sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-10-31 07:57:47 +03:00

Author	SHA1	Message	Date
Bernardo Damele	f5904d0bc0	Major bug fix to --union-test	2010-10-25 23:39:55 +00:00
Miroslav Stampar	228ac0cde5	refactoring regarding --check-payload	2010-10-25 18:38:54 +00:00
Miroslav Stampar	378653a1ec	added IDS payload testing	2010-10-25 15:37:43 +00:00
Bernardo Damele	215175e3b7	Minor code adjustments	2010-10-25 14:11:47 +00:00
Miroslav Stampar	24c5d7b313	code refactoring	2010-10-25 14:06:56 +00:00
Miroslav Stampar	9c94a233a1	conf.md5hash thrown out	2010-10-25 13:52:21 +00:00
Miroslav Stampar	32728d14b7	fix for --union-use with --error-test	2010-10-25 12:25:29 +00:00
Miroslav Stampar	71543092b7	update regarding comparison engine	2010-10-25 12:00:59 +00:00
Miroslav Stampar	8df7c88174	implementation of a new dynamic content removal engine	2010-10-25 10:41:37 +00:00
Miroslav Stampar	db260c44d3	minor update	2010-10-24 22:25:05 +00:00
Miroslav Stampar	dec4d858b3	fix for Bug #207	2010-10-22 14:01:48 +00:00
Miroslav Stampar	bc79eec702	removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)	2010-10-21 13:13:12 +00:00
Miroslav Stampar	be443c6947	refactoring regarding __START__,...	2010-10-21 09:51:07 +00:00
Miroslav Stampar	2668c95ef4	added default HTTP version used by httplib and urllib2	2010-10-21 09:10:07 +00:00
Bernardo Damele	7f1aa3b94f	Removed unused imports	2010-10-20 22:48:51 +00:00
Miroslav Stampar	934adb5e8d	code refactoring	2010-10-20 09:09:04 +00:00
Miroslav Stampar	b032fdbf74	added randInt to error injection vectors	2010-10-20 08:56:58 +00:00
Miroslav Stampar	dabbcf9e23	fix for that 'Subquery returns more than 1 row'	2010-10-20 08:50:05 +00:00
Miroslav Stampar	82f44989ce	update of error based injection and bug fix for --roles on MSSQL server	2010-10-20 06:40:33 +00:00
Miroslav Stampar	8776db872c	minor refactoring	2010-10-19 23:05:24 +00:00
Miroslav Stampar	1b376c99a6	removed temp dictionary and replaced with kb.misc	2010-10-19 23:00:19 +00:00
Miroslav Stampar	7927e97007	update	2010-10-19 18:34:57 +00:00
Miroslav Stampar	415524bd5a	remove --error, now it's only --error-test (it needs to return True to be able to use it)	2010-10-19 18:34:14 +00:00
Miroslav Stampar	4009ef385e	more update regarding error based injection support	2010-10-19 18:17:34 +00:00
Miroslav Stampar	b2e0b615f8	fix for that MySQL checking	2010-10-19 17:38:39 +00:00
Miroslav Stampar	34d7de1d46	cosmetics	2010-10-19 15:28:54 +00:00
Miroslav Stampar	d7622bb9cf	major fix for MySQL error based injections	2010-10-19 15:17:16 +00:00
Miroslav Stampar	80505de15b	now --users work on Oracle and Postgre (tested)	2010-10-19 14:56:57 +00:00
Miroslav Stampar	4bc541ec3c	error based update	2010-10-19 14:47:13 +00:00
Miroslav Stampar	d0ebe428da	i've left error flag	2010-10-19 14:12:34 +00:00
Miroslav Stampar	bf850af2d8	fix for Oracle error based query "space" problem	2010-10-19 14:10:09 +00:00
Miroslav Stampar	6a8b1046d4	first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)	2010-10-19 12:02:04 +00:00
Miroslav Stampar	8b8fff41fe	cosmetics (adding html parsed DBMS) regarding heuristic check	2010-10-18 12:11:16 +00:00
Bernardo Damele	36bc410333	Minor bug fix	2010-10-18 09:50:23 +00:00
Miroslav Stampar	149837ebf5	added the same for proxy authorization header	2010-10-18 09:02:56 +00:00
Miroslav Stampar	aaebb4336e	fix for Bug #202	2010-10-18 08:54:08 +00:00
Miroslav Stampar	dcb9c2103a	just in case update	2010-10-15 11:20:19 +00:00
Bernardo Damele	5f6d88a418	Minor comment	2010-10-15 11:17:17 +00:00
Bernardo Damele	c5e385f77a	More layout adjustments	2010-10-15 10:28:34 +00:00
Miroslav Stampar	207bef7f19	fix for that SQLite3 vs SQLite2 issue	2010-10-15 09:39:41 +00:00
Miroslav Stampar	4f7f20b94f	sorry, cosmetics	2010-10-14 23:18:29 +00:00
Bernardo Damele	1674142d82	Minor cosmetic fixes	2010-10-14 15:28:54 +00:00
Miroslav Stampar	8b48833136	large commit with copyright header modifications	2010-10-14 14:41:14 +00:00
Miroslav Stampar	162d01abed	commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...)	2010-10-14 11:06:28 +00:00
Miroslav Stampar	dc50543ea4	major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects)	2010-10-13 23:01:23 +00:00
Miroslav Stampar	36ef8ca575	bug fix	2010-10-13 22:42:48 +00:00
Miroslav Stampar	02a14d4c45	added Referer (part of Feature #37 )	2010-10-13 22:08:09 +00:00
Miroslav Stampar	34580f56fc	added --tamper option	2010-10-12 22:45:25 +00:00
Miroslav Stampar	d2ec132469	added --text-only switch	2010-10-12 19:41:29 +00:00
Miroslav Stampar	1369529103	minor cosmetic update	2010-10-11 13:52:32 +00:00
Miroslav Stampar	43892cddbb	some updates	2010-10-11 12:26:35 +00:00
Miroslav Stampar	8fcad29bbf	new feature --forms (still unfinished)	2010-10-10 18:56:43 +00:00
Miroslav Stampar	adf2231edb	minor update	2010-10-06 13:38:03 +00:00
Miroslav Stampar	cf17debf79	changed connection message priority to critical (when verbose=0 it's displayed too)	2010-09-27 13:34:52 +00:00
Miroslav Stampar	13bb3a6212	minor update	2010-09-23 14:07:23 +00:00
Miroslav Stampar	da8ae5578b	first commit regarding Feature #144	2010-09-22 11:56:35 +00:00
Miroslav Stampar	975b96ae28	minor refactoring	2010-09-16 09:47:33 +00:00
Miroslav Stampar	1741801ade	implementation of HEAD/Range methods	2010-09-16 09:32:09 +00:00
Miroslav Stampar	b745331974	added null connection check	2010-09-16 08:43:10 +00:00
Miroslav Stampar	ecd6b573f7	added method parameter to the queryPage function	2010-09-15 14:17:17 +00:00
Miroslav Stampar	34a8cd75e3	added support for setting HTTP method manualy	2010-09-15 12:45:41 +00:00
Miroslav Stampar	798ab4989b	fix for a Bug #200	2010-09-14 10:35:01 +00:00
Miroslav Stampar	19fb2e3dcf	fix for Bug #165	2010-09-13 13:31:01 +00:00
Miroslav Stampar	53289c6a42	fix for bug reported by Marek Sarvas (unicode)	2010-09-09 14:03:45 +00:00
Miroslav Stampar	27d76847fe	fix for bug reported by Truong Duc Luong	2010-09-01 08:46:21 +00:00
Miroslav Stampar	436b7d82fb	fixed a bug reported by Marek Sarvas	2010-08-22 08:52:15 +00:00
Miroslav Stampar	057ec8a6b2	added --ratio option for direct manipulation of conf.matchRatio parameter	2010-08-10 19:53:29 +00:00
Miroslav Stampar	6a6ff09c9a	fix for a bug reported by Marek Sarvas	2010-07-26 08:11:28 +00:00
Miroslav Stampar	d2f88b6ebe	detecting infinite redirect loops (Feature #192 )	2010-07-19 12:38:30 +00:00
Miroslav Stampar	48a67d6d51	fix for "unknown charset 'windows-874'" reported by Phat R.	2010-07-15 08:44:42 +00:00
Miroslav Stampar	0d08903bc3	some charset fix up	2010-06-30 12:09:33 +00:00
Bernardo Damele	9ea72f9640	Minor bug fixes to -d	2010-06-25 13:24:43 +00:00
Bernardo Damele	9bce22683b	Minor bug fix and adjustment to deal with Keep-Alive also against Google (-g)	2010-06-11 10:08:19 +00:00
Bernardo Damele	fea2414759	Display HTTP request in -v>=3 even if connection failed	2010-06-10 14:42:17 +00:00
Bernardo Damele	5bb8e154eb	Minor code improvements	2010-06-10 14:15:32 +00:00
Miroslav Stampar	36953221f8	few quick changes	2010-06-10 11:34:17 +00:00
Miroslav Stampar	eaef068c90	major bug fix (different HTTP content charsets are now properly handled)	2010-06-09 14:40:36 +00:00
Miroslav Stampar	12a5ec9f3d	more unicode refactoring	2010-06-02 12:45:40 +00:00
Bernardo Damele	e98b049e7f	Added unicode support also to PostgreSQL connector - see #184 .	2010-05-29 11:46:41 +00:00
Bernardo Damele	e811101dce	Minor bug fix	2010-05-28 23:39:52 +00:00
Miroslav Stampar	ac6ce478a0	just removing unneded and possible future source of confusion	2010-05-28 14:19:12 +00:00
Miroslav Stampar	a3db3c03c1	str() -> unicode()	2010-05-28 13:05:02 +00:00
Miroslav Stampar	94354d0862	removing previous fix	2010-05-28 11:53:27 +00:00
Bernardo Damele	f26de89216	Minor bug fix to correctly deal with unicode queries with -d	2010-05-28 11:32:10 +00:00
Miroslav Stampar	dc83f794ea	fix regarding proper string isinstance checking (including unicode)	2010-05-25 10:09:35 +00:00
Miroslav Stampar	5d5ebd49b6	introducing regex caching mechanism	2010-05-21 14:42:59 +00:00
Bernardo Damele	cda8da288c	Minor adjustment	2010-05-21 12:18:43 +00:00
Miroslav Stampar	f6bffb61d3	minor adjustment	2010-05-21 11:51:43 +00:00
Miroslav Stampar	460a1ba872	fix for my imperfect calculations :)	2010-05-21 11:41:49 +00:00
Miroslav Stampar	68e13c3872	periodical commit	2010-05-21 09:35:36 +00:00
Miroslav Stampar	b8a5a54395	minor update	2010-05-15 20:44:08 +00:00
Miroslav Stampar	4984ceac49	some code refactoring and minor speed up (jump prediction rule)	2010-05-14 15:20:34 +00:00
Miroslav Stampar	ed20f1cf33	some more speed up (one time compilation of popular regexes)	2010-05-14 14:48:54 +00:00
Miroslav Stampar	3ead88c364	minor tweak	2010-05-14 14:36:54 +00:00
Miroslav Stampar	131789a6e4	some code refactoring	2010-05-14 14:21:13 +00:00
Miroslav Stampar	5396f13bab	added CPU throttling for lowering sqlmap's CPU intensivity	2010-05-13 15:19:28 +00:00
Miroslav Stampar	ca3e12ae73	added calculateDeltaSeconds method for dealing with non-deterministic time behaviour in some cases (e.g. WAITFOR DELAY in case of MSSQL)	2010-05-13 11:05:35 +00:00
Bernardo Damele	8b74c405f5	Minor output bug fix	2010-05-11 14:15:03 +00:00
Bernardo Damele	457d32c73e	Proper displaying of debug messages (-v >= 2)	2010-05-11 13:58:53 +00:00
Bernardo Damele	44ea8f1861	Minor adjustment	2010-05-06 11:00:58 +00:00

1 2 3 4 5 ...

262 Commits