Miroslav Stampar
36953221f8
few quick changes
2010-06-10 11:34:17 +00:00
Miroslav Stampar
eaef068c90
major bug fix (different HTTP content charsets are now properly handled)
2010-06-09 14:40:36 +00:00
Miroslav Stampar
12a5ec9f3d
more unicode refactoring
2010-06-02 12:45:40 +00:00
Bernardo Damele
e98b049e7f
Added unicode support also to PostgreSQL connector - see #184 .
2010-05-29 11:46:41 +00:00
Bernardo Damele
e811101dce
Minor bug fix
2010-05-28 23:39:52 +00:00
Miroslav Stampar
ac6ce478a0
just removing unneded and possible future source of confusion
2010-05-28 14:19:12 +00:00
Miroslav Stampar
a3db3c03c1
str() -> unicode()
2010-05-28 13:05:02 +00:00
Miroslav Stampar
94354d0862
removing previous fix
2010-05-28 11:53:27 +00:00
Bernardo Damele
f26de89216
Minor bug fix to correctly deal with unicode queries with -d
2010-05-28 11:32:10 +00:00
Miroslav Stampar
dc83f794ea
fix regarding proper string isinstance checking (including unicode)
2010-05-25 10:09:35 +00:00
Miroslav Stampar
5d5ebd49b6
introducing regex caching mechanism
2010-05-21 14:42:59 +00:00
Bernardo Damele
cda8da288c
Minor adjustment
2010-05-21 12:18:43 +00:00
Miroslav Stampar
f6bffb61d3
minor adjustment
2010-05-21 11:51:43 +00:00
Miroslav Stampar
460a1ba872
fix for my imperfect calculations :)
2010-05-21 11:41:49 +00:00
Miroslav Stampar
68e13c3872
periodical commit
2010-05-21 09:35:36 +00:00
Miroslav Stampar
b8a5a54395
minor update
2010-05-15 20:44:08 +00:00
Miroslav Stampar
4984ceac49
some code refactoring and minor speed up (jump prediction rule)
2010-05-14 15:20:34 +00:00
Miroslav Stampar
ed20f1cf33
some more speed up (one time compilation of popular regexes)
2010-05-14 14:48:54 +00:00
Miroslav Stampar
3ead88c364
minor tweak
2010-05-14 14:36:54 +00:00
Miroslav Stampar
131789a6e4
some code refactoring
2010-05-14 14:21:13 +00:00
Miroslav Stampar
5396f13bab
added CPU throttling for lowering sqlmap's CPU intensivity
2010-05-13 15:19:28 +00:00
Miroslav Stampar
ca3e12ae73
added calculateDeltaSeconds method for dealing with non-deterministic time behaviour in some cases (e.g. WAITFOR DELAY in case of MSSQL)
2010-05-13 11:05:35 +00:00
Bernardo Damele
8b74c405f5
Minor output bug fix
2010-05-11 14:15:03 +00:00
Bernardo Damele
457d32c73e
Proper displaying of debug messages (-v >= 2)
2010-05-11 13:58:53 +00:00
Bernardo Damele
44ea8f1861
Minor adjustment
2010-05-06 11:00:58 +00:00
Bernardo Damele
147e14356d
Major bug fix (reported by Thierry Zoller)
2010-05-06 10:52:40 +00:00
Miroslav Stampar
4928c684b3
one more thing
2010-05-04 08:45:10 +00:00
Miroslav Stampar
789dd6c66f
more quick fixes
2010-05-04 08:43:14 +00:00
Miroslav Stampar
af701cdaa2
better way to handle that last commit problem
2010-05-04 08:36:35 +00:00
Miroslav Stampar
5bc07426e0
added exception handler around block reported by Thierry Zoller
2010-05-04 08:03:48 +00:00
Bernardo Damele
90d9900371
Minor bug fix to consider --start and --stop also in partial UNION query SQL injection
2010-04-30 15:48:40 +00:00
Bernardo Damele
a1b1f960cc
Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function
2010-04-23 16:34:20 +00:00
Miroslav Stampar
1aeaa5db47
implementation of Feature #176 (Safe URL: avoid being kicked out after N unsuccessful requests)
2010-04-16 12:44:47 +00:00
Bernardo Damele
5e86087cb1
Minor bug fix for -d to avoid resuming queries when they're SELECT on sqlmap own tables, aligned to same resume of -u now.
2010-04-15 10:06:38 +00:00
Bernardo Damele
eecee3b274
Added resume functionality to -d and fixed logging with -d
2010-04-12 09:35:20 +00:00
Bernardo Damele
b72ddb6f1e
Fixes non-deterministic unsorted results for most of the DBMSes - see #185
2010-04-09 15:48:53 +00:00
Miroslav Stampar
63c70018ca
fix for that update (conf.cj) problem mentioned by shiftzwei@gmail.com
2010-04-09 10:16:15 +00:00
Miroslav Stampar
6e7be5edb0
another fix
2010-04-06 15:51:36 +00:00
Miroslav Stampar
c303feab17
fix
2010-04-06 15:14:32 +00:00
Miroslav Stampar
e2810003ae
more update
2010-04-06 15:12:52 +00:00
Bernardo Damele
5fdebb5d5b
Added support to directly connect also to Microsoft SQL Server database.
...
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00
Miroslav Stampar
bfc12e93c5
ms access returns -1 for True
2010-03-30 11:33:51 +00:00
Bernardo Damele
a0290a257b
Added support to connect directly also to Oracle - see #158
2010-03-27 21:50:19 +00:00
Bernardo Damele
1416cd0d86
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
...
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Bernardo Damele
8e57767c48
Fixes #180 - properly url encode sqlmap payload in POST/Cookie too, like for GET
2010-03-23 10:27:39 +00:00
Bernardo Damele
d13ad8b2d7
fixes #181 - proper save/resume information about single entry UNION SQL injection
2010-03-22 15:39:29 +00:00
Bernardo Damele
72f3674844
Minor bug fix
2010-03-18 17:36:58 +00:00
Bernardo Damele
0d559d14df
Initial support for SQLite (90% approx).
...
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Bernardo Damele
466df89c4a
Fixes #178 and #179 - proper handling of custom redirects
2010-03-16 14:30:57 +00:00
Bernardo Damele
3b3353e05b
Revert last commit
2010-03-16 13:56:36 +00:00
Miroslav Stampar
1dfe558d3d
Fix for Issue #177
2010-03-16 13:11:44 +00:00
Bernardo Damele
323cf2b7f2
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 12:14:02 +00:00
Bernardo Damele
6d0ea86414
Fixes #59 - proper customizable redirect (302 and 301)
2010-03-15 14:24:43 +00:00
Miroslav Stampar
91dd609e26
fixed threading bug (difflib :)
2010-03-10 14:14:27 +00:00
Bernardo Damele
156fdd96ef
Updated copyright
2010-03-03 15:26:27 +00:00
Miroslav Stampar
a0f5c3d885
minor update
2010-02-25 13:45:28 +00:00
Miroslav Stampar
3e152f8b20
minor code refactoring
2010-02-25 13:33:52 +00:00
Miroslav Stampar
28d5248c04
one more fix regarding localhost/global proxy issue
2010-02-25 13:30:22 +00:00
Miroslav Stampar
542b01993e
minor fix regarding exception handling of multi-part post handler
2010-02-09 14:02:47 +00:00
Miroslav Stampar
a6674edf8a
regular expressions revisited
2010-02-09 13:01:08 +00:00
Miroslav Stampar
ec63fc4036
code refactoring - added functions posixToNtSlashes and ntToPosixSlashes
2010-02-04 14:37:00 +00:00
Miroslav Stampar
e4699f389d
some bug fixes regarding --os-shell usage against windows servers
2010-02-04 09:49:31 +00:00
Miroslav Stampar
ea045eaa2f
fixed serious issue with adding file paths into kb.absFilePaths (dirname was wrongly added, and afterwards getDirs used dirname of dirname)
...
also, fixed some issues with Windows paths
2010-02-03 16:40:12 +00:00
Miroslav Stampar
7c88e32f9d
bug fix for 404 program termination during shell upload attempt
2010-02-03 16:16:34 +00:00
Miroslav Stampar
8b0d31a6b7
fix for cases where both posix and nt path versions of windows paths are in parsed web page
2010-02-03 15:34:20 +00:00
Miroslav Stampar
25f1a9c7d0
upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this)
2010-02-03 15:06:41 +00:00
Miroslav Stampar
98205cc488
another fix for Bug #148
2010-01-23 23:29:34 +00:00
Miroslav Stampar
39652bfbf4
update regarding Unicode char logging (Bug #148 )
2010-01-23 15:36:55 +00:00
Bernardo Damele
574880ba73
Warn user of HTTP error codes in HTTP responses
2010-01-19 10:27:54 +00:00
Bernardo Damele
c18a5cb92f
Fixed a minor bug when displaying requested page in -v >= 3
2010-01-16 21:47:52 +00:00
Miroslav Stampar
f5c422efb4
updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before
2010-01-15 11:44:05 +00:00
Bernardo Damele
505647b00f
Minor bug fix to --cookie-urlencode
2010-01-15 11:24:30 +00:00
Miroslav Stampar
26c7b74e65
changes regarding Data (GET/POST/Cookie) encoding (Bug #129 )
2010-01-14 18:05:03 +00:00
Miroslav Stampar
d07f60578c
implementation of Feature #17
2010-01-07 12:59:09 +00:00
Bernardo Damele
80df1fdcf9
Minor bug fix with --sql-query/shell when providing a statement with DISTINCT
2010-01-05 16:15:31 +00:00
Miroslav Stampar
71547a3496
getDocRoot changes
2010-01-05 11:30:33 +00:00
Miroslav Stampar
d71e47ce56
fix regarding dirnames in Feature #110
2010-01-04 12:39:07 +00:00
Miroslav Stampar
96a033b51d
found and fixed few bugs regarding my "fix" of Bug #110
2010-01-03 15:56:29 +00:00
Bernardo Damele
d5b1863dec
Updated documentation and svn properties
2010-01-02 02:07:28 +00:00
Bernardo Damele
ce022a3b6e
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 02:02:12 +00:00
Bernardo Damele
9c620da0a5
Minor fix
2009-12-31 12:34:18 +00:00
Bernardo Damele
c1c14dabd9
Minor bug fix
2009-12-21 11:21:18 +00:00
Bernardo Damele
e4e081cdc6
sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.
2009-12-17 22:04:01 +00:00
Bernardo Damele
89c43893d4
Merged back from personal branch to trunk (svn merge -r846:940 ...)
...
Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.
2009-09-25 23:03:45 +00:00
Bernardo Damele
93ee4a01e5
HTTPS requests over HTTP proxy now work on either Python 2.4, 2.5 and 2.6+
2009-05-20 14:27:25 +00:00
Bernardo Damele
8e7282f7c7
Major bug fix to properly pass HTTPS request to HTTP proxy when its provided. It works with both Python 2.4 and Python 2.5 now. It still crashes at httplib level with Python 2.6.
2009-05-20 13:51:25 +00:00
Bernardo Damele
c5d20b8a86
Initial support for ASP web backdoor functionality
2009-05-06 12:14:38 +00:00
Bernardo Damele
58f3eee390
Updated Microsoft SQL Server XML signatures file and minor bug fix in connection library
2009-04-28 11:11:35 +00:00
Bernardo Damele
1d7de719b9
Almost done with web backdoor functionality
2009-04-28 11:05:07 +00:00
Bernardo Damele
16b4530bbe
Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).
...
Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS.
2009-04-27 23:05:11 +00:00
Bernardo Damele
8c0ac767f4
Updated to sqlmap 0.7 release candidate 1
2009-04-22 11:48:07 +00:00
Bernardo Damele
2efee058ea
Major enhancement in comparison algorithm
2009-02-12 00:17:44 +00:00
Bernardo Damele
ba00a17205
Minor layout adjustment
2009-02-09 10:58:44 +00:00
Bernardo Damele
207e96e2b2
Major bug fix in the comparison algorithm to correctly handle also the
...
case that the url is stable and the False response changes the page
content very little.
2009-02-09 10:28:03 +00:00
Bernardo Damele
770e000cb4
Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs
2009-02-02 23:44:19 +00:00
Bernardo Damele
a8d57bb031
Avoid DeprecationWarning with Python 2.6+
2009-01-22 23:53:01 +00:00
Bernardo Damele
793c323b2a
Major bug fixes
2009-01-22 22:28:27 +00:00
Bernardo Damele
5560f0b68a
Updated the copyright
2009-01-12 21:35:38 +00:00
Bernardo Damele
9c42a883be
Major bug fix to make it work properly with MSSQL custom limited (SELECT
...
TOP ...) queries with both inferential blind and Full UNION query
injection
2009-01-02 23:26:45 +00:00
Bernardo Damele
c83593c044
Limited custom query now works also on Oracle in inferential blind SQL
...
injection technique
2008-12-23 23:34:50 +00:00