sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-12-01 22:13:53 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,288 Commits 4 Branches 117 Tags 97 MiB
68a95fd1b1
Commit Graph

419 Commits

Author SHA1 Message Date
Miroslav Stampar
1fa8f0cba7 code reviewing part 2 2011-01-15 12:53:40 +00:00
Bernardo Damele
2d9b151883 Minor bug fix 2011-01-15 10:14:05 +00:00
Bernardo Damele
e4e9b11b79 Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms. 2011-01-14 12:47:07 +00:00
Bernardo Damele
3c95d71ea5 Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase 2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. 
Minor bug fixes thanks to previous refactoring too.
 2011-01-13 17:36:54 +00:00
Bernardo Damele
8a67aea754 One more step to fully working UNION exploitation after merge into detection phase 2011-01-12 01:13:32 +00:00
Bernardo Damele
8bdb7ec58c Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet. 2011-01-12 00:47:39 +00:00
Bernardo Damele
06230e4d92 Minor code refactoring and cosmetics 2011-01-11 21:46:21 +00:00
Miroslav Stampar
0676b38063 revert of one thing for Bernardo and minor update 2011-01-10 10:30:17 +00:00
Miroslav Stampar
8e83a26acf minor fix 2011-01-07 17:53:17 +00:00
Bernardo Damele
cc46940159 Minor refactoring 2011-01-07 17:10:32 +00:00
Miroslav Stampar
b313a20a3f some fixes 2011-01-07 16:39:47 +00:00
Bernardo Damele
16a06117f7 Mere cosmetics 2011-01-07 16:36:32 +00:00
Miroslav Stampar
8a48baf789 update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised 2011-01-04 13:23:59 +00:00
Miroslav Stampar
0eabca9fd4 update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) 2011-01-03 22:31:29 +00:00
Miroslav Stampar
8e1927fe31 minor fix 2011-01-02 18:12:18 +00:00
Miroslav Stampar
5f9b6b2254 code refactoring 2011-01-02 16:51:21 +00:00
Miroslav Stampar
b763feafd9 bug fix (TypeError: object of type 'NoneType' has no len()) 2011-01-02 12:26:31 +00:00
Miroslav Stampar
f0dad2a1e4 minor bug fix (in multiple item search only last item was shown) 2011-01-02 12:23:36 +00:00
Miroslav Stampar
7b9d978cf9 minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax") 2011-01-02 11:01:20 +00:00
Miroslav Stampar
73e8a10527 minor fix 2011-01-02 09:12:20 +00:00
Miroslav Stampar
e28b9f26fc minor fix 2011-01-02 08:01:01 +00:00
Miroslav Stampar
26b06bfcfb update (http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html) 2011-01-01 19:38:51 +00:00
Miroslav Stampar
7ea3d060f6 some fixes/updates here and there 2011-01-01 12:41:51 +00:00
Miroslav Stampar
076560f59f bug fix 2010-12-31 12:58:27 +00:00
Miroslav Stampar
5db8ebbfa9 update of mysql comment versions 2010-12-31 12:42:12 +00:00
Miroslav Stampar
40e3489099 minor update 2010-12-31 12:27:57 +00:00
Miroslav Stampar
ce19b0c431 optimization of comment checking in MySQL 2010-12-31 12:21:02 +00:00
Miroslav Stampar
42e7b1b3a7 bug fix 2010-12-30 22:40:37 +00:00
Miroslav Stampar
20e3a6d72f fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html) 2010-12-30 21:53:34 +00:00
Miroslav Stampar
7f4acaf6f9 now comment injection fingerprint works with all techniques 2010-12-30 21:24:26 +00:00
Miroslav Stampar
6f17e84e19 minor fix 2010-12-30 08:29:20 +00:00
Miroslav Stampar
a77b186aca minor fix 2010-12-27 16:55:27 +00:00
Miroslav Stampar
5015f04826 minor update 2010-12-27 16:36:05 +00:00
Miroslav Stampar
9c1676bdfa minor cosmetics 2010-12-27 14:44:00 +00:00
Miroslav Stampar
9fb0e0fc85 resume of brute forced data is now available 2010-12-27 14:17:20 +00:00
Miroslav Stampar
3d23f226ae minor update 2010-12-27 11:47:50 +00:00
Miroslav Stampar
68462466f2 minor fix for a bug reported by shaohua pan (argument of type 'NoneType' is not iterable) 2010-12-27 11:36:36 +00:00
Miroslav Stampar
51a492e17d pretty important commit (now dumped tables are prone to dictionary attack) 2010-12-27 10:56:28 +00:00
Miroslav Stampar
c8d5a6b980 update 2010-12-27 00:41:16 +00:00
Miroslav Stampar
89c2640d23 basic --search now works with MS Access 2010-12-26 23:50:16 +00:00
Miroslav Stampar
c4d6a367e9 this way order given in -C is preserved 2010-12-26 14:11:42 +00:00
Miroslav Stampar
c93f2a703d minor update 2010-12-26 14:02:16 +00:00
Miroslav Stampar
e41acb6fc2 further ms access improvements 2010-12-26 02:13:56 +00:00
Miroslav Stampar
2c8115eed9 further improvement for ms access table dumping 2010-12-26 01:04:30 +00:00
Miroslav Stampar
5249762794 update 2010-12-25 16:46:33 +00:00
Miroslav Stampar
fb099615e2 minor update 2010-12-25 11:16:35 +00:00
Miroslav Stampar
9853c1ec7f fix for a bug reported by alessio.dallapiazza@gmail.com (AttributeError: users) 2010-12-25 09:13:57 +00:00
Miroslav Stampar
6845d402fa well, here and there, merry Christmas to all :) 2010-12-24 20:17:53 +00:00
Miroslav Stampar
706d8e0b88 development update (basic ms access dumping implemented) 2010-12-24 19:53:11 +00:00
Miroslav Stampar
2c23a59ba5 fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside) 2010-12-24 12:13:48 +00:00
Miroslav Stampar
7c06dbffc3 bug fix (AttributeError: 'unicode' object has no attribute 'sort') 2010-12-22 18:55:50 +00:00
Bernardo Damele
b3da473840 Minor bug fix when --dbs has only one DB name 2010-12-22 14:29:57 +00:00
Bernardo Damele
c9ab8ae60e Bug fix to properly identify if current user is DBA (--is-dba) on MySQL 2010-12-22 14:06:01 +00:00
Miroslav Stampar
c89021f0bb some fixes 2010-12-22 11:46:18 +00:00
Miroslav Stampar
5d25da5135 better way to handle this one 2010-12-22 00:51:20 +00:00
Miroslav Stampar
306501363c fuck, sorry, 0 was OK (STRCMP() returns 0 if the strings are the same) 2010-12-22 00:41:38 +00:00
Miroslav Stampar
d6e6afd6f2 minor fix ("To clarify a bit: STRCMP() is case-insensitive as of MySQL 4.0." - http://bugs.mysql.com/bug.php?id=2102) 2010-12-22 00:38:54 +00:00
Miroslav Stampar
6f2ce15478 minor refactoring 2010-12-22 00:27:21 +00:00
Miroslav Stampar
cb61401c18 bug fix (http://dev.mysql.com/doc/refman/5.0/es/news-5-0-11.html - "Added support of where clause for queries with FROM DUAL") 2010-12-22 00:20:56 +00:00
Miroslav Stampar
f905adb7c1 way better as there is no official release version for FOUND_ROWS() (it appears somewhere in alphas/betas of 4.0.x - i've stumbled upon one site with 4.0.22 and it didn't recognized FOUND_ROWS). 2010-12-21 22:18:27 +00:00
Miroslav Stampar
385e208f38 code refactoring regarding standard output suppression and some threading issues 2010-12-21 14:21:24 +00:00
Miroslav Stampar
6b37ddada4 removed some blank trailing spaces (with extra/shutils/blanks.sh) 2010-12-21 10:31:56 +00:00
Bernardo Damele
1a3f57e5fe Cosmetics 2010-12-21 09:23:00 +00:00
Miroslav Stampar
03b275ce33 update 2010-12-20 23:27:04 +00:00
Miroslav Stampar
518b3e094c bug fix (http://dev.mysql.com/doc/refman/5.0/en/information-functions.html#function_found-rows) 2010-12-20 23:00:03 +00:00
Miroslav Stampar
8fd3e7ba1f thread based data added 2010-12-20 22:45:01 +00:00
Miroslav Stampar
364bc8e7d4 minor update 2010-12-20 11:25:18 +00:00
Miroslav Stampar
28da1141cf some fixes (for MySQL < 4.0) 2010-12-20 11:23:57 +00:00
Miroslav Stampar
76024c455f minor fix (using older commands for basic MySQL check) 2010-12-20 11:15:43 +00:00
Miroslav Stampar
36862e2efa update 2010-12-18 15:57:47 +00:00
Miroslav Stampar
71cf0bd2a5 minor update 2010-12-18 13:08:37 +00:00
Miroslav Stampar
a067e805fa minor update 2010-12-17 22:23:01 +00:00
Miroslav Stampar
108a96c6b4 some fixes 2010-12-17 21:45:20 +00:00
Miroslav Stampar
a19cb2c13a code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") 2010-12-17 21:29:09 +00:00
Miroslav Stampar
b4450c6ddd added one more level of MSSQL version check (if first fails for some reason) 2010-12-17 21:01:14 +00:00
Miroslav Stampar
3ee44584d4 i've found a way! thank you hesus! fyea (ASC(MID) was just crashing when MID returned 'empty string') 2010-12-14 12:57:59 +00:00
Miroslav Stampar
4c6e902471 removed obsolete comment 2010-12-14 07:49:30 +00:00
Bernardo Damele
a02dd6b55b Minor enhancement to speedup active dbms fingerprint (-f). 
Code cleanup and refactoring.
 2010-12-13 21:33:42 +00:00
Miroslav Stampar
e98d9c08e1 dumping table is now possible on Firebird too 2010-12-12 14:38:07 +00:00
Miroslav Stampar
f9bc6fc78f minor fix 2010-12-11 22:14:35 +00:00
Miroslav Stampar
c93634b6c7 blind dumping of tables in sqlite implemented 2010-12-11 22:13:19 +00:00
Miroslav Stampar
b1babeefe5 update regarding dumping of tables with blind on Sqlite 2010-12-11 22:00:16 +00:00
Miroslav Stampar
e6c66fa37c update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available 2010-12-11 17:55:28 +00:00
Miroslav Stampar
1beb1dd2cc minor update 2010-12-11 09:30:38 +00:00
Miroslav Stampar
435f48b8cc polite cosmetics 2010-12-10 15:28:56 +00:00
Bernardo Damele
7c87ad4065 Minor speedup in -f mysql 2010-12-10 13:05:46 +00:00
Miroslav Stampar
b02bd55edc minor refactoring 2010-12-10 13:04:36 +00:00
Bernardo Damele
d71e51e765 Minor improvement 2010-12-10 11:31:27 +00:00
Bernardo Damele
4741874e9e Enhancement to speedup MySQL fingerprint 2010-12-10 11:27:36 +00:00
Miroslav Stampar
e98b81fe32 another update 2010-12-10 10:56:55 +00:00
Miroslav Stampar
d5e7a8d305 update 2010-12-10 10:54:17 +00:00
Miroslav Stampar
bbffea2cbc bug fix 2010-12-09 17:10:22 +00:00
Miroslav Stampar
0eb2c408a9 code refactoring 2010-12-09 16:49:02 +00:00
Miroslav Stampar
cdff29ada7 update 2010-12-09 11:23:44 +00:00
Miroslav Stampar
81c16926c1 code refactoring some more 2010-12-08 14:46:07 +00:00
Miroslav Stampar
d77ddbee47 OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND) 2010-12-06 18:20:57 +00:00
Bernardo Damele
17449754fe Got rid of UNION false cond 2010-12-05 16:16:15 +00:00
Miroslav Stampar
5764816891 minor cosmetics 2010-12-03 22:28:09 +00:00
Miroslav Stampar
2cc167a42e fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'" 2010-12-02 18:57:43 +00:00