Commit Graph

740 Commits

Author SHA1 Message Date
Miroslav Stampar
91ebadff75 minor update 2012-01-30 13:32:52 +00:00
Miroslav Stampar
d8c343a88a minor update 2012-01-30 13:29:43 +00:00
Miroslav Stampar
f8ae0e5272 minor update 2012-01-30 13:20:33 +00:00
Miroslav Stampar
de94bee7b5 minor fix 2012-01-20 00:11:19 +00:00
Miroslav Stampar
b2dad63000 some more refactoring 2012-01-13 22:00:34 +00:00
Miroslav Stampar
8e4b8d345f refactoring 2012-01-13 21:55:39 +00:00
Bernardo Damele
ec9cc19951 Minor bug fixes for -d 2012-01-13 21:46:21 +00:00
Bernardo Damele
5e853cae64 Minor bug fix so now when the back-end DBMS operating system is Windows 2000, it sets the temporary folder automatically to C:\WINNT\Temp - the user does not need to provide it anymore with --tmp-path C:\\WINNT\\Temp 2012-01-13 18:08:44 +00:00
Bernardo Damele
0043336620 Minor fix and removed leftover debug message 2012-01-13 17:04:59 +00:00
Bernardo Damele
b03f91437b Minor code refactoring 2012-01-13 16:49:52 +00:00
Miroslav Stampar
accac776fe some fixes 2012-01-13 14:10:53 +00:00
Miroslav Stampar
95f89ab63a updating copyright date 2012-01-11 14:59:46 +00:00
Miroslav Stampar
fecdce5801 implemented --tables over information_schema for MSSQL as a failover option for BOOLEAN technique too 2012-01-09 21:09:05 +00:00
Miroslav Stampar
ff52931140 some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available) 2012-01-07 19:30:35 +00:00
Miroslav Stampar
138b8039b3 better language 2012-01-07 17:35:53 +00:00
Miroslav Stampar
f85c5b3f4d minor update 2012-01-06 00:23:49 +00:00
Miroslav Stampar
f412706fee minor update for MSSQL --tables (fallback to other method) 2012-01-03 18:01:14 +00:00
Miroslav Stampar
6f5ef23f28 minor update/patch 2012-01-01 22:55:32 +00:00
Miroslav Stampar
300abc2ba2 minor update regarding unicode unescaping 2012-01-01 22:31:09 +00:00
Miroslav Stampar
6c49af090c minor language patch 2011-12-28 14:18:17 +00:00
Miroslav Stampar
8750532c3d minor fix 2011-12-28 14:13:36 +00:00
Miroslav Stampar
1ae413a206 some refactoring/speedup around UNION technique 2011-12-22 10:32:21 +00:00
Miroslav Stampar
526aacb640 code cleanup 2011-12-21 22:59:23 +00:00
Miroslav Stampar
41ccf88990 some more refactoring 2011-12-21 22:09:21 +00:00
Miroslav Stampar
0a039d84e0 some more refactoring 2011-12-21 19:40:42 +00:00
Miroslav Stampar
d9d4e3ea9b minor fix 2011-12-21 17:43:50 +00:00
Miroslav Stampar
41b60b26fc minor refactoring 2011-12-21 14:25:39 +00:00
Miroslav Stampar
81bd9a201b minor refactoring 2011-12-21 11:50:49 +00:00
Miroslav Stampar
d1bfdc6a48 minor fix for --start/--stop mechanism in pivot dumping mode 2011-12-20 13:04:57 +00:00
Miroslav Stampar
641055144a minor beautification 2011-12-16 11:49:20 +00:00
Miroslav Stampar
ebc04a3d5f minor fix 2011-12-16 11:44:33 +00:00
Miroslav Stampar
7d2fce16dc minor fix 2011-12-16 11:40:23 +00:00
Miroslav Stampar
cff21814bb minor patch for MSSQL 2008 2011-12-16 11:23:41 +00:00
Miroslav Stampar
8793fbc9f5 minor update 2011-12-14 12:59:25 +00:00
Miroslav Stampar
39b406c5c1 fix for --search on Oracle 2011-12-02 18:13:27 +00:00
Miroslav Stampar
96aacbf945 upgrade of --search mechanism (lowest common denominator is now searched for - e.g. if -D -T and -C are given then -C is searched for in -D and -T) 2011-12-02 13:32:30 +00:00
Miroslav Stampar
9697e80013 some more optimizations 2011-11-22 10:54:29 +00:00
Miroslav Stampar
b117c40aa5 major improvement of HashDB speed in multi-threaded mode 2011-11-22 10:09:35 +00:00
Miroslav Stampar
0ce885e6e6 adding base64encode tampering script 2011-11-21 12:47:23 +00:00
Miroslav Stampar
440b7efe55 minor optimization 2011-11-20 20:14:47 +00:00
Miroslav Stampar
f574760c12 minor update 2011-10-28 13:16:22 +00:00
Miroslav Stampar
bd7da45546 minor update 2011-10-28 13:07:23 +00:00
Miroslav Stampar
f7be0ca4e2 minor fix 2011-10-28 12:49:35 +00:00
Miroslav Stampar
6c0e8b0ea8 returning alphabetically sorted database and table names 2011-10-28 12:40:59 +00:00
Miroslav Stampar
9523da7663 minor optimization 2011-10-25 13:21:01 +00:00
Miroslav Stampar
23bf52e496 minor refactoring 2011-10-24 09:55:50 +00:00
Miroslav Stampar
77e630d89e replaced longer CHAR form of escaped MySQL strings with more compact hex form 2011-10-23 20:19:42 +00:00
Miroslav Stampar
25f0ec3597 some minor range to xrange conversion (where safe to do) 2011-10-21 22:34:27 +00:00
Miroslav Stampar
b6ccc0cc43 minor update 2011-10-18 14:35:42 +00:00
Miroslav Stampar
7f9f744b87 update regarding last commit 2011-10-12 12:37:05 +00:00
Miroslav Stampar
39e33bea99 important fix (LIMIT m,n should not be considered deterministic in column by column table dumping) 2011-10-12 12:31:47 +00:00
Miroslav Stampar
2d7d84e16b minor fix 2011-09-25 19:42:24 +00:00
Miroslav Stampar
af94ac7f02 minor fix 2011-09-20 22:16:56 +00:00
Miroslav Stampar
9a1ac96756 bug fix 2011-09-11 17:22:27 +00:00
Miroslav Stampar
8a174248dc fix for a bug reported by blueBoy 2011-08-20 20:08:11 +00:00
Miroslav Stampar
fb6a84b10b minor update (when columns are missing from information_schema too) 2011-08-18 07:03:53 +00:00
Miroslav Stampar
262996fc5b bug fix 2011-08-16 06:14:40 +00:00
Miroslav Stampar
10bdd90e60 minor speed optimizations (as a result of profiling) 2011-08-12 13:40:37 +00:00
Miroslav Stampar
41ae9bc7ff minor bug fix 2011-08-09 14:20:25 +00:00
Miroslav Stampar
9423d15fb3 ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix 2011-08-03 09:08:16 +00:00
Bernardo Damele
c15439ab7f Minor improvement to --passwords output 2011-08-02 09:04:34 +00:00
Bernardo Damele
ad4584da70 Minor bug fix when dumping tables with UNION query technique on Access, Firebird and MaxDB 2011-08-01 23:44:14 +00:00
Miroslav Stampar
4ca81dd345 quick fix 2011-08-01 23:25:58 +00:00
Miroslav Stampar
e0fda9f985 minor fix 2011-08-01 10:13:25 +00:00
Miroslav Stampar
79b4e26e23 bug fix 2011-08-01 00:17:26 +00:00
Miroslav Stampar
0627bb02cb minor beautification 2011-07-31 10:21:47 +00:00
Miroslav Stampar
4d923ec375 change in invalid logic regarding --sql-shell (retrieving output for non-query commands did nothing at all) 2011-07-30 21:46:59 +00:00
Miroslav Stampar
a6ade08c28 just in case commit to prevent join string iteration over 'None' values 2011-07-30 13:01:37 +00:00
Miroslav Stampar
4ce93221d1 minor update 2011-07-28 09:24:37 +00:00
Miroslav Stampar
684ddc43e6 minor patch 2011-07-28 08:53:09 +00:00
Bernardo Damele
37de709df2 leftover 2011-07-26 11:20:07 +00:00
Bernardo Damele
a2483b3bc4 Aligned OS takeover functionalities to recent Metasploit improvements 2011-07-26 10:29:14 +00:00
Miroslav Stampar
ec1bc0219c hello big tables, this is sqlmap, sqlmap this is big tables 2011-07-24 09:19:33 +00:00
Bernardo Damele
5a1c9a42a3 Minor bug fix 2011-07-20 13:45:34 +00:00
Bernardo Damele
29b5115906 Minor bug fix 2011-07-20 13:28:10 +00:00
Miroslav Stampar
9c694ce3ec bug fix (--tables --columns) 2011-07-12 23:27:47 +00:00
Miroslav Stampar
c517e97a44 few fixes and minor cosmetics 2011-07-08 06:02:31 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Miroslav Stampar
b8ffcf9495 few fixes here and there and multi-core processing for dictionary based hash attack 2011-07-04 19:58:41 +00:00
Bernardo Damele
da049110df Minor revert 2011-07-04 15:23:05 +00:00
Miroslav Stampar
a1fe9d07ca minor revert 2011-07-02 23:00:22 +00:00
Miroslav Stampar
34d9a91af1 bulk of fixes 2011-07-02 22:48:56 +00:00
Miroslav Stampar
d063ae91eb propset update 2011-06-30 07:55:07 +00:00
Miroslav Stampar
8a36f7fc03 fix for a bug reported by aboynes@gmail.com (UnboundLocalError: local variable 'infoMsg' referenced before assignment) 2011-06-29 18:04:58 +00:00
Bernardo Damele
d3b44a5f58 Added copyright 2011-06-28 10:59:20 +00:00
Bernardo Damele
fe686feefa Added support for direct connection (-d switch) to IBM DB2 2011-06-28 10:52:07 +00:00
Bernardo Damele
36c96ef796 Added DB2 support - patch provided by Sebastian Bittig 2011-06-25 09:44:24 +00:00
Bernardo Damele
f7196007ca --search on Oracle is now consistent with other plugins 2011-06-24 14:33:30 +00:00
Bernardo Damele
ddfae39d9e Minor bug fixes for --search with -C 2011-06-24 09:27:54 +00:00
Bernardo Damele
1cb12ea659 replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license) 2011-06-22 13:31:07 +00:00
Bernardo Damele
f8c32cf6b9 Moved folder 2011-06-18 12:34:41 +00:00
Miroslav Stampar
ca6f9acf30 minor fix for resuming in multi threading mode 2011-06-18 12:23:18 +00:00
Miroslav Stampar
d27afaed7e some fixes 2011-06-16 14:27:44 +00:00
Miroslav Stampar
0eeb48f8f5 some fixes 2011-06-16 13:41:02 +00:00
Miroslav Stampar
afe0579487 minor fixes for pivot dumping 2011-06-15 19:03:37 +00:00
Miroslav Stampar
4188df0501 fixes for Sybase 2011-06-15 18:49:35 +00:00
Miroslav Stampar
60ecf95383 fix for a bug reported by seyi.akin@gmail.com 2011-06-14 08:40:25 +00:00
Bernardo Damele
9126c84442 Refactoring (standardized with --search -C ...) 2011-06-08 16:39:41 +00:00
Miroslav Stampar
4a9640160e more concise 2011-06-08 14:35:23 +00:00
Miroslav Stampar
6b81eef65a refactoring 2011-06-08 14:30:12 +00:00
Bernardo Damele
cce3208b35 Cleanup 2011-06-08 14:15:34 +00:00
Bernardo Damele
161ece5587 Rephrase 2011-06-08 11:33:45 +00:00
Miroslav Stampar
26062ec71e minor update 2011-06-07 15:13:51 +00:00
Miroslav Stampar
f34b395c65 fixing typo 2011-06-07 14:58:22 +00:00
Miroslav Stampar
89a7516c35 bug fix 2011-06-06 09:55:22 +00:00
Miroslav Stampar
0b875b160f cosmetics 2011-05-31 20:57:29 +00:00
Miroslav Stampar
3fa8e1db72 better language 2011-05-31 15:45:54 +00:00
Miroslav Stampar
4bb9754dfe using --dump for msaccess with -C switch was for some reason pain in the ass (you had to do the brute forcing again and again). now -C forces the result in those cases 2011-05-30 23:34:48 +00:00
Miroslav Stampar
bf2b58ba82 minor update 2011-05-26 15:23:28 +00:00
Miroslav Stampar
79f0b3a92a adding support for --start and --stop for __pivotDumpTable 2011-05-26 15:16:57 +00:00
Miroslav Stampar
b6fe5b12a4 adding --schema to the wizard/Basic as it looks like a cool thingy to put there 2011-05-26 14:30:05 +00:00
Miroslav Stampar
a397baa89a fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches 2011-05-26 08:17:21 +00:00
Miroslav Stampar
1067d43f14 minor update 2011-05-23 19:16:29 +00:00
Miroslav Stampar
0ed03d474f now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate 2011-05-23 11:09:44 +00:00
Miroslav Stampar
7b52bbe3fb reverting that ignoreTimeout for --tables (because of this and that) 2011-05-22 09:59:19 +00:00
Miroslav Stampar
9b2623514a one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables 2011-05-22 09:48:46 +00:00
Miroslav Stampar
2ea613b170 type correction and adding global flag kb.ignoreTimeout which could be useful 2011-05-22 08:24:13 +00:00
Miroslav Stampar
126cdf9e19 minor info update 2011-05-19 23:28:27 +00:00
Miroslav Stampar
a034462c31 fixing annoying timeouts for basic DBMS check (reference: http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html#function_timestampadd) 2011-05-19 23:03:00 +00:00
Miroslav Stampar
5a979f7667 minor bug fix for empty colList; also added "do you want to use LIKE" (LIKE is default) question when -C used 2011-05-19 17:35:33 +00:00
Miroslav Stampar
4efc284b83 adding more info for --passwords 2011-05-11 12:35:32 +00:00
Bernardo Damele
b5f090cc4f Minor bug fix 2011-05-10 15:48:48 +00:00
Miroslav Stampar
b713b18fd2 minor fix for a bug spotted on Sybase 2011-05-09 16:09:18 +00:00
Bernardo Damele
ac74557614 Minor adjustment for --dump-all 2011-05-08 10:25:40 +00:00
Bernardo Damele
356037ca22 cosmetics 2011-05-08 02:11:34 +00:00
Bernardo Damele
9955483052 Major improvement for --dump.
Minor improvement for --dump-all.
Minor bug fix for infinite loop
2011-05-08 02:08:18 +00:00
Bernardo Damele
d3589493d1 Temporary fix for bug reported by ultramegaman (infinite loop) 2011-05-07 23:28:59 +00:00
Bernardo Damele
6e784e766b Minor bug fix 2011-05-07 21:20:47 +00:00
Bernardo Damele
aae140080e SVN roll back, DB2 patch will be recommitted after testing:
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
2011-05-06 10:27:43 +00:00
Miroslav Stampar
42bca80968 removing blank lines and adding newline at the end of files 2011-05-06 09:35:53 +00:00
Miroslav Stampar
6e392b6054 applying contributed patch for DB2 2011-05-06 09:30:39 +00:00
Bernardo Damele
dac59a55bc leftover 2011-05-03 14:14:39 +00:00
Bernardo Damele
c58dc4a6d8 isDbmsWithin() must stay like this, no getIdentifiedDbms() in there 2011-05-03 14:13:45 +00:00
Miroslav Stampar
eceb5eca7b fix for --file-read on MSSQL for error technique (again that unpacking was causing problems); also reverting that check for file paths as one user mentioned that network paths are also possible for usage on Windows machines (e.g. \\bla\bla) 2011-05-02 21:55:06 +00:00
Miroslav Stampar
b327a78522 minor minor update of the last commit 2011-05-02 19:24:49 +00:00
Miroslav Stampar
0bb7d715a7 more user friendliness/handiness for users which mix Linux and Windows paths where they shouldn't do that 2011-05-02 19:18:28 +00:00
Miroslav Stampar
8e8886cd20 minor improvement for --sql-shell/--sql-query (when non-SELECT default is N for retrieve data output which automatically does STACKED injection) 2011-05-01 21:41:14 +00:00
Bernardo Damele
64bb480414 Do not raise otherwise it won't work with --schema 2011-04-30 23:20:16 +00:00
Bernardo Damele
d5eeb91b35 Aligned Sybase and MaxDB to recent enhancements to --dbs, --tables and --columns 2011-04-30 22:11:36 +00:00
Bernardo Damele
b31b861d7b Major rewrote of --columns: now it accepts -D only (enumerate all tables' columns of a specific database), -D and -T (enumerate all columns of a specific database's table), -T (enumerate all columns of a current database's table), etc. 2011-04-30 22:10:27 +00:00
Bernardo Damele
284c69a686 Improved --tables for MSSQL too, like r3798 2011-04-30 22:05:02 +00:00
Bernardo Damele
aeb149db22 Proper ordering of enumeration methods, consistent with the others enumeration classes 2011-04-30 22:04:08 +00:00
Bernardo Damele
955dbc85e7 Minor variable rename 2011-04-30 15:29:59 +00:00
Bernardo Damele
cb9b9c4204 Code refactoring and improvements to --dbs and --tables: now --tables accepts also -D CD as an alias for Current Database and as usual multiple database comma-separated are supported too 2011-04-30 15:29:19 +00:00
Bernardo Damele
b3a0424269 More Backend class method usage refactoring 2011-04-30 15:24:15 +00:00
Bernardo Damele
9a4ae7d9e2 More code refactoring of Backend class methods used 2011-04-30 14:54:29 +00:00
Bernardo Damele
36a9ddaacc Minor bug fixes and code restyling for --privileges and --passwords 2011-04-30 14:50:27 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Bernardo Damele
1a052245a6 duplicate code 2011-04-30 00:25:15 +00:00
Bernardo Damele
a5968fff3e Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided 2011-04-30 00:22:22 +00:00