sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	196131bbca	minor cosmetics	2010-12-09 10:42:00 +00:00
Miroslav Stampar	3fd1c37d53	update	2010-12-09 07:49:18 +00:00
Miroslav Stampar	40fadf2f35	minor update	2010-12-08 14:33:10 +00:00
Miroslav Stampar	01cf1394a4	code refactoring	2010-12-08 14:26:40 +00:00
Miroslav Stampar	47bb31fb47	code refactoring	2010-12-08 11:30:25 +00:00
Miroslav Stampar	1ae2fa7f1a	update regarding time based payloads	2010-12-08 11:26:54 +00:00
Miroslav Stampar	a4a63f5b1e	minor update	2010-12-07 23:49:00 +00:00
Miroslav Stampar	293ce18fed	two major bug fixes regarding time calculation (previously comparison was also a part of "delta", which screwed results in cases with large pages; other was a standard distribution based one)	2010-12-07 23:32:33 +00:00
Miroslav Stampar	dc651d59ec	little mathematics here and there (used "Rules for normally distributed data")	2010-12-07 19:19:12 +00:00
Miroslav Stampar	294119d2ec	more advanced time technique(s)	2010-12-07 16:04:53 +00:00
Miroslav Stampar	0dc630203f	code refactoring	2010-12-07 13:34:06 +00:00
Miroslav Stampar	9e5f933ace	some updates	2010-12-04 15:47:02 +00:00
Bernardo Damele	5d37df6104	Ugly code to set the cookies when got them from a 302 redirect too	2010-12-03 17:41:10 +00:00
Miroslav Stampar	e735f2960a	minor update	2010-11-29 15:25:45 +00:00
Bernardo Damele	7e3b24afe6	Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!	2010-11-28 18:10:54 +00:00
Bernardo Damele	253eafb643	paranoid cosmetics	2010-11-24 12:03:01 +00:00
Miroslav Stampar	3d25071d06	another minor improvement regarding logging of http traffic	2010-11-17 12:16:48 +00:00
Miroslav Stampar	3e569a1693	minor update	2010-11-17 12:04:33 +00:00
Miroslav Stampar	3487429eac	minor cosmetics	2010-11-16 14:41:46 +00:00
Miroslav Stampar	3640dbf745	fix for --parse-errors (on IIS HTTP error is raised which need to be processed)	2010-11-16 14:33:30 +00:00
Miroslav Stampar	6232397129	minor update	2010-11-16 10:52:49 +00:00
Miroslav Stampar	6ef3846400	update regarding error parsing (and reporting)	2010-11-16 10:42:42 +00:00
Bernardo Damele	71cb982039	Another bug fix to --union-test	2010-11-15 21:42:56 +00:00
Miroslav Stampar	06a872fc99	update/fix for an issue reported by nightman (IncompleteRead: IncompleteRead(1284 bytes read))	2010-11-12 22:57:33 +00:00
Miroslav Stampar	697b32554c	fix for a bug "ordinal not in range(128)" reported by bugtrace	2010-11-12 11:48:25 +00:00
Bernardo Damele	a14e4d9668	Referer does not have to be static, it's already a switch (--referer) so that user can specify it manually.	2010-11-12 10:16:39 +00:00
Miroslav Stampar	fda8752dca	revert of some HTTP headers handling	2010-11-08 13:26:45 +00:00
Bernardo Damele	78d7b17483	More replacements for refactoring. Minor layout adjustments. Alignment of conffile/optiondict/cmdline parameters.	2010-11-08 12:36:48 +00:00
Miroslav Stampar	875781bf97	another minor fix	2010-11-08 11:55:56 +00:00
Miroslav Stampar	4a4a3051e5	fix	2010-11-08 11:39:07 +00:00
Miroslav Stampar	a3de10e3a2	new option -t	2010-11-08 11:22:47 +00:00
Miroslav Stampar	0d0e2a2228	minor update	2010-11-08 09:49:57 +00:00
Miroslav Stampar	d551423379	further enum refactoring	2010-11-08 09:44:32 +00:00
Miroslav Stampar	862395ced1	further refactoring (all enumerations are now put into enums.py)	2010-11-08 09:20:02 +00:00
Miroslav Stampar	8e44aa605a	refactoring regarding injection place (more left)	2010-11-08 08:02:36 +00:00
Bernardo Damele	b6da946883	Added one new verbose level, -v 3 now shows the full injected payload. Fixed also -d verbose output.	2010-11-07 22:34:29 +00:00
Bernardo Damele	a96467b3e2	Refactoring	2010-11-07 21:55:24 +00:00
Miroslav Stampar	d3e7e89e60	major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces	2010-11-07 21:18:09 +00:00
Miroslav Stampar	508b9cc763	dynamicity engine update	2010-11-07 00:12:00 +00:00
Miroslav Stampar	ef1809464d	bug fix for that BadStatusLine (http://bugs.python.org/issue8450 )	2010-11-05 11:58:20 +00:00
Miroslav Stampar	6295a59a30	minor update/fix	2010-11-05 11:39:35 +00:00
Miroslav Stampar	5f7f4bf15b	minor debug update (probably temporary)	2010-11-05 11:04:00 +00:00
Bernardo Damele	b152b1a04d	Cosmetics	2010-11-03 22:07:13 +00:00
Miroslav Stampar	71d0b1bcd7	several bug fixes	2010-11-03 21:51:36 +00:00
Bernardo Damele	3eda4510e2	Properly encode the cookie	2010-10-31 11:26:33 +00:00
Bernardo Damele	3a48bee9b0	Minor code refactoring	2010-10-31 11:03:59 +00:00
Bernardo Damele	8cf0ebde1e	Cosmetics	2010-10-29 23:00:48 +00:00
Miroslav Stampar	cbf38436f2	minor update	2010-10-29 16:15:23 +00:00
Miroslav Stampar	5a38ac7ea9	important update regarding (Bug #209 ) - probably more will be needed	2010-10-29 16:11:50 +00:00
Miroslav Stampar	895efd28a6	one more update regarding Bug #205	2010-10-28 23:22:13 +00:00
Miroslav Stampar	788eb8fb50	update regarding Bug #205	2010-10-28 22:59:51 +00:00
Miroslav Stampar	228ac0cde5	refactoring regarding --check-payload	2010-10-25 18:38:54 +00:00
Miroslav Stampar	378653a1ec	added IDS payload testing	2010-10-25 15:37:43 +00:00
Miroslav Stampar	2668c95ef4	added default HTTP version used by httplib and urllib2	2010-10-21 09:10:07 +00:00
Miroslav Stampar	8b8fff41fe	cosmetics (adding html parsed DBMS) regarding heuristic check	2010-10-18 12:11:16 +00:00
Bernardo Damele	36bc410333	Minor bug fix	2010-10-18 09:50:23 +00:00
Miroslav Stampar	149837ebf5	added the same for proxy authorization header	2010-10-18 09:02:56 +00:00
Miroslav Stampar	aaebb4336e	fix for Bug #202	2010-10-18 08:54:08 +00:00
Miroslav Stampar	dcb9c2103a	just in case update	2010-10-15 11:20:19 +00:00
Bernardo Damele	5f6d88a418	Minor comment	2010-10-15 11:17:17 +00:00
Miroslav Stampar	4f7f20b94f	sorry, cosmetics	2010-10-14 23:18:29 +00:00
Miroslav Stampar	8b48833136	large commit with copyright header modifications	2010-10-14 14:41:14 +00:00
Miroslav Stampar	162d01abed	commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...)	2010-10-14 11:06:28 +00:00
Miroslav Stampar	dc50543ea4	major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects)	2010-10-13 23:01:23 +00:00
Miroslav Stampar	36ef8ca575	bug fix	2010-10-13 22:42:48 +00:00
Miroslav Stampar	02a14d4c45	added Referer (part of Feature #37 )	2010-10-13 22:08:09 +00:00
Miroslav Stampar	34580f56fc	added --tamper option	2010-10-12 22:45:25 +00:00
Miroslav Stampar	43892cddbb	some updates	2010-10-11 12:26:35 +00:00
Miroslav Stampar	8fcad29bbf	new feature --forms (still unfinished)	2010-10-10 18:56:43 +00:00
Miroslav Stampar	adf2231edb	minor update	2010-10-06 13:38:03 +00:00
Miroslav Stampar	cf17debf79	changed connection message priority to critical (when verbose=0 it's displayed too)	2010-09-27 13:34:52 +00:00
Miroslav Stampar	13bb3a6212	minor update	2010-09-23 14:07:23 +00:00
Miroslav Stampar	da8ae5578b	first commit regarding Feature #144	2010-09-22 11:56:35 +00:00
Miroslav Stampar	975b96ae28	minor refactoring	2010-09-16 09:47:33 +00:00
Miroslav Stampar	1741801ade	implementation of HEAD/Range methods	2010-09-16 09:32:09 +00:00
Miroslav Stampar	b745331974	added null connection check	2010-09-16 08:43:10 +00:00
Miroslav Stampar	ecd6b573f7	added method parameter to the queryPage function	2010-09-15 14:17:17 +00:00
Miroslav Stampar	34a8cd75e3	added support for setting HTTP method manualy	2010-09-15 12:45:41 +00:00
Miroslav Stampar	436b7d82fb	fixed a bug reported by Marek Sarvas	2010-08-22 08:52:15 +00:00
Bernardo Damele	fea2414759	Display HTTP request in -v>=3 even if connection failed	2010-06-10 14:42:17 +00:00
Bernardo Damele	5bb8e154eb	Minor code improvements	2010-06-10 14:15:32 +00:00
Miroslav Stampar	36953221f8	few quick changes	2010-06-10 11:34:17 +00:00
Miroslav Stampar	eaef068c90	major bug fix (different HTTP content charsets are now properly handled)	2010-06-09 14:40:36 +00:00
Bernardo Damele	e811101dce	Minor bug fix	2010-05-28 23:39:52 +00:00
Miroslav Stampar	a3db3c03c1	str() -> unicode()	2010-05-28 13:05:02 +00:00
Bernardo Damele	cda8da288c	Minor adjustment	2010-05-21 12:18:43 +00:00
Miroslav Stampar	f6bffb61d3	minor adjustment	2010-05-21 11:51:43 +00:00
Miroslav Stampar	460a1ba872	fix for my imperfect calculations :)	2010-05-21 11:41:49 +00:00
Miroslav Stampar	68e13c3872	periodical commit	2010-05-21 09:35:36 +00:00
Miroslav Stampar	b8a5a54395	minor update	2010-05-15 20:44:08 +00:00
Miroslav Stampar	4984ceac49	some code refactoring and minor speed up (jump prediction rule)	2010-05-14 15:20:34 +00:00
Miroslav Stampar	5396f13bab	added CPU throttling for lowering sqlmap's CPU intensivity	2010-05-13 15:19:28 +00:00
Bernardo Damele	44ea8f1861	Minor adjustment	2010-05-06 11:00:58 +00:00
Bernardo Damele	147e14356d	Major bug fix (reported by Thierry Zoller)	2010-05-06 10:52:40 +00:00
Miroslav Stampar	4928c684b3	one more thing	2010-05-04 08:45:10 +00:00
Miroslav Stampar	789dd6c66f	more quick fixes	2010-05-04 08:43:14 +00:00
Miroslav Stampar	af701cdaa2	better way to handle that last commit problem	2010-05-04 08:36:35 +00:00
Miroslav Stampar	5bc07426e0	added exception handler around block reported by Thierry Zoller	2010-05-04 08:03:48 +00:00
Bernardo Damele	a1b1f960cc	Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function	2010-04-23 16:34:20 +00:00
Miroslav Stampar	1aeaa5db47	implementation of Feature #176 (Safe URL: avoid being kicked out after N unsuccessful requests)	2010-04-16 12:44:47 +00:00

1 2 3 4 5

202 Commits