Miroslav Stampar
|
4af000e699
|
minor language update (in testing phase "used" is more preferable than "provided")
|
2010-11-23 15:11:15 +00:00 |
|
Bernardo Damele
|
c23126547e
|
Improved --union-cols to accept a range to test for union SQL injection. By default it is 1-20.
|
2010-11-19 15:48:24 +00:00 |
|
Bernardo Damele
|
ad17e9ed2a
|
Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any)
|
2010-11-19 14:56:20 +00:00 |
|
Bernardo Damele
|
4a9bd3a240
|
Finally a proper union query SQL injection test engine for --union-test. It does much more requests, but for god sake now it works well!
|
2010-11-18 17:55:43 +00:00 |
|
Bernardo Damele
|
17486e472a
|
Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!
|
2010-11-17 22:00:09 +00:00 |
|
Bernardo Damele
|
71cb982039
|
Another bug fix to --union-test
|
2010-11-15 21:42:56 +00:00 |
|
Bernardo Damele
|
0bfc1b411a
|
Another bug fix for --union-test
|
2010-11-14 15:39:57 +00:00 |
|
Bernardo Damele
|
8d07272c82
|
Added --union-cols switch to specify the max number of columns to test for UNION query sql injection.
Now stores/resumes also the exact UNION payload to session file.
|
2010-11-13 23:24:41 +00:00 |
|
Bernardo Damele
|
df5dc10111
|
Major enhancement to --union-test check
|
2010-11-13 22:47:37 +00:00 |
|
Bernardo Damele
|
45ec8c169a
|
Consistency between --*-test switches/output
|
2010-11-08 16:46:25 +00:00 |
|
Miroslav Stampar
|
862395ced1
|
further refactoring (all enumerations are now put into enums.py)
|
2010-11-08 09:20:02 +00:00 |
|
Bernardo Damele
|
b6da946883
|
Added one new verbose level, -v 3 now shows the full injected payload.
Fixed also -d verbose output.
|
2010-11-07 22:34:29 +00:00 |
|
Miroslav Stampar
|
d3e7e89e60
|
major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces
|
2010-11-07 21:18:09 +00:00 |
|
Miroslav Stampar
|
63af5444fd
|
fix (NameError: global name 'DBMS' is not defined)
|
2010-11-04 12:47:34 +00:00 |
|
Miroslav Stampar
|
685a8e7d2c
|
refactoring of hard coded dbms names
|
2010-11-02 11:59:24 +00:00 |
|
Bernardo Damele
|
486a113560
|
Consolidate logger messages for --*-test switches
|
2010-10-31 16:58:38 +00:00 |
|
Bernardo Damele
|
f5904d0bc0
|
Major bug fix to --union-test
|
2010-10-25 23:39:55 +00:00 |
|
Bernardo Damele
|
215175e3b7
|
Minor code adjustments
|
2010-10-25 14:11:47 +00:00 |
|
Miroslav Stampar
|
bc79eec702
|
removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)
|
2010-10-21 13:13:12 +00:00 |
|
Miroslav Stampar
|
1b376c99a6
|
removed temp dictionary and replaced with kb.misc
|
2010-10-19 23:00:19 +00:00 |
|
Miroslav Stampar
|
4f7f20b94f
|
sorry, cosmetics
|
2010-10-14 23:18:29 +00:00 |
|
Miroslav Stampar
|
8b48833136
|
large commit with copyright header modifications
|
2010-10-14 14:41:14 +00:00 |
|
Miroslav Stampar
|
827cd1d56b
|
minor fix
|
2010-09-13 15:22:29 +00:00 |
|
Miroslav Stampar
|
12a5ec9f3d
|
more unicode refactoring
|
2010-06-02 12:45:40 +00:00 |
|
Miroslav Stampar
|
a3db3c03c1
|
str() -> unicode()
|
2010-05-28 13:05:02 +00:00 |
|
Bernardo Damele
|
72fda2a3e4
|
Minor bug fix to correctly resuming --union-test results from session file.
|
2010-05-19 14:21:59 +00:00 |
|
Miroslav Stampar
|
ca3e12ae73
|
added calculateDeltaSeconds method for dealing with non-deterministic time behaviour in some cases (e.g. WAITFOR DELAY in case of MSSQL)
|
2010-05-13 11:05:35 +00:00 |
|
Bernardo Damele
|
90d9900371
|
Minor bug fix to consider --start and --stop also in partial UNION query SQL injection
|
2010-04-30 15:48:40 +00:00 |
|
Bernardo Damele
|
b72ddb6f1e
|
Fixes non-deterministic unsorted results for most of the DBMSes - see #185
|
2010-04-09 15:48:53 +00:00 |
|
Bernardo Damele
|
1416cd0d86
|
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
|
2010-03-26 23:23:25 +00:00 |
|
Bernardo Damele
|
d13ad8b2d7
|
fixes #181 - proper save/resume information about single entry UNION SQL injection
|
2010-03-22 15:39:29 +00:00 |
|
Bernardo Damele
|
156fdd96ef
|
Updated copyright
|
2010-03-03 15:26:27 +00:00 |
|
Bernardo Damele
|
4ce3abc56d
|
Minor adjustments
|
2010-01-15 17:42:46 +00:00 |
|
Miroslav Stampar
|
1a764e1f08
|
minor commit
|
2010-01-15 16:10:21 +00:00 |
|
Miroslav Stampar
|
5f171340f5
|
introduced safe string formatting
|
2010-01-15 16:06:59 +00:00 |
|
Bernardo Damele
|
ce022a3b6e
|
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
|
2010-01-02 02:02:12 +00:00 |
|
Bernardo Damele
|
d905e5ef9f
|
Minor bug fix to --os-cmd/--os-shell for Microsoft SQL Server
|
2009-07-25 11:45:23 +00:00 |
|
Bernardo Damele
|
16b4530bbe
|
Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).
Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS.
|
2009-04-27 23:05:11 +00:00 |
|
Bernardo Damele
|
8c0ac767f4
|
Updated to sqlmap 0.7 release candidate 1
|
2009-04-22 11:48:07 +00:00 |
|
Bernardo Damele
|
5560f0b68a
|
Updated the copyright
|
2009-01-12 21:35:38 +00:00 |
|
Bernardo Damele
|
2d87a3349f
|
Fixed custom MSSQL "limited" query support also for Partial UNION query technique
|
2009-01-03 00:27:04 +00:00 |
|
Bernardo Damele
|
9c42a883be
|
Major bug fix to make it work properly with MSSQL custom limited (SELECT
TOP ...) queries with both inferential blind and Full UNION query
injection
|
2009-01-02 23:26:45 +00:00 |
|
Bernardo Damele
|
a4d62af2ea
|
Minor layout adjustments to --union-tech
|
2008-12-29 18:48:23 +00:00 |
|
Bernardo Damele
|
64bb57d786
|
Minor bug fix to make the Partial UNION query SQL injection technique
work properly also on Oracle and Microsoft SQL Server.
|
2008-12-22 22:48:44 +00:00 |
|
Bernardo Damele
|
1f7810e46a
|
Major bug fix to make partial UNION query sql injection work properly
also on Microsoft SQL Server
|
2008-12-22 19:36:01 +00:00 |
|
Bernardo Damele
|
2f406b3e56
|
Minor adjustments
|
2008-12-22 00:04:28 +00:00 |
|
Bernardo Damele
|
4ae464c80d
|
Minor enhancement to support an option (--union-tech) to specify the
technique to use to detect the number of columns used in the web
application SELECT statement: NULL bruteforcing (default) or ORDER BY
clause.
|
2008-12-21 21:39:53 +00:00 |
|
Bernardo Damele
|
35708a0b97
|
Minor adjustment to UNION query SQL injection detection function.
Updated command line help message based upon recent developments.
Updated copyright note of lib/contrib/multipartpost.py.
|
2008-12-21 16:35:03 +00:00 |
|
Bernardo Damele
|
d0d6632c22
|
Initial support to automatically work around the dynamic page at each refresh
(Major refactor to the comparison algorithm (True/False response))
|
2008-12-18 20:48:23 +00:00 |
|
Bernardo Damele
|
dda62ba463
|
Minor adjustments and bug fixes
|
2008-12-17 20:11:18 +00:00 |
|