Commit Graph

4940 Commits

Author SHA1 Message Date
Bernardo Damele
282aeb734f ORDER BY does not play well with UNION query SQLi (related to issue #313) 2012-12-19 13:21:16 +00:00
Bernardo Damele
259b345f1f catch ImportError exception if libmagic is not installed 2012-12-19 13:10:54 +00:00
Bernardo Damele
128597ee7e --run-case is now case insensitive 2012-12-19 12:45:46 +00:00
Bernardo Damele
b91c829103 minor bug fix (issue #310) 2012-12-19 12:42:31 +00:00
Bernardo Damele
e583ba6826 no point retesting all for time-based too as it uses same engine of boolean-based 2012-12-19 12:35:36 +00:00
Bernardo Damele
2bc2c0431c fixed test cases 2012-12-19 12:33:37 +00:00
Bernardo Damele
5ceadf02ae fixed test cases now that MySQL test db has two more tables and removed old test cases, soon to be replaced with new ones for other DBMSes 2012-12-19 12:22:45 +00:00
Bernardo Damele
9149d77cc8 removed duplicate code - fixes issue #310 2012-12-19 12:17:56 +00:00
Bernardo Damele
54752a9101 typo fix 2012-12-19 11:44:58 +00:00
Bernardo Damele
d80744d3d5 preparation for issue #310 2012-12-19 11:40:00 +00:00
Bernardo Damele
f5450e9f0e layout adjustment 2012-12-19 11:39:38 +00:00
Bernardo Damele
dee56b17c3 handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308 2012-12-19 10:50:15 +00:00
Miroslav Stampar
155c1eddae Debug message with declared page charset 2012-12-19 11:16:42 +01:00
Miroslav Stampar
d29dddf5b2 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 10:51:25 +01:00
Miroslav Stampar
92e338251a Finally working inference against MySQL/international letters (even chinese) 2012-12-19 10:44:02 +01:00
Bernardo Damele
65ed2304fd comment update 2012-12-19 09:38:03 +00:00
Bernardo Damele
9b422e1e94 minor fix for issue #309 2012-12-19 09:37:29 +00:00
Bernardo Damele
0037d52098 typo fix 2012-12-19 01:11:18 +00:00
Miroslav Stampar
c9b8b51c9c Update lib/core/common.py
Revert of last commit and try 2
2012-12-19 01:48:53 +01:00
Bernardo Damele
8e95470415 minor refactoring 2012-12-19 00:46:23 +00:00
Bernardo Damele
318fcee49c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-19 00:30:26 +00:00
Bernardo Damele
3c7007097a minor refactoring 2012-12-19 00:30:22 +00:00
Miroslav Stampar
50b846b5af Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
2012-12-19 01:26:12 +01:00
Bernardo Damele
aeda67e945 updated third-party magic library 2012-12-18 23:58:49 +00:00
Miroslav Stampar
9e2f0131b9 Update lib/core/agent.py 2012-12-18 20:25:00 +01:00
Bernardo Damele
738dbde16c avoid displaying "do you want to dump" message if no searched columns have been found 2012-12-18 18:07:34 +00:00
Bernardo Damele
326ed33f31 added support for comma separated list of files for --file-read - fixes issue #223 2012-12-18 17:55:21 +00:00
Bernardo Damele
8d9aa2c384 minor refactoring, added possibility to compare the remote file and downloaded file (--file-read), prepping for #223 2012-12-18 17:49:18 +00:00
Bernardo Damele
9a1eca20b5 lowered gravity 2012-12-18 16:42:03 +00:00
Bernardo Damele
58656bbeb5 minor bug fix, union query has to be limited 0, 0 2012-12-18 16:36:30 +00:00
Bernardo Damele
2c86022aab added test cases for --sql-query and improved tests for --search -C 2012-12-18 16:30:46 +00:00
Bernardo Damele
f8267ece0f added more specific --search -T and -C test cases 2012-12-18 16:13:38 +00:00
Bernardo Damele
61a838bb35 added more test cases 2012-12-18 15:59:48 +00:00
Bernardo Damele
d1d99d930b proper fix for #306 2012-12-18 15:31:30 +00:00
Miroslav Stampar
30201d29bd Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-18 16:03:49 +01:00
Miroslav Stampar
88d8494b5a Implementation for an Issue #307 2012-12-18 16:03:35 +01:00
Bernardo Damele
6b1dd05e62 reverted 2012-12-18 14:51:04 +00:00
Bernardo Damele
e1b7a6350e consistency between --tables and --columns when -T and -C are respectively provided - there was a leftover from when --search called getColumns() as --columns: this is no longer the case (closes issue #306) 2012-12-18 14:37:04 +00:00
Bernardo Damele
57412f8475 default to --search shall stay LIKE 2012-12-18 13:55:26 +00:00
Bernardo Damele
3fa05374bd added tests for all MySQL techniques now (except stacked queries (S) as it is not supported on MySQL/PHP) 2012-12-18 12:07:19 +00:00
Miroslav Stampar
eb23b1b1a5 Minor commit related to the last one (uniq roles/privileges) 2012-12-18 12:47:06 +01:00
Miroslav Stampar
699a0f756a Minor fix 2012-12-18 12:43:23 +01:00
Miroslav Stampar
7f47623876 Minor patch 2012-12-18 11:10:06 +01:00
Miroslav Stampar
9b716eb805 Implementation for an Issue #135 2012-12-18 10:13:42 +01:00
Miroslav Stampar
f56b846864 Patch for an Issue #300 2012-12-18 09:55:33 +01:00
Miroslav Stampar
2b64c10710 Patch for an Issue #304 2012-12-18 09:36:26 +01:00
Miroslav Stampar
45d6fdcdc8 Trivial update 2012-12-17 17:16:11 +01:00
Miroslav Stampar
175cb245cb Adding common data type to txt/common-outputs (--columns --predict-output) 2012-12-17 17:13:51 +01:00
Bernardo Damele
4cd4f291d7 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-17 14:13:39 +00:00
Bernardo Damele
a00cd9b3ea syntax fix 2012-12-17 14:13:34 +00:00