Bernardo Damele
4550fa9e40
update
2011-07-24 22:43:22 +00:00
Miroslav Stampar
ff8fc90ac7
bug fix
2011-07-13 06:44:15 +00:00
Miroslav Stampar
a46b5230f5
minor "patch"
2011-07-11 20:33:16 +00:00
Bernardo Damele
86d28947aa
updated
2011-07-11 10:07:36 +00:00
Miroslav Stampar
f5e45bf113
quick fix for a bug reported by jovon.itwaru@gmail.com
2011-07-11 08:54:39 +00:00
Miroslav Stampar
98958f8808
minor minor update
2011-07-10 15:41:45 +00:00
Miroslav Stampar
b3acaf85d8
minor update
2011-07-10 08:58:55 +00:00
Bernardo Damele
3985a81cb9
Update email addresses
2011-07-08 13:39:47 +00:00
Bernardo Damele
b5dd4d4a63
Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection
2011-07-08 10:19:01 +00:00
Bernardo Damele
aedcf8c8d7
Changed homepage address
2011-07-07 20:10:03 +00:00
Bernardo Damele
736327c893
Added two tamper scripts contributed by Roberto Salgado
2011-07-07 18:45:07 +00:00
Bernardo Damele
23b4efdcaf
Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too.
2011-07-06 21:04:45 +00:00
Bernardo Damele
36c96ef796
Added DB2 support - patch provided by Sebastian Bittig
2011-06-25 09:44:24 +00:00
Miroslav Stampar
f434c3b29e
update of THANKS file
2011-06-24 19:06:08 +00:00
Bernardo Damele
1cb12ea659
replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license)
2011-06-22 13:31:07 +00:00
Miroslav Stampar
019f4d344a
update of THANKS file
2011-06-21 21:03:50 +00:00
Miroslav Stampar
d9015ed800
fix for a bug reported by krasn@deventum.com
2011-06-20 13:25:19 +00:00
Bernardo Damele
d7da71ce8e
politeness
2011-06-20 09:10:04 +00:00
Bernardo Damele
4b94ef2b7c
A little bit more polite
2011-06-18 13:03:55 +00:00
Miroslav Stampar
ca8a60dd7a
update of doc/THANKS
2011-06-15 19:04:43 +00:00
Miroslav Stampar
60ecf95383
fix for a bug reported by seyi.akin@gmail.com
2011-06-14 08:40:25 +00:00
Miroslav Stampar
03d6031fe7
update of doc/THANKS file
2011-06-09 09:09:52 +00:00
Bernardo Damele
6d2c97d06f
updated thanks file
2011-06-08 10:44:55 +00:00
Miroslav Stampar
75c12c5edb
fix for a bug reported by cclements@flatearth.net (TypeError: argument of type 'NoneType' is not iterable)
2011-06-07 21:46:49 +00:00
Miroslav Stampar
e7e23d1b79
fix for a Ctrl+C bug reported by nightman@email.de
2011-06-07 17:16:01 +00:00
Miroslav Stampar
24ed99e5a3
fix for a bug reported by aboynes@gmail.com
2011-06-06 08:50:48 +00:00
Miroslav Stampar
46ceb14f37
update of doc/THANKS
2011-05-26 13:49:42 +00:00
Miroslav Stampar
9077eadf23
update of doc/THANKS
2011-05-26 08:22:52 +00:00
Miroslav Stampar
0072c3af8e
fix for a bug reported by aboynes@gmail.com (for elt in self.a)
2011-05-24 15:03:21 +00:00
Miroslav Stampar
2b12b18357
incorporating metasploit patch from oliver.kuckertz@mologie.de
2011-05-23 15:27:10 +00:00
Miroslav Stampar
d2221e4604
fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...)
2011-05-16 00:23:50 +00:00
Bernardo Damele
49b925772b
Minor update
2011-05-10 10:56:06 +00:00
Bernardo Damele
6e784e766b
Minor bug fix
2011-05-07 21:20:47 +00:00
Miroslav Stampar
d2a71d647b
minor update
2011-05-06 13:38:58 +00:00
Miroslav Stampar
9652efa995
minor update
2011-05-06 13:34:03 +00:00
Miroslav Stampar
079ddf84b2
updating FAQ
2011-05-06 11:19:49 +00:00
Bernardo Damele
2976ed7e90
Updated user's manual, added details about URI injection
2011-05-03 14:47:01 +00:00
Bernardo Damele
b2f6ce9716
updated documentation
2011-05-03 10:57:55 +00:00
Miroslav Stampar
845618934d
update of doc/THANKS
2011-05-02 18:20:37 +00:00
Miroslav Stampar
900ee0ff93
fix for a major bug reported by k1971@live.co.uk (1..9 99..)
2011-05-01 15:47:00 +00:00
Bernardo Damele
ebe631ea57
doc update
2011-05-01 00:43:42 +00:00
Miroslav Stampar
41fc9f9d54
fix for an issue reported by andrew.gecse@upcmail.hu (unknown web page charset 'hungarian-iso-8859-2')
2011-04-30 22:41:54 +00:00
Bernardo Damele
2f2758b033
Long form contributor name
2011-04-30 14:51:06 +00:00
Bernardo Damele
d3ed3268c3
minor adjustments
2011-04-28 21:17:06 +00:00
Bernardo Damele
8e63e1b70d
more people to thanks
2011-04-28 21:15:15 +00:00
Bernardo Damele
3e66dae103
as we don't use UPX anymore..
2011-04-28 20:54:21 +00:00
Bernardo Damele
6d07dddf60
updated doc and minor layout adjustments
2011-04-21 21:53:35 +00:00
Miroslav Stampar
c6a0209649
update of THANKS file
2011-04-18 14:01:45 +00:00
Miroslav Stampar
ad53e3f551
update of doc/THANKS
2011-04-17 07:39:49 +00:00
Bernardo Damele
d462937a2e
added a contributor
2011-04-14 12:42:09 +00:00
Miroslav Stampar
f435f37d71
update of THANKS file
2011-04-12 15:54:00 +00:00
Bernardo Damele
30377621b8
slight update
2011-04-11 00:33:42 +00:00
Bernardo Damele
2f8ddd156c
done with the manual
2011-04-11 00:23:47 +00:00
Bernardo Damele
9840a0491d
more doc updates
2011-04-10 20:31:29 +00:00
Bernardo Damele
fe16360acb
more doc updates
2011-04-10 13:28:14 +00:00
Bernardo Damele
64fcc88be5
typo
2011-04-08 10:26:03 +00:00
Bernardo Damele
1be7f859c6
Minor updates
2011-04-08 10:25:37 +00:00
Miroslav Stampar
bcc4c52cf7
minor update
2011-04-08 10:21:45 +00:00
Bernardo Damele
159789ba81
More user's manual updates
2011-04-08 10:20:42 +00:00
Bernardo Damele
d305183447
More updates to user's manual
2011-04-08 09:50:34 +00:00
Bernardo Damele
bac53eeef1
Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s)
2011-04-07 22:08:10 +00:00
Miroslav Stampar
b288e5ef57
implemented DNS caching mechanism
2011-04-07 21:39:18 +00:00
Bernardo Damele
1880f18367
Minor layout adjustments
2011-04-07 10:07:52 +00:00
Bernardo Damele
17844eb87c
Refactoring to --technique
2011-04-07 10:00:47 +00:00
Bernardo Damele
287f74dbd2
update
2011-04-06 14:59:51 +00:00
Bernardo Damele
72555f3b28
user's manual updated.. we are getting close to 0.9 stable, stay tuned!
2011-04-06 08:21:13 +00:00
Bernardo Damele
a1bde071d8
Minor adjustments
2011-04-04 09:26:20 +00:00
Miroslav Stampar
e27afef6be
minor update regarding --current-db on Oracle
2011-04-01 15:56:11 +00:00
Bernardo Damele
60afd80460
Change of release date to unknown
2011-03-31 13:06:30 +00:00
Bernardo Damele
19a6f86954
Minor update
2011-03-27 16:37:57 +00:00
Miroslav Stampar
08d052d9b8
minor update of THANKS file
2011-03-27 13:45:19 +00:00
Miroslav Stampar
d2eb4c6a39
update of THANKS file
2011-03-26 21:48:36 +00:00
Miroslav Stampar
0bb08d09d2
fix for a bug reported by Kirill (value is None in attack table phase) and minor fix for loading request file
2011-03-24 08:43:40 +00:00
Miroslav Stampar
bd75fd26e9
implementing a --page-rank switch as requested by l0rda@l0rda.biz
2011-03-23 11:57:57 +00:00
Miroslav Stampar
cbfb10cbd1
fix of a minor bug reported by syssecurity7@googlemail.com (missing iso-8858...)
2011-03-21 16:43:46 +00:00
Miroslav Stampar
7b1021d100
minor update of THANKS file
2011-03-21 13:18:00 +00:00
Miroslav Stampar
f8a2cf0497
minor THANKS update
2011-03-21 09:53:34 +00:00
Bernardo Damele
f7c1b7dc5f
Updated
2011-03-21 00:39:54 +00:00
Miroslav Stampar
36233fac42
update regarding a feature request from andyroyalbattle@yahoo.it
2011-03-18 16:35:30 +00:00
Bernardo Damele
3edb30968b
Pff.. just layout
2011-03-17 12:37:50 +00:00
Miroslav Stampar
1879a49506
fix for a bug reported by andreoaz@gmail.com
2011-03-10 20:40:12 +00:00
Miroslav Stampar
8e7c3b4666
update of THANKS file
2011-03-07 21:29:06 +00:00
Bernardo Damele
da6a87af43
update
2011-02-28 16:59:39 +00:00
Bernardo Damele
50ba0fa955
More adjustments
2011-02-28 16:14:09 +00:00
Bernardo Damele
021fce5601
Should be done with the ChangeLog - ready for 0.9.
...
Minor adjustments to user's manual too.
2011-02-28 15:23:05 +00:00
Bernardo Damele
b47d3e1da3
Huge update to user's manual. A lot to be done yet.
2011-02-27 12:19:32 +00:00
Bernardo Damele
6e1a08a805
Documentation update
2011-02-19 21:08:18 +00:00
Bernardo Damele
808b03fc3e
Minor reordering
2011-02-14 02:08:11 +00:00
Bernardo Damele
f0f5d3d3e8
Began with the update of the user's manual for 0.9
2011-02-07 00:55:10 +00:00
Bernardo Damele
1bc2ee2fbf
Updated
2011-02-06 15:44:27 +00:00
Miroslav Stampar
412a97b7fe
fix for a bug reported by ahmed@isecur1ty.org (TypeError: unsupported operand type(s) for -: 'float' and 'NoneType')
2011-02-05 14:17:28 +00:00
Miroslav Stampar
1e8eb27156
update of doc/THANKS
2011-02-04 14:07:54 +00:00
Miroslav Stampar
af99105c27
lol. sybase and maxdb were just ignored while fingerprinted because they weren't in dbmsDict screwing half of dbms related functions (most notably aliasToDbmsEnum)
2011-02-01 22:45:38 +00:00
Bernardo Damele
9fc0bedea8
Minor bug fixes
2011-01-30 21:01:57 +00:00
Miroslav Stampar
81722b6881
major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values)
2011-01-27 18:36:28 +00:00
Miroslav Stampar
3bb4ea2c7a
THANKS update
2011-01-25 22:29:36 +00:00
Miroslav Stampar
cab86871fe
fix for a bug reported by mhackmail@gmail.com (local variable 'code' referenced before assignment)
2011-01-25 11:02:41 +00:00
Bernardo Damele
ceca64193b
Updated
2011-01-24 14:46:41 +00:00
Bernardo Damele
c1f6bf2eda
Updated
2011-01-18 23:14:35 +00:00
Miroslav Stampar
bdcb10cdab
added MSSQL time based vector
2011-01-18 02:05:18 +00:00
Miroslav Stampar
a835f233ac
fix for a bug reported by buawig@gmail.com (AttributeError: 'module' object has no attribute 'set_completer')
2011-01-17 00:17:31 +00:00
Bernardo Damele
f209b7a65e
Updated
2011-01-14 09:56:55 +00:00
Miroslav Stampar
a8d660db54
fixes for bugs reported by pragmatk@gmail.com
2011-01-06 16:59:58 +00:00
Miroslav Stampar
1297df66da
fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed)
2011-01-06 08:04:59 +00:00
Miroslav Stampar
aa81ed4033
implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers)
2011-01-04 15:49:20 +00:00
Miroslav Stampar
08ccbf2c1e
important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)
2011-01-03 22:02:58 +00:00
Miroslav Stampar
8067365b93
fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident')
2010-12-20 23:47:53 +00:00
Miroslav Stampar
e3fa3b0e8e
fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint')
2010-12-17 07:48:32 +00:00
Miroslav Stampar
5aee1fd8e0
updated THANKS file
2010-12-08 21:19:46 +00:00
Bernardo Damele
ad17e9ed2a
Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any)
2010-11-19 14:56:20 +00:00
Bernardo Damele
17486e472a
Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!
2010-11-17 22:00:09 +00:00
Bernardo Damele
360aff7a4d
sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle
2010-11-17 17:20:32 +00:00
Bernardo Damele
a9152c6723
Updated doc
2010-11-14 22:36:54 +00:00
Bernardo Damele
5e41cd07a3
Updated doc
2010-11-13 23:31:18 +00:00
Bernardo Damele
306e96331d
Updated doc
2010-11-12 10:00:49 +00:00
Bernardo Damele
0c8918bf07
Minor bug fix, thanks Alex
2010-11-08 12:45:23 +00:00
Miroslav Stampar
14e9425673
update of doc/THANKS
2010-11-05 16:09:30 +00:00
Miroslav Stampar
7d12dbff41
update of THANKS
2010-11-05 11:36:43 +00:00
Miroslav Stampar
71d0b1bcd7
several bug fixes
2010-11-03 21:51:36 +00:00
Miroslav Stampar
861706fb31
fix for bug reported by ToR (unknown charset 'utf-8, text/html')
2010-11-02 18:01:10 +00:00
Miroslav Stampar
73b33ed765
fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic
2010-11-01 20:56:13 +00:00
Miroslav Stampar
d75578c81f
some update regarding common tables
2010-10-29 09:00:51 +00:00
Bernardo Damele
ed1f2da43f
Updated
2010-10-27 21:05:58 +00:00
Bernardo Damele
7715ba778b
Updated
2010-10-27 14:41:03 +00:00
Bernardo Damele
4ab3edfc94
Updated
2010-10-25 23:40:19 +00:00
Miroslav Stampar
c7578d4ea1
update of THANKS
2010-10-25 16:07:03 +00:00
Miroslav Stampar
aa931efd4d
several MySQL fixes/enhancements pointed out by Anton Mogilin
2010-10-24 22:05:14 +00:00
Miroslav Stampar
c5fb4edf3e
update of THANKS
2010-10-23 09:25:34 +00:00
Miroslav Stampar
a8e42a4f2b
bug fix
2010-10-23 06:42:21 +00:00
Bernardo Damele
e5485a9958
Updated doc
2010-10-20 22:14:52 +00:00
Bernardo Damele
22ed09a358
Updated
2010-10-20 21:52:33 +00:00
Bernardo Damele
cfa5655150
Updated changelog
2010-10-16 22:23:53 +00:00
Miroslav Stampar
5c3d21065a
bug fix (reported by nightman)
2010-10-16 21:29:35 +00:00
Miroslav Stampar
2b60304933
update
2010-10-16 21:19:44 +00:00
Bernardo Damele
bd3a791f23
Updated documentation
2010-10-15 10:29:53 +00:00
Miroslav Stampar
2198a60684
bug fix (reported by james@ev6.net)
2010-10-10 20:51:11 +00:00
Miroslav Stampar
0ad8090ad8
fix for a google bug reported by Brandon E.
2010-10-01 08:03:39 +00:00
Miroslav Stampar
87abec16bd
probable fix for a bug reported by Prashant Jadhav
2010-09-30 18:52:33 +00:00
Miroslav Stampar
7a7938a6da
updated THANKS
2010-08-22 08:53:30 +00:00
Miroslav Stampar
526aebc84c
small fix
2010-08-15 21:10:19 +00:00
Miroslav Stampar
f9752137f0
update of THANKS file
2010-08-08 22:28:01 +00:00
Miroslav Stampar
468eeb6ccf
update of THANKS
2010-08-08 21:49:27 +00:00
Miroslav Stampar
1d8953ebdb
update of THANKS file
2010-08-08 21:25:21 +00:00
Miroslav Stampar
6a6ff09c9a
fix for a bug reported by Marek Sarvas
2010-07-26 08:11:28 +00:00
Miroslav Stampar
c39d819dd2
fix for a resume bug reported by Augusto Urbieta
2010-07-20 08:13:02 +00:00
Miroslav Stampar
6d11f86fdd
update
2010-07-15 08:51:23 +00:00
Bernardo Damele
82bce81e28
Minor improvements
2010-07-02 13:38:52 +00:00
Bernardo Damele
dc8862a140
Updated
2010-07-01 10:46:59 +00:00
Bernardo Damele
3f2db471f5
Updated thanks
2010-06-30 13:27:07 +00:00
Bernardo Damele
d40a238335
Make --keep-alive public
2010-06-30 11:29:35 +00:00
Bernardo Damele
abc3c24d62
Update
2010-06-30 09:48:48 +00:00
Bernardo Damele
4bba59aaf5
Updated doc
2010-06-29 23:52:22 +00:00
Bernardo Damele
8576817a2b
Added support for SOAP requests: fixed, extended and tested a user's patch - closes #196 .
2010-06-29 21:07:23 +00:00
Bernardo Damele
7cad3cbda6
Minor code refactoring
2010-06-28 13:47:20 +00:00
Bernardo Damele
887adfcf10
Minor adjustments to extra/ libraries
2010-06-09 21:43:22 +00:00
Miroslav Stampar
01f2dfe33f
update
2010-06-04 17:08:32 +00:00
Bernardo Damele
080c71b903
Updated documentation
2010-06-02 16:19:43 +00:00
Bernardo Damele
06af405efd
Adapted and merged in patch to support XML output (-x switch) - still in beta.
...
Minor bug fixes and adjustments.
2010-05-28 16:43:04 +00:00
Miroslav Stampar
2a1dd492f5
updated THANKS
2010-05-25 10:10:27 +00:00
Miroslav Stampar
d2c03c12fd
updated thanks
2010-05-24 20:25:43 +00:00
Bernardo Damele
03fb84e29f
Minor enhancement to internal --profile function
2010-05-21 15:06:05 +00:00
Miroslav Stampar
4c1ad7d8ce
added Jose Fonseca (gprof2dot) to THANKS
2010-05-21 10:22:56 +00:00
Bernardo Damele
bffa06f2ca
Updated user's manual
2010-05-20 10:08:17 +00:00
Bernardo Damele
b2c5807109
Updated
2010-05-12 22:02:18 +00:00
Bernardo Damele
74860fee2a
Updated
2010-05-10 14:52:02 +00:00
Bernardo Damele
7b6050f3c1
Minor update
2010-05-06 14:18:25 +00:00
Bernardo Damele
8dbf89afe4
Minor update
2010-05-06 11:22:53 +00:00
Bernardo Damele
783c48f6e9
Merged history into user's manual
2010-05-06 11:09:03 +00:00
Bernardo Damele
7bf31f54b8
Updated history SGML file
2010-05-06 10:54:13 +00:00
Bernardo Damele
147e14356d
Major bug fix (reported by Thierry Zoller)
2010-05-06 10:52:40 +00:00
Bernardo Damele
107a900f51
Updated
2010-05-03 12:57:17 +00:00
Miroslav Stampar
d8e5585c66
fixed a bug reported by Mosk Dmitri (infoMsg UnboundLocalError)
2010-04-29 08:30:29 +00:00
Bernardo Damele
a588b2020b
Added history SGML file
2010-04-26 15:00:53 +00:00
Bernardo Damele
2665066dae
Updated changelog file
2010-04-26 12:35:39 +00:00
Bernardo Damele
3087c27659
Updated doc
2010-04-22 10:37:58 +00:00
Bernardo Damele
e11d511cad
Updated doc
2010-04-15 12:12:53 +00:00
Bernardo Damele
e0d0913fc6
Updated doc
2010-04-12 09:34:20 +00:00
Bernardo Damele
822d22299f
Updated
2010-04-09 13:48:02 +00:00
Bernardo Damele
bd669dd6fa
Updated
2010-04-06 10:32:56 +00:00
Bernardo Damele
2d55ec19a3
Minor code restyling
2010-04-06 10:15:19 +00:00
Bernardo Damele
f0f1176396
Updated THANKS
2010-03-23 21:24:31 +00:00
Bernardo Damele
9e8a108768
Updated
2010-03-22 15:43:38 +00:00
Miroslav Stampar
f1fde2e443
added basic skeleton for FAQ doc
2010-03-17 12:56:26 +00:00
Bernardo Damele
7f5bc5e3fe
Increased version to 0.9-dev
2010-03-15 11:04:57 +00:00
Bernardo Damele
bfbf58b04e
Generated new user's manual html and pdf
2010-03-13 22:07:08 +00:00
Bernardo Damele
ee89709042
Updated manual
2010-03-13 21:56:38 +00:00
Miroslav Stampar
4bef12a2b4
doc update
2010-03-13 14:35:56 +00:00
Bernardo Damele
c42c4982c3
Updated documentation according to r1460
2010-03-12 22:59:03 +00:00
Bernardo Damele
7d8cc1a482
Get rid of Churrasco (Token kidnapping technique to --priv-esc). Reasons why:
...
1. there's kitrap0d (MS10-015) which is far more reliable, just recently fixed
2. works only to priv esc basically on MSSQL when it runs as NETWORK SERVICE and the machine is not patched against MS09-012 which is "rare" (hopefully) nowadays.
Now sqlmap relies on kitrap0d and incognito to privilege escalate the database process' user privileges to SYSTEM, both via Meterpreter.
Minor layout adjustments.
2010-03-12 22:43:35 +00:00
Bernardo Damele
054a4aaee7
Updated documentation, almost ready for 0.8 release!
2010-03-12 17:43:38 +00:00
Bernardo Damele
b50a2288f4
Minor layout adjustments
2010-03-11 23:54:07 +00:00
Bernardo Damele
b344a70ba1
Updated changelog
2010-03-11 01:10:55 +00:00
Bernardo Damele
4d53b17320
Updated THANKS
2010-03-10 22:08:54 +00:00
Bernardo Damele
6712b19df2
Updated ChangeLog
2010-03-10 01:14:23 +00:00
Bernardo Damele
8593741358
Minor bug fix
2010-03-05 15:25:53 +00:00
Bernardo Damele
7136c17f19
Minor log adjustments
2010-03-05 14:59:33 +00:00
Miroslav Stampar
d618964ab6
more time adjustments
2010-03-05 14:30:50 +00:00
Miroslav Stampar
45fc58d267
update
2010-03-05 14:24:54 +00:00
Miroslav Stampar
071e897f4e
minor time adjustments
2010-03-05 14:09:20 +00:00
Miroslav Stampar
6fd1f7f77c
update
2010-03-05 14:06:03 +00:00