Miroslav Stampar
1a98095a93
minor improvement for that MySQL identification naming
2011-03-25 21:46:49 +00:00
Miroslav Stampar
48c4460e2c
bug fixed (there was a huge problem with space containing identifiers - fixed and tested for MySQL)
2011-03-25 21:22:06 +00:00
Miroslav Stampar
af39a441fa
minor improvement when --dbs returns no database names (like in many cases with MySQL 4)
2011-03-25 19:50:06 +00:00
Miroslav Stampar
f3858a5fcf
another fix related to the bug reported by Alone Shell
2011-03-24 17:08:14 +00:00
Miroslav Stampar
02379c01a2
minor update (will do "schema update" for sybase some other time; that COUNT(*) blew my mind)
2011-03-23 11:42:36 +00:00
Miroslav Stampar
0f7bce5c66
fixing a huge mess going on because of counting on error and union techniques
2011-03-23 11:36:40 +00:00
Miroslav Stampar
7ea45e9032
minor update for Sybase regarding last commit
2011-03-23 11:04:15 +00:00
Miroslav Stampar
b72cdfe9e6
fix for mssql regarding usage of schema names reported by jabra@spl0it.org
2011-03-23 10:40:34 +00:00
Miroslav Stampar
5291fe35c9
proper implementation of --dbs on Oracle (we are using now schema names as a counterpart to dbs in other DBMSes)
2011-03-21 11:29:43 +00:00
Bernardo Damele
74ef1e53c7
Minor bug fixes to --privileges for PostgreSQL query (corner case)
2011-03-11 14:54:41 +00:00
Miroslav Stampar
eb1cda7065
minor refactoring (more consistent)
2011-03-09 12:06:32 +00:00
Miroslav Stampar
62e3510387
minor refactoring
2011-03-09 11:37:37 +00:00
Miroslav Stampar
16b286982d
fix for a bug reported by nightman (AttributeError: 'list' object has no attribute 'split')
2011-03-07 09:50:43 +00:00
Bernardo Damele
60605b6e7c
Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only)
2011-02-27 12:14:13 +00:00
Miroslav Stampar
13f0d5ce00
minor bug fix
2011-02-22 14:51:42 +00:00
Miroslav Stampar
640ba5d744
minor refactoring
2011-02-22 14:19:39 +00:00
Bernardo Damele
3e8c204121
Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba
2011-02-21 16:00:56 +00:00
Miroslav Stampar
aac817935a
further improvement of MaxDB support
2011-02-20 22:41:42 +00:00
Miroslav Stampar
a3ba8b6928
--dump now works on MaxDB too
2011-02-20 22:07:12 +00:00
Miroslav Stampar
59e666d16e
--is-dba (related) update for Sybase
2011-02-20 17:28:06 +00:00
Miroslav Stampar
4d52f7fc6e
minor fix regarding --dump-table on Sybase for --technique=23
2011-02-20 16:58:01 +00:00
Miroslav Stampar
cc47737c44
minor update
2011-02-20 16:00:13 +00:00
Miroslav Stampar
2f9227bcce
Sybase update (--passwords)
2011-02-20 12:07:32 +00:00
Miroslav Stampar
f30dea74f3
more Sybase updates
2011-02-19 18:36:26 +00:00
Miroslav Stampar
b71bb321dd
some more Sybase updates
2011-02-19 18:04:27 +00:00
Miroslav Stampar
cec7694aac
some progress regarding SYBASE
2011-02-19 14:56:58 +00:00
Miroslav Stampar
e0efe453ab
minor update regarding Sybase support
2011-02-19 14:07:08 +00:00
Miroslav Stampar
de7ca5a27c
minor update
2011-02-19 09:40:41 +00:00
Miroslav Stampar
72fc0a0565
minor refactoring
2011-02-19 09:36:57 +00:00
Miroslav Stampar
5f4ffc9287
update regarding Sybase dumping
2011-02-19 00:36:47 +00:00
Miroslav Stampar
199f14df46
implementation of MySQL GROUP_CONCAT technique
2011-02-15 00:28:27 +00:00
Bernardo Damele
c078de894f
Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA
2011-02-10 14:24:04 +00:00
Bernardo Damele
a2c20acf94
Minor fixes once more
2011-02-10 11:34:16 +00:00
Miroslav Stampar
7539881ffa
fix for dump on Oracle but we still need to discuss some things around
2011-02-09 14:52:07 +00:00
Miroslav Stampar
caf6220c53
done with implementation for retrieving table names via access system table(s)
2011-02-09 10:50:38 +00:00
Miroslav Stampar
5050a76b59
update regarding reading of table names from access system tables
2011-02-09 10:33:29 +00:00
Miroslav Stampar
14c87ec80d
minor fix
2011-02-04 13:29:02 +00:00
Bernardo Damele
e3a3ae11cc
Proper return from error-based technique enumeration
2011-01-31 21:13:29 +00:00
Bernardo Damele
9fc0bedea8
Minor bug fixes
2011-01-30 21:01:57 +00:00
Miroslav Stampar
367d0639f0
refactoring (class names should always be Capital cased)
2011-01-28 16:36:09 +00:00
Bernardo Damele
77999fb39d
Allow in --sql-shell to always ('a') retrieve query output.
...
Minor bug fix in case with --columns it is not possible to retrieve a column datatype.
2011-01-20 21:49:06 +00:00
Bernardo Damele
bade0e3124
Major code refactoring - centralized all kb.dbms* info for both retrieval and set.
2011-01-19 23:06:15 +00:00
Bernardo Damele
daebb0010b
Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based.
...
Alignment of SQL statement payload packing/unpacking between all of the techniques.
Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too.
Minor code cleanup.
2011-01-18 23:02:11 +00:00
Bernardo Damele
e4e9b11b79
Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms.
2011-01-14 12:47:07 +00:00
Bernardo Damele
3c95d71ea5
Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase
2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0
Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
...
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Bernardo Damele
8a67aea754
One more step to fully working UNION exploitation after merge into detection phase
2011-01-12 01:13:32 +00:00
Bernardo Damele
8bdb7ec58c
Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet.
2011-01-12 00:47:39 +00:00
Bernardo Damele
06230e4d92
Minor code refactoring and cosmetics
2011-01-11 21:46:21 +00:00
Miroslav Stampar
0676b38063
revert of one thing for Bernardo and minor update
2011-01-10 10:30:17 +00:00
Miroslav Stampar
8e83a26acf
minor fix
2011-01-07 17:53:17 +00:00
Bernardo Damele
cc46940159
Minor refactoring
2011-01-07 17:10:32 +00:00
Miroslav Stampar
b313a20a3f
some fixes
2011-01-07 16:39:47 +00:00
Bernardo Damele
16a06117f7
Mere cosmetics
2011-01-07 16:36:32 +00:00
Miroslav Stampar
8a48baf789
update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised
2011-01-04 13:23:59 +00:00
Miroslav Stampar
b763feafd9
bug fix (TypeError: object of type 'NoneType' has no len())
2011-01-02 12:26:31 +00:00
Miroslav Stampar
f0dad2a1e4
minor bug fix (in multiple item search only last item was shown)
2011-01-02 12:23:36 +00:00
Miroslav Stampar
7b9d978cf9
minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax")
2011-01-02 11:01:20 +00:00
Miroslav Stampar
e28b9f26fc
minor fix
2011-01-02 08:01:01 +00:00
Miroslav Stampar
7ea3d060f6
some fixes/updates here and there
2011-01-01 12:41:51 +00:00
Miroslav Stampar
6f17e84e19
minor fix
2010-12-30 08:29:20 +00:00
Miroslav Stampar
a77b186aca
minor fix
2010-12-27 16:55:27 +00:00
Miroslav Stampar
5015f04826
minor update
2010-12-27 16:36:05 +00:00
Miroslav Stampar
9c1676bdfa
minor cosmetics
2010-12-27 14:44:00 +00:00
Miroslav Stampar
9fb0e0fc85
resume of brute forced data is now available
2010-12-27 14:17:20 +00:00
Miroslav Stampar
3d23f226ae
minor update
2010-12-27 11:47:50 +00:00
Miroslav Stampar
68462466f2
minor fix for a bug reported by shaohua pan (argument of type 'NoneType' is not iterable)
2010-12-27 11:36:36 +00:00
Miroslav Stampar
51a492e17d
pretty important commit (now dumped tables are prone to dictionary attack)
2010-12-27 10:56:28 +00:00
Miroslav Stampar
c8d5a6b980
update
2010-12-27 00:41:16 +00:00
Miroslav Stampar
89c2640d23
basic --search now works with MS Access
2010-12-26 23:50:16 +00:00
Miroslav Stampar
c4d6a367e9
this way order given in -C is preserved
2010-12-26 14:11:42 +00:00
Miroslav Stampar
c93f2a703d
minor update
2010-12-26 14:02:16 +00:00
Miroslav Stampar
e41acb6fc2
further ms access improvements
2010-12-26 02:13:56 +00:00
Miroslav Stampar
2c8115eed9
further improvement for ms access table dumping
2010-12-26 01:04:30 +00:00
Miroslav Stampar
5249762794
update
2010-12-25 16:46:33 +00:00
Miroslav Stampar
fb099615e2
minor update
2010-12-25 11:16:35 +00:00
Miroslav Stampar
6845d402fa
well, here and there, merry Christmas to all :)
2010-12-24 20:17:53 +00:00
Miroslav Stampar
706d8e0b88
development update (basic ms access dumping implemented)
2010-12-24 19:53:11 +00:00
Miroslav Stampar
7c06dbffc3
bug fix (AttributeError: 'unicode' object has no attribute 'sort')
2010-12-22 18:55:50 +00:00
Bernardo Damele
b3da473840
Minor bug fix when --dbs has only one DB name
2010-12-22 14:29:57 +00:00
Bernardo Damele
c9ab8ae60e
Bug fix to properly identify if current user is DBA (--is-dba) on MySQL
2010-12-22 14:06:01 +00:00
Miroslav Stampar
c89021f0bb
some fixes
2010-12-22 11:46:18 +00:00
Miroslav Stampar
385e208f38
code refactoring regarding standard output suppression and some threading issues
2010-12-21 14:21:24 +00:00
Miroslav Stampar
6b37ddada4
removed some blank trailing spaces (with extra/shutils/blanks.sh)
2010-12-21 10:31:56 +00:00
Miroslav Stampar
36862e2efa
update
2010-12-18 15:57:47 +00:00
Miroslav Stampar
a067e805fa
minor update
2010-12-17 22:23:01 +00:00
Miroslav Stampar
e98d9c08e1
dumping table is now possible on Firebird too
2010-12-12 14:38:07 +00:00
Miroslav Stampar
b1babeefe5
update regarding dumping of tables with blind on Sqlite
2010-12-11 22:00:16 +00:00
Miroslav Stampar
b02bd55edc
minor refactoring
2010-12-10 13:04:36 +00:00
Miroslav Stampar
5764816891
minor cosmetics
2010-12-03 22:28:09 +00:00
Miroslav Stampar
2cc167a42e
fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'"
2010-12-02 18:57:43 +00:00
Bernardo Damele
c22338ce90
Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more).
2010-11-29 11:47:58 +00:00
Miroslav Stampar
ba4ea32603
first working version of dictionary attack
2010-11-23 13:24:02 +00:00
Bernardo Damele
a34c1b287c
Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL)
2010-11-12 11:33:11 +00:00
Miroslav Stampar
42272ca78c
minor update
2010-11-11 22:26:36 +00:00
Miroslav Stampar
be992b4471
update regarding common columns existance check
2010-11-11 17:09:31 +00:00
Miroslav Stampar
4be0631161
refactoring of brute force techniques
2010-11-09 09:42:43 +00:00
Bernardo Damele
dac7436edf
Fix inconsistence with -b --error-test
2010-11-08 15:36:07 +00:00
Miroslav Stampar
862395ced1
further refactoring (all enumerations are now put into enums.py)
2010-11-08 09:20:02 +00:00
Miroslav Stampar
c8fe2fa8d8
minor fix
2010-11-04 22:00:14 +00:00
Miroslav Stampar
d7dbf814a0
fix/update for Access
2010-11-04 21:47:21 +00:00
Miroslav Stampar
6adee3792a
removed all trailing spaces from blank lines
2010-11-03 10:08:27 +00:00
Miroslav Stampar
4b56fa4f8f
now --tables work for MaxDB
2010-11-02 22:11:45 +00:00
Miroslav Stampar
b761523f3f
now --users works for MaxDB too
2010-11-02 21:52:48 +00:00
Miroslav Stampar
cd0d4135ac
implemented --banner for MaxDB and some minor fixes
2010-11-02 20:51:55 +00:00
Miroslav Stampar
685a8e7d2c
refactoring of hard coded dbms names
2010-11-02 11:59:24 +00:00
Miroslav Stampar
9d2c81baa9
more update for ms access
2010-11-02 11:06:47 +00:00
Bernardo Damele
486a113560
Consolidate logger messages for --*-test switches
2010-10-31 16:58:38 +00:00
Bernardo Damele
eab331ebd7
Minor bug fix
2010-10-31 13:46:08 +00:00
Bernardo Damele
65a0a8d285
Delegate urlencoding to agent.py only
2010-10-31 13:28:05 +00:00
Bernardo Damele
17e8abe841
Removed useless call to urlencode()
2010-10-31 12:47:22 +00:00
Miroslav Stampar
a921fe0d5d
fix for using --banner --stacked-test together
2010-10-29 15:31:24 +00:00
Miroslav Stampar
d75578c81f
some update regarding common tables
2010-10-29 09:00:51 +00:00
Miroslav Stampar
749e25a217
Implementation of --passwords for Sybase
2010-10-26 21:35:30 +00:00
Bernardo Damele
f5904d0bc0
Major bug fix to --union-test
2010-10-25 23:39:55 +00:00
Miroslav Stampar
8a9a57c709
update for Sybase and major bug fix for --passwords on MSSQL
2010-10-25 22:11:38 +00:00
Miroslav Stampar
9b56fbafbe
that Sybase is going to be pain in the ass
2010-10-25 21:43:13 +00:00
Bernardo Damele
debaf2215f
Consistency between cmdline.py, optiondict.py and sqlmap.conf and got rid of --union-use switch
2010-10-25 15:54:45 +00:00
Bernardo Damele
215175e3b7
Minor code adjustments
2010-10-25 14:11:47 +00:00
Miroslav Stampar
32728d14b7
fix for --union-use with --error-test
2010-10-25 12:25:29 +00:00
Miroslav Stampar
f8850e3f41
update (xml fix and refactoring)
2010-10-23 07:44:34 +00:00
Miroslav Stampar
a7a53af924
update for Sybase
2010-10-23 07:37:43 +00:00
Miroslav Stampar
a8e42a4f2b
bug fix
2010-10-23 06:42:21 +00:00
Miroslav Stampar
dec4d858b3
fix for Bug #207
2010-10-22 14:01:48 +00:00
Miroslav Stampar
1b2ec826bf
misc fixes regarding new query retrieval format
2010-10-21 23:17:06 +00:00
Miroslav Stampar
bc79eec702
removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)
2010-10-21 13:13:12 +00:00
Bernardo Damele
e73e06069b
Minor code refactoring
2010-10-20 22:09:03 +00:00
Miroslav Stampar
1b376c99a6
removed temp dictionary and replaced with kb.misc
2010-10-19 23:00:19 +00:00
Miroslav Stampar
6a8b1046d4
first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)
2010-10-19 12:02:04 +00:00
Bernardo Damele
e7c8be1d45
Minor layout adjustments
2010-10-15 15:37:15 +00:00
Miroslav Stampar
4f7f20b94f
sorry, cosmetics
2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136
large commit with copyright header modifications
2010-10-14 14:41:14 +00:00
Miroslav Stampar
8abcdae1b5
some update
2010-09-30 19:45:23 +00:00
Miroslav Stampar
cf8e92699c
changes regarding EXISTS feature
2010-09-30 12:35:45 +00:00
Miroslav Stampar
e176b36a7f
update
2010-09-24 22:09:33 +00:00
Miroslav Stampar
18db96c45f
fix for bug reported by David Guimaraes (colEntry = entry[index] - IndexError: list index out of range)
2010-09-01 09:25:21 +00:00
Miroslav Stampar
b0ba559af5
minor update
2010-08-31 14:31:17 +00:00
Miroslav Stampar
c4040ab297
fix for Feature #136
2010-08-31 14:25:37 +00:00
Miroslav Stampar
12a5ec9f3d
more unicode refactoring
2010-06-02 12:45:40 +00:00
Bernardo Damele
b798222dd7
Minor fixes
2010-05-30 14:53:13 +00:00
Bernardo Damele
06af405efd
Adapted and merged in patch to support XML output (-x switch) - still in beta.
...
Minor bug fixes and adjustments.
2010-05-28 16:43:04 +00:00
Miroslav Stampar
f24187f251
few fixes here and there
2010-05-28 12:47:03 +00:00
Miroslav Stampar
dc83f794ea
fix regarding proper string isinstance checking (including unicode)
2010-05-25 10:09:35 +00:00
Bernardo Damele
e0e2349529
Refactor to --search -C and minor bug fix - See #190 .
2010-05-17 16:16:49 +00:00
Bernardo Damele
c9ee11e0e4
Added support to search for tables (--search with -T). See #190 .
2010-05-16 20:46:17 +00:00
Bernardo Damele
65a05452f7
Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See #190 :
...
* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C
2010-05-07 13:40:57 +00:00
Bernardo Damele
90d9900371
Minor bug fix to consider --start and --stop also in partial UNION query SQL injection
2010-04-30 15:48:40 +00:00
Miroslav Stampar
17554759b7
implemented feature request from Ole Rasmussen regarding table name retrieval speedup
2010-04-15 09:36:13 +00:00
Bernardo Damele
b19de015c5
Minor bugs fixes
2010-03-31 13:52:51 +00:00
Bernardo Damele
5fdebb5d5b
Added support to directly connect also to Microsoft SQL Server database.
...
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00