Commit Graph

488 Commits

Author SHA1 Message Date
Miroslav Stampar
763dc98311 Minor refactoring 2012-10-02 13:36:15 +02:00
Miroslav Stampar
a8aecaa036 Minor style update 2012-10-02 13:33:10 +02:00
Miroslav Stampar
d175decdfc Fix for an Issue #190 2012-09-22 20:59:40 +02:00
Miroslav Stampar
511c3b8dcc Update and fix for an Issue #182 2012-09-11 14:58:52 +02:00
Miroslav Stampar
5d23d72ff5 Fix for an Issue #176 2012-09-08 17:58:03 +02:00
Miroslav Stampar
dbce417cdd Potential fix for an Issue #171 2012-09-02 22:48:41 +02:00
Miroslav Stampar
b916db34a4 Another update for an Issue #79 2012-08-31 12:38:02 +02:00
Miroslav Stampar
47d162f391 Minor update (same but cleaner) 2012-08-31 12:27:40 +02:00
Miroslav Stampar
7286d89cb6 Few fixes for an Issue #79 (problem with case sensitivity of request get_header) 2012-08-31 12:15:09 +02:00
Miroslav Stampar
cdd3ed6abc Minor bug fix 2012-08-30 14:22:18 +02:00
Miroslav Stampar
d421f9a618 Fix for an Issue #157 2012-08-21 14:34:19 +02:00
Miroslav Stampar
b9c63eb908 Fix for an Issue #156 2012-08-21 10:46:29 +02:00
Miroslav Stampar
7a8ace78f9 Removing redundant newline char as logger already adds it's own 2012-08-21 09:58:40 +02:00
Miroslav Stampar
233b9a3815 Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those) 2012-08-20 22:17:39 +02:00
Miroslav Stampar
823dde73ab Minor cleanup 2012-08-20 11:40:49 +02:00
Miroslav Stampar
76338add17 Fix for an Issue #152 2012-08-20 10:41:43 +02:00
Miroslav Stampar
fec8a5cc9d Fix for an Issue #139 2012-08-07 00:50:58 +02:00
Miroslav Stampar
142fc887f1 Fix for an Issue #129 2012-07-31 11:03:44 +02:00
Bernardo Damele
92c2b3bd4c Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-07-26 23:11:11 +01:00
Bernardo Damele
d492291744 working on issue #12 2012-07-26 23:11:07 +01:00
Miroslav Stampar
efa99c4519 Implementation for an Issue #4 2012-07-26 14:07:05 +02:00
Miroslav Stampar
b3552494c4 Minor preparation for an Issue #48 2012-07-26 12:26:57 +02:00
Miroslav Stampar
63bf99ce77 Minor just in case update for an Issue #117 2012-07-23 14:46:43 +02:00
Miroslav Stampar
a7d1a0c250 Implementation for an Issue #117 2012-07-23 14:14:22 +02:00
Miroslav Stampar
534eccc9aa Fix for an Issue #115 2012-07-23 10:16:47 +02:00
Miroslav Stampar
f336afa913 Implementation for Issue #108 2012-07-20 09:48:09 +02:00
Miroslav Stampar
87ecf205cb More work for Issue #66 2012-07-14 17:01:04 +02:00
Miroslav Stampar
805120ac52 Minor refactoring 2012-07-14 11:01:30 +02:00
Miroslav Stampar
3c81f74823 Minor style update 2012-07-13 12:22:37 +02:00
Bernardo Damele
162da75a04 modified homepage address 2012-07-12 18:38:03 +01:00
Miroslav Stampar
e948e4d45b Some more refactoring 2012-07-06 17:18:22 +02:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Miroslav Stampar
4ac3794e80 minor update 2012-06-12 14:22:14 +00:00
Miroslav Stampar
226547b7dc minor fix for --skip-urlencode and custom post 2012-05-28 09:04:25 +00:00
Miroslav Stampar
09f2144485 full page read is not needed in DNS exfiltration mode 2012-05-26 21:28:43 +00:00
Miroslav Stampar
c394610740 adding switch --skip-urlencode to skip URL encoding of POST data 2012-05-24 23:30:33 +00:00
Miroslav Stampar
2538e2d5b4 fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring 2012-05-22 09:33:22 +00:00
Miroslav Stampar
12d32f58f2 fix for that SOAP reported bug 2012-05-10 13:39:54 +00:00
Miroslav Stampar
775134639d minor update 2012-04-20 20:33:15 +00:00
Miroslav Stampar
6ebb621228 adding support for (custom) POST injection (marking injection point with '*' in conf.data) 2012-04-17 14:23:00 +00:00
Miroslav Stampar
052d9455fe warning user in cases of "User xyz already has more than 'max_user_connections' active connections" 2012-04-12 09:44:54 +00:00
Miroslav Stampar
8c6eb4faa9 adding support for PgSQL DNS data exfiltration 2012-04-07 14:06:11 +00:00
Miroslav Stampar
b2afa87e48 reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases) 2012-04-06 08:42:36 +00:00
Miroslav Stampar
2223c884e5 minor refactoring 2012-04-05 12:55:26 +00:00
Miroslav Stampar
e0994947e2 minor update 2012-04-04 23:37:50 +00:00
Miroslav Stampar
c89a4162e2 bug fix for --dns-domain with --technique=TS 2012-04-04 18:01:39 +00:00
Miroslav Stampar
637a8d8273 improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism 2012-03-29 14:33:27 +00:00
Miroslav Stampar
0fc4288a7c modifying redirection code for only two choices 2012-03-18 17:27:08 +00:00
Bernardo Damele
3505503a08 no need to return here 2012-03-16 17:30:16 +00:00
Miroslav Stampar
577caac4de putting kb.negativeLogic setting to the safe place 2012-03-16 09:17:11 +00:00
Miroslav Stampar
209e795369 minor just in case update 2012-03-16 09:02:17 +00:00
Miroslav Stampar
adb5fff6b2 one more update related to the redirection mechanism 2012-03-15 20:17:40 +00:00
Miroslav Stampar
ddd92476a8 minor fix 2012-03-15 15:58:25 +00:00
Miroslav Stampar
8dd570057b minor fix (double traffic log for -t in case of HTTP error) 2012-03-15 14:51:16 +00:00
Miroslav Stampar
f7df755f37 minor update 2012-03-15 12:55:22 +00:00
Miroslav Stampar
a8c9a47092 redirect logic rewritten from scratch 2012-03-15 11:10:58 +00:00
Miroslav Stampar
52a8b25ff4 minor fix 2012-03-14 14:31:41 +00:00
Miroslav Stampar
a7fbc55748 grammar fix 2012-03-13 22:03:23 +00:00
Miroslav Stampar
edfcddd3c3 minor fix for logging only cookies used by request (e.g. --load-cookies case) 2012-03-13 10:58:15 +00:00
Miroslav Stampar
e6c610abab minor fix 2012-03-13 09:14:56 +00:00
Miroslav Stampar
48bcde478e more general update 2012-03-12 15:29:55 +00:00
Miroslav Stampar
1d0c8a7f44 minor update 2012-03-12 15:19:02 +00:00
Miroslav Stampar
b3bd4144f5 removing of unused imports together with some general code refactoring 2012-02-22 10:40:11 +00:00
Miroslav Stampar
dcf7277a0f some more refactorings 2012-02-16 14:42:28 +00:00
Miroslav Stampar
85a4ef6593 minor update 2012-02-08 12:00:03 +00:00
Miroslav Stampar
a7970d094a minor update 2012-02-01 15:10:06 +00:00
Miroslav Stampar
8405ef59ac some estetic updates 2012-02-01 14:49:42 +00:00
Miroslav Stampar
527ce070a3 minor fix 2012-01-16 10:04:18 +00:00
Miroslav Stampar
95f89ab63a updating copyright date 2012-01-11 14:59:46 +00:00
Miroslav Stampar
1d0b43b1a2 implemented mechanism for merging cookies by request 2012-01-11 14:28:08 +00:00
Miroslav Stampar
40398f358c minor update 2012-01-05 14:55:23 +00:00
Miroslav Stampar
1f085a0241 now [SLEEPTIME] is changeable properly in vivo 2012-01-05 14:45:05 +00:00
Miroslav Stampar
ea87c89c25 minor fix 2012-01-03 23:44:56 +00:00
Miroslav Stampar
63bc4ce116 minor patch 2011-12-30 14:11:02 +00:00
Miroslav Stampar
c20546dcaa minor refactoring 2011-12-26 12:24:39 +00:00
Miroslav Stampar
526aacb640 code cleanup 2011-12-21 22:59:23 +00:00
Miroslav Stampar
95cd9e2af3 adding support for scanning Host header values (-p host) 2011-12-20 12:52:41 +00:00
Miroslav Stampar
1b16b5e0f1 minor fix 2011-12-20 09:10:44 +00:00
Miroslav Stampar
c57941c102 minor beautification 2011-12-15 23:33:44 +00:00
Miroslav Stampar
563c0c1066 adding switch --tor-type 2011-12-15 23:19:55 +00:00
Miroslav Stampar
e6820ebbd2 minor update 2011-12-14 10:26:03 +00:00
Miroslav Stampar
364113441b adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles) 2011-12-14 10:19:45 +00:00
Miroslav Stampar
0f5d48ff20 minor update 2011-12-05 09:25:56 +00:00
Miroslav Stampar
9bc735963b update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself)) 2011-12-04 22:42:19 +00:00
Miroslav Stampar
b03a5e8928 people don't know what's "standard deviation" and they are wrongly connecting it's value in seconds to the --time-sec value 2011-12-01 13:30:47 +00:00
Miroslav Stampar
3cd8f47686 minor bug fix 2011-11-29 17:17:06 +00:00
Miroslav Stampar
d958c2fe48 minor fix 2011-11-28 11:21:39 +00:00
Miroslav Stampar
ba4234dc42 switching from HTTP proxy to SOCKS proxy for --tor (sick and tired of Polipo/Privoxy bull; either Tor flag is overwritten every here and there or they are putting all kinds of filter warnings) 2011-11-23 21:17:08 +00:00
Miroslav Stampar
4fa24ec704 minor improvement 2011-11-21 17:39:18 +00:00
Miroslav Stampar
65b2b0ad87 adding switch --eval 2011-11-21 16:41:02 +00:00
Miroslav Stampar
df0b451389 minor update 2011-11-20 23:17:57 +00:00
Miroslav Stampar
440b7efe55 minor optimization 2011-11-20 20:14:47 +00:00
Miroslav Stampar
b888829d12 minor update 2011-11-14 11:39:18 +00:00
Miroslav Stampar
ccbd93cc2e fix for redirect/HOST header bug 2011-11-11 11:28:27 +00:00
Miroslav Stampar
1061c06617 improvement of redirecting code 2011-11-11 11:07:49 +00:00
Miroslav Stampar
e183437f0b minor typo 2011-11-10 10:30:53 +00:00
Miroslav Stampar
62f8f8d36c bug fix (thanks to zhen zhou) 2011-11-10 10:22:35 +00:00
Miroslav Stampar
c1486ed4be adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request 2011-10-25 09:53:44 +00:00
Miroslav Stampar
6d64f87190 minor update 2011-10-24 00:46:54 +00:00
Miroslav Stampar
1f7d87c6a4 bug fix for --code (previously redirecting codes where not considered) 2011-10-23 20:48:37 +00:00
Miroslav Stampar
77e630d89e replaced longer CHAR form of escaped MySQL strings with more compact hex form 2011-10-23 20:19:42 +00:00
Miroslav Stampar
3f0517d3f3 support for non-latin (e.g. cyrillic) URLs 2011-10-23 17:02:48 +00:00
Miroslav Stampar
0db0571f35 minor patch 2011-10-21 09:06:00 +00:00
Miroslav Stampar
dd0ed5f5da adding redirect response to the traffic file 2011-09-28 08:13:46 +00:00
Miroslav Stampar
e0f521cf9d minor update regarding --randomize 2011-08-29 13:08:25 +00:00
Miroslav Stampar
ac00014c4a implemented --randomize switch by request 2011-08-29 12:50:52 +00:00
Miroslav Stampar
75ec146224 minor beautification 2011-08-17 21:17:02 +00:00
Bernardo Damele
702ed73a65 Added --code switch to match in boolean-based tests against the HTTP response code 2011-08-12 16:48:11 +00:00
Bernardo Damele
fff4c34e33 Search for --string and --regexp matches also in HTTP response headers 2011-08-12 15:33:37 +00:00
Bernardo Damele
5e5133b8e7 Should be fixed now 2011-08-12 15:00:11 +00:00
Bernardo Damele
1505cb2a80 typo 2011-08-12 14:51:39 +00:00
Bernardo Damele
702ca22d54 Minor bug fix for URI injections 2011-08-12 14:48:44 +00:00
Bernardo Damele
28bba9f5e6 More verbose warning message 2011-08-12 13:47:38 +00:00
Miroslav Stampar
10bdd90e60 minor speed optimizations (as a result of profiling) 2011-08-12 13:40:37 +00:00
Miroslav Stampar
02bfd05b20 more general approach 2011-07-08 10:03:14 +00:00
Miroslav Stampar
ba2c06c9dc quick fix 2011-07-08 09:01:32 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Miroslav Stampar
93b296e02c few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation") 2011-07-06 05:44:47 +00:00
Miroslav Stampar
75524c283d minor update 2011-06-27 21:59:31 +00:00
Miroslav Stampar
831f083223 minor update 2011-06-27 21:38:12 +00:00
Miroslav Stampar
e9286ddd5b fix for a bug reported by g@brindi.si (UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position
47: ordinal not in range(128))
2011-06-24 19:24:11 +00:00
Miroslav Stampar
e76cb19e35 minor patch 2011-06-22 09:11:12 +00:00
Miroslav Stampar
b16b92fe46 minor update 2011-06-21 20:59:34 +00:00
Miroslav Stampar
2220afbdf5 fix by request 2011-06-21 20:50:16 +00:00
Miroslav Stampar
bdb530da1f minor update 2011-06-19 10:11:27 +00:00
Miroslav Stampar
d5bc149636 made changes by buawig request (504 is treated as a classical timeout) 2011-06-19 09:57:41 +00:00
Bernardo Damele
0d8d6a4ace Cosmetics 2011-06-08 16:08:20 +00:00
Miroslav Stampar
4a9640160e more concise 2011-06-08 14:35:23 +00:00
Miroslav Stampar
6b81eef65a refactoring 2011-06-08 14:30:12 +00:00
Miroslav Stampar
75c12c5edb fix for a bug reported by cclements@flatearth.​net (TypeError: argument of type 'NoneType' is not iterable) 2011-06-07 21:46:49 +00:00
Miroslav Stampar
a5a70f0895 minor update 2011-05-28 18:21:03 +00:00
Miroslav Stampar
c11ea35d53 adding some user input for "refreshing" cases (like redirect ones) 2011-05-27 22:42:23 +00:00
Miroslav Stampar
cf69809c3c minor update 2011-05-27 16:26:00 +00:00
Miroslav Stampar
61b960f65f minor update related to the last one 2011-05-26 22:05:10 +00:00
Miroslav Stampar
45caadbd4a important update - finally found what was causing headache for UNION payloads in noticeable number of cases 2011-05-26 21:54:19 +00:00
Miroslav Stampar
4f2c999146 fix for a bug reported by mail@8dh.de (UnicodeDecodeError: requestMsg += "\n%s" % requestHeaders) 2011-05-26 13:47:20 +00:00
Miroslav Stampar
f774d8fea0 proper Tor settings (reverted r3915 and implemented it the right way) 2011-05-24 11:06:58 +00:00
Miroslav Stampar
915c206e3d minor fix for socks proxy issues 2011-05-24 09:47:10 +00:00
Miroslav Stampar
ad25bcc2be better way for dealing with relative paths 2011-05-24 05:26:51 +00:00
Miroslav Stampar
a536bf210f improved redirection mechanism 2011-05-23 23:20:03 +00:00
Miroslav Stampar
40971aca94 fixing nasty bug caused by retrying counter 2011-05-22 10:59:56 +00:00
Miroslav Stampar
712e238f33 another minor fix 2011-05-22 10:29:25 +00:00
Miroslav Stampar
2795aeff34 minor fix 2011-05-22 10:27:45 +00:00
Miroslav Stampar
806e898694 no more CRITICAL drop outs in test mode - lots of reports were related to this 2011-05-22 10:21:49 +00:00
Miroslav Stampar
9b2623514a one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables 2011-05-22 09:48:46 +00:00
Miroslav Stampar
2ea613b170 type correction and adding global flag kb.ignoreTimeout which could be useful 2011-05-22 08:24:13 +00:00
Miroslav Stampar
27f0e73cc9 refactoring of 'target' flag in connect.py 2011-05-22 07:46:09 +00:00
Miroslav Stampar
25fff8c135 changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux) 2011-05-21 11:46:57 +00:00
Miroslav Stampar
053c245114 few minor fixes 2011-05-13 09:56:12 +00:00
Miroslav Stampar
a7d7be5ce0 bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host) 2011-05-13 01:01:53 +00:00