Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d06182347f 
							
						 
					 
					
						
						
							
							fixing few potential problems  
						
						
						
					 
					
						2012-02-29 13:56:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61a25418a9 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-02-22 10:45:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b3bd4144f5 
							
						 
					 
					
						
						
							
							removing of unused imports together with some general code refactoring  
						
						
						
					 
					
						2012-02-22 10:40:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							121148f27f 
							
						 
					 
					
						
						
							
							There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.  
						
						... 
						
						
						
						Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones 
						
					 
					
						2012-02-17 15:54:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ebd40b3933 
							
						 
					 
					
						
						
							
							Minor bug fix to make --file-read and --os-bof syntactically work also with -d (direct connection)  
						
						
						
					 
					
						2012-02-17 15:16:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dcf7277a0f 
							
						 
					 
					
						
						
							
							some more refactorings  
						
						
						
					 
					
						2012-02-16 14:42:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7bca926a0b 
							
						 
					 
					
						
						
							
							fixes, updates, patches  
						
						
						
					 
					
						2012-02-09 10:16:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7bf1fbe94 
							
						 
					 
					
						
						
							
							upgrade/fixes for direct DBMS access  
						
						
						
					 
					
						2012-02-07 10:46:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							22f4d5650f 
							
						 
					 
					
						
						
							
							fix for retrieving version of backend OS on MSSQL  
						
						
						
					 
					
						2012-02-03 15:42:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f86c365694 
							
						 
					 
					
						
						
							
							added one more failsafe for MSSQL --tables  
						
						
						
					 
					
						2012-02-03 10:56:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a6c2fc7ecc 
							
						 
					 
					
						
						
							
							some refactoring on MSSQL support  
						
						
						
					 
					
						2012-02-01 12:53:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2face9799a 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2012-02-01 09:17:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							91ebadff75 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-01-30 13:32:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d8c343a88a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-01-30 13:29:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f8ae0e5272 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2012-01-30 13:20:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b2dad63000 
							
						 
					 
					
						
						
							
							some more refactoring  
						
						
						
					 
					
						2012-01-13 22:00:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8e4b8d345f 
							
						 
					 
					
						
						
							
							refactoring  
						
						
						
					 
					
						2012-01-13 21:55:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ec9cc19951 
							
						 
					 
					
						
						
							
							Minor bug fixes for -d  
						
						
						
					 
					
						2012-01-13 21:46:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5e853cae64 
							
						 
					 
					
						
						
							
							Minor bug fix so now when the back-end DBMS operating system is Windows 2000, it sets the temporary folder automatically to C:\WINNT\Temp - the user does not need to provide it anymore with --tmp-path C:\\WINNT\\Temp  
						
						
						
					 
					
						2012-01-13 18:08:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b03f91437b 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2012-01-13 16:49:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							accac776fe 
							
						 
					 
					
						
						
							
							some fixes  
						
						
						
					 
					
						2012-01-13 14:10:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95f89ab63a 
							
						 
					 
					
						
						
							
							updating copyright date  
						
						
						
					 
					
						2012-01-11 14:59:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fecdce5801 
							
						 
					 
					
						
						
							
							implemented --tables over information_schema for MSSQL as a failover option for BOOLEAN technique too  
						
						
						
					 
					
						2012-01-09 21:09:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff52931140 
							
						 
					 
					
						
						
							
							some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)  
						
						
						
					 
					
						2012-01-07 19:30:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f412706fee 
							
						 
					 
					
						
						
							
							minor update for MSSQL --tables (fallback to other method)  
						
						
						
					 
					
						2012-01-03 18:01:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6f5ef23f28 
							
						 
					 
					
						
						
							
							minor update/patch  
						
						
						
					 
					
						2012-01-01 22:55:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							300abc2ba2 
							
						 
					 
					
						
						
							
							minor update regarding unicode unescaping  
						
						
						
					 
					
						2012-01-01 22:31:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6c49af090c 
							
						 
					 
					
						
						
							
							minor language patch  
						
						
						
					 
					
						2011-12-28 14:18:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ae413a206 
							
						 
					 
					
						
						
							
							some refactoring/speedup around UNION technique  
						
						
						
					 
					
						2011-12-22 10:32:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0a039d84e0 
							
						 
					 
					
						
						
							
							some more refactoring  
						
						
						
					 
					
						2011-12-21 19:40:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							641055144a 
							
						 
					 
					
						
						
							
							minor beautification  
						
						
						
					 
					
						2011-12-16 11:49:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ebc04a3d5f 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-12-16 11:44:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7d2fce16dc 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-12-16 11:40:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cff21814bb 
							
						 
					 
					
						
						
							
							minor patch for MSSQL 2008  
						
						
						
					 
					
						2011-12-16 11:23:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8793fbc9f5 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-12-14 12:59:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							39b406c5c1 
							
						 
					 
					
						
						
							
							fix for --search on Oracle  
						
						
						
					 
					
						2011-12-02 18:13:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0ce885e6e6 
							
						 
					 
					
						
						
							
							adding base64encode tampering script  
						
						
						
					 
					
						2011-11-21 12:47:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440b7efe55 
							
						 
					 
					
						
						
							
							minor optimization  
						
						
						
					 
					
						2011-11-20 20:14:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f574760c12 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-10-28 13:16:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bd7da45546 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-10-28 13:07:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7be0ca4e2 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-10-28 12:49:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							77e630d89e 
							
						 
					 
					
						
						
							
							replaced longer CHAR form of escaped MySQL strings with more compact hex form  
						
						
						
					 
					
						2011-10-23 20:19:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							25f0ec3597 
							
						 
					 
					
						
						
							
							some minor range to xrange conversion (where safe to do)  
						
						
						
					 
					
						2011-10-21 22:34:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							af94ac7f02 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-09-20 22:16:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							41ae9bc7ff 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-08-09 14:20:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a6ade08c28 
							
						 
					 
					
						
						
							
							just in case commit to prevent join string iteration over 'None' values  
						
						
						
					 
					
						2011-07-30 13:01:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4ce93221d1 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-07-28 09:24:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aedcf8c8d7 
							
						 
					 
					
						
						
							
							Changed homepage address  
						
						
						
					 
					
						2011-07-07 20:10:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d063ae91eb 
							
						 
					 
					
						
						
							
							propset update  
						
						
						
					 
					
						2011-06-30 07:55:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d3b44a5f58 
							
						 
					 
					
						
						
							
							Added copyright  
						
						
						
					 
					
						2011-06-28 10:59:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fe686feefa 
							
						 
					 
					
						
						
							
							Added support for direct connection (-d switch) to IBM DB2  
						
						
						
					 
					
						2011-06-28 10:52:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							36c96ef796 
							
						 
					 
					
						
						
							
							Added DB2 support - patch provided by Sebastian Bittig  
						
						
						
					 
					
						2011-06-25 09:44:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f7196007ca 
							
						 
					 
					
						
						
							
							--search on Oracle is now consistent with other plugins  
						
						
						
					 
					
						2011-06-24 14:33:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1cb12ea659 
							
						 
					 
					
						
						
							
							replaced third-party library python-mysql with python pymysql,  http://code.google.com/p/pymysql/  (MIT license)  
						
						
						
					 
					
						2011-06-22 13:31:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f8c32cf6b9 
							
						 
					 
					
						
						
							
							Moved folder  
						
						
						
					 
					
						2011-06-18 12:34:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ca6f9acf30 
							
						 
					 
					
						
						
							
							minor fix for resuming in multi threading mode  
						
						
						
					 
					
						2011-06-18 12:23:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d27afaed7e 
							
						 
					 
					
						
						
							
							some fixes  
						
						
						
					 
					
						2011-06-16 14:27:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0eeb48f8f5 
							
						 
					 
					
						
						
							
							some fixes  
						
						
						
					 
					
						2011-06-16 13:41:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4188df0501 
							
						 
					 
					
						
						
							
							fixes for Sybase  
						
						
						
					 
					
						2011-06-15 18:49:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							60ecf95383 
							
						 
					 
					
						
						
							
							fix for a bug reported by seyi.akin@gmail.com  
						
						
						
					 
					
						2011-06-14 08:40:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4a9640160e 
							
						 
					 
					
						
						
							
							more concise  
						
						
						
					 
					
						2011-06-08 14:35:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							26062ec71e 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-06-07 15:13:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0b875b160f 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2011-05-31 20:57:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a397baa89a 
							
						 
					 
					
						
						
							
							fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches  
						
						
						
					 
					
						2011-05-26 08:17:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2ea613b170 
							
						 
					 
					
						
						
							
							type correction and adding global flag kb.ignoreTimeout which could be useful  
						
						
						
					 
					
						2011-05-22 08:24:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							126cdf9e19 
							
						 
					 
					
						
						
							
							minor info update  
						
						
						
					 
					
						2011-05-19 23:28:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a034462c31 
							
						 
					 
					
						
						
							
							fixing annoying timeouts for basic DBMS check (reference:  http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html#function_timestampadd )  
						
						
						
					 
					
						2011-05-19 23:03:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b713b18fd2 
							
						 
					 
					
						
						
							
							minor fix for a bug spotted on Sybase  
						
						
						
					 
					
						2011-05-09 16:09:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6e784e766b 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2011-05-07 21:20:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aae140080e 
							
						 
					 
					
						
						
							
							SVN roll back, DB2 patch will be recommitted after testing:  
						
						... 
						
						
						
						$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD  https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847  . 
						
					 
					
						2011-05-06 10:27:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							42bca80968 
							
						 
					 
					
						
						
							
							removing blank lines and adding newline at the end of files  
						
						
						
					 
					
						2011-05-06 09:35:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6e392b6054 
							
						 
					 
					
						
						
							
							applying contributed patch for DB2  
						
						
						
					 
					
						2011-05-06 09:30:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dac59a55bc 
							
						 
					 
					
						
						
							
							leftover  
						
						
						
					 
					
						2011-05-03 14:14:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c58dc4a6d8 
							
						 
					 
					
						
						
							
							isDbmsWithin() must stay like this, no getIdentifiedDbms() in there  
						
						
						
					 
					
						2011-05-03 14:13:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eceb5eca7b 
							
						 
					 
					
						
						
							
							fix for --file-read on MSSQL for error technique (again that unpacking was causing problems); also reverting that check for file paths as one user mentioned that network paths are also possible for usage on Windows machines (e.g. \\bla\bla)  
						
						
						
					 
					
						2011-05-02 21:55:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d5eeb91b35 
							
						 
					 
					
						
						
							
							Aligned Sybase and MaxDB to recent enhancements to --dbs, --tables and --columns  
						
						
						
					 
					
						2011-04-30 22:11:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							284c69a686 
							
						 
					 
					
						
						
							
							Improved --tables for MSSQL too, like r3798  
						
						
						
					 
					
						2011-04-30 22:05:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aeb149db22 
							
						 
					 
					
						
						
							
							Proper ordering of enumeration methods, consistent with the others enumeration classes  
						
						
						
					 
					
						2011-04-30 22:04:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							955dbc85e7 
							
						 
					 
					
						
						
							
							Minor variable rename  
						
						
						
					 
					
						2011-04-30 15:29:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f56d135438 
							
						 
					 
					
						
						
							
							Minor code restyling  
						
						
						
					 
					
						2011-04-30 13:20:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9927f5a7db 
							
						 
					 
					
						
						
							
							Let --schema work also for Sybase and MaxDB  
						
						
						
					 
					
						2011-04-29 00:02:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e35f25b2cb 
							
						 
					 
					
						
						
							
							Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:  
						
						... 
						
						
						
						* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec .
Minor code refactoring. 
						
					 
					
						2011-04-24 23:01:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0dff82ce0 
							
						 
					 
					
						
						
							
							Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch  
						
						
						
					 
					
						2011-04-23 16:25:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							148fb26301 
							
						 
					 
					
						
						
							
							quick fix  
						
						
						
					 
					
						2011-04-21 17:34:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e181d5412e 
							
						 
					 
					
						
						
							
							fix for a bug reported by aboynes@gmail.com (@@datadir not available on MySQL 4)  
						
						
						
					 
					
						2011-04-21 17:33:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f909ecb369 
							
						 
					 
					
						
						
							
							bug fix for mssqlserver escape  
						
						
						
					 
					
						2011-04-20 13:41:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0387654166 
							
						 
					 
					
						
						
							
							update of copyright string (until year)  
						
						
						
					 
					
						2011-04-15 12:33:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c51e11c5c 
							
						 
					 
					
						
						
							
							Minor adjustments to PgSQL fingerprint  
						
						
						
					 
					
						2011-04-12 10:35:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7324d53997 
							
						 
					 
					
						
						
							
							reference ( http://www.enterprisedb.com/docs/en/9.0/pg/release-9-0.html )  
						
						
						
					 
					
						2011-04-12 10:30:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bc4c2f320c 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2011-04-12 10:24:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2f1786e65f 
							
						 
					 
					
						
						
							
							added active fingerprint for pgsql >= 9.0.3 (reference:  http://www.postgresql.org/docs/9.0/static/release-9-0.html )  
						
						
						
					 
					
						2011-04-12 10:22:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fdbd8bfe37 
							
						 
					 
					
						
						
							
							initial support for PostgreSQL 9.0 -  #223  
						
						
						
					 
					
						2011-04-11 22:02:00 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ea3ebafba1 
							
						 
					 
					
						
						
							
							Removed outdated sentence  
						
						
						
					 
					
						2011-04-10 23:59:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							572708f184 
							
						 
					 
					
						
						
							
							More version adjustment  
						
						
						
					 
					
						2011-04-10 23:28:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6d165861c8 
							
						 
					 
					
						
						
							
							Minor version increase  
						
						
						
					 
					
						2011-04-10 13:30:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d5fb1378cc 
							
						 
					 
					
						
						
							
							Gone unnoticed for way too long  
						
						
						
					 
					
						2011-04-08 11:15:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b6af80bab3 
							
						 
					 
					
						
						
							
							refactoring, cleanup and improvement  
						
						
						
					 
					
						2011-03-29 21:54:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73e5d20ade 
							
						 
					 
					
						
						
							
							bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries)  
						
						
						
					 
					
						2011-03-28 11:01:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4889764114 
							
						 
					 
					
						
						
							
							minor update regarding last commit  
						
						
						
					 
					
						2011-03-21 11:40:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5291fe35c9 
							
						 
					 
					
						
						
							
							proper implementation of --dbs on Oracle (we are using now schema names as a counterpart to dbs in other DBMSes)  
						
						
						
					 
					
						2011-03-21 11:29:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68c7247ee4 
							
						 
					 
					
						
						
							
							bug fix (pgsql drop function requires input arguments - at cleanup() in plugins/generic/misc.py it's already fixed before)  
						
						
						
					 
					
						2011-03-08 10:46:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68a95fd1b1 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-20 22:45:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aac817935a 
							
						 
					 
					
						
						
							
							further improvement of MaxDB support  
						
						
						
					 
					
						2011-02-20 22:41:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3ba8b6928 
							
						 
					 
					
						
						
							
							--dump now works on MaxDB too  
						
						
						
					 
					
						2011-02-20 22:07:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0e512d3c09 
							
						 
					 
					
						
						
							
							minor update for MaxDB  
						
						
						
					 
					
						2011-02-20 21:17:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							67ec691eb1 
							
						 
					 
					
						
						
							
							more updates regarding Sybase  
						
						
						
					 
					
						2011-02-20 16:28:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f30dea74f3 
							
						 
					 
					
						
						
							
							more Sybase updates  
						
						
						
					 
					
						2011-02-19 18:36:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b71bb321dd 
							
						 
					 
					
						
						
							
							some more Sybase updates  
						
						
						
					 
					
						2011-02-19 18:04:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7253362114 
							
						 
					 
					
						
						
							
							Minor bug fix so that --file-write on MySQL via UNION query now works again  
						
						
						
					 
					
						2011-02-11 23:35:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c078de894f 
							
						 
					 
					
						
						
							
							Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA  
						
						
						
					 
					
						2011-02-10 14:24:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a2c20acf94 
							
						 
					 
					
						
						
							
							Minor fixes once more  
						
						
						
					 
					
						2011-02-10 11:34:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0ddaee3c8 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2011-02-10 11:28:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							db77f8b055 
							
						 
					 
					
						
						
							
							Code cleanup  
						
						
						
					 
					
						2011-02-06 22:33:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ecaf5729fd 
							
						 
					 
					
						
						
							
							revert  
						
						
						
					 
					
						2011-02-06 22:14:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							caaac72029 
							
						 
					 
					
						
						
							
							minor update regarding last commit  
						
						
						
					 
					
						2011-02-06 20:15:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8980227d30 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2011-02-06 15:32:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a37f5e05b9 
							
						 
					 
					
						
						
							
							Refactoring  
						
						
						
					 
					
						2011-02-01 22:27:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ddf23ba7cc 
							
						 
					 
					
						
						
							
							refactoring  
						
						
						
					 
					
						2011-01-30 11:36:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							367d0639f0 
							
						 
					 
					
						
						
							
							refactoring (class names should always be Capital cased)  
						
						
						
					 
					
						2011-01-28 16:36:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							50969d238b 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 17:51:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0eea5665b2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 17:41:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3e3387113 
							
						 
					 
					
						
						
							
							fix for proper Firebird resume of version  
						
						
						
					 
					
						2011-01-24 11:04:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eb33612736 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2011-01-24 10:20:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b1d6040a48 
							
						 
					 
					
						
						
							
							Minor bug fix so that --search also works when the technique is error-based (which always return a list with lists inside)  
						
						
						
					 
					
						2011-01-20 21:46:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							50c02fbb37 
							
						 
					 
					
						
						
							
							Done with previous refactoring  
						
						
						
					 
					
						2011-01-20 00:01:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bade0e3124 
							
						 
					 
					
						
						
							
							Major code refactoring - centralized all kb.dbms* info for both retrieval and set.  
						
						
						
					 
					
						2011-01-19 23:06:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							daebb0010b 
							
						 
					 
					
						
						
							
							Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based.  
						
						... 
						
						
						
						Alignment of SQL statement payload packing/unpacking between all of the techniques.
Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too.
Minor code cleanup. 
						
					 
					
						2011-01-18 23:02:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							02b333e30b 
							
						 
					 
					
						
						
							
							Minor improvement  
						
						
						
					 
					
						2011-01-15 23:54:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1fa8f0cba7 
							
						 
					 
					
						
						
							
							code reviewing part 2  
						
						
						
					 
					
						2011-01-15 12:53:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2d9b151883 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2011-01-15 10:14:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e4e9b11b79 
							
						 
					 
					
						
						
							
							Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms.  
						
						
						
					 
					
						2011-01-14 12:47:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3c95d71ea5 
							
						 
					 
					
						
						
							
							Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase  
						
						
						
					 
					
						2011-01-14 11:55:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2ac8debea0 
							
						 
					 
					
						
						
							
							Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.  
						
						... 
						
						
						
						Minor bug fixes thanks to previous refactoring too. 
						
					 
					
						2011-01-13 17:36:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8a67aea754 
							
						 
					 
					
						
						
							
							One more step to fully working UNION exploitation after merge into detection phase  
						
						
						
					 
					
						2011-01-12 01:13:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0eabca9fd4 
							
						 
					 
					
						
						
							
							update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)  
						
						
						
					 
					
						2011-01-03 22:31:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8e1927fe31 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-01-02 18:12:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f9b6b2254 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2011-01-02 16:51:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73e8a10527 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2011-01-02 09:12:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							26b06bfcfb 
							
						 
					 
					
						
						
							
							update ( http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html )  
						
						
						
					 
					
						2011-01-01 19:38:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							076560f59f 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-12-31 12:58:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5db8ebbfa9 
							
						 
					 
					
						
						
							
							update of mysql comment versions  
						
						
						
					 
					
						2010-12-31 12:42:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							40e3489099 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-31 12:27:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ce19b0c431 
							
						 
					 
					
						
						
							
							optimization of comment checking in MySQL  
						
						
						
					 
					
						2010-12-31 12:21:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							42e7b1b3a7 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-12-30 22:40:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							20e3a6d72f 
							
						 
					 
					
						
						
							
							fix/refactor/cosmetics (references:  http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html )  
						
						
						
					 
					
						2010-12-30 21:53:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7f4acaf6f9 
							
						 
					 
					
						
						
							
							now comment injection fingerprint works with all techniques  
						
						
						
					 
					
						2010-12-30 21:24:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9853c1ec7f 
							
						 
					 
					
						
						
							
							fix for a bug reported by alessio.dallapiazza@gmail.com (AttributeError: users)  
						
						
						
					 
					
						2010-12-25 09:13:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2c23a59ba5 
							
						 
					 
					
						
						
							
							fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)  
						
						
						
					 
					
						2010-12-24 12:13:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c06dbffc3 
							
						 
					 
					
						
						
							
							bug fix (AttributeError: 'unicode' object has no attribute 'sort')  
						
						
						
					 
					
						2010-12-22 18:55:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d25da5135 
							
						 
					 
					
						
						
							
							better way to handle this one  
						
						
						
					 
					
						2010-12-22 00:51:20 +00:00