Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8cf1aa6abe 
							
						 
					 
					
						
						
							
							added keepAlive under -o switch too  
						
						
						
					 
					
						2010-09-16 10:41:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6259114c02 
							
						 
					 
					
						
						
							
							added optimization switch (-o)  
						
						
						
					 
					
						2010-09-16 10:12:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bfffd5e333 
							
						 
					 
					
						
						
							
							added --null-connection as an experimental option  
						
						
						
					 
					
						2010-09-16 10:01:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b745331974 
							
						 
					 
					
						
						
							
							added null connection check  
						
						
						
					 
					
						2010-09-16 08:43:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9a72a25704 
							
						 
					 
					
						
						
							
							again minor update  
						
						
						
					 
					
						2010-09-15 13:59:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							53800ef65f 
							
						 
					 
					
						
						
							
							more refactoring  
						
						
						
					 
					
						2010-09-15 13:32:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							abc12bc361 
							
						 
					 
					
						
						
							
							more refactoring  
						
						
						
					 
					
						2010-09-15 13:28:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							77a53228c5 
							
						 
					 
					
						
						
							
							changes regarding dynamic content recognition  
						
						
						
					 
					
						2010-09-13 21:01:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c886659f82 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-09-13 15:24:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2350a3c74d 
							
						 
					 
					
						
						
							
							minor change  
						
						
						
					 
					
						2010-09-13 15:20:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cdc6bdcbe8 
							
						 
					 
					
						
						
							
							changes  
						
						
						
					 
					
						2010-09-13 15:19:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19fb2e3dcf 
							
						 
					 
					
						
						
							
							fix for Bug  #165  
						
						
						
					 
					
						2010-09-13 13:31:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							48cc87f6a9 
							
						 
					 
					
						
						
							
							added support for fingerprinting SAP MaxDB (Issue 143)  
						
						
						
					 
					
						2010-08-30 13:29:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8cb95583e3 
							
						 
					 
					
						
						
							
							some more adjustments  
						
						
						
					 
					
						2010-07-30 12:59:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							092829c189 
							
						 
					 
					
						
						
							
							implemented basic smoke testing mechanism  
						
						
						
					 
					
						2010-07-30 12:49:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							28d9115373 
							
						 
					 
					
						
						
							
							fix for Feature  #187  (Skip duplicates parameters in -g)  
						
						
						
					 
					
						2010-07-29 20:01:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							12a5ec9f3d 
							
						 
					 
					
						
						
							
							more unicode refactoring  
						
						
						
					 
					
						2010-06-02 12:45:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							06af405efd 
							
						 
					 
					
						
						
							
							Adapted and merged in patch to support XML output (-x switch) - still in beta.  
						
						... 
						
						
						
						Minor bug fixes and adjustments. 
						
					 
					
						2010-05-28 16:43:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3db3c03c1 
							
						 
					 
					
						
						
							
							str() -> unicode()  
						
						
						
					 
					
						2010-05-28 13:05:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							14cab8527e 
							
						 
					 
					
						
						
							
							minor adjustment  
						
						
						
					 
					
						2010-05-21 14:25:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3110bb10fc 
							
						 
					 
					
						
						
							
							added test for site existance  
						
						
						
					 
					
						2010-05-21 13:36:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							65a05452f7 
							
						 
					 
					
						
						
							
							Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See  #190 :  
						
						... 
						
						
						
						* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C 
						
					 
					
						2010-05-07 13:40:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5fdebb5d5b 
							
						 
					 
					
						
						
							
							Added support to directly connect also to Microsoft SQL Server database.  
						
						... 
						
						
						
						Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods. 
						
					 
					
						2010-03-31 10:50:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8702cce760 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-03-30 13:23:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c2a6f21095 
							
						 
					 
					
						
						
							
							refactoring regarding usage of conf.dbmsConnector.connect()  
						
						
						
					 
					
						2010-03-30 13:03:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1416cd0d86 
							
						 
					 
					
						
						
							
							Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see  #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).  
						
						... 
						
						
						
						Minor layout adjustments. 
						
					 
					
						2010-03-26 23:23:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2aadc5c939 
							
						 
					 
					
						
						
							
							Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket  #180 .  
						
						... 
						
						
						
						Minor enhancement to Firebird to determine if a DB user is a DBA.
Minor code refactoring. 
						
					 
					
						2010-03-25 15:46:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d00e4a458a 
							
						 
					 
					
						
						
							
							Code cleanup  
						
						
						
					 
					
						2010-03-21 00:39:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0d559d14df 
							
						 
					 
					
						
						
							
							Initial support for SQLite (90% approx).  
						
						... 
						
						
						
						Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments. 
						
					 
					
						2010-03-18 17:20:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d2f86fb0a5 
							
						 
					 
					
						
						
							
							Fixes   #172  - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now  
						
						
						
					 
					
						2010-03-16 15:21:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							466df89c4a 
							
						 
					 
					
						
						
							
							Fixes   #178  and  #179  - proper handling of custom redirects  
						
						
						
					 
					
						2010-03-16 14:30:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b3353e05b 
							
						 
					 
					
						
						
							
							Revert last commit  
						
						
						
					 
					
						2010-03-16 13:56:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1dfe558d3d 
							
						 
					 
					
						
						
							
							Fix for Issue  #177  
						
						
						
					 
					
						2010-03-16 13:11:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							323cf2b7f2 
							
						 
					 
					
						
						
							
							Fixes   #177  - Don't exit at exception if in "multiple targets" mode (-l or -g)  
						
						
						
					 
					
						2010-03-16 12:14:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8af7d6c58b 
							
						 
					 
					
						
						
							
							minor cosmetic update  
						
						
						
					 
					
						2010-03-15 11:55:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a0ec447b7d 
							
						 
					 
					
						
						
							
							fix for Issue  #170  
						
						
						
					 
					
						2010-03-15 11:33:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f6adb431e6 
							
						 
					 
					
						
						
							
							Minor layout adjustment and typo fix  
						
						
						
					 
					
						2010-03-12 12:23:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8593741358 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-03-05 15:25:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							156fdd96ef 
							
						 
					 
					
						
						
							
							Updated copyright  
						
						
						
					 
					
						2010-03-03 15:26:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							203cfd114f 
							
						 
					 
					
						
						
							
							changed raised exception type  
						
						
						
					 
					
						2010-02-10 09:39:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8e8f6f842c 
							
						 
					 
					
						
						
							
							fix for that md5 error reported by Dani (lgrecol@gmail.com)  
						
						
						
					 
					
						2010-02-10 09:27:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							26c7b74e65 
							
						 
					 
					
						
						
							
							changes regarding Data (GET/POST/Cookie) encoding (Bug  #129 )  
						
						
						
					 
					
						2010-01-14 18:05:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ce022a3b6e 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.  
						
						
						
					 
					
						2010-01-02 02:02:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							89c43893d4 
							
						 
					 
					
						
						
							
							Merged back from personal branch to trunk (svn merge -r846:940 ...)  
						
						... 
						
						
						
						Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring. 
						
					 
					
						2009-09-25 23:03:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							16b4530bbe 
							
						 
					 
					
						
						
							
							Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).  
						
						... 
						
						
						
						Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS. 
						
					 
					
						2009-04-27 23:05:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8c0ac767f4 
							
						 
					 
					
						
						
							
							Updated to sqlmap 0.7 release candidate 1  
						
						
						
					 
					
						2009-04-22 11:48:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							207e96e2b2 
							
						 
					 
					
						
						
							
							Major bug fix in the comparison algorithm to correctly handle also the  
						
						... 
						
						
						
						case that the url is stable and the False response changes the page
content very little. 
						
					 
					
						2009-02-09 10:28:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5560f0b68a 
							
						 
					 
					
						
						
							
							Updated the copyright  
						
						
						
					 
					
						2009-01-12 21:35:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							92645dd264 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2009-01-10 14:51:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e10ab5aa0e 
							
						 
					 
					
						
						
							
							Major bug fixes  
						
						
						
					 
					
						2009-01-10 14:39:27 +00:00