5571 Commits

Author	SHA1	Message	Date
Miroslav Stampar	6cc69f5e16	now --technique is appliable also after the injections have been identified	2011-01-24 16:47:24 +00:00
Miroslav Stampar	81011be0d7	minor update of parseTargetUrl method	2011-01-24 14:52:50 +00:00
Miroslav Stampar	4093599f38	added parseTargetUrl to redirect choice	2011-01-24 14:45:35 +00:00
Bernardo Damele	e1db2700f0	Minor bug fix to properly deal --prefix and --suffix and parameter replace payloads	2011-01-24 12:25:45 +00:00
Miroslav Stampar	8d0c2efbe2	unescaping of char marked payloads	2011-01-24 12:00:16 +00:00
Miroslav Stampar	4441e11f68	fix for case -r with no params and cookie available	2011-01-24 11:26:51 +00:00
Bernardo Damele	47fa600c04	Minor fix and cosmetics	2011-01-24 11:12:33 +00:00
Miroslav Stampar	a3e3387113	fix for proper Firebird resume of version	2011-01-24 11:04:32 +00:00
Miroslav Stampar	c1145c244e	fix for user-agent injections	2011-01-23 23:23:30 +00:00
Miroslav Stampar	818c9787b2	minor update	2011-01-23 21:20:16 +00:00
Miroslav Stampar	b18397fbc7	major revisit of --os-shell methods	2011-01-23 20:47:06 +00:00
Miroslav Stampar	ff7707579f	minor improvement	2011-01-23 11:35:24 +00:00
Miroslav Stampar	f5ff78d40c	revert	2011-01-23 11:21:27 +00:00
Miroslav Stampar	97f66a87c5	minor improvement over last version - case insensitive and takes in count cases like " UNION ALL selects " from MySQL error message	2011-01-23 10:51:57 +00:00
Miroslav Stampar	3a5f0760f6	minor optimization (only way to prematurely stop SAX parser)	2011-01-23 10:12:01 +00:00
Miroslav Stampar	30cd877c4a	fix for URI based injections	2011-01-22 16:23:33 +00:00
Miroslav Stampar	7c4c79477d	world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql)	2011-01-21 18:32:10 +00:00
Bernardo Damele	03a880c6f1	Got rid of progression log message as it overlaps with WARNINGS (like "Got 500") and with --parse-errors	2011-01-20 22:02:20 +00:00
Bernardo Damele	0f2634c4b0	Minor bug fix to properly cast to string also the COUNT() query in error-based technique (as it's concatenated to random strings for identification in page response) and int-string concatenation is not supported in all DBMS (like Oracle)	2011-01-20 22:01:21 +00:00
Bernardo Damele	97573693be	Minor bug fix to properly handle in -d data retrieval statement not starting with SELECT	2011-01-20 21:59:47 +00:00
Bernardo Damele	f1b402b103	Proper handling of CASE in Oracle, finally	2011-01-20 21:58:50 +00:00
Bernardo Damele	4128b2c87f	Enforce that when --prefix is provided, --suffix is too and viceversa.	2011-01-20 21:57:54 +00:00
Bernardo Damele	7d1c704575	Moved little precaution from checks.py to common.py. ... Initial refactoring of kb.os* get/set.	2011-01-20 21:56:10 +00:00
Bernardo Damele	9770db597e	Centralization of unescape()	2011-01-20 21:55:13 +00:00
Bernardo Damele	e734efcda7	Removed deprecated code	2011-01-20 21:50:58 +00:00
Miroslav Stampar	496a84c356	minor update	2011-01-20 18:32:04 +00:00
Miroslav Stampar	dd7262d9e6	we haven't closed session file for previous target which lead to potentially nasty problems in multi target mode	2011-01-20 17:53:49 +00:00
Miroslav Stampar	ad12242151	LoL (removing those checks because we use same "logic" for parsing Burp log files and request files)	2011-01-20 16:27:59 +00:00
Miroslav Stampar	e8c037de1a	minor update	2011-01-20 16:17:38 +00:00
Miroslav Stampar	4e5f0da1ae	minor update	2011-01-20 16:07:08 +00:00
Miroslav Stampar	2fa066f892	added support for WebScarab logs	2011-01-20 15:55:50 +00:00
Miroslav Stampar	345e2288e1	important fix regarding encoding stuff	2011-01-20 13:54:18 +00:00
Miroslav Stampar	f6f4b5e9dd	bug fix for charset used in inference for pages retrieved with --null-connection	2011-01-20 11:01:01 +00:00
Miroslav Stampar	a4a0f10950	minor minor minor	2011-01-20 09:25:34 +00:00
Bernardo Damele	701947490b	Two major bug fixes related to UNION technique query forging	2011-01-19 23:46:39 +00:00
Miroslav Stampar	7a060e756d	dummy fix for SQLite schema retrieval (lots of spaces inside)	2011-01-19 23:16:22 +00:00
Bernardo Damele	bade0e3124	Major code refactoring - centralized all kb.dbms* info for both retrieval and set.	2011-01-19 23:06:15 +00:00
Miroslav Stampar	4bdc19d879	minor cosmetics	2011-01-19 22:48:06 +00:00
Miroslav Stampar	c106dc829a	more proper way to deal with this because without it warn message is just fast scrolled while leaving users confused (why it doesn't run)	2011-01-19 22:08:56 +00:00
Miroslav Stampar	7ad41f9b19	bug fix (UnboundLocalError: local variable 'colType' referenced before assignment)	2011-01-19 21:46:43 +00:00
Miroslav Stampar	aea43a1e43	minor refactoring	2011-01-19 15:26:57 +00:00
Miroslav Stampar	eadaf680de	fuck yea	2011-01-19 15:25:48 +00:00
Miroslav Stampar	89e0fd0709	back to roots	2011-01-19 14:06:26 +00:00
Bernardo Damele	33485198e1	Code cleanup	2011-01-18 23:05:32 +00:00
Bernardo Damele	eda0b41859	Added a precaution when, in some rare circumstances, fingerprinted DBMS differ during detection phase. ... Adapted UNION tests' titles when --union-char is provided. Lots of comment adjustments. Code cleanup	2011-01-18 23:03:50 +00:00
Bernardo Damele	cffa17f5a6	Major bug fix - before it raised a traceback, now works.	2011-01-18 23:02:47 +00:00
Bernardo Damele	daebb0010b	Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based. ... Alignment of SQL statement payload packing/unpacking between all of the techniques. Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too. Minor code cleanup.	2011-01-18 23:02:11 +00:00
Miroslav Stampar	38d0958781	minor fix (for numeric columns with all 0)	2011-01-18 11:42:36 +00:00
Bernardo Damele	3822b494ea	Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns.	2011-01-17 23:43:37 +00:00
Bernardo Damele	c2a358561f	Proper support for --union-cols	2011-01-17 22:57:33 +00:00
Bernardo Damele	35fb50a6ee	Major bug fix	2011-01-17 22:56:04 +00:00
Bernardo Damele	47565f9459	Minor code refactoring	2011-01-17 21:13:59 +00:00
Miroslav Stampar	041abb56e2	you can't believe how much man can learn when having good testing points	2011-01-17 13:59:22 +00:00
Miroslav Stampar	d225c5c9aa	was wrong about this one (just now tested on a real site)	2011-01-17 11:00:09 +00:00
Miroslav Stampar	ac0b5e6dbc	proper way to handle this (console output has totally different encoding than the page one)	2011-01-17 10:27:36 +00:00
Miroslav Stampar	34d13be0d3	minor update regarding default page encoding	2011-01-17 10:23:37 +00:00
Miroslav Stampar	5c857779c1	important fix for unicode based character inference	2011-01-17 10:15:19 +00:00
Miroslav Stampar	99a3a3b89c	minor fix (break if all found)	2011-01-17 09:41:25 +00:00
Miroslav Stampar	0fcca671bd	information update regarding common password suffixes	2011-01-17 09:28:25 +00:00
Miroslav Stampar	a835f233ac	fix for a bug reported by buawig@gmail.com (AttributeError: 'module' object has no attribute 'set_completer')	2011-01-17 00:17:31 +00:00
Miroslav Stampar	2041361695	minor cosmetics	2011-01-16 23:20:52 +00:00
Miroslav Stampar	e2c821eb81	minor cosmetics	2011-01-16 22:35:54 +00:00
Miroslav Stampar	e881465a9f	minor improvement	2011-01-16 20:55:07 +00:00
Miroslav Stampar	f5e36876e7	removing --text-only from that "dynamicity" warning selection (other two are more preferable) and minor cosmetics/consistency	2011-01-16 19:29:06 +00:00
Miroslav Stampar	a6516798c0	proper fix for that previous "stacked" fix (that one screwed other injection types)	2011-01-16 19:25:10 +00:00
Miroslav Stampar	5476a8a27e	russian sites are great for testing :)	2011-01-16 19:00:19 +00:00
Miroslav Stampar	19dcaeaabf	fix for "Payload: id=1 ; SELECT PG_SLEEP(5);--" (blank space was added in case when prefixes weren't stated)	2011-01-16 18:25:18 +00:00
Miroslav Stampar	718eef8753	minor fix	2011-01-16 18:11:35 +00:00
Miroslav Stampar	30d6791968	update regarding time based data retrieval	2011-01-16 17:52:42 +00:00
Miroslav Stampar	ec1ab3cd2a	removing timeSec from injection configuration attributes as it highly depends on current connection "variables"	2011-01-16 12:12:01 +00:00
Miroslav Stampar	2001bad7e1	automatic adjustment of timeSec for delayed queries	2011-01-16 12:04:32 +00:00
Miroslav Stampar	71391874eb	slightly faster and thread safer inference	2011-01-16 10:52:42 +00:00
Bernardo Damele	0fc4ebdc1b	Major bug fix. ... Minor code refactoring.	2011-01-16 01:17:09 +00:00
Bernardo Damele	c0d5daee99	More refactoring and cleanup	2011-01-16 00:15:30 +00:00
Miroslav Stampar	29ea0950b6	now False is also affected (along with None and "")	2011-01-15 23:43:26 +00:00
Bernardo Damele	6e4b65a822	Minor refactoring	2011-01-15 23:28:31 +00:00
Bernardo Damele	558f3894f4	Minor improvement	2011-01-15 23:20:52 +00:00
Bernardo Damele	d3a28124b1	More code cleanup	2011-01-15 23:11:36 +00:00
Bernardo Damele	4a35f598b8	Minor refactoring	2011-01-15 22:09:53 +00:00
Miroslav Stampar	0f565c941e	bug fix and proper warning message	2011-01-15 16:59:53 +00:00
Miroslav Stampar	e105e1ea32	bug fix (some sites raise 404 during union tests)	2011-01-15 16:42:33 +00:00
Miroslav Stampar	3873d204bb	important update for dictionary attack	2011-01-15 15:56:11 +00:00
Miroslav Stampar	e17ac5fdca	update	2011-01-15 15:14:22 +00:00
Miroslav Stampar	5bdb50c224	code review part 3	2011-01-15 13:15:10 +00:00
Miroslav Stampar	1fa8f0cba7	code reviewing part 2	2011-01-15 12:53:40 +00:00
Miroslav Stampar	6a0e0cde3c	code review of modules in lib/core directory	2011-01-15 12:13:45 +00:00
Miroslav Stampar	05b2a338fe	cosmetics	2011-01-14 16:12:44 +00:00
Miroslav Stampar	bff989d348	minor update	2011-01-14 15:43:53 +00:00
Miroslav Stampar	daf5662eab	update	2011-01-14 15:33:49 +00:00
Bernardo Damele	1cfd6a6b9d	Code cleanup	2011-01-14 15:16:34 +00:00
Miroslav Stampar	08f7e20c51	minor code refactoring	2011-01-14 14:55:59 +00:00
Miroslav Stampar	fb9d7cdfaa	refactoring, code clearing and removal of obsolete switch --longest-common	2011-01-14 14:37:03 +00:00
Bernardo Damele	534f51f9fc	Minor bug fix	2011-01-14 14:20:28 +00:00
Bernardo Damele	e4e9b11b79	Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms.	2011-01-14 12:47:07 +00:00
Bernardo Damele	3c95d71ea5	Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase	2011-01-14 11:55:20 +00:00
Bernardo Damele	7d9fd5a7b7	Minor bug fix	2011-01-14 09:49:14 +00:00
Miroslav Stampar	b2c7ae77d4	minor update	2011-01-14 09:45:47 +00:00
Miroslav Stampar	676b95b30a	minor code refactoring	2011-01-14 09:44:56 +00:00
Bernardo Damele	f8c04ce020	Minor bug fix	2011-01-13 20:59:13 +00:00
Bernardo Damele	2ac8debea0	Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. ... Minor bug fixes thanks to previous refactoring too.	2011-01-13 17:36:54 +00:00
Miroslav Stampar	a1d1f69c3f	revert	2011-01-13 15:28:08 +00:00
Miroslav Stampar	d937e27b19	minor fix	2011-01-13 15:19:37 +00:00
Miroslav Stampar	b0fdbdb13b	minor update	2011-01-13 15:15:56 +00:00
Bernardo Damele	877ea31521	Verbose docstring	2011-01-13 12:05:14 +00:00
Miroslav Stampar	ac5b49f555	update	2011-01-13 11:24:03 +00:00
Bernardo Damele	af4ee81e62	Cosmetics	2011-01-13 11:23:07 +00:00
Miroslav Stampar	ece2eb31ca	minor update	2011-01-13 11:08:29 +00:00
Bernardo Damele	ee4727850c	Minor bug fix	2011-01-13 10:29:47 +00:00
Bernardo Damele	ca33728fbc	Minor fix to avoid query splitting/unpacking when the statement is EXISTS()	2011-01-13 10:00:40 +00:00
Bernardo Damele	be6e2d6a31	Important bug fix. ... Minor code restyling.	2011-01-13 09:41:55 +00:00
Bernardo Damele	b3a0f38f3f	Minor code refactoring and added internal debug prints	2011-01-12 12:03:23 +00:00
Bernardo Damele	af9725214a	Properly deal with partial (single entry) UNION injections. ... Got rid of kb.union*, now it's all stored/used from kb.injection. Minor bug fix with where=2 detection phase.	2011-01-12 12:01:32 +00:00
Bernardo Damele	3cff42986f	Code cleanup	2011-01-12 01:17:04 +00:00
Bernardo Damele	8a67aea754	One more step to fully working UNION exploitation after merge into detection phase	2011-01-12 01:13:32 +00:00
Bernardo Damele	b5c6f7556f	Minor update	2011-01-12 00:53:48 +00:00
Bernardo Damele	8bdb7ec58c	Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet.	2011-01-12 00:47:39 +00:00
Bernardo Damele	873951ab92	Proper fix to avoid UNION test false positives	2011-01-11 23:59:02 +00:00
Bernardo Damele	c2e994e806	Minor adjustment	2011-01-11 23:56:04 +00:00
Bernardo Damele	5c7c3c76c3	Fixed previous bug in getErrorParsedDBMSes() call in detection phase. ... Added minor support to escape quotes in UNION payloads during detection phase.	2011-01-11 23:47:32 +00:00
Bernardo Damele	aa49aa579f	Major bug fix	2011-01-11 23:09:06 +00:00
Bernardo Damele	2f5995a7eb	Added generic and mysql UNION tests from 1 to 25 columns. ... Adapted config file and command line removing now outdated --union-test switch. Minor bug fix. Minor code refactoring. Got rid of some debug messages, standardized logging of UNION tests.	2011-01-11 22:56:21 +00:00
Bernardo Damele	300128042c	First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. ... Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY.	2011-01-11 22:18:47 +00:00
Bernardo Damele	06230e4d92	Minor code refactoring and cosmetics	2011-01-11 21:46:21 +00:00
Miroslav Stampar	e3146464da	minor fix for a bug reported by nightman	2011-01-11 12:27:22 +00:00
Miroslav Stampar	643c464268	minor fix	2011-01-11 12:16:20 +00:00
Miroslav Stampar	394b6bc029	reverting some changes	2011-01-11 12:11:33 +00:00
Miroslav Stampar	54e0ba935a	minor update	2011-01-11 12:08:36 +00:00
Miroslav Stampar	690281dce1	didn't know this to be honest	2011-01-11 10:17:22 +00:00
Miroslav Stampar	0676b38063	revert of one thing for Bernardo and minor update	2011-01-10 10:30:17 +00:00
Miroslav Stampar	77b51dae57	adding openFile method with an exception block around file opening part	2011-01-08 09:30:10 +00:00
Miroslav Stampar	e3899f7467	fix of a fix	2011-01-07 18:07:18 +00:00
Miroslav Stampar	8e83a26acf	minor fix	2011-01-07 17:53:17 +00:00
Miroslav Stampar	ed2aed972f	minor fix	2011-01-07 17:38:28 +00:00
Bernardo Damele	27628dca42	cosmetics	2011-01-07 17:25:22 +00:00
Bernardo Damele	97ae7e330f	cosmetics	2011-01-07 17:10:58 +00:00
Bernardo Damele	e373dac1f2	Cosmetics	2011-01-07 16:50:39 +00:00
Miroslav Stampar	c17714c423	suppress session in case of brute methods	2011-01-07 16:47:46 +00:00
Miroslav Stampar	b313a20a3f	some fixes	2011-01-07 16:39:47 +00:00
Bernardo Damele	16a06117f7	Mere cosmetics	2011-01-07 16:36:32 +00:00
Miroslav Stampar	1a079c62cb	minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones)	2011-01-07 16:08:01 +00:00
Bernardo Damele	1c86ec374e	Code refactoring and cosmetics	2011-01-07 15:41:09 +00:00
Miroslav Stampar	a8d660db54	fixes for bugs reported by pragmatk@gmail.com	2011-01-06 16:59:58 +00:00
Miroslav Stampar	c968b438f2	Ctrl+C added to union dump	2011-01-06 09:48:04 +00:00
Miroslav Stampar	0616edcc44	adding progress to --union-test	2011-01-06 09:26:01 +00:00
Miroslav Stampar	8b9a624546	added progress into union based entry retrieval	2011-01-06 09:10:20 +00:00
Miroslav Stampar	cc9ca802bf	minor update	2011-01-06 08:54:50 +00:00
Miroslav Stampar	1297df66da	fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed)	2011-01-06 08:04:59 +00:00
Miroslav Stampar	694a65f6f1	minor fix/update	2011-01-05 13:32:40 +00:00
Miroslav Stampar	7411052456	minor update regarding last commit	2011-01-05 12:09:57 +00:00
Miroslav Stampar	042e3f76ba	bug fix for a bug reported by nightman (RuntimeError: maximum recursion depth exceeded)	2011-01-05 11:36:40 +00:00
Miroslav Stampar	7ae5192070	adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data)	2011-01-05 10:25:07 +00:00
Miroslav Stampar	c83e9f6ca5	foundation for filtering binary string values (for example, replacement of non readable chars with #)	2011-01-04 21:56:37 +00:00
Miroslav Stampar	aa81ed4033	implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers)	2011-01-04 15:49:20 +00:00
Miroslav Stampar	eb11f5b2e0	minor update	2011-01-04 13:07:12 +00:00
Miroslav Stampar	c1dc73d0a1	minor, just in case update related to the previous commit	2011-01-04 12:56:55 +00:00
Miroslav Stampar	709a7d156b	fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...)	2011-01-04 12:51:51 +00:00
Miroslav Stampar	d288c6d6e3	minor update	2011-01-04 08:40:41 +00:00
Miroslav Stampar	fdc463d08b	fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range)	2011-01-03 23:36:35 +00:00
Miroslav Stampar	0eabca9fd4	update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)	2011-01-03 22:31:29 +00:00
Miroslav Stampar	08ccbf2c1e	important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)	2011-01-03 22:02:58 +00:00
Miroslav Stampar	572f403069	update of one thing that was missing	2011-01-03 21:28:22 +00:00
Miroslav Stampar	ce48ea75d0	noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links	2011-01-03 14:39:23 +00:00
Miroslav Stampar	6aa616bd0d	minor minor fix	2011-01-03 14:28:20 +00:00
Miroslav Stampar	92e4cdb241	raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic	2011-01-03 14:21:41 +00:00
Miroslav Stampar	07129371bf	bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests)	2011-01-03 13:04:20 +00:00
Miroslav Stampar	3629c2737b	automatically turn on --text-only in case of heavily-dynamicity instead of critical exit	2011-01-03 11:06:49 +00:00
Miroslav Stampar	adc41181e6	some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one	2011-01-03 10:37:20 +00:00
Miroslav Stampar	5860b8942f	minor update	2011-01-03 09:16:42 +00:00
Miroslav Stampar	d19a8d53e4	minor update	2011-01-03 08:46:20 +00:00
Miroslav Stampar	8625494ff2	added one new quick check for multiple target(s) mode	2011-01-03 08:32:06 +00:00
Miroslav Stampar	5f9b6b2254	code refactoring	2011-01-02 16:51:21 +00:00
Miroslav Stampar	f762f32de8	bug fix for proper --parse-errors on .aspx pages	2011-01-02 13:00:04 +00:00
Miroslav Stampar	dce9a762f1	important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode	2011-01-02 10:37:32 +00:00
Miroslav Stampar	96341f8f78	minor fix	2011-01-02 09:16:17 +00:00
Miroslav Stampar	5c6c870db4	removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode	2011-01-02 08:43:38 +00:00
Miroslav Stampar	6651ba05eb	another fix (OS was set to None at all previous sessions if there was no explicit OS testing done)	2011-01-02 08:08:38 +00:00
Miroslav Stampar	da138c46c1	added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)	2011-01-02 07:37:47 +00:00
Miroslav Stampar	ec4440108b	minor cosmetics	2011-01-02 07:09:04 +00:00
Miroslav Stampar	428e817a32	some refactoring	2011-01-01 23:57:27 +00:00
Miroslav Stampar	212035e64d	user can now choose if he wants to skip non-heuristic based DBMS tests	2011-01-01 23:38:11 +00:00
Miroslav Stampar	8a93cfd975	minor update	2011-01-01 22:43:15 +00:00
Miroslav Stampar	52e44df86c	minor update	2011-01-01 21:11:29 +00:00
Miroslav Stampar	942cbafba6	minor update	2011-01-01 20:19:55 +00:00
Miroslav Stampar	e4fd8b3f0c	(e) finally works as it should	2011-01-01 19:22:44 +00:00
Miroslav Stampar	0e815177c8	minor update	2011-01-01 19:07:40 +00:00
Miroslav Stampar	ef27fd5ea1	there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html)	2011-01-01 15:20:29 +00:00
Miroslav Stampar	15e6911fd8	fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write')	2011-01-01 12:23:02 +00:00
Miroslav Stampar	91f665aaaa	bug fix for Ctrl+C	2010-12-31 15:00:19 +00:00
Miroslav Stampar	5db8ebbfa9	update of mysql comment versions	2010-12-31 12:42:12 +00:00
Miroslav Stampar	281d124fa6	minor bug fix	2010-12-31 12:04:39 +00:00
Miroslav Stampar	613242e298	bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved)	2010-12-29 19:48:19 +00:00
Miroslav Stampar	8f32c740ff	code refactoring	2010-12-29 19:39:32 +00:00
Miroslav Stampar	6700cabc36	minor optimization	2010-12-29 19:01:29 +00:00
Miroslav Stampar	d1f5c1d7b7	now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering	2010-12-29 15:10:42 +00:00
Miroslav Stampar	79e97824ef	adding user names to the attack dictionary	2010-12-29 00:37:53 +00:00
Miroslav Stampar	93838fb155	"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)	2010-12-28 14:40:34 +00:00
Miroslav Stampar	c0423761e8	minor update	2010-12-27 18:27:42 +00:00
Miroslav Stampar	c8f8dbf0a7	minor update	2010-12-27 15:39:27 +00:00
Miroslav Stampar	9fb0e0fc85	resume of brute forced data is now available	2010-12-27 14:17:20 +00:00
Miroslav Stampar	c7a160bf72	minor update (users want this to see)	2010-12-27 12:00:54 +00:00
Miroslav Stampar	51a492e17d	pretty important commit (now dumped tables are prone to dictionary attack)	2010-12-27 10:56:28 +00:00
Miroslav Stampar	269d6bde24	this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion)	2010-12-27 00:14:29 +00:00
Miroslav Stampar	89c2640d23	basic --search now works with MS Access	2010-12-26 23:50:16 +00:00
Miroslav Stampar	f2373121d0	noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more)	2010-12-26 14:36:51 +00:00
Miroslav Stampar	ceeb6374e8	bug fix (TypeError: object of type 'NoneType' has no len())	2010-12-26 13:27:24 +00:00
Miroslav Stampar	569e060aab	important improvement	2010-12-26 13:20:52 +00:00
Miroslav Stampar	a555d1ad68	minor improvement	2010-12-26 11:15:02 +00:00
Miroslav Stampar	320a6f9efb	minor minor update	2010-12-26 09:55:33 +00:00
Miroslav Stampar	17d74fc83c	cosmeticado	2010-12-26 09:53:40 +00:00
Miroslav Stampar	cd337d9f39	minor fix	2010-12-26 09:46:09 +00:00
Miroslav Stampar	eaf4b93856	minor update	2010-12-26 09:40:40 +00:00
Miroslav Stampar	562a6440d1	fix for a bug reported by nightman (same as http://bugs.python.org/issue8797)	2010-12-26 09:33:04 +00:00
Miroslav Stampar	6c72e41972	minor fix/update	2010-12-26 02:19:10 +00:00
Miroslav Stampar	c5c4aae3d5	minor update (to prevent adding too much items)	2010-12-25 10:42:36 +00:00
Miroslav Stampar	b472b96f92	bug fix, refactoring and improved extractErrorMessage capabilities	2010-12-25 10:16:20 +00:00
Miroslav Stampar	ea7ba19f6b	minor update	2010-12-25 09:43:14 +00:00
Miroslav Stampar	272476773f	getPageTextWordsSet on tableExists is pretty powerful stuff	2010-12-25 09:37:33 +00:00
Miroslav Stampar	6845d402fa	well, here and there, merry Christmas to all :)	2010-12-24 20:17:53 +00:00
Miroslav Stampar	2d115e0350	one more fix	2010-12-24 18:44:13 +00:00
Miroslav Stampar	edcf1a0872	few bug fixes	2010-12-24 18:40:48 +00:00
Miroslav Stampar	96a06351a1	minor fix (in testing phase raise404 should be set to False)	2010-12-24 12:36:00 +00:00
Miroslav Stampar	2c23a59ba5	fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)	2010-12-24 12:13:48 +00:00
Miroslav Stampar	aab14fa2d3	minor refactoring/cosmetics	2010-12-24 11:06:57 +00:00
Miroslav Stampar	23dc408901	prioritization of tests based on DBMS error messages and some comments in common.py	2010-12-24 10:55:41 +00:00
Miroslav Stampar	a09716a701	minor update	2010-12-24 10:07:56 +00:00
Miroslav Stampar	d9f08e4aa3	randomization of user agents	2010-12-24 10:04:27 +00:00
Miroslav Stampar	d5eebb1cbf	fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6	2010-12-24 09:49:19 +00:00
Miroslav Stampar	cb17e61f35	bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959)	2010-12-24 02:54:26 +00:00
Miroslav Stampar	8470de7b76	bug fix for boolean proxy when using time based payloads	2010-12-23 23:46:08 +00:00
Miroslav Stampar	7f7fb93155	cosmetics	2010-12-23 18:44:18 +00:00
Miroslav Stampar	017ea9e686	update	2010-12-23 14:06:22 +00:00
Miroslav Stampar	73f33c1999	bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)	2010-12-23 11:28:13 +00:00
Miroslav Stampar	8fc60215ed	lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.	2010-12-22 19:12:46 +00:00
Miroslav Stampar	7c06dbffc3	bug fix (AttributeError: 'unicode' object has no attribute 'sort')	2010-12-22 18:55:50 +00:00
Bernardo Damele	c1f2534e9a	More bug fixes to properly distinguish between full inband and single-entry inband sql injections	2010-12-22 15:47:52 +00:00
Bernardo Damele	250608660d	Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not)	2010-12-22 13:41:36 +00:00
Bernardo Damele	5228f336da	Minor fix for ctrl+c during detection phase	2010-12-22 13:15:44 +00:00
Miroslav Stampar	08c88495d0	removed that ugly hack	2010-12-22 13:09:04 +00:00
Miroslav Stampar	8212b7b745	bug fix	2010-12-22 12:16:04 +00:00
Miroslav Stampar	5be9c04e44	update regarding Sybase syntax	2010-12-22 10:39:56 +00:00
Miroslav Stampar	d974a966b8	minor fix for end phase (Ctrl+C)	2010-12-21 23:55:55 +00:00
Miroslav Stampar	fb75d0636b	minor update	2010-12-21 23:42:59 +00:00
Miroslav Stampar	39a13077c4	minor bug fix	2010-12-21 23:09:41 +00:00
Miroslav Stampar	09479c85dc	minor bug fix	2010-12-21 22:35:44 +00:00
Miroslav Stampar	7a525f28d4	cosmetics	2010-12-21 15:26:23 +00:00
Miroslav Stampar	b2e7f9484d	minor tuning (2 techniques MAX per value used)	2010-12-21 15:24:14 +00:00
Miroslav Stampar	6c1133c4d4	some code refactoring	2010-12-21 15:13:13 +00:00
Miroslav Stampar	466d61ee85	minor fix	2010-12-21 14:29:47 +00:00
Miroslav Stampar	385e208f38	code refactoring regarding standard output suppression and some threading issues	2010-12-21 14:21:24 +00:00
Miroslav Stampar	0e68248f60	minor update of heuristic check	2010-12-21 12:56:18 +00:00
Miroslav Stampar	16f1f4e13e	when doing dynamic checks there are cases when 404 can be raised (perfectly normal)	2010-12-21 11:04:49 +00:00
Bernardo Damele	aca074b769	Removed unused outdated code	2010-12-21 10:49:52 +00:00
Bernardo Damele	ad6b528b33	Bit more verbose comment	2010-12-21 10:47:39 +00:00
Miroslav Stampar	6b37ddada4	removed some blank trailing spaces (with extra/shutils/blanks.sh)	2010-12-21 10:31:56 +00:00
Bernardo Damele	1a3f57e5fe	Cosmetics	2010-12-21 09:23:00 +00:00
Miroslav Stampar	d554460aec	minor fix	2010-12-21 01:09:39 +00:00
Miroslav Stampar	116c141dfa	another fix	2010-12-21 00:47:07 +00:00
Miroslav Stampar	416755c0b7	minor adjustments	2010-12-21 00:25:03 +00:00
Miroslav Stampar	8067365b93	fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident')	2010-12-20 23:47:53 +00:00
Miroslav Stampar	e10670d9ac	added end detection phase choice into Ctrl+C list	2010-12-20 23:34:00 +00:00
Miroslav Stampar	29001a4fce	minor update	2010-12-20 23:21:01 +00:00
Miroslav Stampar	b34fe5c334	no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout)	2010-12-20 22:49:48 +00:00
Miroslav Stampar	8fd3e7ba1f	thread based data added	2010-12-20 22:45:01 +00:00
Miroslav Stampar	c9e8aae8a2	we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads)	2010-12-20 19:34:41 +00:00
Miroslav Stampar	e09bc2406c	minor refactoring	2010-12-20 19:24:20 +00:00
Miroslav Stampar	5852bad963	some refactoring	2010-12-20 18:56:06 +00:00
Miroslav Stampar	19d8733e9a	this is strictly for educational purposes	2010-12-20 17:30:47 +00:00
Miroslav Stampar	c948bced61	should solve the problem with timeout problems in time-based payloads	2010-12-20 16:45:41 +00:00
Miroslav Stampar	eaf8929085	more minor updates	2010-12-20 10:48:53 +00:00
Miroslav Stampar	fd00ff7a82	minor bug fix	2010-12-20 10:37:03 +00:00
Miroslav Stampar	e9f1ecb9e7	minor update	2010-12-20 10:32:58 +00:00
Miroslav Stampar	10a7a2dfb2	kids, don't use this at home	2010-12-20 10:13:14 +00:00
Miroslav Stampar	13d5b2c0ff	code refactoring	2010-12-20 09:44:21 +00:00
Miroslav Stampar	4cb83654dc	minor update	2010-12-18 16:28:21 +00:00
Miroslav Stampar	36862e2efa	update	2010-12-18 15:57:47 +00:00
Miroslav Stampar	21d083272e	minor minor fix	2010-12-18 14:31:41 +00:00
Miroslav Stampar	4f73feec2f	now dictionary attack on multiple hash formats is supported (like mysql_passwd and mysql_old_passwd in one database)	2010-12-18 14:11:49 +00:00
Miroslav Stampar	05c6d661e8	cosmetics	2010-12-18 10:49:49 +00:00
Miroslav Stampar	03220d34ba	added Ctrl+C check in detection phase	2010-12-18 10:42:09 +00:00
Miroslav Stampar	e355f92f22	bug fix	2010-12-18 10:02:01 +00:00
Miroslav Stampar	fe67d3827c	code refactoring and some fixes	2010-12-18 09:51:34 +00:00
Miroslav Stampar	108a96c6b4	some fixes	2010-12-17 21:45:20 +00:00
Miroslav Stampar	a19cb2c13a	code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")	2010-12-17 21:29:09 +00:00
Miroslav Stampar	b4450c6ddd	added one more level of MSSQL version check (if first fails for some reason)	2010-12-17 21:01:14 +00:00
Miroslav Stampar	07609bfb53	minor fix	2010-12-17 19:33:20 +00:00
Miroslav Stampar	323af45ce4	added one more time request payload to confirm test results	2010-12-17 07:53:58 +00:00
Miroslav Stampar	e3fa3b0e8e	fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint')	2010-12-17 07:48:32 +00:00
Miroslav Stampar	95b2c0803b	minor fix	2010-12-15 20:51:29 +00:00
Miroslav Stampar	de54219571	code refactoring	2010-12-15 12:50:56 +00:00
Miroslav Stampar	cda00c7501	code refactoring	2010-12-15 12:43:56 +00:00
Miroslav Stampar	3f34b06a24	minor cosmetics	2010-12-15 12:34:14 +00:00
Miroslav Stampar	445cc3bf3c	minor cosmetics	2010-12-15 12:15:43 +00:00
Miroslav Stampar	c1c525aaea	quick fix of a fix	2010-12-15 12:10:33 +00:00
Miroslav Stampar	7cfeb5447b	minor update	2010-12-15 11:46:28 +00:00
Miroslav Stampar	4dec24d056	quick fix for a bug reported by Andreas Constantinides (KeyError: 5)	2010-12-15 11:30:29 +00:00
Miroslav Stampar	f8a01ddaf8	minor update	2010-12-15 11:21:47 +00:00
Miroslav Stampar	63f5c35c23	bug fix	2010-12-15 10:02:58 +00:00
Miroslav Stampar	c3d0295d21	minor update (checking for --time-sec value)	2010-12-14 12:37:21 +00:00
Miroslav Stampar	b75d7fa348	minor cache based optimization	2010-12-14 12:22:17 +00:00
Miroslav Stampar	270ae0f080	just in case as maybe there will be some boolean expression to check where we won't expect None, but explicitly True/False	2010-12-14 09:05:00 +00:00
Bernardo Damele	04caef6de0	Tuning	2010-12-13 23:04:26 +00:00
Bernardo Damele	cfcee6439e	Cosmetics	2010-12-13 21:55:30 +00:00
Bernardo Damele	86690682c7	Minor bug fix to respect -v value in --common-tables and --common-columns	2010-12-13 21:37:12 +00:00
Bernardo Damele	4b79227b5a	Minor bug fix to properly merge options from .conf file (-c) with command line switches	2010-12-13 21:36:23 +00:00
Bernardo Damele	db844c1785	No point in showing the error-based inject payload, it's same as the one showed in -v3	2010-12-13 21:35:20 +00:00
Bernardo Damele	698f30e65e	Cosmetics	2010-12-13 21:34:35 +00:00
Bernardo Damele	a02dd6b55b	Minor enhancement to speedup active dbms fingerprint (-f). ... Code cleanup and refactoring.	2010-12-13 21:33:42 +00:00
Miroslav Stampar	d56f47d530	fix for a bug reported by black zero (ValueError: invalid literal for int() with base 10: '1-20')	2010-12-12 23:59:55 +00:00
Miroslav Stampar	6a3c4485e6	minor update (removing extra ())	2010-12-12 14:44:39 +00:00
Miroslav Stampar	e98d9c08e1	dumping table is now possible on Firebird too	2010-12-12 14:38:07 +00:00
Miroslav Stampar	c93634b6c7	blind dumping of tables in sqlite implemented	2010-12-11 22:13:19 +00:00
Miroslav Stampar	b1babeefe5	update regarding dumping of tables with blind on Sqlite	2010-12-11 22:00:16 +00:00
Miroslav Stampar	f7344a5fc3	update	2010-12-11 21:28:11 +00:00
Miroslav Stampar	6a24048aa6	urllib2 doesn't play well with '\n' when non unescaped chars used	2010-12-11 21:17:54 +00:00
Miroslav Stampar	e6c66fa37c	update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available	2010-12-11 17:55:28 +00:00
Miroslav Stampar	e32fa9df43	further update regarding bugtrace's report	2010-12-11 17:32:15 +00:00
Miroslav Stampar	5d18c98ec2	quick fix for a bug reported by bugtrace (not using __goBooleanProxy because we don't have a proper vector this moment)	2010-12-11 17:20:39 +00:00
Miroslav Stampar	03447acc1d	avoiding some trashy match ratios	2010-12-11 17:12:19 +00:00
Miroslav Stampar	d2a3e8f44f	first time firebird error-based query success	2010-12-11 11:17:24 +00:00
Miroslav Stampar	f021548bd0	added inference failsafe (like in for instance Firebirds SUBSTR always returns a string value, no matter which starting index you use)	2010-12-11 10:52:04 +00:00
Miroslav Stampar	c17f444aab	minor fix	2010-12-11 10:22:18 +00:00
Miroslav Stampar	3dc0a51d34	major bug fix with boolean expressions	2010-12-11 08:46:19 +00:00
Miroslav Stampar	ac9080c07b	update	2010-12-11 08:24:29 +00:00
Miroslav Stampar	66db80804d	fix	2010-12-10 16:03:32 +00:00
Miroslav Stampar	435f48b8cc	polite cosmetics	2010-12-10 15:28:56 +00:00
Miroslav Stampar	977988c0ab	cosmetics	2010-12-10 15:24:25 +00:00
Miroslav Stampar	fa8d378e80	another update	2010-12-10 15:18:15 +00:00
Miroslav Stampar	1ef44cfe60	fix	2010-12-10 15:06:53 +00:00
Miroslav Stampar	fe186cde55	proper fix	2010-12-10 13:26:31 +00:00
Miroslav Stampar	9957881040	you won't believe commit	2010-12-10 13:20:59 +00:00
Miroslav Stampar	1fc9ed10a8	minor refactoring	2010-12-10 12:30:36 +00:00
Miroslav Stampar	4d8628e8fb	fix for booleans	2010-12-10 12:26:01 +00:00
Miroslav Stampar	fe2039f5ba	coollyy little commits	2010-12-10 11:32:46 +00:00
Miroslav Stampar	d5e7a8d305	update	2010-12-10 10:54:17 +00:00
Bernardo Damele	b6dcbcef5b	Minor fix	2010-12-10 10:52:55 +00:00
Miroslav Stampar	471d9ccd65	another fix of my lala	2010-12-10 10:11:25 +00:00
Miroslav Stampar	029a6abba2	quick fix	2010-12-10 09:54:25 +00:00
Miroslav Stampar	441fc8dbd9	update regarding boolean based expressions	2010-12-09 21:15:18 +00:00
Miroslav Stampar	d5fb921154	removed debug print	2010-12-09 20:08:59 +00:00
Miroslav Stampar	1492823de0	it wasn't pretty, now it's pretty	2010-12-09 20:06:20 +00:00
Miroslav Stampar	bbffea2cbc	bug fix	2010-12-09 17:10:22 +00:00
Miroslav Stampar	0eb2c408a9	code refactoring	2010-12-09 16:49:02 +00:00
Bernardo Damele	df5f6bc1b7	Little precaution	2010-12-09 14:06:43 +00:00
Bernardo Damele	9230877d98	cosmetics	2010-12-09 13:57:38 +00:00
Bernardo Damele	5fb04515d3	Added hidden (for the moment) switch --technique	2010-12-09 13:47:17 +00:00
Miroslav Stampar	cdff29ada7	update	2010-12-09 11:23:44 +00:00
Miroslav Stampar	196131bbca	minor cosmetics	2010-12-09 10:42:00 +00:00
Miroslav Stampar	ec5c08ca7a	cosmetics	2010-12-09 09:24:20 +00:00
Miroslav Stampar	3fd1c37d53	update	2010-12-09 07:49:18 +00:00
Miroslav Stampar	db39dc32fc	minor update	2010-12-09 00:59:39 +00:00
Bernardo Damele	0c01be0eeb	Ugly work-around to avoid unescaping WAITFOR DELAY time between single quotes (unescaped CHAR(..) value does not work).	2010-12-09 00:34:02 +00:00
Bernardo Damele	9c61adb21d	Cosmetics	2010-12-09 00:26:06 +00:00
Bernardo Damele	b5c6527c72	Minor fix	2010-12-09 00:25:48 +00:00
Bernardo Damele	f5ce739bdf	Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.	2010-12-08 23:52:31 +00:00
Bernardo Damele	10ef2b5de8	Minor bug fix	2010-12-08 23:09:42 +00:00
Miroslav Stampar	54f6673609	update	2010-12-08 22:38:26 +00:00
Miroslav Stampar	d6077273e0	update	2010-12-08 22:14:42 +00:00
Miroslav Stampar	258e9fb50e	fix for a "bug" reported by Spencer J. McIntyre (os.makedirs(conf.outputPath, 0755) -> permission denied)	2010-12-08 21:16:18 +00:00
Miroslav Stampar	81c16926c1	code refactoring some more	2010-12-08 14:46:07 +00:00
Miroslav Stampar	40fadf2f35	minor update	2010-12-08 14:33:10 +00:00
Miroslav Stampar	95b48746a6	cosmetics	2010-12-08 14:29:09 +00:00
Miroslav Stampar	ed09c53ee4	minor minor update	2010-12-08 14:27:37 +00:00
Miroslav Stampar	01cf1394a4	code refactoring	2010-12-08 14:26:40 +00:00
Miroslav Stampar	af22679605	minor update	2010-12-08 13:09:27 +00:00
Miroslav Stampar	6223f25dd9	code beautification	2010-12-08 13:04:48 +00:00
Miroslav Stampar	64cc2588f1	now resume is available for time-based blinds too	2010-12-08 12:49:26 +00:00
Miroslav Stampar	537b619165	removing junk	2010-12-08 12:30:25 +00:00
Miroslav Stampar	b5e45939e3	sqlmap premiere of blind time based query/bisection	2010-12-08 12:28:54 +00:00
Miroslav Stampar	47bb31fb47	code refactoring	2010-12-08 11:30:25 +00:00
Miroslav Stampar	1ae2fa7f1a	update regarding time based payloads	2010-12-08 11:26:54 +00:00
Miroslav Stampar	bdff4aba6a	switching to quick_ratio	2010-12-07 23:57:43 +00:00
Miroslav Stampar	c1b82cf09c	ratio() gives a considerable lag on real life cases, as real_quick_ratio() gives almost as good results	2010-12-07 23:53:44 +00:00
Miroslav Stampar	a4a63f5b1e	minor update	2010-12-07 23:49:00 +00:00
Miroslav Stampar	293ce18fed	two major bug fixes regarding time calculation (previously comparison was also a part of "delta", which screwed results in cases with large pages; other was a standard distribution based one)	2010-12-07 23:32:33 +00:00
Miroslav Stampar	b21eb88905	minor update	2010-12-07 22:45:38 +00:00
Miroslav Stampar	575e50673b	minor update	2010-12-07 19:27:01 +00:00
Miroslav Stampar	398b82644a	little explanation	2010-12-07 19:25:26 +00:00
Miroslav Stampar	dc651d59ec	little mathematics here and there (used "Rules for normally distributed data")	2010-12-07 19:19:12 +00:00
Bernardo Damele	ee72838231	Removed debug print	2010-12-07 17:19:29 +00:00
Bernardo Damele	5f97312f29	Minor fix	2010-12-07 17:17:38 +00:00
Bernardo Damele	81e7465ed2	Cosmetics	2010-12-07 17:16:21 +00:00
Miroslav Stampar	ecd4a5a532	added standard deviation check in time based tests	2010-12-07 16:39:31 +00:00
Miroslav Stampar	294119d2ec	more advanced time technique(s)	2010-12-07 16:04:53 +00:00
Miroslav Stampar	4959da3ce6	it's a must to double check time based payloads	2010-12-07 14:59:11 +00:00
Miroslav Stampar	e53fef546e	update regarding session page templates	2010-12-07 14:35:31 +00:00
Miroslav Stampar	add6235b16	removed pageTemplate from injection(s), it's not longer stored in session, and it's reloaded when resuming from session	2010-12-07 14:06:54 +00:00
Miroslav Stampar	0dc630203f	code refactoring	2010-12-07 13:34:06 +00:00
Bernardo Damele	8e78057ac8	Added counter of total HTTP(s) requests done during detection phase	2010-12-07 12:33:47 +00:00
Bernardo Damele	effd2ca0e3	Cosmetics	2010-12-07 12:32:58 +00:00
Miroslav Stampar	2af8835a94	fix for a bug reported by ToR (origValue = paramDict[kb.injection.parameter] -> KeyError in resume with missing injection parameter)	2010-12-07 10:57:32 +00:00
Miroslav Stampar	3d87489de5	minor update	2010-12-07 08:05:03 +00:00
Miroslav Stampar	0da1ebde7d	introducing PostgreSQL time based blind	2010-12-07 00:51:14 +00:00
Miroslav Stampar	61f82fd274	introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic	2010-12-07 00:27:26 +00:00
Miroslav Stampar	2735848ab6	removed ERROR_SPACE	2010-12-06 22:40:07 +00:00
Miroslav Stampar	9ccc8f90a3	minor cosmetic update ("heuristics shows" is not grammatically correct)	2010-12-06 18:47:22 +00:00
Miroslav Stampar	d336f1df23	minor update	2010-12-06 18:44:42 +00:00
Miroslav Stampar	d77ddbee47	OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND)	2010-12-06 18:20:57 +00:00
Miroslav Stampar	27ee9a5ccf	minor refactoring	2010-12-06 15:50:19 +00:00
Miroslav Stampar	e8be14e00a	minor refactoring	2010-12-06 07:48:14 +00:00
Miroslav Stampar	a43d252ae9	minor update	2010-12-06 00:14:08 +00:00
Miroslav Stampar	5189f138d7	increasing socket timeout in case of time based checks	2010-12-05 23:18:16 +00:00
Bernardo Damele	17449754fe	Got rid of UNION false cond	2010-12-05 16:16:15 +00:00
Bernardo Damele	da3fd17fc3	Adjustment to make it work also in OR based injection	2010-12-05 12:24:23 +00:00
Bernardo Damele	41e1b95c6c	Minor code refactoring and finally make exploitation work also on OR boolean-based injections	2010-12-05 11:25:44 +00:00
Miroslav Stampar	7a5cd3b35f	minor comment update	2010-12-05 11:15:09 +00:00
Bernardo Damele	618b3b0211	Cosmetics	2010-12-05 11:05:57 +00:00
Miroslav Stampar	9e5f933ace	some updates	2010-12-04 15:47:02 +00:00
Miroslav Stampar	3f9450b9dc	minor fix	2010-12-04 14:43:35 +00:00
Miroslav Stampar	1f795622b3	some fine tuning of dynamicity removing engine	2010-12-04 13:39:35 +00:00
Miroslav Stampar	eeb199375b	usage of compiled regexes in case of dynamic markings and other refactoring	2010-12-04 13:23:28 +00:00
Miroslav Stampar	0fc7a8f9e8	code refactoring	2010-12-04 10:13:18 +00:00
Miroslav Stampar	04714374f9	now you can use kb.pageTemplate to set a page which will be used as a template in comparison process (at least in '-[RANDNUM] OR' cases we'll need to use different template(s))	2010-12-04 10:05:18 +00:00
Miroslav Stampar	b3a094b9d6	fix for a bug reported by ToR (when resuming: queries[kb.dbms] -> KeyError: u'mysql')	2010-12-03 22:44:29 +00:00
Miroslav Stampar	5764816891	minor cosmetics	2010-12-03 22:28:09 +00:00
Bernardo Damele	5d37df6104	Ugly code to set the cookies when got them from a 302 redirect too	2010-12-03 17:41:10 +00:00
Bernardo Damele	9d55c4da87	Done with support for injection in ORDER BY and GROUP BY (hopefully)	2010-12-03 16:12:47 +00:00
Bernardo Damele	91c3cf8fd0	Minor improvement	2010-12-03 16:11:57 +00:00
Bernardo Damele	0e6359ab6e	Minor layout adjustment	2010-12-03 16:11:35 +00:00
Bernardo Damele	6e73adec47	Get rid of one useless attribute	2010-12-03 16:11:13 +00:00
Bernardo Damele	126a1479d8	Bug fix for --union-test	2010-12-03 14:57:30 +00:00
Bernardo Damele	11058667e4	Better naming	2010-12-03 14:45:13 +00:00
Bernardo Damele	b824826a89	Minor enhancement to prefix payload in ORDER BY and GROUP BY clauses	2010-12-03 14:39:51 +00:00
Bernardo Damele	bb40ab9fb0	Major bug fix for default boolean-based vector still work and minor adjustments	2010-12-03 14:31:11 +00:00
Miroslav Stampar	612ee08a0b	added response time kb attribute	2010-12-03 13:19:34 +00:00
Bernardo Damele	4dec049c22	Major bug fix for test on ORDER BY and GROUP BY clauses. ... Minor bug fix to skip following tests if they do not match any of the clause previously identified (injection.clause value).	2010-12-03 12:00:03 +00:00
Bernardo Damele	827a0aea05	Minor bug fix	2010-12-03 11:15:11 +00:00
Bernardo Damele	7690aa85ce	Added a comment needed to understand this hack when looking at the code in a month or so ;)	2010-12-03 11:00:41 +00:00
Bernardo Damele	a9d4b37987	Code cleanup and minor refactoring	2010-12-03 10:51:27 +00:00
Bernardo Damele	22de82634a	Important update to parse correctly the <where> tag during exploitation phase. ... Minor code cleanup.	2010-12-03 10:44:16 +00:00
Bernardo Damele	7d6f51f758	Avoid blank space between prefix and test's payload if it's a stacked queries test	2010-12-03 10:42:46 +00:00
Bernardo Damele	b0928e02c6	Proper comment	2010-12-03 10:39:36 +00:00
Miroslav Stampar	2cc167a42e	fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'"	2010-12-02 18:57:43 +00:00
Bernardo Damele	283a04e29a	On my way to properly parse test's <where> tag in exploitation phase	2010-12-01 23:32:58 +00:00
Bernardo Damele	09b265a1ea	Got rid of conf.logic for the moment, haven't decided yet what to do with parenthesis check	2010-12-01 23:32:02 +00:00
Bernardo Damele	47f2d22181	Minor bug fix	2010-12-01 17:18:31 +00:00
Bernardo Damele	089c16a1b8	Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type. ... Removed some useless tests. Moved <error> from queries.xml to payloads.xml as it makes more sense. Beeps at sql inj found only if --beep is provided. Minor fix in order to be able to pickle advancedDict() objects. Minor code refactoring. Removed useless folders.	2010-12-01 17:09:52 +00:00
Bernardo Damele	c00ea7f5e5	Store and resume also UNION char to session file (--union-char)	2010-12-01 10:59:58 +00:00
Bernardo Damele	025361c970	Higher precedence to union query sql inj than error-based	2010-12-01 10:57:17 +00:00
Bernardo Damele	56d2b2f322	Avoid storing to session file also payload delimiters	2010-12-01 10:55:59 +00:00
Bernardo Damele	2708aad504	Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.	2010-12-01 10:31:50 +00:00
Bernardo Damele	8d84dcc5dc	More sense	2010-12-01 09:17:17 +00:00
Bernardo Damele	c8f943f5e4	Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. ... Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.	2010-11-30 22:40:25 +00:00
Miroslav Stampar	fcdebbd55f	cosmeticados	2010-11-30 14:48:13 +00:00
Miroslav Stampar	47a7708950	minor improvement of dynamic content detection/removal part	2010-11-30 12:45:42 +00:00
Bernardo Damele	8b9706656e	Got rid of unreliable 'ORDER BY' technique to detect UNION query SQL injection, consequently switch --union-tech has gone now. ... Minor code refactoring too.	2010-11-29 17:18:38 +00:00
Bernardo Damele	e9291932e5	Apply --level also to User-Agent (level >= 4) and Cookie (level >= 3). ... GET and POST parameters are always tested.	2010-11-29 16:33:20 +00:00
Miroslav Stampar	e735f2960a	minor update	2010-11-29 15:25:45 +00:00
Bernardo Damele	c76d740a25	just a precaution	2010-11-29 15:21:56 +00:00
Miroslav Stampar	70e87d959e	update of dynamicity engine	2010-11-29 15:14:49 +00:00
Bernardo Damele	ee4e04ebca	Minor adjustment	2010-11-29 15:09:40 +00:00
Bernardo Damele	2efb3b78ea	Consider also --dbms value during the detection phase	2010-11-29 14:48:07 +00:00
Miroslav Stampar	be6df7abd9	improvement of dynamicity engine	2010-11-29 14:30:57 +00:00
Bernardo Damele	76ce9cc888	Minor bug fix for --forms	2010-11-29 12:46:18 +00:00
Bernardo Damele	6525e08d6b	Minor adjustment to detect the proper parameter type based upon --prefix and --suffix values	2010-11-29 12:13:42 +00:00
Bernardo Damele	c22338ce90	Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more).	2010-11-29 11:47:58 +00:00
Bernardo Damele	e8c6c01e27	precaution	2010-11-29 09:54:30 +00:00
Bernardo Damele	9d7087e2ff	Proper saving and resuming when more than a parameter are injectable. ... Minor bug fix to --stacked-test Minor code refactoring.	2010-11-29 01:04:42 +00:00
Bernardo Damele	75f7df75b6	Minor fix	2010-11-28 23:33:51 +00:00
Bernardo Damele	472f4465a6	Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase. ... Minor bug fix to properly handle the case that no injections are found. Nicer display of injection vulnerabilities detected. Minor code refactoring.	2010-11-28 21:27:47 +00:00
Bernardo Damele	7e3b24afe6	Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. ... All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!	2010-11-28 18:10:54 +00:00
Miroslav Stampar	6712f4da55	some refactoring and one less request for aspx maintanance during --os-shell	2010-11-24 14:20:43 +00:00
Bernardo Damele	253eafb643	paranoid cosmetics	2010-11-24 12:03:01 +00:00
Miroslav Stampar	b2b521fc8a	gready regex bastard :)	2010-11-24 12:01:36 +00:00
Miroslav Stampar	9579a97039	now ASPX works too for --os-shell	2010-11-24 11:38:27 +00:00
Miroslav Stampar	c54c9ee5d1	minor update	2010-11-23 22:33:00 +00:00
Miroslav Stampar	57ad59206b	cosmetics as it's best	2010-11-23 22:09:10 +00:00
Miroslav Stampar	7a147041c4	cosmetics	2010-11-23 21:44:58 +00:00
Miroslav Stampar	f4f0bc9db3	minor fix	2010-11-23 21:17:01 +00:00
Miroslav Stampar	f9f076ba97	code refactoring	2010-11-23 21:00:42 +00:00
Miroslav Stampar	7877a931d5	more cosmetics regarding dictionary attack	2010-11-23 20:54:40 +00:00
Miroslav Stampar	e3b3e05748	minor update	2010-11-23 19:21:30 +00:00
Miroslav Stampar	0d24a15182	more cosmetics	2010-11-23 19:10:34 +00:00
Miroslav Stampar	836a1c214a	los cosmeticados (of hash dictionary attack)	2010-11-23 18:57:00 +00:00
Miroslav Stampar	c4414df594	minor update	2010-11-23 15:33:13 +00:00
Miroslav Stampar	78024eafe0	little precaution	2010-11-23 15:31:23 +00:00
Miroslav Stampar	4af000e699	minor language update (in testing phase "used" is more preferable than "provided")	2010-11-23 15:11:15 +00:00
Miroslav Stampar	b41ee8d0d0	minor refactoring	2010-11-23 14:57:36 +00:00
Miroslav Stampar	aa5d038f18	more code refactoring	2010-11-23 14:50:47 +00:00
Miroslav Stampar	3cae76627c	code refactoring regarding dictionary attack	2010-11-23 13:58:01 +00:00
Miroslav Stampar	ba4ea32603	first working version of dictionary attack	2010-11-23 13:24:02 +00:00
Miroslav Stampar	c471b815cc	fix for a bug reported by BugTrace (IndexError: list index out of range)	2010-11-22 10:58:08 +00:00
Miroslav Stampar	bfc9378542	sorry, even more proper naming should be like this (passwd is a standard naming for this kind of function(s))	2010-11-20 13:22:59 +00:00
Miroslav Stampar	db59faedb9	more proper naming	2010-11-20 13:20:28 +00:00
Miroslav Stampar	1f8a9fe033	foundations for dictionary attack support combined with the sqlmap's password/hash retrieval functionality (--password switch)	2010-11-20 13:14:13 +00:00
Miroslav Stampar	71107e4e9e	quick fix for google searches	2010-11-19 21:38:20 +00:00
Bernardo Damele	99a23e23cf	Extra check on --union-cols value	2010-11-19 16:39:26 +00:00
Bernardo Damele	c23126547e	Improved --union-cols to accept a range to test for union SQL injection. By default it is 1-20.	2010-11-19 15:48:24 +00:00
Bernardo Damele	ad17e9ed2a	Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any)	2010-11-19 14:56:20 +00:00
Miroslav Stampar	df88280681	minor update of google regex (that * was a junky one)	2010-11-19 10:04:29 +00:00
Miroslav Stampar	e8bef28337	updating google parsing regex (for the better, of course)	2010-11-19 10:00:29 +00:00
Miroslav Stampar	d97e97d884	minor update :)	2010-11-19 09:02:44 +00:00
Bernardo Damele	4a9bd3a240	Finally a proper union query SQL injection test engine for --union-test. It does much more requests, but for god sake now it works well!	2010-11-18 17:55:43 +00:00
Bernardo Damele	544327379f	Little precaution	2010-11-18 14:32:52 +00:00
Bernardo Damele	f6a17cb1a8	Revert wrong fix	2010-11-18 10:41:06 +00:00
Bernardo Damele	17486e472a	Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!	2010-11-17 22:00:09 +00:00
Miroslav Stampar	ca5125bbe0	minor update related to r2401	2010-11-17 20:50:31 +00:00
Bernardo Damele	360aff7a4d	sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle	2010-11-17 17:20:32 +00:00
Miroslav Stampar	a0df36beda	when in multi target mode this should be done (another bug was reported by ToR for using "old" data - kb was not properly cleared)	2010-11-17 15:33:07 +00:00
Miroslav Stampar	17f0609263	minor bug fix	2010-11-17 13:29:57 +00:00
Miroslav Stampar	3d25071d06	another minor improvement regarding logging of http traffic	2010-11-17 12:16:48 +00:00
Miroslav Stampar	3e569a1693	minor update	2010-11-17 12:04:33 +00:00
Miroslav Stampar	2802923dbe	some improvements regarding --os-shell web server application choice	2010-11-17 11:45:52 +00:00
Miroslav Stampar	5abbea4a9f	fix for a bug reported by nightman (unknown charset 'null')	2010-11-17 09:57:32 +00:00
Miroslav Stampar	d757e4ae1c	bug fix (when user manually sets web root, that same directory should be used as one of potentionaly default dirs)	2010-11-17 09:46:04 +00:00
Miroslav Stampar	bec152609a	minor cosmetics and bug fix for Windows machines ('\\' is interpreted as \ and inside the script it can screw things up as it's a marker for a special character - thus '\\\\' is interpreted as \\ which represents special character \)	2010-11-17 09:33:05 +00:00
Miroslav Stampar	76c3f5768b	cosmetics	2010-11-17 09:12:48 +00:00
Miroslav Stampar	2a8e270bef	proper handling of carriage return character from Windows target machines	2010-11-16 15:11:03 +00:00
Miroslav Stampar	ab33651f96	minor bug fix for displaying text from windows machines (\r was interfering with normal dataToStdout behavior)	2010-11-16 15:02:22 +00:00
Miroslav Stampar	3487429eac	minor cosmetics	2010-11-16 14:41:46 +00:00
Miroslav Stampar	3640dbf745	fix for --parse-errors (on IIS HTTP error is raised which need to be processed)	2010-11-16 14:33:30 +00:00
Miroslav Stampar	cccb565859	cosmetics	2010-11-16 14:11:32 +00:00
Miroslav Stampar	b9d9f18939	added General cmdline group	2010-11-16 14:09:09 +00:00
Miroslav Stampar	e7a66371f8	update regarding os shell-ing regarding JSP and ASPX	2010-11-16 13:46:46 +00:00
Miroslav Stampar	6232397129	minor update	2010-11-16 10:52:49 +00:00
Miroslav Stampar	6ef3846400	update regarding error parsing (and reporting)	2010-11-16 10:42:42 +00:00
Bernardo Damele	71cb982039	Another bug fix to --union-test	2010-11-15 21:42:56 +00:00
Miroslav Stampar	b3ad63b71e	major bug fix (haven't applied dynamic content removal to the original comparison (conf.seqMatcher.a) page)	2010-11-15 14:59:37 +00:00
Miroslav Stampar	ff310475c8	some reporting update for --forms	2010-11-15 14:17:51 +00:00
Miroslav Stampar	20d6b9a5c1	minor fix	2010-11-15 12:24:32 +00:00
Miroslav Stampar	39c6c9f386	minor update	2010-11-15 12:19:22 +00:00
Miroslav Stampar	819085155e	minor update/fix	2010-11-15 12:07:13 +00:00
Miroslav Stampar	c25c017c08	cosmetics regarding --forms	2010-11-15 11:50:33 +00:00
Miroslav Stampar	36c544f440	update (--forms acts now more like -g switch)	2010-11-15 11:34:57 +00:00
Bernardo Damele	5f46a549ba	Cosmetics for --forms	2010-11-14 21:59:35 +00:00
Bernardo Damele	0bfc1b411a	Another bug fix for --union-test	2010-11-14 15:39:57 +00:00
Miroslav Stampar	a0fb96816f	fix for a bug reported by ToR (value += actVer)	2010-11-14 08:31:29 +00:00
Bernardo Damele	8d07272c82	Added --union-cols switch to specify the max number of columns to test for UNION query sql injection. ... Now stores/resumes also the exact UNION payload to session file.	2010-11-13 23:24:41 +00:00
Bernardo Damele	df5dc10111	Major enhancement to --union-test check	2010-11-13 22:47:37 +00:00
Miroslav Stampar	84849316b3	improvement of heuristic check (now original value is included too)	2010-11-12 23:06:01 +00:00
Miroslav Stampar	06a872fc99	update/fix for an issue reported by nightman (IncompleteRead: IncompleteRead(1284 bytes read))	2010-11-12 22:57:33 +00:00
Miroslav Stampar	27735b14df	update (--string and --regex should be done regardless of wasLastRequestError)	2010-11-12 22:44:15 +00:00
Miroslav Stampar	0d66f101da	fix for a bug reported by Bugtrace (--string "pengcheng_cui" and "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource" on False pages)	2010-11-12 22:29:33 +00:00
Bernardo Damele	a777d59870	Minor bug fix	2010-11-12 15:17:12 +00:00
Bernardo Damele	0a83a830d9	Properly handle both HTTPS and HTTP requests through proxy	2010-11-12 14:21:46 +00:00
Bernardo Damele	e1ef27f592	work-around to be able to pass in the -r request file the Host header, the ending string ":443" and so sqlmap will go over https	2010-11-12 12:25:02 +00:00
Bernardo Damele	9f53048ff4	Put a space always between the user's provided prefix and sqlmap payload	2010-11-12 11:48:26 +00:00
Miroslav Stampar	697b32554c	fix for a bug "ordinal not in range(128)" reported by bugtrace	2010-11-12 11:48:25 +00:00
Bernardo Damele	f83dd2251b	Properly save error-based enumerated data in session file, able to be resumed like with other techniques	2010-11-12 11:40:37 +00:00
Bernardo Damele	a34c1b287c	Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL)	2010-11-12 11:33:11 +00:00
Bernardo Damele	8cec75656c	Bug fix to properly save the match ratio only if numeric (to avoid also tracebacks when match is based on --string or --regexp)	2010-11-12 10:31:42 +00:00
Bernardo Damele	a14e4d9668	Referer does not have to be static, it's already a switch (--referer) so that user can specify it manually.	2010-11-12 10:16:39 +00:00
Bernardo Damele	66c82d72e4	Typo fix	2010-11-12 10:02:02 +00:00
Miroslav Stampar	42272ca78c	minor update	2010-11-11 22:26:36 +00:00
Miroslav Stampar	8aefd0bbf7	improvement of --common-tables and --common-columns	2010-11-11 20:37:25 +00:00
Miroslav Stampar	2d872f850a	quick fix	2010-11-11 19:54:54 +00:00
Miroslav Stampar	24238ccd0b	re-renaming of brute force switches. this way is better.	2010-11-11 07:57:44 +00:00
Miroslav Stampar	96d88877ba	bug fix (reported by ToR)	2010-11-10 19:44:51 +00:00
Miroslav Stampar	19c1bfa368	just a precaution (now i really need to go for a sleep)	2010-11-09 23:38:29 +00:00
Miroslav Stampar	88c00e61d3	another update	2010-11-09 23:35:37 +00:00
Miroslav Stampar	47720a43dd	minor fix (while we've calculated conf.matchRation for stable pages, we've put a constant value (0.900) for dynamic ones - so putting (ratio - conf.matchRatio) > DIFF_TOLERANCE for dynamic pages too would just effectively increase it's value to 0.900 + DIFF_TOLERANCE (in our case to 0.950) which is too narrow space for True result)	2010-11-09 23:21:21 +00:00
Miroslav Stampar	5ebd5d935c	another name change	2010-11-09 22:49:31 +00:00
Miroslav Stampar	06f00cf8c1	name change	2010-11-09 22:48:22 +00:00
Miroslav Stampar	6807fb04cc	minor update	2010-11-09 22:44:23 +00:00
Miroslav Stampar	fef60d5cb7	some fixes :)	2010-11-09 22:32:05 +00:00
Bernardo Damele	1cc99e2247	Possible quick fix for missing of True/False comparison of stable-but-not-really pages	2010-11-09 21:39:58 +00:00
Bernardo Damele	2205099a5e	Python stylish	2010-11-09 21:39:05 +00:00
Miroslav Stampar	cee888b613	tuning detection engine (None results from queryPage/comparison should not be treated as False in checkSqlInjection routine - None is returned when error is detected)	2010-11-09 19:14:55 +00:00
Miroslav Stampar	726825ca70	minor update	2010-11-09 16:59:36 +00:00
Miroslav Stampar	b43334165d	update regarding brute forcing	2010-11-09 16:53:33 +00:00
Miroslav Stampar	a7fa8d4975	update regarding brute force retrieval of table names and table column names	2010-11-09 16:15:55 +00:00
Miroslav Stampar	7752b5efe9	minor update	2010-11-09 09:51:54 +00:00
Miroslav Stampar	4be0631161	refactoring of brute force techniques	2010-11-09 09:42:43 +00:00
Miroslav Stampar	221f976fbd	minor update	2010-11-09 01:23:54 +00:00
Bernardo Damele	45ec8c169a	Consistency between --*-test switches/output	2010-11-08 16:46:25 +00:00
Miroslav Stampar	fda8752dca	revert of some HTTP headers handling	2010-11-08 13:26:45 +00:00
Bernardo Damele	78d7b17483	More replacements for refactoring. ... Minor layout adjustments. Alignment of conffile/optiondict/cmdline parameters.	2010-11-08 12:36:48 +00:00
Miroslav Stampar	eb999de0f1	added Range handler (dealing with 206 HTTP messages)	2010-11-08 12:26:13 +00:00
Miroslav Stampar	875781bf97	another minor fix	2010-11-08 11:55:56 +00:00
Miroslav Stampar	4a4a3051e5	fix	2010-11-08 11:39:07 +00:00
Miroslav Stampar	a3de10e3a2	new option -t	2010-11-08 11:22:47 +00:00
Miroslav Stampar	4e6d1b5118	added "Detection" part in help listing	2010-11-08 10:11:43 +00:00
Miroslav Stampar	0d0e2a2228	minor update	2010-11-08 09:49:57 +00:00
Miroslav Stampar	d551423379	further enum refactoring	2010-11-08 09:44:32 +00:00
Miroslav Stampar	862395ced1	further refactoring (all enumerations are now put into enums.py)	2010-11-08 09:20:02 +00:00
Miroslav Stampar	8e44aa605a	refactoring regarding injection place (more left)	2010-11-08 08:02:36 +00:00
Miroslav Stampar	0482e02c37	minor optimization	2010-11-07 23:37:15 +00:00
Miroslav Stampar	4f346eab33	fix for resume from session	2010-11-07 23:25:53 +00:00
Bernardo Damele	ea1b0d31be	Avoid displaying single retrieved character when --verbose > 2	2010-11-07 22:42:56 +00:00
Bernardo Damele	b6da946883	Added one new verbose level, -v 3 now shows the full injected payload. ... Fixed also -d verbose output.	2010-11-07 22:34:29 +00:00
Bernardo Damele	a96467b3e2	Refactoring	2010-11-07 21:55:24 +00:00
Miroslav Stampar	7a6c086a27	setting direct query info output to same level as payload info (logger.DEBUG)	2010-11-07 21:42:36 +00:00
Miroslav Stampar	d3e7e89e60	major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces	2010-11-07 21:18:09 +00:00
Miroslav Stampar	620fa1c8fb	trust me, i know what i am doing :)	2010-11-07 20:33:33 +00:00
Bernardo Damele	73e85bfc75	Minor bug fix: the --tamper scripts have to be provided from the highest to the lowest priority, if not, sqlmap will reverse-sort them automatically as per user's choice. Tested, works now	2010-11-07 16:24:44 +00:00
Bernardo Damele	4d81da6bc8	Cosmetics	2010-11-07 16:23:03 +00:00
Bernardo Damele	6716315a76	Minor bug fix to properly set the ratio just before the check for injection, not before the check for dynamicity	2010-11-07 15:45:26 +00:00
Bernardo Damele	9669dbdae1	Minor cosmetics and adjustments	2010-11-07 15:34:52 +00:00
Miroslav Stampar	afba26a53f	tiny winy update	2010-11-07 09:00:45 +00:00
Miroslav Stampar	2b8c942b4a	more update	2010-11-07 08:58:24 +00:00
Miroslav Stampar	00dfd55830	added powerful switch --longest-common for dealing with heavy dynamicity	2010-11-07 08:52:09 +00:00
Miroslav Stampar	16f52ab7ba	cosmetic fix	2010-11-07 08:13:20 +00:00
Miroslav Stampar	8d93bdfa4b	minor update (optimization) regarding -a switch	2010-11-07 08:11:56 +00:00
Miroslav Stampar	508b9cc763	dynamicity engine update	2010-11-07 00:12:00 +00:00
Miroslav Stampar	3619fc5127	minor update	2010-11-06 08:31:11 +00:00
Miroslav Stampar	06760182f1	cosmetics	2010-11-05 16:08:42 +00:00
Miroslav Stampar	9bc9302e58	minor fix	2010-11-05 16:03:12 +00:00
Miroslav Stampar	44435adc4a	added some fancy Ctrl+C when having multiple targets	2010-11-05 15:59:25 +00:00
Miroslav Stampar	0e895fa512	update of dynamicity testing and few misc fixes	2010-11-05 13:14:12 +00:00
Miroslav Stampar	ef1809464d	bug fix for that BadStatusLine (http://bugs.python.org/issue8450)	2010-11-05 11:58:20 +00:00
Miroslav Stampar	6295a59a30	minor update/fix	2010-11-05 11:39:35 +00:00
Miroslav Stampar	f3e3420677	fix for a bug reported by Marcos Mateos Garcia (ValueError)	2010-11-05 11:34:09 +00:00
Miroslav Stampar	5f7f4bf15b	minor debug update (probably temporary)	2010-11-05 11:04:00 +00:00
Miroslav Stampar	3f0a443b83	some updates	2010-11-04 23:08:59 +00:00
Miroslav Stampar	29b7c5366c	cosmetics	2010-11-04 17:22:33 +00:00
Miroslav Stampar	ad6b2e9c21	minor fix	2010-11-04 16:47:18 +00:00
Miroslav Stampar	e1cec8c02b	fix for all that stable, dynamic mambo jambo :)	2010-11-04 16:44:34 +00:00
Miroslav Stampar	f1f7e0bfe0	fix for "unknown charset 'en_us'" (reported by ToR)	2010-11-04 13:56:01 +00:00
Miroslav Stampar	3aba0b1bec	minor update	2010-11-04 12:51:04 +00:00
Miroslav Stampar	63af5444fd	fix (NameError: global name 'DBMS' is not defined)	2010-11-04 12:47:34 +00:00
Bernardo Damele	91a3a582e8	Minor bug fix to avoid crash when running sqlmap behind a proxy server	2010-11-04 12:22:04 +00:00
Bernardo Damele	0e9515c540	Cosmetics	2010-11-04 12:21:06 +00:00
Miroslav Stampar	18aea251b3	added concept of tamper script priority	2010-11-04 10:29:40 +00:00
Miroslav Stampar	303359e8b1	refix	2010-11-04 09:34:04 +00:00
Miroslav Stampar	efe75aa8a3	added some debug messages	2010-11-04 09:18:32 +00:00
Bernardo Damele	b152b1a04d	Cosmetics	2010-11-03 22:07:13 +00:00
Miroslav Stampar	71d0b1bcd7	several bug fixes	2010-11-03 21:51:36 +00:00
Miroslav Stampar	44678fa320	fix for a bug reported by ToR (TypeError: unsupported operand type(s) for *: 'float' and 'NoneType')	2010-11-03 12:40:11 +00:00
Miroslav Stampar	6adee3792a	removed all trailing spaces from blank lines	2010-11-03 10:08:27 +00:00
Miroslav Stampar	cd0d4135ac	implemented --banner for MaxDB and some minor fixes	2010-11-02 20:51:55 +00:00
Miroslav Stampar	861706fb31	fix for bug reported by ToR (unknown charset 'utf-8, text/html')	2010-11-02 18:01:10 +00:00
Bernardo Damele	c7c84c3089	Closes #111 (DECLARE/CHAR encode xp_cmdshell parameter in MSSQL).	2010-11-02 15:31:51 +00:00
Miroslav Stampar	70f6eab715	minor update	2010-11-02 12:08:28 +00:00
Miroslav Stampar	685a8e7d2c	refactoring of hard coded dbms names	2010-11-02 11:59:24 +00:00
Miroslav Stampar	5269cb8c08	some code refactoring and beautification	2010-11-02 09:06:38 +00:00
Miroslav Stampar	13e93f564a	one bug fix in dynamic content engine and some code refactoring	2010-11-02 07:32:08 +00:00
Miroslav Stampar	73b33ed765	fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic	2010-11-01 20:56:13 +00:00
Bernardo Damele	486a113560	Consolidate logger messages for --*-test switches	2010-10-31 16:58:38 +00:00
Bernardo Damele	46be570463	Proper HTTP version display	2010-10-31 15:41:28 +00:00
Bernardo Damele	f3cc41601c	Added check on --first and --last values	2010-10-31 14:42:13 +00:00
Bernardo Damele	0ffffef088	Implemented --tamper for direct connection too (-d)	2010-10-31 14:22:32 +00:00
Bernardo Damele	65a0a8d285	Delegate urlencoding to agent.py only	2010-10-31 13:28:05 +00:00
Bernardo Damele	c7b374534b	Minor cosmetics	2010-10-31 12:29:00 +00:00
Bernardo Damele	617edf7fc2	Minor bug fix	2010-10-31 12:24:19 +00:00
Bernardo Damele	fcada4df0f	Removed debug print	2010-10-31 12:21:22 +00:00
Bernardo Damele	2a2f949275	Minor bug fix	2010-10-31 12:20:38 +00:00
Bernardo Damele	264247d318	revert of a stupid commit	2010-10-31 12:09:55 +00:00
Bernardo Damele	2fb059a644	Bug fix	2010-10-31 12:02:20 +00:00
Bernardo Damele	9d08cb3a6f	Revert r2209 and minor code refactoring	2010-10-31 11:51:45 +00:00
Bernardo Damele	3eda4510e2	Properly encode the cookie	2010-10-31 11:26:33 +00:00
Bernardo Damele	3869ccebe8	Minor code refactoring	2010-10-31 11:17:51 +00:00
Bernardo Damele	6afc9bffaa	Minor bug fix: there will always be only one pair of delimiters as we add it for each place	2010-10-31 11:09:29 +00:00
Bernardo Damele	3a48bee9b0	Minor code refactoring	2010-10-31 11:03:59 +00:00
Bernardo Damele	8cf0ebde1e	Cosmetics	2010-10-29 23:00:48 +00:00
Miroslav Stampar	0125198210	minor fix	2010-10-29 21:19:28 +00:00
Miroslav Stampar	cbf38436f2	minor update	2010-10-29 16:15:23 +00:00
Miroslav Stampar	5a38ac7ea9	important update regarding (Bug #209) - probably more will be needed	2010-10-29 16:11:50 +00:00
Bernardo Damele	a0df231aa4	Avoid waiting 30 seconds when cleaning up the dbms and file system from sqlmap data	2010-10-29 13:09:53 +00:00
Miroslav Stampar	f7d42af046	some fixes regarding --check-payload	2010-10-29 11:00:23 +00:00
Bernardo Damele	b3b2c3864a	Minor code refactoring	2010-10-29 10:51:09 +00:00
Miroslav Stampar	d75578c81f	some update regarding common tables	2010-10-29 09:00:51 +00:00
Miroslav Stampar	895efd28a6	one more update regarding Bug #205	2010-10-28 23:22:13 +00:00
Miroslav Stampar	788eb8fb50	update regarding Bug #205	2010-10-28 22:59:51 +00:00
Bernardo Damele	4f8e9da1b6	Minor bug fix to properly delete sqlmap temporary files on the database server file system at shutdown. ... Minor improvements at ICMPsh tunnel to cleanup properly the dbms at shutdown and avoid checking/writing sys_bineval() UDF as it's a PE and needs to be called by sys_exec() only. Got rid of useless doubleslash param in delRemoteFile() method. Major code refactoring to xp_cmdshell.py methods and parent calls.	2010-10-28 00:19:40 +00:00
Bernardo Damele	56c16cb471	Minor bug fixes and enhancements to ICMPsh tunnel	2010-10-27 23:01:17 +00:00
Bernardo Damele	a391be833b	Implemented ICMP tunneling for out-of-band takeover (--os-pwn) as an alternative to TCP tunneling (Metasploit). It relies on icmpsh, the back-end dbms server has to be Windows as the icmpsh slave runs on Windows only for the moment. sqlmap needs to be executed as root to work.	2010-10-27 21:02:22 +00:00
Bernardo Damele	43de8247ac	Code refactoring	2010-10-27 20:39:50 +00:00
Bernardo Damele	d554ffc0ae	yes, I am quite paranoid with cosmetics	2010-10-27 10:37:54 +00:00
Miroslav Stampar	5cc1bd8a12	major fix for heuristic check	2010-10-27 08:27:31 +00:00
Miroslav Stampar	4d70f2c210	reverting back to 100	2010-10-26 15:42:54 +00:00
Miroslav Stampar	8211e6a2bd	possible	2010-10-26 11:29:09 +00:00
Bernardo Damele	9b127e58d2	Adjusted for MySQL weirdness	2010-10-26 09:33:18 +00:00
Miroslav Stampar	8803096343	some update regarding beep()	2010-10-26 08:32:58 +00:00
Miroslav Stampar	b9ff91b6e9	update of beep	2010-10-26 06:30:27 +00:00
Miroslav Stampar	9ec9d223e1	minor	2010-10-26 06:08:40 +00:00
Bernardo Damele	f5904d0bc0	Major bug fix to --union-test	2010-10-25 23:39:55 +00:00
Bernardo Damele	7effd0c301	Cosmetics	2010-10-25 22:54:56 +00:00
Miroslav Stampar	73eea81b3a	minor cosmetics	2010-10-25 19:45:53 +00:00
Miroslav Stampar	d7bf94d4d6	fix for --beep	2010-10-25 19:16:42 +00:00
Miroslav Stampar	228ac0cde5	refactoring regarding --check-payload	2010-10-25 18:38:54 +00:00
Bernardo Damele	7c343c2d67	Forgot	2010-10-25 16:34:43 +00:00
Bernardo Damele	debaf2215f	Consistency between cmdline.py, optiondict.py and sqlmap.conf and got rid of --union-use switch	2010-10-25 15:54:45 +00:00
Miroslav Stampar	378653a1ec	added IDS payload testing	2010-10-25 15:37:43 +00:00
Bernardo Damele	bdb9c37a7e	Cosmetics	2010-10-25 15:17:59 +00:00
Bernardo Damele	215175e3b7	Minor code adjustments	2010-10-25 14:11:47 +00:00
Miroslav Stampar	24c5d7b313	code refactoring	2010-10-25 14:06:56 +00:00
Miroslav Stampar	9c94a233a1	conf.md5hash thrown out	2010-10-25 13:52:21 +00:00
Miroslav Stampar	9a3879feba	keeping things neat and tidy	2010-10-25 12:33:49 +00:00
Miroslav Stampar	32728d14b7	fix for --union-use with --error-test	2010-10-25 12:25:29 +00:00
Miroslav Stampar	71543092b7	update regarding comparison engine	2010-10-25 12:00:59 +00:00
Miroslav Stampar	8df7c88174	implementation of a new dynamic content removal engine	2010-10-25 10:41:37 +00:00
Miroslav Stampar	db260c44d3	minor update	2010-10-24 22:25:05 +00:00
Miroslav Stampar	aa931efd4d	several MySQL fixes/enhancements pointed out by Anton Mogilin	2010-10-24 22:05:14 +00:00
Miroslav Stampar	52f910f752	added --beep (tested on Windows and Linux; for now turned off) switch	2010-10-23 09:38:46 +00:00
Miroslav Stampar	98f5586b87	minor update	2010-10-23 08:05:24 +00:00
Miroslav Stampar	f1e2c1867f	Cosmetics	2010-10-22 21:13:12 +00:00
Miroslav Stampar	2194d47782	setting conf.threads when -o switch is used	2010-10-22 19:10:45 +00:00
Miroslav Stampar	e6e48c5556	fix for Bug #204	2010-10-22 18:23:46 +00:00
Bernardo Damele	1288def3b7	Cosmetics	2010-10-22 14:23:14 +00:00
Miroslav Stampar	dec4d858b3	fix for Bug #207	2010-10-22 14:01:48 +00:00
Miroslav Stampar	1b2ec826bf	misc fixes regarding new query retrieval format	2010-10-21 23:17:06 +00:00
Miroslav Stampar	a9b50a1e82	minor fix	2010-10-21 23:09:57 +00:00
Miroslav Stampar	bc79eec702	removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)	2010-10-21 13:13:12 +00:00
Miroslav Stampar	be443c6947	refactoring regarding __START__,...	2010-10-21 09:51:07 +00:00
Miroslav Stampar	2668c95ef4	added default HTTP version used by httplib and urllib2	2010-10-21 09:10:07 +00:00
Bernardo Damele	7f1aa3b94f	Removed unused imports	2010-10-20 22:48:51 +00:00
Bernardo Damele	c60edf7c17	Minor cosmetics	2010-10-20 22:43:02 +00:00
Bernardo Damele	d8bfa76dca	Minor possible bug fix	2010-10-20 22:12:53 +00:00
Bernardo Damele	e73e06069b	Minor code refactoring	2010-10-20 22:09:03 +00:00
Bernardo Damele	862cc9ac53	Minor cosmetic fixes	2010-10-20 21:58:33 +00:00
Bernardo Damele	3b5c5cc457	Minor possible bug fix	2010-10-20 21:49:05 +00:00
Bernardo Damele	f95098693f	Removed unused functions	2010-10-20 21:16:28 +00:00
Bernardo Damele	430bb7478f	Minor bug fix	2010-10-20 21:15:06 +00:00
Miroslav Stampar	34f70657ee	fix for NULL values	2010-10-20 10:29:18 +00:00
Miroslav Stampar	00449f1402	fix/upgrade/chicken soup	2010-10-20 09:54:17 +00:00
Miroslav Stampar	e24bff0497	nice refactoring	2010-10-20 09:46:57 +00:00
Miroslav Stampar	5d3cbec457	no more regex. web server independent.	2010-10-20 09:35:46 +00:00
Miroslav Stampar	934adb5e8d	code refactoring	2010-10-20 09:09:04 +00:00
Miroslav Stampar	b032fdbf74	added randInt to error injection vectors	2010-10-20 08:56:58 +00:00
Miroslav Stampar	dabbcf9e23	fix for that 'Subquery returns more than 1 row'	2010-10-20 08:50:05 +00:00
Miroslav Stampar	82f44989ce	update of error based injection and bug fix for --roles on MSSQL server	2010-10-20 06:40:33 +00:00
Bernardo Damele	0817d1b78d	Cosmetics	2010-10-19 23:09:30 +00:00
Miroslav Stampar	8776db872c	minor refactoring	2010-10-19 23:05:24 +00:00
Miroslav Stampar	1b376c99a6	removed temp dictionary and replaced with kb.misc	2010-10-19 23:00:19 +00:00
Bernardo Damele	813f44da16	Minor bug fix for MSSQL connector --tables option	2010-10-19 22:11:17 +00:00
Miroslav Stampar	7927e97007	update	2010-10-19 18:34:57 +00:00
Miroslav Stampar	415524bd5a	remove --error, now it's only --error-test (it needs to return True to be able to use it)	2010-10-19 18:34:14 +00:00
Miroslav Stampar	8d9201a3dc	minor update	2010-10-19 18:23:21 +00:00
Miroslav Stampar	4009ef385e	more update regarding error based injection support	2010-10-19 18:17:34 +00:00
Miroslav Stampar	b2e0b615f8	fix for that MySQL checking	2010-10-19 17:38:39 +00:00
Miroslav Stampar	34d7de1d46	cosmetics	2010-10-19 15:28:54 +00:00
Miroslav Stampar	d7622bb9cf	major fix for MySQL error based injections	2010-10-19 15:17:16 +00:00
Miroslav Stampar	80505de15b	now --users work on Oracle and Postgre (tested)	2010-10-19 14:56:57 +00:00
Miroslav Stampar	4bc541ec3c	error based update	2010-10-19 14:47:13 +00:00
Miroslav Stampar	d0ebe428da	i've left error flag	2010-10-19 14:12:34 +00:00
Miroslav Stampar	bf850af2d8	fix for Oracle error based query "space" problem	2010-10-19 14:10:09 +00:00
Miroslav Stampar	6a8b1046d4	first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)	2010-10-19 12:02:04 +00:00
Miroslav Stampar	ccda92536f	added header	2010-10-19 09:13:30 +00:00
Miroslav Stampar	264e0a6fda	added support for displaying revision number at unhandled exception message	2010-10-19 08:55:14 +00:00
Miroslav Stampar	9a7fd29d4f	using pushValue and popValue	2010-10-18 22:22:41 +00:00
Miroslav Stampar	a97319656c	optimization - now if DBMS was detected by error based HTML parser, then it's moved at the first place for testing	2010-10-18 21:47:11 +00:00
Miroslav Stampar	729156e91c	proper fix	2010-10-18 21:39:46 +00:00
Miroslav Stampar	3d5494845c	minor bug fix	2010-10-18 21:32:50 +00:00
Miroslav Stampar	8b8fff41fe	cosmetics (adding html parsed DBMS) regarding heuristic check	2010-10-18 12:11:16 +00:00
Bernardo Damele	1d74036ee3	Minor cosmetic fixes	2010-10-18 11:34:53 +00:00
Bernardo Damele	36bc410333	Minor bug fix	2010-10-18 09:50:23 +00:00
Miroslav Stampar	6b70dadfb2	minor cosmetics	2010-10-18 09:09:22 +00:00
Miroslav Stampar	149837ebf5	added the same for proxy authorization header	2010-10-18 09:02:56 +00:00
Miroslav Stampar	aaebb4336e	fix for Bug #202	2010-10-18 08:54:08 +00:00
Bernardo Damele	683184cc8f	Minor refactoring	2010-10-17 21:06:52 +00:00
Bernardo Damele	cd0fe8dde0	Updated sample configuration file and cmdline help	2010-10-17 00:07:53 +00:00
Bernardo Damele	64b9f94fcf	Renamed --common-prediction switch to --predict-output	2010-10-16 23:50:13 +00:00
Bernardo Damele	f54c134d22	Minor adjustment	2010-10-16 22:43:05 +00:00
Bernardo Damele	6211915da5	Cosmetic fix	2010-10-16 22:31:16 +00:00
Bernardo Damele	7b71262de6	Cosmetic fix	2010-10-16 22:07:29 +00:00
Bernardo Damele	a2997a6dce	Minor bug fix to --tamper	2010-10-16 21:55:34 +00:00
Bernardo Damele	2129935e06	Split character for tamper scripts (--tamper option) is now comma, not semi-colon. ... Minor enhancement	2010-10-16 21:52:16 +00:00
Bernardo Damele	2dae934a2b	Minor bug fixes, code refactoring and enhanced --tamper functionality	2010-10-16 21:33:15 +00:00
Bernardo Damele	84ed7f192a	Cosmetic fixes	2010-10-16 15:10:48 +00:00
Miroslav Stampar	1336b97c2c	removed --useBetween switch and added new tampering module ./tamper/between.py	2010-10-15 23:48:07 +00:00
Miroslav Stampar	1ae4d0fc2a	added optimization group	2010-10-15 23:26:48 +00:00
Bernardo Damele	e7c8be1d45	Minor layout adjustments	2010-10-15 15:37:15 +00:00
Miroslav Stampar	c9f0c75030	removed --space (usage of tampering modules is now a prefered way to do it)	2010-10-15 12:52:33 +00:00
Miroslav Stampar	d0514d18ec	removed that spaces from URI payloads	2010-10-15 12:49:03 +00:00
Bernardo Damele	bf56f8c63c	Cosmetic fix	2010-10-15 12:46:41 +00:00
Miroslav Stampar	dcb9c2103a	just in case update	2010-10-15 11:20:19 +00:00
Bernardo Damele	5f6d88a418	Minor comment	2010-10-15 11:17:17 +00:00
Miroslav Stampar	2fa8836c01	bug fix	2010-10-15 11:14:59 +00:00
Miroslav Stampar	d50684a057	added one more check	2010-10-15 11:05:50 +00:00
Miroslav Stampar	2b476e078c	minor cosmetics	2010-10-15 10:36:29 +00:00
Bernardo Damele	a80f6110cd	don't call variables 'file', it's a reserved word :)	2010-10-15 10:29:24 +00:00
Bernardo Damele	c5e385f77a	More layout adjustments	2010-10-15 10:28:34 +00:00
Bernardo Damele	9fcab68700	Minor adjustments	2010-10-15 10:28:06 +00:00
Bernardo Damele	48cc8a308d	More verbose messages on successful --null-connection	2010-10-15 10:24:54 +00:00
Miroslav Stampar	0f48dd6f73	fix for skipping non-GET urls	2010-10-15 09:54:29 +00:00
Miroslav Stampar	207bef7f19	fix for that SQLite3 vs SQLite2 issue	2010-10-15 09:39:41 +00:00
Miroslav Stampar	d0df8cdac9	fix for that duplicates	2010-10-15 00:34:16 +00:00
Miroslav Stampar	4f7f20b94f	sorry, cosmetics	2010-10-14 23:18:29 +00:00
Bernardo Damele	1674142d82	Minor cosmetic fixes	2010-10-14 15:28:54 +00:00
Miroslav Stampar	2bbe0c9ba6	bug fix for Ctrl+C	2010-10-14 15:23:42 +00:00
Miroslav Stampar	8b48833136	large commit with copyright header modifications	2010-10-14 14:41:14 +00:00
Miroslav Stampar	f07608ef4d	show static words in a sorted manner	2010-10-14 12:38:06 +00:00
Miroslav Stampar	162d01abed	commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...)	2010-10-14 11:06:28 +00:00
Miroslav Stampar	7e1f784eaa	cosmetic update	2010-10-14 06:00:10 +00:00
Miroslav Stampar	dc50543ea4	major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects)	2010-10-13 23:01:23 +00:00
Miroslav Stampar	36ef8ca575	bug fix	2010-10-13 22:42:48 +00:00
Miroslav Stampar	02a14d4c45	added Referer (part of Feature #37)	2010-10-13 22:08:09 +00:00
Miroslav Stampar	43a3ac2c3a	some bug fixes	2010-10-13 20:54:18 +00:00
Miroslav Stampar	f700692c74	added missing files for Sybase	2010-10-13 18:55:17 +00:00
Miroslav Stampar	562df9c107	temporary fix (files left at home)	2010-10-13 07:39:48 +00:00
Miroslav Stampar	34580f56fc	added --tamper option	2010-10-12 22:45:25 +00:00
Miroslav Stampar	9a08f7feb8	minor update	2010-10-12 20:01:59 +00:00
Miroslav Stampar	d2ec132469	added --text-only switch	2010-10-12 19:41:29 +00:00
Miroslav Stampar	f9f79ffbaf	basic stuff for sybase	2010-10-12 19:05:12 +00:00
Miroslav Stampar	9ffa928783	added some user interaction when page is dynamic	2010-10-12 15:49:04 +00:00
Miroslav Stampar	b748e6ea44	minor update	2010-10-12 12:52:06 +00:00
Miroslav Stampar	73b77255e3	minor cosmetic update	2010-10-12 12:32:02 +00:00
Miroslav Stampar	6dcd05c39c	minor update	2010-10-11 14:38:04 +00:00
Miroslav Stampar	e2bbfbe650	bug fix	2010-10-11 14:32:02 +00:00
Miroslav Stampar	1369529103	minor cosmetic update	2010-10-11 13:52:32 +00:00
Miroslav Stampar	43892cddbb	some updates	2010-10-11 12:26:35 +00:00
Miroslav Stampar	8b0a132fa9	minor update	2010-10-11 11:47:07 +00:00
Miroslav Stampar	2198a60684	bug fix (reported by james@ev6.net)	2010-10-10 20:51:11 +00:00
Miroslav Stampar	7a5bb2b0d6	update	2010-10-10 19:50:10 +00:00
Miroslav Stampar	8fcad29bbf	new feature --forms (still unfinished)	2010-10-10 18:56:43 +00:00
Miroslav Stampar	18d27cabc5	more changes	2010-10-07 15:34:17 +00:00
Miroslav Stampar	440ff639bb	more refactoring	2010-10-07 14:05:34 +00:00
Miroslav Stampar	e80a66acc5	minor update	2010-10-07 12:21:59 +00:00
Miroslav Stampar	1e9ae40397	major refactoring	2010-10-07 12:12:26 +00:00
Miroslav Stampar	1bf8939e2f	further updates	2010-10-06 22:43:04 +00:00
Miroslav Stampar	de6fa1247b	moved injections to xml format	2010-10-06 22:29:52 +00:00
Miroslav Stampar	adf2231edb	minor update	2010-10-06 13:38:03 +00:00
Miroslav Stampar	56dbf0038f	minor update (for future implementation of more advanced error page logic)	2010-10-06 12:10:00 +00:00
Miroslav Stampar	cbe7c902c1	just a development start of an error based injection support	2010-10-04 13:05:51 +00:00
Miroslav Stampar	0ad8090ad8	fix for a google bug reported by Brandon E.	2010-10-01 08:03:39 +00:00
Miroslav Stampar	49915f3c33	minor update	2010-09-30 19:49:14 +00:00
Miroslav Stampar	8abcdae1b5	some update	2010-09-30 19:45:23 +00:00
Miroslav Stampar	87abec16bd	probable fix for a bug reported by Prashant Jadhav	2010-09-30 18:52:33 +00:00
Miroslav Stampar	cf8e92699c	changes regarding EXISTS feature	2010-09-30 12:35:45 +00:00
Miroslav Stampar	c6bf0e43af	minor update	2010-09-27 13:41:18 +00:00
Miroslav Stampar	cf17debf79	changed connection message priority to critical (when verbose=0 it's displayed too)	2010-09-27 13:34:52 +00:00
Miroslav Stampar	3cd15960a0	more updates	2010-09-27 13:26:46 +00:00
Miroslav Stampar	1da672e3c5	added default="False" to "store_true" parameters as it's a prefered way by http://docs.python.org/library/optparse.html	2010-09-27 13:23:29 +00:00
Miroslav Stampar	3b9fe3e1c8	everything is ready for testing (smoke and live)	2010-09-27 11:20:48 +00:00
Miroslav Stampar	dc11ae0d65	update	2010-09-26 14:56:55 +00:00
Miroslav Stampar	35f35605df	changes regarding Feature #160	2010-09-26 14:02:13 +00:00
Miroslav Stampar	99d9f9e624	update for smoke testing	2010-09-26 10:47:04 +00:00
Miroslav Stampar	2e5f269650	update regarding --space option	2010-09-24 22:35:32 +00:00
Miroslav Stampar	9cd5d3bde7	added new option --space	2010-09-24 21:59:03 +00:00
Miroslav Stampar	327bfcbe97	update regarding Feature #61	2010-09-24 14:34:05 +00:00
Miroslav Stampar	b6ff03690f	update regarding Feature #61	2010-09-24 13:34:46 +00:00
Miroslav Stampar	abe1289016	minor update	2010-09-24 13:20:51 +00:00
Miroslav Stampar	48e0261e68	update for Feature #61	2010-09-24 13:19:35 +00:00
Miroslav Stampar	ff419f7384	more changes regarding path (URI) injection	2010-09-24 09:19:14 +00:00
Miroslav Stampar	e4925eb3dd	update	2010-09-23 21:57:11 +00:00
Miroslav Stampar	13bb3a6212	minor update	2010-09-23 14:07:23 +00:00
Miroslav Stampar	927ad7bf13	update	2010-09-22 12:21:21 +00:00
Miroslav Stampar	da8ae5578b	first commit regarding Feature #144	2010-09-22 11:56:35 +00:00
Miroslav Stampar	540a9b391f	stripped some trailing spaces	2010-09-16 13:19:13 +00:00
Miroslav Stampar	8cf1aa6abe	added keepAlive under -o switch too	2010-09-16 10:41:52 +00:00
Miroslav Stampar	4fd7db52dd	minor update	2010-09-16 10:23:51 +00:00
Miroslav Stampar	6259114c02	added optimization switch (-o)	2010-09-16 10:12:53 +00:00
Miroslav Stampar	bfffd5e333	added --null-connection as an experimental option	2010-09-16 10:01:33 +00:00
Miroslav Stampar	975b96ae28	minor refactoring	2010-09-16 09:47:33 +00:00
Miroslav Stampar	1741801ade	implementation of HEAD/Range methods	2010-09-16 09:32:09 +00:00
Miroslav Stampar	b745331974	added null connection check	2010-09-16 08:43:10 +00:00
Miroslav Stampar	ecd6b573f7	added method parameter to the queryPage function	2010-09-15 14:17:17 +00:00
Miroslav Stampar	9a72a25704	again minor update	2010-09-15 13:59:55 +00:00
Miroslav Stampar	76233ff5a3	added skeleton for live testing	2010-09-15 13:55:28 +00:00
Miroslav Stampar	53800ef65f	more refactoring	2010-09-15 13:32:42 +00:00
Miroslav Stampar	abc12bc361	more refactoring	2010-09-15 13:28:56 +00:00
Miroslav Stampar	682872689a	some more refactoring	2010-09-15 12:59:51 +00:00
Miroslav Stampar	91a0b5df3c	minor update	2010-09-15 12:52:28 +00:00
Miroslav Stampar	b699f98cbb	minor refactoring	2010-09-15 12:51:02 +00:00
Miroslav Stampar	34a8cd75e3	added support for setting HTTP method manualy	2010-09-15 12:45:41 +00:00
Miroslav Stampar	798ab4989b	fix for a Bug #200	2010-09-14 10:35:01 +00:00
Miroslav Stampar	77a53228c5	changes regarding dynamic content recognition	2010-09-13 21:01:46 +00:00
Miroslav Stampar	c886659f82	fix	2010-09-13 15:24:56 +00:00
Miroslav Stampar	827cd1d56b	minor fix	2010-09-13 15:22:29 +00:00
Miroslav Stampar	2350a3c74d	minor change	2010-09-13 15:20:13 +00:00
Miroslav Stampar	cdc6bdcbe8	changes	2010-09-13 15:19:47 +00:00
Miroslav Stampar	19fb2e3dcf	fix for Bug #165	2010-09-13 13:31:01 +00:00
Miroslav Stampar	61120b0bac	minor comment added	2010-09-09 14:08:53 +00:00
Miroslav Stampar	53289c6a42	fix for bug reported by Marek Sarvas (unicode)	2010-09-09 14:03:45 +00:00
Miroslav Stampar	1b3d287a09	fix for a bug reported by shaohua pan (and one other bug)	2010-09-07 10:21:42 +00:00
Miroslav Stampar	27d76847fe	fix for bug reported by Truong Duc Luong	2010-09-01 08:46:21 +00:00
Miroslav Stampar	e810fe7b0b	no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions	2010-08-31 13:37:53 +00:00
Miroslav Stampar	f5953bacc0	fix for direct connection parsing (now on windows machines python sqlmap.py -d access://C:\testdb.mdb is valid, while before it wasn't)	2010-08-30 16:35:28 +00:00
Miroslav Stampar	48cc87f6a9	added support for fingerprinting SAP MaxDB (Issue 143)	2010-08-30 13:29:19 +00:00
Miroslav Stampar	436b7d82fb	fixed a bug reported by Marek Sarvas	2010-08-22 08:52:15 +00:00
Miroslav Stampar	2cd8f31003	some doc test samples included	2010-08-20 21:27:47 +00:00
Miroslav Stampar	4edf6ebe00	update for smoke tests	2010-08-20 21:01:51 +00:00
Miroslav Stampar	8aa12db425	added option --proxy-cred for setting proxy credentials (Feature #195)	2010-08-18 22:45:00 +00:00
Miroslav Stampar	70197affa0	little update (--ratio has a bigger priority then resumed value)	2010-08-10 19:57:59 +00:00
Miroslav Stampar	057ec8a6b2	added --ratio option for direct manipulation of conf.matchRatio parameter	2010-08-10 19:53:29 +00:00
Miroslav Stampar	02523dbfb5	fix of fix	2010-08-09 22:13:56 +00:00
Miroslav Stampar	6eab7997d1	fix for bug reported by dragoun dash (TypeError: sequence item 0: expected string, NoneType found)	2010-08-08 22:25:33 +00:00
Miroslav Stampar	e0fe5d1504	bug fix for error reported by Marek Sarvas (error data)	2010-08-08 21:48:22 +00:00
Miroslav Stampar	0cab4a5355	fix for bug reported by m4l1c3 (UnicodeEncodeError)	2010-08-08 21:22:37 +00:00
Miroslav Stampar	8cb95583e3	some more adjustments	2010-07-30 12:59:44 +00:00
Miroslav Stampar	7dcc2031ac	smoke test adjustments	2010-07-30 12:57:58 +00:00
Miroslav Stampar	092829c189	implemented basic smoke testing mechanism	2010-07-30 12:49:25 +00:00
Miroslav Stampar	28d9115373	fix for Feature #187 (Skip duplicates parameters in -g)	2010-07-29 20:01:04 +00:00
Miroslav Stampar	6a6ff09c9a	fix for a bug reported by Marek Sarvas	2010-07-26 08:11:28 +00:00
Miroslav Stampar	c39d819dd2	fix for a resume bug reported by Augusto Urbieta	2010-07-20 08:13:02 +00:00
Miroslav Stampar	d2f88b6ebe	detecting infinite redirect loops (Feature #192)	2010-07-19 12:38:30 +00:00
Miroslav Stampar	b37dca1c2c	minor adjustment	2010-07-19 09:06:19 +00:00
Miroslav Stampar	9edd468caf	multithreading save to session on abort	2010-07-19 08:37:45 +00:00
Miroslav Stampar	48a67d6d51	fix for "unknown charset 'windows-874'" reported by Phat R.	2010-07-15 08:44:42 +00:00
Bernardo Damele	49af0c43a5	Forgot	2010-07-01 15:26:18 +00:00
Bernardo Damele	7349f3a70f	Closes #197	2010-07-01 15:25:57 +00:00
Miroslav Stampar	bb9401ba52	minor minor fixup	2010-07-01 14:14:43 +00:00
Miroslav Stampar	9d28ae23ca	fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval)	2010-07-01 14:11:45 +00:00
Bernardo Damele	8dfe08a353	Minor bug fix to -d	2010-07-01 10:44:31 +00:00
Miroslav Stampar	0d08903bc3	some charset fix up	2010-06-30 12:09:33 +00:00
Bernardo Damele	24428c1a1b	Added warning message if both --proxy and --keep-alive are provided	2010-06-30 11:41:42 +00:00
Bernardo Damele	d40a238335	Make --keep-alive public	2010-06-30 11:29:35 +00:00
Bernardo Damele	8625763c07	Minor code refactoring	2010-06-30 11:22:25 +00:00
Bernardo Damele	c33f3ef844	Minor adjustment to HTTP headers handling	2010-06-29 23:51:44 +00:00
Bernardo Damele	fb9f669544	More verbose comments	2010-06-29 21:10:33 +00:00
Bernardo Damele	8576817a2b	Added support for SOAP requests: fixed, extended and tested a user's patch - closes #196.	2010-06-29 21:07:23 +00:00
Bernardo Damele	ea45d75f2d	Major bug fix to parse and store all HTTP headers from the request file (-r)	2010-06-29 21:06:03 +00:00
Bernardo Damele	7cad3cbda6	Minor code refactoring	2010-06-28 13:47:20 +00:00
Bernardo Damele	9ea72f9640	Minor bug fixes to -d	2010-06-25 13:24:43 +00:00
Miroslav Stampar	ccfc9b0fec	fix for that bug linux man reported (UnicodeEncodeError inside raw_input)	2010-06-23 07:30:15 +00:00
Bernardo Damele	17e228024b	Minor enhancements and bug fixes to "good samaritan" feature - see #4	2010-06-21 14:40:12 +00:00
Bernardo Damele	b98f6ac71c	Minor layout adjustment	2010-06-17 13:27:43 +00:00
Bernardo Damele	fd76f048b6	Added common pattern value support to bisection algorithm	2010-06-17 11:38:32 +00:00
Bernardo Damele	9bce22683b	Minor bug fix and adjustment to deal with Keep-Alive also against Google (-g)	2010-06-11 10:08:19 +00:00
Bernardo Damele	c23ea4c749	--keep-alive is not compatible with --proxy	2010-06-10 21:19:45 +00:00
Bernardo Damele	75dc44deb8	Minor adjustments	2010-06-10 15:34:28 +00:00
Miroslav Stampar	35642a0450	some more adjustments	2010-06-10 15:03:08 +00:00
Miroslav Stampar	1b30c46348	fix for an bug reported by David Guimaraes	2010-06-10 14:52:33 +00:00
Bernardo Damele	fea2414759	Display HTTP request in -v>=3 even if connection failed	2010-06-10 14:42:17 +00:00
Bernardo Damele	5bb8e154eb	Minor code improvements	2010-06-10 14:15:32 +00:00
Bernardo Damele	d3c8e461cf	Minor layout adjustments	2010-06-10 14:14:56 +00:00
Miroslav Stampar	ac55e1b75f	fix for localhost firebird direct db access	2010-06-10 12:02:48 +00:00
Miroslav Stampar	36953221f8	few quick changes	2010-06-10 11:34:17 +00:00
Miroslav Stampar	c398353e06	support for loading 'faulty character set' session files	2010-06-09 16:07:47 +00:00
Miroslav Stampar	eaef068c90	major bug fix (different HTTP content charsets are now properly handled)	2010-06-09 14:40:36 +00:00
Miroslav Stampar	38e5e342f8	added prettyprint module with fixed toprettyxml() method	2010-06-07 09:03:03 +00:00
Miroslav Stampar	9e76b847b3	fix regarding bug discovered by Andreas Constantinides	2010-06-04 17:07:17 +00:00
Miroslav Stampar	7fbeebc4d9	grammar fix	2010-06-03 08:55:13 +00:00
Miroslav Stampar	464f171a8c	added reusage of xml output and removed toprettyxml which has lots and lots of problems (output once stored is not usable any more from any xml parser/reader because it adds whitespaces all over the output just to be more 'human' readable)	2010-06-03 07:36:30 +00:00
Miroslav Stampar	bf071d33d2	some comments added	2010-06-02 15:18:33 +00:00
Miroslav Stampar	c470255c18	minor update	2010-06-02 14:56:39 +00:00
Miroslav Stampar	12a5ec9f3d	more unicode refactoring	2010-06-02 12:45:40 +00:00
Miroslav Stampar	2fb8bf3b6a	more dump/unicode cleanup	2010-06-02 12:31:36 +00:00
Bernardo Damele	64ad3b03be	Minor bug fix	2010-06-02 11:01:41 +00:00
Miroslav Stampar	17e0e83990	minor unimportant update	2010-06-02 08:34:57 +00:00
Miroslav Stampar	32a0ba9296	fixing unicode mess	2010-06-02 08:28:38 +00:00
Miroslav Stampar	eb94edc48c	added keepalive module	2010-06-01 12:21:10 +00:00
Miroslav Stampar	af2f184464	some comments regarding inference.py	2010-05-31 15:20:20 +00:00
Bernardo Damele	6df2d98fc9	Minor bug fix in common.py goGoodSamaritan(). ... Minor code cleanup and adjustments.	2010-05-31 15:05:29 +00:00
Miroslav Stampar	db7ede96fd	more updates/fixes	2010-05-31 11:11:53 +00:00
Miroslav Stampar	4bb5885413	some changes regarding --common-outputs feature	2010-05-31 09:41:41 +00:00
Miroslav Stampar	0450df8a77	added kb.cache for storing cached results (e.g. kb.cache.regex for storing compiled regular expressions and kb.cache.md5 for storing precalculated MD5 values during '--users --common-prediction' session)	2010-05-31 08:13:08 +00:00
Bernardo Damele	b798222dd7	Minor fixes	2010-05-30 14:53:13 +00:00
Bernardo Damele	8be91a98cc	Minor bug fix and adjustment	2010-05-29 15:28:37 +00:00
Bernardo Damele	e98b049e7f	Added unicode support also to PostgreSQL connector - see #184.	2010-05-29 11:46:41 +00:00
Bernardo Damele	89c721a451	More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files.	2010-05-29 10:10:28 +00:00
Bernardo Damele	84778f0e6c	Minor fix, leave like this	2010-05-29 08:58:55 +00:00
Miroslav Stampar	a4155269c5	bug fix (unicode(unicode) results in “TypeError: decoding Unicode is not supported” (http://www.red-mercury.com/blog/eclectic-tech/python-mystery-of-the-day/)	2010-05-29 07:25:38 +00:00
Miroslav Stampar	d3e527aba3	minor update	2010-05-29 07:13:54 +00:00
Bernardo Damele	e811101dce	Minor bug fix	2010-05-28 23:39:52 +00:00
Bernardo Damele	10521b68eb	Major bug fix in multipartpost and minor adjustments elsewhere	2010-05-28 23:12:20 +00:00
Bernardo Damele	06af405efd	Adapted and merged in patch to support XML output (-x switch) - still in beta. ... Minor bug fixes and adjustments.	2010-05-28 16:43:04 +00:00
Bernardo Damele	a138dbe5f6	Minor bug fixes and code refactoring	2010-05-28 15:57:43 +00:00
Miroslav Stampar	919a8345d6	minor fix	2010-05-28 15:30:02 +00:00
Miroslav Stampar	ad3c425a18	quick fix	2010-05-28 15:26:55 +00:00
Miroslav Stampar	ac6ce478a0	just removing unneded and possible future source of confusion	2010-05-28 14:19:12 +00:00
Miroslav Stampar	accaf0b3bd	minor refactoring	2010-05-28 14:07:48 +00:00
Miroslav Stampar	0f5768cddf	more and more fixes	2010-05-28 14:04:34 +00:00
Miroslav Stampar	a3db3c03c1	str() -> unicode()	2010-05-28 13:05:02 +00:00
Miroslav Stampar	f24187f251	few fixes here and there	2010-05-28 12:47:03 +00:00
Bernardo Damele	7e78876f6a	Minor bug fix to parse properly also unicode characters from configuration file	2010-05-28 12:07:30 +00:00
Miroslav Stampar	94354d0862	removing previous fix	2010-05-28 11:53:27 +00:00
Miroslav Stampar	37b8d0c480	utf8 decoding of program arguments	2010-05-28 11:48:44 +00:00
Bernardo Damele	f26de89216	Minor bug fix to correctly deal with unicode queries with -d	2010-05-28 11:32:10 +00:00
Miroslav Stampar	655bd79fc4	some renaming	2010-05-28 10:50:54 +00:00
Miroslav Stampar	838762fb00	previous quick fix removal	2010-05-28 10:38:23 +00:00
Miroslav Stampar	7ef286a76f	some speed up	2010-05-28 10:33:09 +00:00
Miroslav Stampar	48c0f4f053	minor fix	2010-05-28 10:17:03 +00:00
Miroslav Stampar	4eccf1a25d	quick fix	2010-05-28 10:01:19 +00:00
Miroslav Stampar	f36e093fa7	minor update	2010-05-28 09:13:50 +00:00
Bernardo Damele	7e925bcfe8	Adapted code following last commit	2010-05-27 16:46:17 +00:00
Bernardo Damele	9de1671b8f	Code refactoring and minor bug fixes.	2010-05-27 16:45:09 +00:00
Miroslav Stampar	c431a74d9e	minor fix/adjustment regarding getCompiledRegex	2010-05-27 11:52:18 +00:00
Miroslav Stampar	ce29c841cf	some comments added	2010-05-26 11:14:22 +00:00
Miroslav Stampar	1a3dfd8ced	some more changes	2010-05-26 11:01:26 +00:00
Miroslav Stampar	bbdbe44e3f	fuck yea, first tests (MySQL/--tables & --common-prediction) are great :)	2010-05-26 10:41:37 +00:00
Miroslav Stampar	7f0db26e99	more code updates regarding good samaritan (common output) feature	2010-05-26 09:48:20 +00:00
Miroslav Stampar	8ed76b3024	minor update regarding good samaritan	2010-05-25 14:51:02 +00:00
Miroslav Stampar	065d5b02ec	added singleValue parameter for good samaritan (same thing Bernardo wanted :)	2010-05-25 13:51:03 +00:00
Miroslav Stampar	056d1ad76e	new commit regarding good samaritan feature	2010-05-25 13:06:23 +00:00
Miroslav Stampar	dc83f794ea	fix regarding proper string isinstance checking (including unicode)	2010-05-25 10:09:35 +00:00
Miroslav Stampar	1f07db875d	fix for that float() report from Shaohua Pan	2010-05-24 20:12:37 +00:00
Bernardo Damele	a43eb64c5d	Minor refactoring	2010-05-24 15:46:12 +00:00
Miroslav Stampar	f718425cf4	minor fix	2010-05-24 11:18:47 +00:00
Miroslav Stampar	0197f8db5c	code refactoring regarding issue #184	2010-05-24 11:12:40 +00:00
Miroslav Stampar	e9be60e1ac	added support for proper unicode session(s) storage/retrieval	2010-05-24 11:00:49 +00:00
Miroslav Stampar	f34e6badfd	removed pdb	2010-05-24 09:29:16 +00:00
Miroslav Stampar	f0d3e6c565	fix	2010-05-24 09:28:20 +00:00
Miroslav Stampar	887352746b	some speedup (usage of xrange (virtual range) instead of range)	2010-05-23 22:14:57 +00:00
Miroslav Stampar	2c2d6d3623	operator fix	2010-05-23 21:35:42 +00:00
Miroslav Stampar	7dc1bf0324	quick (probably not final) fix for unicode inference (not yet tested)	2010-05-23 21:32:51 +00:00
Bernardo Damele	03fb84e29f	Minor enhancement to internal --profile function	2010-05-21 15:06:05 +00:00
Miroslav Stampar	20d05cc404	way to handle re.I (ignore case) while using getCompiledRegex	2010-05-21 15:03:40 +00:00
Miroslav Stampar	5d5ebd49b6	introducing regex caching mechanism	2010-05-21 14:42:59 +00:00
Miroslav Stampar	14cab8527e	minor adjustment	2010-05-21 14:25:38 +00:00
Miroslav Stampar	3110bb10fc	added test for site existance	2010-05-21 13:36:49 +00:00
Bernardo Damele	7ee20480a4	Added a TODO note	2010-05-21 13:24:23 +00:00
Bernardo Damele	319adef8c4	Minor adjustment	2010-05-21 13:19:50 +00:00
Miroslav Stampar	050015d2bb	minor adjustments	2010-05-21 13:15:21 +00:00
Miroslav Stampar	5a5b31ad53	minor code adjustment	2010-05-21 13:03:57 +00:00
Miroslav Stampar	64f2afe585	in a mood for more changes	2010-05-21 12:44:09 +00:00
Miroslav Stampar	219628aa01	quick fixes	2010-05-21 12:25:49 +00:00
Miroslav Stampar	78547bb79e	quick fix	2010-05-21 12:19:20 +00:00
Bernardo Damele	cda8da288c	Minor adjustment	2010-05-21 12:18:43 +00:00
Bernardo Damele	a21a7fc56d	Minor code refactoring	2010-05-21 12:09:31 +00:00
Miroslav Stampar	f6bffb61d3	minor adjustment	2010-05-21 11:51:43 +00:00
Miroslav Stampar	460a1ba872	fix for my imperfect calculations :)	2010-05-21 11:41:49 +00:00
Miroslav Stampar	9b91b30b69	minor refactoring	2010-05-21 10:41:30 +00:00
Miroslav Stampar	5f44696530	changes regarding putting of gprof2dot script inside extras and its usage	2010-05-21 10:30:11 +00:00
Miroslav Stampar	68e13c3872	periodical commit	2010-05-21 09:35:36 +00:00
Bernardo Damele	9c1d82c9f7	Minor bug fix to --proxy with HTTPS target on Python 2.6 - fixes #191.	2010-05-20 10:52:14 +00:00
Bernardo Damele	72fda2a3e4	Minor bug fix to correctly resuming --union-test results from session file.	2010-05-19 14:21:59 +00:00
Bernardo Damele	e0e2349529	Refactor to --search -C and minor bug fix - See #190.	2010-05-17 16:16:49 +00:00
Miroslav Stampar	e938331d8e	better regex used avoiding garbage google images	2010-05-15 22:02:28 +00:00
Miroslav Stampar	d20b99ed65	fix (google is changing that class r to class "r")	2010-05-15 21:51:31 +00:00
Miroslav Stampar	b8a5a54395	minor update	2010-05-15 20:44:08 +00:00
Miroslav Stampar	4984ceac49	some code refactoring and minor speed up (jump prediction rule)	2010-05-14 15:20:34 +00:00
Miroslav Stampar	ed20f1cf33	some more speed up (one time compilation of popular regexes)	2010-05-14 14:48:54 +00:00
Miroslav Stampar	3ead88c364	minor tweak	2010-05-14 14:36:54 +00:00
Miroslav Stampar	131789a6e4	some code refactoring	2010-05-14 14:21:13 +00:00
Miroslav Stampar	19a82e151c	minor cleanup	2010-05-14 14:03:33 +00:00
Miroslav Stampar	7107e8fd6a	optimization of CPU intensive sanitizeAsciiString	2010-05-14 13:55:25 +00:00
Miroslav Stampar	5396f13bab	added CPU throttling for lowering sqlmap's CPU intensivity	2010-05-13 15:19:28 +00:00
Miroslav Stampar	d96723a135	fix for Feature #157	2010-05-13 11:17:24 +00:00
Miroslav Stampar	ca3e12ae73	added calculateDeltaSeconds method for dealing with non-deterministic time behaviour in some cases (e.g. WAITFOR DELAY in case of MSSQL)	2010-05-13 11:05:35 +00:00
Miroslav Stampar	0a4c1f8aec	unfix (conf.timeSec is an integer - my fault)	2010-05-13 09:34:08 +00:00
Miroslav Stampar	2fdac83607	minor fix	2010-05-13 08:27:51 +00:00
Bernardo Damele	9efe001515	SQLite does not support BETWEEN	2010-05-12 22:02:47 +00:00
Miroslav Stampar	893bc04fe4	changes regarding Feature #157 (Evaluate BETWEEN for inference algorithm)	2010-05-12 11:30:32 +00:00
Bernardo Damele	8b74c405f5	Minor output bug fix	2010-05-11 14:15:03 +00:00
Bernardo Damele	457d32c73e	Proper displaying of debug messages (-v >= 2)	2010-05-11 13:58:53 +00:00
Miroslav Stampar	1a8beebc8c	minor fix	2010-05-11 13:55:30 +00:00
Miroslav Stampar	1e5ecbaa97	speedup of initial session file handling	2010-05-11 13:36:30 +00:00
Miroslav Stampar	6752e66164	added charsetType=2 (integer) to queryOutputLength	2010-05-11 12:23:38 +00:00
Miroslav Stampar	430a25407b	fixed that thread partial output problem (one character behind) reported by Kasper Fons	2010-05-11 11:06:21 +00:00
Bernardo Damele	4c91b5a896	Minor fix	2010-05-10 14:18:41 +00:00
Bernardo Damele	65a05452f7	Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See #190: ... * --search -D foobar: searches all database names like the ones provided * --search -T foobar: searches all databases' table names like the ones provided (soon) * --search -C foobar: replaces --dump -C	2010-05-07 13:40:57 +00:00
Bernardo Damele	44ea8f1861	Minor adjustment	2010-05-06 11:00:58 +00:00
Bernardo Damele	147e14356d	Major bug fix (reported by Thierry Zoller)	2010-05-06 10:52:40 +00:00
Miroslav Stampar	4928c684b3	one more thing	2010-05-04 08:45:10 +00:00
Miroslav Stampar	789dd6c66f	more quick fixes	2010-05-04 08:43:14 +00:00
Miroslav Stampar	af701cdaa2	better way to handle that last commit problem	2010-05-04 08:36:35 +00:00
Miroslav Stampar	5bc07426e0	added exception handler around block reported by Thierry Zoller	2010-05-04 08:03:48 +00:00
Bernardo Damele	90d9900371	Minor bug fix to consider --start and --stop also in partial UNION query SQL injection	2010-04-30 15:48:40 +00:00
Bernardo Damele	4d46f997a7	Minor bug fix	2010-04-29 13:34:03 +00:00
Miroslav Stampar	d8e5585c66	fixed a bug reported by Mosk Dmitri (infoMsg UnboundLocalError)	2010-04-29 08:30:29 +00:00
Bernardo Damele	fa48d26f95	Minor cosmetic fix	2010-04-26 12:34:21 +00:00
Miroslav Stampar	7eef76f1b0	added basic option validation for start/stop values regarding David Guimaraes mail	2010-04-26 11:23:12 +00:00
Bernardo Damele	a1b1f960cc	Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function	2010-04-23 16:34:20 +00:00
Bernardo Damele	0f80768e66	Reverted	2010-04-22 16:35:22 +00:00
Bernardo Damele	7b070acd17	Reimported needed imports!	2010-04-22 16:13:22 +00:00
Miroslav Stampar	1bcec80e95	fix for that takeover bug Ethan Robish posted (Windows/PHP)	2010-04-22 10:31:33 +00:00
Miroslav Stampar	7d3a200ab8	fix for Bug #183	2010-04-19 15:25:52 +00:00
Bernardo Damele	2840f20605	Minor bug fix	2010-04-17 15:43:08 +00:00
Miroslav Stampar	915d3441e9	some code refactoring	2010-04-16 19:57:00 +00:00
Miroslav Stampar	1bdf94f236	fix for Bug #164 (Proper usage of special characters in paths)	2010-04-16 15:46:31 +00:00
Miroslav Stampar	bece99908c	fix regarding Bug #164 (Proper usage of special characters in paths) - not clear if that's all	2010-04-16 15:12:42 +00:00
Miroslav Stampar	938a3ab0b9	fix for Bug #183 (--threads dot output)	2010-04-16 13:40:02 +00:00
Miroslav Stampar	1aeaa5db47	implementation of Feature #176 (Safe URL: avoid being kicked out after N unsuccessful requests)	2010-04-16 12:44:47 +00:00
Bernardo Damele	a0c8adc266	Minor bug fix to add the "hinted" request to the total number of requests performed ... Minor layout adjustments.	2010-04-15 10:08:27 +00:00
Bernardo Damele	5e86087cb1	Minor bug fix for -d to avoid resuming queries when they're SELECT on sqlmap own tables, aligned to same resume of -u now.	2010-04-15 10:06:38 +00:00
Miroslav Stampar	17554759b7	implemented feature request from Ole Rasmussen regarding table name retrieval speedup	2010-04-15 09:36:13 +00:00
Bernardo Damele	1ab78ce60e	Added support to directly connect also to SQLite 2 db file	2010-04-13 22:43:38 +00:00
Bernardo Damele	fee062781f	Minor adjustment	2010-04-13 11:13:01 +00:00
Miroslav Stampar	da1ea48947	added some nagging for connection details	2010-04-13 11:00:15 +00:00
Bernardo Damele	eecee3b274	Added resume functionality to -d and fixed logging with -d	2010-04-12 09:35:20 +00:00
Bernardo Damele	b72ddb6f1e	Fixes non-deterministic unsorted results for most of the DBMSes - see #185	2010-04-09 15:48:53 +00:00
Miroslav Stampar	fcceceed45	fix for bug reported by shiftzwei@gmail.com regarding formatDBMSfp with unknown DBMS version	2010-04-09 10:40:08 +00:00
Miroslav Stampar	63c70018ca	fix for that update (conf.cj) problem mentioned by shiftzwei@gmail.com	2010-04-09 10:16:15 +00:00
Bernardo Damele	effc7dc41c	Minor adjustment to notify the user that the --auth-cred format for NTLM authentication is "DOMAIN\user:password"	2010-04-07 09:47:14 +00:00
Bernardo Damele	758a858785	Minor adjustments	2010-04-06 20:40:14 +00:00
Miroslav Stampar	6e7be5edb0	another fix	2010-04-06 15:51:36 +00:00
Miroslav Stampar	3fe9f9cac9	another fix	2010-04-06 15:28:34 +00:00
Miroslav Stampar	a6a2e993cc	minor update	2010-04-06 15:24:56 +00:00
Miroslav Stampar	c303feab17	fix	2010-04-06 15:14:32 +00:00
Miroslav Stampar	e2810003ae	more update	2010-04-06 15:12:52 +00:00
Miroslav Stampar	c24f1cc07c	some update	2010-04-06 14:59:31 +00:00
Miroslav Stampar	60f04f0a41	new module for interruptable threads	2010-04-06 14:33:57 +00:00
Bernardo Damele	2d55ec19a3	Minor code restyling	2010-04-06 10:15:19 +00:00
Miroslav Stampar	e29e8f82f9	fix for "Problem with --dbms set" reported by David Guimaraes	2010-04-05 23:09:35 +00:00
Miroslav Stampar	0a363d3f2b	fix for not properly clearing cookies when in multiple targets scanning mode spotted by Kasper Fons	2010-04-04 14:38:48 +00:00
Miroslav Stampar	4129cb22a7	update regarding bug reported by Ole Rasmussen	2010-04-03 19:41:47 +00:00
Bernardo Damele	cad8f61d55	Force pymssql to version >= 1.0.2	2010-03-31 15:31:11 +00:00
Bernardo Damele	b19de015c5	Minor bugs fixes	2010-03-31 13:52:51 +00:00
Bernardo Damele	5fdebb5d5b	Added support to directly connect also to Microsoft SQL Server database. ... Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output). Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods. Forced conf.timeout to 10 seconds when directly connecting to database. Slightly improved regular expression to parse -d parameter. Added import check for all connectors' third-party libraries. Code refactoring: * Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed). * Back-delegated to generic connector close() and other methods.	2010-03-31 10:50:47 +00:00
Miroslav Stampar	8702cce760	fix	2010-03-30 13:23:20 +00:00
Miroslav Stampar	c2a6f21095	refactoring regarding usage of conf.dbmsConnector.connect()	2010-03-30 13:03:19 +00:00
Miroslav Stampar	a02ec29c15	too	2010-03-30 11:52:45 +00:00
Miroslav Stampar	c9c9c1fb2f	replace only first occurrence	2010-03-30 11:52:01 +00:00
Miroslav Stampar	bfc12e93c5	ms access returns -1 for True	2010-03-30 11:33:51 +00:00
Miroslav Stampar	ae3455a0c2	more update	2010-03-30 11:28:14 +00:00
Miroslav Stampar	738c210075	update	2010-03-30 11:21:26 +00:00
Miroslav Stampar	87d8c6719e	updates, fixes and stuff	2010-03-30 11:06:30 +00:00
Bernardo Damele	a0290a257b	Added support to connect directly also to Oracle - see #158	2010-03-27 21:50:19 +00:00
Bernardo Damele	1416cd0d86	Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). ... Minor layout adjustments.	2010-03-26 23:23:25 +00:00
Miroslav Stampar	4ca1adba2c	update	2010-03-26 21:30:36 +00:00
Miroslav Stampar	1ec5221d82	minor update	2010-03-26 20:51:55 +00:00
Miroslav Stampar	0aa8f7309b	added copyright notice and keywords	2010-03-26 20:23:08 +00:00
Miroslav Stampar	2e05e1c54d	new module for Feature #61	2010-03-26 20:19:18 +00:00
Miroslav Stampar	8bab94de64	added two new functions: isBase64EncodedString and isHexEncodedString for Feature #71	2010-03-26 17:18:02 +00:00
Miroslav Stampar	5a6a01f24c	added socket timeout exception handling regarding that timeout message from Fahad Al Shunaiber	2010-03-26 11:51:23 +00:00
Bernardo Damele	be81c20298	Minor layout adjustment	2010-03-25 16:26:50 +00:00
Bernardo Damele	2aadc5c939	Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket #180. ... Minor enhancement to Firebird to determine if a DB user is a DBA. Minor code refactoring.	2010-03-25 15:46:06 +00:00
Bernardo Damele	f4f68218bc	Minor layout adjustment for --threads and --eta output	2010-03-25 11:47:18 +00:00
Bernardo Damele	8e57767c48	Fixes #180 - properly url encode sqlmap payload in POST/Cookie too, like for GET	2010-03-23 10:27:39 +00:00
Bernardo Damele	f9a135e232	Minor bug fix and layout adjustment regarding --threading and standard output	2010-03-22 17:38:19 +00:00
Bernardo Damele	d13ad8b2d7	fixes #181 - proper save/resume information about single entry UNION SQL injection	2010-03-22 15:39:29 +00:00
Bernardo Damele	d00e4a458a	Code cleanup	2010-03-21 00:39:44 +00:00
Bernardo Damele	72f3674844	Minor bug fix	2010-03-18 17:36:58 +00:00
Bernardo Damele	0d559d14df	Initial support for SQLite (90% approx). ... Initial support for Firebird (30% approx). Initial support for Access (10% approx). Shared libraries code/installation scripts ported to 64bit, directory structure adapted. Minor code adjustments.	2010-03-18 17:20:54 +00:00
Bernardo Damele	d2f86fb0a5	Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now	2010-03-16 15:21:42 +00:00
Bernardo Damele	466df89c4a	Fixes #178 and #179 - proper handling of custom redirects	2010-03-16 14:30:57 +00:00
Bernardo Damele	3b3353e05b	Revert last commit	2010-03-16 13:56:36 +00:00
Miroslav Stampar	1dfe558d3d	Fix for Issue #177	2010-03-16 13:11:44 +00:00
Bernardo Damele	323cf2b7f2	Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)	2010-03-16 12:14:02 +00:00
Bernardo Damele	6d0ea86414	Fixes #59 - proper customizable redirect (302 and 301)	2010-03-15 14:24:43 +00:00
Miroslav Stampar	417f7fae00	Fix for "bug: -g uses wrong session file"	2010-03-15 12:02:04 +00:00
Miroslav Stampar	8af7d6c58b	minor cosmetic update	2010-03-15 11:55:13 +00:00
Miroslav Stampar	a0ec447b7d	fix for Issue #170	2010-03-15 11:33:34 +00:00
Bernardo Damele	7f5bc5e3fe	Increased version to 0.9-dev	2010-03-15 11:04:57 +00:00
Bernardo Damele	5063401130	Minor bug fix, fixes #170	2010-03-15 11:00:14 +00:00
Bernardo Damele	572b6fd920	sqlmap 0.8 stable!	2010-03-15 01:17:27 +00:00
Miroslav Stampar	a6ab42c873	new file with getch() method which we'll use for good samaritan feature	2010-03-13 17:28:23 +00:00
Miroslav Stampar	4c6c91a80b	another --reg-read fix	2010-03-12 23:12:06 +00:00
Bernardo Damele	7d8cc1a482	Get rid of Churrasco (Token kidnapping technique to --priv-esc). Reasons why: ... 1. there's kitrap0d (MS10-015) which is far more reliable, just recently fixed 2. works only to priv esc basically on MSSQL when it runs as NETWORK SERVICE and the machine is not patched against MS09-012 which is "rare" (hopefully) nowadays. Now sqlmap relies on kitrap0d and incognito to privilege escalate the database process' user privileges to SYSTEM, both via Meterpreter. Minor layout adjustments.	2010-03-12 22:43:35 +00:00
Miroslav Stampar	6b1ae62753	final fix for reading registry keys (now both parse and non-parse reads work fine)	2010-03-12 22:26:06 +00:00
Miroslav Stampar	0a2fe651ab	some fixes regarding registry reading	2010-03-12 22:09:58 +00:00
Bernardo Damele	25f8a72414	Minor layout adjustment	2010-03-12 14:48:33 +00:00
Miroslav Stampar	17d0b82fee	two dots instead of three	2010-03-12 14:31:14 +00:00
Bernardo Damele	e8d76994ba	Minor bug fix to avoid resuming data filled into the sqlmap support tables	2010-03-12 14:30:21 +00:00
Miroslav Stampar	15c638ac52	some beautification	2010-03-12 13:07:07 +00:00
Miroslav Stampar	7ec04281dd	minor adjustments	2010-03-12 12:46:26 +00:00
Miroslav Stampar	fffda32f76	fix for Bug #167	2010-03-12 12:38:19 +00:00
Bernardo Damele	f6adb431e6	Minor layout adjustment and typo fix	2010-03-12 12:23:05 +00:00
Bernardo Damele	b50a2288f4	Minor layout adjustments	2010-03-11 23:54:07 +00:00
Miroslav Stampar	ec43419ad1	minor makeup fix	2010-03-11 11:20:52 +00:00
Miroslav Stampar	2c053d5cfb	fix for Bug #166 (Keyboard interrupt in Python threading)	2010-03-11 11:14:20 +00:00
Bernardo Damele	fdf417f57e	Minor adjustment and bug fix	2010-03-10 22:08:11 +00:00
Miroslav Stampar	91dd609e26	fixed threading bug (difflib :)	2010-03-10 14:14:27 +00:00
Bernardo Damele	cc611c0010	Minor layout adjustments	2010-03-09 22:14:26 +00:00
Miroslav Stampar	3f3ddd5437	fix for that SELECT DISTINCT(LENGTH(...)) "misbehavior"	2010-03-09 13:14:43 +00:00
Bernardo Damele	8593741358	Minor bug fix	2010-03-05 15:25:53 +00:00
Bernardo Damele	7136c17f19	Minor log adjustments	2010-03-05 14:59:33 +00:00
Miroslav Stampar	6fd1f7f77c	update	2010-03-05 14:06:03 +00:00
Miroslav Stampar	58d54b6515	added new option --flush-session	2010-03-04 13:01:18 +00:00
Miroslav Stampar	b544405878	fixed some issue involving banner parsing	2010-03-04 09:15:26 +00:00
Bernardo Damele	ef7666c12b	Minor code cleanup	2010-03-03 19:23:43 +00:00
Bernardo Damele	9adeaa6191	Code cleanup	2010-03-03 18:57:09 +00:00
Bernardo Damele	a654a426ef	Minor adjustments	2010-03-03 16:19:17 +00:00
Bernardo Damele	156fdd96ef	Updated copyright	2010-03-03 15:26:27 +00:00
Miroslav Stampar	759b720425	documentation update	2010-03-03 13:59:29 +00:00
Miroslav Stampar	415d5f2b44	minor update	2010-03-03 13:49:24 +00:00
Miroslav Stampar	5d792feffd	minor update	2010-03-03 10:57:54 +00:00
Bernardo Damele	2f452480b3	Minor bug fix in syntax	2010-03-01 14:40:18 +00:00
Miroslav Stampar	c93e265269	fix for that banner fetching issue reported by Daniel Huckmann	2010-03-01 10:33:36 +00:00
Bernardo Damele	dd3f65f0fb	Updated ChangeLog	2010-02-26 15:37:24 +00:00
Bernardo Damele	f53ef947f1	Slightly stealthier	2010-02-26 13:14:57 +00:00
Bernardo Damele	694356821d	sqlmap does not save nor leave back in temporary folder any file named 'sqlmapRANDOM', only random names now, less suspicious	2010-02-26 13:13:50 +00:00
Miroslav Stampar	1f2a1bb24c	removed some redundant code	2010-02-26 12:36:41 +00:00
Bernardo Damele	8c68d25b39	Major bug fix, be careful when editing isWindowsPath() and normalizePath() in common.py, they can break all	2010-02-26 12:00:47 +00:00
Miroslav Stampar	89e919f07a	fixing my mistake	2010-02-26 10:01:23 +00:00
Miroslav Stampar	5ebf572cae	added option --ignore-proxy	2010-02-25 20:55:10 +00:00
Bernardo Damele	98496fd173	Show also site in the banner	2010-02-25 17:37:46 +00:00
Bernardo Damele	404927d04a	Adjusted banner, increased release candidate to rc7	2010-02-25 17:34:54 +00:00
Miroslav Stampar	e4c34ff86c	changed default web server language behaviour	2010-02-25 16:55:02 +00:00
Miroslav Stampar	d95a8850c8	fix	2010-02-25 16:38:39 +00:00
Miroslav Stampar	0913d700a8	important update regarding default directories	2010-02-25 15:22:41 +00:00
Bernardo Damele	a10adcfe08	Minor code cleanup	2010-02-25 15:16:41 +00:00
Miroslav Stampar	4a3fa69f9d	minor adjustment	2010-02-25 15:07:54 +00:00
Miroslav Stampar	3721451cd6	default dirs update	2010-02-25 14:51:39 +00:00
Bernardo Damele	0df5b5fed9	Minor bug fix and code adjustments	2010-02-25 14:06:44 +00:00
Miroslav Stampar	a0f5c3d885	minor update	2010-02-25 13:45:28 +00:00
Miroslav Stampar	3e152f8b20	minor code refactoring	2010-02-25 13:33:52 +00:00
Miroslav Stampar	28d5248c04	one more fix regarding localhost/global proxy issue	2010-02-25 13:30:22 +00:00
Miroslav Stampar	24d3e24db0	more updates regarding --os-shell feature	2010-02-25 12:16:49 +00:00
Miroslav Stampar	b558712a47	more feature updates	2010-02-25 11:40:49 +00:00
Miroslav Stampar	15d1fcbb7f	now runcmd exe has random name too	2010-02-25 10:47:12 +00:00
Miroslav Stampar	2cafd5697b	new changes regarding --os-shell	2010-02-25 10:33:41 +00:00
Miroslav Stampar	858cb25975	update	2010-02-24 23:40:56 +00:00
Miroslav Stampar	4bea0e343a	Avoiding md5/sha1 deprecated warning in Python >=2.6	2010-02-23 08:54:33 +00:00
Miroslav Stampar	9c014c0fd0	minor change	2010-02-20 23:11:05 +00:00
Miroslav Stampar	2a07af2294	removed pdb tracing	2010-02-20 22:36:17 +00:00
Miroslav Stampar	0debc95ad4	some fixes	2010-02-20 22:31:54 +00:00
Bernardo Damele	d1e3596382	Minor UPX adjustment	2010-02-20 19:02:55 +00:00
Miroslav Stampar	0ed5ba5559	minor update	2010-02-16 13:24:09 +00:00
Miroslav Stampar	c4951fd631	some updates regarding --os-shell option	2010-02-16 13:20:34 +00:00
Bernardo Damele	8131f9c77c	Added and fixed README files	2010-02-12 00:20:53 +00:00
Bernardo Damele	dc06b40ddc	Minor exception message fix	2010-02-11 23:07:33 +00:00
Bernardo Damele	89dc99188d	--read-file on PostgreSQL now relies on the new sys_fileread() UDF so that also binary files can be read. ... Fixed a minor bug in custom UDF injection feature --udf-inject. Major code refactoring.	2010-02-11 22:57:50 +00:00
Miroslav Stampar	cef248a5ea	update for that invalid target url Otavio Augusto reported	2010-02-10 12:06:23 +00:00
Miroslav Stampar	203cfd114f	changed raised exception type	2010-02-10 09:39:36 +00:00
Miroslav Stampar	8e8f6f842c	fix for that md5 error reported by Dani (lgrecol@gmail.com)	2010-02-10 09:27:34 +00:00
Miroslav Stampar	00a23ace9a	some changes regarding web takeover	2010-02-09 14:27:41 +00:00
Miroslav Stampar	542b01993e	minor fix regarding exception handling of multi-part post handler	2010-02-09 14:02:47 +00:00
Miroslav Stampar	a6674edf8a	regular expressions revisited	2010-02-09 13:01:08 +00:00
Bernardo Damele	5c92fad5dc	Avoid to check for existence of not needed UDFs and minor code adjustment for cleanup() method	2010-02-05 23:14:16 +00:00
Bernardo Damele	b08a4efb4b	Minor layout adjustments	2010-02-04 17:45:56 +00:00
Miroslav Stampar	d291464cd4	code refactoring regarding path normalization	2010-02-04 14:50:54 +00:00
Miroslav Stampar	dbd52c52e4	minor fix	2010-02-04 14:39:24 +00:00
Miroslav Stampar	ec63fc4036	code refactoring - added functions posixToNtSlashes and ntToPosixSlashes	2010-02-04 14:37:00 +00:00
Miroslav Stampar	87239476af	more fixes :)	2010-02-04 10:10:41 +00:00
Miroslav Stampar	e4699f389d	some bug fixes regarding --os-shell usage against windows servers	2010-02-04 09:49:31 +00:00
Miroslav Stampar	ea045eaa2f	fixed serious issue with adding file paths into kb.absFilePaths (dirname was wrongly added, and afterwards getDirs used dirname of dirname) ... also, fixed some issues with Windows paths	2010-02-03 16:40:12 +00:00
Miroslav Stampar	7c88e32f9d	bug fix for 404 program termination during shell upload attempt	2010-02-03 16:16:34 +00:00
Miroslav Stampar	565433097e	used normalizePath instead of os.path.normalize	2010-02-03 16:10:09 +00:00
Miroslav Stampar	494e014a4a	minor update	2010-02-03 16:04:44 +00:00
Miroslav Stampar	8b0d31a6b7	fix for cases where both posix and nt path versions of windows paths are in parsed web page	2010-02-03 15:34:20 +00:00
Miroslav Stampar	894b9f0f80	minor minor update	2010-02-03 15:15:30 +00:00
Miroslav Stampar	25f1a9c7d0	upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this)	2010-02-03 15:06:41 +00:00
Miroslav Stampar	87c8bdbc29	removed pdb tracing	2010-02-03 14:52:29 +00:00
Miroslav Stampar	c74b920f54	bug fix	2010-02-03 14:49:28 +00:00
Bernardo Damele	979c919dc7	Minor logging message adjustment	2010-01-29 22:58:12 +00:00
Bernardo Damele	e8b0fd90c8	Minor bug fix	2010-01-29 19:32:02 +00:00
Bernardo Damele	767c67e37a	--priv-esc now relieas on more powerful and complete getsystem Meterpreter command that also implements kitrap0d as 4th technique	2010-01-29 14:57:33 +00:00
Miroslav Stampar	061794650f	minor fix	2010-01-29 10:15:05 +00:00
Miroslav Stampar	92817159dc	cloaked upx for windows (used mkstemp because of execution and file access rights problem)	2010-01-29 10:12:09 +00:00
Bernardo Damele	200518724c	By default do not use Churrasco, but still let the user choose it. ... The default technique to privilege escalate the OS user to SYSTEM when --priv-esc is provided now it 'run kitrap0d'.	2010-01-29 02:27:50 +00:00
Bernardo Damele	7b8316728c	Major bug fix in takeover functionalities on Microsoft SQL Server	2010-01-29 00:09:05 +00:00
Bernardo Damele	6f5d2ed171	Minor cosmetic adjustments	2010-01-28 17:07:34 +00:00
Miroslav Stampar	a2077bfc0e	quick fix	2010-01-28 16:56:00 +00:00
Miroslav Stampar	732ed48e2b	some refactoring regarding decloaking	2010-01-28 16:50:34 +00:00
Bernardo Damele	dcbbad642d	Minor self fix, switched to rc6	2010-01-28 10:27:47 +00:00
Miroslav Stampar	f6b447f6e7	fix for "NameError: global name 'webFileStreamUpload' is not defined"	2010-01-28 08:54:47 +00:00
Miroslav Stampar	645afee359	some changes	2010-01-28 00:25:36 +00:00
Miroslav Stampar	921e449454	added support for cloaking Churrasco.exe file	2010-01-28 00:07:33 +00:00
Miroslav Stampar	4559ded6c1	added new line at the end of the file	2010-01-27 17:02:23 +00:00
Miroslav Stampar	f4b8ce5c72	fix for 'No such file or directory' OSError exception	2010-01-27 17:00:54 +00:00
Miroslav Stampar	d0acb1c5a3	another fix. hope it works :)	2010-01-27 16:01:50 +00:00
Miroslav Stampar	f8056f4098	quick fix regarding usage of StringIO instead of file stream	2010-01-27 15:44:35 +00:00
Miroslav Stampar	1d15c595a4	minor fix	2010-01-27 14:08:09 +00:00
Miroslav Stampar	e63428207c	modified a way to handle shell scripts	2010-01-27 13:59:25 +00:00
Bernardo Damele	6437c16156	run kitrap0d script along with listing Windows Impersonation Tokens via meterpreter's incognito extension when --priv-esc is provided (see #149).	2010-01-26 01:14:44 +00:00
Miroslav Stampar	3197fada59	update of IDS checking method	2010-01-25 10:06:52 +00:00
Bernardo Damele	952c280083	Added svn keyword	2010-01-25 09:21:39 +00:00
Miroslav Stampar	e689c2ec99	another minor fix (svn header comment)	2010-01-25 00:29:19 +00:00
Miroslav Stampar	44a74ccee8	minor grammar fix	2010-01-25 00:26:51 +00:00
Miroslav Stampar	b183b9cbb4	contains method for detecting if the generated payload is detectable by the PHPIDS filter rules	2010-01-25 00:25:58 +00:00
Miroslav Stampar	a4d8234875	minor update	2010-01-24 14:23:19 +00:00
Miroslav Stampar	98205cc488	another fix for Bug #148	2010-01-23 23:29:34 +00:00
Miroslav Stampar	39652bfbf4	update regarding Unicode char logging (Bug #148)	2010-01-23 15:36:55 +00:00
Miroslav Stampar	97840535c6	fix for situations where proxy is set in environment, but the user tries to test something on localhost	2010-01-19 13:47:35 +00:00
Bernardo Damele	574880ba73	Warn user of HTTP error codes in HTTP responses	2010-01-19 10:27:54 +00:00
Bernardo Damele	5c58747740	More tweaking on --update	2010-01-18 15:20:50 +00:00
Bernardo Damele	051db588a5	Minor tweaking to --update	2010-01-18 14:59:24 +00:00
Miroslav Stampar	44adbc5776	changes regarding Feature #125	2010-01-18 14:05:23 +00:00
Bernardo Damele	2825ab5e4e	Major bug fix in url-encoding	2010-01-16 21:56:40 +00:00
Bernardo Damele	c18a5cb92f	Fixed a minor bug when displaying requested page in -v >= 3	2010-01-16 21:47:52 +00:00
Bernardo Damele	f337cd6e0a	Minor speedup to check if sqlmap's UDF have already been created	2010-01-16 21:46:35 +00:00
Bernardo Damele	4ce3abc56d	Minor adjustments	2010-01-15 17:42:46 +00:00
Miroslav Stampar	1a764e1f08	minor commit	2010-01-15 16:10:21 +00:00
Miroslav Stampar	5f171340f5	introduced safe string formatting	2010-01-15 16:06:59 +00:00
Miroslav Stampar	dcf0b2a3c1	minor update	2010-01-15 11:45:48 +00:00
Miroslav Stampar	f5c422efb4	updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before	2010-01-15 11:44:05 +00:00
Bernardo Damele	505647b00f	Minor bug fix to --cookie-urlencode	2010-01-15 11:24:30 +00:00
Bernardo Damele	c4215ce8d2	Minor code refactoring	2010-01-14 20:42:45 +00:00
Miroslav Stampar	26c7b74e65	changes regarding Data (GET/POST/Cookie) encoding (Bug #129)	2010-01-14 18:05:03 +00:00
Bernardo Damele	1d968f51e9	More code refactoring	2010-01-14 15:11:32 +00:00
Bernardo Damele	c9863bc1d2	Minor code refactoring	2010-01-14 14:33:08 +00:00
Bernardo Damele	070ccc30e9	Added automatic support in --os-pwn to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP. ... Updated ChangeLog. Major code refactoring.	2010-01-14 14:03:16 +00:00
Bernardo Damele	50bbb0cf8a	Deprecate sqlmap update code, will use pysvn to update from latest development version from subversion repository.	2010-01-13 14:52:23 +00:00
Bernardo Damele	0ad43952bd	Minor bug fix	2010-01-12 23:56:43 +00:00
Miroslav Stampar	3434a22872	HTTP header HOST is now mandatory in a HTTP request file	2010-01-12 14:07:58 +00:00
Miroslav Stampar	a193205323	minor update regarding requestFile option	2010-01-12 14:01:58 +00:00
Miroslav Stampar	8817b2884f	minor update	2010-01-12 13:16:30 +00:00
Miroslav Stampar	a58b36fe07	code commit regarding Feature #119	2010-01-12 13:11:26 +00:00
Bernardo Damele	df36eb6d11	Minor bug fix in --resume functionality	2010-01-11 14:16:37 +00:00
Bernardo Damele	12f371cd65	Minor bug fix and improvement in displaying of enumerated columns in --dump -C	2010-01-09 21:37:44 +00:00
Bernardo Damele	dc04fa7f06	Minor layout adjustments	2010-01-09 21:08:47 +00:00
Miroslav Stampar	d58ba7ee6d	added --scope feature regarding Feature #105	2010-01-09 20:44:50 +00:00
Bernardo Damele	f316e722c1	sqlmap 0.8-rc4: --dump option now can also accept only -C: user can provide a string column and sqlmap will enumerate all databases, tables and columns that contain the 'provided_string' or '%provided_string%' then ask the user to dump the entries of only those columns. ... --columns now accepts also -C option: user can provide a string column and sqlmap will enumerate all columns of a specific table like '%provided_string%'. Minor enhancements. Minor bug fixes.	2010-01-09 00:05:00 +00:00
Bernardo Damele	6a62a78b0a	More generic	2010-01-08 23:50:06 +00:00
Bernardo Damele	067cc07fb9	Make 'field' parameter in limitQuery() method to be option	2010-01-08 23:23:15 +00:00
Miroslav Stampar	82222fcd3a	minor update of help text	2010-01-07 13:09:14 +00:00
Miroslav Stampar	d07f60578c	implementation of Feature #17	2010-01-07 12:59:09 +00:00
Bernardo Damele	80df1fdcf9	Minor bug fix with --sql-query/shell when providing a statement with DISTINCT	2010-01-05 16:15:31 +00:00
Bernardo Damele	954a927cee	Minor bug fix to properly execute --time-test also on MySQL >= 5.0.12	2010-01-05 11:43:16 +00:00
Miroslav Stampar	71547a3496	getDocRoot changes	2010-01-05 11:30:33 +00:00
Bernardo Damele	bb61010a45	Avoid useless checks for --os-bof (no need to check for DBA or for xp_cmdshell). Minor code restyling.	2010-01-04 15:02:56 +00:00
Miroslav Stampar	d71e47ce56	fix regarding dirnames in Feature #110	2010-01-04 12:39:07 +00:00
Miroslav Stampar	96a033b51d	found and fixed few bugs regarding my "fix" of Bug #110	2010-01-03 15:56:29 +00:00
Bernardo Damele	d5b1863dec	Updated documentation and svn properties	2010-01-02 02:07:28 +00:00
Bernardo Damele	ce022a3b6e	sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.	2010-01-02 02:02:12 +00:00
Bernardo Damele	d55175a340	Fixed resume functionality on --read-file when using MySQL's LOAD_FILE() via blind SQL injection.	2010-01-02 01:35:13 +00:00
Bernardo Damele	9c620da0a5	Minor fix	2009-12-31 12:34:18 +00:00
Bernardo Damele	c1c14dabd9	Minor bug fix	2009-12-21 11:21:18 +00:00
Bernardo Damele	e4e081cdc6	sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.	2009-12-17 22:04:01 +00:00
Bernardo Damele	b363f1c5ab	Added support for NTLM authentication	2009-12-02 22:54:39 +00:00
Bernardo Damele	e28b98a366	Minor layout adjustments	2009-12-02 22:52:17 +00:00
Bernardo Damele	4779a5fe0f	Minor layout adjustment	2009-11-16 16:39:31 +00:00
Bernardo Damele	89c43893d4	Merged back from personal branch to trunk (svn merge -r846:940 ...) ... Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.	2009-09-25 23:03:45 +00:00
Bernardo Damele	19c6804ded	Fixed two minor bugs with PostgreSQL reported by Sven Klemm, thanks!	2009-07-29 10:44:24 +00:00
Bernardo Damele	d905e5ef9f	Minor bug fix to --os-cmd/--os-shell for Microsoft SQL Server	2009-07-25 11:45:23 +00:00
Bernardo Damele	b2b2ec8a26	Preparing to release sqlmap 0.7 stable	2009-07-24 23:20:57 +00:00
Bernardo Damele	b4fd71e8b9	Minor adjustment to reflect Metasploit r6849 (http://trac.metasploit.com/changeset/6849) and minor code refactoring.	2009-07-20 14:36:33 +00:00
Bernardo Damele	cb3d2bac16	Minor improvement so that sqlmap tests also all parameters with no value (ig. par=).	2009-07-09 11:25:35 +00:00
Bernardo Damele	516fdb9356	Avoid to upload the web backdoor to unexisting empty-name directory	2009-07-09 11:11:25 +00:00
Bernardo Damele	24a3a23159	Minor bug fix to --dbms, updated user's manual	2009-07-09 11:05:24 +00:00
Bernardo Damele	4b622ed860	Minor bug fix. ... Adapted Metasploit wrapping functions to work with latest msf3 development version too.	2009-07-06 14:40:33 +00:00
Bernardo Damele	0fc4587f02	Added support for reflective meterpreter by default when the target OS ... is Windows and minor layout fix	2009-07-03 17:59:20 +00:00
Bernardo Damele	3b9303186e	Fixed minor bug with --eta	2009-06-24 13:44:14 +00:00
Bernardo Damele	e5a01d500e	Minor bug fix in --update option, updated also Microsoft XML versions file	2009-06-16 15:12:02 +00:00
Bernardo Damele	03a6739fbf	Minor layout adjustments	2009-06-11 15:34:31 +00:00
Bernardo Damele	150abc0f1e	sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.	2009-06-11 15:01:48 +00:00
Bernardo Damele	3bca0d4b28	Minor improvement so that user's options can also be passed directly as a dictionary/advancedDict rather than only as an optparse instance.	2009-06-05 10:15:55 +00:00
Bernardo Damele	5ac2b0658c	Fixed regular expression to parse burp log file hosts' scheme/port	2009-06-04 14:42:53 +00:00
Bernardo Damele	cfd8a83655	Minor adjustment to get also the port when parsing burp logs	2009-06-04 14:36:31 +00:00
Bernardo Damele	966f34f381	Minor parsing syntax adjustment due to sligh differences between Burp 1.2 lite and professional editions	2009-06-03 15:26:18 +00:00
Bernardo Damele	c7b72abc0e	Minor bug fix in parsing Burp (WebScarab too?) log to correctly parse httpS urls	2009-06-03 15:04:40 +00:00
Bernardo Damele	93ee4a01e5	HTTPS requests over HTTP proxy now work on either Python 2.4, 2.5 and 2.6+	2009-05-20 14:27:25 +00:00
Bernardo Damele	81d1a767ac	Minor bug fix in output manager (dumper) object	2009-05-20 13:56:23 +00:00
Bernardo Damele	8e7282f7c7	Major bug fix to properly pass HTTPS request to HTTP proxy when its provided. It works with both Python 2.4 and Python 2.5 now. It still crashes at httplib level with Python 2.6.	2009-05-20 13:51:25 +00:00
Bernardo Damele	13de8366d0	Major silent bug fix to multi-threading functionality. Thanks Nico Leidecker for reporting!	2009-05-20 09:34:13 +00:00
Bernardo Damele	ef3846e0de	Minor fix in Host header value by Oliver Gruskovnjak	2009-05-19 14:40:04 +00:00
Bernardo Damele	45dff4a00a	Added new function to search a file within the PATH environment variable paths: ... it will be used when sqlmap will be packaged as DEB and RPM	2009-05-12 20:24:47 +00:00
Bernardo Damele	b463205544	Minor fixes for MacOSX	2009-05-12 20:24:00 +00:00
Bernardo Damele	06cc2a6d70	Minor bug fixes and code refactoring	2009-05-11 15:37:48 +00:00
Bernardo Damele	c5d20b8a86	Initial support for ASP web backdoor functionality	2009-05-06 12:14:38 +00:00
Bernardo Damele	ccedadd780	Finished Mac OS X	2009-04-30 21:42:54 +00:00
Bernardo Damele	e8c115500d	Now it works also on Mac OS X	2009-04-30 10:46:50 +00:00
Bernardo Damele	722ca8bf2f	Minor "fix"	2009-04-29 19:45:12 +00:00
Bernardo Damele	57b8bb4c8e	Minor syntax adjustment for web backdoor functionality	2009-04-28 21:51:22 +00:00
Bernardo Damele	58f3eee390	Updated Microsoft SQL Server XML signatures file and minor bug fix in connection library	2009-04-28 11:11:35 +00:00
Bernardo Damele	1d7de719b9	Almost done with web backdoor functionality	2009-04-28 11:05:07 +00:00
Bernardo Damele	16b4530bbe	Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed). ... Minor common library code refactoring. Code cleanup. Set back the default User-Agent to sqlmap for comparison algorithm reasons. Updated THANKS.	2009-04-27 23:05:11 +00:00
Bernardo Damele	5121a4dcba	Send IE7.0 as default User-Agent	2009-04-24 20:13:21 +00:00
Bernardo Damele	406d5df195	Minor layout adjustments	2009-04-24 20:12:52 +00:00
Bernardo Damele	546a6c32e3	Avoid deprecation warning on sha and md5 libraries on Python >= 2.6	2009-04-24 20:10:30 +00:00
Bernardo Damele	6f4035938b	Let the user choose also the local address in reverse OOB connection	2009-04-24 10:27:52 +00:00
Bernardo Damele	4ce74764b7	More verbose when reporting failure to create shellcode/payload stager (via Metasploit)	2009-04-23 20:39:32 +00:00
Bernardo Damele	1af6898618	Fixed POST parsing when -l option is provided (burp/webscarab log file)	2009-04-23 15:04:28 +00:00
Bernardo Damele	aefa7ef988	Avoid libmagic traceback on Windows. ... WARNING: this release is a candidate, it only works on Linux/Unices for the moment!	2009-04-22 12:44:16 +00:00
Bernardo Damele	8c0ac767f4	Updated to sqlmap 0.7 release candidate 1	2009-04-22 11:48:07 +00:00
Bernardo Damele	0c1a6b3edf	Minor typo fix	2009-02-19 00:38:54 +00:00
Bernardo Damele	2efee058ea	Major enhancement in comparison algorithm	2009-02-12 00:17:44 +00:00
Bernardo Damele	ba00a17205	Minor layout adjustment	2009-02-09 10:58:44 +00:00
Bernardo Damele	2355885712	Minor adjustment	2009-02-09 10:29:07 +00:00
Bernardo Damele	207e96e2b2	Major bug fix in the comparison algorithm to correctly handle also the ... case that the url is stable and the False response changes the page content very little.	2009-02-09 10:28:03 +00:00
Bernardo Damele	b12d955274	Updated packaging scripts, site and finalized the documentation to release version 0.6.4	2009-02-03 15:38:40 +00:00
Bernardo Damele	770e000cb4	Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs	2009-02-02 23:44:19 +00:00
Bernardo Damele	dded57f1cd	Minor bug fix to correctly unpack user's custom queries on Microsoft SQL Server	2009-01-30 23:58:48 +00:00
Bernardo Damele	6054090191	sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.	2009-01-28 14:53:11 +00:00
Bernardo Damele	a8d57bb031	Avoid DeprecationWarning with Python 2.6+	2009-01-22 23:53:01 +00:00
Bernardo Damele	793c323b2a	Major bug fixes	2009-01-22 22:28:27 +00:00
Bernardo Damele	c25b49e80e	Major bugfix to avoid "IFNULL and CAST" on CASE	2009-01-19 21:27:51 +00:00
Bernardo Damele	8f973ce574	Minor layout adjustments	2009-01-18 22:36:48 +00:00
Bernardo Damele	fd7cb9101c	Major bug fix to forge SQL injection payload on Oracle	2009-01-13 23:15:57 +00:00
Bernardo Damele	bc448211c5	Minor layout adjustment	2009-01-13 23:15:23 +00:00
Bernardo Damele	5560f0b68a	Updated the copyright	2009-01-12 21:35:38 +00:00
Bernardo Damele	92645dd264	Minor adjustment	2009-01-10 14:51:12 +00:00
Bernardo Damele	e10ab5aa0e	Major bug fixes	2009-01-10 14:39:27 +00:00
Bernardo Damele	9c125a2b57	Minor improvement to use Python ConfigParser library when --save if specified. ... Minor update to the user's manual	2009-01-03 22:59:22 +00:00
Bernardo Damele	d0604ef513	Major bug fix to correctly handle custom SQL "limited" queries on Oracle	2009-01-03 01:19:04 +00:00
Bernardo Damele	2d87a3349f	Fixed custom MSSQL "limited" query support also for Partial UNION query technique	2009-01-03 00:27:04 +00:00
Bernardo Damele	9c42a883be	Major bug fix to make it work properly with MSSQL custom limited (SELECT ... TOP ...) queries with both inferential blind and Full UNION query injection	2009-01-02 23:26:45 +00:00
Bernardo Damele	c1010c20d8	Minor adjustments	2008-12-30 21:24:01 +00:00
Bernardo Damele	a4d62af2ea	Minor layout adjustments to --union-tech	2008-12-29 18:48:23 +00:00
Bernardo Damele	9340bf59fb	Updated Microsoft SQL Server signature XML file. ... Minor layout adjustments to --update output messages/diff	2008-12-29 18:46:43 +00:00
Bernardo Damele	c83593c044	Limited custom query now works also on Oracle in inferential blind SQL ... injection technique	2008-12-23 23:34:50 +00:00
Bernardo Damele	64bb57d786	Minor bug fix to make the Partial UNION query SQL injection technique ... work properly also on Oracle and Microsoft SQL Server.	2008-12-22 22:48:44 +00:00
Bernardo Damele	1f7810e46a	Major bug fix to make partial UNION query sql injection work properly ... also on Microsoft SQL Server	2008-12-22 19:36:01 +00:00
Bernardo Damele	04c187c66a	Working on a bug (fix for Partial UNION query SQL injection technique ... both Oracle and Microsoft SQL Server).	2008-12-22 00:51:09 +00:00
Bernardo Damele	2f406b3e56	Minor adjustments	2008-12-22 00:04:28 +00:00
Bernardo Damele	4ae464c80d	Minor enhancement to support an option (--union-tech) to specify the ... technique to use to detect the number of columns used in the web application SELECT statement: NULL bruteforcing (default) or ORDER BY clause.	2008-12-21 21:39:53 +00:00
Bernardo Damele	35708a0b97	Minor adjustment to UNION query SQL injection detection function. ... Updated command line help message based upon recent developments. Updated copyright note of lib/contrib/multipartpost.py.	2008-12-21 16:35:03 +00:00
Bernardo Damele	996a872e51	We are already on sqlmap 0.6.4 release candidate 1..	2008-12-20 13:23:26 +00:00
Bernardo Damele	c18efe5084	Minor adjustments	2008-12-20 13:21:47 +00:00
Bernardo Damele	8d06975142	Major enhancement to make the comparison algorithm work properly also ... on url not stables automatically by using the difflib SequenceMatcher object: this changed a lot into the structure of the code, has to be extensively beta-tested! Please, do report bugs on sqlmap-users mailing list if you scout them. Cheers, Bernardo	2008-12-20 01:54:08 +00:00
Bernardo Damele	7e8ac16245	Added preventive check for stacked queries support when executing DDL, ... DML & co. statements in SQL query and SQL shell. Minor improvements on this new feature. Increased default connection timeout to 30 seconds (needed for vmware machine not correctly synched).	2008-12-19 20:48:33 +00:00
Bernardo Damele	ad228e6947	Ahead with the improvements to the comparison algorithm. ... Added support internally to forge CASE statements, used only by --is-dba query at the moment. Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and SQL shell. Minor code adjustments.	2008-12-19 20:09:46 +00:00
Bernardo Damele	68354be45a	Ahead with enhancements on comparison algorithm: implemented content-length technique	2008-12-18 22:49:35 +00:00
Bernardo Damele	afbd66f6d9	Added some comments	2008-12-18 21:58:05 +00:00
Bernardo Damele	d0d6632c22	Initial support to automatically work around the dynamic page at each refresh ... (Major refactor to the comparison algorithm (True/False response))	2008-12-18 20:48:23 +00:00
Bernardo Damele	3fe493b63d	Minor enhancement to support an option (--is-dba) to show if the ... current user is a database management system administrator.	2008-12-18 20:41:11 +00:00
Bernardo Damele	c32ef9d751	Major bug fix to avoid tracebacks when multiple targets are specified and one ... of them is not reachable. Minor bug fix to make the --postfix work even if --prefix is not provided.	2008-12-18 20:38:57 +00:00
Bernardo Damele	6dec56d616	Major bug fix	2008-12-17 21:35:04 +00:00
Bernardo Damele	dda62ba463	Minor adjustments and bug fixes	2008-12-17 20:11:18 +00:00
Bernardo Damele	b7f2602b50	A bit more entropy in the sql injection detection	2008-12-16 23:51:56 +00:00
Bernardo Damele	05a8c8d3bf	Added support to test for stacked queries support and improved check for time based blind sql injection. ... Minor bug fix in --save option	2008-12-16 21:30:24 +00:00
Bernardo Damele	bf2a857b9a	Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.	2008-12-12 19:06:31 +00:00
Bernardo Damele	072eb7154c	Major enhancement to support Partial UNION query SQL injection technique too. ... Minor code cleanup.	2008-12-10 17:23:07 +00:00
Bernardo Damele	9dbad512f1	sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers ... by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.	2008-12-08 21:24:24 +00:00
Bernardo Damele	38c9627700	Minor enhancemet to support also --regexp, --excl-str and --excl-reg ... options rather than only --string when comparing HTTP responses page content	2008-12-05 15:34:13 +00:00
Bernardo Damele	7f055924a7	sqlmap 0.6.3-rc4: ... Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.	2008-12-04 17:40:03 +00:00
Bernardo Damele	0f07e33e1a	Removed REVISION, makes no sense. ... Import and use python psyco library to speed up if it's installed: it's optional.	2008-12-03 17:32:16 +00:00
Bernardo Damele	e3ddbe751f	Minor code refactoring	2008-12-02 23:49:38 +00:00
Bernardo Damele	b700485a1b	Minor adjustment, still to work on the cookie urlencoding/decoding	2008-12-02 21:57:12 +00:00
Bernardo Damele	578bcb9140	Initial support for partial UNION query sql injection	2008-12-02 21:56:23 +00:00
Bernardo Damele	f97585c593	Show also SVN revision in error message when a traceback raises. ... Fix typo.	2008-12-01 23:49:14 +00:00
Bernardo Damele	a777f1ca35	Minor bug fix	2008-12-01 23:27:51 +00:00
Bernardo Damele	034a3f387a	Minor improvement when testing for UNION query SQL injection to check only without comment and with DBMS specific comment (not anymore "random" unspecific comment characters)	2008-12-01 23:09:07 +00:00
Bernardo Damele	3cf1658532	Increased default output level from 0 to 1	2008-12-01 23:07:41 +00:00
Bernardo Damele	428612b431	Comment and layout adjustments	2008-12-01 23:04:01 +00:00
Bernardo Damele	e967b13378	Minor adjustment to command line usage message	2008-11-27 23:06:02 +00:00
Bernardo Damele	6e548eb2ec	Completed support to get the list of targets from WebScarab/Burp proxies ... log file and updated the documentation	2008-11-27 22:33:33 +00:00
Bernardo Damele	dc1f2deb74	Minor bug fix to correctly enumerate columns on Microsoft SQL Server. ... Minor adjustments to XML signatures. Updated documentation.	2008-11-25 11:33:44 +00:00
Bernardo Damele	f2737ad0a3	Updated work on multiple targets support (works for WebScarab conversations/ folder, still to work out for Burp log file). ... Major bug fix in the controller library.	2008-11-22 01:57:22 +00:00
Bernardo Damele	9be844cf3e	Adapted the code to support a list of targets from a text file (Burp log file) or from a directory (WebScarab conversations folder) with command line option -l.	2008-11-20 17:56:09 +00:00
Bernardo Damele	80425c9ccd	Minor adjustment to ETA feature	2008-11-20 11:13:04 +00:00
Bernardo Damele	8f74fe2ce9	Added new HTTP response headers on which fingerprint web app technology and web server OS. ... Updated documentation.	2008-11-19 15:33:39 +00:00
Bernardo Damele	736b2e7323	Minor adjustments to the operating system fingerprint.	2008-11-19 00:36:44 +00:00
Bernardo Damele	727664aea7	Minor enhancement to fingerprint the web server operating system and ... the web application technology by parsing also HTTP response Server header. Refactor libraries and plugins that parses XML to fingerprint and show on standard output the information. Updated changelog.	2008-11-18 17:42:46 +00:00
Bernardo Damele	7d0724843f	Major enhancement to the engine to parse XML files and matches on DBMS banner ... and HTTP response headers. Initial web application technology fingerprint (for the moment based only on X-Powered-By HTTP response header and not shown yet to the user). Minor layout adjustments.	2008-11-17 17:41:02 +00:00
Bernardo Damele	66fb3c3033	Minor enhancement to show the DBMS operating system (if fingerprinted) ... also when only -b option is provided since it's an information that sqlmap get parsing the DBMS banner. Got rid completely of useless passive fuzzing.	2008-11-17 11:22:03 +00:00
Bernardo Damele	7d7170fc97	Minor code adjustments	2008-11-17 00:13:49 +00:00
Bernardo Damele	654aecedfe	Minor layout adjustments, minor fixes and updated changelog	2008-11-17 00:00:54 +00:00
Bernardo Damele	fa0507ab39	Minor enhancement to fingerprint the back-end DBMS operating system (type, ... version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<--	2008-11-15 23:41:31 +00:00
Bernardo Damele	84cbc60659	Major bug fix to correctly handle httplib.BadStatusLine exception. ... Minor improvement to set by default in all HTTP requests the standard HTTP headers (Accept, Accept-Encoding, etc.) Updated user's manual.	2008-11-15 12:25:19 +00:00
Bernardo Damele	0bd5b52d95	Minor fixes	2008-11-13 00:03:04 +00:00
Bernardo Damele	ecc4a98071	Properly moved and improved inject.goStacked() function and newly ... implemented Time based blind SQL injection now is a single test file within the lib/techniques/ folder. Renamed lib/techniques/inference to lib/techniques/blind, it is more approriate and adapted the rest of the libraries. Updated ChangeLog file.	2008-11-12 23:44:09 +00:00
Bernardo Damele	9329f8c9c4	Minor enhancement to be able to enumerate table columns and dump table ... entries also if the database name is not provided by using the current database on MySQL and MSSQL, the 'public' scheme on PostgreSQL and the 'USERS' TABLESPACE_NAME on Oracle. Minor bug fix so that when the user provide as SELECT statement to be processed an asterisk, now it also work if in the FROM there is no database name specified. Minor layout adjustments.	2008-11-12 22:53:25 +00:00
Bernardo Damele	81ed7c2086	Initial implementation of support for stacked queries. ... Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.	2008-11-12 00:36:50 +00:00
Bernardo Damele	13f76cfe3b	Adjusted unhandled exception error message	2008-11-11 14:08:40 +00:00
Bernardo Damele	0c5d3df546	sqlmap 0.6.3-rc1: ... * Minor enhancement to be able to specify the number of seconds to wait between each HTTP request. * Minor bug fix to handle session.error and session.timeout in HTTP requests. * Updated documentation.	2008-11-09 16:57:47 +00:00
Bernardo Damele	be599d5a33	Updated documentation and minor fix in update functionality	2008-11-04 16:33:13 +00:00
Bernardo Damele	8d130f12a0	Major bug fix to correctly update sqlmap to the latest stable release ... with command line --update	2008-11-02 22:16:54 +00:00
Bernardo Damele	56a5e8d390	Updated sqlmap packaging scripts, site and documentation, almost ready for sqlmap 0.6.2	2008-11-02 20:12:50 +00:00
Bernardo Damele	206191d164	Major bug fix so that when the expected value of a query (count variable) ... is an integer and for some reason the resumed value from session file is a string or a binary file, the query is executed again and and its new output saved to the session file	2008-11-02 19:21:19 +00:00
Bernardo Damele	03b90e0a3f	Be more user friendly on messages and minor code layout improvement	2008-11-02 18:23:42 +00:00
Bernardo Damele	09ca578ca1	Major bug fix so that the users' privileges enumeration now works properly also on both MySQL < 5.0 and MySQL >= 5.0 also if the user has provided one or more users with -U option;	2008-11-02 18:17:12 +00:00
Bernardo Damele	91a47246f8	Minor bug fix to correctly handle --start and --stop	2008-11-02 14:39:38 +00:00
Bernardo Damele	e2a0f7a47b	Fix typo	2008-10-30 23:20:14 +00:00
Bernardo Damele	9895338630	Major bug fix following the last commit	2008-10-27 23:56:02 +00:00
Bernardo Damele	eb6e6f4d03	Major bug fix when the request is POST to also send the GET parameters in the request if they've been provided	2008-10-27 15:42:32 +00:00
Bernardo Damele	e07e48efb2	Major bug fix to correctly dump tables entries	2008-10-26 16:10:28 +00:00
Bernardo Damele	fc28372596	Added a comment	2008-10-26 16:06:43 +00:00
Bernardo Damele	6ddb5afef9	Adapted to latest enhancements	2008-10-20 10:13:03 +00:00
Bernardo Damele	016118ce7a	Some more fixes and adjustments before 0.6.1 release.	2008-10-17 15:26:43 +00:00
Bernardo Damele	1f3ffc8ef7	Minor layout adjustment	2008-10-17 13:23:24 +00:00
Bernardo Damele	66136b48c0	Minor fixes.. should work also for Cookie now the % parsing	2008-10-17 11:51:12 +00:00
Bernardo Damele	e2fedd3b46	Minor layout adjustment	2008-10-16 16:39:24 +00:00
Bernardo Damele	f90a7cce28	Minor fix to urldecode %3d and any other urlencoded values in target url, posted data and cookie	2008-10-16 16:31:20 +00:00
Bernardo Damele	e5aa557bd4	Minor fix	2008-10-16 15:39:25 +00:00
Bernardo Damele	a5b2366033	Implemented a better way to deal with % characters in parameters' value. Minor code restyle.	2008-10-16 15:31:02 +00:00
Bernardo Damele	d664f0387e	Fixed a bug reported by Bedirhan Urgun <bedirhanurgun@gmail.com>	2008-10-16 14:01:14 +00:00
Bernardo Damele	962d63eff5	Improved the message to display in case of unhandled exception	2008-10-16 14:00:39 +00:00
Bernardo Damele	892a7b2f8a	propsets..	2008-10-15 15:56:32 +00:00
Bernardo Damele	8e3eb45510	After the storm, a restore..	2008-10-15 15:38:22 +00:00