:31:51 +02:00 |
|
Miroslav Stampar
|
07a85874fe
|
Implementation for Issue #92
|
2012-07-16 11:07:47 +02:00 |
|
Miroslav Stampar
|
87ecf205cb
|
More work for Issue #66
|
2012-07-14 17:01:04 +02:00 |
|
Miroslav Stampar
|
38d82771be
|
Minor style update
|
2012-07-14 11:23:22 +02:00 |
|
Miroslav Stampar
|
805120ac52
|
Minor refactoring
|
2012-07-14 11:01:30 +02:00 |
|
Miroslav Stampar
|
9a7fc24ec2
|
Minor style update
|
2012-07-13 15:22:08 +02:00 |
|
Miroslav Stampar
|
32b700f130
|
Minor style update
|
2012-07-13 15:02:11 +02:00 |
|
Miroslav Stampar
|
fbb5db00ba
|
Minor style update
|
2012-07-13 15:00:39 +02:00 |
|
Miroslav Stampar
|
786686da60
|
Minor language update
|
2012-07-13 14:53:42 +02:00 |
|
Miroslav Stampar
|
3c81f74823
|
Minor style update
|
2012-07-13 12:22:37 +02:00 |
|
Miroslav Stampar
|
6ade007aec
|
Minor update of language
|
2012-07-13 12:13:04 +02:00 |
|
Miroslav Stampar
|
c5ecc8b8db
|
Closing work on Issue #83
|
2012-07-13 11:23:21 +02:00 |
|
Miroslav Stampar
|
48f68bd076
|
First commit for Issue #83
|
2012-07-13 10:35:22 +02:00 |
|
Miroslav Stampar
|
d834e8debf
|
Minor update
|
2012-07-13 10:28:03 +02:00 |
|
Miroslav Stampar
|
b11fd8b9f7
|
Fix for an Issue #87
|
2012-07-13 10:11:16 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Miroslav Stampar
|
a49d685eb8
|
Hidding --beep (Issue #84)
|
2012-07-12 17:03:24 +02:00 |
|
Miroslav Stampar
|
569c9214bf
|
Adding support for boldifying important logging messages
|
2012-07-12 16:30:35 +02:00 |
|
Miroslav Stampar
|
b2fe1c30f8
|
Minority report
|
2012-07-12 16:04:01 +02:00 |
|
Miroslav Stampar
|
8e18514e56
|
Minor refactoring for all that stickyness
|
2012-07-12 15:58:45 +02:00 |
|
Miroslav Stampar
|
fe61bdce75
|
Minor update
|
2012-07-12 15:25:26 +02:00 |
|
Miroslav Stampar
|
dbbca16c69
|
Minor renaming
|
2012-07-12 15:24:40 +02:00 |
|
Miroslav Stampar
|
9bc24cea6b
|
Dealing with kb.currentMessage issue
|
2012-07-12 15:23:35 +02:00 |
|
Miroslav Stampar
|
b320dc118d
|
Minor fix (recognizing if it's colorizing handler or not)
|
2012-07-12 14:55:54 +02:00 |
|
Miroslav Stampar
|
65639cdda6
|
First update for Issue #75 (error-based dumping)
|
2012-07-12 14:31:28 +02:00 |
|
Miroslav Stampar
|
3fd5119f3f
|
Redesigning for Issue #75
|
2012-07-12 13:42:22 +02:00 |
|
Bernardo Damele
|
3d66e2dfb1
|
minor bug fix
|
2012-07-12 10:47:51 +01:00 |
|
Bernardo Damele
|
ee3aeb8dcf
|
actual implementation of issue #75, still some work to do
|
2012-07-12 01:16:00 +01:00 |
|
Bernardo Damele
|
a5924739f6
|
minor code refactoring in preparation of ticket #75
|
2012-07-12 01:12:30 +01:00 |
|
Bernardo Damele
|
53c0336b48
|
added --hostname switch to retrieve DBMS server hostname - closes issue #69
|
2012-07-12 00:01:57 +01:00 |
|
Bernardo Damele
|
4e64c1126d
|
restored bold on questions to users (calls from readInput()) - issue #77
|
2012-07-11 22:56:11 +01:00 |
|
Bernardo Damele
|
247f95e051
|
restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")
|
2012-07-11 22:48:27 +01:00 |
|
Bernardo Damele
|
2b3ea3e3b7
|
fixed colouring for PAYLOAD (-v 3) - issue #77
|
2012-07-11 22:40:52 +01:00 |
|
Miroslav Stampar
|
15ee5310d9
|
Adding traffic in and out to color_map
|
2012-07-11 20:42:18 +02:00 |
|
Miroslav Stampar
|
43cac2212b
|
Fix for a case when ColorizingStreamHandler is not used
|
2012-07-11 20:36:32 +02:00 |
|
Miroslav Stampar
|
72378d4f61
|
Some more refactoring
|
2012-07-11 20:29:48 +02:00 |
|
Miroslav Stampar
|
c6464b44be
|
Some more refactoring
|
2012-07-11 20:13:23 +02:00 |
|
Miroslav Stampar
|
d7926b8aac
|
Minor refactoring
|
2012-07-11 19:54:21 +02:00 |
|
Bernardo Damele
|
53ccd09ca4
|
now also readInput() uses colouring
|
2012-07-11 17:53:32 +01:00 |
|
Bernardo Damele
|
02ec25b4b8
|
code refactoring
|
2012-07-11 17:44:23 +01:00 |
|
Bernardo Damele
|
77b275f1a6
|
conf->kb
|
2012-07-11 17:32:12 +01:00 |
|
Bernardo Damele
|
1d2c87e24e
|
leftover
|
2012-07-11 17:22:01 +01:00 |
|
Bernardo Damele
|
105ac8ea77
|
deleted unnecessary hg file
|
2012-07-11 17:06:56 +01:00 |
|
Bernardo Damele
|
fa2f6f9a39
|
colourize manually crafter "logging" messages
|
2012-07-11 16:48:30 +01:00 |
|
Bernardo Damele
|
f219b39980
|
minor fix in case ctypes is not installed on Windows
|
2012-07-10 13:08:37 +01:00 |
|
Miroslav Stampar
|
8caffac4bc
|
conf.unescape->kb.unescape
|
2012-07-10 10:55:04 +02:00 |
|
Miroslav Stampar
|
e7f78bf04f
|
Fix for an issue where False value was displayed for --is.. switches
|
2012-07-10 10:31:14 +02:00 |
|
Bernardo Damele
|
ea77e7d9d1
|
added missing file - issue #77
|
2012-07-10 03:00:21 +01:00 |
|
Bernardo Damele
|
eb7ffb8f91
|
setup for implementing logging colouring - issue #77
|
2012-07-10 02:54:37 +01:00 |
|
Bernardo Damele
|
0a3899858d
|
missed in previous commit
|
2012-07-10 01:37:53 +01:00 |
|
Bernardo Damele
|
a27f50ed1d
|
added conf.unescape global variable to control whether or not the injected statements should be unescaped
|
2012-07-10 01:37:16 +01:00 |
|
Bernardo Damele
|
f645ac6040
|
dealing with variables in SQL procs - issue #33
|
2012-07-10 01:05:03 +01:00 |
|
Bernardo Damele
|
2527554f8e
|
more work on #33
|
2012-07-10 00:53:07 +01:00 |
|
Bernardo Damele
|
c4af7b9aa0
|
initial work for issue #33
|
2012-07-10 00:27:08 +01:00 |
|
Bernardo Damele
|
d3da3f5c52
|
refactoring for issue #51
|
2012-07-10 00:19:32 +01:00 |
|
Bernardo Damele
|
99c5ea54f7
|
cleanup for #34
|
2012-07-09 12:39:43 +01:00 |
|
Miroslav Stampar
|
3ff28e58b4
|
Update regarding Issue #52
|
2012-07-08 19:24:25 +02:00 |
|
Miroslav Stampar
|
0d539a876d
|
Minor fix (subversion->github)
|
2012-07-07 23:49:34 +02:00 |
|
Miroslav Stampar
|
a525dd4336
|
Fix for Issue #72
|
2012-07-07 19:02:46 +02:00 |
|
Miroslav Stampar
|
f00a776d8d
|
Minor fix for BigArray (now accepting negative indexes)
|
2012-07-07 10:35:29 +02:00 |
|
Miroslav Stampar
|
8c871476ee
|
Some more refactoring
|
2012-07-06 17:34:40 +02:00 |
|
Miroslav Stampar
|
6bc0b34031
|
Some more refactoring
|
2012-07-06 17:28:01 +02:00 |
|
Miroslav Stampar
|
e948e4d45b
|
Some more refactoring
|
2012-07-06 17:18:22 +02:00 |
|
Miroslav Stampar
|
438a636973
|
Fix for issue Issue #60
|
2012-07-06 15:36:32 +02:00 |
|
Miroslav Stampar
|
6a05e3fd79
|
Fix for Issue #61
|
2012-07-06 14:24:44 +02:00 |
|
Miroslav Stampar
|
1ebff35b19
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-06 12:25:21 +02:00 |
|
Miroslav Stampar
|
982fcde1c0
|
Fix for Issue #62
|
2012-07-06 12:24:55 +02:00 |
|
Bernardo Damele
|
4fa6d51d93
|
improved issues link
|
2012-07-05 16:26:50 +01:00 |
|
Miroslav Stampar
|
c3c1b9e957
|
Minor restyling
|
2012-07-04 20:28:18 +02:00 |
|
Miroslav Stampar
|
23fb753759
|
Finishing work on Issue #52
|
2012-07-03 22:13:01 +02:00 |
|
Miroslav Stampar
|
40fc6488bf
|
Fix for Issue #56 (Google has changed few things for retrieving PR)
|
2012-07-03 21:00:18 +02:00 |
|
Miroslav Stampar
|
bbf41f6658
|
Removing debugging leftover
|
2012-07-03 16:50:05 +02:00 |
|
Miroslav Stampar
|
ada627a022
|
Another update for Issue #52
|
2012-07-03 16:49:34 +02:00 |
|
Miroslav Stampar
|
70f754f6c5
|
Making work on Issue #52
|
2012-07-03 16:34:11 +02:00 |
|
Bernardo Damele
|
793fa464e3
|
website url fix
|
2012-07-03 13:14:39 +01:00 |
|
Miroslav Stampar
|
481b46a004
|
Restyling output for Issue #52
|
2012-07-03 13:06:52 +02:00 |
|
Miroslav Stampar
|
3af1532700
|
Implementation for Issue #54
|
2012-07-03 12:09:18 +02:00 |
|
Miroslav Stampar
|
5af6ca58a0
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-03 00:50:45 +02:00 |
|
Miroslav Stampar
|
168aeadf76
|
Adding switch --output-dir (Issue #53)
|
2012-07-03 00:50:23 +02:00 |
|
Bernardo Damele
|
04d803c7fd
|
more tweaking for issue #34, it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)
|
2012-07-02 15:02:00 +01:00 |
|
Miroslav Stampar
|
8eefe4b71f
|
Getting back revision number - displayed like in GitHub commits (Issue #52)
|
2012-07-02 13:01:20 +02:00 |
|
Bernardo Damele
|
7b4ecd9df0
|
added skeleton code for issue #34, still not usable
|
2012-07-02 00:22:34 +01:00 |
|
Bernardo Damele
|
4736d46677
|
just in case..
|
2012-07-02 00:00:46 +01:00 |
|
Bernardo Damele
|
03d2c9c818
|
placeholder message when --update is provided, remove when the function is updated to pull changes from git
|
2012-07-01 23:59:44 +01:00 |
|
Miroslav Stampar
|
d7cd55fb28
|
Fix for Issue #47
|
2012-07-01 11:05:04 +02:00 |
|
Miroslav Stampar
|
21d9ae0a2c
|
some more refactoring
|
2012-07-01 01:19:54 +02:00 |
|
Miroslav Stampar
|
f6509db31a
|
minor refactoring
|
2012-07-01 00:33:19 +02:00 |
|
Miroslav Stampar
|
e51d3a02f1
|
Update for Issue #43 (renamed --disable-cracking to --disable-hash)
|
2012-06-28 18:53:47 +02:00 |
|
Miroslav Stampar
|
18b596ea75
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-06-28 18:48:18 +02:00 |
|
Miroslav Stampar
|
c8bac658f3
|
Fix for Issue #43
|
2012-06-28 18:47:55 +02:00 |
|
Miroslav Stampar
|
2a72fcce2b
|
Fix for Issue #42
|
2012-06-28 13:55:30 +02:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
ea5d483c86
|
session file no more
|
2012-06-21 11:19:30 +00:00 |
|
Miroslav Stampar
|
ec44e88db8
|
lots of refactoring regarding removal of already obsolete session file mechanism
|
2012-06-21 10:09:10 +00:00 |
|
Miroslav Stampar
|
1e67b4f0b9
|
minor fix
|
2012-06-20 14:16:26 +00:00 |
|
Miroslav Stampar
|
302d782a0f
|
minor style update
|
2012-06-19 08:33:51 +00:00 |
|
Miroslav Stampar
|
452ef202ae
|
minor fixes
|
2012-06-17 22:48:23 +00:00 |
|
Miroslav Stampar
|
b9f6943a42
|
minor update
|
2012-06-17 21:23:12 +00:00 |
|
Miroslav Stampar
|
06be7bbb18
|
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
|
2012-06-15 20:41:53 +00:00 |
|
Miroslav Stampar
|
76c873a222
|
minor fix
|
2012-06-15 06:22:44 +00:00 |
|
Miroslav Stampar
|
76584ff0fa
|
unhidding --test-filter
|
2012-06-14 14:36:53 +00:00 |
|
Miroslav Stampar
|
d2dd47fb23
|
some more refactoring
|
2012-06-14 13:52:56 +00:00 |
|
Miroslav Stampar
|
3a90105fbb
|
minor refactoring
|
2012-06-14 13:38:53 +00:00 |
|
Miroslav Stampar
|
1204eb00b2
|
minor fix
|
2012-06-14 12:46:32 +00:00 |
|
Miroslav Stampar
|
19c0efec59
|
just a minor refactoring
|
2012-06-14 09:10:28 +00:00 |
|
Miroslav Stampar
|
a51d8c4c79
|
replacing identifier safe char " with [] enclosing for MsSQL
|
2012-06-13 15:27:42 +00:00 |
|
Miroslav Stampar
|
367de838c1
|
minor update
|
2012-06-13 14:08:32 +00:00 |
|
Miroslav Stampar
|
d7f698fa14
|
minor update
|
2012-06-11 22:01:13 +00:00 |
|
Miroslav Stampar
|
058a9c59a2
|
fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)
|
2012-06-05 22:40:55 +00:00 |
|
Miroslav Stampar
|
f94ebe3107
|
minor fix (credentials were only set for the first target)
|
2012-06-04 22:30:12 +00:00 |
|
Miroslav Stampar
|
7b282b1d6c
|
adding support for newer SSL protocols
|
2012-06-04 19:46:28 +00:00 |
|
Miroslav Stampar
|
10b0639a96
|
making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE)
|
2012-06-04 09:24:46 +00:00 |
|
Miroslav Stampar
|
b1d82422a0
|
changing conf.dnsDomain to conf.dName just because of long text problems in help listing
|
2012-05-28 14:15:04 +00:00 |
|
Miroslav Stampar
|
76eeba10e2
|
unhiding --dns-domain switch
|
2012-05-27 18:41:06 +00:00 |
|
Miroslav Stampar
|
71ff081fde
|
minor update
|
2012-05-27 09:11:19 +00:00 |
|
Miroslav Stampar
|
d335ec0c34
|
turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars
|
2012-05-26 07:00:26 +00:00 |
|
Miroslav Stampar
|
db526bdbc0
|
minor update (tainted values are not checked any more in multipleTargets mode)
|
2012-05-25 09:52:17 +00:00 |
|
Miroslav Stampar
|
c394610740
|
adding switch --skip-urlencode to skip URL encoding of POST data
|
2012-05-24 23:30:33 +00:00 |
|
Miroslav Stampar
|
86fdad2bfa
|
minor update
|
2012-05-24 22:07:50 +00:00 |
|
Miroslav Stampar
|
eed8d7eb5d
|
finalizing support for IPv6
|
2012-05-24 21:55:57 +00:00 |
|
Miroslav Stampar
|
b6d37d766a
|
minor update regarding IPv6 support
|
2012-05-24 21:49:20 +00:00 |
|
Miroslav Stampar
|
92286104e3
|
minor just in case update
|
2012-05-24 21:39:10 +00:00 |
|
Miroslav Stampar
|
3e9c57d177
|
minor fix
|
2012-05-24 21:36:35 +00:00 |
|
Miroslav Stampar
|
be76928293
|
minor fix
|
2012-05-24 20:53:01 +00:00 |
|
Miroslav Stampar
|
2538e2d5b4
|
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
|
2012-05-22 09:33:22 +00:00 |
|
Miroslav Stampar
|
2c057d5b3d
|
minor style update
|
2012-05-21 22:40:52 +00:00 |
|
Miroslav Stampar
|
bbfa4b6d5d
|
minor update
|
2012-05-14 14:38:16 +00:00 |
|
Miroslav Stampar
|
333f8057a5
|
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
|
2012-05-14 14:06:43 +00:00 |
|
Miroslav Stampar
|
595f69fa2c
|
minor language update
|
2012-05-10 18:30:25 +00:00 |
|
Miroslav Stampar
|
35f400b45b
|
minor language upgrade
|
2012-05-10 18:25:12 +00:00 |
|
Miroslav Stampar
|
80aedbe284
|
adding a warning about --tor switch
|
2012-05-10 18:17:32 +00:00 |
|
Miroslav Stampar
|
b81fe42d4b
|
turning off null connection on -o when --tor used (not compatible)
|
2012-05-10 17:50:54 +00:00 |
|
Miroslav Stampar
|
efdd86ddcc
|
minor just in case patch
|
2012-05-10 14:22:34 +00:00 |
|
Miroslav Stampar
|
6367f59b98
|
minor code refactoring
|
2012-05-10 14:15:17 +00:00 |
|
Miroslav Stampar
|
1418ae9767
|
little refactoring of parseUnionPage together with a patch for some special case
|
2012-05-09 18:47:40 +00:00 |
|
Miroslav Stampar
|
37f2709197
|
making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)
|
2012-05-09 09:08:23 +00:00 |
|
Miroslav Stampar
|
64c241fe92
|
limiting original UNION query results to only 1 result (potentially speeding things up in some cases)
|
2012-05-08 13:45:53 +00:00 |
|
Miroslav Stampar
|
a121339395
|
automatically writing uncracked hashes to a file for eventual further processing
|
2012-05-08 10:46:05 +00:00 |
|
Miroslav Stampar
|
96299d3d5d
|
minor refactoring
|
2012-05-03 22:34:18 +00:00 |
|
Miroslav Stampar
|
cc28f6db6b
|
minor update
|
2012-05-01 20:43:16 +00:00 |
|
Miroslav Stampar
|
17efeaae7f
|
causing too much confusion among dummy users
|
2012-05-01 09:04:11 +00:00 |
|
Miroslav Stampar
|
694b14111f
|
skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set)
|
2012-04-27 13:16:51 +00:00 |
|
Miroslav Stampar
|
6f67dc85ee
|
adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical
|
2012-04-25 20:29:07 +00:00 |
|
Miroslav Stampar
|
cec432f94d
|
minor update
|
2012-04-23 14:43:59 +00:00 |
|
Miroslav Stampar
|
697768c01a
|
adding --purge-output to be one of mandatory switches
|
2012-04-23 14:42:24 +00:00 |
|
Miroslav Stampar
|
d57d5e4b2c
|
minor update
|
2012-04-23 14:33:36 +00:00 |
|
Miroslav Stampar
|
1eecfb3dce
|
adding new file related to the last commit
|
2012-04-23 14:25:16 +00:00 |
|
Miroslav Stampar
|
095b25e1d1
|
adding option '--purge'
|
2012-04-23 14:24:23 +00:00 |
|
Miroslav Stampar
|
be2da77bf8
|
minor update
|
2012-04-23 10:15:04 +00:00 |
|
Miroslav Stampar
|
21c6b52198
|
minor fix
|
2012-04-23 10:11:00 +00:00 |
|
Miroslav Stampar
|
2b1b4c0742
|
minor fix
|
2012-04-18 10:01:04 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
efd27d7ade
|
minor renaming
|
2012-04-17 08:41:19 +00:00 |
|
Miroslav Stampar
|
601d118c68
|
reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types)
|
2012-04-15 16:59:03 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
c7422546e1
|
tiny update
|
2012-04-11 23:01:38 +00:00 |
|
Miroslav Stampar
|
2bad73a981
|
minor update
|
2012-04-11 21:48:44 +00:00 |
|
Miroslav Stampar
|
e195de2093
|
correcting comment on reflective removal function
|
2012-04-11 21:41:48 +00:00 |
|
Miroslav Stampar
|
b45ae10da4
|
minor fixes
|
2012-04-11 21:36:37 +00:00 |
|
Miroslav Stampar
|
627bfc589f
|
some more updates in reflective removal mechanism
|
2012-04-11 21:26:00 +00:00 |
|
Miroslav Stampar
|
8b130f6497
|
minor improvement for reflective values (when missing first part of payload like in error reports)
|
2012-04-11 15:01:28 +00:00 |
|
Miroslav Stampar
|
01bd5d0ab2
|
some more updates for reflective mechanism
|
2012-04-11 10:41:33 +00:00 |
|
Miroslav Stampar
|
2e92d8636e
|
improvement of reflective mechanism
|
2012-04-11 08:58:03 +00:00 |
|
Miroslav Stampar
|
60ca44e0cf
|
minor adjustment
|
2012-04-11 08:35:09 +00:00 |
|
Miroslav Stampar
|
8541222080
|
minor update
|
2012-04-10 22:26:42 +00:00 |
|
Miroslav Stampar
|
9c2f244d47
|
minor fix
|
2012-04-10 22:20:53 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|
Miroslav Stampar
|
2223c884e5
|
minor refactoring
|
2012-04-05 12:55:26 +00:00 |
|
Miroslav Stampar
|
02924eb345
|
minor update
|
2012-04-04 23:47:06 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
1b2cd44255
|
proper fix
|
2012-04-04 10:35:52 +00:00 |
|
Miroslav Stampar
|
7031ef8e00
|
removing default values for referer and host from higher level/risk options
|
2012-04-04 10:34:27 +00:00 |
|
Miroslav Stampar
|
b0787f193c
|
getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)
|
2012-04-03 14:34:15 +00:00 |
|
Miroslav Stampar
|
33bb9c5f19
|
much cleaner approach in that "flat" representation of retrieved items in union technique
|
2012-04-03 13:56:11 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
2c28423cb8
|
minor update
|
2012-04-02 14:57:15 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
1e01203562
|
few just in case "patches"
|
2012-04-02 12:58:10 +00:00 |
|
Miroslav Stampar
|
d908d078dd
|
minor fix
|
2012-04-02 12:27:30 +00:00 |
|
Miroslav Stampar
|
abffc39929
|
minor update regarding DNS data retrieval task
|
2012-04-02 12:22:40 +00:00 |
|
Miroslav Stampar
|
f7a664b120
|
enablind DNS server for DNS data exfiltration
|
2012-03-31 12:08:27 +00:00 |
|
Miroslav Stampar
|
8be9cd4ac4
|
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
|
2012-03-31 10:22:50 +00:00 |
|
Miroslav Stampar
|
56638f9e95
|
making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection
|
2012-03-30 10:50:01 +00:00 |
|
Miroslav Stampar
|
79c3d6f2aa
|
minor update
|
2012-03-30 10:37:46 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
772ead8d03
|
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
|
2012-03-29 12:44:20 +00:00 |
|
Miroslav Stampar
|
60146481af
|
bug fix(es) (flags were used in place of count parameter in re.sub() calls)
|
2012-03-28 19:33:00 +00:00 |
|
Miroslav Stampar
|
9433bbe26d
|
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
|
2012-03-28 19:27:12 +00:00 |
|
Miroslav Stampar
|
7fd64df167
|
minor code cleaning
|
2012-03-28 13:31:07 +00:00 |
|
Miroslav Stampar
|
11132ba993
|
fix for a bug in reflection removal mechanism
|
2012-03-19 14:28:18 +00:00 |
|