Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e16ad38d3e 
							
						 
					 
					
						
						
							
							more work on  #342  
						
						
						
					 
					
						2013-01-15 18:15:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							329047fc12 
							
						 
					 
					
						
						
							
							restored fix for  #210  to keep --hex work with --technique B  
						
						
						
					 
					
						2013-01-15 17:51:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2a751e075d 
							
						 
					 
					
						
						
							
							more work on  #342  
						
						
						
					 
					
						2013-01-15 17:14:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4eaa0d17aa 
							
						 
					 
					
						
						
							
							Fix in forging query to calculate query output length - closes issue  #342  
						
						
						
					 
					
						2013-01-15 15:50:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ca3d35a878 
							
						 
					 
					
						
						
							
							Some PEP8 related style cleaning  
						
						
						
					 
					
						2013-01-10 13:18:44 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e4a3c015e5 
							
						 
					 
					
						
						
							
							Replacing old and deprecated raise Exception style (PEP8)  
						
						
						
					 
					
						2013-01-03 23:20:55 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9149d77cc8 
							
						 
					 
					
						
						
							
							removed duplicate code - fixes issue  #310  
						
						
						
					 
					
						2012-12-19 12:17:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dee56b17c3 
							
						 
					 
					
						
						
							
							handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue  #308  
						
						
						
					 
					
						2012-12-19 10:50:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							974407396e 
							
						 
					 
					
						
						
							
							Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)  
						
						
						
					 
					
						2012-12-06 14:14:19 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ab67344448 
							
						 
					 
					
						
						
							
							Removed unused imports and variables (pyflake-ing)  
						
						
						
					 
					
						2012-12-06 11:15:05 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							775e0df04b 
							
						 
					 
					
						
						
							
							Update for an Issue  #278  
						
						
						
					 
					
						2012-12-05 10:45:17 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							605d73cc3d 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2012-11-29 12:21:12 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							25a5073281 
							
						 
					 
					
						
						
							
							Bug fix for --hex/--technique=B (especially MsSQL)  
						
						
						
					 
					
						2012-10-28 12:22:33 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1b8226329 
							
						 
					 
					
						
						
							
							Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)  
						
						
						
					 
					
						2012-10-28 00:36:09 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a435ba6863 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2012-10-28 00:19:00 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0aeb9dbe8b 
							
						 
					 
					
						
						
							
							Bug fix (in --dump mode if error/inband failed with None other techniques were ignored)  
						
						
						
					 
					
						2012-10-27 23:42:52 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b82eb3a1ae 
							
						 
					 
					
						
						
							
							Fix for an Issue  #210  
						
						
						
					 
					
						2012-10-23 13:58:25 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f596cda85 
							
						 
					 
					
						
						
							
							Minor fix for --dump --technique=B when empty strings are returned  
						
						
						
					 
					
						2012-10-22 11:49:23 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							21481df239 
							
						 
					 
					
						
						
							
							Minor update for Issue  #209  
						
						
						
					 
					
						2012-10-21 19:00:37 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb1497aa89 
							
						 
					 
					
						
						
							
							Minor update for Issue  #209  
						
						
						
					 
					
						2012-10-21 18:53:31 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							261b286021 
							
						 
					 
					
						
						
							
							Fix for an Issue  #209  
						
						
						
					 
					
						2012-10-20 13:17:45 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							688a2db27a 
							
						 
					 
					
						
						
							
							Fix for an Issue  #208  
						
						
						
					 
					
						2012-10-19 10:04:09 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e440b096c5 
							
						 
					 
					
						
						
							
							Fix for an Issue  #202  
						
						
						
					 
					
						2012-10-15 12:24:30 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							687f3991de 
							
						 
					 
					
						
						
							
							Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.  
						
						
						
					 
					
						2012-09-26 11:27:43 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ec43ceec40 
							
						 
					 
					
						
						
							
							Some more cleanup related to the last commit (unneeded manual crafting/unneeded closing with ;)  
						
						
						
					 
					
						2012-09-25 14:29:22 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							01f481c332 
							
						 
					 
					
						
						
							
							Minor refactoring of dictionaries  
						
						
						
					 
					
						2012-08-21 11:19:15 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							47073f4afd 
							
						 
					 
					
						
						
							
							Implementation of an Issue  #131  
						
						
						
					 
					
						2012-07-30 21:50:46 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a5062c1e4f 
							
						 
					 
					
						
						
							
							Adding a warn message when --dns-domain is ignored (because of faster techniques)  
						
						
						
					 
					
						2012-07-27 09:48:48 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f8c9868cb6 
							
						 
					 
					
						
						
							
							Implementation for an Issue  #118  
						
						
						
					 
					
						2012-07-24 15:34:50 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							162da75a04 
							
						 
					 
					
						
						
							
							modified homepage address  
						
						
						
					 
					
						2012-07-12 18:38:03 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ea9c66108e 
							
						 
					 
					
						
						
							
							cleanup for issue  #68  
						
						
						
					 
					
						2012-07-12 15:38:43 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							33cbbed4a8 
							
						 
					 
					
						
						
							
							I think we should not resume checkBooleanExpression() calls if --fresh-queries or --flush-session is provided  
						
						
						
					 
					
						2012-07-12 01:39:15 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3a94953ae2 
							
						 
					 
					
						
						
							
							leftover from previous commit  
						
						
						
					 
					
						2012-07-12 01:15:34 +01:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							31571e6e2d 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2012-07-11 11:55:05 +01:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9c4a62f725 
							
						 
					 
					
						
						
							
							Some work on Issue  #68  
						
						
						
					 
					
						2012-07-11 11:58:47 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2669528b24 
							
						 
					 
					
						
						
							
							Language typo  
						
						
						
					 
					
						2012-07-07 11:16:33 +02:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7b4ecd9df0 
							
						 
					 
					
						
						
							
							added skeleton code for issue  #34 , still not usable  
						
						
						
					 
					
						2012-07-02 00:22:34 +01:00 
						 
				 
			
				
					
						
							
							
								jekil 
							
						 
					 
					
						
						
						
						
							
						
						
							c39e5a85ba 
							
						 
					 
					
						
						
							
							Removed $id$ tags  
						
						
						
					 
					
						2012-06-27 20:56:43 +02:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ec44e88db8 
							
						 
					 
					
						
						
							
							lots of refactoring regarding removal of already obsolete session file mechanism  
						
						
						
					 
					
						2012-06-21 10:09:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06be7bbb18 
							
						 
					 
					
						
						
							
							few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)  
						
						
						
					 
					
						2012-06-15 20:41:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a70a647aeb 
							
						 
					 
					
						
						
							
							few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...)  
						
						
						
					 
					
						2012-05-28 14:51:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b1d82422a0 
							
						 
					 
					
						
						
							
							changing conf.dnsDomain to conf.dName just because of long text problems in help listing  
						
						
						
					 
					
						2012-05-28 14:15:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fdf61015ad 
							
						 
					 
					
						
						
							
							minor patch  
						
						
						
					 
					
						2012-05-09 08:41:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6af110d631 
							
						 
					 
					
						
						
							
							avoiding --no-cast/--hex warning message before a DBMS is fingerprinted  
						
						
						
					 
					
						2012-05-08 14:06:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b1dd03731a 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2012-04-04 23:34:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c0946ce2c9 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2012-04-04 12:42:58 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							75d1dab895 
							
						 
					 
					
						
						
							
							more cosmetics  
						
						
						
					 
					
						2012-04-04 12:33:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d106fb5184 
							
						 
					 
					
						
						
							
							layout adjustments  
						
						
						
					 
					
						2012-04-04 12:27:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							503988887c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-04-03 10:43:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2504f4edb8 
							
						 
					 
					
						
						
							
							minor fixes  
						
						
						
					 
					
						2012-04-03 10:10:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e05109812f 
							
						 
					 
					
						
						
							
							minor improvements regarding data retrieval through DNS channel  
						
						
						
					 
					
						2012-04-03 09:18:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1cd3c3f7af 
							
						 
					 
					
						
						
							
							further update of DNS data retrieval mechanism through SQLi  
						
						
						
					 
					
						2012-04-02 14:05:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							577caac4de 
							
						 
					 
					
						
						
							
							putting kb.negativeLogic setting to the safe place  
						
						
						
					 
					
						2012-03-16 09:17:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19beb912fa 
							
						 
					 
					
						
						
							
							first step toward negative logic support  
						
						
						
					 
					
						2012-03-15 15:52:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							34b0935cb3 
							
						 
					 
					
						
						
							
							refactoring "echo 1" quick test for xp_cmdshell console output  
						
						
						
					 
					
						2012-03-13 10:36:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a83f1c5f7 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-03-08 15:43:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ec56f93ec 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-03-01 10:10:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1e82405bb9 
							
						 
					 
					
						
						
							
							HashDB is now supported in -d too  
						
						
						
					 
					
						2012-02-27 12:14:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f94b91ad87 
							
						 
					 
					
						
						
							
							added helper function for HashDB data storing/retrieval  
						
						
						
					 
					
						2012-02-24 13:07:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0478e4166a 
							
						 
					 
					
						
						
							
							minor justin case fix  
						
						
						
					 
					
						2012-02-23 15:19:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aee269cc14 
							
						 
					 
					
						
						
							
							gazillion changes, nothing will work, muhahaha  
						
						
						
					 
					
						2012-02-17 14:22:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e1f86c97c4 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2012-02-16 09:46:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c44d6d3c7 
							
						 
					 
					
						
						
							
							Fixed annoying bug that prevented proper checkBooleanExpression() function to work with direct connection (-d). Now DBMS fingerprint should work properly with -d  
						
						
						
					 
					
						2012-02-14 17:29:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e50d64546f 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-02-07 14:57:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2b05ded9c3 
							
						 
					 
					
						
						
							
							just a makeup  
						
						
						
					 
					
						2012-02-07 12:05:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95f89ab63a 
							
						 
					 
					
						
						
							
							updating copyright date  
						
						
						
					 
					
						2012-01-11 14:59:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							18930539cd 
							
						 
					 
					
						
						
							
							more concise language  
						
						
						
					 
					
						2012-01-07 17:45:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9f68e54fff 
							
						 
					 
					
						
						
							
							minor cleanup  
						
						
						
					 
					
						2011-12-22 10:59:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4a1a0773b7 
							
						 
					 
					
						
						
							
							speedup of UNION dumping  
						
						
						
					 
					
						2011-12-22 10:44:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ae413a206 
							
						 
					 
					
						
						
							
							some refactoring/speedup around UNION technique  
						
						
						
					 
					
						2011-12-22 10:32:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73a500833d 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-12-12 14:38:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							65b2b0ad87 
							
						 
					 
					
						
						
							
							adding switch --eval  
						
						
						
					 
					
						2011-11-21 16:41:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440b7efe55 
							
						 
					 
					
						
						
							
							minor optimization  
						
						
						
					 
					
						2011-11-20 20:14:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							34738129c9 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-09-25 21:27:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6bbb8139a0 
							
						 
					 
					
						
						
							
							update (smaller memory footprint in postprocessing phase because of safecharencode part)  
						
						
						
					 
					
						2011-07-25 20:40:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2033a28ae7 
							
						 
					 
					
						
						
							
							minor update regarding last commit (cleaner code)  
						
						
						
					 
					
						2011-07-24 20:44:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ec1bc0219c 
							
						 
					 
					
						
						
							
							hello big tables, this is sqlmap, sqlmap this is big tables  
						
						
						
					 
					
						2011-07-24 09:19:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aedcf8c8d7 
							
						 
					 
					
						
						
							
							Changed homepage address  
						
						
						
					 
					
						2011-07-07 20:10:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f8c32cf6b9 
							
						 
					 
					
						
						
							
							Moved folder  
						
						
						
					 
					
						2011-06-18 12:34:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9e5856caf8 
							
						 
					 
					
						
						
							
							improvement for recognition of scalar vs multiple-row commands  
						
						
						
					 
					
						2011-05-19 16:45:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9a4ae7d9e2 
							
						 
					 
					
						
						
							
							More code refactoring of Backend class methods used  
						
						
						
					 
					
						2011-04-30 14:54:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							930872cf3b 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2011-04-21 14:20:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0387654166 
							
						 
					 
					
						
						
							
							update of copyright string (until year)  
						
						
						
					 
					
						2011-04-15 12:33:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							04986be4b9 
							
						 
					 
					
						
						
							
							update regarding safe character output together with a small fix for newlines  
						
						
						
					 
					
						2011-04-14 09:31:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							723a7447b2 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-04-10 07:16:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c714ac6421 
							
						 
					 
					
						
						
							
							added support for handling binary data values (no more garbish chars)  
						
						
						
					 
					
						2011-04-09 23:13:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							228cc68747 
							
						 
					 
					
						
						
							
							fix for those ugly DEBUG messages in brute mode  
						
						
						
					 
					
						2011-04-08 11:02:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5b21352656 
							
						 
					 
					
						
						
							
							cosmeticados ;)  
						
						
						
					 
					
						2011-04-08 10:39:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							60605b6e7c 
							
						 
					 
					
						
						
							
							Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only)  
						
						
						
					 
					
						2011-02-27 12:14:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0c57f2af0f 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-02-20 12:20:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							429ab631fe 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2011-02-13 21:25:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1cd483f42f 
							
						 
					 
					
						
						
							
							one more update  
						
						
						
					 
					
						2011-02-12 10:24:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							25a3a64327 
							
						 
					 
					
						
						
							
							we need this because of one pesky little bug going around (when union is recognized and the dbmses are fingerprinted, for those who don't have proper unescaping false TRUE is recognized in form of retrieved: %27%2B%28SELECT%20CAST...). tested on all major DBMSes.  
						
						
						
					 
					
						2011-02-12 10:15:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							864eade744 
							
						 
					 
					
						
						
							
							Fixed store and resume of brute-forced tables/columns for MSSQL/Sybase  
						
						
						
					 
					
						2011-02-10 11:14:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d9af01d73d 
							
						 
					 
					
						
						
							
							imporant fix for boolean expression which return [None]  
						
						
						
					 
					
						2011-02-09 16:53:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71d1b72e0e 
							
						 
					 
					
						
						
							
							minor adjustment  
						
						
						
					 
					
						2011-02-07 12:51:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0800d9e49b 
							
						 
					 
					
						
						
							
							Major bug fix for semi-centralize unescape() and cleanupPayload() into prefixQuery() and suffixQuery()  
						
						
						
					 
					
						2011-02-06 22:58:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a37f5e05b9 
							
						 
					 
					
						
						
							
							Refactoring  
						
						
						
					 
					
						2011-02-01 22:27:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9b342a4c95 
							
						 
					 
					
						
						
							
							Bug fixes and proper packing/unpacking of custom statements and predefined queries for both error-based and UNION query techniques.  
						
						... 
						
						
						
						Now it deals in UNION query also with --start and --stop and resume has been enhanced for both techniques too. 
						
					 
					
						2011-02-01 22:07:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2fd9621499 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						... 
						
						
						
						Cosmetics 
						
					 
					
						2011-01-31 21:22:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							367d0639f0 
							
						 
					 
					
						
						
							
							refactoring (class names should always be Capital cased)  
						
						
						
					 
					
						2011-01-28 16:36:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bade0e3124 
							
						 
					 
					
						
						
							
							Major code refactoring - centralized all kb.dbms* info for both retrieval and set.  
						
						
						
					 
					
						2011-01-19 23:06:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							daebb0010b 
							
						 
					 
					
						
						
							
							Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based.  
						
						... 
						
						
						
						Alignment of SQL statement payload packing/unpacking between all of the techniques.
Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too.
Minor code cleanup. 
						
					 
					
						2011-01-18 23:02:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3822b494ea 
							
						 
					 
					
						
						
							
							Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns.  
						
						
						
					 
					
						2011-01-17 23:43:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							30d6791968 
							
						 
					 
					
						
						
							
							update regarding time based data retrieval  
						
						
						
					 
					
						2011-01-16 17:52:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6e4b65a822 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2011-01-15 23:28:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2ac8debea0 
							
						 
					 
					
						
						
							
							Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.  
						
						... 
						
						
						
						Minor bug fixes thanks to previous refactoring too. 
						
					 
					
						2011-01-13 17:36:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							af9725214a 
							
						 
					 
					
						
						
							
							Properly deal with partial (single entry) UNION injections.  
						
						... 
						
						
						
						Got rid of kb.union*, now it's all stored/used from kb.injection.
Minor bug fix with where=2 detection phase. 
						
					 
					
						2011-01-12 12:01:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							300128042c 
							
						 
					 
					
						
						
							
							First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though.  
						
						... 
						
						
						
						Major refactoring to Agent.payload() method.
Minor bug fixes, some code refactoring and a lot of core adjustments here and there.
Added more checks for injection in GROUP BY and ORDER BY. 
						
					 
					
						2011-01-11 22:18:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b313a20a3f 
							
						 
					 
					
						
						
							
							some fixes  
						
						
						
					 
					
						2011-01-07 16:39:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							281d124fa6 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2010-12-31 12:04:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9fb0e0fc85 
							
						 
					 
					
						
						
							
							resume of brute forced data is now available  
						
						
						
					 
					
						2010-12-27 14:17:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cd337d9f39 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-26 09:46:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8470de7b76 
							
						 
					 
					
						
						
							
							bug fix for boolean proxy when using time based payloads  
						
						
						
					 
					
						2010-12-23 23:46:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5be9c04e44 
							
						 
					 
					
						
						
							
							update regarding Sybase syntax  
						
						
						
					 
					
						2010-12-22 10:39:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7a525f28d4 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2010-12-21 15:26:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b2e7f9484d 
							
						 
					 
					
						
						
							
							minor tuning (2 techniques MAX per value used)  
						
						
						
					 
					
						2010-12-21 15:24:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							385e208f38 
							
						 
					 
					
						
						
							
							code refactoring regarding standard output suppression and some threading issues  
						
						
						
					 
					
						2010-12-21 14:21:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5852bad963 
							
						 
					 
					
						
						
							
							some refactoring  
						
						
						
					 
					
						2010-12-20 18:56:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe67d3827c 
							
						 
					 
					
						
						
							
							code refactoring and some fixes  
						
						
						
					 
					
						2010-12-18 09:51:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b4450c6ddd 
							
						 
					 
					
						
						
							
							added one more level of MSSQL version check (if first fails for some reason)  
						
						
						
					 
					
						2010-12-17 21:01:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95b2c0803b 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-15 20:51:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cda00c7501 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-15 12:43:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f34b06a24 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-12-15 12:34:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							445cc3bf3c 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-12-15 12:15:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1c525aaea 
							
						 
					 
					
						
						
							
							quick fix of a fix  
						
						
						
					 
					
						2010-12-15 12:10:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							270ae0f080 
							
						 
					 
					
						
						
							
							just in case as maybe there will be some boolean expression to check where we won't expect None, but explicitly True/False  
						
						
						
					 
					
						2010-12-14 09:05:00 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a02dd6b55b 
							
						 
					 
					
						
						
							
							Minor enhancement to speedup active dbms fingerprint (-f).  
						
						... 
						
						
						
						Code cleanup and refactoring. 
						
					 
					
						2010-12-13 21:33:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6a3c4485e6 
							
						 
					 
					
						
						
							
							minor update (removing extra ())  
						
						
						
					 
					
						2010-12-12 14:44:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e6c66fa37c 
							
						 
					 
					
						
						
							
							update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available  
						
						
						
					 
					
						2010-12-11 17:55:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e32fa9df43 
							
						 
					 
					
						
						
							
							further update regarding bugtrace's report  
						
						
						
					 
					
						2010-12-11 17:32:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d18c98ec2 
							
						 
					 
					
						
						
							
							quick fix for a bug reported by bugtrace (not using __goBooleanProxy because we don't have a proper vector this moment)  
						
						
						
					 
					
						2010-12-11 17:20:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3dc0a51d34 
							
						 
					 
					
						
						
							
							major bug fix with boolean expressions  
						
						
						
					 
					
						2010-12-11 08:46:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac9080c07b 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-11 08:24:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							66db80804d 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-12-10 16:03:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							977988c0ab 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2010-12-10 15:24:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fa8d378e80 
							
						 
					 
					
						
						
							
							another update  
						
						
						
					 
					
						2010-12-10 15:18:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ef44cfe60 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-12-10 15:06:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe186cde55 
							
						 
					 
					
						
						
							
							proper fix  
						
						
						
					 
					
						2010-12-10 13:26:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9957881040 
							
						 
					 
					
						
						
							
							you won't believe commit  
						
						
						
					 
					
						2010-12-10 13:20:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1fc9ed10a8 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2010-12-10 12:30:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4d8628e8fb 
							
						 
					 
					
						
						
							
							fix for booleans  
						
						
						
					 
					
						2010-12-10 12:26:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							471d9ccd65 
							
						 
					 
					
						
						
							
							another fix of my lala  
						
						
						
					 
					
						2010-12-10 10:11:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							029a6abba2 
							
						 
					 
					
						
						
							
							quick fix  
						
						
						
					 
					
						2010-12-10 09:54:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							441fc8dbd9 
							
						 
					 
					
						
						
							
							update regarding boolean based expressions  
						
						
						
					 
					
						2010-12-09 21:15:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1492823de0 
							
						 
					 
					
						
						
							
							it wasn't pretty, now it's pretty  
						
						
						
					 
					
						2010-12-09 20:06:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3fd1c37d53 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-09 07:49:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b5c6527c72 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2010-12-09 00:25:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f5ce739bdf 
							
						 
					 
					
						
						
							
							Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.  
						
						
						
					 
					
						2010-12-08 23:52:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							54f6673609 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-08 22:38:26 +00:00