Miroslav Stampar
ae3455a0c2
more update
2010-03-30 11:28:14 +00:00
Miroslav Stampar
738c210075
update
2010-03-30 11:21:26 +00:00
Miroslav Stampar
87d8c6719e
updates, fixes and stuff
2010-03-30 11:06:30 +00:00
Bernardo Damele
a0290a257b
Added support to connect directly also to Oracle - see #158
2010-03-27 21:50:19 +00:00
Bernardo Damele
1416cd0d86
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
...
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Miroslav Stampar
4ca1adba2c
update
2010-03-26 21:30:36 +00:00
Miroslav Stampar
1ec5221d82
minor update
2010-03-26 20:51:55 +00:00
Miroslav Stampar
0aa8f7309b
added copyright notice and keywords
2010-03-26 20:23:08 +00:00
Miroslav Stampar
2e05e1c54d
new module for Feature #61
2010-03-26 20:19:18 +00:00
Miroslav Stampar
8bab94de64
added two new functions: isBase64EncodedString and isHexEncodedString for Feature #71
2010-03-26 17:18:02 +00:00
Miroslav Stampar
5a6a01f24c
added socket timeout exception handling regarding that timeout message from Fahad Al Shunaiber
2010-03-26 11:51:23 +00:00
Bernardo Damele
be81c20298
Minor layout adjustment
2010-03-25 16:26:50 +00:00
Bernardo Damele
2aadc5c939
Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket #180 .
...
Minor enhancement to Firebird to determine if a DB user is a DBA.
Minor code refactoring.
2010-03-25 15:46:06 +00:00
Bernardo Damele
f4f68218bc
Minor layout adjustment for --threads and --eta output
2010-03-25 11:47:18 +00:00
Bernardo Damele
8e57767c48
Fixes #180 - properly url encode sqlmap payload in POST/Cookie too, like for GET
2010-03-23 10:27:39 +00:00
Bernardo Damele
f9a135e232
Minor bug fix and layout adjustment regarding --threading and standard output
2010-03-22 17:38:19 +00:00
Bernardo Damele
d13ad8b2d7
fixes #181 - proper save/resume information about single entry UNION SQL injection
2010-03-22 15:39:29 +00:00
Bernardo Damele
d00e4a458a
Code cleanup
2010-03-21 00:39:44 +00:00
Bernardo Damele
72f3674844
Minor bug fix
2010-03-18 17:36:58 +00:00
Bernardo Damele
0d559d14df
Initial support for SQLite (90% approx).
...
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Bernardo Damele
d2f86fb0a5
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 15:21:42 +00:00
Bernardo Damele
466df89c4a
Fixes #178 and #179 - proper handling of custom redirects
2010-03-16 14:30:57 +00:00
Bernardo Damele
3b3353e05b
Revert last commit
2010-03-16 13:56:36 +00:00
Miroslav Stampar
1dfe558d3d
Fix for Issue #177
2010-03-16 13:11:44 +00:00
Bernardo Damele
323cf2b7f2
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 12:14:02 +00:00
Bernardo Damele
6d0ea86414
Fixes #59 - proper customizable redirect (302 and 301)
2010-03-15 14:24:43 +00:00
Miroslav Stampar
417f7fae00
Fix for "bug: -g uses wrong session file"
2010-03-15 12:02:04 +00:00
Miroslav Stampar
8af7d6c58b
minor cosmetic update
2010-03-15 11:55:13 +00:00
Miroslav Stampar
a0ec447b7d
fix for Issue #170
2010-03-15 11:33:34 +00:00
Bernardo Damele
7f5bc5e3fe
Increased version to 0.9-dev
2010-03-15 11:04:57 +00:00
Bernardo Damele
5063401130
Minor bug fix, fixes #170
2010-03-15 11:00:14 +00:00
Bernardo Damele
572b6fd920
sqlmap 0.8 stable!
2010-03-15 01:17:27 +00:00
Miroslav Stampar
a6ab42c873
new file with getch() method which we'll use for good samaritan feature
2010-03-13 17:28:23 +00:00
Miroslav Stampar
4c6c91a80b
another --reg-read fix
2010-03-12 23:12:06 +00:00
Bernardo Damele
7d8cc1a482
Get rid of Churrasco (Token kidnapping technique to --priv-esc). Reasons why:
...
1. there's kitrap0d (MS10-015) which is far more reliable, just recently fixed
2. works only to priv esc basically on MSSQL when it runs as NETWORK SERVICE and the machine is not patched against MS09-012 which is "rare" (hopefully) nowadays.
Now sqlmap relies on kitrap0d and incognito to privilege escalate the database process' user privileges to SYSTEM, both via Meterpreter.
Minor layout adjustments.
2010-03-12 22:43:35 +00:00
Miroslav Stampar
6b1ae62753
final fix for reading registry keys (now both parse and non-parse reads work fine)
2010-03-12 22:26:06 +00:00
Miroslav Stampar
0a2fe651ab
some fixes regarding registry reading
2010-03-12 22:09:58 +00:00
Bernardo Damele
25f8a72414
Minor layout adjustment
2010-03-12 14:48:33 +00:00
Miroslav Stampar
17d0b82fee
two dots instead of three
2010-03-12 14:31:14 +00:00
Bernardo Damele
e8d76994ba
Minor bug fix to avoid resuming data filled into the sqlmap support tables
2010-03-12 14:30:21 +00:00
Miroslav Stampar
15c638ac52
some beautification
2010-03-12 13:07:07 +00:00
Miroslav Stampar
7ec04281dd
minor adjustments
2010-03-12 12:46:26 +00:00
Miroslav Stampar
fffda32f76
fix for Bug #167
2010-03-12 12:38:19 +00:00
Bernardo Damele
f6adb431e6
Minor layout adjustment and typo fix
2010-03-12 12:23:05 +00:00
Bernardo Damele
b50a2288f4
Minor layout adjustments
2010-03-11 23:54:07 +00:00
Miroslav Stampar
ec43419ad1
minor makeup fix
2010-03-11 11:20:52 +00:00
Miroslav Stampar
2c053d5cfb
fix for Bug #166 (Keyboard interrupt in Python threading)
2010-03-11 11:14:20 +00:00
Bernardo Damele
fdf417f57e
Minor adjustment and bug fix
2010-03-10 22:08:11 +00:00
Miroslav Stampar
91dd609e26
fixed threading bug (difflib :)
2010-03-10 14:14:27 +00:00
Bernardo Damele
cc611c0010
Minor layout adjustments
2010-03-09 22:14:26 +00:00
Miroslav Stampar
3f3ddd5437
fix for that SELECT DISTINCT(LENGTH(...)) "misbehavior"
2010-03-09 13:14:43 +00:00
Bernardo Damele
8593741358
Minor bug fix
2010-03-05 15:25:53 +00:00
Bernardo Damele
7136c17f19
Minor log adjustments
2010-03-05 14:59:33 +00:00
Miroslav Stampar
6fd1f7f77c
update
2010-03-05 14:06:03 +00:00
Miroslav Stampar
58d54b6515
added new option --flush-session
2010-03-04 13:01:18 +00:00
Miroslav Stampar
b544405878
fixed some issue involving banner parsing
2010-03-04 09:15:26 +00:00
Bernardo Damele
ef7666c12b
Minor code cleanup
2010-03-03 19:23:43 +00:00
Bernardo Damele
9adeaa6191
Code cleanup
2010-03-03 18:57:09 +00:00
Bernardo Damele
a654a426ef
Minor adjustments
2010-03-03 16:19:17 +00:00
Bernardo Damele
156fdd96ef
Updated copyright
2010-03-03 15:26:27 +00:00
Miroslav Stampar
759b720425
documentation update
2010-03-03 13:59:29 +00:00
Miroslav Stampar
415d5f2b44
minor update
2010-03-03 13:49:24 +00:00
Miroslav Stampar
5d792feffd
minor update
2010-03-03 10:57:54 +00:00
Bernardo Damele
2f452480b3
Minor bug fix in syntax
2010-03-01 14:40:18 +00:00
Miroslav Stampar
c93e265269
fix for that banner fetching issue reported by Daniel Huckmann
2010-03-01 10:33:36 +00:00
Bernardo Damele
dd3f65f0fb
Updated ChangeLog
2010-02-26 15:37:24 +00:00
Bernardo Damele
f53ef947f1
Slightly stealthier
2010-02-26 13:14:57 +00:00
Bernardo Damele
694356821d
sqlmap does not save nor leave back in temporary folder any file named 'sqlmapRANDOM', only random names now, less suspicious
2010-02-26 13:13:50 +00:00
Miroslav Stampar
1f2a1bb24c
removed some redundant code
2010-02-26 12:36:41 +00:00
Bernardo Damele
8c68d25b39
Major bug fix, be careful when editing isWindowsPath() and normalizePath() in common.py, they can break all
2010-02-26 12:00:47 +00:00
Miroslav Stampar
89e919f07a
fixing my mistake
2010-02-26 10:01:23 +00:00
Miroslav Stampar
5ebf572cae
added option --ignore-proxy
2010-02-25 20:55:10 +00:00
Bernardo Damele
98496fd173
Show also site in the banner
2010-02-25 17:37:46 +00:00
Bernardo Damele
404927d04a
Adjusted banner, increased release candidate to rc7
2010-02-25 17:34:54 +00:00
Miroslav Stampar
e4c34ff86c
changed default web server language behaviour
2010-02-25 16:55:02 +00:00
Miroslav Stampar
d95a8850c8
fix
2010-02-25 16:38:39 +00:00
Miroslav Stampar
0913d700a8
important update regarding default directories
2010-02-25 15:22:41 +00:00
Bernardo Damele
a10adcfe08
Minor code cleanup
2010-02-25 15:16:41 +00:00
Miroslav Stampar
4a3fa69f9d
minor adjustment
2010-02-25 15:07:54 +00:00
Miroslav Stampar
3721451cd6
default dirs update
2010-02-25 14:51:39 +00:00
Bernardo Damele
0df5b5fed9
Minor bug fix and code adjustments
2010-02-25 14:06:44 +00:00
Miroslav Stampar
a0f5c3d885
minor update
2010-02-25 13:45:28 +00:00
Miroslav Stampar
3e152f8b20
minor code refactoring
2010-02-25 13:33:52 +00:00
Miroslav Stampar
28d5248c04
one more fix regarding localhost/global proxy issue
2010-02-25 13:30:22 +00:00
Miroslav Stampar
24d3e24db0
more updates regarding --os-shell feature
2010-02-25 12:16:49 +00:00
Miroslav Stampar
b558712a47
more feature updates
2010-02-25 11:40:49 +00:00
Miroslav Stampar
15d1fcbb7f
now runcmd exe has random name too
2010-02-25 10:47:12 +00:00
Miroslav Stampar
2cafd5697b
new changes regarding --os-shell
2010-02-25 10:33:41 +00:00
Miroslav Stampar
858cb25975
update
2010-02-24 23:40:56 +00:00
Miroslav Stampar
4bea0e343a
Avoiding md5/sha1 deprecated warning in Python >=2.6
2010-02-23 08:54:33 +00:00
Miroslav Stampar
9c014c0fd0
minor change
2010-02-20 23:11:05 +00:00
Miroslav Stampar
2a07af2294
removed pdb tracing
2010-02-20 22:36:17 +00:00
Miroslav Stampar
0debc95ad4
some fixes
2010-02-20 22:31:54 +00:00
Bernardo Damele
d1e3596382
Minor UPX adjustment
2010-02-20 19:02:55 +00:00
Miroslav Stampar
0ed5ba5559
minor update
2010-02-16 13:24:09 +00:00
Miroslav Stampar
c4951fd631
some updates regarding --os-shell option
2010-02-16 13:20:34 +00:00
Bernardo Damele
8131f9c77c
Added and fixed README files
2010-02-12 00:20:53 +00:00
Bernardo Damele
dc06b40ddc
Minor exception message fix
2010-02-11 23:07:33 +00:00
Bernardo Damele
89dc99188d
--read-file on PostgreSQL now relies on the new sys_fileread() UDF so that also binary files can be read.
...
Fixed a minor bug in custom UDF injection feature --udf-inject.
Major code refactoring.
2010-02-11 22:57:50 +00:00
Miroslav Stampar
cef248a5ea
update for that invalid target url Otavio Augusto reported
2010-02-10 12:06:23 +00:00
Miroslav Stampar
203cfd114f
changed raised exception type
2010-02-10 09:39:36 +00:00
Miroslav Stampar
8e8f6f842c
fix for that md5 error reported by Dani (lgrecol@gmail.com)
2010-02-10 09:27:34 +00:00
Miroslav Stampar
00a23ace9a
some changes regarding web takeover
2010-02-09 14:27:41 +00:00
Miroslav Stampar
542b01993e
minor fix regarding exception handling of multi-part post handler
2010-02-09 14:02:47 +00:00
Miroslav Stampar
a6674edf8a
regular expressions revisited
2010-02-09 13:01:08 +00:00
Bernardo Damele
5c92fad5dc
Avoid to check for existence of not needed UDFs and minor code adjustment for cleanup() method
2010-02-05 23:14:16 +00:00
Bernardo Damele
b08a4efb4b
Minor layout adjustments
2010-02-04 17:45:56 +00:00
Miroslav Stampar
d291464cd4
code refactoring regarding path normalization
2010-02-04 14:50:54 +00:00
Miroslav Stampar
dbd52c52e4
minor fix
2010-02-04 14:39:24 +00:00
Miroslav Stampar
ec63fc4036
code refactoring - added functions posixToNtSlashes and ntToPosixSlashes
2010-02-04 14:37:00 +00:00
Miroslav Stampar
87239476af
more fixes :)
2010-02-04 10:10:41 +00:00
Miroslav Stampar
e4699f389d
some bug fixes regarding --os-shell usage against windows servers
2010-02-04 09:49:31 +00:00
Miroslav Stampar
ea045eaa2f
fixed serious issue with adding file paths into kb.absFilePaths (dirname was wrongly added, and afterwards getDirs used dirname of dirname)
...
also, fixed some issues with Windows paths
2010-02-03 16:40:12 +00:00
Miroslav Stampar
7c88e32f9d
bug fix for 404 program termination during shell upload attempt
2010-02-03 16:16:34 +00:00
Miroslav Stampar
565433097e
used normalizePath instead of os.path.normalize
2010-02-03 16:10:09 +00:00
Miroslav Stampar
494e014a4a
minor update
2010-02-03 16:04:44 +00:00
Miroslav Stampar
8b0d31a6b7
fix for cases where both posix and nt path versions of windows paths are in parsed web page
2010-02-03 15:34:20 +00:00
Miroslav Stampar
894b9f0f80
minor minor update
2010-02-03 15:15:30 +00:00
Miroslav Stampar
25f1a9c7d0
upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this)
2010-02-03 15:06:41 +00:00
Miroslav Stampar
87c8bdbc29
removed pdb tracing
2010-02-03 14:52:29 +00:00
Miroslav Stampar
c74b920f54
bug fix
2010-02-03 14:49:28 +00:00
Bernardo Damele
979c919dc7
Minor logging message adjustment
2010-01-29 22:58:12 +00:00
Bernardo Damele
e8b0fd90c8
Minor bug fix
2010-01-29 19:32:02 +00:00
Bernardo Damele
767c67e37a
--priv-esc now relieas on more powerful and complete getsystem Meterpreter command that also implements kitrap0d as 4th technique
2010-01-29 14:57:33 +00:00
Miroslav Stampar
061794650f
minor fix
2010-01-29 10:15:05 +00:00
Miroslav Stampar
92817159dc
cloaked upx for windows (used mkstemp because of execution and file access rights problem)
2010-01-29 10:12:09 +00:00
Bernardo Damele
200518724c
By default do not use Churrasco, but still let the user choose it.
...
The default technique to privilege escalate the OS user to SYSTEM when --priv-esc is provided now it 'run kitrap0d'.
2010-01-29 02:27:50 +00:00
Bernardo Damele
7b8316728c
Major bug fix in takeover functionalities on Microsoft SQL Server
2010-01-29 00:09:05 +00:00
Bernardo Damele
6f5d2ed171
Minor cosmetic adjustments
2010-01-28 17:07:34 +00:00
Miroslav Stampar
a2077bfc0e
quick fix
2010-01-28 16:56:00 +00:00
Miroslav Stampar
732ed48e2b
some refactoring regarding decloaking
2010-01-28 16:50:34 +00:00
Bernardo Damele
dcbbad642d
Minor self fix, switched to rc6
2010-01-28 10:27:47 +00:00
Miroslav Stampar
f6b447f6e7
fix for "NameError: global name 'webFileStreamUpload' is not defined"
2010-01-28 08:54:47 +00:00
Miroslav Stampar
645afee359
some changes
2010-01-28 00:25:36 +00:00
Miroslav Stampar
921e449454
added support for cloaking Churrasco.exe file
2010-01-28 00:07:33 +00:00
Miroslav Stampar
4559ded6c1
added new line at the end of the file
2010-01-27 17:02:23 +00:00
Miroslav Stampar
f4b8ce5c72
fix for 'No such file or directory' OSError exception
2010-01-27 17:00:54 +00:00
Miroslav Stampar
d0acb1c5a3
another fix. hope it works :)
2010-01-27 16:01:50 +00:00
Miroslav Stampar
f8056f4098
quick fix regarding usage of StringIO instead of file stream
2010-01-27 15:44:35 +00:00
Miroslav Stampar
1d15c595a4
minor fix
2010-01-27 14:08:09 +00:00
Miroslav Stampar
e63428207c
modified a way to handle shell scripts
2010-01-27 13:59:25 +00:00
Bernardo Damele
6437c16156
run kitrap0d script along with listing Windows Impersonation Tokens via meterpreter's incognito extension when --priv-esc is provided (see #149 ).
2010-01-26 01:14:44 +00:00
Miroslav Stampar
3197fada59
update of IDS checking method
2010-01-25 10:06:52 +00:00
Bernardo Damele
952c280083
Added svn keyword
2010-01-25 09:21:39 +00:00
Miroslav Stampar
e689c2ec99
another minor fix (svn header comment)
2010-01-25 00:29:19 +00:00
Miroslav Stampar
44a74ccee8
minor grammar fix
2010-01-25 00:26:51 +00:00
Miroslav Stampar
b183b9cbb4
contains method for detecting if the generated payload is detectable by the PHPIDS filter rules
2010-01-25 00:25:58 +00:00
Miroslav Stampar
a4d8234875
minor update
2010-01-24 14:23:19 +00:00
Miroslav Stampar
98205cc488
another fix for Bug #148
2010-01-23 23:29:34 +00:00
Miroslav Stampar
39652bfbf4
update regarding Unicode char logging (Bug #148 )
2010-01-23 15:36:55 +00:00
Miroslav Stampar
97840535c6
fix for situations where proxy is set in environment, but the user tries to test something on localhost
2010-01-19 13:47:35 +00:00
Bernardo Damele
574880ba73
Warn user of HTTP error codes in HTTP responses
2010-01-19 10:27:54 +00:00
Bernardo Damele
5c58747740
More tweaking on --update
2010-01-18 15:20:50 +00:00
Bernardo Damele
051db588a5
Minor tweaking to --update
2010-01-18 14:59:24 +00:00
Miroslav Stampar
44adbc5776
changes regarding Feature #125
2010-01-18 14:05:23 +00:00
Bernardo Damele
2825ab5e4e
Major bug fix in url-encoding
2010-01-16 21:56:40 +00:00
Bernardo Damele
c18a5cb92f
Fixed a minor bug when displaying requested page in -v >= 3
2010-01-16 21:47:52 +00:00
Bernardo Damele
f337cd6e0a
Minor speedup to check if sqlmap's UDF have already been created
2010-01-16 21:46:35 +00:00
Bernardo Damele
4ce3abc56d
Minor adjustments
2010-01-15 17:42:46 +00:00
Miroslav Stampar
1a764e1f08
minor commit
2010-01-15 16:10:21 +00:00
Miroslav Stampar
5f171340f5
introduced safe string formatting
2010-01-15 16:06:59 +00:00
Miroslav Stampar
dcf0b2a3c1
minor update
2010-01-15 11:45:48 +00:00
Miroslav Stampar
f5c422efb4
updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before
2010-01-15 11:44:05 +00:00
Bernardo Damele
505647b00f
Minor bug fix to --cookie-urlencode
2010-01-15 11:24:30 +00:00
Bernardo Damele
c4215ce8d2
Minor code refactoring
2010-01-14 20:42:45 +00:00
Miroslav Stampar
26c7b74e65
changes regarding Data (GET/POST/Cookie) encoding (Bug #129 )
2010-01-14 18:05:03 +00:00
Bernardo Damele
1d968f51e9
More code refactoring
2010-01-14 15:11:32 +00:00
Bernardo Damele
c9863bc1d2
Minor code refactoring
2010-01-14 14:33:08 +00:00
Bernardo Damele
070ccc30e9
Added automatic support in --os-pwn to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP.
...
Updated ChangeLog.
Major code refactoring.
2010-01-14 14:03:16 +00:00
Bernardo Damele
50bbb0cf8a
Deprecate sqlmap update code, will use pysvn to update from latest development version from subversion repository.
2010-01-13 14:52:23 +00:00
Bernardo Damele
0ad43952bd
Minor bug fix
2010-01-12 23:56:43 +00:00
Miroslav Stampar
3434a22872
HTTP header HOST is now mandatory in a HTTP request file
2010-01-12 14:07:58 +00:00
Miroslav Stampar
a193205323
minor update regarding requestFile option
2010-01-12 14:01:58 +00:00
Miroslav Stampar
8817b2884f
minor update
2010-01-12 13:16:30 +00:00
Miroslav Stampar
a58b36fe07
code commit regarding Feature #119
2010-01-12 13:11:26 +00:00
Bernardo Damele
df36eb6d11
Minor bug fix in --resume functionality
2010-01-11 14:16:37 +00:00
Bernardo Damele
12f371cd65
Minor bug fix and improvement in displaying of enumerated columns in --dump -C
2010-01-09 21:37:44 +00:00
Bernardo Damele
dc04fa7f06
Minor layout adjustments
2010-01-09 21:08:47 +00:00
Miroslav Stampar
d58ba7ee6d
added --scope feature regarding Feature #105
2010-01-09 20:44:50 +00:00
Bernardo Damele
f316e722c1
sqlmap 0.8-rc4: --dump option now can also accept only -C: user can provide a string column and sqlmap will enumerate all databases, tables and columns that contain the 'provided_string' or '%provided_string%' then ask the user to dump the entries of only those columns.
...
--columns now accepts also -C option: user can provide a string column and sqlmap will enumerate all columns of a specific table like '%provided_string%'.
Minor enhancements.
Minor bug fixes.
2010-01-09 00:05:00 +00:00
Bernardo Damele
6a62a78b0a
More generic
2010-01-08 23:50:06 +00:00
Bernardo Damele
067cc07fb9
Make 'field' parameter in limitQuery() method to be option
2010-01-08 23:23:15 +00:00
Miroslav Stampar
82222fcd3a
minor update of help text
2010-01-07 13:09:14 +00:00
Miroslav Stampar
d07f60578c
implementation of Feature #17
2010-01-07 12:59:09 +00:00
Bernardo Damele
80df1fdcf9
Minor bug fix with --sql-query/shell when providing a statement with DISTINCT
2010-01-05 16:15:31 +00:00
Bernardo Damele
954a927cee
Minor bug fix to properly execute --time-test also on MySQL >= 5.0.12
2010-01-05 11:43:16 +00:00
Miroslav Stampar
71547a3496
getDocRoot changes
2010-01-05 11:30:33 +00:00
Bernardo Damele
bb61010a45
Avoid useless checks for --os-bof (no need to check for DBA or for xp_cmdshell). Minor code restyling.
2010-01-04 15:02:56 +00:00
Miroslav Stampar
d71e47ce56
fix regarding dirnames in Feature #110
2010-01-04 12:39:07 +00:00
Miroslav Stampar
96a033b51d
found and fixed few bugs regarding my "fix" of Bug #110
2010-01-03 15:56:29 +00:00
Bernardo Damele
d5b1863dec
Updated documentation and svn properties
2010-01-02 02:07:28 +00:00
Bernardo Damele
ce022a3b6e
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 02:02:12 +00:00
Bernardo Damele
d55175a340
Fixed resume functionality on --read-file when using MySQL's LOAD_FILE() via blind SQL injection.
2010-01-02 01:35:13 +00:00
Bernardo Damele
9c620da0a5
Minor fix
2009-12-31 12:34:18 +00:00
Bernardo Damele
c1c14dabd9
Minor bug fix
2009-12-21 11:21:18 +00:00
Bernardo Damele
e4e081cdc6
sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.
2009-12-17 22:04:01 +00:00
Bernardo Damele
b363f1c5ab
Added support for NTLM authentication
2009-12-02 22:54:39 +00:00
Bernardo Damele
e28b98a366
Minor layout adjustments
2009-12-02 22:52:17 +00:00
Bernardo Damele
4779a5fe0f
Minor layout adjustment
2009-11-16 16:39:31 +00:00
Bernardo Damele
89c43893d4
Merged back from personal branch to trunk (svn merge -r846:940 ...)
...
Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.
2009-09-25 23:03:45 +00:00