Bernardo Damele
|
85fcd27e2d
|
added support for random global variables
|
2012-12-19 15:58:06 +00:00 |
|
Bernardo Damele
|
12d34587cc
|
minor restyling
|
2012-12-19 14:34:34 +00:00 |
|
Bernardo Damele
|
326ff404fc
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:25:35 +00:00 |
|
Bernardo Damele
|
12eed58485
|
pointless restyling
|
2012-12-19 14:25:29 +00:00 |
|
Miroslav Stampar
|
37346fe8a3
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 15:23:57 +01:00 |
|
Miroslav Stampar
|
7ee98c7bff
|
Just for one girl out there waiting for this patch ;)
|
2012-12-19 15:23:38 +01:00 |
|
Bernardo Damele
|
3be90c97aa
|
forgot these
|
2012-12-19 14:12:45 +00:00 |
|
Bernardo Damele
|
cefb03c835
|
fixed bug related to issue #223
|
2012-12-19 14:12:09 +00:00 |
|
Bernardo Damele
|
27a12ae85b
|
restyling
|
2012-12-19 13:47:17 +00:00 |
|
Bernardo Damele
|
4b3b4eb374
|
commented out partial work
|
2012-12-19 13:47:04 +00:00 |
|
Bernardo Damele
|
3655d1f12a
|
revert change of name for now
|
2012-12-19 13:45:52 +00:00 |
|
Bernardo Damele
|
874e2176c6
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 13:43:00 +00:00 |
|
Bernardo Damele
|
4f0f729982
|
be more specific in standard output message as to whether or not the read file is same as remote file
|
2012-12-19 13:42:56 +00:00 |
|
Miroslav Stampar
|
23153e8088
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:29:08 +01:00 |
|
Miroslav Stampar
|
244901eda0
|
During --flush-session log file should be cleaned too (especially because of --live-tests)
|
2012-12-19 14:28:54 +01:00 |
|
Bernardo Damele
|
282aeb734f
|
ORDER BY does not play well with UNION query SQLi (related to issue #313)
|
2012-12-19 13:21:16 +00:00 |
|
Bernardo Damele
|
128597ee7e
|
--run-case is now case insensitive
|
2012-12-19 12:45:46 +00:00 |
|
Bernardo Damele
|
b91c829103
|
minor bug fix (issue #310)
|
2012-12-19 12:42:31 +00:00 |
|
Bernardo Damele
|
2bc2c0431c
|
fixed test cases
|
2012-12-19 12:33:37 +00:00 |
|
Bernardo Damele
|
9149d77cc8
|
removed duplicate code - fixes issue #310
|
2012-12-19 12:17:56 +00:00 |
|
Bernardo Damele
|
f5450e9f0e
|
layout adjustment
|
2012-12-19 11:39:38 +00:00 |
|
Miroslav Stampar
|
92e338251a
|
Finally working inference against MySQL/international letters (even chinese)
|
2012-12-19 10:44:02 +01:00 |
|
Miroslav Stampar
|
c9b8b51c9c
|
Update lib/core/common.py
Revert of last commit and try 2
|
2012-12-19 01:48:53 +01:00 |
|
Bernardo Damele
|
318fcee49c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 00:30:26 +00:00 |
|
Bernardo Damele
|
3c7007097a
|
minor refactoring
|
2012-12-19 00:30:22 +00:00 |
|
Miroslav Stampar
|
50b846b5af
|
Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
|
2012-12-19 01:26:12 +01:00 |
|
Miroslav Stampar
|
9e2f0131b9
|
Update lib/core/agent.py
|
2012-12-18 20:25:00 +01:00 |
|
Bernardo Damele
|
326ed33f31
|
added support for comma separated list of files for --file-read - fixes issue #223
|
2012-12-18 17:55:21 +00:00 |
|
Bernardo Damele
|
58656bbeb5
|
minor bug fix, union query has to be limited 0, 0
|
2012-12-18 16:36:30 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Miroslav Stampar
|
88d8494b5a
|
Implementation for an Issue #307
|
2012-12-18 16:03:35 +01:00 |
|
Bernardo Damele
|
3c1b696bd6
|
removed more print statements
|
2012-12-17 13:35:32 +00:00 |
|
Bernardo Damele
|
9f47eb0a59
|
cleaner
|
2012-12-17 13:29:37 +00:00 |
|
Bernardo Damele
|
0500712a03
|
removed unuseful prints
|
2012-12-17 13:29:19 +00:00 |
|
Bernardo Damele
|
ac44cf3ec0
|
minor fix: add also back-end DBMS and web app fingerprint output to log file
|
2012-12-17 13:02:09 +00:00 |
|
Bernardo Damele
|
bbd2adb5fb
|
improvements to --live-test and added --stop-fail switch
|
2012-12-17 11:41:43 +00:00 |
|
Bernardo Damele
|
2926c815bf
|
improved test switch --live-test and minor refactoring
|
2012-12-17 11:29:33 +00:00 |
|
Bernardo Damele
|
0c3da5c7eb
|
code refactoring and first time logger is handled by a separate file descriptor (issue #297)
|
2012-12-15 00:12:22 +00:00 |
|
Bernardo Damele
|
a2a71bb37b
|
cleanup from XML-RPC related stuff
|
2012-12-14 13:37:36 +00:00 |
|
Bernardo Damele
|
6e31e87de1
|
added initial support (hidden from -hh and not yet usable) for REST-JSON API
|
2012-12-14 02:49:25 +00:00 |
|
Miroslav Stampar
|
df0f08bc6a
|
Cleaning some (web upload based) garbage
|
2012-12-13 13:19:47 +01:00 |
|
Miroslav Stampar
|
5150172178
|
Minor update
|
2012-12-13 10:03:21 +01:00 |
|
Miroslav Stampar
|
fc4be0a77c
|
Minor fix
|
2012-12-12 16:45:29 +01:00 |
|
Miroslav Stampar
|
921000bd87
|
Another update for an Issue #287
|
2012-12-12 14:22:24 +01:00 |
|
Miroslav Stampar
|
c3f20a136f
|
Minor update for an Issue #287
|
2012-12-12 14:03:03 +01:00 |
|
Miroslav Stampar
|
a6448e8768
|
Update for an Issue #287
|
2012-12-12 11:54:59 +01:00 |
|
Miroslav Stampar
|
b9f6fc5f4e
|
First commit (and working one) for an Issue #287 (XML-RPC server)
|
2012-12-11 16:02:06 +01:00 |
|
Miroslav Stampar
|
b5884c7eda
|
Minor language update
|
2012-12-11 15:24:02 +01:00 |
|
Miroslav Stampar
|
760519dbe9
|
Removing redundant piece of code
|
2012-12-11 15:21:27 +01:00 |
|
Miroslav Stampar
|
a54c261496
|
Minor update for Issues #292 & #293 (only single alert per target)
|
2012-12-11 14:44:43 +01:00 |
|
Miroslav Stampar
|
5c2451d83c
|
Implementation for an Issue #293
|
2012-12-11 12:48:58 +01:00 |
|
Miroslav Stampar
|
562044577b
|
Implementation for an Issue #292
|
2012-12-11 12:02:06 +01:00 |
|
Miroslav Stampar
|
6433be8b3d
|
Style update
|
2012-12-10 17:20:04 +01:00 |
|
Miroslav Stampar
|
a024884ca7
|
Support for a HTTP parameter pollution (Issue #267)
|
2012-12-10 11:55:31 +01:00 |
|
Miroslav Stampar
|
1f7644a691
|
Minor fix when user doesn't want custom injection char marker to be processed
|
2012-12-08 21:23:30 +01:00 |
|
Miroslav Stampar
|
0cbdaaecfa
|
Revert of 99e9412f74 (because of an Issue #289)
|
2012-12-08 08:53:25 +01:00 |
|
Miroslav Stampar
|
1028afce37
|
Removal of leftovers
|
2012-12-06 14:15:44 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|
Miroslav Stampar
|
baccbd6f48
|
Implementation for an Issue #283
|
2012-12-06 11:57:57 +01:00 |
|
Miroslav Stampar
|
ab67344448
|
Removed unused imports and variables (pyflake-ing)
|
2012-12-06 11:15:05 +01:00 |
|
Miroslav Stampar
|
b6650add46
|
Introducing 'new style classes' (idea from Pull request #284)
|
2012-12-06 10:42:53 +01:00 |
|
Miroslav Stampar
|
0f191f624c
|
Taking some goodies from Pull request #284
|
2012-12-06 10:21:53 +01:00 |
|
Miroslav Stampar
|
6b39e661a7
|
Fix for an issue #279
|
2012-12-05 12:15:14 +01:00 |
|
Miroslav Stampar
|
775e0df04b
|
Update for an Issue #278
|
2012-12-05 10:45:17 +01:00 |
|
Miroslav Stampar
|
6b007ab188
|
Minor patch for an Issue #274 (just in case to avoid this kind of problems)
|
2012-12-04 16:14:14 +01:00 |
|
Miroslav Stampar
|
e2aa695655
|
Minor update
|
2012-12-03 17:20:18 +01:00 |
|
Miroslav Stampar
|
42a8234c6f
|
Update for an Issue #12
|
2012-12-03 14:27:01 +01:00 |
|
Miroslav Stampar
|
79fca8e9d5
|
Fix for an Issue #268
|
2012-12-03 12:13:59 +01:00 |
|
Miroslav Stampar
|
8410fc5a9d
|
Minor update
|
2012-12-02 08:00:55 +01:00 |
|
redshark1802
|
1675386093
|
fixed typo that created an invalid configuration file with the option '--save'
|
2012-11-30 23:00:03 +01:00 |
|
Miroslav Stampar
|
5b61e9ce12
|
Minor update for an Issue #254
|
2012-11-30 11:43:50 +01:00 |
|
Miroslav Stampar
|
7e2db762d6
|
Minor update
|
2012-11-29 15:45:04 +01:00 |
|
Miroslav Stampar
|
8f10023523
|
Fix for an Issue #266
|
2012-11-29 15:44:14 +01:00 |
|
Miroslav Stampar
|
3b961c2550
|
Update for an Issue #254
|
2012-11-29 15:36:38 +01:00 |
|
Miroslav Stampar
|
a7e1e856d4
|
Fix for an Issue #260
|
2012-11-28 17:00:26 +01:00 |
|
Miroslav Stampar
|
35d1146fd1
|
Minor update for an (Issue #254)
|
2012-11-28 12:53:11 +01:00 |
|
Miroslav Stampar
|
753d0f18bf
|
First CSS style added for a HTML table dump format (Issue #254)
|
2012-11-28 12:46:43 +01:00 |
|
Miroslav Stampar
|
b6ea337937
|
First style-less prototype for an HTML dump output (Issue #254)
|
2012-11-28 12:28:42 +01:00 |
|
Miroslav Stampar
|
e2d8b53e97
|
Minor update for an Issue #264
|
2012-11-28 11:45:33 +01:00 |
|
Miroslav Stampar
|
cff0c59630
|
Implementation for an Issue #264
|
2012-11-28 11:41:39 +01:00 |
|
Miroslav Stampar
|
5bf5b95588
|
More refactoring for an Issue #254
|
2012-11-28 11:16:00 +01:00 |
|
Miroslav Stampar
|
87a92ab330
|
Deprecating --replicate (Issue #254)
|
2012-11-28 11:10:57 +01:00 |
|
Miroslav Stampar
|
f08eb0fd9f
|
Minor style update
|
2012-11-28 10:59:15 +01:00 |
|
Miroslav Stampar
|
d95dd2d16e
|
Preparation for an Issue #254
|
2012-11-28 10:58:18 +01:00 |
|
Miroslav Stampar
|
d490ffb163
|
Fix for an Issue #259
|
2012-11-27 11:45:22 +01:00 |
|
Miroslav Stampar
|
bd33128085
|
Fix for an Issue #262
|
2012-11-27 10:08:22 +01:00 |
|
Miroslav Stampar
|
38c96a366b
|
Patch for an Issue #260
|
2012-11-26 11:16:59 +01:00 |
|
Miroslav Stampar
|
ef2038f1c8
|
Implementation for an Issue #253
|
2012-11-21 10:16:13 +01:00 |
|
Miroslav Stampar
|
93e071fc33
|
Fix for an Issue #251
|
2012-11-20 11:19:23 +01:00 |
|
Miroslav Stampar
|
302348b0cd
|
Minor update
|
2012-11-19 11:59:28 +01:00 |
|
Miroslav Stampar
|
d37be5f97b
|
Fix for an Issue #248
|
2012-11-14 15:54:24 +01:00 |
|
Miroslav Stampar
|
9a54a911a8
|
Patch for an Issue #231
|
2012-11-14 11:30:29 +01:00 |
|
Miroslav Stampar
|
6f7f9dd8eb
|
Patch for an Issue #242
|
2012-11-13 10:41:13 +01:00 |
|
Miroslav Stampar
|
a52dbc575b
|
Patch for an Issue #246
|
2012-11-13 10:21:11 +01:00 |
|
Miroslav Stampar
|
f305dde413
|
Patch for an Issue #235
|
2012-11-10 11:01:29 +01:00 |
|
Miroslav Stampar
|
181c3534f0
|
Patch for an Issue #237
|
2012-11-08 19:16:37 +01:00 |
|
Miroslav Stampar
|
e7e83defaa
|
Minor update
|
2012-11-08 11:09:34 +01:00 |
|
Miroslav Stampar
|
1ee0d9ce5e
|
Fix for an Issue #229
|
2012-11-05 15:58:54 +01:00 |
|
Miroslav Stampar
|
2de52927f3
|
Code refactoring (epecially Google search code)
|
2012-10-30 18:38:10 +01:00 |
|
Miroslav Stampar
|
5cfc066ac4
|
Minor update
|
2012-10-30 10:30:22 +01:00 |
|
Miroslav Stampar
|
7c7aff12c6
|
Update for an Issue #225
|
2012-10-30 01:26:19 +01:00 |
|
Miroslav Stampar
|
b0f5b4f9bc
|
Update for an Issue #225
|
2012-10-30 00:59:31 +01:00 |
|
Miroslav Stampar
|
a9094a35fe
|
Fix for an Issue #227
|
2012-10-30 00:20:49 +01:00 |
|
Miroslav Stampar
|
1d07b93730
|
Bug fix for --os-shell on MySQL (it was not working for a long time because of this)
|
2012-10-29 15:45:30 +01:00 |
|
Miroslav Stampar
|
5358d85d37
|
Important refactoring for web-based functionality
|
2012-10-29 15:09:05 +01:00 |
|
Miroslav Stampar
|
81ccf28785
|
Minor refactoring
|
2012-10-29 14:08:48 +01:00 |
|
Miroslav Stampar
|
359e734954
|
Minor refactoring
|
2012-10-29 10:48:49 +01:00 |
|
Miroslav Stampar
|
c1eb803ef5
|
Bug fix for MsSQL --hex --technique=E (NOT IN based queries were not working properly)
|
2012-10-28 21:16:51 +01:00 |
|
Miroslav Stampar
|
25a5073281
|
Bug fix for --hex/--technique=B (especially MsSQL)
|
2012-10-28 12:22:33 +01:00 |
|
Miroslav Stampar
|
8617fe0d65
|
Bug fix for international letters decoded with --hex on MsSQL
|
2012-10-28 11:50:16 +01:00 |
|
Miroslav Stampar
|
ca427af8b3
|
Minor refactoring/improvement
|
2012-10-28 01:42:08 +02:00 |
|
Miroslav Stampar
|
43ddf39bea
|
Minor refactoring
|
2012-10-28 01:16:02 +02:00 |
|
Miroslav Stampar
|
bcdba7b7bb
|
Dealing with rare cases when getIdentifiedDbms is needed prior to DBMS isfingerprinted and there are multiples of dbmses inside details
|
2012-10-28 01:11:50 +02:00 |
|
Miroslav Stampar
|
c1b8226329
|
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
|
2012-10-28 00:36:09 +02:00 |
|
Miroslav Stampar
|
965d7eee17
|
Minor bug fix for a reflection removal mechanism
|
2012-10-26 00:06:15 +02:00 |
|
Miroslav Stampar
|
8a5844a364
|
Implementation for an Issue #222
|
2012-10-25 13:21:32 +02:00 |
|
Miroslav Stampar
|
12fc9442b9
|
Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)
|
2012-10-25 10:10:23 +02:00 |
|
Miroslav Stampar
|
65ec715828
|
Fix for an Issue #218
|
2012-10-25 00:03:00 +02:00 |
|
Miroslav Stampar
|
5477c9f7ba
|
Fix for an Issue #216
|
2012-10-24 22:59:46 +02:00 |
|
Miroslav Stampar
|
056be32ac1
|
Fix for Issue #213
|
2012-10-23 17:06:31 +02:00 |
|
Miroslav Stampar
|
4365c48e83
|
Minor style update
|
2012-10-23 14:38:24 +02:00 |
|
Miroslav Stampar
|
06f226c494
|
Fix for an Issue #211
|
2012-10-23 14:37:45 +02:00 |
|
Miroslav Stampar
|
b82eb3a1ae
|
Fix for an Issue #210
|
2012-10-23 13:58:25 +02:00 |
|
Miroslav Stampar
|
f2bbf1ead9
|
Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)
|
2012-10-23 11:05:00 +02:00 |
|
Miroslav Stampar
|
5ff2e33c43
|
Minor fix
|
2012-10-23 10:54:26 +02:00 |
|
Miroslav Stampar
|
68d5faa287
|
Minor update
|
2012-10-23 10:46:17 +02:00 |
|
Miroslav Stampar
|
f11a640e99
|
Undo of a previous commit (pdb left inside)
|
2012-10-22 14:39:35 +02:00 |
|
Miroslav Stampar
|
b913e2123d
|
Displaying hex-decoded resulting output in --hex mode
|
2012-10-22 14:39:11 +02:00 |
|
Miroslav Stampar
|
39f565533a
|
In case on --no-cast DUMP_REPLACEMENTS should not be used
|
2012-10-22 14:13:30 +02:00 |
|
Miroslav Stampar
|
d65d9e25cd
|
Implementation for an Issue #2
|
2012-10-19 11:02:14 +02:00 |
|
Miroslav Stampar
|
64b4586883
|
Minor update
|
2012-10-18 11:36:12 +02:00 |
|
Miroslav Stampar
|
ea49fa2db2
|
Fix for an Issue #206
|
2012-10-18 11:11:20 +02:00 |
|
Miroslav Stampar
|
1cb2ca4195
|
Minor update
|
2012-10-18 10:55:27 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
3e64ab214e
|
Minor update
|
2012-10-16 10:28:59 +02:00 |
|
Miroslav Stampar
|
8b57e1fce6
|
Minor update for an Issue #203
|
2012-10-15 23:15:52 +02:00 |
|
Miroslav Stampar
|
048e720f69
|
Minor refactoring for an Issue #203
|
2012-10-15 17:55:57 +02:00 |
|
Miroslav Stampar
|
9aba690a60
|
Patch for an Issue #203
|
2012-10-15 16:23:41 +02:00 |
|
Miroslav Stampar
|
e440b096c5
|
Fix for an Issue #202
|
2012-10-15 12:24:30 +02:00 |
|
Miroslav Stampar
|
56832fe9c4
|
Better adjustTimeDelay() candidate algorithm
|
2012-10-11 14:23:53 +02:00 |
|
Miroslav Stampar
|
e61c4c22c9
|
Implementation for an Issue #200
|
2012-10-09 15:19:47 +02:00 |
|
Miroslav Stampar
|
cd9a47835b
|
Minor consistency update
|
2012-10-09 14:48:26 +02:00 |
|
Miroslav Stampar
|
8c5fb1b064
|
Minor update
|
2012-10-09 14:46:45 +02:00 |
|
Miroslav Stampar
|
ea12ccec77
|
Minor refactoring
|
2012-10-09 11:33:19 +02:00 |
|
Miroslav Stampar
|
10b0fd21dc
|
Fix for an Issue #198
|
2012-10-09 11:27:19 +02:00 |
|
Miroslav Stampar
|
8e7449ccd5
|
Minor update
|
2012-10-07 20:28:24 +02:00 |
|
Miroslav Stampar
|
ebc7088f94
|
Implementation for an Issue #128
|
2012-10-05 10:24:09 +02:00 |
|
Miroslav Stampar
|
098e446ca4
|
Adding support for generic XML POST data
|
2012-10-04 18:44:12 +02:00 |
|
Miroslav Stampar
|
8865fe69d7
|
Minor cleanup
|
2012-10-04 18:26:07 +02:00 |
|
Miroslav Stampar
|
d464678e10
|
Minor update for an Issue #49
|
2012-10-04 18:01:42 +02:00 |
|
Miroslav Stampar
|
84b05e2d18
|
Better treating of numeric values (Issue #49)
|
2012-10-04 16:08:37 +02:00 |
|
Miroslav Stampar
|
31aa9be1c7
|
Minor update
|
2012-10-04 15:40:11 +02:00 |
|
Miroslav Stampar
|
9129dac77b
|
Minor fix for an Issue #134
|
2012-10-04 15:33:26 +02:00 |
|
Miroslav Stampar
|
5d2b534908
|
Minor update (Issue #49)
|
2012-10-04 15:23:01 +02:00 |
|
Miroslav Stampar
|
5b59b6feb4
|
Removing junk part
|
2012-10-04 12:09:09 +02:00 |
|
Miroslav Stampar
|
d570e25b1b
|
Minor workflow update
|
2012-10-04 12:05:59 +02:00 |
|
Miroslav Stampar
|
eddc634ceb
|
Minor improvement (custom injection marks are now processed in order of appearance)
|
2012-10-04 11:52:40 +02:00 |
|
Miroslav Stampar
|
3764d230be
|
Minor fix for Issue #197 and Issue #49
|
2012-10-04 11:43:37 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
bcbf0571a5
|
Implementation for an Issue #49
|
2012-10-02 14:23:58 +02:00 |
|
Miroslav Stampar
|
763dc98311
|
Minor refactoring
|
2012-10-02 13:36:15 +02:00 |
|
Miroslav Stampar
|
687f3991de
|
Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.
|
2012-09-26 11:27:43 +02:00 |
|
Miroslav Stampar
|
6bc5f44b20
|
Minor just in case update for an Issue #195 (safer behavior on forced charsets)
|
2012-09-25 15:09:07 +02:00 |
|
Miroslav Stampar
|
efe4c13ed1
|
Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments)
|
2012-09-25 14:36:15 +02:00 |
|
Miroslav Stampar
|
fccdb824bb
|
Patch for an Issue #193
|
2012-09-25 11:21:39 +02:00 |
|
Miroslav Stampar
|
c9e7e71ea2
|
Implementation for an Issue #195
|
2012-09-25 10:17:25 +02:00 |
|
Miroslav Stampar
|
9ca7b3e20e
|
Implementation for an Issue #194
|
2012-09-25 09:25:35 +02:00 |
|
Miroslav Stampar
|
d175decdfc
|
Fix for an Issue #190
|
2012-09-22 20:59:40 +02:00 |
|
Miroslav Stampar
|
9a1fbb8941
|
Fix for an Issue #185
|
2012-09-13 14:22:26 +02:00 |
|
Miroslav Stampar
|
a64438fb5c
|
Minor language update
|
2012-09-11 19:45:40 +02:00 |
|
Miroslav Stampar
|
05dced5418
|
Minor language update
|
2012-09-11 19:43:03 +02:00 |
|
Miroslav Stampar
|
511c3b8dcc
|
Update and fix for an Issue #182
|
2012-09-11 14:58:52 +02:00 |
|
Miroslav Stampar
|
f26ea04e38
|
Fix for an Issue #175
|
2012-09-07 17:06:38 +02:00 |
|
Miroslav Stampar
|
e4bc471f81
|
Fix for an Issue #173
|
2012-09-07 10:09:19 +02:00 |
|
Miroslav Stampar
|
a3baf94e9b
|
Minor style update
|
2012-09-07 10:09:00 +02:00 |
|
Miroslav Stampar
|
cea5127ffd
|
Update for an Issue #6
|
2012-09-06 15:51:38 +02:00 |
|
Miroslav Stampar
|
c3d191e626
|
Minor update for an Issue #2
|
2012-09-06 14:13:54 +02:00 |
|
Miroslav Stampar
|
1e238b5a5a
|
Minor update
|
2012-09-06 13:36:34 +02:00 |
|
Miroslav Stampar
|
f6716cf7c0
|
Fix for an Issue #170
|
2012-09-01 23:52:00 +02:00 |
|
Miroslav Stampar
|
2170e64ca5
|
Minor bug fix
|
2012-08-31 19:48:45 +02:00 |
|
Miroslav Stampar
|
33980adaef
|
Another update for an Issue #79
|
2012-08-31 12:46:38 +02:00 |
|
Miroslav Stampar
|
7286d89cb6
|
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
|
2012-08-31 12:15:09 +02:00 |
|
Miroslav Stampar
|
2806185989
|
Minor refactoring
|
2012-08-31 10:43:06 +02:00 |
|
Miroslav Stampar
|
74a5d41272
|
Minor update for an Issue #79
|
2012-08-31 10:24:47 +02:00 |
|
Miroslav Stampar
|
a89d61415a
|
'Patch' for an Issue #167
|
2012-08-29 21:29:27 +02:00 |
|
Miroslav Stampar
|
9674b174ee
|
One more minor update related to last commit
|
2012-08-23 15:37:17 +02:00 |
|
Miroslav Stampar
|
b79247c197
|
Minor update
|
2012-08-23 15:22:14 +02:00 |
|
Miroslav Stampar
|
e9ae44c6fc
|
Implementation for an #162
|
2012-08-22 16:50:01 +02:00 |
|
Miroslav Stampar
|
a62a874d59
|
Update for an Issue #161 (changing default readInput value regarding the conf.multipleTargets)
|
2012-08-22 16:06:09 +02:00 |
|
Miroslav Stampar
|
52351e5d81
|
Update for an Issue #161 (now detecting format error messages too)
|
2012-08-22 15:51:47 +02:00 |
|
Miroslav Stampar
|
a6d743ec4c
|
Minor console output fix (redundant newline has been displayed in case of rawInput)
|
2012-08-22 14:43:57 +02:00 |
|
Miroslav Stampar
|
8a5042b6a4
|
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)
|
2012-08-22 11:56:30 +02:00 |
|
Miroslav Stampar
|
61151447fe
|
Implementation of an Issue #161
|
2012-08-22 11:27:58 +02:00 |
|
Miroslav Stampar
|
2c66ca39f1
|
Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0)
|
2012-08-22 09:53:53 +02:00 |
|
Miroslav Stampar
|
ad59abe018
|
Cleaning leftover
|
2012-08-21 14:37:09 +02:00 |
|
Miroslav Stampar
|
1b86fffc6d
|
Fix for an Issue #157
|
2012-08-21 14:36:04 +02:00 |
|
Miroslav Stampar
|
d421f9a618
|
Fix for an Issue #157
|
2012-08-21 14:34:19 +02:00 |
|
Miroslav Stampar
|
1bcf5a6b88
|
Some more dict refactorings
|
2012-08-21 11:30:01 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
b7415d36df
|
Minor refactoring
|
2012-08-21 10:28:25 +02:00 |
|
Miroslav Stampar
|
8ee9feafb9
|
Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries)
|
2012-08-20 21:57:25 +02:00 |
|
Miroslav Stampar
|
823dde73ab
|
Minor cleanup
|
2012-08-20 11:40:49 +02:00 |
|
Miroslav Stampar
|
e0d9fa8666
|
Minor style update
|
2012-08-20 11:28:41 +02:00 |
|
Miroslav Stampar
|
59078bb1b8
|
Fix for an Issue #154
|
2012-08-20 10:05:13 +02:00 |
|
Miroslav Stampar
|
4649450603
|
Fix for an Issue #137
|
2012-08-16 22:20:24 +02:00 |
|
Miroslav Stampar
|
0d8fca30c9
|
Fix for an Issue #59
|
2012-08-16 11:31:43 +02:00 |
|
Miroslav Stampar
|
1af81c0de4
|
Implementation of an Issue #149
|
2012-08-15 22:31:25 +02:00 |
|
Miroslav Stampar
|
f358ab2e73
|
Implementation of an Issue #147
|
2012-08-15 16:37:18 +02:00 |
|
Miroslav Stampar
|
36b55cf209
|
Proper fix for an Issue #145
|
2012-08-14 22:28:42 +02:00 |
|
Miroslav Stampar
|
ab35ab4e2a
|
Fix for an Issue #145
|
2012-08-14 18:52:45 +02:00 |
|
Miroslav Stampar
|
432b567584
|
Fix for an Issue #141
|
2012-08-08 00:03:58 +02:00 |
|
Miroslav Stampar
|
31ceb0cb6c
|
Fix for an Issue #140
|
2012-08-07 10:57:29 +02:00 |
|
Miroslav Stampar
|
fec8a5cc9d
|
Fix for an Issue #139
|
2012-08-07 00:50:58 +02:00 |
|
Miroslav Stampar
|
f797a6d813
|
Fix for an Issue #125
|
2012-07-31 13:06:45 +02:00 |
|
Miroslav Stampar
|
6f529542e3
|
Making those --string tips (containing escaped characters) decodable by sqlmap
|
2012-07-31 11:32:53 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Miroslav Stampar
|
bdbe8ff9d9
|
Fix for an Issue #132
|
2012-07-30 22:39:45 +02:00 |
|
Miroslav Stampar
|
b9ac50faef
|
Minor bug fix
|
2012-07-30 12:09:20 +02:00 |
|
Miroslav Stampar
|
a86f9798b2
|
Minor refactoring together with a wider support for html entities
|
2012-07-30 11:21:32 +02:00 |
|
Miroslav Stampar
|
20a66567a3
|
Minor refactoring
|
2012-07-30 10:06:14 +02:00 |
|
Miroslav Stampar
|
1669c6bdb4
|
Another update for an Issue #28
|
2012-07-27 17:05:21 +02:00 |
|
Miroslav Stampar
|
6ffc5665d0
|
Update for Issue #28
|
2012-07-27 16:29:33 +02:00 |
|
Bernardo Damele
|
92c2b3bd4c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-26 23:11:11 +01:00 |
|
Bernardo Damele
|
d492291744
|
working on issue #12
|
2012-07-26 23:11:07 +01:00 |
|
Miroslav Stampar
|
efa99c4519
|
Implementation for an Issue #4
|
2012-07-26 14:07:05 +02:00 |
|
Miroslav Stampar
|
b3552494c4
|
Minor preparation for an Issue #48
|
2012-07-26 12:26:57 +02:00 |
|
Miroslav Stampar
|
3e9f1fe410
|
Minor style update
|
2012-07-26 12:13:16 +02:00 |
|
Miroslav Stampar
|
30f8d09651
|
Implementation for an Issue #70
|
2012-07-26 12:06:02 +02:00 |
|
Miroslav Stampar
|
231f0f76b5
|
Fix for an Issue #119
|
2012-07-26 00:49:51 +02:00 |
|
Miroslav Stampar
|
cba77410a9
|
Minor style update
|
2012-07-26 00:08:49 +02:00 |
|
Miroslav Stampar
|
18b1d1efd6
|
Fix for an Issue #121
|
2012-07-26 00:02:38 +02:00 |
|
Miroslav Stampar
|
922ea9d1f4
|
Update for Issue #118
|
2012-07-24 15:43:29 +02:00 |
|
Miroslav Stampar
|
f8c9868cb6
|
Implementation for an Issue #118
|
2012-07-24 15:34:50 +02:00 |
|
Miroslav Stampar
|
42f518b2d6
|
Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized
|
2012-07-24 14:44:44 +02:00 |
|
Miroslav Stampar
|
b820975217
|
Improvement of decodeIntToUnicode()
|
2012-07-23 19:31:06 +02:00 |
|
Miroslav Stampar
|
ab9cb80602
|
Implementing Issue #111
|
2012-07-23 15:14:52 +02:00 |
|
Miroslav Stampar
|
6809449e31
|
Minor style update
|
2012-07-23 15:06:49 +02:00 |
|
Miroslav Stampar
|
a7d1a0c250
|
Implementation for an Issue #117
|
2012-07-23 14:14:22 +02:00 |
|
Miroslav Stampar
|
1b6cb9442f
|
Fix for an Issue #114
|
2012-07-21 23:31:36 +02:00 |
|
Miroslav Stampar
|
95e0d46e3e
|
Fix for an Issue #110
|
2012-07-21 09:15:54 +02:00 |
|
Miroslav Stampar
|
dcf8a27f12
|
Implementation for an Issue #67
|
2012-07-18 14:24:10 +02:00 |
|
Miroslav Stampar
|
4fc462c4d9
|
Minor update for an Issue #105
|
2012-07-18 14:09:04 +02:00 |
|
Miroslav Stampar
|
655dd55a6f
|
Implementation of an Issue #105
|
2012-07-18 13:32:34 +02:00 |
|
Miroslav Stampar
|
08244c7ebf
|
Fix for an Issue #104
|
2012-07-17 15:05:50 +02:00 |
|
Miroslav Stampar
|
e30646a54f
|
Fix for an Issue #103
|
2012-07-17 10:36:22 +02:00 |
|
Miroslav Stampar
|
d6ceb7af5e
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-17 00:19:52 +02:00 |
|
Miroslav Stampar
|
81d15e5051
|
Fix for an Issue #101
|
2012-07-17 00:19:33 +02:00 |
|
Bernardo Damele
|
5f876bdbbe
|
minor adjustments
|
2012-07-16 22:50:29 +01:00 |
|
Miroslav Stampar
|
c96e44b30c
|
Fix for an Issue #100
|
2012-07-16 23:28:01 +02:00 |
|
Miroslav Stampar
|
ffbbb10abb
|
Support for dotted identificator names
|
2012-07-16 23:13:21 +02:00 |
|
Miroslav Stampar
|
0eff977c63
|
Refactoring for Issue #91
|
2012-07-16 12:24:54 +02:00 |
|
Miroslav Stampar
|
4d759984b2
|
Implementation for Issue #91
|
2012-07-16 12:12:52 +02:00 |
|
Miroslav Stampar
|
c1a14257a4
|
Removing --disable... switches and making changes in default choice(s) for respectable sections
|
2012-07-16 11:31:51 +02:00 |
|
Miroslav Stampar
|
07a85874fe
|
Implementation for Issue #92
|
2012-07-16 11:07:47 +02:00 |
|
Miroslav Stampar
|
87ecf205cb
|
More work for Issue #66
|
2012-07-14 17:01:04 +02:00 |
|
Miroslav Stampar
|
38d82771be
|
Minor style update
|
2012-07-14 11:23:22 +02:00 |
|
Miroslav Stampar
|
805120ac52
|
Minor refactoring
|
2012-07-14 11:01:30 +02:00 |
|
Miroslav Stampar
|
9a7fc24ec2
|
Minor style update
|
2012-07-13 15:22:08 +02:00 |
|
Miroslav Stampar
|
32b700f130
|
Minor style update
|
2012-07-13 15:02:11 +02:00 |
|
Miroslav Stampar
|
fbb5db00ba
|
Minor style update
|
2012-07-13 15:00:39 +02:00 |
|
Miroslav Stampar
|
786686da60
|
Minor language update
|
2012-07-13 14:53:42 +02:00 |
|
Miroslav Stampar
|
3c81f74823
|
Minor style update
|
2012-07-13 12:22:37 +02:00 |
|
Miroslav Stampar
|
6ade007aec
|
Minor update of language
|
2012-07-13 12:13:04 +02:00 |
|
Miroslav Stampar
|
c5ecc8b8db
|
Closing work on Issue #83
|
2012-07-13 11:23:21 +02:00 |
|
Miroslav Stampar
|
48f68bd076
|
First commit for Issue #83
|
2012-07-13 10:35:22 +02:00 |
|
Miroslav Stampar
|
d834e8debf
|
Minor update
|
2012-07-13 10:28:03 +02:00 |
|
Miroslav Stampar
|
b11fd8b9f7
|
Fix for an Issue #87
|
2012-07-13 10:11:16 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Miroslav Stampar
|
a49d685eb8
|
Hidding --beep (Issue #84)
|
2012-07-12 17:03:24 +02:00 |
|
Miroslav Stampar
|
569c9214bf
|
Adding support for boldifying important logging messages
|
2012-07-12 16:30:35 +02:00 |
|
Miroslav Stampar
|
b2fe1c30f8
|
Minority report
|
2012-07-12 16:04:01 +02:00 |
|
Miroslav Stampar
|
8e18514e56
|
Minor refactoring for all that stickyness
|
2012-07-12 15:58:45 +02:00 |
|
Miroslav Stampar
|
fe61bdce75
|
Minor update
|
2012-07-12 15:25:26 +02:00 |
|
Miroslav Stampar
|
dbbca16c69
|
Minor renaming
|
2012-07-12 15:24:40 +02:00 |
|
Miroslav Stampar
|
9bc24cea6b
|
Dealing with kb.currentMessage issue
|
2012-07-12 15:23:35 +02:00 |
|
Miroslav Stampar
|
b320dc118d
|
Minor fix (recognizing if it's colorizing handler or not)
|
2012-07-12 14:55:54 +02:00 |
|
Miroslav Stampar
|
65639cdda6
|
First update for Issue #75 (error-based dumping)
|
2012-07-12 14:31:28 +02:00 |
|
Miroslav Stampar
|
3fd5119f3f
|
Redesigning for Issue #75
|
2012-07-12 13:42:22 +02:00 |
|
Bernardo Damele
|
3d66e2dfb1
|
minor bug fix
|
2012-07-12 10:47:51 +01:00 |
|
Bernardo Damele
|
ee3aeb8dcf
|
actual implementation of issue #75, still some work to do
|
2012-07-12 01:16:00 +01:00 |
|
Bernardo Damele
|
a5924739f6
|
minor code refactoring in preparation of ticket #75
|
2012-07-12 01:12:30 +01:00 |
|
Bernardo Damele
|
53c0336b48
|
added --hostname switch to retrieve DBMS server hostname - closes issue #69
|
2012-07-12 00:01:57 +01:00 |
|
Bernardo Damele
|
4e64c1126d
|
restored bold on questions to users (calls from readInput()) - issue #77
|
2012-07-11 22:56:11 +01:00 |
|
Bernardo Damele
|
247f95e051
|
restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")
|
2012-07-11 22:48:27 +01:00 |
|
Bernardo Damele
|
2b3ea3e3b7
|
fixed colouring for PAYLOAD (-v 3) - issue #77
|
2012-07-11 22:40:52 +01:00 |
|
Miroslav Stampar
|
15ee5310d9
|
Adding traffic in and out to color_map
|
2012-07-11 20:42:18 +02:00 |
|
Miroslav Stampar
|
43cac2212b
|
Fix for a case when ColorizingStreamHandler is not used
|
2012-07-11 20:36:32 +02:00 |
|
Miroslav Stampar
|
72378d4f61
|
Some more refactoring
|
2012-07-11 20:29:48 +02:00 |
|
Miroslav Stampar
|
c6464b44be
|
Some more refactoring
|
2012-07-11 20:13:23 +02:00 |
|
Miroslav Stampar
|
d7926b8aac
|
Minor refactoring
|
2012-07-11 19:54:21 +02:00 |
|
Bernardo Damele
|
53ccd09ca4
|
now also readInput() uses colouring
|
2012-07-11 17:53:32 +01:00 |
|
Bernardo Damele
|
02ec25b4b8
|
code refactoring
|
2012-07-11 17:44:23 +01:00 |
|
Bernardo Damele
|
77b275f1a6
|
conf->kb
|
2012-07-11 17:32:12 +01:00 |
|
Bernardo Damele
|
1d2c87e24e
|
leftover
|
2012-07-11 17:22:01 +01:00 |
|
Bernardo Damele
|
105ac8ea77
|
deleted unnecessary hg file
|
2012-07-11 17:06:56 +01:00 |
|
Bernardo Damele
|
fa2f6f9a39
|
colourize manually crafter "logging" messages
|
2012-07-11 16:48:30 +01:00 |
|
Bernardo Damele
|
f219b39980
|
minor fix in case ctypes is not installed on Windows
|
2012-07-10 13:08:37 +01:00 |
|
Miroslav Stampar
|
8caffac4bc
|
conf.unescape->kb.unescape
|
2012-07-10 10:55:04 +02:00 |
|
Miroslav Stampar
|
e7f78bf04f
|
Fix for an issue where False value was displayed for --is.. switches
|
2012-07-10 10:31:14 +02:00 |
|
Bernardo Damele
|
ea77e7d9d1
|
added missing file - issue #77
|
2012-07-10 03:00:21 +01:00 |
|
Bernardo Damele
|
eb7ffb8f91
|
setup for implementing logging colouring - issue #77
|
2012-07-10 02:54:37 +01:00 |
|
Bernardo Damele
|
0a3899858d
|
missed in previous commit
|
2012-07-10 01:37:53 +01:00 |
|
Bernardo Damele
|
a27f50ed1d
|
added conf.unescape global variable to control whether or not the injected statements should be unescaped
|
2012-07-10 01:37:16 +01:00 |
|
Bernardo Damele
|
f645ac6040
|
dealing with variables in SQL procs - issue #33
|
2012-07-10 01:05:03 +01:00 |
|
Bernardo Damele
|
2527554f8e
|
more work on #33
|
2012-07-10 00:53:07 +01:00 |
|
Bernardo Damele
|
c4af7b9aa0
|
initial work for issue #33
|
2012-07-10 00:27:08 +01:00 |
|
Bernardo Damele
|
d3da3f5c52
|
refactoring for issue #51
|
2012-07-10 00:19:32 +01:00 |
|
Bernardo Damele
|
99c5ea54f7
|
cleanup for #34
|
2012-07-09 12:39:43 +01:00 |
|
Miroslav Stampar
|
3ff28e58b4
|
Update regarding Issue #52
|
2012-07-08 19:24:25 +02:00 |
|
Miroslav Stampar
|
0d539a876d
|
Minor fix (subversion->github)
|
2012-07-07 23:49:34 +02:00 |
|
Miroslav Stampar
|
a525dd4336
|
Fix for Issue #72
|
2012-07-07 19:02:46 +02:00 |
|
Miroslav Stampar
|
f00a776d8d
|
Minor fix for BigArray (now accepting negative indexes)
|
2012-07-07 10:35:29 +02:00 |
|
Miroslav Stampar
|
8c871476ee
|
Some more refactoring
|
2012-07-06 17:34:40 +02:00 |
|
Miroslav Stampar
|
6bc0b34031
|
Some more refactoring
|
2012-07-06 17:28:01 +02:00 |
|
Miroslav Stampar
|
e948e4d45b
|
Some more refactoring
|
2012-07-06 17:18:22 +02:00 |
|
Miroslav Stampar
|
438a636973
|
Fix for issue Issue #60
|
2012-07-06 15:36:32 +02:00 |
|
Miroslav Stampar
|
6a05e3fd79
|
Fix for Issue #61
|
2012-07-06 14:24:44 +02:00 |
|
Miroslav Stampar
|
1ebff35b19
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-06 12:25:21 +02:00 |
|
Miroslav Stampar
|
982fcde1c0
|
Fix for Issue #62
|
2012-07-06 12:24:55 +02:00 |
|
Bernardo Damele
|
4fa6d51d93
|
improved issues link
|
2012-07-05 16:26:50 +01:00 |
|
Miroslav Stampar
|
c3c1b9e957
|
Minor restyling
|
2012-07-04 20:28:18 +02:00 |
|
Miroslav Stampar
|
23fb753759
|
Finishing work on Issue #52
|
2012-07-03 22:13:01 +02:00 |
|
Miroslav Stampar
|
40fc6488bf
|
Fix for Issue #56 (Google has changed few things for retrieving PR)
|
2012-07-03 21:00:18 +02:00 |
|
Miroslav Stampar
|
bbf41f6658
|
Removing debugging leftover
|
2012-07-03 16:50:05 +02:00 |
|
Miroslav Stampar
|
ada627a022
|
Another update for Issue #52
|
2012-07-03 16:49:34 +02:00 |
|
Miroslav Stampar
|
70f754f6c5
|
Making work on Issue #52
|
2012-07-03 16:34:11 +02:00 |
|
Bernardo Damele
|
793fa464e3
|
website url fix
|
2012-07-03 13:14:39 +01:00 |
|
Miroslav Stampar
|
481b46a004
|
Restyling output for Issue #52
|
2012-07-03 13:06:52 +02:00 |
|
Miroslav Stampar
|
3af1532700
|
Implementation for Issue #54
|
2012-07-03 12:09:18 +02:00 |
|
Miroslav Stampar
|
5af6ca58a0
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-03 00:50:45 +02:00 |
|
Miroslav Stampar
|
168aeadf76
|
Adding switch --output-dir (Issue #53)
|
2012-07-03 00:50:23 +02:00 |
|
Bernardo Damele
|
04d803c7fd
|
more tweaking for issue #34, it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)
|
2012-07-02 15:02:00 +01:00 |
|
Miroslav Stampar
|
8eefe4b71f
|
Getting back revision number - displayed like in GitHub commits (Issue #52)
|
2012-07-02 13:01:20 +02:00 |
|
Bernardo Damele
|
7b4ecd9df0
|
added skeleton code for issue #34, still not usable
|
2012-07-02 00:22:34 +01:00 |
|
Bernardo Damele
|
4736d46677
|
just in case..
|
2012-07-02 00:00:46 +01:00 |
|
Bernardo Damele
|
03d2c9c818
|
placeholder message when --update is provided, remove when the function is updated to pull changes from git
|
2012-07-01 23:59:44 +01:00 |
|
Miroslav Stampar
|
d7cd55fb28
|
Fix for Issue #47
|
2012-07-01 11:05:04 +02:00 |
|
Miroslav Stampar
|
21d9ae0a2c
|
some more refactoring
|
2012-07-01 01:19:54 +02:00 |
|
Miroslav Stampar
|
f6509db31a
|
minor refactoring
|
2012-07-01 00:33:19 +02:00 |
|
Miroslav Stampar
|
e51d3a02f1
|
Update for Issue #43 (renamed --disable-cracking to --disable-hash)
|
2012-06-28 18:53:47 +02:00 |
|
Miroslav Stampar
|
18b596ea75
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-06-28 18:48:18 +02:00 |
|
Miroslav Stampar
|
c8bac658f3
|
Fix for Issue #43
|
2012-06-28 18:47:55 +02:00 |
|
Miroslav Stampar
|
2a72fcce2b
|
Fix for Issue #42
|
2012-06-28 13:55:30 +02:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
ea5d483c86
|
session file no more
|
2012-06-21 11:19:30 +00:00 |
|
Miroslav Stampar
|
ec44e88db8
|
lots of refactoring regarding removal of already obsolete session file mechanism
|
2012-06-21 10:09:10 +00:00 |
|
Miroslav Stampar
|
1e67b4f0b9
|
minor fix
|
2012-06-20 14:16:26 +00:00 |
|
Miroslav Stampar
|
302d782a0f
|
minor style update
|
2012-06-19 08:33:51 +00:00 |
|
Miroslav Stampar
|
452ef202ae
|
minor fixes
|
2012-06-17 22:48:23 +00:00 |
|
Miroslav Stampar
|
b9f6943a42
|
minor update
|
2012-06-17 21:23:12 +00:00 |
|
Miroslav Stampar
|
06be7bbb18
|
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
|
2012-06-15 20:41:53 +00:00 |
|
Miroslav Stampar
|
76c873a222
|
minor fix
|
2012-06-15 06:22:44 +00:00 |
|
Miroslav Stampar
|
76584ff0fa
|
unhidding --test-filter
|
2012-06-14 14:36:53 +00:00 |
|
Miroslav Stampar
|
d2dd47fb23
|
some more refactoring
|
2012-06-14 13:52:56 +00:00 |
|
Miroslav Stampar
|
3a90105fbb
|
minor refactoring
|
2012-06-14 13:38:53 +00:00 |
|
Miroslav Stampar
|
1204eb00b2
|
minor fix
|
2012-06-14 12:46:32 +00:00 |
|
Miroslav Stampar
|
19c0efec59
|
just a minor refactoring
|
2012-06-14 09:10:28 +00:00 |
|
Miroslav Stampar
|
a51d8c4c79
|
replacing identifier safe char " with [] enclosing for MsSQL
|
2012-06-13 15:27:42 +00:00 |
|
Miroslav Stampar
|
367de838c1
|
minor update
|
2012-06-13 14:08:32 +00:00 |
|
Miroslav Stampar
|
d7f698fa14
|
minor update
|
2012-06-11 22:01:13 +00:00 |
|
Miroslav Stampar
|
058a9c59a2
|
fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)
|
2012-06-05 22:40:55 +00:00 |
|
Miroslav Stampar
|
f94ebe3107
|
minor fix (credentials were only set for the first target)
|
2012-06-04 22:30:12 +00:00 |
|
Miroslav Stampar
|
7b282b1d6c
|
adding support for newer SSL protocols
|
2012-06-04 19:46:28 +00:00 |
|
Miroslav Stampar
|
10b0639a96
|
making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE)
|
2012-06-04 09:24:46 +00:00 |
|
Miroslav Stampar
|
b1d82422a0
|
changing conf.dnsDomain to conf.dName just because of long text problems in help listing
|
2012-05-28 14:15:04 +00:00 |
|
Miroslav Stampar
|
76eeba10e2
|
unhiding --dns-domain switch
|
2012-05-27 18:41:06 +00:00 |
|
Miroslav Stampar
|
71ff081fde
|
minor update
|
2012-05-27 09:11:19 +00:00 |
|
Miroslav Stampar
|
d335ec0c34
|
turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars
|
2012-05-26 07:00:26 +00:00 |
|
Miroslav Stampar
|
db526bdbc0
|
minor update (tainted values are not checked any more in multipleTargets mode)
|
2012-05-25 09:52:17 +00:00 |
|
Miroslav Stampar
|
c394610740
|
adding switch --skip-urlencode to skip URL encoding of POST data
|
2012-05-24 23:30:33 +00:00 |
|
Miroslav Stampar
|
86fdad2bfa
|
minor update
|
2012-05-24 22:07:50 +00:00 |
|
Miroslav Stampar
|
eed8d7eb5d
|
finalizing support for IPv6
|
2012-05-24 21:55:57 +00:00 |
|
Miroslav Stampar
|
b6d37d766a
|
minor update regarding IPv6 support
|
2012-05-24 21:49:20 +00:00 |
|
Miroslav Stampar
|
92286104e3
|
minor just in case update
|
2012-05-24 21:39:10 +00:00 |
|
Miroslav Stampar
|
3e9c57d177
|
minor fix
|
2012-05-24 21:36:35 +00:00 |
|
Miroslav Stampar
|
be76928293
|
minor fix
|
2012-05-24 20:53:01 +00:00 |
|
Miroslav Stampar
|
2538e2d5b4
|
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
|
2012-05-22 09:33:22 +00:00 |
|
Miroslav Stampar
|
2c057d5b3d
|
minor style update
|
2012-05-21 22:40:52 +00:00 |
|
Miroslav Stampar
|
bbfa4b6d5d
|
minor update
|
2012-05-14 14:38:16 +00:00 |
|
Miroslav Stampar
|
333f8057a5
|
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
|
2012-05-14 14:06:43 +00:00 |
|
Miroslav Stampar
|
595f69fa2c
|
minor language update
|
2012-05-10 18:30:25 +00:00 |
|
Miroslav Stampar
|
35f400b45b
|
minor language upgrade
|
2012-05-10 18:25:12 +00:00 |
|
Miroslav Stampar
|
80aedbe284
|
adding a warning about --tor switch
|
2012-05-10 18:17:32 +00:00 |
|
Miroslav Stampar
|
b81fe42d4b
|
turning off null connection on -o when --tor used (not compatible)
|
2012-05-10 17:50:54 +00:00 |
|
Miroslav Stampar
|
efdd86ddcc
|
minor just in case patch
|
2012-05-10 14:22:34 +00:00 |
|
Miroslav Stampar
|
6367f59b98
|
minor code refactoring
|
2012-05-10 14:15:17 +00:00 |
|
Miroslav Stampar
|
1418ae9767
|
little refactoring of parseUnionPage together with a patch for some special case
|
2012-05-09 18:47:40 +00:00 |
|
Miroslav Stampar
|
37f2709197
|
making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)
|
2012-05-09 09:08:23 +00:00 |
|
Miroslav Stampar
|
64c241fe92
|
limiting original UNION query results to only 1 result (potentially speeding things up in some cases)
|
2012-05-08 13:45:53 +00:00 |
|
Miroslav Stampar
|
a121339395
|
automatically writing uncracked hashes to a file for eventual further processing
|
2012-05-08 10:46:05 +00:00 |
|
Miroslav Stampar
|
96299d3d5d
|
minor refactoring
|
2012-05-03 22:34:18 +00:00 |
|
Miroslav Stampar
|
cc28f6db6b
|
minor update
|
2012-05-01 20:43:16 +00:00 |
|
Miroslav Stampar
|
17efeaae7f
|
causing too much confusion among dummy users
|
2012-05-01 09:04:11 +00:00 |
|
Miroslav Stampar
|
694b14111f
|
skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set)
|
2012-04-27 13:16:51 +00:00 |
|
Miroslav Stampar
|
6f67dc85ee
|
adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical
|
2012-04-25 20:29:07 +00:00 |
|
Miroslav Stampar
|
cec432f94d
|
minor update
|
2012-04-23 14:43:59 +00:00 |
|
Miroslav Stampar
|
697768c01a
|
adding --purge-output to be one of mandatory switches
|
2012-04-23 14:42:24 +00:00 |
|
Miroslav Stampar
|
d57d5e4b2c
|
minor update
|
2012-04-23 14:33:36 +00:00 |
|
Miroslav Stampar
|
1eecfb3dce
|
adding new file related to the last commit
|
2012-04-23 14:25:16 +00:00 |
|
Miroslav Stampar
|
095b25e1d1
|
adding option '--purge'
|
2012-04-23 14:24:23 +00:00 |
|
Miroslav Stampar
|
be2da77bf8
|
minor update
|
2012-04-23 10:15:04 +00:00 |
|
Miroslav Stampar
|
21c6b52198
|
minor fix
|
2012-04-23 10:11:00 +00:00 |
|
Miroslav Stampar
|
2b1b4c0742
|
minor fix
|
2012-04-18 10:01:04 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
efd27d7ade
|
minor renaming
|
2012-04-17 08:41:19 +00:00 |
|
Miroslav Stampar
|
601d118c68
|
reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types)
|
2012-04-15 16:59:03 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
c7422546e1
|
tiny update
|
2012-04-11 23:01:38 +00:00 |
|
Miroslav Stampar
|
2bad73a981
|
minor update
|
2012-04-11 21:48:44 +00:00 |
|
Miroslav Stampar
|
e195de2093
|
correcting comment on reflective removal function
|
2012-04-11 21:41:48 +00:00 |
|
Miroslav Stampar
|
b45ae10da4
|
minor fixes
|
2012-04-11 21:36:37 +00:00 |
|
Miroslav Stampar
|
627bfc589f
|
some more updates in reflective removal mechanism
|
2012-04-11 21:26:00 +00:00 |
|
Miroslav Stampar
|
8b130f6497
|
minor improvement for reflective values (when missing first part of payload like in error reports)
|
2012-04-11 15:01:28 +00:00 |
|
Miroslav Stampar
|
01bd5d0ab2
|
some more updates for reflective mechanism
|
2012-04-11 10:41:33 +00:00 |
|
Miroslav Stampar
|
2e92d8636e
|
improvement of reflective mechanism
|
2012-04-11 08:58:03 +00:00 |
|
Miroslav Stampar
|
60ca44e0cf
|
minor adjustment
|
2012-04-11 08:35:09 +00:00 |
|
Miroslav Stampar
|
8541222080
|
minor update
|
2012-04-10 22:26:42 +00:00 |
|
Miroslav Stampar
|
9c2f244d47
|
minor fix
|
2012-04-10 22:20:53 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|
Miroslav Stampar
|
2223c884e5
|
minor refactoring
|
2012-04-05 12:55:26 +00:00 |
|
Miroslav Stampar
|
02924eb345
|
minor update
|
2012-04-04 23:47:06 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
1b2cd44255
|
proper fix
|
2012-04-04 10:35:52 +00:00 |
|
Miroslav Stampar
|
7031ef8e00
|
removing default values for referer and host from higher level/risk options
|
2012-04-04 10:34:27 +00:00 |
|
Miroslav Stampar
|
b0787f193c
|
getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)
|
2012-04-03 14:34:15 +00:00 |
|
Miroslav Stampar
|
33bb9c5f19
|
much cleaner approach in that "flat" representation of retrieved items in union technique
|
2012-04-03 13:56:11 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
2c28423cb8
|
minor update
|
2012-04-02 14:57:15 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
1e01203562
|
few just in case "patches"
|
2012-04-02 12:58:10 +00:00 |
|
Miroslav Stampar
|
d908d078dd
|
minor fix
|
2012-04-02 12:27:30 +00:00 |
|
Miroslav Stampar
|
abffc39929
|
minor update regarding DNS data retrieval task
|
2012-04-02 12:22:40 +00:00 |
|
Miroslav Stampar
|
f7a664b120
|
enablind DNS server for DNS data exfiltration
|
2012-03-31 12:08:27 +00:00 |
|
Miroslav Stampar
|
8be9cd4ac4
|
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
|
2012-03-31 10:22:50 +00:00 |
|
Miroslav Stampar
|
56638f9e95
|
making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection
|
2012-03-30 10:50:01 +00:00 |
|
Miroslav Stampar
|
79c3d6f2aa
|
minor update
|
2012-03-30 10:37:46 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
772ead8d03
|
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
|
2012-03-29 12:44:20 +00:00 |
|
Miroslav Stampar
|
60146481af
|
bug fix(es) (flags were used in place of count parameter in re.sub() calls)
|
2012-03-28 19:33:00 +00:00 |
|
Miroslav Stampar
|
9433bbe26d
|
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
|
2012-03-28 19:27:12 +00:00 |
|
Miroslav Stampar
|
7fd64df167
|
minor code cleaning
|
2012-03-28 13:31:07 +00:00 |
|
Miroslav Stampar
|
11132ba993
|
fix for a bug in reflection removal mechanism
|
2012-03-19 14:28:18 +00:00 |
|
Miroslav Stampar
|
0fc4288a7c
|
modifying redirection code for only two choices
|
2012-03-18 17:27:08 +00:00 |
|
Miroslav Stampar
|
cbdcbdd786
|
minor minor update
|
2012-03-16 11:18:18 +00:00 |
|
Miroslav Stampar
|
adb5fff6b2
|
one more update related to the redirection mechanism
|
2012-03-15 20:17:40 +00:00 |
|
Miroslav Stampar
|
19beb912fa
|
first step toward negative logic support
|
2012-03-15 15:52:12 +00:00 |
|
Miroslav Stampar
|
3d9b1599d1
|
minor update
|
2012-03-15 11:45:32 +00:00 |
|
Miroslav Stampar
|
a8c9a47092
|
redirect logic rewritten from scratch
|
2012-03-15 11:10:58 +00:00 |
|