sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-10-24 20:51:23 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	a7fa8d4975	update regarding brute force retrieval of table names and table column names	2010-11-09 16:15:55 +00:00
Miroslav Stampar	4be0631161	refactoring of brute force techniques	2010-11-09 09:42:43 +00:00
Bernardo Damele	45ec8c169a	Consistency between --*-test switches/output	2010-11-08 16:46:25 +00:00
Miroslav Stampar	862395ced1	further refactoring (all enumerations are now put into enums.py)	2010-11-08 09:20:02 +00:00
Bernardo Damele	ea1b0d31be	Avoid displaying single retrieved character when --verbose > 2	2010-11-07 22:42:56 +00:00
Bernardo Damele	b6da946883	Added one new verbose level, -v 3 now shows the full injected payload. Fixed also -d verbose output.	2010-11-07 22:34:29 +00:00
Miroslav Stampar	d3e7e89e60	major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces	2010-11-07 21:18:09 +00:00
Miroslav Stampar	3f0a443b83	some updates	2010-11-04 23:08:59 +00:00
Miroslav Stampar	63af5444fd	fix (NameError: global name 'DBMS' is not defined)	2010-11-04 12:47:34 +00:00
Miroslav Stampar	cd0d4135ac	implemented --banner for MaxDB and some minor fixes	2010-11-02 20:51:55 +00:00
Miroslav Stampar	685a8e7d2c	refactoring of hard coded dbms names	2010-11-02 11:59:24 +00:00
Miroslav Stampar	5269cb8c08	some code refactoring and beautification	2010-11-02 09:06:38 +00:00
Miroslav Stampar	13e93f564a	one bug fix in dynamic content engine and some code refactoring	2010-11-02 07:32:08 +00:00
Miroslav Stampar	73b33ed765	fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic	2010-11-01 20:56:13 +00:00
Bernardo Damele	486a113560	Consolidate logger messages for --*-test switches	2010-10-31 16:58:38 +00:00
Miroslav Stampar	5a38ac7ea9	important update regarding (Bug #209 ) - probably more will be needed	2010-10-29 16:11:50 +00:00
Miroslav Stampar	4d70f2c210	reverting back to 100	2010-10-26 15:42:54 +00:00
Miroslav Stampar	8211e6a2bd	possible	2010-10-26 11:29:09 +00:00
Bernardo Damele	9b127e58d2	Adjusted for MySQL weirdness	2010-10-26 09:33:18 +00:00
Bernardo Damele	f5904d0bc0	Major bug fix to --union-test	2010-10-25 23:39:55 +00:00
Bernardo Damele	215175e3b7	Minor code adjustments	2010-10-25 14:11:47 +00:00
Miroslav Stampar	db260c44d3	minor update	2010-10-24 22:25:05 +00:00
Miroslav Stampar	aa931efd4d	several MySQL fixes/enhancements pointed out by Anton Mogilin	2010-10-24 22:05:14 +00:00
Miroslav Stampar	98f5586b87	minor update	2010-10-23 08:05:24 +00:00
Miroslav Stampar	bc79eec702	removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)	2010-10-21 13:13:12 +00:00
Bernardo Damele	c60edf7c17	Minor cosmetics	2010-10-20 22:43:02 +00:00
Bernardo Damele	430bb7478f	Minor bug fix	2010-10-20 21:15:06 +00:00
Miroslav Stampar	34f70657ee	fix for NULL values	2010-10-20 10:29:18 +00:00
Miroslav Stampar	00449f1402	fix/upgrade/chicken soup	2010-10-20 09:54:17 +00:00
Miroslav Stampar	e24bff0497	nice refactoring	2010-10-20 09:46:57 +00:00
Miroslav Stampar	5d3cbec457	no more regex. web server independent.	2010-10-20 09:35:46 +00:00
Miroslav Stampar	934adb5e8d	code refactoring	2010-10-20 09:09:04 +00:00
Bernardo Damele	0817d1b78d	Cosmetics	2010-10-19 23:09:30 +00:00
Miroslav Stampar	1b376c99a6	removed temp dictionary and replaced with kb.misc	2010-10-19 23:00:19 +00:00
Miroslav Stampar	4009ef385e	more update regarding error based injection support	2010-10-19 18:17:34 +00:00
Bernardo Damele	64b9f94fcf	Renamed --common-prediction switch to --predict-output	2010-10-16 23:50:13 +00:00
Bernardo Damele	2129935e06	Split character for tamper scripts (--tamper option) is now comma, not semi-colon. Minor enhancement	2010-10-16 21:52:16 +00:00
Miroslav Stampar	1336b97c2c	removed --useBetween switch and added new tampering module ./tamper/between.py	2010-10-15 23:48:07 +00:00
Miroslav Stampar	4f7f20b94f	sorry, cosmetics	2010-10-14 23:18:29 +00:00
Bernardo Damele	1674142d82	Minor cosmetic fixes	2010-10-14 15:28:54 +00:00
Miroslav Stampar	8b48833136	large commit with copyright header modifications	2010-10-14 14:41:14 +00:00
Miroslav Stampar	cbe7c902c1	just a development start of an error based injection support	2010-10-04 13:05:51 +00:00
Miroslav Stampar	827cd1d56b	minor fix	2010-09-13 15:22:29 +00:00
Miroslav Stampar	b37dca1c2c	minor adjustment	2010-07-19 09:06:19 +00:00
Miroslav Stampar	9edd468caf	multithreading save to session on abort	2010-07-19 08:37:45 +00:00
Bernardo Damele	7349f3a70f	Closes #197	2010-07-01 15:25:57 +00:00
Miroslav Stampar	bb9401ba52	minor minor fixup	2010-07-01 14:14:43 +00:00
Miroslav Stampar	9d28ae23ca	fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval)	2010-07-01 14:11:45 +00:00
Bernardo Damele	17e228024b	Minor enhancements and bug fixes to "good samaritan" feature - see #4	2010-06-21 14:40:12 +00:00
Bernardo Damele	b98f6ac71c	Minor layout adjustment	2010-06-17 13:27:43 +00:00
Bernardo Damele	fd76f048b6	Added common pattern value support to bisection algorithm	2010-06-17 11:38:32 +00:00
Miroslav Stampar	35642a0450	some more adjustments	2010-06-10 15:03:08 +00:00
Miroslav Stampar	1b30c46348	fix for an bug reported by David Guimaraes	2010-06-10 14:52:33 +00:00
Miroslav Stampar	7fbeebc4d9	grammar fix	2010-06-03 08:55:13 +00:00
Miroslav Stampar	bf071d33d2	some comments added	2010-06-02 15:18:33 +00:00
Miroslav Stampar	12a5ec9f3d	more unicode refactoring	2010-06-02 12:45:40 +00:00
Miroslav Stampar	af2f184464	some comments regarding inference.py	2010-05-31 15:20:20 +00:00
Bernardo Damele	6df2d98fc9	Minor bug fix in common.py goGoodSamaritan(). Minor code cleanup and adjustments.	2010-05-31 15:05:29 +00:00
Miroslav Stampar	4bb5885413	some changes regarding --common-outputs feature	2010-05-31 09:41:41 +00:00
Bernardo Damele	b798222dd7	Minor fixes	2010-05-30 14:53:13 +00:00
Miroslav Stampar	a3db3c03c1	str() -> unicode()	2010-05-28 13:05:02 +00:00
Miroslav Stampar	655bd79fc4	some renaming	2010-05-28 10:50:54 +00:00
Miroslav Stampar	838762fb00	previous quick fix removal	2010-05-28 10:38:23 +00:00
Miroslav Stampar	7ef286a76f	some speed up	2010-05-28 10:33:09 +00:00
Miroslav Stampar	48c0f4f053	minor fix	2010-05-28 10:17:03 +00:00
Miroslav Stampar	4eccf1a25d	quick fix	2010-05-28 10:01:19 +00:00
Bernardo Damele	9de1671b8f	Code refactoring and minor bug fixes.	2010-05-27 16:45:09 +00:00
Miroslav Stampar	ce29c841cf	some comments added	2010-05-26 11:14:22 +00:00
Miroslav Stampar	bbdbe44e3f	fuck yea, first tests (MySQL/--tables & --common-prediction) are great :)	2010-05-26 10:41:37 +00:00
Miroslav Stampar	7f0db26e99	more code updates regarding good samaritan (common output) feature	2010-05-26 09:48:20 +00:00
Miroslav Stampar	8ed76b3024	minor update regarding good samaritan	2010-05-25 14:51:02 +00:00
Miroslav Stampar	065d5b02ec	added singleValue parameter for good samaritan (same thing Bernardo wanted :)	2010-05-25 13:51:03 +00:00
Miroslav Stampar	056d1ad76e	new commit regarding good samaritan feature	2010-05-25 13:06:23 +00:00
Miroslav Stampar	dc83f794ea	fix regarding proper string isinstance checking (including unicode)	2010-05-25 10:09:35 +00:00
Miroslav Stampar	f718425cf4	minor fix	2010-05-24 11:18:47 +00:00
Miroslav Stampar	e9be60e1ac	added support for proper unicode session(s) storage/retrieval	2010-05-24 11:00:49 +00:00
Miroslav Stampar	f34e6badfd	removed pdb	2010-05-24 09:29:16 +00:00
Miroslav Stampar	f0d3e6c565	fix	2010-05-24 09:28:20 +00:00
Miroslav Stampar	887352746b	some speedup (usage of xrange (virtual range) instead of range)	2010-05-23 22:14:57 +00:00
Miroslav Stampar	2c2d6d3623	operator fix	2010-05-23 21:35:42 +00:00
Miroslav Stampar	7dc1bf0324	quick (probably not final) fix for unicode inference (not yet tested)	2010-05-23 21:32:51 +00:00
Miroslav Stampar	64f2afe585	in a mood for more changes	2010-05-21 12:44:09 +00:00
Miroslav Stampar	219628aa01	quick fixes	2010-05-21 12:25:49 +00:00
Miroslav Stampar	68e13c3872	periodical commit	2010-05-21 09:35:36 +00:00
Bernardo Damele	72fda2a3e4	Minor bug fix to correctly resuming --union-test results from session file.	2010-05-19 14:21:59 +00:00
Miroslav Stampar	d96723a135	fix for Feature #157	2010-05-13 11:17:24 +00:00
Miroslav Stampar	ca3e12ae73	added calculateDeltaSeconds method for dealing with non-deterministic time behaviour in some cases (e.g. WAITFOR DELAY in case of MSSQL)	2010-05-13 11:05:35 +00:00
Miroslav Stampar	0a4c1f8aec	unfix (conf.timeSec is an integer - my fault)	2010-05-13 09:34:08 +00:00
Miroslav Stampar	2fdac83607	minor fix	2010-05-13 08:27:51 +00:00
Bernardo Damele	9efe001515	SQLite does not support BETWEEN	2010-05-12 22:02:47 +00:00
Miroslav Stampar	893bc04fe4	changes regarding Feature #157 (Evaluate BETWEEN for inference algorithm)	2010-05-12 11:30:32 +00:00
Bernardo Damele	8b74c405f5	Minor output bug fix	2010-05-11 14:15:03 +00:00
Miroslav Stampar	430a25407b	fixed that thread partial output problem (one character behind) reported by Kasper Fons	2010-05-11 11:06:21 +00:00
Bernardo Damele	90d9900371	Minor bug fix to consider --start and --stop also in partial UNION query SQL injection	2010-04-30 15:48:40 +00:00
Miroslav Stampar	d8e5585c66	fixed a bug reported by Mosk Dmitri (infoMsg UnboundLocalError)	2010-04-29 08:30:29 +00:00
Miroslav Stampar	7d3a200ab8	fix for Bug #183	2010-04-19 15:25:52 +00:00
Bernardo Damele	a0c8adc266	Minor bug fix to add the "hinted" request to the total number of requests performed Minor layout adjustments.	2010-04-15 10:08:27 +00:00
Miroslav Stampar	17554759b7	implemented feature request from Ole Rasmussen regarding table name retrieval speedup	2010-04-15 09:36:13 +00:00
Bernardo Damele	b72ddb6f1e	Fixes non-deterministic unsorted results for most of the DBMSes - see #185	2010-04-09 15:48:53 +00:00
Bernardo Damele	1416cd0d86	Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments.	2010-03-26 23:23:25 +00:00

1 2 3 4 5

202 Commits