Commit Graph

264 Commits

Author SHA1 Message Date
Miroslav Stampar
c1eb803ef5 Bug fix for MsSQL --hex --technique=E (NOT IN based queries were not working properly) 2012-10-28 21:16:51 +01:00
Miroslav Stampar
c1b8226329 Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery) 2012-10-28 00:36:09 +02:00
Miroslav Stampar
12fc9442b9 Tamper function(s) refactoring (really no need for returning headers as they are passed by reference) 2012-10-25 10:10:23 +02:00
Miroslav Stampar
b82eb3a1ae Fix for an Issue #210 2012-10-23 13:58:25 +02:00
Miroslav Stampar
f11a640e99 Undo of a previous commit (pdb left inside) 2012-10-22 14:39:35 +02:00
Miroslav Stampar
b913e2123d Displaying hex-decoded resulting output in --hex mode 2012-10-22 14:39:11 +02:00
Miroslav Stampar
e440b096c5 Fix for an Issue #202 2012-10-15 12:24:30 +02:00
Miroslav Stampar
d464678e10 Minor update for an Issue #49 2012-10-04 18:01:42 +02:00
Miroslav Stampar
84b05e2d18 Better treating of numeric values (Issue #49) 2012-10-04 16:08:37 +02:00
Miroslav Stampar
9129dac77b Minor fix for an Issue #134 2012-10-04 15:33:26 +02:00
Miroslav Stampar
461e5ebc5f Work for Issue #197 and Issue #49 2012-10-04 11:25:44 +02:00
Miroslav Stampar
bcbf0571a5 Implementation for an Issue #49 2012-10-02 14:23:58 +02:00
Miroslav Stampar
687f3991de Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g. 2012-09-26 11:27:43 +02:00
Miroslav Stampar
efe4c13ed1 Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments) 2012-09-25 14:36:15 +02:00
Miroslav Stampar
f26ea04e38 Fix for an Issue #175 2012-09-07 17:06:38 +02:00
Miroslav Stampar
cea5127ffd Update for an Issue #6 2012-09-06 15:51:38 +02:00
Miroslav Stampar
2c66ca39f1 Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0) 2012-08-22 09:53:53 +02:00
Miroslav Stampar
01f481c332 Minor refactoring of dictionaries 2012-08-21 11:19:15 +02:00
Miroslav Stampar
8ee9feafb9 Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries) 2012-08-20 21:57:25 +02:00
Bernardo Damele
92c2b3bd4c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-07-26 23:11:11 +01:00
Bernardo Damele
d492291744 working on issue #12 2012-07-26 23:11:07 +01:00
Miroslav Stampar
b3552494c4 Minor preparation for an Issue #48 2012-07-26 12:26:57 +02:00
Miroslav Stampar
f8c9868cb6 Implementation for an Issue #118 2012-07-24 15:34:50 +02:00
Miroslav Stampar
95e0d46e3e Fix for an Issue #110 2012-07-21 09:15:54 +02:00
Miroslav Stampar
08244c7ebf Fix for an Issue #104 2012-07-17 15:05:50 +02:00
Bernardo Damele
162da75a04 modified homepage address 2012-07-12 18:38:03 +01:00
Miroslav Stampar
3fd5119f3f Redesigning for Issue #75 2012-07-12 13:42:22 +02:00
Bernardo Damele
ee3aeb8dcf actual implementation of issue #75, still some work to do 2012-07-12 01:16:00 +01:00
Bernardo Damele
a5924739f6 minor code refactoring in preparation of ticket #75 2012-07-12 01:12:30 +01:00
Bernardo Damele
d3da3f5c52 refactoring for issue #51 2012-07-10 00:19:32 +01:00
Bernardo Damele
99c5ea54f7 cleanup for #34 2012-07-09 12:39:43 +01:00
Bernardo Damele
04d803c7fd more tweaking for issue #34, it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005) 2012-07-02 15:02:00 +01:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Miroslav Stampar
76c873a222 minor fix 2012-06-15 06:22:44 +00:00
Miroslav Stampar
2538e2d5b4 fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring 2012-05-22 09:33:22 +00:00
Miroslav Stampar
6367f59b98 minor code refactoring 2012-05-10 14:15:17 +00:00
Miroslav Stampar
37f2709197 making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it) 2012-05-09 09:08:23 +00:00
Miroslav Stampar
64c241fe92 limiting original UNION query results to only 1 result (potentially speeding things up in some cases) 2012-05-08 13:45:53 +00:00
Miroslav Stampar
694b14111f skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set) 2012-04-27 13:16:51 +00:00
Miroslav Stampar
6f67dc85ee adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical 2012-04-25 20:29:07 +00:00
Miroslav Stampar
6ebb621228 adding support for (custom) POST injection (marking injection point with '*' in conf.data) 2012-04-17 14:23:00 +00:00
Miroslav Stampar
efd27d7ade minor renaming 2012-04-17 08:41:19 +00:00
Miroslav Stampar
601d118c68 reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types) 2012-04-15 16:59:03 +00:00
Miroslav Stampar
8c6eb4faa9 adding support for PgSQL DNS data exfiltration 2012-04-07 14:06:11 +00:00
Miroslav Stampar
2223c884e5 minor refactoring 2012-04-05 12:55:26 +00:00
Miroslav Stampar
b0787f193c getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached) 2012-04-03 14:34:15 +00:00
Miroslav Stampar
2c28423cb8 minor update 2012-04-02 14:57:15 +00:00
Miroslav Stampar
1cd3c3f7af further update of DNS data retrieval mechanism through SQLi 2012-04-02 14:05:30 +00:00
Miroslav Stampar
d908d078dd minor fix 2012-04-02 12:27:30 +00:00
Miroslav Stampar
abffc39929 minor update regarding DNS data retrieval task 2012-04-02 12:22:40 +00:00