Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8091a88d3e 
							
						 
					 
					
						
						
							
							minor code cleanup and bug fix  
						
						
						
					 
					
						2014-03-21 11:35:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c211255773 
							
						 
					 
					
						
						
							
							replaced outfile with dumpfile so works even if the original statement outputs blob  
						
						
						
					 
					
						2014-03-21 11:01:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d405fc1157 
							
						 
					 
					
						
						
							
							Minor update (for the consistency sake)  
						
						
						
					 
					
						2014-02-16 22:04:12 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							58eac364a2 
							
						 
					 
					
						
						
							
							Bug fix  
						
						
						
					 
					
						2014-02-16 21:57:14 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dfa727cbc5 
							
						 
					 
					
						
						
							
							Fix for a same bug mentioned in last commit  
						
						
						
					 
					
						2014-02-16 21:47:14 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							43df4efd11 
							
						 
					 
					
						
						
							
							Bug fix (bad idea is to do os.path.join on web URLs - especially on Windows OS)  
						
						
						
					 
					
						2014-02-16 21:44:57 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							be6767b3b0 
							
						 
					 
					
						
						
							
							minor fix for command execution via web shell  
						
						
						
					 
					
						2014-02-10 09:59:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0e44132778 
							
						 
					 
					
						
						
							
							Removing unused imports  
						
						
						
					 
					
						2014-02-01 21:49:12 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1505f1dc74 
							
						 
					 
					
						
						
							
							removed useless sink  
						
						
						
					 
					
						2014-01-13 23:55:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							124ebefc7f 
							
						 
					 
					
						
						
							
							code cleanup  
						
						
						
					 
					
						2014-01-13 23:48:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							43a4e85749 
							
						 
					 
					
						
						
							
							updated copyright  
						
						
						
					 
					
						2014-01-13 17:24:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dfa9076a70 
							
						 
					 
					
						
						
							
							fixed and improved web shell upload in MySQL (it was actually broken since  fc57b7565d)  
						
						
						
					 
					
						2014-01-13 17:12:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95ed6b7203 
							
						 
					 
					
						
						
							
							Minor patch (Issue  #470 )  
						
						
						
					 
					
						2013-06-24 14:37:45 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a72096a345 
							
						 
					 
					
						
						
							
							slightly more appropriate definition of output variable  
						
						
						
					 
					
						2013-06-19 20:25:01 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cae108d9fc 
							
						 
					 
					
						
						
							
							careful at merging pull requests with TABs ( #466 )  
						
						
						
					 
					
						2013-06-19 19:49:53 +01:00 
						 
				 
			
				
					
						
							
							
								Meatballs 
							
						 
					 
					
						
						
						
						
							
						
						
							c5087399c1 
							
						 
					 
					
						
						
							
							Fix exception if init technique not available  
						
						
						
					 
					
						2013-06-16 10:47:27 +01:00 
						 
				 
			
				
					
						
							
							
								Meatballs 
							
						 
					 
					
						
						
						
						
							
						
						
							2c98507f1e 
							
						 
					 
					
						
						
							
							Add better error msg  
						
						
						
					 
					
						2013-06-16 10:27:08 +01:00 
						 
				 
			
				
					
						
							
							
								Meatballs 
							
						 
					 
					
						
						
						
						
							
						
						
							caa326774c 
							
						 
					 
					
						
						
							
							Fallback to blind  
						
						
						
					 
					
						2013-06-16 10:22:20 +01:00 
						 
				 
			
				
					
						
							
							
								stamparm 
							
						 
					 
					
						
						
						
						
							
						
						
							8fbf4b11d2 
							
						 
					 
					
						
						
							
							Trivial update regarding last commit  
						
						
						
					 
					
						2013-05-29 15:45:13 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e18796dbe1 
							
						 
					 
					
						
						
							
							Minor style update  
						
						
						
					 
					
						2013-05-25 18:00:20 +02:00 
						 
				 
			
				
					
						
							
							
								stamparm 
							
						 
					 
					
						
						
						
						
							
						
						
							214d9aaf4b 
							
						 
					 
					
						
						
							
							Language fix  
						
						
						
					 
					
						2013-04-30 14:06:04 +02:00 
						 
				 
			
				
					
						
							
							
								stamparm 
							
						 
					 
					
						
						
						
						
							
						
						
							3266c6c1f1 
							
						 
					 
					
						
						
							
							Language fix  
						
						
						
					 
					
						2013-04-30 14:06:04 +02:00 
						 
				 
			
				
					
						
							
							
								stamparm 
							
						 
					 
					
						
						
						
						
							
						
						
							ae6ce7db30 
							
						 
					 
					
						
						
							
							Removal of unused imports  
						
						
						
					 
					
						2013-03-20 10:44:15 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8acf033715 
							
						 
					 
					
						
						
							
							Code refactoring  
						
						
						
					 
					
						2013-03-19 19:24:14 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0c79d7b1e2 
							
						 
					 
					
						
						
							
							unnecessary import  
						
						
						
					 
					
						2013-02-14 18:33:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							614ff6029d 
							
						 
					 
					
						
						
							
							working on  #396  - handle the case when we dont have a web backdoor/file stager for the language API, added a few more log messages to give further information about what is going on, minor bug fix to docRoot  
						
						
						
					 
					
						2013-02-14 18:31:14 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b38b20176 
							
						 
					 
					
						
						
							
							working on  #396  - adaptation for the verification phase  
						
						
						
					 
					
						2013-02-14 18:29:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							261db6ed4f 
							
						 
					 
					
						
						
							
							working on  #396  - verify shellcodeexec executable has been properly uploaded  
						
						
						
					 
					
						2013-02-14 18:29:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4d5ecc3b03 
							
						 
					 
					
						
						
							
							working on  #396  - verify icmpsh executable has been properly uploaded  
						
						
						
					 
					
						2013-02-14 18:28:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							66cee83ca4 
							
						 
					 
					
						
						
							
							if needed, allow to reinitialize the environment for takeover - issue  #396  
						
						
						
					 
					
						2013-02-14 17:39:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d42d28392a 
							
						 
					 
					
						
						
							
							avoid tracebacks because the parameter does not exist  
						
						
						
					 
					
						2013-02-14 13:18:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4b9d8ed673 
							
						 
					 
					
						
						
							
							reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter  
						
						
						
					 
					
						2013-02-14 11:32:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2267dd8f47 
							
						 
					 
					
						
						
							
							working on  #392  to fix --os-cmd and --os-shell output parsing  
						
						
						
					 
					
						2013-02-14 11:31:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a67ef4117f 
							
						 
					 
					
						
						
							
							make sure to use Python 2 interpreter when default system Python is version 3  
						
						
						
					 
					
						2013-02-14 11:25:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dd6f50a00e 
							
						 
					 
					
						
						
							
							Removing unused imports  
						
						
						
					 
					
						2013-02-13 11:15:24 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dc41484b3f 
							
						 
					 
					
						
						
							
							Refactoring of funcionality for finding out if stacking is available  
						
						
						
					 
					
						2013-02-13 09:57:16 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c06a937e5 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2013-02-09 20:21:17 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f970b4f240 
							
						 
					 
					
						
						
							
							minor adjustment fixing the regression test stall  
						
						
						
					 
					
						2013-02-09 12:19:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e48181e28d 
							
						 
					 
					
						
						
							
							another attempt to fix the stall during regression test  
						
						
						
					 
					
						2013-02-09 12:16:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							138a846cf1 
							
						 
					 
					
						
						
							
							possible fix for regression test stall  
						
						
						
					 
					
						2013-02-09 10:50:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1596b9ed59 
							
						 
					 
					
						
						
							
							revert  
						
						
						
					 
					
						2013-02-08 16:43:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							98864e425f 
							
						 
					 
					
						
						
							
							minor "fix"  
						
						
						
					 
					
						2013-02-08 16:30:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8b510c55fb 
							
						 
					 
					
						
						
							
							minor code cleanup  
						
						
						
					 
					
						2013-02-08 16:29:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5aaf7f1aa6 
							
						 
					 
					
						
						
							
							BUG fix  
						
						
						
					 
					
						2013-02-08 16:44:30 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c0e59d94a9 
							
						 
					 
					
						
						
							
							Better naming  
						
						
						
					 
					
						2013-02-08 16:28:58 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cdfe43560b 
							
						 
					 
					
						
						
							
							Update for an Issue  #207  (and a potential patch for regression tests)  
						
						
						
					 
					
						2013-02-08 16:20:48 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f41460f8d8 
							
						 
					 
					
						
						
							
							Better naming  
						
						
						
					 
					
						2013-01-29 20:53:11 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f4028bd7d2 
							
						 
					 
					
						
						
							
							minor adjustment  
						
						
						
					 
					
						2013-01-23 02:10:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d8a0e7eacb 
							
						 
					 
					
						
						
							
							fixes   #187  
						
						
						
					 
					
						2013-01-23 01:27:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dea15b5892 
							
						 
					 
					
						
						
							
							notify user if --udf-inject is provided but no stacked queries SQLi is detected  
						
						
						
					 
					
						2013-01-22 18:28:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							adf97e630f 
							
						 
					 
					
						
						
							
							add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL  
						
						
						
					 
					
						2013-01-19 18:04:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							601eb1e49a 
							
						 
					 
					
						
						
							
							Unescaping is renamed to escaping  
						
						
						
					 
					
						2013-01-18 15:40:37 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a43202f3c0 
							
						 
					 
					
						
						
							
							updated copyright  
						
						
						
					 
					
						2013-01-18 14:07:51 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3e2c3851f3 
							
						 
					 
					
						
						
							
							Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue  #312 )  
						
						
						
					 
					
						2013-01-14 13:42:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							934d41dac2 
							
						 
					 
					
						
						
							
							Minor style update (PEP8)  
						
						
						
					 
					
						2013-01-10 15:02:28 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ca3d35a878 
							
						 
					 
					
						
						
							
							Some PEP8 related style cleaning  
						
						
						
					 
					
						2013-01-10 13:18:44 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7f4ce4afbb 
							
						 
					 
					
						
						
							
							Merge branch 'master' of github.com:sqlmapproject/sqlmap  
						
						
						
					 
					
						2013-01-09 16:04:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							510ceb6e19 
							
						 
					 
					
						
						
							
							first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue  #28  
						
						
						
					 
					
						2013-01-09 16:04:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							25f01a419f 
							
						 
					 
					
						
						
							
							Minor style update (for the sake of consistency over the code and our PEP8 adaptation)  
						
						
						
					 
					
						2013-01-09 15:38:41 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							96e5d5d178 
							
						 
					 
					
						
						
							
							Some more updates for an Issue  #295  
						
						
						
					 
					
						2013-01-07 16:55:41 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							74552bea87 
							
						 
					 
					
						
						
							
							Cleaning some garbage (hard coded paths with linux native slashes)  
						
						
						
					 
					
						2013-01-07 16:51:00 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							425df067eb 
							
						 
					 
					
						
						
							
							Fix for an --os-pwn with ICMPsh (it was crashing because methods interleaved with Metasploit ones)  
						
						
						
					 
					
						2013-01-07 16:44:22 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac407ae4a1 
							
						 
					 
					
						
						
							
							Implementation for an Issue  #295  
						
						
						
					 
					
						2013-01-07 15:55:40 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e4a3c015e5 
							
						 
					 
					
						
						
							
							Replacing old and deprecated raise Exception style (PEP8)  
						
						
						
					 
					
						2013-01-03 23:20:55 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cb15fcc8af 
							
						 
					 
					
						
						
							
							Fix for an Issue  #329  
						
						
						
					 
					
						2013-01-02 22:17:06 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a77b7f00d9 
							
						 
					 
					
						
						
							
							Fix for an Issue  #323  
						
						
						
					 
					
						2012-12-23 19:34:35 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							00e55828e4 
							
						 
					 
					
						
						
							
							Minor style update  
						
						
						
					 
					
						2012-12-21 15:06:03 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6c1ec9b54f 
							
						 
					 
					
						
						
							
							Fix for an Issue  #318  
						
						
						
					 
					
						2012-12-21 11:10:05 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							35728fa443 
							
						 
					 
					
						
						
							
							Fix (and some hidden bug fixes/improvements) regarding an Issue  #317  
						
						
						
					 
					
						2012-12-21 10:51:35 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							65ed2304fd 
							
						 
					 
					
						
						
							
							comment update  
						
						
						
					 
					
						2012-12-19 09:38:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0037d52098 
							
						 
					 
					
						
						
							
							typo fix  
						
						
						
					 
					
						2012-12-19 01:11:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							df0f08bc6a 
							
						 
					 
					
						
						
							
							Cleaning some (web upload based) garbage  
						
						
						
					 
					
						2012-12-13 13:19:47 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							974407396e 
							
						 
					 
					
						
						
							
							Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)  
						
						
						
					 
					
						2012-12-06 14:14:19 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							003d21e962 
							
						 
					 
					
						
						
							
							Minor style update (capitalization of leftover class names)  
						
						
						
					 
					
						2012-12-06 13:46:24 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ab67344448 
							
						 
					 
					
						
						
							
							Removed unused imports and variables (pyflake-ing)  
						
						
						
					 
					
						2012-12-06 11:15:05 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							775e0df04b 
							
						 
					 
					
						
						
							
							Update for an Issue  #278  
						
						
						
					 
					
						2012-12-05 10:45:17 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c7aff12c6 
							
						 
					 
					
						
						
							
							Update for an Issue  #225  
						
						
						
					 
					
						2012-10-30 01:26:19 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							726de868e2 
							
						 
					 
					
						
						
							
							Fix for an Issue  #225  
						
						
						
					 
					
						2012-10-30 00:37:43 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5358d85d37 
							
						 
					 
					
						
						
							
							Important refactoring for web-based functionality  
						
						
						
					 
					
						2012-10-29 15:09:05 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d6e16e8641 
							
						 
					 
					
						
						
							
							Minor update  
						
						
						
					 
					
						2012-10-29 11:08:02 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							359e734954 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2012-10-29 10:48:49 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1b8226329 
							
						 
					 
					
						
						
							
							Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)  
						
						
						
					 
					
						2012-10-28 00:36:09 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06805b27f2 
							
						 
					 
					
						
						
							
							Bug fix (time was also meant to be disabled in case of error/inband getvalues)  
						
						
						
					 
					
						2012-10-27 23:16:25 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							54fbb22ab8 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2012-10-25 09:56:36 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f3aa09c794 
							
						 
					 
					
						
						
							
							Minor language fix  
						
						
						
					 
					
						2012-10-23 15:52:43 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a6eeebfca8 
							
						 
					 
					
						
						
							
							Fix for an Issue  #188  
						
						
						
					 
					
						2012-09-20 11:30:07 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ebab05cf7c 
							
						 
					 
					
						
						
							
							Fix for an Issue  #158  
						
						
						
					 
					
						2012-08-21 20:20:38 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1669c6bdb4 
							
						 
					 
					
						
						
							
							Another update for an Issue  #28  
						
						
						
					 
					
						2012-07-27 17:05:21 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6ffc5665d0 
							
						 
					 
					
						
						
							
							Update for Issue  #28  
						
						
						
					 
					
						2012-07-27 16:29:33 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f8c9868cb6 
							
						 
					 
					
						
						
							
							Implementation for an Issue  #118  
						
						
						
					 
					
						2012-07-24 15:34:50 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0a4b6431a8 
							
						 
					 
					
						
						
							
							minor bug fix - issue  #112  
						
						
						
					 
					
						2012-07-21 16:51:01 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dba0a96c2e 
							
						 
					 
					
						
						
							
							fall-back to UNION technique if web file stager was not uploaded with LIMIT  
						
						
						
					 
					
						2012-07-20 17:11:22 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cbe8f41746 
							
						 
					 
					
						
						
							
							minor code refactoring preparing for  #96  
						
						
						
					 
					
						2012-07-20 16:20:17 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							318a01b867 
							
						 
					 
					
						
						
							
							minor typo fixes  
						
						
						
					 
					
						2012-07-17 00:25:02 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							87ecf205cb 
							
						 
					 
					
						
						
							
							More work for Issue  #66  
						
						
						
					 
					
						2012-07-14 17:01:04 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9ff9c951bc 
							
						 
					 
					
						
						
							
							Language update  
						
						
						
					 
					
						2012-07-13 14:33:16 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6677da63cd 
							
						 
					 
					
						
						
							
							Fix for an Issue  #88  
						
						
						
					 
					
						2012-07-13 14:25:39 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c5ecc8b8db 
							
						 
					 
					
						
						
							
							Closing work on Issue  #83  
						
						
						
					 
					
						2012-07-13 11:23:21 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							48f68bd076 
							
						 
					 
					
						
						
							
							First commit for Issue  #83  
						
						
						
					 
					
						2012-07-13 10:35:22 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							162da75a04 
							
						 
					 
					
						
						
							
							modified homepage address  
						
						
						
					 
					
						2012-07-12 18:38:03 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0702dd70b5 
							
						 
					 
					
						
						
							
							verify also that the web backdoor has been successfully uploaded  
						
						
						
					 
					
						2012-07-11 14:08:51 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9c4a62f725 
							
						 
					 
					
						
						
							
							Some work on Issue  #68  
						
						
						
					 
					
						2012-07-11 11:58:47 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d3da3f5c52 
							
						 
					 
					
						
						
							
							refactoring for issue  #51  
						
						
						
					 
					
						2012-07-10 00:19:32 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							25eca9d671 
							
						 
					 
					
						
						
							
							finally got this working on MSSQL 2005: commands can now be executed as another user (BULK INSERT must be used in such case, see comments in the code) - issue  #34  
						
						
						
					 
					
						2012-07-09 14:26:23 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							99c5ea54f7 
							
						 
					 
					
						
						
							
							cleanup for  #34  
						
						
						
					 
					
						2012-07-09 12:39:43 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d08a54e375 
							
						 
					 
					
						
						
							
							properly display the command stdout  
						
						
						
					 
					
						2012-07-09 10:52:48 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							54e0a2d8ee 
							
						 
					 
					
						
						
							
							--os-shell now works perfect for inference-like techniques too  
						
						
						
					 
					
						2012-07-07 17:57:06 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							58f6687194 
							
						 
					 
					
						
						
							
							Some refactoring (reusing xpCmdshellForgeCmd)  
						
						
						
					 
					
						2012-07-07 10:51:29 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8620767b77 
							
						 
					 
					
						
						
							
							Proper fix  
						
						
						
					 
					
						2012-07-07 10:38:07 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1c69eb5d30 
							
						 
					 
					
						
						
							
							Revert "major fix"  
						
						... 
						
						
						
						This reverts commit 3a11fc2d9e 
						
					 
					
						2012-07-07 10:26:13 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3a11fc2d9e 
							
						 
					 
					
						
						
							
							major fix  
						
						
						
					 
					
						2012-07-06 22:55:34 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e948e4d45b 
							
						 
					 
					
						
						
							
							Some more refactoring  
						
						
						
					 
					
						2012-07-06 17:18:22 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							982fcde1c0 
							
						 
					 
					
						
						
							
							Fix for Issue  #62  
						
						
						
					 
					
						2012-07-06 12:24:55 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fd4cfb0cc0 
							
						 
					 
					
						
						
							
							working on  #51  
						
						
						
					 
					
						2012-07-02 15:28:19 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7335072ab8 
							
						 
					 
					
						
						
							
							leftover  
						
						
						
					 
					
						2012-07-02 15:11:21 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							04d803c7fd 
							
						 
					 
					
						
						
							
							more tweaking for issue  #34 , it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)  
						
						
						
					 
					
						2012-07-02 15:02:00 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b7d2680e55 
							
						 
					 
					
						
						
							
							minor refactoring, issue  #51  
						
						
						
					 
					
						2012-07-02 12:50:26 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							add8352804 
							
						 
					 
					
						
						
							
							make the runAsDBMSUser() generic and ported to abstraction.py so the same function will be used for PostgreSQL dblink() too  
						
						
						
					 
					
						2012-07-02 02:14:03 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6697927098 
							
						 
					 
					
						
						
							
							initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap  
						
						
						
					 
					
						2012-07-02 02:04:19 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							18be319d13 
							
						 
					 
					
						
						
							
							hexencoding the command is much shorter than unescaping with CHAR() for MSSQL, also no need for spaces between nested comments when forging the xp_cmdshell command to run  
						
						
						
					 
					
						2012-07-01 23:41:10 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ff9e97a42c 
							
						 
					 
					
						
						
							
							minor code refactoring  
						
						
						
					 
					
						2012-07-01 23:31:45 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ab412da27f 
							
						 
					 
					
						
						
							
							I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes  
						
						
						
					 
					
						2012-07-01 23:25:05 +01:00 
						 
				 
			
				
					
						
							
							
								jekil 
							
						 
					 
					
						
						
						
						
							
						
						
							c39e5a85ba 
							
						 
					 
					
						
						
							
							Removed $id$ tags  
						
						
						
					 
					
						2012-06-27 20:56:43 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06be7bbb18 
							
						 
					 
					
						
						
							
							few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)  
						
						
						
					 
					
						2012-06-15 20:41:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4da03d898e 
							
						 
					 
					
						
						
							
							Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too.  Fixes   #236  
						
						
						
					 
					
						2012-04-25 07:40:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5e358b51f9 
							
						 
					 
					
						
						
							
							few fixes related to bug report by Shadow Folder (AttributeError: 'list' object has no attribute 'isdigit')  
						
						
						
					 
					
						2012-04-04 09:25:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e05109812f 
							
						 
					 
					
						
						
							
							minor improvements regarding data retrieval through DNS channel  
						
						
						
					 
					
						2012-04-03 09:18:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1e71b24dca 
							
						 
					 
					
						
						
							
							More info messages to prove xp_cmdshell (and temporary directory choosen) worked  
						
						
						
					 
					
						2012-03-14 22:41:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61ad3b999a 
							
						 
					 
					
						
						
							
							fix for a crash with partial union and --hex  
						
						
						
					 
					
						2012-03-14 10:31:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							34b0935cb3 
							
						 
					 
					
						
						
							
							refactoring "echo 1" quick test for xp_cmdshell console output  
						
						
						
					 
					
						2012-03-13 10:36:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c878dd3e5a 
							
						 
					 
					
						
						
							
							doing a dummy test for --os-shell in case of xp_cmdshell  
						
						
						
					 
					
						2012-03-09 14:21:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8b9c5c66cc 
							
						 
					 
					
						
						
							
							code refactoring regarding charsetType inside inference/bisection  
						
						
						
					 
					
						2012-02-29 14:36:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							85125018a1 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2012-02-25 22:54:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06ab3fa134 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-25 10:53:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b3bd4144f5 
							
						 
					 
					
						
						
							
							removing of unused imports together with some general code refactoring  
						
						
						
					 
					
						2012-02-22 10:40:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							121148f27f 
							
						 
					 
					
						
						
							
							There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.  
						
						... 
						
						
						
						Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones 
						
					 
					
						2012-02-17 15:54:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8d7912ad34 
							
						 
					 
					
						
						
							
							minor update and refactoring  
						
						
						
					 
					
						2012-02-15 14:05:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9059d30312 
							
						 
					 
					
						
						
							
							adding first code example for SPL snippets  
						
						
						
					 
					
						2012-02-15 13:17:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							edeb4b6113 
							
						 
					 
					
						
						
							
							bug fix for --os-shell on Windows (echo ... > requires double quotes if the piped filename contains whitespace, otherwise doesn't hurt)  
						
						
						
					 
					
						2012-02-15 11:14:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							35fa214a1e 
							
						 
					 
					
						
						
							
							minor update (it was working before too, but this is cleaner)  
						
						
						
					 
					
						2012-02-15 10:14:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95f89ab63a 
							
						 
					 
					
						
						
							
							updating copyright date  
						
						
						
					 
					
						2012-01-11 14:59:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ae413a206 
							
						 
					 
					
						
						
							
							some refactoring/speedup around UNION technique  
						
						
						
					 
					
						2011-12-22 10:32:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ba5eff1de6 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-09-23 18:29:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f890b29f81 
							
						 
					 
					
						
						
							
							Proper reference to Metasploit Framework as now it's version 4, not 3 anymore  
						
						
						
					 
					
						2011-09-12 17:26:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							702ed73a65 
							
						 
					 
					
						
						
							
							Added --code switch to match in boolean-based tests against the HTTP response code  
						
						
						
					 
					
						2011-08-12 16:48:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a2483b3bc4 
							
						 
					 
					
						
						
							
							Aligned OS takeover functionalities to recent Metasploit improvements  
						
						
						
					 
					
						2011-07-26 10:29:14 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d6b52242c7 
							
						 
					 
					
						
						
							
							Meterpreter's sniffer extension freezes 64-bit systems  
						
						... 
						
						
						
						Meterpreter's priv extension is loaded by default since Metasploit 3.5 or so.
There is no shellcodeexec 64-bit yet, anyway as the Metasploit payload is encoded with a 32-bit encoded (alphanumeric), it's all fine. 
						
					 
					
						2011-07-20 13:50:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aedcf8c8d7 
							
						 
					 
					
						
						
							
							Changed homepage address  
						
						
						
					 
					
						2011-07-07 20:10:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9e453e8709 
							
						 
					 
					
						
						
							
							fix for a bug reported by nightman@email.de  
						
						
						
					 
					
						2011-06-29 17:49:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cd6ceb733e 
							
						 
					 
					
						
						
							
							Adjustment and refactoring for takeover via web backdoor  
						
						
						
					 
					
						2011-06-08 14:16:53 +00:00