sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-10-30 23:47:45 +03:00

Author	SHA1	Message	Date
Bernardo Damele	6c490bfc8f	Avoid a traceback elsewhere	2011-01-20 21:43:41 +00:00
Bernardo Damele	7ce49bcf0d	Sorted boundaries so that the ones with parenthesis are tested first - it has to be like this! Adjusted comments accordingly to new UNION-specific tags.	2011-01-20 21:42:55 +00:00
Miroslav Stampar	f6d79f58bc	another fix (LIMIT is not a good idea to have in inband queries)	2011-01-20 21:13:28 +00:00
Miroslav Stampar	ff1a44c335	probably a fix for that SQLite bug reported by Ahmed Shawky	2011-01-20 20:30:18 +00:00
Miroslav Stampar	a1d77737f5	minor grammar update (this should be a better form)	2011-01-20 18:35:21 +00:00
Miroslav Stampar	496a84c356	minor update	2011-01-20 18:32:04 +00:00
Miroslav Stampar	dd7262d9e6	we haven't closed session file for previous target which lead to potentially nasty problems in multi target mode	2011-01-20 17:53:49 +00:00
Miroslav Stampar	ad12242151	LoL (removing those checks because we use same "logic" for parsing Burp log files and request files)	2011-01-20 16:27:59 +00:00
Miroslav Stampar	e8c037de1a	minor update	2011-01-20 16:17:38 +00:00
Miroslav Stampar	4e5f0da1ae	minor update	2011-01-20 16:07:08 +00:00
Miroslav Stampar	2fa066f892	added support for WebScarab logs	2011-01-20 15:55:50 +00:00
Miroslav Stampar	345e2288e1	important fix regarding encoding stuff	2011-01-20 13:54:18 +00:00
Miroslav Stampar	f6f4b5e9dd	bug fix for charset used in inference for pages retrieved with --null-connection	2011-01-20 11:01:01 +00:00
Miroslav Stampar	a4a0f10950	minor minor minor	2011-01-20 09:25:34 +00:00
Bernardo Damele	50c02fbb37	Done with previous refactoring	2011-01-20 00:01:06 +00:00
Bernardo Damele	701947490b	Two major bug fixes related to UNION technique query forging	2011-01-19 23:46:39 +00:00
Miroslav Stampar	7a060e756d	dummy fix for SQLite schema retrieval (lots of spaces inside)	2011-01-19 23:16:22 +00:00
Bernardo Damele	bade0e3124	Major code refactoring - centralized all kb.dbms* info for both retrieval and set.	2011-01-19 23:06:15 +00:00
Miroslav Stampar	4bdc19d879	minor cosmetics	2011-01-19 22:48:06 +00:00
Miroslav Stampar	c106dc829a	more proper way to deal with this because without it warn message is just fast scrolled while leaving users confused (why it doesn't run)	2011-01-19 22:08:56 +00:00
Miroslav Stampar	7ad41f9b19	bug fix (UnboundLocalError: local variable 'colType' referenced before assignment)	2011-01-19 21:46:43 +00:00
Miroslav Stampar	aea43a1e43	minor refactoring	2011-01-19 15:26:57 +00:00
Miroslav Stampar	eadaf680de	fuck yea	2011-01-19 15:25:48 +00:00
Miroslav Stampar	89e0fd0709	back to roots	2011-01-19 14:06:26 +00:00
Bernardo Damele	c1f6bf2eda	Updated	2011-01-18 23:14:35 +00:00
Bernardo Damele	33485198e1	Code cleanup	2011-01-18 23:05:32 +00:00
Bernardo Damele	eda0b41859	Added a precaution when, in some rare circumstances, fingerprinted DBMS differ during detection phase. Adapted UNION tests' titles when --union-char is provided. Lots of comment adjustments. Code cleanup	2011-01-18 23:03:50 +00:00
Bernardo Damele	cffa17f5a6	Major bug fix - before it raised a traceback, now works.	2011-01-18 23:02:47 +00:00
Bernardo Damele	daebb0010b	Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based. Alignment of SQL statement payload packing/unpacking between all of the techniques. Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too. Minor code cleanup.	2011-01-18 23:02:11 +00:00
Bernardo Damele	81be23976e	Confirmed HAVING payloads work as WHERE ones. Changed <risk> value of all 'heavy query' tests to 2 as it can potentially lead to a DoS. Proper handling of title for UNION tests when --union-char is provided.	2011-01-18 22:55:20 +00:00
Miroslav Stampar	f7d9b22510	because other major DBMSes have at least one level 1 time based payload	2011-01-18 20:32:49 +00:00
Miroslav Stampar	38d0958781	minor fix (for numeric columns with all 0)	2011-01-18 11:42:36 +00:00
Miroslav Stampar	bdcb10cdab	added MSSQL time based vector	2011-01-18 02:05:18 +00:00
Bernardo Damele	3822b494ea	Major bug fix to properly deal with EXISTS() when forging query or retrieving the query columns.	2011-01-17 23:43:37 +00:00
Bernardo Damele	c2a358561f	Proper support for --union-cols	2011-01-17 22:57:33 +00:00
Bernardo Damele	35fb50a6ee	Major bug fix	2011-01-17 22:56:04 +00:00
Bernardo Damele	47565f9459	Minor code refactoring	2011-01-17 21:13:59 +00:00
Miroslav Stampar	041abb56e2	you can't believe how much man can learn when having good testing points	2011-01-17 13:59:22 +00:00
Miroslav Stampar	d225c5c9aa	was wrong about this one (just now tested on a real site)	2011-01-17 11:00:09 +00:00
Miroslav Stampar	ac0b5e6dbc	proper way to handle this (console output has totally different encoding than the page one)	2011-01-17 10:27:36 +00:00
Miroslav Stampar	34d13be0d3	minor update regarding default page encoding	2011-01-17 10:23:37 +00:00
Miroslav Stampar	5c857779c1	important fix for unicode based character inference	2011-01-17 10:15:19 +00:00
Miroslav Stampar	99a3a3b89c	minor fix (break if all found)	2011-01-17 09:41:25 +00:00
Miroslav Stampar	0fcca671bd	information update regarding common password suffixes	2011-01-17 09:28:25 +00:00
Miroslav Stampar	a835f233ac	fix for a bug reported by buawig@gmail.com (AttributeError: 'module' object has no attribute 'set_completer')	2011-01-17 00:17:31 +00:00
Miroslav Stampar	2041361695	minor cosmetics	2011-01-16 23:20:52 +00:00
Miroslav Stampar	e2c821eb81	minor cosmetics	2011-01-16 22:35:54 +00:00
Miroslav Stampar	e881465a9f	minor improvement	2011-01-16 20:55:07 +00:00
Miroslav Stampar	f5e36876e7	removing --text-only from that "dynamicity" warning selection (other two are more preferable) and minor cosmetics/consistency	2011-01-16 19:29:06 +00:00
Miroslav Stampar	a6516798c0	proper fix for that previous "stacked" fix (that one screwed other injection types)	2011-01-16 19:25:10 +00:00

... 8 9 10 11 12 ...

2453 Commits