Miroslav Stampar
2b05ded9c3
just a makeup
2012-02-07 12:05:23 +00:00
Miroslav Stampar
8c45ff0d57
bug fix
2012-02-03 10:38:04 +00:00
Miroslav Stampar
95f89ab63a
updating copyright date
2012-01-11 14:59:46 +00:00
Miroslav Stampar
18930539cd
more concise language
2012-01-07 17:45:45 +00:00
Miroslav Stampar
29f502fe29
some refactoring
2011-12-28 16:27:17 +00:00
Miroslav Stampar
22c3fe49bb
some refactoring
2011-12-28 13:50:03 +00:00
Miroslav Stampar
abb401879c
minor update
2011-12-22 20:42:57 +00:00
Miroslav Stampar
8585107e3d
minor update
2011-12-22 12:21:30 +00:00
Miroslav Stampar
f622995a29
compatibility with partial union and error technique resumed data
2011-12-22 12:20:21 +00:00
Miroslav Stampar
9f68e54fff
minor cleanup
2011-12-22 10:59:28 +00:00
Miroslav Stampar
81bd9a201b
minor refactoring
2011-12-21 11:50:49 +00:00
Miroslav Stampar
23bf52e496
minor refactoring
2011-10-24 09:55:50 +00:00
Miroslav Stampar
e3a719e7d2
minor update
2011-10-11 22:40:00 +00:00
Miroslav Stampar
7956390631
minor update
2011-10-11 22:27:49 +00:00
Miroslav Stampar
a7a29f33ad
minor update
2011-10-11 21:58:57 +00:00
Miroslav Stampar
7e80274fac
refactoring
2011-09-25 21:10:45 +00:00
Miroslav Stampar
744636a8c1
switching to SQLite resume support (on error and union techniques this moment)
2011-09-25 20:36:32 +00:00
Miroslav Stampar
cb0981d858
proper way of handling 0 length results (as in __goInferenceProxy)
2011-08-02 08:39:32 +00:00
Bernardo Damele
938716e361
Proper fix for --start and --stop consistency amongst different techniques
2011-07-26 10:06:28 +00:00
Miroslav Stampar
6bbb8139a0
update (smaller memory footprint in postprocessing phase because of safecharencode part)
2011-07-25 20:40:31 +00:00
Miroslav Stampar
5770c08784
minor optimization and refactoring
2011-07-25 20:17:44 +00:00
Miroslav Stampar
ec1bc0219c
hello big tables, this is sqlmap, sqlmap this is big tables
2011-07-24 09:19:33 +00:00
Miroslav Stampar
a89140e1ce
revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function)
2011-07-23 06:07:00 +00:00
Bernardo Damele
aedcf8c8d7
Changed homepage address
2011-07-07 20:10:03 +00:00
Miroslav Stampar
34d9a91af1
bulk of fixes
2011-07-02 22:48:56 +00:00
Miroslav Stampar
9e232256f4
reverting that last commit because there is a mess with default dumping (startLimit is set to 0 which is not so friendly with --start and --stop logic)
2011-06-21 18:29:23 +00:00
Miroslav Stampar
3536320fc9
--stop is inclusive ("Last query output entry to retrieve")
2011-06-21 18:08:33 +00:00
Bernardo Damele
cd07139919
Layout adjustments
2011-06-18 11:58:14 +00:00
Miroslav Stampar
e7e23d1b79
fix for a Ctrl+C bug reported by nightman@email.de
2011-06-07 17:16:01 +00:00
Miroslav Stampar
7a3cc38e3c
refactoring and stabilization of multithreading
2011-06-07 09:50:00 +00:00
Miroslav Stampar
fc96764f80
minor bug fix ("trimmed" error message was shown for empty cases too because u'' or None == None)
2011-06-01 22:06:06 +00:00
Miroslav Stampar
091c174bc4
better language
2011-06-01 08:30:06 +00:00
Miroslav Stampar
b79dae6e95
minor update
2011-05-30 14:49:03 +00:00
Miroslav Stampar
d5ede6afb4
fix for a dirty reading issue reported by skysbsb@gmail.com (IndexError: list index out of range)
2011-05-30 06:38:44 +00:00
Miroslav Stampar
6fd8602f01
minor update
2011-05-29 23:33:34 +00:00
Miroslav Stampar
86455ceb9c
implementation of multithreading for UNION and ERROR techniques
2011-05-29 23:17:50 +00:00
Miroslav Stampar
9e5856caf8
improvement for recognition of scalar vs multiple-row commands
2011-05-19 16:45:05 +00:00
Miroslav Stampar
c64eb38a8b
same thing as for the last commit, but for error technique this time
2011-05-12 11:52:18 +00:00
Miroslav Stampar
83fac3f6d9
fix for proper MSSQL error chunking in some cases (not screwing output length toward lower values at chunk phase)
2011-05-03 21:12:51 +00:00
Miroslav Stampar
e6f010734e
minor fix for cases when the retrieved output is safe encoded (like for --os-shell)
2011-05-03 16:14:03 +00:00
Miroslav Stampar
742b0ef76e
major improvement of ERROR data retrieval on MSSQL
2011-05-03 13:25:20 +00:00
Bernardo Damele
9a4ae7d9e2
More code refactoring of Backend class methods used
2011-04-30 14:54:29 +00:00
Bernardo Damele
f56d135438
Minor code restyling
2011-04-30 13:20:05 +00:00
Miroslav Stampar
f88aa4b165
implemented suppressResumeInfo mechanism (huge slowdown on large tables)
2011-04-22 19:58:10 +00:00
Bernardo Damele
8d8fc2bbd8
cosmetics
2011-04-21 10:17:41 +00:00
Miroslav Stampar
e4d3190f41
reverting back to NVARCHAR because of error technique
2011-04-20 12:59:23 +00:00
Miroslav Stampar
3607f03a9e
fix of a minor typo
2011-04-20 12:42:35 +00:00
Miroslav Stampar
1286cc0913
now showing trimmed output in for of warning message (UNION and ERROR techniques affected)
2011-04-20 12:41:58 +00:00
Miroslav Stampar
3b6f9945ae
minor fix regarding report from nightman@email.de (...from time to time sqlmap lost the connection...)
2011-04-15 14:15:29 +00:00
Miroslav Stampar
0387654166
update of copyright string (until year)
2011-04-15 12:33:18 +00:00
Miroslav Stampar
bb99bd2fbe
one more commit related to the issue with displaying of garbled characters
2011-04-14 09:43:36 +00:00
Miroslav Stampar
04986be4b9
update regarding safe character output together with a small fix for newlines
2011-04-14 09:31:45 +00:00
Miroslav Stampar
c193b896be
just in case update to prevent gibberish "retrieved: " outputs
2011-04-12 23:07:50 +00:00
Miroslav Stampar
6fa2fd139c
implemented support for __pivotDumpTable on MSSQL as normal tables tend to not play well with normal TOP 1 ..NOT IN..ORDER BY mechanism if the argument for ORDER BY is not the unique one (returns only number of rows equal to the number of distinct values for that field)
2011-04-08 15:17:57 +00:00
Miroslav Stampar
228cc68747
fix for those ugly DEBUG messages in brute mode
2011-04-08 11:02:21 +00:00
Bernardo Damele
8b14a9eaa7
Minor code adjustments
2011-04-06 14:40:45 +00:00
Bernardo Damele
3948cd9e77
Minor layout adjustments
2011-03-31 14:13:53 +00:00
Miroslav Stampar
0f7bce5c66
fixing a huge mess going on because of counting on error and union techniques
2011-03-23 11:36:40 +00:00
Miroslav Stampar
7613134515
it was a real pain in the ass to have SELECT COUNT(*) for all rows (it was processed by a limit logic)
2011-03-22 12:37:05 +00:00
Miroslav Stampar
9479a68eb5
minor fix regarding last commit
2011-03-22 12:21:56 +00:00
Miroslav Stampar
c24ed6e622
minor fix related to a bug reported by warninggp@gmail.com
2011-03-22 09:22:48 +00:00
Miroslav Stampar
b5c9ccb755
Oracle XML based error payload has problems with char $ as with space
2011-03-21 13:13:12 +00:00
Miroslav Stampar
9b1f2d82d0
minor update (that .strip() was a leftover)
2011-03-20 23:20:47 +00:00
Miroslav Stampar
db992a0a86
mssql likes to htmlescape error reports
2011-03-20 23:16:34 +00:00
Miroslav Stampar
beba69faa9
implementation of request from Santiago (look for error based responses in redirects)
2011-03-17 09:12:28 +00:00
Bernardo Damele
d8a76ebe34
Minor bug fix for counting of entries for error-based and partial UNION query SQL injection techs
2011-03-11 16:03:19 +00:00
Bernardo Damele
3cb0ca4b63
Minor bug fix for --privileges on PgSQL with error-based SQL inj technique
2011-03-11 15:24:25 +00:00
Miroslav Stampar
83d7803ce7
other techniques use dataToStdout for retrieved string, hence this update (also, fixing ugly retrieved: 0 or 1 while doing fingerprinting --flush-session -f --technique=2)
2011-02-12 20:03:28 +00:00
Miroslav Stampar
3de6117253
revert of the r3247 (output always has to be appended to the outputs - no matter of it's value)
2011-02-09 09:53:59 +00:00
Miroslav Stampar
98ca1702ae
los cosmeticado
2011-02-08 16:30:32 +00:00
Miroslav Stampar
87e36796c6
just to not cause confusion
2011-02-08 16:29:42 +00:00
Miroslav Stampar
dcb9c93328
minor cleanup
2011-02-08 16:27:58 +00:00
Miroslav Stampar
37f7001143
first commit with mysql/error/substringing
2011-02-08 16:23:33 +00:00
Miroslav Stampar
265e7ca272
fix for that MSSQL limit/top problem
2011-02-07 16:24:23 +00:00
Bernardo Damele
061f56daf9
More adjustments related to unescape() and cleanupPayload().
...
Minor code cleanup related to error-based payload.
2011-02-06 23:27:56 +00:00
Bernardo Damele
9eac2339ca
2011-02-06 22:55:26 +00:00
Miroslav Stampar
078a2207cc
few reverts
2011-02-06 22:10:28 +00:00
Miroslav Stampar
b9b2fe0e7c
little cleanup
2011-02-06 21:52:39 +00:00
Miroslav Stampar
acb986ae80
minor refactoring
2011-02-04 17:40:55 +00:00
Bernardo Damele
9b342a4c95
Bug fixes and proper packing/unpacking of custom statements and predefined queries for both error-based and UNION query techniques.
...
Now it deals in UNION query also with --start and --stop and resume has been enhanced for both techniques too.
2011-02-01 22:07:42 +00:00
Bernardo Damele
6761933f75
Just.. cosmetics ;)
2011-01-31 22:51:14 +00:00
Bernardo Damele
e3a3ae11cc
Proper return from error-based technique enumeration
2011-01-31 21:13:29 +00:00
Miroslav Stampar
8ef47307db
added checking of header values for GREP (error); still UNION to do
2011-01-31 12:21:17 +00:00
Bernardo Damele
02e5c4b1e6
Minor bug fix for --sql-query/-shell with error-based technique
2011-01-30 14:19:50 +00:00
Miroslav Stampar
367d0639f0
refactoring (class names should always be Capital cased)
2011-01-28 16:36:09 +00:00
Miroslav Stampar
a184a4c772
major of majors bug fix
2011-01-28 14:31:25 +00:00
Bernardo Damele
0f2634c4b0
Minor bug fix to properly cast to string also the COUNT() query in error-based technique (as it's concatenated to random strings for identification in page response) and int-string concatenation is not supported in all DBMS (like Oracle)
2011-01-20 22:01:21 +00:00
Bernardo Damele
bade0e3124
Major code refactoring - centralized all kb.dbms* info for both retrieval and set.
2011-01-19 23:06:15 +00:00
Bernardo Damele
daebb0010b
Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based.
...
Alignment of SQL statement payload packing/unpacking between all of the techniques.
Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too.
Minor code cleanup.
2011-01-18 23:02:11 +00:00
Bernardo Damele
3822b494ea
Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns.
2011-01-17 23:43:37 +00:00
Bernardo Damele
2ac8debea0
Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
...
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Miroslav Stampar
0eabca9fd4
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
2011-01-03 22:31:29 +00:00
Miroslav Stampar
7f7fb93155
cosmetics
2010-12-23 18:44:18 +00:00
Miroslav Stampar
466d61ee85
minor fix
2010-12-21 14:29:47 +00:00
Miroslav Stampar
385e208f38
code refactoring regarding standard output suppression and some threading issues
2010-12-21 14:21:24 +00:00
Miroslav Stampar
fe67d3827c
code refactoring and some fixes
2010-12-18 09:51:34 +00:00
Miroslav Stampar
f8a01ddaf8
minor update
2010-12-15 11:21:47 +00:00
Bernardo Damele
db844c1785
No point in showing the error-based inject payload, it's same as the one showed in -v3
2010-12-13 21:35:20 +00:00
Miroslav Stampar
ac9080c07b
update
2010-12-11 08:24:29 +00:00
Miroslav Stampar
2735848ab6
removed ERROR_SPACE
2010-12-06 22:40:07 +00:00
Miroslav Stampar
e8be14e00a
minor refactoring
2010-12-06 07:48:14 +00:00
Bernardo Damele
11058667e4
Better naming
2010-12-03 14:45:13 +00:00
Bernardo Damele
a9d4b37987
Code cleanup and minor refactoring
2010-12-03 10:51:27 +00:00
Bernardo Damele
283a04e29a
On my way to properly parse test's <where> tag in exploitation phase
2010-12-01 23:32:58 +00:00
Bernardo Damele
47f2d22181
Minor bug fix
2010-12-01 17:18:31 +00:00
Bernardo Damele
089c16a1b8
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type.
...
Removed some useless tests.
Moved <error> from queries.xml to payloads.xml as it makes more sense.
Beeps at sql inj found only if --beep is provided.
Minor fix in order to be able to pickle advancedDict() objects.
Minor code refactoring.
Removed useless folders.
2010-12-01 17:09:52 +00:00
Bernardo Damele
2708aad504
Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.
2010-12-01 10:31:50 +00:00
Bernardo Damele
c22338ce90
Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more).
2010-11-29 11:47:58 +00:00
Bernardo Damele
7e3b24afe6
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.
...
All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 18:10:54 +00:00
Bernardo Damele
17486e472a
Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!
2010-11-17 22:00:09 +00:00
Bernardo Damele
45ec8c169a
Consistency between --*-test switches/output
2010-11-08 16:46:25 +00:00
Miroslav Stampar
862395ced1
further refactoring (all enumerations are now put into enums.py)
2010-11-08 09:20:02 +00:00
Bernardo Damele
b6da946883
Added one new verbose level, -v 3 now shows the full injected payload.
...
Fixed also -d verbose output.
2010-11-07 22:34:29 +00:00
Miroslav Stampar
d3e7e89e60
major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces
2010-11-07 21:18:09 +00:00
Miroslav Stampar
685a8e7d2c
refactoring of hard coded dbms names
2010-11-02 11:59:24 +00:00
Bernardo Damele
486a113560
Consolidate logger messages for --*-test switches
2010-10-31 16:58:38 +00:00
Miroslav Stampar
5a38ac7ea9
important update regarding (Bug #209 ) - probably more will be needed
2010-10-29 16:11:50 +00:00
Miroslav Stampar
4d70f2c210
reverting back to 100
2010-10-26 15:42:54 +00:00
Miroslav Stampar
8211e6a2bd
possible
2010-10-26 11:29:09 +00:00
Bernardo Damele
9b127e58d2
Adjusted for MySQL weirdness
2010-10-26 09:33:18 +00:00
Bernardo Damele
215175e3b7
Minor code adjustments
2010-10-25 14:11:47 +00:00
Miroslav Stampar
db260c44d3
minor update
2010-10-24 22:25:05 +00:00
Miroslav Stampar
aa931efd4d
several MySQL fixes/enhancements pointed out by Anton Mogilin
2010-10-24 22:05:14 +00:00
Miroslav Stampar
bc79eec702
removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)
2010-10-21 13:13:12 +00:00
Bernardo Damele
c60edf7c17
Minor cosmetics
2010-10-20 22:43:02 +00:00
Bernardo Damele
430bb7478f
Minor bug fix
2010-10-20 21:15:06 +00:00
Miroslav Stampar
34f70657ee
fix for NULL values
2010-10-20 10:29:18 +00:00
Miroslav Stampar
00449f1402
fix/upgrade/chicken soup
2010-10-20 09:54:17 +00:00
Miroslav Stampar
e24bff0497
nice refactoring
2010-10-20 09:46:57 +00:00
Miroslav Stampar
5d3cbec457
no more regex. web server independent.
2010-10-20 09:35:46 +00:00
Miroslav Stampar
934adb5e8d
code refactoring
2010-10-20 09:09:04 +00:00
Bernardo Damele
0817d1b78d
Cosmetics
2010-10-19 23:09:30 +00:00
Miroslav Stampar
4009ef385e
more update regarding error based injection support
2010-10-19 18:17:34 +00:00
Miroslav Stampar
4f7f20b94f
sorry, cosmetics
2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136
large commit with copyright header modifications
2010-10-14 14:41:14 +00:00
Miroslav Stampar
cbe7c902c1
just a development start of an error based injection support
2010-10-04 13:05:51 +00:00