sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-28 04:23:50 +03:00

Author	SHA1	Message	Date
stamparm	dc1623a40f	Fix for a bug reported over ML (error: unbalanced parenthesis)	2013-07-11 10:20:58 +02:00
stamparm	01159575b2	Fix for an Issue #488	2013-07-11 10:11:43 +02:00
stamparm	1ae68b9bb3	Update for an Issue #405 (fix for usage of old 'complete' data from previous runs)	2013-07-10 17:18:09 +02:00
stamparm	f6c7b398fd	Update for an Issue #405 (fix for persistent options problem)	2013-07-10 16:57:44 +02:00
stamparm	aad102378a	Fix for an Issue #487	2013-07-09 11:00:43 +02:00
stamparm	be5ce760b6	Fix for an Issue #485 (failing back to single-thread mode if over some bisection length)	2013-07-09 10:24:48 +02:00
stamparm	d7c0805e7c	Removing leftover	2013-07-08 12:45:02 +02:00
stamparm	a548eb5c70	Minor text update	2013-07-08 12:44:14 +02:00
stamparm	d0e79a4d15	Minor text update	2013-07-08 12:38:36 +02:00
stamparm	a530817727	Minor typo fix	2013-07-08 11:52:46 +02:00
stamparm	8d3435ab0b	Removing reflective warning for parsing heuristic test	2013-07-08 11:48:33 +02:00
stamparm	db536427f0	Adding a question for storing hashes to a temporary file (after a mention of it on Twitter)	2013-07-04 15:34:00 +02:00
stamparm	f97b35dcc1	Patch for an Issue #475	2013-07-01 13:43:38 +02:00
stamparm	017ce22a2f	Minor consistency patch (Issue #475 )	2013-07-01 13:01:53 +02:00
stamparm	5ff09aff63	Some more adjustments (Issue #475 )	2013-07-01 12:50:12 +02:00
stamparm	04046f38eb	Minor update (Issue #475 )	2013-07-01 12:26:57 +02:00
stamparm	f7d15cb465	Official naming is HSQLDB (and/or HyperSQL)	2013-07-01 11:57:47 +02:00
Miroslav Stampar	aeb83ba651	Merge pull request #475 from Meatballs1/hsql_clean HSQL Payloads and Query Support	2013-07-01 02:38:04 -07:00
Miroslav Stampar	a1842f44f5	Fix for an Issue #477	2013-06-29 20:55:48 +02:00
stamparm	fd5b665f7d	Removing arithmetic operations from false positive checking to minimize affect of character filtering ('>' and '=' have to stay because those are minimal requirements)	2013-06-26 10:55:34 +02:00
Meatballs	4595b2c287	decodeHexValue	2013-06-24 23:45:39 +01:00
Meatballs	09e1dc814d	Fix concat	2013-06-24 23:20:34 +01:00
Meatballs	ed40a76c9d	Fix dummy table	2013-06-24 23:18:47 +01:00
Meatballs	9212b05eeb	Add call to execute statements	2013-06-24 15:01:44 +01:00
Meatballs	62000c6406	Remaining files	2013-06-24 14:42:58 +01:00
Meatballs	7b6cc3d183	Add hsql settings	2013-06-24 14:38:44 +01:00
Meatballs	20a5d9a16e	Include HSQL dummy table	2013-06-24 14:37:42 +01:00
Miroslav Stampar	0355e29b7c	Minor fix (NoneType has no attribute split)	2013-06-24 14:49:53 +02:00
Miroslav Stampar	95ed6b7203	Minor patch (Issue #470 )	2013-06-24 14:37:45 +02:00
Miroslav Stampar	fca6772df6	Implementation for an Issue #468	2013-06-22 00:13:46 +02:00
Bernardo Damele	a72096a345	slightly more appropriate definition of output variable	2013-06-19 20:25:01 +01:00
Bernardo Damele	cae108d9fc	careful at merging pull requests with TABs (#466 )	2013-06-19 19:49:53 +01:00
stamparm	a53823f9b7	Minor refactoring	2013-06-19 10:59:26 +02:00
stamparm	690645f6c7	Cosmetic fix	2013-06-19 10:50:00 +02:00
stamparm	a7787e83b8	Minor fix for case-insensitive union duplicates	2013-06-18 12:52:36 +02:00
Miroslav Stampar	aff7092736	Merge pull request #466 from Meatballs1/xp_cmdshell_output Unable to retrieve XP_Cmdshell Output	2013-06-18 00:47:08 -07:00
stamparm	9a6f5a95f5	Minor patch for SQLAlchemy/MSSQL	2013-06-18 09:36:09 +02:00
Meatballs	c5087399c1	Fix exception if init technique not available	2013-06-16 10:47:27 +01:00
Meatballs	2c98507f1e	Add better error msg	2013-06-16 10:27:08 +01:00
Meatballs	caa326774c	Fallback to blind	2013-06-16 10:22:20 +01:00
Miroslav Stampar	63d0e9bb12	Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881)	2013-06-13 21:50:35 +02:00
Miroslav Stampar	f185e5cdd5	Fix for an Issue #463	2013-06-10 22:26:34 +02:00
Miroslav Stampar	cdb434805a	Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases	2013-06-10 22:14:45 +02:00
Miroslav Stampar	6f49b96a2d	Fix for an Issue #462	2013-06-10 12:20:58 +02:00
Miroslav Stampar	3583f45ee7	Fix for an Issue #461	2013-06-10 11:44:56 +02:00
Miroslav Stampar	39612b5d87	Fix for an Issue #457	2013-06-04 23:46:39 +02:00
Miroslav Stampar	c1592e8508	Code refactoring (moving import ctypes to be used only when needed)	2013-06-04 22:23:44 +02:00
Miroslav Stampar	3e0f747fad	Minor fix	2013-06-04 00:05:25 +02:00
Miroslav Stampar	213d0ecfb9	Minor fix	2013-06-03 23:32:57 +02:00
Miroslav Stampar	edc9da1226	Minor refactoring	2013-06-03 15:14:56 +02:00
Miroslav Stampar	351c70b390	Locale module screws string.letters, etc. in some cases (e.g. IDLE run)	2013-06-01 14:06:58 +02:00
Miroslav Stampar	b7989f93c5	Trivial update regarding last commit	2013-05-30 12:04:56 +02:00
Miroslav Stampar	ed8f16e754	Minor update on user's request	2013-05-30 12:01:13 +02:00
Miroslav Stampar	12870e6ff3	Minor fix	2013-05-30 11:42:27 +02:00
Miroslav Stampar	793a8ad349	Minor fix	2013-05-30 11:38:24 +02:00
stamparm	f4ca4cd6c5	Minor update	2013-05-29 15:49:09 +02:00
stamparm	c3038fcb65	Minor cosmetic update	2013-05-29 15:46:59 +02:00
stamparm	8fbf4b11d2	Trivial update regarding last commit	2013-05-29 15:45:13 +02:00
stamparm	dfd6ee20bb	Patch for an Issue #454	2013-05-29 15:26:11 +02:00
stamparm	60df3e9d1e	Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access)	2013-05-29 15:04:14 +02:00
stamparm	e28b056028	Dummy fix	2013-05-29 14:26:00 +02:00
stamparm	6b280d8da4	Putting 2 decimal places for debug messages with performed queries (e.g. to handle a problem with 0 seconds roundup)	2013-05-28 14:40:45 +02:00
stamparm	bc4e1dab19	Getting rid of those ugly warning messages	2013-05-28 11:24:56 +02:00
stamparm	659c0bb418	Minor fix	2013-05-27 10:38:47 +02:00
Miroslav Stampar	f3f752d85c	Patch for an Issue #452	2013-05-25 18:52:59 +02:00
Miroslav Stampar	a85a0e53de	Fix for an Issue 'ValueError: Invalid IPv6 URL'	2013-05-25 18:00:21 +02:00
Miroslav Stampar	e18796dbe1	Minor style update	2013-05-25 18:00:20 +02:00
Miroslav Stampar	e7ddc2fcab	Minor fix	2013-05-23 12:57:33 +04:00
Miroslav Stampar	eb8e12b7c2	Minor adjustment (for headers like 'name:http://asdas ')	2013-05-23 11:29:43 +04:00
stamparm	1b3f1a4016	More appropriate naming (also, preventing ambiguities with --smart)	2013-05-22 23:21:43 +04:00
stamparm	4b2cf07262	Minor style update	2013-05-20 16:15:35 +02:00
Miroslav Stampar	1a4ea186ca	Consistency fix	2013-05-19 23:00:40 +02:00
Miroslav Stampar	d3ad408a21	Minor cosmetics	2013-05-19 22:17:53 +02:00
Miroslav Stampar	4f49dad2ba	Minor cosmetics	2013-05-19 01:19:54 +02:00
Miroslav Stampar	6cfcc1af63	Minor cosmetic	2013-05-19 01:17:22 +02:00
Miroslav Stampar	ea5c742595	Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled)	2013-05-18 21:30:21 +02:00
Miroslav Stampar	980a0e3adb	Trivial update	2013-05-18 21:00:53 +02:00
Miroslav Stampar	1ff98c2ff9	Another minor text update	2013-05-18 21:00:11 +02:00
Miroslav Stampar	967513e1bb	Minor message update	2013-05-18 20:59:23 +02:00
Miroslav Stampar	caa4ee96cd	Minor cosmetic update	2013-05-18 18:28:44 +02:00
Miroslav Stampar	6608410320	Adding a question after WAF has been identified	2013-05-18 18:26:40 +02:00
Miroslav Stampar	b2b3b3b5a6	Minor bug fix (level names not properly used in non-logger output)	2013-05-18 16:44:21 +02:00
Miroslav Stampar	f24c8c6b6b	Changing logging type to warning for parsed error messages	2013-05-18 16:17:56 +02:00
Miroslav Stampar	dcea745576	Minor update (not displaying safe enclosings in table dumps)	2013-05-18 16:13:34 +02:00
Miroslav Stampar	e528ea8208	Minor language fix	2013-05-18 16:02:34 +02:00
stamparm	03732d2592	Minor fix	2013-05-17 16:04:05 +02:00
stamparm	b26ecfe087	Patch for an Issue #449	2013-05-17 15:14:51 +02:00
stamparm	76b4e1ccb9	Implementation for an Issue #450	2013-05-17 15:04:25 +02:00
stamparm	7ba9e75c97	Minor update related to the last commit	2013-05-16 15:23:20 +02:00
stamparm	7ea8dd9428	MySQL is specific (types are automatically being converted without any warning/error)	2013-05-16 15:12:36 +02:00
stamparm	f1f34a65a2	Minor update	2013-05-15 13:38:26 +02:00
stamparm	41f0e91662	Minor update (related to last commit)	2013-05-13 14:50:03 +02:00
stamparm	cb9ea67c8d	Code refactoring (moving progress.py to lib/utils)	2013-05-13 14:48:39 +02:00
stamparm	936815128d	Minor fix	2013-05-13 13:42:43 +02:00
Miroslav Stampar	034e123b0c	Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent)	2013-05-12 16:24:13 +02:00
Miroslav Stampar	6676eaf88f	Minor fix	2013-05-12 14:02:50 +02:00
Miroslav Stampar	f8cef1fc6f	Minor fix for a test case 211	2013-05-09 21:20:17 +02:00
stamparm	8b64709c17	Completing implementation for an Issue #189 (union)	2013-05-09 16:36:03 +02:00
stamparm	3873805dab	Partial implementation for an Issue #189 (error-based; still partial union left)	2013-05-09 16:23:57 +02:00
stamparm	9fe5a8832f	Update for an Issue #189 (code refactoring of ProgressBar so it could be ready for usage in non-inference cases out of box)	2013-05-09 15:52:18 +02:00
stamparm	fc57b7565d	Implementation for an Issue #432	2013-05-09 14:26:29 +02:00
stamparm	03be419d5d	Fix for an Issue #447	2013-05-07 13:25:30 +02:00
stamparm	2bfdac5ebc	Minor update for crawler	2013-04-30 18:32:46 +02:00
stamparm	887109a12d	Minor bug fix (for not displaying heuristic detected page charset None)	2013-04-30 18:16:32 +02:00
stamparm	ebe8ee3500	Fix for crawler and redirection case	2013-04-30 18:08:26 +02:00
stamparm	09e7f4f697	Minor bug fix regarding traffic logging of redirected requests	2013-04-30 17:46:26 +02:00
stamparm	3c110b3620	Minor bug fix	2013-04-30 16:40:16 +02:00
stamparm	bdb9219e9b	Minor revert	2013-04-30 14:41:38 +02:00
stamparm	d2a5548889	Some more reordering	2013-04-30 14:32:11 +02:00
stamparm	16866119b8	Another minor update	2013-04-30 14:11:56 +02:00
stamparm	08fbfda5d2	Minor update	2013-04-30 14:06:04 +02:00
stamparm	69e3a2cb9e	Minor update	2013-04-30 14:06:04 +02:00
stamparm	03c4eb8338	Minor update	2013-04-30 14:06:04 +02:00
stamparm	214d9aaf4b	Language fix	2013-04-30 14:06:04 +02:00
stamparm	3266c6c1f1	Language fix	2013-04-30 14:06:04 +02:00
Bernardo Damele	9f1e644f23	language fixes	2013-04-30 11:44:47 +01:00
stamparm	46557198a5	Minor update of doc root names	2013-04-29 11:29:59 +02:00
stamparm	1035ee9c3d	Patch for an Issue #442	2013-04-26 14:49:24 +02:00
Miroslav Stampar	beab72a180	Minor language update	2013-04-25 19:55:45 +02:00
stamparm	63d7707346	Adding support for appending to the existing table dump if --start/--stop is used	2013-04-24 16:08:40 +02:00
stamparm	e3a02f56e6	Just in case for --force-ssl (if url is returned in e.g. refresh toward the target)	2013-04-24 12:35:39 +02:00
stamparm	42a73d8e0b	Minor language update	2013-04-24 12:10:06 +02:00
stamparm	8d382f00e8	Minor style update	2013-04-22 11:38:47 +02:00
Miroslav Stampar	a475116853	Minor check	2013-04-21 21:42:23 +02:00
stamparm	0d92145fc6	Minor bug fix	2013-04-19 15:40:25 +02:00
stamparm	0cb3ce5765	Bug fix (maybe it will have repercusions in future as this was a silent bug)	2013-04-19 10:10:06 +02:00
stamparm	b7d4afcc63	Moving '--pivot-column' to a General section (Issue #437 )	2013-04-18 17:12:32 +02:00
stamparm	9d045e14e8	Implementation for an Issue #437	2013-04-18 17:06:45 +02:00
stamparm	2defc30dc6	From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML)	2013-04-17 11:12:15 +02:00
stamparm	feed2274c3	Patch for an Issue #435	2013-04-17 10:48:17 +02:00
stamparm	c73489aff3	Adding a couple of new option validation checks	2013-04-16 14:31:10 +02:00
stamparm	7204ec5616	Adding a basic validation check (-d with --url)	2013-04-16 14:23:27 +02:00
stamparm	6fed1921ed	Bug fix (there are cases when provided kwargs containing explicit None values while we want to use the alternative in those kind of cases; there was an intention in original code, while the implementation was buggy)	2013-04-16 14:17:41 +02:00
Miroslav Stampar	840ee26a14	If SQLAlchemy is available and it has problems while connecting then it should be smarter to not force the other (standard) method - if available	2013-04-15 18:42:26 +02:00
stamparm	de99717b00	Disable sqlalchemy warnings if applicable	2013-04-15 16:29:08 +02:00
stamparm	1c2197e8de	Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends)	2013-04-15 16:18:40 +02:00
stamparm	6ab2e8eca4	Trivial style update	2013-04-15 16:09:04 +02:00
stamparm	a3d36fcb73	Minor update	2013-04-15 16:07:27 +02:00
stamparm	140cffbde2	Patch for an Issue #434	2013-04-15 15:57:28 +02:00
stamparm	9ccbdb3fdf	Added a check for an Issue #361	2013-04-15 15:36:10 +02:00
stamparm	1c47b33020	Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple)	2013-04-15 15:23:45 +02:00
stamparm	f936746423	Code restyling	2013-04-15 14:31:27 +02:00
stamparm	aed738d6e6	Update for an Issue #361	2013-04-15 14:20:21 +02:00
stamparm	a9a0d1a3f9	Minor update	2013-04-15 11:56:19 +02:00
stamparm	10fbeaed7b	Code refactoring	2013-04-15 11:49:11 +02:00
stamparm	349f885f08	Minor patch	2013-04-15 11:41:53 +02:00
stamparm	8853e43616	Applying patch from Brandon Perry via ML	2013-04-15 11:01:07 +02:00
stamparm	3e65037a05	Introducing lib/utils/sqlalchemy.py (Issue #361 )	2013-04-15 10:33:25 +02:00
Miroslav Stampar	b6fee638ef	Neutralizing time of cookie expiration (in case of --load-cookies)	2013-04-14 01:13:08 +02:00
Miroslav Stampar	ed5599f489	In case that cookie file is given and cookie header inside request file clashes with one of contained cookies, give cookie file greater priority	2013-04-12 19:20:33 +02:00
stamparm	7edd7ee2aa	Trivial code change	2013-04-12 16:25:24 +02:00
Miroslav Stampar	73917fc9c8	Minor update (same, but safer)	2013-04-11 21:25:44 +02:00
Miroslav Stampar	0b449bb1d9	Fix for an Issue #433	2013-04-10 19:33:31 +02:00
stamparm	f67148a9a4	Update for an Issue #431	2013-04-10 16:43:57 +02:00
stamparm	661b44135d	Minor bug fix	2013-04-10 11:59:07 +02:00
stamparm	8c9da95343	Style and consistency update (url -> URL)	2013-04-09 11:48:42 +02:00
stamparm	3948b527dd	Update for an Issue #429	2013-04-09 11:36:33 +02:00
stamparm	91054099aa	Minor style update	2013-04-09 10:42:58 +02:00
stamparm	cce541cc33	Patch for an Issue #429	2013-04-09 10:39:20 +02:00
stamparm	33e9b3c451	Minor style update	2013-04-09 10:39:20 +02:00
Miroslav Stampar	7614c815ed	Minor update/patch	2013-04-07 21:32:03 +02:00
Miroslav Stampar	240e9f3f7e	Minor patch	2013-04-07 11:02:43 +02:00
Miroslav Stampar	50ac3aab7a	Minor patch	2013-04-06 01:56:24 +02:00
stamparm	a75d3ed0b8	Minor style update	2013-04-06 01:56:23 +02:00
Miroslav Stampar	df4fd82515	Minor update	2013-04-03 23:27:27 +02:00
Miroslav Stampar	c75a2d0c40	Minor patch	2013-04-03 21:31:37 +02:00
Miroslav Stampar	153aa10b77	Minor cosmetic update	2013-04-03 19:00:54 +02:00
Miroslav Stampar	f387333415	Minor cosmetics	2013-04-02 17:34:56 +02:00
Miroslav Stampar	4b5335a323	Moving --force-ssl from [Request] to [General] options	2013-04-02 17:18:21 +02:00
Miroslav Stampar	76a0d20799	Minor patch	2013-04-01 22:18:41 +02:00
Miroslav Stampar	b67f342975	Minor patch	2013-04-01 17:32:16 +02:00
stamparm	a371f182ac	Minor patch (previous combination is not working well with oriental characters - 0 length normalized unicode string is being returned)	2013-03-28 15:37:14 +01:00
stamparm	e1ffdde532	Little cleaning a mess with url encoding and post hint types	2013-03-27 13:39:27 +01:00
Miroslav Stampar	c19a283434	Minor patch	2013-03-26 20:06:50 +01:00
stamparm	7accba4cf9	Minor update	2013-03-26 16:10:41 +01:00
stamparm	0882fe0ce3	Minor update related to the last two	2013-03-26 16:04:56 +01:00
stamparm	eb1bfc20cb	Update related to the last commit	2013-03-26 15:36:44 +01:00
stamparm	2fe6aea0eb	Minor fix	2013-03-26 15:07:14 +01:00
stamparm	825aa4b8dd	Minor language update	2013-03-26 14:27:51 +01:00
stamparm	5dd2529b02	Minor language update	2013-03-26 14:18:37 +01:00
stamparm	4d2b77dde3	Minor language update	2013-03-26 14:15:40 +01:00
stamparm	473a39b820	Minor language fix	2013-03-26 14:11:17 +01:00
stamparm	3f8dafedae	Minor text update	2013-03-26 14:08:35 +01:00
stamparm	ad039c335d	Implementation for an Issue #423	2013-03-21 11:28:44 +01:00
stamparm	3740a97cc9	Adding a --version switch like all command line programs have	2013-03-20 11:44:09 +01:00
stamparm	7447773237	Update for consistency (all other enums are using _ in between words)	2013-03-20 11:10:24 +01:00
stamparm	ae6ce7db30	Removal of unused imports	2013-03-20 10:44:15 +01:00
Miroslav Stampar	8acf033715	Code refactoring	2013-03-19 19:24:14 +01:00
Miroslav Stampar	a3d9a7b1ff	Minor fix	2013-03-19 19:06:51 +01:00
stamparm	d1ae62b22b	Patch for an Issue #422	2013-03-19 12:27:49 +01:00
stamparm	6969874c02	Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values)	2013-03-19 10:52:37 +01:00
stamparm	10e6c70c22	Trivial style update (undoing last dummy commit)	2013-03-19 10:43:29 +01:00
stamparm	70265fd3b5	Trivial style update	2013-03-19 10:43:03 +01:00
stamparm	5adac57ca9	Trivial style update	2013-03-19 10:42:50 +01:00
stamparm	558ef0aaff	Minor fix	2013-03-19 10:42:20 +01:00
stamparm	e226006766	Trivial fix	2013-03-18 13:29:55 +01:00
stamparm	5e02bcbd58	Minor adjustment	2013-03-18 12:16:16 +01:00
stamparm	7111cdabe3	Minor cosmetics	2013-03-18 11:41:15 +01:00
Miroslav Stampar	5df1f5528e	More general update for an Issue #421	2013-03-15 22:49:09 +01:00
Miroslav Stampar	f0a419bdec	Patch for an Issue #421	2013-03-15 22:08:15 +01:00
Miroslav Stampar	596cf95040	Minor fix	2013-03-15 17:22:33 +01:00
Miroslav Stampar	ff4e62ff90	Minor cosmetics	2013-03-15 17:00:01 +01:00
Miroslav Stampar	4010df307e	Trivial cosmetics	2013-03-15 16:37:52 +01:00
Miroslav Stampar	4cb378ce3e	Another update for an Issue #352 and couple of fixes	2013-03-13 21:57:09 +01:00
Miroslav Stampar	b35122a42c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-03-13 19:52:17 +01:00
Miroslav Stampar	eb08c8d752	Another update for an Issue #352	2013-03-13 19:42:22 +01:00
Bernardo Damele	dea62189b2	fixes #420	2013-03-12 22:16:42 +00:00
Miroslav Stampar	2f43c3eb9b	Minor fix (digest live test case) and some refactoring	2013-03-12 21:16:44 +01:00
Miroslav Stampar	65306f1ac1	Update for an Issue #352	2013-03-12 20:10:32 +01:00
Miroslav Stampar	db0a1e58b9	Update for an Issue #352	2013-03-11 14:58:05 +01:00
Miroslav Stampar	d6fc10092f	Minor refactoring	2013-03-11 13:31:50 +01:00
Miroslav Stampar	84a5bdb9cf	Trivial cosmetics	2013-03-09 19:41:24 +01:00
Miroslav Stampar	79d6a0e9c9	Using binary data in dummy mode	2013-03-09 19:40:24 +01:00
Miroslav Stampar	1e731f87a4	Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request)	2013-03-09 19:33:04 +01:00
Miroslav Stampar	8e6692d793	Minor fix (for JSON values with :)	2013-03-05 20:12:24 +01:00
Miroslav Stampar	e9b86350f1	Patch for an Issue #403	2013-03-05 18:32:31 +01:00
Miroslav Stampar	62980d7d5a	Automatically decoding url encoded data in response	2013-03-05 17:32:10 +01:00
Miroslav Stampar	9e49d8c68f	Adding support for SHA2 hash functions	2013-03-05 11:04:46 +01:00
Miroslav Stampar	2ada9e9b84	Patch for an Issue Issue #416	2013-03-04 18:05:40 +01:00
Miroslav Stampar	084cfc797a	Fix for an Issue #415	2013-03-02 09:55:12 +01:00
Martin Bjerregaard Jepsen	d7a77c79ad	Fixed incorrect call to checkBooleanExpression when testing for false positives	2013-03-01 22:51:34 +01:00
stamparm	3a3f9c5ea1	Trivial commit related to the last one	2013-03-01 12:09:03 +01:00
stamparm	55f33da85a	Fix for invalid logical test cases	2013-03-01 12:04:49 +01:00
stamparm	440b484bf6	Minor update (one more just in case dummy request in false positive check for time-based injections - when DBMS could be unresponsive a bit due to previous heavy-queries)	2013-03-01 10:59:04 +01:00
Miroslav Stampar	e42350ddce	Minor style update	2013-02-28 20:28:34 +01:00
Miroslav Stampar	0e89cc62a2	Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections	2013-02-28 20:20:08 +01:00
stamparm	9ef79df23d	Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched)	2013-02-28 13:51:08 +01:00
stamparm	be50192d8d	Refactoring WAF scripts	2013-02-26 15:54:50 +01:00
stamparm	e5835dc74f	Update for WAF scripts	2013-02-26 15:30:11 +01:00
stamparm	17fa0f568c	Minor patch for an Issue #404	2013-02-26 12:55:09 +01:00
stamparm	ecbcd4afe6	Minor update	2013-02-26 12:55:09 +01:00
stamparm	af4762ace2	Minor style update	2013-02-26 11:16:09 +01:00
stamparm	f6b43b4b13	Minor update for an Issue #290	2013-02-26 11:08:06 +01:00
stamparm	e5e39bc682	Fix for an Issue #410	2013-02-25 11:07:30 +01:00
stamparm	6fbd902265	Minor refactoring (Issue #411 )	2013-02-25 10:44:04 +01:00
stamparm	7127869ede	Minor bug fix (live test specific verbosity should be valid only inside of it)	2013-02-22 17:26:48 +01:00
stamparm	68ce51bfd4	Changing from warn to info for no WAF found	2013-02-22 12:15:38 +01:00
stamparm	ad471368f5	Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with `b472d9809a`	2013-02-22 11:42:09 +01:00
stamparm	0bbbfc2eac	Adding a small warning message (related to the Issue #407 )	2013-02-22 11:12:41 +01:00
stamparm	42cbd94fa4	Better update regarding `6acb2480b8`	2013-02-22 10:49:45 +01:00
stamparm	44a46d2b10	Fix for an Issue #409	2013-02-22 10:18:22 +01:00
Miroslav Stampar	6acb2480b8	Adding WAF script for SecureIIS	2013-02-21 21:34:26 +01:00
Miroslav Stampar	229e4e167b	Minor cosmetics	2013-02-21 21:06:31 +01:00
stamparm	3a8c0cd3a2	Minor style update	2013-02-21 14:52:56 +01:00
stamparm	29ba43ee6c	Unhidding switch '--identify-waf' (Issue #290 )	2013-02-21 14:48:19 +01:00
stamparm	08f0670aca	Minor refactoring for an Issue #290	2013-02-21 14:39:22 +01:00
stamparm	8e49872d7c	Finalizing implementation for an Issue #290	2013-02-21 14:33:12 +01:00
stamparm	6b2981ef4e	Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)	2013-02-21 11:14:57 +01:00
stamparm	69063947b6	Debug message should go with logging.DEBUG	2013-02-19 09:46:51 +01:00
Bernardo Damele	d7247a51ee	do not prompt constantly if the page is not found	2013-02-18 18:08:20 +00:00
Miroslav Stampar	7f293afe74	Proper escaping for SQL identificators in Oracle (also, revert for `9b5f33560b`)	2013-02-18 15:18:53 +01:00
Miroslav Stampar	5c099efccc	Fix for an Issue #401	2013-02-18 11:38:18 +01:00
Miroslav Stampar	9b5f33560b	Oracle is too specific (only column names can be enclosed) - removing it	2013-02-15 17:36:58 +01:00
Miroslav Stampar	bf82506c1b	Oracle can't enclose table names with double quotations	2013-02-15 17:36:58 +01:00
Miroslav Stampar	1b3d749488	Proper fix related to the last commit/revert	2013-02-15 17:36:58 +01:00
Miroslav Stampar	5a793cbc7c	Minor revert	2013-02-15 17:36:58 +01:00
Miroslav Stampar	799bd51c2e	Minor fix when two readInput/dataToStdout are called one at a time	2013-02-15 17:36:58 +01:00
Miroslav Stampar	97c06854a4	Minor fixes	2013-02-15 17:36:58 +01:00
Bernardo Damele	0e7f771be6	minor adjustment	2013-02-15 16:28:09 +00:00
Bernardo Damele	35aa785870	bug fix to make --predict-output work also with time-based technique	2013-02-15 16:25:33 +00:00
Miroslav Stampar	014e4e0055	Minor represenation fix	2013-02-15 14:48:24 +01:00
Bernardo Damele	63ddeb9008	unnecessary variable	2013-02-15 13:26:28 +00:00
Miroslav Stampar	345d10a9e0	Consistency fix (everywhere else we show unsafe format of identificator names)	2013-02-15 14:05:14 +01:00
Bernardo Damele	b472d9809a	another consistency fix to readInput()	2013-02-15 09:35:09 +00:00
Bernardo Damele	32c8c67888	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-15 09:29:41 +00:00
Bernardo Damele	20c5f9a030	consistency fix	2013-02-15 09:29:36 +00:00
Miroslav Stampar	11bcf28d86	Fix for an Issue #399	2013-02-15 10:04:13 +01:00
Bernardo Damele	87db5d0dab	minor bug fix to avoid duplicates - #297	2013-02-15 00:53:05 +00:00
Bernardo Damele	c3f1e196e1	added missing parameter	2013-02-15 00:43:46 +00:00
Bernardo Damele	4727589135	code consistency	2013-02-15 00:17:13 +00:00
Miroslav Stampar	515be4ee0b	Minor just in case commit related to the last one	2013-02-14 19:58:10 +01:00
Miroslav Stampar	fef60b73f4	Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases	2013-02-14 19:53:26 +01:00
Bernardo Damele	0c79d7b1e2	unnecessary import	2013-02-14 18:33:47 +00:00
Bernardo Damele	614ff6029d	working on #396 - handle the case when we dont have a web backdoor/file stager for the language API, added a few more log messages to give further information about what is going on, minor bug fix to docRoot	2013-02-14 18:31:14 +00:00
Bernardo Damele	3b38b20176	working on #396 - adaptation for the verification phase	2013-02-14 18:29:55 +00:00
Bernardo Damele	261db6ed4f	working on #396 - verify shellcodeexec executable has been properly uploaded	2013-02-14 18:29:35 +00:00
Bernardo Damele	4d5ecc3b03	working on #396 - verify icmpsh executable has been properly uploaded	2013-02-14 18:28:48 +00:00
Bernardo Damele	66cee83ca4	if needed, allow to reinitialize the environment for takeover - issue #396	2013-02-14 17:39:19 +00:00
Bernardo Damele	d91530f885	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-14 17:16:55 +00:00
Bernardo Damele	52264f544e	minor fix for Windows file paths, do not strip the windows drive letter	2013-02-14 17:16:49 +00:00
Miroslav Stampar	fdf00e4842	Fix for an Issue #397	2013-02-14 17:14:36 +01:00
Miroslav Stampar	368a2fd297	Fix for an Issue #393	2013-02-14 16:18:16 +01:00
Miroslav Stampar	f97f575018	Trivial restyling	2013-02-14 15:41:27 +01:00
Miroslav Stampar	605c5b089e	Minor style update	2013-02-14 15:38:44 +01:00
Miroslav Stampar	06d8547916	Implementation for an Issue #394	2013-02-14 15:38:44 +01:00
Miroslav Stampar	7944684ff2	This was supposed to be a separate commit (going to commit it in next one)	2013-02-14 15:38:44 +01:00
Miroslav Stampar	6c0054bc5f	Putting that ugly parameter xyz is not inside the Cookie into the debug messages	2013-02-14 15:38:44 +01:00
Bernardo Damele	d42d28392a	avoid tracebacks because the parameter does not exist	2013-02-14 13:18:33 +00:00
Bernardo Damele	646df37884	minor bug fix for --reg-read	2013-02-14 13:17:30 +00:00
Miroslav Stampar	c72353321d	Minor update for an Issue #392	2013-02-14 13:36:33 +01:00
Bernardo Damele	4b9d8ed673	reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter	2013-02-14 11:32:17 +00:00
Bernardo Damele	2267dd8f47	working on #392 to fix --os-cmd and --os-shell output parsing	2013-02-14 11:31:20 +00:00
Bernardo Damele	cb6d549e57	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-14 11:25:12 +00:00
Bernardo Damele	a67ef4117f	make sure to use Python 2 interpreter when default system Python is version 3	2013-02-14 11:25:04 +00:00
Miroslav Stampar	efe1bf0ded	Minor fix (for those multiline cases like in MsSQL)	2013-02-14 12:20:40 +01:00
Miroslav Stampar	6629233de5	Minor update	2013-02-14 10:18:40 +01:00
Miroslav Stampar	a0b44da5d8	Minor fix for --threads>1 --binary-fields	2013-02-13 20:47:27 +01:00
Miroslav Stampar	0a4605644e	Minor fix for previous commit	2013-02-13 16:31:03 +01:00
Miroslav Stampar	2b121c938b	Minor fix	2013-02-13 16:24:21 +01:00
Miroslav Stampar	9b231f87d6	Minor bug fix (regarding Issue #379 ) - in case that two processes enter the same proc_count decrementing line sqlmap would halt	2013-02-13 15:31:50 +01:00
Miroslav Stampar	8138d1318e	Minor fix	2013-02-13 15:10:49 +01:00
Miroslav Stampar	c6d29e093e	Fixing issue with newlines after the data in -r mode	2013-02-13 12:36:01 +01:00
Miroslav Stampar	965fa04a33	Trivial update	2013-02-13 12:28:51 +01:00
Miroslav Stampar	d78a3e977b	Update (allowing regular char * to be inside SOAP/JSON/XML)	2013-02-13 12:24:42 +01:00
Miroslav Stampar	6314d64a70	Renaming --binary to --binary-fields	2013-02-13 11:27:03 +01:00
Miroslav Stampar	dd6f50a00e	Removing unused imports	2013-02-13 11:15:24 +01:00
Miroslav Stampar	7c802ed8cc	Minor fix	2013-02-13 11:14:45 +01:00
Miroslav Stampar	dc41484b3f	Refactoring of funcionality for finding out if stacking is available	2013-02-13 09:57:16 +01:00
Miroslav Stampar	8b4f72322a	Adding (for now hidden) option --binary (works like -C but deliberately retrieves data in hex format and displays in hex format)	2013-02-13 09:56:44 +01:00
Miroslav Stampar	1d42aba01e	Minor update regarding `093a93938c` (for goStacked to work properly with stacked conditional payloads - e.g. proper suffix/prefix)	2013-02-12 17:35:14 +01:00
Miroslav Stampar	c34f6e25b2	Minor fix for --eval (urldecoded values should be used inside evaluation)	2013-02-12 17:01:47 +01:00
Miroslav Stampar	6a98d375b1	More general except	2013-02-12 14:39:21 +01:00
Miroslav Stampar	212e92ea01	Minor update regarding --load-cookies (warning about expired ones)	2013-02-12 14:29:56 +01:00
Miroslav Stampar	c67b39d14d	Update for a last update	2013-02-12 12:58:15 +01:00
Miroslav Stampar	72984a578d	Update for --load-cookies	2013-02-12 12:42:12 +01:00
Miroslav Stampar	c2672e78fc	Support for multiple injection marks inside the same header value (Issue #48 )	2013-02-12 12:06:13 +01:00
Miroslav Stampar	c75560ba69	Minor bug fix (getting ? in < 0xf char cases)	2013-02-11 21:16:35 +01:00
Miroslav Stampar	7c06a937e5	Minor refactoring	2013-02-09 20:21:17 +01:00
Bernardo Damele	f970b4f240	minor adjustment fixing the regression test stall	2013-02-09 12:19:21 +00:00
Bernardo Damele	e48181e28d	another attempt to fix the stall during regression test	2013-02-09 12:16:56 +00:00
Bernardo Damele	138a846cf1	possible fix for regression test stall	2013-02-09 10:50:06 +00:00
Bernardo Damele	1596b9ed59	revert	2013-02-08 16:43:49 +00:00
Bernardo Damele	98864e425f	minor "fix"	2013-02-08 16:30:34 +00:00
Bernardo Damele	8b510c55fb	minor code cleanup	2013-02-08 16:29:16 +00:00
Miroslav Stampar	5aaf7f1aa6	BUG fix	2013-02-08 16:44:30 +01:00
Miroslav Stampar	c0e59d94a9	Better naming	2013-02-08 16:28:58 +01:00
Miroslav Stampar	cdfe43560b	Update for an Issue #207 (and a potential patch for regression tests)	2013-02-08 16:20:48 +01:00
Miroslav Stampar	ee1017a5a7	Minor fix	2013-02-08 13:46:39 +01:00
Bernardo Damele	d015bf98fc	renamed variable to avoid confusion	2013-02-07 14:19:07 +00:00
Bernardo Damele	07fe6d44fb	unnecessary condition here	2013-02-07 14:18:52 +00:00
Bernardo Damele	b477c56b52	first steps to allow multiple scans on the same taskid - issue #297	2013-02-07 00:05:26 +00:00
Bernardo Damele	dd6c73ea24	fixed --passwords output for API - #297	2013-02-06 21:45:51 +00:00
Bernardo Damele	21afba9571	got the partial output finally properly replaced by complete output in IPC database - #297	2013-02-06 21:32:26 +00:00
Bernardo Damele	5c8335876f	minor bug fix to make --disable-coloring work on log messages too	2013-02-06 21:04:54 +00:00
Bernardo Damele	2fa2f30d21	slighlty better, still not optimal	2013-02-06 17:45:52 +00:00
Bernardo Damele	477c66ac4b	minor refactoring and trivial bug fix	2013-02-06 17:45:25 +00:00
Bernardo Damele	e439c3d3f5	minor refactoring - #297	2013-02-06 17:09:43 +00:00
Bernardo Damele	b272b0574d	minor fix to reset partRun value - #297	2013-02-06 17:09:28 +00:00
Miroslav Stampar	060eac110a	Cleaner version checking	2013-02-06 10:28:17 +01:00
Miroslav Stampar	b1f31103f9	Removing that ugly disk I/O error in live testing mode	2013-02-05 17:04:42 +01:00
Miroslav Stampar	934808f53b	Fix for an Issue #379	2013-02-05 16:13:45 +01:00
Bernardo Damele	e03010f48b	got rid of unnecessary output for API - #297	2013-02-05 15:00:06 +00:00
Bernardo Damele	4428ad5345	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-05 14:43:14 +00:00
Bernardo Damele	f7d826fee1	first case where partial output is retrievable via RESTful API - issue #297	2013-02-05 14:43:03 +00:00
Miroslav Stampar	01219219fc	Minor bug fix (for --first/--last through problematic DBMSes)	2013-02-05 15:03:55 +01:00
Miroslav Stampar	31daefc7c9	Minor fix (skipping one uneccesary request in single-threaded --first/--last mode)	2013-02-05 13:51:35 +01:00
Miroslav Stampar	62772125e3	Bug fix for HTTPSCertAuthHandler	2013-02-05 12:16:06 +01:00
Miroslav Stampar	e836629215	Bug fixes for search (safeStringFormat should not replace all if given scalar values)	2013-02-05 11:37:49 +01:00
Miroslav Stampar	1618086027	Minor fix	2013-02-05 10:58:02 +01:00
Miroslav Stampar	9296bdd959	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-05 10:27:43 +01:00
Miroslav Stampar	4faa5f0f49	Fix for stalling in retrieving international letters (--technique=B)	2013-02-05 10:27:31 +01:00
Bernardo Damele	9d04ae5db5	minor improvement to temporary folder name	2013-02-05 09:11:38 +00:00
Miroslav Stampar	44579120b5	Cosmetics	2013-02-05 10:02:11 +01:00
Miroslav Stampar	74e82b2b53	Removing redundant check	2013-02-04 20:42:28 +01:00
Miroslav Stampar	cf8e5d535d	Minor cleanup	2013-02-04 20:15:44 +01:00
Miroslav Stampar	c5ae967fe0	Potential fix for an Issue #379	2013-02-04 17:43:58 +01:00
Miroslav Stampar	6cab3d4759	Minor update	2013-02-04 16:46:08 +01:00
Miroslav Stampar	4f2981f163	Minor fix	2013-02-04 16:37:54 +01:00
Miroslav Stampar	f4b8a3c1d8	Bug fix for boolean (multithreaded Ctrl+C) resumed values	2013-02-04 15:49:29 +01:00
Miroslav Stampar	5e4e863986	Bug fix (introduced with `f1ab887c55`)	2013-02-04 15:31:28 +01:00
Miroslav Stampar	235153ab39	Removal of unused imports	2013-02-04 15:29:13 +01:00
Miroslav Stampar	7e1ff1bb8e	Same refactoring as the last commit	2013-02-04 15:26:44 +01:00
Bernardo Damele	9370f96a67	step by step getting there to partial output presentation to restful API (issue #297 ), not quite yet though..	2013-02-03 22:09:33 +00:00
Bernardo Damele	b55555e4e5	minor bug fix	2013-02-03 21:39:26 +00:00
Bernardo Damele	dc2bbbeaa7	minor revert	2013-02-03 20:55:58 +00:00
Bernardo Damele	df3cc38cd9	minor improvements	2013-02-03 15:39:07 +00:00
Bernardo Damele	bd1ea13b8d	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-02-03 11:31:12 +00:00
Bernardo Damele	f8bc74758c	improvement to restful API to store to IPC database partial entries, not yet functional (issue #297 )	2013-02-03 11:31:05 +00:00
Miroslav Stampar	e7b93b5b66	Implementation for an Issue #363	2013-02-01 17:24:04 +01:00
Miroslav Stampar	993372aae4	Bug fix (causing search problems)	2013-02-01 11:24:17 +01:00
Miroslav Stampar	6d942f92b5	Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))	2013-02-01 10:03:06 +01:00
Miroslav Stampar	8d51b4b63a	Minor bug fix	2013-01-31 16:24:44 +01:00
Miroslav Stampar	d6606a8f31	Patch to prevent problems like Issue #381	2013-01-31 13:58:39 +01:00
Miroslav Stampar	cfcf8a3abb	Another update for an Issue #380 (--common-... switches)	2013-01-31 13:49:19 +01:00
Miroslav Stampar	f5844eabae	Valuable data is potentially lost if page not parsed in dump mode (e.g. --technique=B and error occuring) <- partial revert of previous optimization commit `10bdd90e60`	2013-01-31 13:32:14 +01:00
Miroslav Stampar	2420a4b626	Update for an Issue #342 and #372	2013-01-31 10:01:52 +01:00
Miroslav Stampar	9b4eaa9272	Minor fix	2013-01-30 18:21:15 +01:00
Miroslav Stampar	fdea8ddea6	Starting to clean up a mess in Oracle's world of DISTINCT (part of Issue #342 and #372 )	2013-01-30 16:55:09 +01:00
Bernardo Damele	103045d284	variable renamed	2013-01-30 15:30:34 +00:00
Miroslav Stampar	f33bf06c88	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-30 11:38:20 +01:00
Bernardo Damele	6dfe91165d	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-30 10:34:51 +00:00
Bernardo Damele	8519717f25	minor fixes to --live-test	2013-01-30 10:32:56 +00:00
Miroslav Stampar	f391937083	Minor refactoring	2013-01-30 10:43:46 +01:00
Miroslav Stampar	d6fb0e8545	Update for an Issue #352	2013-01-30 10:38:11 +01:00
Miroslav Stampar	bd08ede117	Minor fine tuning	2013-01-29 21:06:02 +01:00
Miroslav Stampar	f41460f8d8	Better naming	2013-01-29 20:53:11 +01:00
Miroslav Stampar	95b922309c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-29 20:50:40 +01:00
Bernardo Damele	e8bd3c9c9f	cosmetics	2013-01-29 17:00:28 +00:00
Bernardo Damele	8f36f92dd3	minor fix	2013-01-29 16:23:30 +00:00
Bernardo Damele	edd6699ed1	code refactoring and added /status method for scan (issue #297 )	2013-01-29 16:11:25 +00:00
Bernardo Damele	c47b44e93f	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-29 15:38:16 +00:00
Bernardo Damele	1152cf8958	increased SQLite connection timeout to 3 seconds, the object will now wait for the lock to go away max 3 seconds, no longer 1 only. Relevant code refactoring and minor improvements all over the API library (issue #297 )	2013-01-29 15:38:09 +00:00
Bernardo Damele	9677e0f910	more data content types for API (issue #297 )	2013-01-29 15:36:19 +00:00
Bernardo Damele	92ae8145df	ignore any non-relevant string: avoid storing to the API, careful this can introduce bugs but it is necessary at this stage of development (issue #297 )	2013-01-29 15:35:51 +00:00
Bernardo Damele	a56f4ec15c	techniques has to go too to the API (issue #297 )	2013-01-29 15:34:53 +00:00
Bernardo Damele	bfce7210e6	improvements to the dump library to output to the API data fetched properly formatted (issue #297 )	2013-01-29 15:34:20 +00:00
Bernardo Damele	eeecb3fe2c	split init() into two separate functions for API purposes (issue #297 )	2013-01-29 15:33:16 +00:00
Miroslav Stampar	a59ac8e27f	Trivial cosmetics	2013-01-29 16:30:38 +01:00
Miroslav Stampar	f4b7b3fd35	Minor cosmetics	2013-01-29 16:04:20 +01:00
Miroslav Stampar	9eca41bae2	Minor fix	2013-01-29 15:55:50 +01:00
Miroslav Stampar	a104de01d7	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-29 15:35:01 +01:00
Miroslav Stampar	7e73825ece	Minor cosmetics	2013-01-29 15:34:41 +01:00
Bernardo Damele	085495024f	minor adjustment	2013-01-29 01:44:57 +00:00
Bernardo Damele	f1ab887c55	major enhancement, code refactoring for issue #297	2013-01-29 01:39:27 +00:00
Bernardo Damele	d07881b6c3	apply a little bit of secure coding practices to the API	2013-01-27 12:26:40 +00:00
Bernardo Damele	cd4075f6a3	no raise, just pass at ctrl-c	2013-01-26 15:33:09 +00:00
Bernardo Damele	a0b9e0f1c5	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-25 17:11:38 +00:00
Bernardo Damele	195d17449e	first test of stdout/stderr redirect to a database when sqlmap is executed from restful API (#297 )	2013-01-25 17:11:31 +00:00
Miroslav Stampar	c06f94e2c8	Fix for an Issue #378	2013-01-25 16:38:41 +01:00
Miroslav Stampar	8c84a16cb7	Minor style update for an Issue #377	2013-01-25 12:52:31 +01:00
Miroslav Stampar	479f791112	Minor fix	2013-01-25 12:41:51 +01:00
Miroslav Stampar	194a9e7b88	Implementation for an Issue #377	2013-01-25 12:34:57 +01:00
Bernardo Damele	5b3c8d8991	first implementation of asynchronous inter-protocol communication between the sqlmap RESTful API and the sqlmap engine with SQLite	2013-01-24 12:57:24 +00:00
Chris Frohoff	218a6a9695	fixed response header logging for header names with special chars	2013-01-23 11:10:25 -08:00
Bernardo Damele	f848f259a6	upper() -D value for certain DBMSes	2013-01-23 16:22:28 +00:00
Bernardo Damele	012815333c	minor bug fix to ignore provided -D when brute-forcing columns/tables names and the DBMS is either Access, Firebird or SQLite	2013-01-23 15:52:03 +00:00
Miroslav Stampar	232f8d3585	Fix for an Issue #368	2013-01-23 13:36:17 +01:00
Bernardo Damele	f4028bd7d2	minor adjustment	2013-01-23 02:10:38 +00:00
Bernardo Damele	d8a0e7eacb	fixes #187	2013-01-23 01:27:01 +00:00
Bernardo Damele	5635776173	proper SQLite 2 library	2013-01-22 18:56:25 +00:00
Bernardo Damele	dea15b5892	notify user if --udf-inject is provided but no stacked queries SQLi is detected	2013-01-22 18:28:48 +00:00
Miroslav Stampar	d6a361f859	Proper implementation for --technique=Q --dbms=Firebird	2013-01-22 16:31:26 +01:00
Miroslav Stampar	719c7f622b	Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions)	2013-01-22 15:51:06 +01:00
Miroslav Stampar	2ec828f1cb	Fix for an Issue #367	2013-01-22 14:27:17 +01:00
Miroslav Stampar	09c02c6c72	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-22 14:08:31 +01:00
Miroslav Stampar	15b0ab1b44	Fix for a 'no parameter found' problem when user says N on 'custom injection mark found in POST...'	2013-01-22 14:08:19 +01:00
Bernardo Damele	061aef57ba	missing import	2013-01-22 11:25:01 +00:00
Miroslav Stampar	59b02539ca	More general approach regarding that last commit	2013-01-22 11:34:34 +01:00
Miroslav Stampar	01f1488f07	Minor patch (annoying trailing spaces for some DBMSes --technique=B --sql-query)	2013-01-22 11:29:51 +01:00
Bernardo Damele	e558040810	minor fix to previous commit	2013-01-21 17:10:56 +00:00
Bernardo Damele	d43b04c582	better detection if vulnerable of not for regression test	2013-01-21 17:09:35 +00:00
Miroslav Stampar	b35a0810ef	Fix for an Issue #364	2013-01-21 17:01:52 +01:00
Miroslav Stampar	1e3f68c7ff	Rewriting some query crafting parts (especially those .find(' FROM '))	2013-01-21 16:15:38 +01:00
Miroslav Stampar	832d95984c	IFNULL-like mechanism now works on SQLite 2 too	2013-01-21 15:04:27 +01:00
Miroslav Stampar	75bf8528d1	Minor just in case update	2013-01-21 14:50:43 +01:00
Miroslav Stampar	c55a002f95	Language fix	2013-01-21 13:19:08 +01:00
Miroslav Stampar	80255433b0	Trivial style update	2013-01-21 13:18:34 +01:00
Miroslav Stampar	0e86175342	Adding new common function for further refactoring	2013-01-21 11:50:47 +01:00
Miroslav Stampar	3200134b3b	Fix for a regression test #30 test case fail (Firebird inline)	2013-01-21 10:12:54 +01:00
Miroslav Stampar	069c6acabd	Another update for an Issue #362	2013-01-20 22:47:26 +01:00
Miroslav Stampar	b4a55a809e	Refactoring DBMS string escaping functions	2013-01-20 13:45:58 +01:00
Bernardo Damele	3373e30808	minor fix for a bug introduced with commit `1ad9e26a21`	2013-01-20 02:40:40 +00:00
Bernardo Damele	115be9d7b5	minor fixes	2013-01-20 01:26:46 +00:00
Miroslav Stampar	0a4f5d2e51	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-19 19:08:18 +01:00
Miroslav Stampar	e9641e30db	This last commit was in haste :)	2013-01-19 19:07:38 +01:00
Miroslav Stampar	6a87dd9225	Minor update (just for consistency with the rest of code)	2013-01-19 19:07:06 +01:00
Miroslav Stampar	979e108c87	Minor update (just for consistency with the rest of code)	2013-01-19 19:06:51 +01:00
Bernardo Damele	f89b25fdb6	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-19 18:04:38 +00:00
Bernardo Damele	adf97e630f	add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL	2013-01-19 18:04:33 +00:00
Miroslav Stampar	9ce2395405	Minor refactoring	2013-01-19 18:40:44 +01:00
Miroslav Stampar	3f4c010370	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-19 18:28:52 +01:00
Miroslav Stampar	efe26ac3f8	In case that content-length header was not in a desired case ('Content-length') POST request file would fail badly (repeating original content-length header value)	2013-01-19 18:28:37 +01:00
Bernardo Damele	6a62292a3f	layout adjustment	2013-01-19 17:11:16 +00:00
Miroslav Stampar	bb6b89fe93	Patch for an Issue #360	2013-01-19 18:06:36 +01:00
Bernardo Damele	dcf2dcd03d	all we need to debug failed test cases while regression test run..	2013-01-19 17:04:57 +00:00
Bernardo Damele	f22fd396ef	write the test case name before it is run so if the test case crashes badly, we can trace back what test case it was at a later stage	2013-01-19 16:41:19 +00:00
Bernardo Damele	1923ef691e	just in case, add also the test case name inside the temp folder for debug purposes	2013-01-19 16:06:46 +00:00
Bernardo Damele	c95119559e	minor bug fix	2013-01-19 00:41:51 +00:00
Bernardo Damele	0e78fbef56	correctly format SQLi payload for inline query technique	2013-01-19 00:28:03 +00:00
Bernardo Damele	6be7eee8d6	more fixes	2013-01-18 23:35:16 +00:00
Bernardo Damele	56eaa073ce	fixed test cases for Firebird - #312	2013-01-18 23:32:39 +00:00
Bernardo Damele	1f4c6a8371	avoid blank line if password hashes have not been fetched	2013-01-18 22:10:36 +00:00
Bernardo Damele	1ad9e26a21	bug fix for ORDER BY users provided statements (issue #354 )	2013-01-18 21:40:50 +00:00
Miroslav Stampar	ac7709204a	Better fix for that page/headers/comparison --string candidate problem	2013-01-18 17:00:11 +01:00
Miroslav Stampar	8141d17985	Revert of previous commit (more care has to be done regarding headers dynamicity)	2013-01-18 16:49:35 +01:00
Miroslav Stampar	33094a118c	Fix for an Issue where '--string' is being automatically picked not looking properly in headers too	2013-01-18 16:35:09 +01:00
Miroslav Stampar	601eb1e49a	Unescaping is renamed to escaping	2013-01-18 15:40:37 +01:00
Bernardo Damele	a43202f3c0	updated copyright	2013-01-18 14:07:51 +00:00
Bernardo Damele	1bb061f68c	improvements to --live-test	2013-01-18 13:02:35 +00:00
Bernardo Damele	738ccb643d	minor output adjustment	2013-01-18 11:41:09 +00:00
Miroslav Stampar	33ea811c6c	Removing some unused stuff (mainly imports)	2013-01-18 11:50:02 +01:00
Miroslav Stampar	aa467cb54c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-18 11:31:25 +01:00
Miroslav Stampar	17d36684b5	Removing obsolete proxy handling code (Python < 2.6)	2013-01-18 11:30:52 +01:00
Miroslav Stampar	4d5bae7131	Removing some obsolete functions	2013-01-18 11:18:56 +01:00
Miroslav Stampar	bcc907ce09	Minor update	2013-01-18 11:00:21 +01:00
Miroslav Stampar	d1008b45b5	Minor removal of unused function	2013-01-18 10:46:06 +01:00
Miroslav Stampar	caae773b2d	Minor removal of redundant code	2013-01-18 10:44:57 +01:00
Bernardo Damele	d66f7e22b1	more fixes to test cases	2013-01-18 09:32:05 +00:00
Miroslav Stampar	e941e60b20	Minor just in place update for an Issue #348	2013-01-17 22:44:55 +01:00
Bernardo Damele	1d6e642d41	fixed url	2013-01-17 21:29:00 +00:00
Bernardo Damele	38eb4eb33e	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-17 21:03:11 +00:00
Bernardo Damele	b6e44ae64e	fix for #349 (compatible with all others DBMSes too)	2013-01-17 21:03:03 +00:00
Miroslav Stampar	a8e3fd58c5	Implementation for an Issue #348	2013-01-17 21:49:58 +01:00
Miroslav Stampar	8480ceddcb	Minor style update	2013-01-17 19:55:56 +01:00
Miroslav Stampar	507f185b69	Revert of patch for an Issue #347	2013-01-17 18:38:37 +01:00
Miroslav Stampar	9dd69042de	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-17 15:31:55 +01:00
Miroslav Stampar	f7eda07d92	Patch for an Issue #347	2013-01-17 15:30:14 +01:00
Bernardo Damele	5e059ab6db	added check for DB2 lib	2013-01-17 14:20:34 +00:00
Miroslav Stampar	a38b3e397c	Patch for an Issue #286	2013-01-17 14:17:39 +01:00
Miroslav Stampar	65273295e3	Implementing a check for an Issue #25	2013-01-17 13:56:04 +01:00
Miroslav Stampar	9428d1819e	Fix for an Issue #346	2013-01-17 12:03:02 +01:00
Miroslav Stampar	3ab4a5e36d	Fix for an Issue #345	2013-01-17 11:50:12 +01:00
Miroslav Stampar	51a77d1fe2	Minor update for an Issue #8	2013-01-17 11:37:45 +01:00
Miroslav Stampar	14b7e655a9	Minor refactoring	2013-01-16 16:33:04 +01:00
Miroslav Stampar	053b7d12b4	Minor language update	2013-01-16 16:07:12 +01:00
Miroslav Stampar	fb7243c237	Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs	2013-01-16 16:04:00 +01:00
Miroslav Stampar	c0a6e1c3a7	Finishing first usable prototype for an Issue #8	2013-01-16 14:54:37 +01:00
Miroslav Stampar	ff5ec48abd	Minor update for an Issue #8	2013-01-16 14:16:22 +01:00
Bernardo Damele	3464a70ac2	bug fix: without this generic concatenation of strings in concatQuery(), detection of UNION query SQLi only (--technique U) when the page did not disclose any DBMS error message and it was not MySQL (for which there are UNION SQLi specific payloads) was not detected	2013-01-16 01:53:33 +00:00
Bernardo Damele	542f6de72e	typo fix	2013-01-16 01:31:03 +00:00
Bernardo Damele	e16ad38d3e	more work on #342	2013-01-15 18:15:07 +00:00
Bernardo Damele	329047fc12	restored fix for #210 to keep --hex work with --technique B	2013-01-15 17:51:40 +00:00
Bernardo Damele	2a751e075d	more work on #342	2013-01-15 17:14:44 +00:00
Bernardo Damele	ec076f5f8a	write console output to temporary folder in any case the test case fails, even if no traceback is raised	2013-01-15 15:51:03 +00:00
Bernardo Damele	4eaa0d17aa	Fix in forging query to calculate query output length - closes issue #342	2013-01-15 15:50:20 +00:00
Miroslav Stampar	7a1d484115	Implementation for an Issue #340	2013-01-15 16:05:33 +01:00
Bernardo Damele	3f84cefc77	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-15 14:59:22 +00:00
Bernardo Damele	c51358953a	add more Oracle system dbs	2013-01-15 14:51:29 +00:00
Miroslav Stampar	04aa39f0c6	Minor update	2013-01-15 13:51:19 +01:00
Miroslav Stampar	5ee653dd89	Merging commit 57bcbb458eade2850a6d7623ecddbe49c69cf334 from @morisson	2013-01-15 10:14:02 +01:00
Miroslav Stampar	2cac7e860e	Minor refactoring	2013-01-14 16:27:50 +01:00
Miroslav Stampar	31302eb707	Minor update	2013-01-14 16:26:07 +01:00
Miroslav Stampar	2a86c1cadc	Another cosmetics	2013-01-14 16:24:55 +01:00
Miroslav Stampar	1e1f560d0c	Minor cosmetics	2013-01-14 16:24:28 +01:00
Miroslav Stampar	0c2474cc22	Minor update	2013-01-14 16:21:40 +01:00
Miroslav Stampar	a5a309212a	Fix for an Issue #339	2013-01-14 16:18:03 +01:00
Bernardo Damele	3e2c3851f3	Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312 )	2013-01-14 13:42:50 +00:00
Bernardo Damele	515c1c6205	removed leftover	2013-01-14 10:26:22 +00:00
Bernardo Damele	83000de9e1	improved handling and storing of exceptions with --live-test (#312 )	2013-01-14 10:23:40 +00:00
Bernardo Damele	8125fe90a7	code refactoring	2013-01-14 10:22:38 +00:00
Bernardo Damele	036b612bcb	bug fix to be able to write unicode chars to debug file	2013-01-14 01:11:42 +00:00
Miroslav Stampar	fc560f2b75	Minor revert and proper fix	2013-01-14 00:47:29 +01:00
Bernardo Damele	b74cfbf336	minor enhancements for debug purposes (issue #312 )	2013-01-13 23:15:56 +00:00
Bernardo Damele	fdd6075859	temporary patch to fix UNION query enumeration	2013-01-13 23:08:23 +00:00
Miroslav Stampar	92ea8841f8	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-13 16:23:09 +01:00
Miroslav Stampar	03dd958d96	Implementation for an Issue #48	2013-01-13 16:22:43 +01:00
Miroslav Stampar	81848c723d	Minor cleanup (we officially support Python >= 2.6)	2013-01-11 16:01:48 +01:00
Bernardo Damele	675e4a026b	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-11 13:31:49 +00:00
Bernardo Damele	41834e7a5b	working on #8 - still not usable though	2013-01-11 13:31:44 +00:00
Miroslav Stampar	bc4d8d3e02	Implementation for an Issue #332	2013-01-11 11:17:41 +01:00
Miroslav Stampar	5571d09354	Minor revert	2013-01-11 11:13:55 +01:00
Miroslav Stampar	4b79269608	Minor bug fix	2013-01-11 11:10:18 +01:00
Miroslav Stampar	ec4e49d771	Minor refactoring	2013-01-10 16:09:28 +01:00
Miroslav Stampar	1363f26367	Minor refactoring	2013-01-10 15:59:02 +01:00
Miroslav Stampar	834be1eddc	Restyling redundant 'except Exception' form	2013-01-10 15:54:28 +01:00
Miroslav Stampar	acfeeb4f51	Restyling old form of urlparse	2013-01-10 15:41:07 +01:00
Miroslav Stampar	8686c20fa5	Removing one obsolete instantiation line	2013-01-10 15:27:35 +01:00
Miroslav Stampar	934d41dac2	Minor style update (PEP8)	2013-01-10 15:02:28 +01:00
Miroslav Stampar	ca3d35a878	Some PEP8 related style cleaning	2013-01-10 13:18:44 +01:00
Miroslav Stampar	6cfa9cb0b3	Removing unused imports	2013-01-10 12:15:12 +01:00
Miroslav Stampar	05705857a9	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-10 12:09:48 +01:00
Miroslav Stampar	ca1c0c2a1d	Minor style update	2013-01-10 11:54:07 +01:00
Bernardo Damele	ca337159f5	added reminder TODO	2013-01-10 01:11:22 +00:00
Bernardo Damele	8093f3950d	properly distinguish stdout from stderr with a separate pipe (tracebacks go to stderr) - issue #297	2013-01-10 00:52:44 +00:00
Bernardo Damele	10f1099944	remove logging handler that shows logging messages to stdout - issue #297	2013-01-10 00:51:56 +00:00
Bernardo Damele	ccc3c3d1a3	minor fix to distinguish stdout from stderr	2013-01-10 00:51:05 +00:00
Bernardo Damele	ef40779ad3	upgraded to use custom subprocessng for non-blocking send and read functions for spawned processes. Added new method to display range of log messages, just in case and improved parsing/unpickling of read log messages	2013-01-10 00:01:28 +00:00
Bernardo Damele	2126a5ba12	minor index fix	2013-01-10 00:00:00 +00:00
Bernardo Damele	9766f6025e	logging is now handled in a separate file descriptor :) - issue #297	2013-01-09 22:09:50 +00:00
Bernardo Damele	794700eb37	preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297	2013-01-09 22:08:50 +00:00
Bernardo Damele	d120dc18d1	cleanup	2013-01-09 22:06:27 +00:00
Bernardo Damele	58a60562ac	avoid exiting with a traceback for missing dependency, handle properly at some point	2013-01-09 16:05:55 +00:00
Bernardo Damele	7f4ce4afbb	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-09 16:04:29 +00:00
Bernardo Damele	510ceb6e19	first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28	2013-01-09 16:04:23 +00:00
Miroslav Stampar	bf5544903b	Minor style update	2013-01-09 16:10:26 +01:00
Miroslav Stampar	9bdcb1176d	Update for an Issue #169	2013-01-09 15:58:13 +01:00
Miroslav Stampar	25f01a419f	Minor style update (for the sake of consistency over the code and our PEP8 adaptation)	2013-01-09 15:38:41 +01:00
Miroslav Stampar	bdd2592848	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-09 15:22:30 +01:00
Miroslav Stampar	3d4f381ab5	Patch for an Issue #169	2013-01-09 15:22:21 +01:00
Bernardo Damele	c44a829b9b	pass a pickled options object to sqlmap engine when called from API	2013-01-09 12:34:45 +00:00
Bernardo Damele	8457cff278	added variable to store the live test traceback if any	2013-01-09 12:33:18 +00:00
Bernardo Damele	f11747732e	added missing command line options	2013-01-09 12:30:13 +00:00
Miroslav Stampar	55a552ddc4	Update for an Issue #24	2013-01-08 10:55:25 +01:00
Miroslav Stampar	ad85c4c964	Minor refactoring for an Issue #295	2013-01-08 10:23:02 +01:00
Bernardo Damele	c155c6df84	minor bug fix for user's provided LIMIT'd statement when technique is full UNION SQLi	2013-01-07 23:31:11 +00:00
Miroslav Stampar	3abe87ac89	Minor fix with status update (Issue #305 )	2013-01-07 18:53:08 +01:00
Miroslav Stampar	a8f02916a9	Minor fix (Issue #305 )	2013-01-07 18:39:35 +01:00
Miroslav Stampar	e219fad8bf	Added a short comment	2013-01-07 18:19:48 +01:00
Bernardo Damele	1e35b3c8c9	proper link	2013-01-07 16:59:59 +00:00
Miroslav Stampar	96e5d5d178	Some more updates for an Issue #295	2013-01-07 16:55:41 +01:00
Miroslav Stampar	74552bea87	Cleaning some garbage (hard coded paths with linux native slashes)	2013-01-07 16:51:00 +01:00
Miroslav Stampar	425df067eb	Fix for an --os-pwn with ICMPsh (it was crashing because methods interleaved with Metasploit ones)	2013-01-07 16:44:22 +01:00
Miroslav Stampar	ac407ae4a1	Implementation for an Issue #295	2013-01-07 15:55:40 +01:00
Miroslav Stampar	76839ff9d6	Fix for an Issue #305	2013-01-07 12:52:55 +01:00
Bernardo Damele	1e1892c962	prep for subprocess..	2013-01-07 11:10:33 +00:00
Bernardo Damele	7fa75792dd	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2013-01-07 11:10:08 +00:00
Bernardo Damele	a30d7014b9	removed unused var	2013-01-07 11:05:33 +00:00
Miroslav Stampar	87e923613f	Minor adjustment (URI (marked with custom injection char) has precedence over GET/POST)	2013-01-05 21:16:47 +01:00
Miroslav Stampar	dc21f3ce67	Minor just in case filtering of union results	2013-01-04 17:09:07 +01:00
Miroslav Stampar	5b77b20e2e	Removing trailing whitespaces (PEP8)	2013-01-03 23:57:07 +01:00
Miroslav Stampar	82b468211d	Minor update	2013-01-03 23:38:29 +01:00
Miroslav Stampar	f340ce8b4b	Minor style update	2013-01-03 23:35:29 +01:00
Miroslav Stampar	1712603dce	Replacing deprecated has_key() with operator in (PEP8)	2013-01-03 23:28:07 +01:00
Miroslav Stampar	e4a3c015e5	Replacing old and deprecated raise Exception style (PEP8)	2013-01-03 23:20:55 +01:00
Bernardo Damele	3a11d36c66	minor bug fix	2013-01-02 21:49:15 +00:00
Miroslav Stampar	cb15fcc8af	Fix for an Issue #329	2013-01-02 22:17:06 +01:00
Miroslav Stampar	304e52cb4d	Minor language update	2013-01-02 22:11:59 +01:00
Miroslav Stampar	09f1cdd8e1	Minor style update	2013-01-02 21:52:50 +01:00
Miroslav Stampar	0795760255	Minor fix	2012-12-30 11:22:23 +01:00
Miroslav Stampar	75edb84a71	Minor update	2012-12-30 11:10:32 +01:00
Miroslav Stampar	58ad2f1c5d	Revert of last commit and proper fix	2012-12-29 10:35:05 +01:00
Miroslav Stampar	0e18fa9c5f	Minor fix	2012-12-28 23:43:47 +01:00
Miroslav Stampar	648d91d790	Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)	2012-12-27 22:43:39 +01:00
Miroslav Stampar	3d01890147	Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode)	2012-12-27 21:15:44 +01:00
Miroslav Stampar	cb91729913	Fix for an Issue #324 (crawling when HTML is not well-formed)	2012-12-27 20:55:37 +01:00
Miroslav Stampar	127b880577	Minor update	2012-12-27 15:14:40 +01:00
Miroslav Stampar	6ae4590edc	Removing problematic per-MySQL LIMIT prefix	2012-12-26 19:48:01 +01:00
Miroslav Stampar	a77b7f00d9	Fix for an Issue #323	2012-12-23 19:34:35 +01:00
Bernardo Damele	832567ecf6	import order	2012-12-21 23:34:37 +00:00
Miroslav Stampar	77625e5af7	Minor revert	2012-12-21 19:31:05 +01:00
Miroslav Stampar	00e55828e4	Minor style update	2012-12-21 15:06:03 +01:00
Miroslav Stampar	8b3e17ed4d	Minor update (better approach for those old NOT IN cases in MsSQL - instead of standard pivot dump table)	2012-12-21 14:52:47 +01:00
Miroslav Stampar	6c1ec9b54f	Fix for an Issue #318	2012-12-21 11:10:05 +01:00
Miroslav Stampar	35728fa443	Fix (and some hidden bug fixes/improvements) regarding an Issue #317	2012-12-21 10:51:35 +01:00
Miroslav Stampar	352e516400	Bottle is a 3rd party tool (not going to extra folder)	2012-12-21 10:18:30 +01:00
Miroslav Stampar	b94a5d42d4	Removing a leftover	2012-12-21 09:49:09 +01:00
Miroslav Stampar	0a122ccce4	Related to an Issue #319	2012-12-21 09:47:58 +01:00
Miroslav Stampar	0d5d84edc7	Minor cleanup	2012-12-20 21:03:41 +01:00
Miroslav Stampar	712cf4e4db	Fix for an Issue #316	2012-12-20 20:55:59 +01:00
Miroslav Stampar	1073ebc697	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-20 20:51:41 +01:00
Bernardo Damele	89d8c58fd1	poor attempt at forking a child process for sqlmap engine execution, output is not handled yet	2012-12-20 17:56:53 +00:00
Bernardo Damele	912323c12d	minor bug fix (#297 )	2012-12-20 17:05:44 +00:00
Bernardo Damele	7adaffa71b	fixed options initiation	2012-12-20 16:53:43 +00:00
Miroslav Stampar	1c4d438aff	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-20 16:37:03 +01:00
Bernardo Damele	b0635bddcc	adjustments	2012-12-20 15:29:23 +00:00
Miroslav Stampar	8efe056671	Minor refactoring	2012-12-20 15:51:03 +01:00
Bernardo Damele	e9ab33e9dd	standalone REST API, code cleanup (#297 )	2012-12-20 14:35:02 +00:00
Bernardo Damele	5632279bf7	removed deprecated feature (#287 )	2012-12-20 13:21:07 +00:00
Miroslav Stampar	63d9b7a1f8	No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset)	2012-12-20 12:23:37 +01:00
Miroslav Stampar	c2c4601d6e	Minor restyling	2012-12-20 11:06:52 +01:00
Bernardo Damele	076b4063e6	these edits got overwritten from last commits	2012-12-20 09:42:44 +00:00
Miroslav Stampar	3cbe60b586	Proper fix	2012-12-20 10:37:20 +01:00
Miroslav Stampar	0d1ea7f05a	Merge branch 'master' of github.com:sqlmapproject/sqlmap Conflicts: lib/core/testing.py	2012-12-20 10:37:11 +01:00
Miroslav Stampar	da93e77eb2	Proper fix	2012-12-20 10:34:51 +01:00
Bernardo Damele	ac77724970	attempt to handle standard input from --live-test	2012-12-20 09:30:48 +00:00
Bernardo Damele	2b6ee06de0	minor bug fix to correctly parse unicode chars	2012-12-20 09:30:13 +00:00
Miroslav Stampar	69310e47ce	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-20 09:54:39 +01:00
Miroslav Stampar	06d8213ffd	minor fix (reading of unicode xml files)	2012-12-20 09:53:08 +01:00
Bernardo Damele	86872956d5	minor bug fix (for PostgreSQL)	2012-12-19 22:55:31 +00:00
Bernardo Damele	77843f44fb	minor bug fix (issue #314 )	2012-12-19 22:49:02 +00:00
Bernardo Damele	357da43cea	slight improvement of live test engine and added misc test cases to xml	2012-12-19 17:28:41 +00:00
Bernardo Damele	85fcd27e2d	added support for random global variables	2012-12-19 15:58:06 +00:00
Bernardo Damele	12d34587cc	minor restyling	2012-12-19 14:34:34 +00:00
Bernardo Damele	326ff404fc	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 14:25:35 +00:00
Bernardo Damele	12eed58485	pointless restyling	2012-12-19 14:25:29 +00:00
Miroslav Stampar	37346fe8a3	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 15:23:57 +01:00
Miroslav Stampar	7ee98c7bff	Just for one girl out there waiting for this patch ;)	2012-12-19 15:23:38 +01:00
Bernardo Damele	3be90c97aa	forgot these	2012-12-19 14:12:45 +00:00
Bernardo Damele	cefb03c835	fixed bug related to issue #223	2012-12-19 14:12:09 +00:00
Bernardo Damele	27a12ae85b	restyling	2012-12-19 13:47:17 +00:00
Bernardo Damele	4b3b4eb374	commented out partial work	2012-12-19 13:47:04 +00:00
Bernardo Damele	3655d1f12a	revert change of name for now	2012-12-19 13:45:52 +00:00
Bernardo Damele	874e2176c6	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 13:43:00 +00:00
Bernardo Damele	4f0f729982	be more specific in standard output message as to whether or not the read file is same as remote file	2012-12-19 13:42:56 +00:00
Miroslav Stampar	23153e8088	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 14:29:08 +01:00
Miroslav Stampar	244901eda0	During --flush-session log file should be cleaned too (especially because of --live-tests)	2012-12-19 14:28:54 +01:00
Bernardo Damele	282aeb734f	ORDER BY does not play well with UNION query SQLi (related to issue #313 )	2012-12-19 13:21:16 +00:00
Bernardo Damele	259b345f1f	catch ImportError exception if libmagic is not installed	2012-12-19 13:10:54 +00:00
Bernardo Damele	128597ee7e	--run-case is now case insensitive	2012-12-19 12:45:46 +00:00
Bernardo Damele	b91c829103	minor bug fix (issue #310 )	2012-12-19 12:42:31 +00:00
Bernardo Damele	2bc2c0431c	fixed test cases	2012-12-19 12:33:37 +00:00
Bernardo Damele	9149d77cc8	removed duplicate code - fixes issue #310	2012-12-19 12:17:56 +00:00
Bernardo Damele	d80744d3d5	preparation for issue #310	2012-12-19 11:40:00 +00:00
Bernardo Damele	f5450e9f0e	layout adjustment	2012-12-19 11:39:38 +00:00
Bernardo Damele	dee56b17c3	handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308	2012-12-19 10:50:15 +00:00
Miroslav Stampar	155c1eddae	Debug message with declared page charset	2012-12-19 11:16:42 +01:00
Miroslav Stampar	d29dddf5b2	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 10:51:25 +01:00
Miroslav Stampar	92e338251a	Finally working inference against MySQL/international letters (even chinese)	2012-12-19 10:44:02 +01:00
Bernardo Damele	65ed2304fd	comment update	2012-12-19 09:38:03 +00:00
Bernardo Damele	0037d52098	typo fix	2012-12-19 01:11:18 +00:00
Miroslav Stampar	c9b8b51c9c	Update lib/core/common.py Revert of last commit and try 2	2012-12-19 01:48:53 +01:00
Bernardo Damele	8e95470415	minor refactoring	2012-12-19 00:46:23 +00:00
Bernardo Damele	318fcee49c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-19 00:30:26 +00:00
Bernardo Damele	3c7007097a	minor refactoring	2012-12-19 00:30:22 +00:00
Miroslav Stampar	50b846b5af	Update lib/core/common.py Fixing wrong assumption in case of MySQL inference international character retrieval	2012-12-19 01:26:12 +01:00
Miroslav Stampar	9e2f0131b9	Update lib/core/agent.py	2012-12-18 20:25:00 +01:00
Bernardo Damele	326ed33f31	added support for comma separated list of files for --file-read - fixes issue #223	2012-12-18 17:55:21 +00:00
Bernardo Damele	58656bbeb5	minor bug fix, union query has to be limited 0, 0	2012-12-18 16:36:30 +00:00
Bernardo Damele	61a838bb35	added more test cases	2012-12-18 15:59:48 +00:00
Miroslav Stampar	88d8494b5a	Implementation for an Issue #307	2012-12-18 16:03:35 +01:00
Miroslav Stampar	7f47623876	Minor patch	2012-12-18 11:10:06 +01:00
Miroslav Stampar	2b64c10710	Patch for an Issue #304	2012-12-18 09:36:26 +01:00
Miroslav Stampar	4ea0c9e922	Another implementation for an Issue #302	2012-12-17 15:08:54 +01:00
Bernardo Damele	3c1b696bd6	removed more print statements	2012-12-17 13:35:32 +00:00
Bernardo Damele	1fdd804e94	replaced instances of dataToStdout with logger	2012-12-17 13:30:21 +00:00
Bernardo Damele	9f47eb0a59	cleaner	2012-12-17 13:29:37 +00:00
Bernardo Damele	0500712a03	removed unuseful prints	2012-12-17 13:29:19 +00:00
Bernardo Damele	ac44cf3ec0	minor fix: add also back-end DBMS and web app fingerprint output to log file	2012-12-17 13:02:09 +00:00
Bernardo Damele	bbd2adb5fb	improvements to --live-test and added --stop-fail switch	2012-12-17 11:41:43 +00:00
Bernardo Damele	064d443d60	replaced unnecessary dataToStdout() call with appropriate logger.info() call	2012-12-17 11:30:08 +00:00
Bernardo Damele	2926c815bf	improved test switch --live-test and minor refactoring	2012-12-17 11:29:33 +00:00
Bernardo Damele	f40c52cc17	comment adjustment	2012-12-17 11:28:03 +00:00
Bernardo Damele	2442a58884	minor leftover of deprecated XMLRPC service	2012-12-17 11:26:31 +00:00
Miroslav Stampar	60baf5071e	Patch for an Issue #302	2012-12-17 00:40:01 +01:00
Bernardo Damele	d4a061d0c3	code cleanup - #297	2012-12-15 00:29:35 +00:00
Bernardo Damele	0c3da5c7eb	code refactoring and first time logger is handled by a separate file descriptor (issue #297 )	2012-12-15 00:12:22 +00:00
Bernardo Damele	2f6a31605c	code refactoring (#279 )	2012-12-14 22:00:42 +00:00
Bernardo Damele	8dee8355c2	on our way to make it thread safe.. it is a long way actually (issue #297 )	2012-12-14 18:13:21 +00:00
Bernardo Damele	21ecffb750	added more comments, improved cleanup method	2012-12-14 17:21:19 +00:00
Bernardo Damele	1421e6a9d4	implemented cleanup and status admin methods	2012-12-14 16:18:45 +00:00
Bernardo Damele	4fa2f400ec	minor fix	2012-12-14 15:55:30 +00:00
Bernardo Damele	4c4cb856ff	minor bug fix to the /scan/<taskid>output method, forced each taskid to have its own temporary folder for output - issue #297	2012-12-14 15:52:35 +00:00
Bernardo Damele	27906f388f	added first methods to interact with sqlmap core, it is now possible to launch a scan from the API, hurray! (issue #297 )	2012-12-14 14:51:01 +00:00
Bernardo Damele	f52d81c834	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-14 13:40:36 +00:00
Bernardo Damele	0b71c85d95	refactoring, code cleanup, more security-related headers and first /scan method implementation (issue #297 )	2012-12-14 13:40:25 +00:00
Bernardo Damele	a2a71bb37b	cleanup from XML-RPC related stuff	2012-12-14 13:37:36 +00:00
Miroslav Stampar	a3acf72e52	Fix for argparse issue	2012-12-14 14:35:11 +01:00
Miroslav Stampar	235631808f	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-12-14 14:25:02 +01:00
Bernardo Damele	3d9779ffd4	further improvements to RESTful API: enforce security headers across all HTTP responses properly and make consistent responses across methods (#297 )	2012-12-14 12:15:04 +00:00
Bernardo Damele	7b43837238	cleaner solution for imports as standalone client/server (issue #297 )	2012-12-14 12:04:44 +00:00
Bernardo Damele	90d5696b25	enhanced RESTful API to support JSON requests and improved standalone client/server skeleton (issue #297 )	2012-12-14 12:01:13 +00:00
Bernardo Damele	156a291e2d	typo fix	2012-12-14 11:55:54 +00:00
Miroslav Stampar	c41618416c	Removing trailing blanks	2012-12-14 12:00:45 +01:00
Bernardo Damele	2e97405ffa	bundle bottle library in sqlmap (it is MIT license) - issue #297	2012-12-14 03:00:30 +00:00
Bernardo Damele	0ec420cc70	leftovers	2012-12-14 02:54:16 +00:00
Bernardo Damele	a1b83cd56f	added first implementation of REST-JSON API library - issue #297	2012-12-14 02:52:31 +00:00
Bernardo Damele	6e31e87de1	added initial support (hidden from -hh and not yet usable) for REST-JSON API	2012-12-14 02:49:25 +00:00
Miroslav Stampar	c040323821	Minor update	2012-12-13 14:55:20 +01:00
Miroslav Stampar	df0f08bc6a	Cleaning some (web upload based) garbage	2012-12-13 13:19:47 +01:00
Miroslav Stampar	5150172178	Minor update	2012-12-13 10:03:21 +01:00
Miroslav Stampar	b78b56d782	Update for an Issue #287 regarding read_output returning values	2012-12-12 17:17:36 +01:00
Miroslav Stampar	fc4be0a77c	Minor fix	2012-12-12 16:45:29 +01:00
Miroslav Stampar	e381158058	Hmmm... Let me guess. Update for an Issue #287	2012-12-12 16:31:20 +01:00
Miroslav Stampar	921000bd87	Another update for an Issue #287	2012-12-12 14:22:24 +01:00
Miroslav Stampar	c3f20a136f	Minor update for an Issue #287	2012-12-12 14:03:03 +01:00
Miroslav Stampar	32b39c72e4	Minor update	2012-12-12 12:07:56 +01:00
Miroslav Stampar	af52e8e8c2	Minor update for an Issue #287	2012-12-12 12:01:18 +01:00
Miroslav Stampar	a6448e8768	Update for an Issue #287	2012-12-12 11:54:59 +01:00
Miroslav Stampar	ef33729381	Writing only unique hashes to an output file (for eventual cracking with 3rd party tools)	2012-12-12 09:59:24 +01:00
Miroslav Stampar	b9f6fc5f4e	First commit (and working one) for an Issue #287 (XML-RPC server)	2012-12-11 16:02:06 +01:00
Miroslav Stampar	b5884c7eda	Minor language update	2012-12-11 15:24:02 +01:00
Miroslav Stampar	760519dbe9	Removing redundant piece of code	2012-12-11 15:21:27 +01:00
Miroslav Stampar	a54c261496	Minor update for Issues #292 & #293 (only single alert per target)	2012-12-11 14:44:43 +01:00
Miroslav Stampar	5c2451d83c	Implementation for an Issue #293	2012-12-11 12:48:58 +01:00
Miroslav Stampar	562044577b	Implementation for an Issue #292	2012-12-11 12:02:06 +01:00
Miroslav Stampar	6433be8b3d	Style update	2012-12-10 17:20:04 +01:00
Miroslav Stampar	996e882e78	Minor update	2012-12-10 17:13:00 +01:00
Miroslav Stampar	013dc8bc98	Another minor update for an Issue #267	2012-12-10 13:07:36 +01:00
Miroslav Stampar	8bd0080bf4	Minor update for an Issue #267	2012-12-10 13:05:41 +01:00
Miroslav Stampar	96df0ba061	Implemented support for plain , chars too (Issue #267 )	2012-12-10 12:58:17 +01:00
Miroslav Stampar	d0ea4c65c5	Minor styl eupdate for an Issue #267	2012-12-10 12:54:01 +01:00
Miroslav Stampar	5677db02b7	Minor update	2012-12-10 12:40:28 +01:00
Miroslav Stampar	5606a860ce	Oracle supports inline comments too (Issue #267 )	2012-12-10 12:00:15 +01:00
Miroslav Stampar	a024884ca7	Support for a HTTP parameter pollution (Issue #267 )	2012-12-10 11:55:31 +01:00
Miroslav Stampar	42f4c2bac9	Minor fix when --dbms is enforced	2012-12-10 11:42:10 +01:00
Miroslav Stampar	1f7644a691	Minor fix when user doesn't want custom injection char marker to be processed	2012-12-08 21:23:30 +01:00
Miroslav Stampar	0cbdaaecfa	Revert of `99e9412f74` (because of an Issue #289 )	2012-12-08 08:53:25 +01:00
Miroslav Stampar	73968a448c	Minor update	2012-12-07 15:29:54 +01:00
Miroslav Stampar	e129a30e6b	Removing redundant code in redirect handler (related to an Issue #288 )	2012-12-07 12:40:19 +01:00
Miroslav Stampar	fccad15cfa	Minor update for an Issue #288	2012-12-07 12:14:33 +01:00
Miroslav Stampar	75e6d77fbc	Minor refactoring	2012-12-07 11:54:34 +01:00
Miroslav Stampar	fbaeecdaf9	Patch for an Issue #288	2012-12-07 11:52:21 +01:00
Miroslav Stampar	c0fc12beb2	Minor update for an Issue #288	2012-12-07 11:23:18 +01:00
Miroslav Stampar	1028afce37	Removal of leftovers	2012-12-06 14:15:44 +01:00
Miroslav Stampar	974407396e	Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)	2012-12-06 14:14:19 +01:00
Miroslav Stampar	003d21e962	Minor style update (capitalization of leftover class names)	2012-12-06 13:46:24 +01:00
Miroslav Stampar	baccbd6f48	Implementation for an Issue #283	2012-12-06 11:57:57 +01:00
Miroslav Stampar	ab67344448	Removed unused imports and variables (pyflake-ing)	2012-12-06 11:15:05 +01:00
Miroslav Stampar	b6650add46	Introducing 'new style classes' (idea from Pull request #284 )	2012-12-06 10:42:53 +01:00
Miroslav Stampar	0f191f624c	Taking some goodies from Pull request #284	2012-12-06 10:21:53 +01:00
Miroslav Stampar	6b39e661a7	Fix for an issue #279	2012-12-05 12:15:14 +01:00
Miroslav Stampar	775e0df04b	Update for an Issue #278	2012-12-05 10:45:17 +01:00
Miroslav Stampar	949fcb77cf	Minor style update	2012-12-05 10:22:16 +01:00
Miroslav Stampar	d4b5133df7	Update for an Issue #272	2012-12-04 17:04:32 +01:00
Miroslav Stampar	a14697e8cf	Implementation for an Issue #272	2012-12-04 16:47:34 +01:00
Miroslav Stampar	6b007ab188	Minor patch for an Issue #274 (just in case to avoid this kind of problems)	2012-12-04 16:14:14 +01:00
Miroslav Stampar	e2aa695655	Minor update	2012-12-03 17:20:18 +01:00
Miroslav Stampar	42a8234c6f	Update for an Issue #12	2012-12-03 14:27:01 +01:00
Miroslav Stampar	79fca8e9d5	Fix for an Issue #268	2012-12-03 12:13:59 +01:00
Miroslav Stampar	8410fc5a9d	Minor update	2012-12-02 08:00:55 +01:00
redshark1802	1675386093	fixed typo that created an invalid configuration file with the option '--save'	2012-11-30 23:00:03 +01:00
Miroslav Stampar	0664e72bea	Minor fix for an Issue #230	2012-11-30 12:13:34 +01:00
Miroslav Stampar	5b61e9ce12	Minor update for an Issue #254	2012-11-30 11:43:50 +01:00
Miroslav Stampar	7e2db762d6	Minor update	2012-11-29 15:45:04 +01:00
Miroslav Stampar	8f10023523	Fix for an Issue #266	2012-11-29 15:44:14 +01:00
Miroslav Stampar	3b961c2550	Update for an Issue #254	2012-11-29 15:36:38 +01:00
Miroslav Stampar	605d73cc3d	Minor refactoring	2012-11-29 12:21:12 +01:00
Miroslav Stampar	7304971544	Patch for ORDER BY test on MsSQL on cases with 'The text, ntext, and image data types cannot be compared or sorted, except when using IS NULL or LIKE operator'	2012-11-29 11:43:49 +01:00
Miroslav Stampar	7c16bfe025	Fix for error-based MsSQL dumping (in some cases failed because of wrong order - e.g. MIN(SUBSTRING( instead of SUBSTRING(MIN )	2012-11-29 10:51:59 +01:00
Miroslav Stampar	a7e1e856d4	Fix for an Issue #260	2012-11-28 17:00:26 +01:00
Miroslav Stampar	35d1146fd1	Minor update for an (Issue #254 )	2012-11-28 12:53:11 +01:00
Miroslav Stampar	753d0f18bf	First CSS style added for a HTML table dump format (Issue #254 )	2012-11-28 12:46:43 +01:00
Miroslav Stampar	b6ea337937	First style-less prototype for an HTML dump output (Issue #254 )	2012-11-28 12:28:42 +01:00
Miroslav Stampar	e2d8b53e97	Minor update for an Issue #264	2012-11-28 11:45:33 +01:00
Miroslav Stampar	cff0c59630	Implementation for an Issue #264	2012-11-28 11:41:39 +01:00
Miroslav Stampar	5bf5b95588	More refactoring for an Issue #254	2012-11-28 11:16:00 +01:00
Miroslav Stampar	87a92ab330	Deprecating --replicate (Issue #254 )	2012-11-28 11:10:57 +01:00
Miroslav Stampar	f08eb0fd9f	Minor style update	2012-11-28 10:59:15 +01:00
Miroslav Stampar	d95dd2d16e	Preparation for an Issue #254	2012-11-28 10:58:18 +01:00
Miroslav Stampar	621ae587c7	Fix for an Issue #263	2012-11-28 00:03:17 +01:00
Miroslav Stampar	d490ffb163	Fix for an Issue #259	2012-11-27 11:45:22 +01:00
Miroslav Stampar	bd33128085	Fix for an Issue #262	2012-11-27 10:08:22 +01:00
Miroslav Stampar	38c96a366b	Patch for an Issue #260	2012-11-26 11:16:59 +01:00
Miroslav Stampar	ef2038f1c8	Implementation for an Issue #253	2012-11-21 10:16:13 +01:00
Miroslav Stampar	c40dded28c	Fix for an Issue #250	2012-11-20 12:10:29 +01:00
Miroslav Stampar	93e071fc33	Fix for an Issue #251	2012-11-20 11:19:23 +01:00
Miroslav Stampar	302348b0cd	Minor update	2012-11-19 11:59:28 +01:00
Miroslav Stampar	a40d7a5bca	Minor improvement (safer to use column name in COUNT than *, especially when only one column is needed)	2012-11-15 15:06:54 +01:00
Miroslav Stampar	d37be5f97b	Fix for an Issue #248	2012-11-14 15:54:24 +01:00
Miroslav Stampar	9a54a911a8	Patch for an Issue #231	2012-11-14 11:30:29 +01:00
Miroslav Stampar	5b3fe25211	Improving comparison engine (removing shared prelude part to further sharpen if pages are identical - especially noticable in small test pages)	2012-11-13 15:22:59 +01:00
Miroslav Stampar	6f7f9dd8eb	Patch for an Issue #242	2012-11-13 10:41:13 +01:00
Miroslav Stampar	a52dbc575b	Patch for an Issue #246	2012-11-13 10:21:11 +01:00
Miroslav Stampar	f305dde413	Patch for an Issue #235	2012-11-10 11:01:29 +01:00
Miroslav Stampar	181c3534f0	Patch for an Issue #237	2012-11-08 19:16:37 +01:00
Miroslav Stampar	e7e83defaa	Minor update	2012-11-08 11:09:34 +01:00
Miroslav Stampar	1ee0d9ce5e	Fix for an Issue #229	2012-11-05 15:58:54 +01:00
Miroslav Stampar	3cf5fc2f5a	Fix for an Issue #230	2012-11-05 15:10:49 +01:00
Miroslav Stampar	2de52927f3	Code refactoring (epecially Google search code)	2012-10-30 18:38:10 +01:00
Miroslav Stampar	76b793b199	Fix for an Issue #228	2012-10-30 18:08:25 +01:00
Miroslav Stampar	6e2041bc13	Better language than in last commit	2012-10-30 11:54:21 +01:00
Miroslav Stampar	1bbeb92eb6	Better language (used formation 'not required' in case of help for --dependencies while 'required'->'needs' in a check itself)	2012-10-30 11:19:39 +01:00
Miroslav Stampar	5cfc066ac4	Minor update	2012-10-30 10:30:22 +01:00
Miroslav Stampar	7c7aff12c6	Update for an Issue #225	2012-10-30 01:26:19 +01:00
Miroslav Stampar	b0f5b4f9bc	Update for an Issue #225	2012-10-30 00:59:31 +01:00
Miroslav Stampar	726de868e2	Fix for an Issue #225	2012-10-30 00:37:43 +01:00
Miroslav Stampar	a9094a35fe	Fix for an Issue #227	2012-10-30 00:20:49 +01:00
Miroslav Stampar	1d07b93730	Bug fix for --os-shell on MySQL (it was not working for a long time because of this)	2012-10-29 15:45:30 +01:00
Miroslav Stampar	5358d85d37	Important refactoring for web-based functionality	2012-10-29 15:09:05 +01:00
Miroslav Stampar	81ccf28785	Minor refactoring	2012-10-29 14:08:48 +01:00
Miroslav Stampar	d6e16e8641	Minor update	2012-10-29 11:08:02 +01:00
Miroslav Stampar	359e734954	Minor refactoring	2012-10-29 10:48:49 +01:00
Miroslav Stampar	919f75db9b	Improvement and fix for pivotDumpTable mechanism	2012-10-28 23:09:35 +01:00
Miroslav Stampar	d7973c3e32	Improvement of pivotDumpTable mechanism (no more fail on first entry)	2012-10-28 22:18:22 +01:00
Miroslav Stampar	c1eb803ef5	Bug fix for MsSQL --hex --technique=E (NOT IN based queries were not working properly)	2012-10-28 21:16:51 +01:00
Miroslav Stampar	b75c52f93c	Minor display fix (in --hex mode)	2012-10-28 12:30:21 +01:00
Miroslav Stampar	25a5073281	Bug fix for --hex/--technique=B (especially MsSQL)	2012-10-28 12:22:33 +01:00
Miroslav Stampar	8617fe0d65	Bug fix for international letters decoded with --hex on MsSQL	2012-10-28 11:50:16 +01:00
Miroslav Stampar	ca427af8b3	Minor refactoring/improvement	2012-10-28 01:42:08 +02:00
Miroslav Stampar	43ddf39bea	Minor refactoring	2012-10-28 01:16:02 +02:00
Miroslav Stampar	bcdba7b7bb	Dealing with rare cases when getIdentifiedDbms is needed prior to DBMS isfingerprinted and there are multiples of dbmses inside details	2012-10-28 01:11:50 +02:00
Miroslav Stampar	c1b8226329	Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)	2012-10-28 00:36:09 +02:00
Miroslav Stampar	a435ba6863	Minor fix	2012-10-28 00:19:00 +02:00
Miroslav Stampar	0aeb9dbe8b	Bug fix (in --dump mode if error/inband failed with None other techniques were ignored)	2012-10-27 23:42:52 +02:00
Miroslav Stampar	06805b27f2	Bug fix (time was also meant to be disabled in case of error/inband getvalues)	2012-10-27 23:16:25 +02:00
Miroslav Stampar	7207cf29dd	Minor update	2012-10-26 11:05:44 +02:00
Miroslav Stampar	965d7eee17	Minor bug fix for a reflection removal mechanism	2012-10-26 00:06:15 +02:00
Miroslav Stampar	235cc656b9	Fix for an Issue #224	2012-10-25 15:25:31 +02:00
Miroslav Stampar	bcf708f4b1	Minor update	2012-10-25 13:37:33 +02:00
Miroslav Stampar	fdcdd11cb9	Minor update for an Issue #222	2012-10-25 13:35:44 +02:00
Miroslav Stampar	8a5844a364	Implementation for an Issue #222	2012-10-25 13:21:32 +02:00
Miroslav Stampar	afd82b92dd	Patch for an Issue #221	2012-10-25 10:21:36 +02:00
Miroslav Stampar	12fc9442b9	Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)	2012-10-25 10:10:23 +02:00
Miroslav Stampar	54fbb22ab8	Minor refactoring	2012-10-25 09:56:36 +02:00
Miroslav Stampar	65ec715828	Fix for an Issue #218	2012-10-25 00:03:00 +02:00
Miroslav Stampar	5477c9f7ba	Fix for an Issue #216	2012-10-24 22:59:46 +02:00
Miroslav Stampar	056be32ac1	Fix for Issue #213	2012-10-23 17:06:31 +02:00
Miroslav Stampar	99ceea5eae	Fix for an Issue #214	2012-10-23 17:05:45 +02:00
Miroslav Stampar	f3aa09c794	Minor language fix	2012-10-23 15:52:43 +02:00
Miroslav Stampar	eb6f17b561	Fix for --dump and -d=mssql	2012-10-23 15:02:43 +02:00
Miroslav Stampar	4365c48e83	Minor style update	2012-10-23 14:38:24 +02:00
Miroslav Stampar	06f226c494	Fix for an Issue #211	2012-10-23 14:37:45 +02:00
Miroslav Stampar	b82eb3a1ae	Fix for an Issue #210	2012-10-23 13:58:25 +02:00
Miroslav Stampar	f2bbf1ead9	Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)	2012-10-23 11:05:00 +02:00
Miroslav Stampar	5ff2e33c43	Minor fix	2012-10-23 10:54:26 +02:00
Miroslav Stampar	68d5faa287	Minor update	2012-10-23 10:46:17 +02:00
Miroslav Stampar	54d086f409	Minor fix	2012-10-23 10:02:10 +02:00
Miroslav Stampar	f11a640e99	Undo of a previous commit (pdb left inside)	2012-10-22 14:39:35 +02:00
Miroslav Stampar	b913e2123d	Displaying hex-decoded resulting output in --hex mode	2012-10-22 14:39:11 +02:00
Miroslav Stampar	029143880a	Displaying hex-decoded resulting output in --hex mode	2012-10-22 14:36:01 +02:00
Miroslav Stampar	39f565533a	In case on --no-cast DUMP_REPLACEMENTS should not be used	2012-10-22 14:13:30 +02:00
Miroslav Stampar	3f596cda85	Minor fix for --dump --technique=B when empty strings are returned	2012-10-22 11:49:23 +02:00
Miroslav Stampar	21481df239	Minor update for Issue #209	2012-10-21 19:00:37 +02:00
Miroslav Stampar	fb1497aa89	Minor update for Issue #209	2012-10-21 18:53:31 +02:00
Miroslav Stampar	261b286021	Fix for an Issue #209	2012-10-20 13:17:45 +02:00
Miroslav Stampar	6a271fe800	Update for an Issue #2	2012-10-19 11:29:03 +02:00
Miroslav Stampar	998eb70288	Minor update	2012-10-19 11:05:10 +02:00
Miroslav Stampar	987f167e12	Minor update	2012-10-19 11:03:54 +02:00
Miroslav Stampar	d65d9e25cd	Implementation for an Issue #2	2012-10-19 11:02:14 +02:00
Miroslav Stampar	688a2db27a	Fix for an Issue #208	2012-10-19 10:04:09 +02:00
Miroslav Stampar	64b4586883	Minor update	2012-10-18 11:36:12 +02:00
Miroslav Stampar	ea49fa2db2	Fix for an Issue #206	2012-10-18 11:11:20 +02:00
Miroslav Stampar	1cb2ca4195	Minor update	2012-10-18 10:55:27 +02:00
Miroslav Stampar	b5060c0010	Fix for an Issue #205	2012-10-16 14:28:46 +02:00
Miroslav Stampar	2cb1b054bb	Implementation for an Issue #79	2012-10-16 12:32:58 +02:00
Miroslav Stampar	3e64ab214e	Minor update	2012-10-16 10:28:59 +02:00
Miroslav Stampar	9ad58cb531	Implementation for an Issue #204	2012-10-16 10:24:05 +02:00
Miroslav Stampar	8b57e1fce6	Minor update for an Issue #203	2012-10-15 23:15:52 +02:00
Miroslav Stampar	42b2c85517	Minor cosmetics	2012-10-15 18:45:13 +02:00
Miroslav Stampar	c7cf8b2e80	Minor refactoring of direct()	2012-10-15 18:41:41 +02:00
Miroslav Stampar	048e720f69	Minor refactoring for an Issue #203	2012-10-15 17:55:57 +02:00
Miroslav Stampar	9aba690a60	Patch for an Issue #203	2012-10-15 16:23:41 +02:00
Miroslav Stampar	e440b096c5	Fix for an Issue #202	2012-10-15 12:24:30 +02:00
Miroslav Stampar	56832fe9c4	Better adjustTimeDelay() candidate algorithm	2012-10-11 14:23:53 +02:00
Miroslav Stampar	e61c4c22c9	Implementation for an Issue #200	2012-10-09 15:19:47 +02:00
Miroslav Stampar	cd9a47835b	Minor consistency update	2012-10-09 14:48:26 +02:00
Miroslav Stampar	8c5fb1b064	Minor update	2012-10-09 14:46:45 +02:00
Miroslav Stampar	ea12ccec77	Minor refactoring	2012-10-09 11:33:19 +02:00
Miroslav Stampar	10b0fd21dc	Fix for an Issue #198	2012-10-09 11:27:19 +02:00
Miroslav Stampar	5a91b6e622	Minor cleanup	2012-10-09 10:21:52 +02:00
Miroslav Stampar	8e7449ccd5	Minor update	2012-10-07 20:28:24 +02:00
Miroslav Stampar	ff205f088b	Minor update	2012-10-07 20:12:55 +02:00
Miroslav Stampar	cc3f387551	Patch for an Issue #127	2012-10-05 10:49:31 +02:00
Miroslav Stampar	ebc7088f94	Implementation for an Issue #128	2012-10-05 10:24:09 +02:00
Miroslav Stampar	098e446ca4	Adding support for generic XML POST data	2012-10-04 18:44:12 +02:00
Miroslav Stampar	f71b937add	Minor language cleanup	2012-10-04 18:28:36 +02:00
Miroslav Stampar	8865fe69d7	Minor cleanup	2012-10-04 18:26:07 +02:00
Miroslav Stampar	2fbd05c98f	Minor language update	2012-10-04 18:04:55 +02:00
Miroslav Stampar	d464678e10	Minor update for an Issue #49	2012-10-04 18:01:42 +02:00
Miroslav Stampar	84b05e2d18	Better treating of numeric values (Issue #49 )	2012-10-04 16:08:37 +02:00
Miroslav Stampar	31aa9be1c7	Minor update	2012-10-04 15:40:11 +02:00
Miroslav Stampar	9129dac77b	Minor fix for an Issue #134	2012-10-04 15:33:26 +02:00
Miroslav Stampar	5d2b534908	Minor update (Issue #49 )	2012-10-04 15:23:01 +02:00
Miroslav Stampar	5b59b6feb4	Removing junk part	2012-10-04 12:09:09 +02:00
Miroslav Stampar	d570e25b1b	Minor workflow update	2012-10-04 12:05:59 +02:00
Miroslav Stampar	eddc634ceb	Minor improvement (custom injection marks are now processed in order of appearance)	2012-10-04 11:52:40 +02:00
Miroslav Stampar	3764d230be	Minor fix for Issue #197 and Issue #49	2012-10-04 11:43:37 +02:00
Miroslav Stampar	dee6d2f9ff	Minor language update	2012-10-04 11:34:14 +02:00
Miroslav Stampar	461e5ebc5f	Work for Issue #197 and Issue #49	2012-10-04 11:25:44 +02:00
Miroslav Stampar	bcbf0571a5	Implementation for an Issue #49	2012-10-02 14:23:58 +02:00
Miroslav Stampar	763dc98311	Minor refactoring	2012-10-02 13:36:15 +02:00
Miroslav Stampar	a8aecaa036	Minor style update	2012-10-02 13:33:10 +02:00
Miroslav Stampar	19407b9aca	Minor update	2012-09-26 15:25:01 +02:00
Miroslav Stampar	6eae7013b6	Minor cosmetics	2012-09-26 15:03:12 +02:00
Miroslav Stampar	687f3991de	Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.	2012-09-26 11:27:43 +02:00
Miroslav Stampar	6bc5f44b20	Minor just in case update for an Issue #195 (safer behavior on forced charsets)	2012-09-25 15:09:07 +02:00
Miroslav Stampar	efe4c13ed1	Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments)	2012-09-25 14:36:15 +02:00
Miroslav Stampar	ec43ceec40	Some more cleanup related to the last commit (unneeded manual crafting/unneeded closing with ;)	2012-09-25 14:29:22 +02:00
Miroslav Stampar	560e0fcb25	Minor cleanup	2012-09-25 14:21:57 +02:00
Miroslav Stampar	fccdb824bb	Patch for an Issue #193	2012-09-25 11:21:39 +02:00
Miroslav Stampar	c9e7e71ea2	Implementation for an Issue #195	2012-09-25 10:17:25 +02:00
Miroslav Stampar	9ca7b3e20e	Implementation for an Issue #194	2012-09-25 09:25:35 +02:00
Miroslav Stampar	d175decdfc	Fix for an Issue #190	2012-09-22 20:59:40 +02:00
Miroslav Stampar	a6eeebfca8	Fix for an Issue #188	2012-09-20 11:30:07 +02:00
Miroslav Stampar	9a1fbb8941	Fix for an Issue #185	2012-09-13 14:22:26 +02:00
Miroslav Stampar	e570858db9	Implementation for an Issue #183	2012-09-12 11:50:38 +02:00
Miroslav Stampar	a64438fb5c	Minor language update	2012-09-11 19:45:40 +02:00
Miroslav Stampar	05dced5418	Minor language update	2012-09-11 19:43:03 +02:00
Miroslav Stampar	511c3b8dcc	Update and fix for an Issue #182	2012-09-11 14:58:52 +02:00
Miroslav Stampar	10b671d625	Update for an Issue #182	2012-09-11 12:08:34 +02:00
Miroslav Stampar	12d33c7a38	Fix for Issue #180 and #181 (missing module from an Issue #179 )	2012-09-10 22:39:56 +02:00
Miroslav Stampar	5d23d72ff5	Fix for an Issue #176	2012-09-08 17:58:03 +02:00
Miroslav Stampar	f26ea04e38	Fix for an Issue #175	2012-09-07 17:06:38 +02:00
Miroslav Stampar	e4bc471f81	Fix for an Issue #173	2012-09-07 10:09:19 +02:00
Miroslav Stampar	a3baf94e9b	Minor style update	2012-09-07 10:09:00 +02:00
Miroslav Stampar	cea5127ffd	Update for an Issue #6	2012-09-06 15:51:38 +02:00
Miroslav Stampar	c3d191e626	Minor update for an Issue #2	2012-09-06 14:13:54 +02:00
Miroslav Stampar	1e238b5a5a	Minor update	2012-09-06 13:36:34 +02:00
Miroslav Stampar	dbce417cdd	Potential fix for an Issue #171	2012-09-02 22:48:41 +02:00
Miroslav Stampar	f6716cf7c0	Fix for an Issue #170	2012-09-01 23:52:00 +02:00
Miroslav Stampar	2170e64ca5	Minor bug fix	2012-08-31 19:48:45 +02:00
Miroslav Stampar	33980adaef	Another update for an Issue #79	2012-08-31 12:46:38 +02:00
Miroslav Stampar	b916db34a4	Another update for an Issue #79	2012-08-31 12:38:02 +02:00
Miroslav Stampar	47d162f391	Minor update (same but cleaner)	2012-08-31 12:27:40 +02:00
Miroslav Stampar	7286d89cb6	Few fixes for an Issue #79 (problem with case sensitivity of request get_header)	2012-08-31 12:15:09 +02:00
Miroslav Stampar	2806185989	Minor refactoring	2012-08-31 10:43:06 +02:00
Miroslav Stampar	74a5d41272	Minor update for an Issue #79	2012-08-31 10:24:47 +02:00
Miroslav Stampar	cdd3ed6abc	Minor bug fix	2012-08-30 14:22:18 +02:00
Miroslav Stampar	a89d61415a	'Patch' for an Issue #167	2012-08-29 21:29:27 +02:00
Miroslav Stampar	c1c65a7167	Fix for an Issue #166	2012-08-29 20:21:45 +02:00
Miroslav Stampar	9674b174ee	One more minor update related to last commit	2012-08-23 15:37:17 +02:00
Miroslav Stampar	b79247c197	Minor update	2012-08-23 15:22:14 +02:00
Miroslav Stampar	e9ae44c6fc	Implementation for an #162	2012-08-22 16:50:01 +02:00
Miroslav Stampar	0ad3846451	Minor language update	2012-08-22 16:10:56 +02:00
Miroslav Stampar	f1f6364690	Changing default readInput value on dictionary-based attack depending on conf.multipleTargets	2012-08-22 16:10:38 +02:00
Miroslav Stampar	a62a874d59	Update for an Issue #161 (changing default readInput value regarding the conf.multipleTargets)	2012-08-22 16:06:09 +02:00
Miroslav Stampar	4ab4fd1cb4	Minor update	2012-08-22 15:53:40 +02:00
Miroslav Stampar	52351e5d81	Update for an Issue #161 (now detecting format error messages too)	2012-08-22 15:51:47 +02:00
Miroslav Stampar	a6d743ec4c	Minor console output fix (redundant newline has been displayed in case of rawInput)	2012-08-22 14:43:57 +02:00
Miroslav Stampar	7b93108e7d	Favoring non-string specific boundaries in case of digit-like parameter values	2012-08-22 13:58:52 +02:00
Miroslav Stampar	25ee333e66	Minor language update	2012-08-22 12:00:17 +02:00
Miroslav Stampar	8a5042b6a4	Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)	2012-08-22 11:56:30 +02:00
Miroslav Stampar	7d0662da23	Update for an #161	2012-08-22 11:42:06 +02:00
Miroslav Stampar	61151447fe	Implementation of an Issue #161	2012-08-22 11:27:58 +02:00
Miroslav Stampar	6210ddfbd6	Minor refactoring	2012-08-22 11:00:39 +02:00
Miroslav Stampar	a927d94d39	Update for an Issue #155	2012-08-22 10:57:31 +02:00
Miroslav Stampar	32a36f1ff3	El Cosmeticado	2012-08-22 09:58:39 +02:00
Miroslav Stampar	2c66ca39f1	Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0)	2012-08-22 09:53:53 +02:00
Miroslav Stampar	ebab05cf7c	Fix for an Issue #158	2012-08-21 20:20:38 +02:00
Miroslav Stampar	ad59abe018	Cleaning leftover	2012-08-21 14:37:09 +02:00
Miroslav Stampar	1b86fffc6d	Fix for an Issue #157	2012-08-21 14:36:04 +02:00
Miroslav Stampar	d421f9a618	Fix for an Issue #157	2012-08-21 14:34:19 +02:00
Miroslav Stampar	1bcf5a6b88	Some more dict refactorings	2012-08-21 11:30:01 +02:00
Miroslav Stampar	01f481c332	Minor refactoring of dictionaries	2012-08-21 11:19:15 +02:00
Miroslav Stampar	b9c63eb908	Fix for an Issue #156	2012-08-21 10:46:29 +02:00
Miroslav Stampar	b7415d36df	Minor refactoring	2012-08-21 10:28:25 +02:00
Miroslav Stampar	7a8ace78f9	Removing redundant newline char as logger already adds it's own	2012-08-21 09:58:40 +02:00
Miroslav Stampar	233b9a3815	Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those)	2012-08-20 22:17:39 +02:00
Miroslav Stampar	8ee9feafb9	Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries)	2012-08-20 21:57:25 +02:00
Miroslav Stampar	6f450ac8bf	Implementation for an Issue #155	2012-08-20 12:14:01 +02:00
Miroslav Stampar	823dde73ab	Minor cleanup	2012-08-20 11:40:49 +02:00
Miroslav Stampar	2b6123c4f8	Minor style update	2012-08-20 11:29:23 +02:00
Miroslav Stampar	e0d9fa8666	Minor style update	2012-08-20 11:28:41 +02:00
Miroslav Stampar	76338add17	Fix for an Issue #152	2012-08-20 10:41:43 +02:00
Miroslav Stampar	59078bb1b8	Fix for an Issue #154	2012-08-20 10:05:13 +02:00
Miroslav Stampar	4649450603	Fix for an Issue #137	2012-08-16 22:20:24 +02:00
Miroslav Stampar	0d8fca30c9	Fix for an Issue #59	2012-08-16 11:31:43 +02:00
Miroslav Stampar	1af81c0de4	Implementation of an Issue #149	2012-08-15 22:31:25 +02:00
Miroslav Stampar	f358ab2e73	Implementation of an Issue #147	2012-08-15 16:37:18 +02:00
Miroslav Stampar	36b55cf209	Proper fix for an Issue #145	2012-08-14 22:28:42 +02:00
Miroslav Stampar	ab35ab4e2a	Fix for an Issue #145	2012-08-14 18:52:45 +02:00
Miroslav Stampar	432b567584	Fix for an Issue #141	2012-08-08 00:03:58 +02:00
Miroslav Stampar	31ceb0cb6c	Fix for an Issue #140	2012-08-07 10:57:29 +02:00
Miroslav Stampar	fec8a5cc9d	Fix for an Issue #139	2012-08-07 00:50:58 +02:00
Miroslav Stampar	f797a6d813	Fix for an Issue #125	2012-07-31 13:06:45 +02:00
Miroslav Stampar	6f529542e3	Making those --string tips (containing escaped characters) decodable by sqlmap	2012-07-31 11:32:53 +02:00
Miroslav Stampar	142fc887f1	Fix for an Issue #129	2012-07-31 11:03:44 +02:00
Miroslav Stampar	bdbe8ff9d9	Fix for an Issue #132	2012-07-30 22:39:45 +02:00
Miroslav Stampar	47073f4afd	Implementation of an Issue #131	2012-07-30 21:50:46 +02:00
Miroslav Stampar	93d35fe522	Minor update regarding Issue #129	2012-07-30 21:43:32 +02:00
Miroslav Stampar	b9ac50faef	Minor bug fix	2012-07-30 12:09:20 +02:00
Miroslav Stampar	a86f9798b2	Minor refactoring together with a wider support for html entities	2012-07-30 11:21:32 +02:00
Miroslav Stampar	20a66567a3	Minor refactoring	2012-07-30 10:06:14 +02:00
Miroslav Stampar	cc2a916716	Fix for an Issue #126	2012-07-29 17:33:08 +02:00
Miroslav Stampar	1669c6bdb4	Another update for an Issue #28	2012-07-27 17:05:21 +02:00
Miroslav Stampar	6ffc5665d0	Update for Issue #28	2012-07-27 16:29:33 +02:00
Miroslav Stampar	07738004cc	Fix for an Issue #123	2012-07-27 10:02:47 +02:00
Miroslav Stampar	a5062c1e4f	Adding a warn message when --dns-domain is ignored (because of faster techniques)	2012-07-27 09:48:48 +02:00
Bernardo Damele	92c2b3bd4c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-26 23:11:11 +01:00
Bernardo Damele	d492291744	working on issue #12	2012-07-26 23:11:07 +01:00
Miroslav Stampar	cba387a0a0	Minor speed up	2012-07-26 15:42:04 +02:00
Miroslav Stampar	efa99c4519	Implementation for an Issue #4	2012-07-26 14:07:05 +02:00
Miroslav Stampar	b3552494c4	Minor preparation for an Issue #48	2012-07-26 12:26:57 +02:00
Miroslav Stampar	3e9f1fe410	Minor style update	2012-07-26 12:13:16 +02:00
Miroslav Stampar	30f8d09651	Implementation for an Issue #70	2012-07-26 12:06:02 +02:00
Miroslav Stampar	231f0f76b5	Fix for an Issue #119	2012-07-26 00:49:51 +02:00
Miroslav Stampar	cba77410a9	Minor style update	2012-07-26 00:08:49 +02:00
Miroslav Stampar	18b1d1efd6	Fix for an Issue #121	2012-07-26 00:02:38 +02:00
Miroslav Stampar	2b60e61d54	Minor update for #119	2012-07-25 10:57:19 +02:00
Miroslav Stampar	922ea9d1f4	Update for Issue #118	2012-07-24 15:43:29 +02:00
Miroslav Stampar	f8c9868cb6	Implementation for an Issue #118	2012-07-24 15:34:50 +02:00
Miroslav Stampar	42f518b2d6	Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized	2012-07-24 14:44:44 +02:00
Miroslav Stampar	b820975217	Improvement of decodeIntToUnicode()	2012-07-23 19:31:06 +02:00
Miroslav Stampar	1153b4563c	Minor update for an Issue #111	2012-07-23 18:44:50 +02:00
Miroslav Stampar	fccd69721e	Update for an Issue #111	2012-07-23 18:38:46 +02:00
Miroslav Stampar	ab9cb80602	Implementing Issue #111	2012-07-23 15:14:52 +02:00
Miroslav Stampar	6809449e31	Minor style update	2012-07-23 15:06:49 +02:00
Miroslav Stampar	63bf99ce77	Minor just in case update for an Issue #117	2012-07-23 14:46:43 +02:00
Miroslav Stampar	c6b724489b	Minor style update	2012-07-23 14:26:42 +02:00
Miroslav Stampar	a7d1a0c250	Implementation for an Issue #117	2012-07-23 14:14:22 +02:00
Miroslav Stampar	3279ce53a8	Minor style update	2012-07-23 13:57:38 +02:00
Miroslav Stampar	534eccc9aa	Fix for an Issue #115	2012-07-23 10:16:47 +02:00
Miroslav Stampar	1b6cb9442f	Fix for an Issue #114	2012-07-21 23:31:36 +02:00
Bernardo Damele	0a4b6431a8	minor bug fix - issue #112	2012-07-21 16:51:01 +01:00
Miroslav Stampar	95e0d46e3e	Fix for an Issue #110	2012-07-21 09:15:54 +02:00
Bernardo Damele	dba0a96c2e	fall-back to UNION technique if web file stager was not uploaded with LIMIT	2012-07-20 17:11:22 +01:00
Bernardo Damele	cbe8f41746	minor code refactoring preparing for #96	2012-07-20 16:20:17 +01:00
Miroslav Stampar	f336afa913	Implementation for Issue #108	2012-07-20 09:48:09 +02:00
Miroslav Stampar	dcf8a27f12	Implementation for an Issue #67	2012-07-18 14:24:10 +02:00
Miroslav Stampar	4fc462c4d9	Minor update for an Issue #105	2012-07-18 14:09:04 +02:00
Miroslav Stampar	655dd55a6f	Implementation of an Issue #105	2012-07-18 13:32:34 +02:00
Miroslav Stampar	08244c7ebf	Fix for an Issue #104	2012-07-17 15:05:50 +02:00
Miroslav Stampar	e30646a54f	Fix for an Issue #103	2012-07-17 10:36:22 +02:00
Miroslav Stampar	41d16e55cb	Typo fix (#102 )	2012-07-17 09:13:19 +02:00
Bernardo Damele	7198e3185b	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-17 00:25:08 +01:00
Bernardo Damele	318a01b867	minor typo fixes	2012-07-17 00:25:02 +01:00
Miroslav Stampar	d6ceb7af5e	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-17 00:19:52 +02:00
Miroslav Stampar	81d15e5051	Fix for an Issue #101	2012-07-17 00:19:33 +02:00
Bernardo Damele	5f876bdbbe	minor adjustments	2012-07-16 22:50:29 +01:00
Miroslav Stampar	c96e44b30c	Fix for an Issue #100	2012-07-16 23:28:01 +02:00
Miroslav Stampar	ffbbb10abb	Support for dotted identificator names	2012-07-16 23:13:21 +02:00
Miroslav Stampar	0e21cb54de	Minor fix related to Issue #94	2012-07-16 16:06:39 +02:00
Miroslav Stampar	0f64e1e6c1	Minor update for Issue #94 (not fixing it)	2012-07-16 15:43:02 +02:00
Miroslav Stampar	0eff977c63	Refactoring for Issue #91	2012-07-16 12:24:54 +02:00
Miroslav Stampar	4d759984b2	Implementation for Issue #91	2012-07-16 12:12:52 +02:00
Miroslav Stampar	c1a14257a4	Removing --disable... switches and making changes in default choice(s) for respectable sections	2012-07-16 11:31:51 +02:00
Miroslav Stampar	07a85874fe	Implementation for Issue #92	2012-07-16 11:07:47 +02:00
Miroslav Stampar	87ecf205cb	More work for Issue #66	2012-07-14 17:01:04 +02:00
Miroslav Stampar	38d82771be	Minor style update	2012-07-14 11:23:22 +02:00
Miroslav Stampar	805120ac52	Minor refactoring	2012-07-14 11:01:30 +02:00
Miroslav Stampar	9a7fc24ec2	Minor style update	2012-07-13 15:22:08 +02:00
Miroslav Stampar	ddb9caeef1	Revert of the previous commit	2012-07-13 15:05:19 +02:00
Miroslav Stampar	d165d5d5fe	To not be confused with heuristic method in SQLi	2012-07-13 15:03:43 +02:00
Miroslav Stampar	32b700f130	Minor style update	2012-07-13 15:02:11 +02:00
Miroslav Stampar	fbb5db00ba	Minor style update	2012-07-13 15:00:39 +02:00
Miroslav Stampar	786686da60	Minor language update	2012-07-13 14:53:42 +02:00
Miroslav Stampar	9ff9c951bc	Language update	2012-07-13 14:33:16 +02:00
Miroslav Stampar	6677da63cd	Fix for an Issue #88	2012-07-13 14:25:39 +02:00
Miroslav Stampar	3c81f74823	Minor style update	2012-07-13 12:22:37 +02:00
Miroslav Stampar	6ade007aec	Minor update of language	2012-07-13 12:13:04 +02:00
Miroslav Stampar	c5ecc8b8db	Closing work on Issue #83	2012-07-13 11:23:21 +02:00
Miroslav Stampar	48f68bd076	First commit for Issue #83	2012-07-13 10:35:22 +02:00
Miroslav Stampar	d834e8debf	Minor update	2012-07-13 10:28:03 +02:00
Miroslav Stampar	b11fd8b9f7	Fix for an Issue #87	2012-07-13 10:11:16 +02:00
Bernardo Damele	162da75a04	modified homepage address	2012-07-12 18:38:03 +01:00
Miroslav Stampar	a49d685eb8	Hidding --beep (Issue #84 )	2012-07-12 17:03:24 +02:00
Bernardo Damele	ea9c66108e	cleanup for issue #68	2012-07-12 15:38:43 +01:00
Miroslav Stampar	569c9214bf	Adding support for boldifying important logging messages	2012-07-12 16:30:35 +02:00
Miroslav Stampar	b2fe1c30f8	Minority report	2012-07-12 16:04:01 +02:00
Miroslav Stampar	8e18514e56	Minor refactoring for all that stickyness	2012-07-12 15:58:45 +02:00
Miroslav Stampar	fe61bdce75	Minor update	2012-07-12 15:25:26 +02:00
Miroslav Stampar	dbbca16c69	Minor renaming	2012-07-12 15:24:40 +02:00
Miroslav Stampar	9bc24cea6b	Dealing with kb.currentMessage issue	2012-07-12 15:23:35 +02:00
Miroslav Stampar	b320dc118d	Minor fix (recognizing if it's colorizing handler or not)	2012-07-12 14:55:54 +02:00
Miroslav Stampar	cba2a26b68	Finishing Issue #75 (inference dumping)	2012-07-12 14:46:57 +02:00
Miroslav Stampar	65639cdda6	First update for Issue #75 (error-based dumping)	2012-07-12 14:31:28 +02:00
Miroslav Stampar	3fd5119f3f	Redesigning for Issue #75	2012-07-12 13:42:22 +02:00
Bernardo Damele	3d66e2dfb1	minor bug fix	2012-07-12 10:47:51 +01:00
Bernardo Damele	33cbbed4a8	I think we should not resume checkBooleanExpression() calls if --fresh-queries or --flush-session is provided	2012-07-12 01:39:15 +01:00
Bernardo Damele	f704a46341	silly blank line added	2012-07-12 01:38:29 +01:00
Bernardo Damele	ee3aeb8dcf	actual implementation of issue #75 , still some work to do	2012-07-12 01:16:00 +01:00
Bernardo Damele	3a94953ae2	leftover from previous commit	2012-07-12 01:15:34 +01:00
Bernardo Damele	a5924739f6	minor code refactoring in preparation of ticket #75	2012-07-12 01:12:30 +01:00
Bernardo Damele	53c0336b48	added --hostname switch to retrieve DBMS server hostname - closes issue #69	2012-07-12 00:01:57 +01:00
Bernardo Damele	4e64c1126d	restored bold on questions to users (calls from readInput()) - issue #77	2012-07-11 22:56:11 +01:00
Bernardo Damele	247f95e051	restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")	2012-07-11 22:48:27 +01:00
Bernardo Damele	2b3ea3e3b7	fixed colouring for PAYLOAD (-v 3) - issue #77	2012-07-11 22:40:52 +01:00
Miroslav Stampar	15ee5310d9	Adding traffic in and out to color_map	2012-07-11 20:42:18 +02:00
Miroslav Stampar	43cac2212b	Fix for a case when ColorizingStreamHandler is not used	2012-07-11 20:36:32 +02:00
Miroslav Stampar	72378d4f61	Some more refactoring	2012-07-11 20:29:48 +02:00
Miroslav Stampar	c6464b44be	Some more refactoring	2012-07-11 20:13:23 +02:00
Miroslav Stampar	d7926b8aac	Minor refactoring	2012-07-11 19:54:21 +02:00
Bernardo Damele	53ccd09ca4	now also readInput() uses colouring	2012-07-11 17:53:32 +01:00
Bernardo Damele	02ec25b4b8	code refactoring	2012-07-11 17:44:23 +01:00
Bernardo Damele	77b275f1a6	conf->kb	2012-07-11 17:32:12 +01:00
Bernardo Damele	1d2c87e24e	leftover	2012-07-11 17:22:01 +01:00
Bernardo Damele	105ac8ea77	deleted unnecessary hg file	2012-07-11 17:06:56 +01:00
Bernardo Damele	fa2f6f9a39	colourize manually crafter "logging" messages	2012-07-11 16:48:30 +01:00
Miroslav Stampar	295a7a8e5e	Another update for Issue #80	2012-07-11 16:14:20 +02:00
Miroslav Stampar	9a4f8d5f45	Fix for Issue #80	2012-07-11 16:01:25 +02:00
Bernardo Damele	0702dd70b5	verify also that the web backdoor has been successfully uploaded	2012-07-11 14:08:51 +01:00
Bernardo Damele	31571e6e2d	minor refactoring	2012-07-11 11:55:05 +01:00
Miroslav Stampar	9c4a62f725	Some work on Issue #68	2012-07-11 11:58:47 +02:00
Bernardo Damele	f219b39980	minor fix in case ctypes is not installed on Windows	2012-07-10 13:08:37 +01:00
Miroslav Stampar	8caffac4bc	conf.unescape->kb.unescape	2012-07-10 10:55:04 +02:00
Miroslav Stampar	e7f78bf04f	Fix for an issue where False value was displayed for --is.. switches	2012-07-10 10:31:14 +02:00
Bernardo Damele	ea77e7d9d1	added missing file - issue #77	2012-07-10 03:00:21 +01:00
Bernardo Damele	eb7ffb8f91	setup for implementing logging colouring - issue #77	2012-07-10 02:54:37 +01:00
Bernardo Damele	0a3899858d	missed in previous commit	2012-07-10 01:37:53 +01:00
Bernardo Damele	a27f50ed1d	added conf.unescape global variable to control whether or not the injected statements should be unescaped	2012-07-10 01:37:16 +01:00
Bernardo Damele	f645ac6040	dealing with variables in SQL procs - issue #33	2012-07-10 01:05:03 +01:00
Bernardo Damele	2527554f8e	more work on #33	2012-07-10 00:53:07 +01:00
Bernardo Damele	c4af7b9aa0	initial work for issue #33	2012-07-10 00:27:08 +01:00
Bernardo Damele	d3da3f5c52	refactoring for issue #51	2012-07-10 00:19:32 +01:00
Bernardo Damele	25eca9d671	finally got this working on MSSQL 2005: commands can now be executed as another user (BULK INSERT must be used in such case, see comments in the code) - issue #34	2012-07-09 14:26:23 +01:00
Bernardo Damele	99c5ea54f7	cleanup for #34	2012-07-09 12:39:43 +01:00
Bernardo Damele	d08a54e375	properly display the command stdout	2012-07-09 10:52:48 +01:00
Miroslav Stampar	3ff28e58b4	Update regarding Issue #52	2012-07-08 19:24:25 +02:00
Miroslav Stampar	0d539a876d	Minor fix (subversion->github)	2012-07-07 23:49:34 +02:00
Miroslav Stampar	a525dd4336	Fix for Issue #72	2012-07-07 19:02:46 +02:00
Miroslav Stampar	54e0a2d8ee	--os-shell now works perfect for inference-like techniques too	2012-07-07 17:57:06 +02:00
Miroslav Stampar	823b3d8be8	Minor language fixes	2012-07-07 11:41:52 +02:00
Miroslav Stampar	2669528b24	Language typo	2012-07-07 11:16:33 +02:00
Miroslav Stampar	58f6687194	Some refactoring (reusing xpCmdshellForgeCmd)	2012-07-07 10:51:29 +02:00
Miroslav Stampar	8620767b77	Proper fix	2012-07-07 10:38:07 +02:00
Miroslav Stampar	f00a776d8d	Minor fix for BigArray (now accepting negative indexes)	2012-07-07 10:35:29 +02:00
Miroslav Stampar	1c69eb5d30	Revert "major fix" This reverts commit `3a11fc2d9e`.	2012-07-07 10:26:13 +02:00
Bernardo Damele	3a11fc2d9e	major fix	2012-07-06 22:55:34 +01:00
Miroslav Stampar	8c871476ee	Some more refactoring	2012-07-06 17:34:40 +02:00
Miroslav Stampar	6bc0b34031	Some more refactoring	2012-07-06 17:28:01 +02:00
Miroslav Stampar	e948e4d45b	Some more refactoring	2012-07-06 17:18:22 +02:00
Miroslav Stampar	1a8ebbfd43	Minor refactoring	2012-07-06 17:05:47 +02:00
Bernardo Damele	373fea03a3	fixed display of TABs	2012-07-06 15:13:23 +01:00
Miroslav Stampar	438a636973	Fix for issue Issue #60	2012-07-06 15:36:32 +02:00
Miroslav Stampar	76f7f907c6	Minor update for Issue #61	2012-07-06 14:33:40 +02:00
Miroslav Stampar	6a05e3fd79	Fix for Issue #61	2012-07-06 14:24:44 +02:00
Miroslav Stampar	1ebff35b19	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-06 12:25:21 +02:00
Miroslav Stampar	982fcde1c0	Fix for Issue #62	2012-07-06 12:24:55 +02:00
Bernardo Damele	4fa6d51d93	improved issues link	2012-07-05 16:26:50 +01:00
Miroslav Stampar	bc5025b06c	Fix for Issue #59	2012-07-05 12:34:27 +02:00
Miroslav Stampar	c3c1b9e957	Minor restyling	2012-07-04 20:28:18 +02:00
Miroslav Stampar	7ad6697446	Fix for Issue #57	2012-07-04 20:21:44 +02:00
Miroslav Stampar	23fb753759	Finishing work on Issue #52	2012-07-03 22:13:01 +02:00
Miroslav Stampar	40fc6488bf	Fix for Issue #56 (Google has changed few things for retrieving PR)	2012-07-03 21:00:18 +02:00
Miroslav Stampar	bbf41f6658	Removing debugging leftover	2012-07-03 16:50:05 +02:00
Miroslav Stampar	ada627a022	Another update for Issue #52	2012-07-03 16:49:34 +02:00
Miroslav Stampar	70f754f6c5	Making work on Issue #52	2012-07-03 16:34:11 +02:00
Bernardo Damele	793fa464e3	website url fix	2012-07-03 13:14:39 +01:00
Miroslav Stampar	51f35674ca	Removing obsolete switch --version as version is now displayed with every run (Issue #54 )	2012-07-03 13:11:09 +02:00
Miroslav Stampar	481b46a004	Restyling output for Issue #52	2012-07-03 13:06:52 +02:00
Miroslav Stampar	6b419067b7	Another minor update for Issue #54	2012-07-03 12:49:35 +02:00
Miroslav Stampar	8b8677b938	Another minor update for Issue #54	2012-07-03 12:29:42 +02:00
Miroslav Stampar	47b6e696d8	Minor update for Issue #54	2012-07-03 12:21:40 +02:00
Miroslav Stampar	3af1532700	Implementation for Issue #54	2012-07-03 12:09:18 +02:00
Miroslav Stampar	5af6ca58a0	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-03 00:50:45 +02:00
Miroslav Stampar	168aeadf76	Adding switch --output-dir (Issue #53 )	2012-07-03 00:50:23 +02:00
Bernardo Damele	fd4cfb0cc0	working on #51	2012-07-02 15:28:19 +01:00
Bernardo Damele	7335072ab8	leftover	2012-07-02 15:11:21 +01:00
Bernardo Damele	04d803c7fd	more tweaking for issue #34 , it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)	2012-07-02 15:02:00 +01:00
Bernardo Damele	b7d2680e55	minor refactoring, issue #51	2012-07-02 12:50:26 +01:00
Miroslav Stampar	8eefe4b71f	Getting back revision number - displayed like in GitHub commits (Issue #52 )	2012-07-02 13:01:20 +02:00
Bernardo Damele	add8352804	make the runAsDBMSUser() generic and ported to abstraction.py so the same function will be used for PostgreSQL dblink() too	2012-07-02 02:14:03 +01:00
Bernardo Damele	6697927098	initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap	2012-07-02 02:04:19 +01:00
Bernardo Damele	7b4ecd9df0	added skeleton code for issue #34 , still not usable	2012-07-02 00:22:34 +01:00
Bernardo Damele	4736d46677	just in case..	2012-07-02 00:00:46 +01:00
Bernardo Damele	03d2c9c818	placeholder message when --update is provided, remove when the function is updated to pull changes from git	2012-07-01 23:59:44 +01:00
Bernardo Damele	18be319d13	hexencoding the command is much shorter than unescaping with CHAR() for MSSQL, also no need for spaces between nested comments when forging the xp_cmdshell command to run	2012-07-01 23:41:10 +01:00
Bernardo Damele	ff9e97a42c	minor code refactoring	2012-07-01 23:31:45 +01:00
Bernardo Damele	ab412da27f	I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes	2012-07-01 23:25:05 +01:00
Miroslav Stampar	d7cd55fb28	Fix for Issue #47	2012-07-01 11:05:04 +02:00
Miroslav Stampar	21d9ae0a2c	some more refactoring	2012-07-01 01:19:54 +02:00
Miroslav Stampar	f6509db31a	minor refactoring	2012-07-01 00:33:19 +02:00
Miroslav Stampar	32f52cdd04	Another language update for Issue #45	2012-06-29 10:33:54 +02:00
Miroslav Stampar	f0e39c3fae	Language update for Issue #45	2012-06-29 10:33:00 +02:00
Miroslav Stampar	c0f16f0c1a	Fix for Issue #45	2012-06-29 10:31:03 +02:00
Miroslav Stampar	e51d3a02f1	Update for Issue #43 (renamed --disable-cracking to --disable-hash)	2012-06-28 18:53:47 +02:00
Miroslav Stampar	18b596ea75	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-06-28 18:48:18 +02:00
Miroslav Stampar	c8bac658f3	Fix for Issue #43	2012-06-28 18:47:55 +02:00
Miroslav Stampar	2a72fcce2b	Fix for Issue #42	2012-06-28 13:55:30 +02:00
jekil	c39e5a85ba	Removed $id$ tags	2012-06-27 20:56:43 +02:00
Miroslav Stampar	01be9381d5	minor update	2012-06-25 16:24:33 +00:00
Miroslav Stampar	6c4bd84d18	minor fix (turning back the functionality of kb.suppressResumeInfo)	2012-06-25 16:19:51 +00:00
Miroslav Stampar	ea5d483c86	session file no more	2012-06-21 11:19:30 +00:00
Miroslav Stampar	ec44e88db8	lots of refactoring regarding removal of already obsolete session file mechanism	2012-06-21 10:09:10 +00:00
Miroslav Stampar	1e67b4f0b9	minor fix	2012-06-20 14:16:26 +00:00
Miroslav Stampar	302d782a0f	minor style update	2012-06-19 08:33:51 +00:00
Miroslav Stampar	452ef202ae	minor fixes	2012-06-17 22:48:23 +00:00
Miroslav Stampar	b9f6943a42	minor update	2012-06-17 21:23:12 +00:00
Miroslav Stampar	e2a60b302f	minor fix	2012-06-17 21:21:45 +00:00
Miroslav Stampar	3da8f86e97	minor fix	2012-06-15 21:01:27 +00:00
Miroslav Stampar	fe49abd45f	minor fix	2012-06-15 20:49:28 +00:00
Miroslav Stampar	06be7bbb18	few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)	2012-06-15 20:41:53 +00:00
Miroslav Stampar	76c873a222	minor fix	2012-06-15 06:22:44 +00:00
Miroslav Stampar	76584ff0fa	unhidding --test-filter	2012-06-14 14:36:53 +00:00
Miroslav Stampar	d2dd47fb23	some more refactoring	2012-06-14 13:52:56 +00:00
Miroslav Stampar	facce2c0df	some more cleanup	2012-06-14 13:50:36 +00:00
Miroslav Stampar	d5e80089ff	minor summer cleanup	2012-06-14 13:44:16 +00:00
Miroslav Stampar	3a90105fbb	minor refactoring	2012-06-14 13:38:53 +00:00
Miroslav Stampar	1204eb00b2	minor fix	2012-06-14 12:46:32 +00:00
Miroslav Stampar	19c0efec59	just a minor refactoring	2012-06-14 09:10:28 +00:00
Miroslav Stampar	a51d8c4c79	replacing identifier safe char " with [] enclosing for MsSQL	2012-06-13 15:27:42 +00:00
Miroslav Stampar	367de838c1	minor update	2012-06-13 14:08:32 +00:00
Miroslav Stampar	4ac3794e80	minor update	2012-06-12 14:22:14 +00:00
Miroslav Stampar	d7f698fa14	minor update	2012-06-11 22:01:13 +00:00
Miroslav Stampar	96177393e1	minor update regarding --exact switch	2012-06-10 13:38:12 +00:00
Miroslav Stampar	b85a1fc271	minor fix	2012-06-05 22:55:42 +00:00
Miroslav Stampar	058a9c59a2	fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)	2012-06-05 22:40:55 +00:00
Miroslav Stampar	f94ebe3107	minor fix (credentials were only set for the first target)	2012-06-04 22:30:12 +00:00
Miroslav Stampar	738073105e	minor updates	2012-06-04 19:52:51 +00:00
Miroslav Stampar	7b282b1d6c	adding support for newer SSL protocols	2012-06-04 19:46:28 +00:00
Miroslav Stampar	10b0639a96	making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE)	2012-06-04 09:24:46 +00:00
Miroslav Stampar	76a4aa19ac	some more fine tunning	2012-05-28 19:50:12 +00:00
Miroslav Stampar	73dba249e8	one more just in case update	2012-05-28 19:34:47 +00:00
Miroslav Stampar	efb406fbfc	minor revert	2012-05-28 19:13:50 +00:00
Miroslav Stampar	f7cba8d2cb	minor update	2012-05-28 18:05:15 +00:00
Miroslav Stampar	a72cb29c1f	taking care of few issues regarding reverse address lookup of localhost/127.0.0.1 at remote DNS server	2012-05-28 16:57:10 +00:00
Miroslav Stampar	190ae4ca13	no need for conf.timeSec value as inference is always evaluated to False in DNS (large random values used for > ...)	2012-05-28 15:10:17 +00:00
Miroslav Stampar	89e90c3d84	revert of last commit	2012-05-28 15:01:56 +00:00
Miroslav Stampar	96c84e6e5b	minor update	2012-05-28 15:00:06 +00:00
Miroslav Stampar	a70a647aeb	few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...)	2012-05-28 14:51:23 +00:00
Miroslav Stampar	b1d82422a0	changing conf.dnsDomain to conf.dName just because of long text problems in help listing	2012-05-28 14:15:04 +00:00
Miroslav Stampar	d2bbfa4aad	minor style update	2012-05-28 14:04:17 +00:00
Miroslav Stampar	226547b7dc	minor fix for --skip-urlencode and custom post	2012-05-28 09:04:25 +00:00
Miroslav Stampar	75dd1d6a2b	minor fix	2012-05-27 21:54:56 +00:00
Miroslav Stampar	e967bbd70f	minor patch	2012-05-27 21:44:42 +00:00
Miroslav Stampar	76eeba10e2	unhiding --dns-domain switch	2012-05-27 18:41:06 +00:00
Miroslav Stampar	fed0212631	now working with recursive queries too	2012-05-27 10:03:02 +00:00
Miroslav Stampar	71ff081fde	minor update	2012-05-27 09:11:19 +00:00
Miroslav Stampar	09f2144485	full page read is not needed in DNS exfiltration mode	2012-05-26 21:28:43 +00:00
Miroslav Stampar	4e6fcce9ca	minor update	2012-05-26 07:04:32 +00:00
Miroslav Stampar	ce077137c9	minor language update	2012-05-26 07:01:37 +00:00
Miroslav Stampar	d335ec0c34	turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars	2012-05-26 07:00:26 +00:00
Miroslav Stampar	00d22f013f	some consistency in variable naming at the file level	2012-05-25 10:08:55 +00:00
Miroslav Stampar	db526bdbc0	minor update (tainted values are not checked any more in multipleTargets mode)	2012-05-25 09:52:17 +00:00
Miroslav Stampar	dc20bff1d0	minor update	2012-05-25 08:30:24 +00:00
Miroslav Stampar	c394610740	adding switch --skip-urlencode to skip URL encoding of POST data	2012-05-24 23:30:33 +00:00
Miroslav Stampar	7657bbeaf9	minor update	2012-05-24 22:32:06 +00:00
Miroslav Stampar	86fdad2bfa	minor update	2012-05-24 22:07:50 +00:00
Miroslav Stampar	eed8d7eb5d	finalizing support for IPv6	2012-05-24 21:55:57 +00:00
Miroslav Stampar	b6d37d766a	minor update regarding IPv6 support	2012-05-24 21:49:20 +00:00
Miroslav Stampar	92286104e3	minor just in case update	2012-05-24 21:39:10 +00:00
Miroslav Stampar	3e9c57d177	minor fix	2012-05-24 21:36:35 +00:00
Miroslav Stampar	be76928293	minor fix	2012-05-24 20:53:01 +00:00
Miroslav Stampar	1e18168cc8	fix for one silent bug and small language update	2012-05-23 16:35:40 +00:00
Miroslav Stampar	2538e2d5b4	fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring	2012-05-22 09:33:22 +00:00
Miroslav Stampar	2c057d5b3d	minor style update	2012-05-21 22:40:52 +00:00
Miroslav Stampar	bbfa4b6d5d	minor update	2012-05-14 14:38:16 +00:00
Miroslav Stampar	333f8057a5	minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces	2012-05-14 14:06:43 +00:00
Miroslav Stampar	595f69fa2c	minor language update	2012-05-10 18:30:25 +00:00
Miroslav Stampar	35f400b45b	minor language upgrade	2012-05-10 18:25:12 +00:00
Miroslav Stampar	80aedbe284	adding a warning about --tor switch	2012-05-10 18:17:32 +00:00
Miroslav Stampar	b81fe42d4b	turning off null connection on -o when --tor used (not compatible)	2012-05-10 17:50:54 +00:00
Miroslav Stampar	efdd86ddcc	minor just in case patch	2012-05-10 14:22:34 +00:00
Miroslav Stampar	6367f59b98	minor code refactoring	2012-05-10 14:15:17 +00:00
Miroslav Stampar	12d32f58f2	fix for that SOAP reported bug	2012-05-10 13:39:54 +00:00
Miroslav Stampar	1418ae9767	little refactoring of parseUnionPage together with a patch for some special case	2012-05-09 18:47:40 +00:00
Miroslav Stampar	7fb1f3fc70	minor renaming	2012-05-09 18:26:02 +00:00
Miroslav Stampar	11d9859199	making nice code	2012-05-09 18:25:04 +00:00
Miroslav Stampar	b0a8238774	minor fixes	2012-05-09 14:58:16 +00:00
Miroslav Stampar	9fa3619262	minor fix	2012-05-09 14:00:07 +00:00
Miroslav Stampar	56a3431be6	minor update for empty tables (skipping other techniques)	2012-05-09 10:34:21 +00:00
Miroslav Stampar	6177317a17	minor update	2012-05-09 10:06:23 +00:00
Miroslav Stampar	37f2709197	making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)	2012-05-09 09:08:23 +00:00
Miroslav Stampar	fdf61015ad	minor patch	2012-05-09 08:41:05 +00:00
Miroslav Stampar	e419177871	minor update	2012-05-08 17:28:19 +00:00
Miroslav Stampar	deec97dfe3	adding Frontbase to error message regexes	2012-05-08 17:02:58 +00:00
Miroslav Stampar	eccd4da00f	minor fix	2012-05-08 15:03:33 +00:00
Miroslav Stampar	938d9ff23e	doing all the work for the users so they wouldn't strain their little hands	2012-05-08 15:00:23 +00:00
Miroslav Stampar	524dd75ff2	that query variable hasn't been used anywhere (obsolete for some time)	2012-05-08 14:34:40 +00:00
Miroslav Stampar	6af110d631	avoiding --no-cast/--hex warning message before a DBMS is fingerprinted	2012-05-08 14:06:41 +00:00
Miroslav Stampar	64c241fe92	limiting original UNION query results to only 1 result (potentially speeding things up in some cases)	2012-05-08 13:45:53 +00:00
Miroslav Stampar	e00f4a8934	minor cosmetics	2012-05-08 10:50:04 +00:00
Miroslav Stampar	a121339395	automatically writing uncracked hashes to a file for eventual further processing	2012-05-08 10:46:05 +00:00
Miroslav Stampar	80ee687b41	minor beauty patch	2012-05-07 13:51:31 +00:00
Miroslav Stampar	96299d3d5d	minor refactoring	2012-05-03 22:34:18 +00:00
Miroslav Stampar	cc28f6db6b	minor update	2012-05-01 20:43:16 +00:00
Miroslav Stampar	17efeaae7f	causing too much confusion among dummy users	2012-05-01 09:04:11 +00:00
Miroslav Stampar	694b14111f	skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set)	2012-04-27 13:16:51 +00:00
Miroslav Stampar	6f67dc85ee	adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical	2012-04-25 20:29:07 +00:00
Bernardo Damele	4da03d898e	Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too. Fixes #236	2012-04-25 07:40:42 +00:00
Miroslav Stampar	cec432f94d	minor update	2012-04-23 14:43:59 +00:00
Miroslav Stampar	697768c01a	adding --purge-output to be one of mandatory switches	2012-04-23 14:42:24 +00:00
Miroslav Stampar	d57d5e4b2c	minor update	2012-04-23 14:33:36 +00:00
Miroslav Stampar	1eecfb3dce	adding new file related to the last commit	2012-04-23 14:25:16 +00:00
Miroslav Stampar	095b25e1d1	adding option '--purge'	2012-04-23 14:24:23 +00:00
Miroslav Stampar	3532d23933	automatically extending ranges for UNION tests in case where at least one other injection technique is usable (boundaries has been established)	2012-04-23 13:41:36 +00:00
Miroslav Stampar	be2da77bf8	minor update	2012-04-23 10:15:04 +00:00
Miroslav Stampar	21c6b52198	minor fix	2012-04-23 10:11:00 +00:00
Miroslav Stampar	775134639d	minor update	2012-04-20 20:33:15 +00:00
Miroslav Stampar	2b1b4c0742	minor fix	2012-04-18 10:01:04 +00:00
Miroslav Stampar	6ebb621228	adding support for (custom) POST injection (marking injection point with '*' in conf.data)	2012-04-17 14:23:00 +00:00
Miroslav Stampar	efd27d7ade	minor renaming	2012-04-17 08:41:19 +00:00
Miroslav Stampar	601d118c68	reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types)	2012-04-15 16:59:03 +00:00
Miroslav Stampar	71b0acc16f	minor fix (checking for full inband should be done with ORIGINAL - more concise)	2012-04-15 16:43:18 +00:00
Miroslav Stampar	5772c52f46	minor refactoring/fix (randQuery is just a part (e.g. abc) of phrase (def🔤ghi) - phrase should be searched for, not just randQuery); both phrases should be inside the content for it to be full-inband injectable (...UNION ALL SELECT phrase UNION ALL SELECT phrase2....)	2012-04-15 16:33:47 +00:00
Miroslav Stampar	ae8c70e895	another cosmetics	2012-04-13 15:11:44 +00:00
Miroslav Stampar	d765cdc3a3	minor cosmetics	2012-04-13 15:10:40 +00:00
Miroslav Stampar	54576ab3a6	making a random choice from candidates	2012-04-13 10:54:30 +00:00
Miroslav Stampar	bbbcc95fe5	use it only if page is stable	2012-04-13 10:19:26 +00:00
Miroslav Stampar	052d9455fe	warning user in cases of "User xyz already has more than 'max_user_connections' active connections"	2012-04-12 09:44:54 +00:00
Miroslav Stampar	831f79b851	minor generalization	2012-04-12 09:30:19 +00:00
Miroslav Stampar	c7422546e1	tiny update	2012-04-11 23:01:38 +00:00
Miroslav Stampar	2bad73a981	minor update	2012-04-11 21:48:44 +00:00
Miroslav Stampar	e195de2093	correcting comment on reflective removal function	2012-04-11 21:41:48 +00:00
Miroslav Stampar	b45ae10da4	minor fixes	2012-04-11 21:36:37 +00:00
Miroslav Stampar	627bfc589f	some more updates in reflective removal mechanism	2012-04-11 21:26:00 +00:00
Miroslav Stampar	8b130f6497	minor improvement for reflective values (when missing first part of payload like in error reports)	2012-04-11 15:01:28 +00:00
Miroslav Stampar	01bd5d0ab2	some more updates for reflective mechanism	2012-04-11 10:41:33 +00:00
Miroslav Stampar	2e92d8636e	improvement of reflective mechanism	2012-04-11 08:58:03 +00:00
Miroslav Stampar	60ca44e0cf	minor adjustment	2012-04-11 08:35:09 +00:00
Miroslav Stampar	e33ea7c33a	minor fix	2012-04-10 22:29:39 +00:00
Miroslav Stampar	8541222080	minor update	2012-04-10 22:26:42 +00:00
Miroslav Stampar	9c2f244d47	minor fix	2012-04-10 22:20:53 +00:00
Miroslav Stampar	a82206cec4	minor cosmetics	2012-04-10 21:57:00 +00:00
Miroslav Stampar	119eec3598	improving "boolean detection" by automatic recognition of convenient --string candidate	2012-04-10 21:48:34 +00:00
Miroslav Stampar	8c6eb4faa9	adding support for PgSQL DNS data exfiltration	2012-04-07 14:06:11 +00:00
Miroslav Stampar	b2afa87e48	reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)	2012-04-06 08:42:36 +00:00
Miroslav Stampar	2223c884e5	minor refactoring	2012-04-05 12:55:26 +00:00
Miroslav Stampar	02924eb345	minor update	2012-04-04 23:47:06 +00:00
Miroslav Stampar	e0994947e2	minor update	2012-04-04 23:37:50 +00:00
Miroslav Stampar	b1dd03731a	minor cosmetics	2012-04-04 23:34:08 +00:00
Miroslav Stampar	83387d92bb	minor bug fix	2012-04-04 23:32:20 +00:00
Miroslav Stampar	c89a4162e2	bug fix for --dns-domain with --technique=TS	2012-04-04 18:01:39 +00:00
Miroslav Stampar	098c7c06dd	added few comments	2012-04-04 13:24:58 +00:00
Miroslav Stampar	a5b69eaea4	removing unused imports	2012-04-04 13:18:14 +00:00
Bernardo Damele	52796bb4da	revert	2012-04-04 13:02:50 +00:00
Miroslav Stampar	a4b95ab7dd	works against MySQL/Windows	2012-04-04 12:49:45 +00:00
Bernardo Damele	a1d97e9d7b	Add a space after a comment	2012-04-04 12:48:21 +00:00
Bernardo Damele	025c531d22	leftover	2012-04-04 12:44:25 +00:00
Bernardo Damele	c0946ce2c9	Minor refactoring	2012-04-04 12:42:58 +00:00
Bernardo Damele	75d1dab895	more cosmetics	2012-04-04 12:33:16 +00:00
Bernardo Damele	d106fb5184	layout adjustments	2012-04-04 12:27:24 +00:00
Miroslav Stampar	1b2cd44255	proper fix	2012-04-04 10:35:52 +00:00
Miroslav Stampar	7031ef8e00	removing default values for referer and host from higher level/risk options	2012-04-04 10:34:27 +00:00
Miroslav Stampar	5e358b51f9	few fixes related to bug report by Shadow Folder (AttributeError: 'list' object has no attribute 'isdigit')	2012-04-04 09:25:05 +00:00
Miroslav Stampar	5851badff1	minor refactoring	2012-04-03 14:46:09 +00:00
Miroslav Stampar	b0787f193c	getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)	2012-04-03 14:34:15 +00:00
Miroslav Stampar	556b349be3	minor fix for retrieving non-printable chars in inference and non-multi threading mode	2012-04-03 14:04:07 +00:00
Miroslav Stampar	33bb9c5f19	much cleaner approach in that "flat" representation of retrieved items in union technique	2012-04-03 13:56:11 +00:00
Miroslav Stampar	7fb190f3b1	minor fix	2012-04-03 12:35:19 +00:00
Miroslav Stampar	886aa22efc	minor update	2012-04-03 12:19:37 +00:00
Miroslav Stampar	503988887c	minor update	2012-04-03 10:43:46 +00:00
Miroslav Stampar	78f51fd2e5	minor fix	2012-04-03 10:18:03 +00:00
Miroslav Stampar	2504f4edb8	minor fixes	2012-04-03 10:10:33 +00:00
Miroslav Stampar	e05109812f	minor improvements regarding data retrieval through DNS channel	2012-04-03 09:18:30 +00:00
Miroslav Stampar	5f94987b0f	fix for DNS method for MSSQL	2012-04-02 17:28:18 +00:00
Miroslav Stampar	2c28423cb8	minor update	2012-04-02 14:57:15 +00:00
Miroslav Stampar	8a9d09f79b	minor fixes	2012-04-02 14:11:23 +00:00
Miroslav Stampar	1cd3c3f7af	further update of DNS data retrieval mechanism through SQLi	2012-04-02 14:05:30 +00:00
Miroslav Stampar	1e01203562	few just in case "patches"	2012-04-02 12:58:10 +00:00
Miroslav Stampar	d908d078dd	minor fix	2012-04-02 12:27:30 +00:00
Miroslav Stampar	abffc39929	minor update regarding DNS data retrieval task	2012-04-02 12:22:40 +00:00
Miroslav Stampar	f7a664b120	enablind DNS server for DNS data exfiltration	2012-03-31 12:08:27 +00:00
Miroslav Stampar	8be9cd4ac4	bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)	2012-03-31 10:22:50 +00:00
Miroslav Stampar	429b8396e9	minor update for DNSServer support	2012-03-30 13:20:29 +00:00
Miroslav Stampar	56638f9e95	making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection	2012-03-30 10:50:01 +00:00
Miroslav Stampar	79c3d6f2aa	minor update	2012-03-30 10:37:46 +00:00
Miroslav Stampar	6acf6b193a	minor update regarding boolean logic comparison mechanism	2012-03-30 09:42:58 +00:00
Miroslav Stampar	5469186540	minor comment update	2012-03-29 14:35:47 +00:00
Miroslav Stampar	637a8d8273	improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism	2012-03-29 14:33:27 +00:00
Miroslav Stampar	ce4c697bbd	disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code	2012-03-29 13:39:12 +00:00
Miroslav Stampar	772ead8d03	fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values	2012-03-29 12:44:20 +00:00
Miroslav Stampar	c9cac957bb	adding one more case for false positive check (Generic tests without any DBMS knowledge)	2012-03-29 09:56:09 +00:00
Miroslav Stampar	60146481af	bug fix(es) (flags were used in place of count parameter in re.sub() calls)	2012-03-28 19:33:00 +00:00
Miroslav Stampar	9433bbe26d	memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)	2012-03-28 19:27:12 +00:00
Miroslav Stampar	7d131d1fb1	minor update	2012-03-28 13:46:31 +00:00
Miroslav Stampar	7fd64df167	minor code cleaning	2012-03-28 13:31:07 +00:00
Miroslav Stampar	769b0d0ae7	more minor updates regarding data retrieval through DNS channel	2012-03-27 19:29:24 +00:00
Miroslav Stampar	1b072f6415	laying foundation for DNS based data retrieval	2012-03-27 18:59:12 +00:00
Miroslav Stampar	3abcd6910a	strange combination of "Set-Cookie" and interleaved pattern of True/False like responses can result in bypassing of the ABAB test	2012-03-22 00:06:50 +00:00
Miroslav Stampar	e88687b1f0	revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection)	2012-03-21 23:15:59 +00:00
Miroslav Stampar	524c1d38ad	making default redirect choice to NO (making fewer requests by default and in lots of cases clearer pages for comparison - original page vs redirect message)	2012-03-21 23:03:57 +00:00
Miroslav Stampar	11132ba993	fix for a bug in reflection removal mechanism	2012-03-19 14:28:18 +00:00
Miroslav Stampar	8e7d360ea2	cleaner refactoring regarding last commit	2012-03-19 12:03:25 +00:00
Miroslav Stampar	401763b6f8	minor fix (it has to be level 1 array like it was with the previous re.findall mechanism)	2012-03-19 12:00:22 +00:00
Miroslav Stampar	037db9b3b8	minor removal of older stuff	2012-03-19 09:38:27 +00:00
Miroslav Stampar	da7f4eeffd	removing left over	2012-03-18 17:33:14 +00:00
Miroslav Stampar	0fc4288a7c	modifying redirection code for only two choices	2012-03-18 17:27:08 +00:00
Bernardo Damele	c03d0e24fb	it must stay as is	2012-03-16 17:42:00 +00:00
Bernardo Damele	3505503a08	no need to return here	2012-03-16 17:30:16 +00:00
Bernardo Damele	942d9e4fa8	code cleanup	2012-03-16 17:27:24 +00:00
Bernardo Damele	a1c943fc79	Major bug fix to comparison algorithm with OR based boolean-based injections	2012-03-16 17:22:55 +00:00
Miroslav Stampar	d66056fe39	one more related commit	2012-03-16 13:16:53 +00:00
Miroslav Stampar	ac02a2d92c	minor fix	2012-03-16 13:14:14 +00:00
Miroslav Stampar	cbdcbdd786	minor minor update	2012-03-16 11:18:18 +00:00
Miroslav Stampar	b130a9e14e	minor fix (writing to HashDB on any interrupt)	2012-03-16 10:15:43 +00:00
Miroslav Stampar	577caac4de	putting kb.negativeLogic setting to the safe place	2012-03-16 09:17:11 +00:00
Miroslav Stampar	209e795369	minor just in case update	2012-03-16 09:02:17 +00:00
Miroslav Stampar	adb5fff6b2	one more update related to the redirection mechanism	2012-03-15 20:17:40 +00:00
Miroslav Stampar	7d313ac911	few more fixes for proper redirecting mechanism	2012-03-15 19:47:59 +00:00
Bernardo Damele	86c4650058	Minor bug fix - revert	2012-03-15 17:12:24 +00:00
Bernardo Damele	cc15373769	More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later)	2012-03-15 16:29:28 +00:00
Bernardo Damele	4520744b4d	second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now	2012-03-15 16:25:26 +00:00
Miroslav Stampar	ddd92476a8	minor fix	2012-03-15 15:58:25 +00:00
Miroslav Stampar	19beb912fa	first step toward negative logic support	2012-03-15 15:52:12 +00:00
Miroslav Stampar	8dd570057b	minor fix (double traffic log for -t in case of HTTP error)	2012-03-15 14:51:16 +00:00
Miroslav Stampar	f7df755f37	minor update	2012-03-15 12:55:22 +00:00
Miroslav Stampar	3d39c6cb3b	some fixes here and there	2012-03-15 12:14:50 +00:00
Miroslav Stampar	3d9b1599d1	minor update	2012-03-15 11:45:32 +00:00
Miroslav Stampar	91f1d6141f	minor fix	2012-03-15 11:24:55 +00:00
Miroslav Stampar	a8c9a47092	redirect logic rewritten from scratch	2012-03-15 11:10:58 +00:00
Bernardo Damele	890bf708bc	Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)	2012-03-15 00:19:57 +00:00
Bernardo Damele	1e71b24dca	More info messages to prove xp_cmdshell (and temporary directory choosen) worked	2012-03-14 22:41:53 +00:00
Miroslav Stampar	52a8b25ff4	minor fix	2012-03-14 14:31:41 +00:00
Miroslav Stampar	ca0d068575	distinguishing NULL from BLANK	2012-03-14 13:52:23 +00:00
Miroslav Stampar	e38b59a2ae	minor update	2012-03-14 13:16:49 +00:00
Miroslav Stampar	cee9ff7885	proper parsing of content in partial union technique	2012-03-14 11:23:30 +00:00
Miroslav Stampar	61ad3b999a	fix for a crash with partial union and --hex	2012-03-14 10:31:24 +00:00
Miroslav Stampar	a7fbc55748	grammar fix	2012-03-13 22:03:23 +00:00
Miroslav Stampar	edfcddd3c3	minor fix for logging only cookies used by request (e.g. --load-cookies case)	2012-03-13 10:58:15 +00:00
Miroslav Stampar	34b0935cb3	refactoring "echo 1" quick test for xp_cmdshell console output	2012-03-13 10:36:49 +00:00
Miroslav Stampar	e827f41cdb	using pickle HIGHEST_PROTOCOL just in case	2012-03-13 09:35:37 +00:00
Miroslav Stampar	e6c610abab	minor fix	2012-03-13 09:14:56 +00:00
Miroslav Stampar	cda8815634	introducing safe deprecation mechanism for HashDB versioning	2012-03-12 22:55:57 +00:00
Miroslav Stampar	48bcde478e	more general update	2012-03-12 15:29:55 +00:00
Miroslav Stampar	1d0c8a7f44	minor update	2012-03-12 15:19:02 +00:00
Miroslav Stampar	6ed1b04bbe	minor update	2012-03-12 13:27:07 +00:00
Miroslav Stampar	c878dd3e5a	doing a dummy test for --os-shell in case of xp_cmdshell	2012-03-09 14:21:41 +00:00
Miroslav Stampar	a0b46963cb	minor fix for some special "unusable" cases (seen on Access/ODBC/Linux setup)	2012-03-09 10:28:19 +00:00
Miroslav Stampar	5a83f1c5f7	minor update	2012-03-08 15:43:22 +00:00
Bernardo Damele	c79807f5fb	Minor layout adjustments	2012-03-08 15:11:24 +00:00
Miroslav Stampar	775e424bf2	bug fix for using --no-cast and --hex switches together	2012-03-08 15:04:52 +00:00
Miroslav Stampar	11c7cc5224	minor temporary fix	2012-03-08 11:08:43 +00:00
Miroslav Stampar	98a3e43f53	bug fix for writing raw pickled data into SQLite HashDB	2012-03-08 10:57:47 +00:00
Miroslav Stampar	cd28eb6544	minor update regarding --load-cookies	2012-03-08 10:19:34 +00:00
Miroslav Stampar	2c87d061e9	minor update	2012-03-08 10:03:59 +00:00
Miroslav Stampar	9ca8bc4d51	minor bug fix	2012-03-08 09:52:33 +00:00
Miroslav Stampar	b4cf8b05b3	added switch --load-cookies	2012-03-07 14:48:45 +00:00
Miroslav Stampar	4cfea96471	minor update	2012-03-05 09:56:48 +00:00
Miroslav Stampar	0ead1fd87e	minor update	2012-03-05 09:42:52 +00:00
Miroslav Stampar	ac5a752b12	Oracle's XMLType doesn't like '#' char too	2012-03-01 11:59:37 +00:00
Miroslav Stampar	f4e410db16	minor fix	2012-03-01 10:17:39 +00:00
Miroslav Stampar	1ec56f93ec	minor update	2012-03-01 10:10:19 +00:00
Miroslav Stampar	2d3c12d2d0	shorter single line info	2012-03-01 09:10:24 +00:00
Miroslav Stampar	37db27b720	turning back on automatic adjusting of delays in time based queries	2012-02-29 15:51:23 +00:00
Miroslav Stampar	0205d96d7b	minor fix	2012-02-29 15:38:01 +00:00
Miroslav Stampar	1bdc07c279	minor update	2012-02-29 15:02:24 +00:00
Miroslav Stampar	8b9c5c66cc	code refactoring regarding charsetType inside inference/bisection	2012-02-29 14:36:23 +00:00
Miroslav Stampar	f6f98f1b41	minor improvement	2012-02-29 14:19:59 +00:00
Miroslav Stampar	d06182347f	fixing few potential problems	2012-02-29 13:56:40 +00:00
Miroslav Stampar	f142c0f782	minor update	2012-02-28 14:04:13 +00:00
Miroslav Stampar	22b3fa0749	minor update	2012-02-27 15:28:36 +00:00
Miroslav Stampar	a9bf0297f6	moving injection data to HashDB	2012-02-27 13:44:07 +00:00
Miroslav Stampar	68e08d2749	minor fix for not displaying 'None' but None in enumeration when data unavailable	2012-02-27 13:15:10 +00:00
Miroslav Stampar	a424de3102	minor fix	2012-02-27 12:55:28 +00:00
Miroslav Stampar	1e82405bb9	HashDB is now supported in -d too	2012-02-27 12:14:01 +00:00
Miroslav Stampar	3909658fc2	few minor just in case updates	2012-02-27 11:15:53 +00:00
Miroslav Stampar	85125018a1	minor bug fix	2012-02-25 22:54:32 +00:00
Miroslav Stampar	5d307cf886	minor update	2012-02-25 10:54:39 +00:00
Miroslav Stampar	06ab3fa134	minor update	2012-02-25 10:53:38 +00:00
Miroslav Stampar	74b19a0386	minor update	2012-02-25 10:43:10 +00:00
Miroslav Stampar	5b67af3b20	minor update	2012-02-24 15:03:39 +00:00
Miroslav Stampar	8a203ef79d	making session data strictly dependent on url through HashDB helper functions	2012-02-24 14:58:24 +00:00
Miroslav Stampar	c36cbbb3ae	minor fix	2012-02-24 14:54:10 +00:00
Miroslav Stampar	9d6fd2e507	bug fix for --schema --technique=BST	2012-02-24 14:12:19 +00:00
Miroslav Stampar	f94b91ad87	added helper function for HashDB data storing/retrieval	2012-02-24 13:07:20 +00:00
Miroslav Stampar	b481c0352f	minor update	2012-02-24 11:25:56 +00:00
Miroslav Stampar	1f6ce265b9	minor fix	2012-02-24 11:05:04 +00:00
Miroslav Stampar	5afbd52b61	more update related to last commits	2012-02-24 10:57:23 +00:00
Miroslav Stampar	570d3a19c2	more general fix	2012-02-24 10:53:28 +00:00
Miroslav Stampar	e8352e504f	fixing problems with chars deletition by logging messages in inference mode	2012-02-24 10:48:19 +00:00
Miroslav Stampar	71028a81f5	fix for proper retrieval of columns in SQLite	2012-02-24 09:55:13 +00:00
Miroslav Stampar	7941504c3a	minor update	2012-02-23 15:32:36 +00:00
Miroslav Stampar	0478e4166a	minor justin case fix	2012-02-23 15:19:20 +00:00
Miroslav Stampar	086c3a3662	minor fix	2012-02-23 13:31:50 +00:00
Miroslav Stampar	6e54cb171f	minor code restyling	2012-02-22 15:53:36 +00:00
Miroslav Stampar	61a25418a9	minor update	2012-02-22 10:45:10 +00:00
Miroslav Stampar	b3bd4144f5	removing of unused imports together with some general code refactoring	2012-02-22 10:40:11 +00:00
Miroslav Stampar	386e98a0e3	using UNION SELECT for where=..NEGATIVE	2012-02-22 09:41:58 +00:00
Miroslav Stampar	c9d570c83b	minor update	2012-02-21 13:49:30 +00:00
Miroslav Stampar	686eacda9a	minor update regarding --hex	2012-02-21 13:38:18 +00:00
Miroslav Stampar	bcf3255fe1	implementation of switch --hex for 4 major DBMSes	2012-02-21 11:44:48 +00:00
Miroslav Stampar	3e4db6d140	minor fix for Python v2.6	2012-02-20 19:35:57 +00:00
Miroslav Stampar	bc4dd7c0dd	fix for -g	2012-02-20 10:02:19 +00:00
Bernardo Damele	121148f27f	There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests. Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table. Minor fix also to threat MSSQL's EXEC statements as SELECT ones	2012-02-17 15:54:49 +00:00
Miroslav Stampar	aee269cc14	gazillion changes, nothing will work, muhahaha	2012-02-17 14:22:48 +00:00
Miroslav Stampar	dcf7277a0f	some more refactorings	2012-02-16 14:42:28 +00:00
Miroslav Stampar	6632aa7308	some more refactoring	2012-02-16 13:46:01 +00:00
Miroslav Stampar	844fc8addb	minor cleanup	2012-02-16 10:19:36 +00:00
Miroslav Stampar	0e23521adc	some more refactoring	2012-02-16 09:54:29 +00:00
Miroslav Stampar	e1f86c97c4	minor refactoring	2012-02-16 09:46:41 +00:00
Miroslav Stampar	bcf9fc6c6f	minor refactoring	2012-02-16 09:32:47 +00:00
Miroslav Stampar	8d7912ad34	minor update and refactoring	2012-02-15 14:05:50 +00:00
Miroslav Stampar	bf923a97df	minor update	2012-02-15 13:45:10 +00:00
Miroslav Stampar	122db6e164	minor update	2012-02-15 13:24:02 +00:00
Miroslav Stampar	9059d30312	adding first code example for SPL snippets	2012-02-15 13:17:01 +00:00
Miroslav Stampar	edeb4b6113	bug fix for --os-shell on Windows (echo ... > requires double quotes if the piped filename contains whitespace, otherwise doesn't hurt)	2012-02-15 11:14:01 +00:00
Miroslav Stampar	35fa214a1e	minor update (it was working before too, but this is cleaner)	2012-02-15 10:14:29 +00:00
Bernardo Damele	1c44d6d3c7	Fixed annoying bug that prevented proper checkBooleanExpression() function to work with direct connection (-d). Now DBMS fingerprint should work properly with -d	2012-02-14 17:29:00 +00:00
Miroslav Stampar	23cc8b6974	minor fix for special cases when parameter value contains html encoded characters	2012-02-14 14:08:10 +00:00
Miroslav Stampar	c1ab02494c	minor grammar and cosmetics	2012-02-14 13:18:37 +00:00
Miroslav Stampar	bb5113980b	minor update	2012-02-14 10:27:56 +00:00
Miroslav Stampar	3f15c52188	minor change in workflow for "tainted" parameter values	2012-02-14 09:26:52 +00:00
Miroslav Stampar	2604e73d88	minor change in workflow	2012-02-13 11:18:47 +00:00
Miroslav Stampar	96f589fc89	minor fix	2012-02-12 19:22:33 +00:00
Miroslav Stampar	8a2bd3897d	minor output fix	2012-02-12 19:11:54 +00:00
Miroslav Stampar	c1368053e5	minor fix	2012-02-12 18:46:25 +00:00
Miroslav Stampar	249cb48b0b	minor fix	2012-02-10 15:59:11 +00:00
Miroslav Stampar	6be95194a7	matter of concision	2012-02-10 15:37:43 +00:00
Miroslav Stampar	eab7a54e03	cosmetics	2012-02-10 15:34:04 +00:00
Miroslav Stampar	92590d0d59	minor fix	2012-02-10 15:26:55 +00:00
Miroslav Stampar	e36e9de57e	minor update by request	2012-02-10 15:12:23 +00:00
Miroslav Stampar	b140ef4a14	minor update (preparing for switching to HashDB from old sessionFile)	2012-02-10 10:24:48 +00:00
Miroslav Stampar	980367b7b2	minor update	2012-02-09 09:48:47 +00:00
Miroslav Stampar	7e9e582eca	minor update	2012-02-08 14:23:57 +00:00
Miroslav Stampar	2662fe84f7	minor update	2012-02-08 12:02:50 +00:00
Miroslav Stampar	85a4ef6593	minor update	2012-02-08 12:00:03 +00:00
Miroslav Stampar	93d7d6c355	minor patch	2012-02-08 10:38:58 +00:00
Miroslav Stampar	6bedb80ffa	adding --force-ssl switch (most useful in combination with -r)	2012-02-08 09:11:57 +00:00
Miroslav Stampar	e50d64546f	minor fix	2012-02-07 14:57:48 +00:00
Miroslav Stampar	2b05ded9c3	just a makeup	2012-02-07 12:05:23 +00:00
Miroslav Stampar	b4f4a982e4	minor update	2012-02-07 11:37:54 +00:00
Miroslav Stampar	11af0b1bbc	minor fix	2012-02-07 11:16:03 +00:00
Miroslav Stampar	f7bf1fbe94	upgrade/fixes for direct DBMS access	2012-02-07 10:46:55 +00:00
Miroslav Stampar	af71e3c563	minor update	2012-02-06 09:48:44 +00:00
Miroslav Stampar	8c45ff0d57	bug fix	2012-02-03 10:38:04 +00:00
Bernardo Damele	c0f4b4632d	Minor fix	2012-02-02 12:55:39 +00:00
Miroslav Stampar	a7970d094a	minor update	2012-02-01 15:10:06 +00:00
Miroslav Stampar	e56309f3b1	minor makeup update	2012-02-01 15:04:56 +00:00
Miroslav Stampar	8405ef59ac	some estetic updates	2012-02-01 14:49:42 +00:00
Miroslav Stampar	f4e7bf1d51	minor update regarding support for Unicode characters in Oracle	2012-02-01 14:17:27 +00:00
Miroslav Stampar	df43157284	minor patch	2012-02-01 12:28:06 +00:00
Miroslav Stampar	2ee198a381	minor "patch"	2012-02-01 11:00:01 +00:00
Miroslav Stampar	2589521ecf	fix of a wrong assumption (e.g. decodeIntToUnicode(12345) has been returning a "09" instead of a single unicode character)	2012-02-01 10:38:43 +00:00
Miroslav Stampar	4d9dcbf5db	minor fix	2012-02-01 10:14:23 +00:00
Miroslav Stampar	46f42f2fe4	minor fix	2012-01-30 13:10:35 +00:00
Miroslav Stampar	f2857e38ba	minor update	2012-01-30 10:19:03 +00:00
Miroslav Stampar	594579bef4	fix for a bug regarding --cookie and --crawl	2012-01-30 09:17:22 +00:00
Miroslav Stampar	2094c715db	minor update	2012-01-23 09:44:17 +00:00
Miroslav Stampar	9e5cf70a5a	minor fix	2012-01-20 11:13:25 +00:00
Miroslav Stampar	9eee6c252d	minor update for --scope	2012-01-16 10:28:21 +00:00
Miroslav Stampar	527ce070a3	minor fix	2012-01-16 10:04:18 +00:00
Miroslav Stampar	b2dad63000	some more refactoring	2012-01-13 22:00:34 +00:00
Miroslav Stampar	e5fe029a78	minor beautification	2012-01-13 21:03:50 +00:00
Miroslav Stampar	6634c4ac20	minor update	2012-01-13 21:01:58 +00:00
Miroslav Stampar	23117e72ca	minor improvement	2012-01-13 20:56:06 +00:00
Bernardo Damele	0043336620	Minor fix and removed leftover debug message	2012-01-13 17:04:59 +00:00
Bernardo Damele	e59ace5409	minor bug fix	2012-01-13 16:57:45 +00:00
Bernardo Damele	b03f91437b	Minor code refactoring	2012-01-13 16:49:52 +00:00
Miroslav Stampar	337973df77	reverting last 2 commits (better solution was the original one)	2012-01-13 15:58:47 +00:00
Miroslav Stampar	1f53ff0633	minor update regarding last commit	2012-01-13 15:56:50 +00:00
Miroslav Stampar	ff96c537a9	minor update for multithreaded mode	2012-01-13 15:50:38 +00:00
Bernardo Damele	7e560eec1f	Minor fix	2012-01-13 12:54:45 +00:00
Miroslav Stampar	dd295bbd4a	minor update regarding -d and time based injections	2012-01-13 12:45:02 +00:00
Miroslav Stampar	04686b83e3	minor update	2012-01-13 11:16:26 +00:00
Miroslav Stampar	305371b7a9	minor update	2012-01-12 14:58:23 +00:00
Miroslav Stampar	95f89ab63a	updating copyright date	2012-01-11 14:59:46 +00:00
Miroslav Stampar	1d0b43b1a2	implemented mechanism for merging cookies by request	2012-01-11 14:28:08 +00:00
Miroslav Stampar	ff52931140	some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)	2012-01-07 19:30:35 +00:00
Miroslav Stampar	18930539cd	more concise language	2012-01-07 17:45:45 +00:00

... 29 30 31 32 33 ...

5565 Commits