Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							386e98a0e3 
							
						 
					 
					
						
						
							
							using UNION SELECT for where=..NEGATIVE  
						
						
						
					 
					
						2012-02-22 09:41:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c9d570c83b 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-21 13:49:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							686eacda9a 
							
						 
					 
					
						
						
							
							minor update regarding --hex  
						
						
						
					 
					
						2012-02-21 13:38:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bcf3255fe1 
							
						 
					 
					
						
						
							
							implementation of switch --hex for 4 major DBMSes  
						
						
						
					 
					
						2012-02-21 11:44:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							77723a7aee 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-21 10:24:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d70f4b7150 
							
						 
					 
					
						
						
							
							adding hex conversion functions to queries.xml for 4 major DBMSes  
						
						
						
					 
					
						2012-02-21 10:10:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3e4db6d140 
							
						 
					 
					
						
						
							
							minor fix for Python v2.6  
						
						
						
					 
					
						2012-02-20 19:35:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f55ad46119 
							
						 
					 
					
						
						
							
							Use %TEMP% environment variable as temporary directory (--tmp-path overwrites this btw) folder with direct connection (-d). Via SQL injection, env variables do not work apparently  
						
						
						
					 
					
						2012-02-20 11:06:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							08bf8c201f 
							
						 
					 
					
						
						
							
							few minor fixes  
						
						
						
					 
					
						2012-02-20 10:24:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bc4dd7c0dd 
							
						 
					 
					
						
						
							
							fix for -g  
						
						
						
					 
					
						2012-02-20 10:02:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							121148f27f 
							
						 
					 
					
						
						
							
							There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.  
						
						... 
						
						
						
						Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones 
						
					 
					
						2012-02-17 15:54:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ebd40b3933 
							
						 
					 
					
						
						
							
							Minor bug fix to make --file-read and --os-bof syntactically work also with -d (direct connection)  
						
						
						
					 
					
						2012-02-17 15:16:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aee269cc14 
							
						 
					 
					
						
						
							
							gazillion changes, nothing will work, muhahaha  
						
						
						
					 
					
						2012-02-17 14:22:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dcf7277a0f 
							
						 
					 
					
						
						
							
							some more refactorings  
						
						
						
					 
					
						2012-02-16 14:42:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6632aa7308 
							
						 
					 
					
						
						
							
							some more refactoring  
						
						
						
					 
					
						2012-02-16 13:46:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							32ca99da53 
							
						 
					 
					
						
						
							
							minor update of FAQ files  
						
						
						
					 
					
						2012-02-16 13:26:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							17d9cc0c7a 
							
						 
					 
					
						
						
							
							replaced tabs with spaces and removed some pesky unprintable chars  
						
						
						
					 
					
						2012-02-16 13:15:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							844fc8addb 
							
						 
					 
					
						
						
							
							minor cleanup  
						
						
						
					 
					
						2012-02-16 10:19:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0e23521adc 
							
						 
					 
					
						
						
							
							some more refactoring  
						
						
						
					 
					
						2012-02-16 09:54:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e1f86c97c4 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2012-02-16 09:46:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bcf9fc6c6f 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2012-02-16 09:32:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8d7912ad34 
							
						 
					 
					
						
						
							
							minor update and refactoring  
						
						
						
					 
					
						2012-02-15 14:05:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bf923a97df 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-15 13:45:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							122db6e164 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-15 13:24:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9059d30312 
							
						 
					 
					
						
						
							
							adding first code example for SPL snippets  
						
						
						
					 
					
						2012-02-15 13:17:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							edeb4b6113 
							
						 
					 
					
						
						
							
							bug fix for --os-shell on Windows (echo ... > requires double quotes if the piped filename contains whitespace, otherwise doesn't hurt)  
						
						
						
					 
					
						2012-02-15 11:14:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							35fa214a1e 
							
						 
					 
					
						
						
							
							minor update (it was working before too, but this is cleaner)  
						
						
						
					 
					
						2012-02-15 10:14:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c44d6d3c7 
							
						 
					 
					
						
						
							
							Fixed annoying bug that prevented proper checkBooleanExpression() function to work with direct connection (-d). Now DBMS fingerprint should work properly with -d  
						
						
						
					 
					
						2012-02-14 17:29:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							23cc8b6974 
							
						 
					 
					
						
						
							
							minor fix for special cases when parameter value contains html encoded characters  
						
						
						
					 
					
						2012-02-14 14:08:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1ab02494c 
							
						 
					 
					
						
						
							
							minor grammar and cosmetics  
						
						
						
					 
					
						2012-02-14 13:18:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bb5113980b 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-14 10:27:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f15c52188 
							
						 
					 
					
						
						
							
							minor change in workflow for "tainted" parameter values  
						
						
						
					 
					
						2012-02-14 09:26:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2604e73d88 
							
						 
					 
					
						
						
							
							minor change in workflow  
						
						
						
					 
					
						2012-02-13 11:18:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							96f589fc89 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-02-12 19:22:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8a2bd3897d 
							
						 
					 
					
						
						
							
							minor output fix  
						
						
						
					 
					
						2012-02-12 19:11:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							48583a9b8d 
							
						 
					 
					
						
						
							
							update of THANKS file  
						
						
						
					 
					
						2012-02-12 19:01:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1368053e5 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-02-12 18:46:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							249cb48b0b 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-02-10 15:59:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6be95194a7 
							
						 
					 
					
						
						
							
							matter of concision  
						
						
						
					 
					
						2012-02-10 15:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eab7a54e03 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2012-02-10 15:34:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							92590d0d59 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-02-10 15:26:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e36e9de57e 
							
						 
					 
					
						
						
							
							minor update by request  
						
						
						
					 
					
						2012-02-10 15:12:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b140ef4a14 
							
						 
					 
					
						
						
							
							minor update (preparing for switching to HashDB from old sessionFile)  
						
						
						
					 
					
						2012-02-10 10:24:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7bca926a0b 
							
						 
					 
					
						
						
							
							fixes, updates, patches  
						
						
						
					 
					
						2012-02-09 10:16:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							948cf25de4 
							
						 
					 
					
						
						
							
							more consistent  
						
						
						
					 
					
						2012-02-09 09:53:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							980367b7b2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-09 09:48:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7e9e582eca 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-08 14:23:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1d4b10dbd1 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2012-02-08 13:55:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2662fe84f7 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-08 12:02:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							85a4ef6593 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-08 12:00:03 +00:00