Miroslav Stampar
dee6d2f9ff
Minor language update
2012-10-04 11:34:14 +02:00
Miroslav Stampar
461e5ebc5f
Work for Issue #197 and Issue #49
2012-10-04 11:25:44 +02:00
Miroslav Stampar
bcbf0571a5
Implementation for an Issue #49
2012-10-02 14:23:58 +02:00
Miroslav Stampar
763dc98311
Minor refactoring
2012-10-02 13:36:15 +02:00
Miroslav Stampar
a8aecaa036
Minor style update
2012-10-02 13:33:10 +02:00
Miroslav Stampar
19407b9aca
Minor update
2012-09-26 15:25:01 +02:00
Miroslav Stampar
6eae7013b6
Minor cosmetics
2012-09-26 15:03:12 +02:00
Miroslav Stampar
687f3991de
Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.
2012-09-26 11:27:43 +02:00
Miroslav Stampar
6bc5f44b20
Minor just in case update for an Issue #195 (safer behavior on forced charsets)
2012-09-25 15:09:07 +02:00
Miroslav Stampar
efe4c13ed1
Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments)
2012-09-25 14:36:15 +02:00
Miroslav Stampar
ec43ceec40
Some more cleanup related to the last commit (unneeded manual crafting/unneeded closing with ;)
2012-09-25 14:29:22 +02:00
Miroslav Stampar
560e0fcb25
Minor cleanup
2012-09-25 14:21:57 +02:00
Miroslav Stampar
fccdb824bb
Patch for an Issue #193
2012-09-25 11:21:39 +02:00
Miroslav Stampar
c9e7e71ea2
Implementation for an Issue #195
2012-09-25 10:17:25 +02:00
Miroslav Stampar
9ca7b3e20e
Implementation for an Issue #194
2012-09-25 09:25:35 +02:00
Miroslav Stampar
d175decdfc
Fix for an Issue #190
2012-09-22 20:59:40 +02:00
Miroslav Stampar
a6eeebfca8
Fix for an Issue #188
2012-09-20 11:30:07 +02:00
Miroslav Stampar
9a1fbb8941
Fix for an Issue #185
2012-09-13 14:22:26 +02:00
Miroslav Stampar
e570858db9
Implementation for an Issue #183
2012-09-12 11:50:38 +02:00
Miroslav Stampar
a64438fb5c
Minor language update
2012-09-11 19:45:40 +02:00
Miroslav Stampar
05dced5418
Minor language update
2012-09-11 19:43:03 +02:00
Miroslav Stampar
511c3b8dcc
Update and fix for an Issue #182
2012-09-11 14:58:52 +02:00
Miroslav Stampar
10b671d625
Update for an Issue #182
2012-09-11 12:08:34 +02:00
Miroslav Stampar
12d33c7a38
Fix for Issue #180 and #181 (missing module from an Issue #179 )
2012-09-10 22:39:56 +02:00
Miroslav Stampar
5d23d72ff5
Fix for an Issue #176
2012-09-08 17:58:03 +02:00
Miroslav Stampar
f26ea04e38
Fix for an Issue #175
2012-09-07 17:06:38 +02:00
Miroslav Stampar
e4bc471f81
Fix for an Issue #173
2012-09-07 10:09:19 +02:00
Miroslav Stampar
a3baf94e9b
Minor style update
2012-09-07 10:09:00 +02:00
Miroslav Stampar
cea5127ffd
Update for an Issue #6
2012-09-06 15:51:38 +02:00
Miroslav Stampar
c3d191e626
Minor update for an Issue #2
2012-09-06 14:13:54 +02:00
Miroslav Stampar
1e238b5a5a
Minor update
2012-09-06 13:36:34 +02:00
Miroslav Stampar
dbce417cdd
Potential fix for an Issue #171
2012-09-02 22:48:41 +02:00
Miroslav Stampar
f6716cf7c0
Fix for an Issue #170
2012-09-01 23:52:00 +02:00
Miroslav Stampar
2170e64ca5
Minor bug fix
2012-08-31 19:48:45 +02:00
Miroslav Stampar
33980adaef
Another update for an Issue #79
2012-08-31 12:46:38 +02:00
Miroslav Stampar
b916db34a4
Another update for an Issue #79
2012-08-31 12:38:02 +02:00
Miroslav Stampar
47d162f391
Minor update (same but cleaner)
2012-08-31 12:27:40 +02:00
Miroslav Stampar
7286d89cb6
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
2012-08-31 12:15:09 +02:00
Miroslav Stampar
2806185989
Minor refactoring
2012-08-31 10:43:06 +02:00
Miroslav Stampar
74a5d41272
Minor update for an Issue #79
2012-08-31 10:24:47 +02:00
Miroslav Stampar
cdd3ed6abc
Minor bug fix
2012-08-30 14:22:18 +02:00
Miroslav Stampar
a89d61415a
'Patch' for an Issue #167
2012-08-29 21:29:27 +02:00
Miroslav Stampar
c1c65a7167
Fix for an Issue #166
2012-08-29 20:21:45 +02:00
Miroslav Stampar
9674b174ee
One more minor update related to last commit
2012-08-23 15:37:17 +02:00
Miroslav Stampar
b79247c197
Minor update
2012-08-23 15:22:14 +02:00
Miroslav Stampar
e9ae44c6fc
Implementation for an #162
2012-08-22 16:50:01 +02:00
Miroslav Stampar
0ad3846451
Minor language update
2012-08-22 16:10:56 +02:00
Miroslav Stampar
f1f6364690
Changing default readInput value on dictionary-based attack depending on conf.multipleTargets
2012-08-22 16:10:38 +02:00
Miroslav Stampar
a62a874d59
Update for an Issue #161 (changing default readInput value regarding the conf.multipleTargets)
2012-08-22 16:06:09 +02:00
Miroslav Stampar
4ab4fd1cb4
Minor update
2012-08-22 15:53:40 +02:00
Miroslav Stampar
52351e5d81
Update for an Issue #161 (now detecting format error messages too)
2012-08-22 15:51:47 +02:00
Miroslav Stampar
a6d743ec4c
Minor console output fix (redundant newline has been displayed in case of rawInput)
2012-08-22 14:43:57 +02:00
Miroslav Stampar
7b93108e7d
Favoring non-string specific boundaries in case of digit-like parameter values
2012-08-22 13:58:52 +02:00
Miroslav Stampar
25ee333e66
Minor language update
2012-08-22 12:00:17 +02:00
Miroslav Stampar
8a5042b6a4
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)
2012-08-22 11:56:30 +02:00
Miroslav Stampar
7d0662da23
Update for an #161
2012-08-22 11:42:06 +02:00
Miroslav Stampar
61151447fe
Implementation of an Issue #161
2012-08-22 11:27:58 +02:00
Miroslav Stampar
6210ddfbd6
Minor refactoring
2012-08-22 11:00:39 +02:00
Miroslav Stampar
a927d94d39
Update for an Issue #155
2012-08-22 10:57:31 +02:00
Miroslav Stampar
32a36f1ff3
El Cosmeticado
2012-08-22 09:58:39 +02:00
Miroslav Stampar
2c66ca39f1
Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0)
2012-08-22 09:53:53 +02:00
Miroslav Stampar
ebab05cf7c
Fix for an Issue #158
2012-08-21 20:20:38 +02:00
Miroslav Stampar
ad59abe018
Cleaning leftover
2012-08-21 14:37:09 +02:00
Miroslav Stampar
1b86fffc6d
Fix for an Issue #157
2012-08-21 14:36:04 +02:00
Miroslav Stampar
d421f9a618
Fix for an Issue #157
2012-08-21 14:34:19 +02:00
Miroslav Stampar
1bcf5a6b88
Some more dict refactorings
2012-08-21 11:30:01 +02:00
Miroslav Stampar
01f481c332
Minor refactoring of dictionaries
2012-08-21 11:19:15 +02:00
Miroslav Stampar
b9c63eb908
Fix for an Issue #156
2012-08-21 10:46:29 +02:00
Miroslav Stampar
b7415d36df
Minor refactoring
2012-08-21 10:28:25 +02:00
Miroslav Stampar
7a8ace78f9
Removing redundant newline char as logger already adds it's own
2012-08-21 09:58:40 +02:00
Miroslav Stampar
233b9a3815
Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those)
2012-08-20 22:17:39 +02:00
Miroslav Stampar
8ee9feafb9
Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries)
2012-08-20 21:57:25 +02:00
Miroslav Stampar
6f450ac8bf
Implementation for an Issue #155
2012-08-20 12:14:01 +02:00
Miroslav Stampar
823dde73ab
Minor cleanup
2012-08-20 11:40:49 +02:00
Miroslav Stampar
2b6123c4f8
Minor style update
2012-08-20 11:29:23 +02:00
Miroslav Stampar
e0d9fa8666
Minor style update
2012-08-20 11:28:41 +02:00
Miroslav Stampar
76338add17
Fix for an Issue #152
2012-08-20 10:41:43 +02:00
Miroslav Stampar
59078bb1b8
Fix for an Issue #154
2012-08-20 10:05:13 +02:00
Miroslav Stampar
4649450603
Fix for an Issue #137
2012-08-16 22:20:24 +02:00
Miroslav Stampar
0d8fca30c9
Fix for an Issue #59
2012-08-16 11:31:43 +02:00
Miroslav Stampar
1af81c0de4
Implementation of an Issue #149
2012-08-15 22:31:25 +02:00
Miroslav Stampar
f358ab2e73
Implementation of an Issue #147
2012-08-15 16:37:18 +02:00
Miroslav Stampar
36b55cf209
Proper fix for an Issue #145
2012-08-14 22:28:42 +02:00
Miroslav Stampar
ab35ab4e2a
Fix for an Issue #145
2012-08-14 18:52:45 +02:00
Miroslav Stampar
432b567584
Fix for an Issue #141
2012-08-08 00:03:58 +02:00
Miroslav Stampar
31ceb0cb6c
Fix for an Issue #140
2012-08-07 10:57:29 +02:00
Miroslav Stampar
fec8a5cc9d
Fix for an Issue #139
2012-08-07 00:50:58 +02:00
Miroslav Stampar
f797a6d813
Fix for an Issue #125
2012-07-31 13:06:45 +02:00
Miroslav Stampar
6f529542e3
Making those --string tips (containing escaped characters) decodable by sqlmap
2012-07-31 11:32:53 +02:00
Miroslav Stampar
142fc887f1
Fix for an Issue #129
2012-07-31 11:03:44 +02:00
Miroslav Stampar
bdbe8ff9d9
Fix for an Issue #132
2012-07-30 22:39:45 +02:00
Miroslav Stampar
47073f4afd
Implementation of an Issue #131
2012-07-30 21:50:46 +02:00
Miroslav Stampar
93d35fe522
Minor update regarding Issue #129
2012-07-30 21:43:32 +02:00
Miroslav Stampar
b9ac50faef
Minor bug fix
2012-07-30 12:09:20 +02:00
Miroslav Stampar
a86f9798b2
Minor refactoring together with a wider support for html entities
2012-07-30 11:21:32 +02:00
Miroslav Stampar
20a66567a3
Minor refactoring
2012-07-30 10:06:14 +02:00
Miroslav Stampar
cc2a916716
Fix for an Issue #126
2012-07-29 17:33:08 +02:00
Miroslav Stampar
1669c6bdb4
Another update for an Issue #28
2012-07-27 17:05:21 +02:00
Miroslav Stampar
6ffc5665d0
Update for Issue #28
2012-07-27 16:29:33 +02:00
Miroslav Stampar
07738004cc
Fix for an Issue #123
2012-07-27 10:02:47 +02:00
Miroslav Stampar
a5062c1e4f
Adding a warn message when --dns-domain is ignored (because of faster techniques)
2012-07-27 09:48:48 +02:00
Bernardo Damele
92c2b3bd4c
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-07-26 23:11:11 +01:00
Bernardo Damele
d492291744
working on issue #12
2012-07-26 23:11:07 +01:00
Miroslav Stampar
cba387a0a0
Minor speed up
2012-07-26 15:42:04 +02:00
Miroslav Stampar
efa99c4519
Implementation for an Issue #4
2012-07-26 14:07:05 +02:00
Miroslav Stampar
b3552494c4
Minor preparation for an Issue #48
2012-07-26 12:26:57 +02:00
Miroslav Stampar
3e9f1fe410
Minor style update
2012-07-26 12:13:16 +02:00
Miroslav Stampar
30f8d09651
Implementation for an Issue #70
2012-07-26 12:06:02 +02:00
Miroslav Stampar
231f0f76b5
Fix for an Issue #119
2012-07-26 00:49:51 +02:00
Miroslav Stampar
cba77410a9
Minor style update
2012-07-26 00:08:49 +02:00
Miroslav Stampar
18b1d1efd6
Fix for an Issue #121
2012-07-26 00:02:38 +02:00
Miroslav Stampar
2b60e61d54
Minor update for #119
2012-07-25 10:57:19 +02:00
Miroslav Stampar
922ea9d1f4
Update for Issue #118
2012-07-24 15:43:29 +02:00
Miroslav Stampar
f8c9868cb6
Implementation for an Issue #118
2012-07-24 15:34:50 +02:00
Miroslav Stampar
42f518b2d6
Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized
2012-07-24 14:44:44 +02:00
Miroslav Stampar
b820975217
Improvement of decodeIntToUnicode()
2012-07-23 19:31:06 +02:00
Miroslav Stampar
1153b4563c
Minor update for an Issue #111
2012-07-23 18:44:50 +02:00
Miroslav Stampar
fccd69721e
Update for an Issue #111
2012-07-23 18:38:46 +02:00
Miroslav Stampar
ab9cb80602
Implementing Issue #111
2012-07-23 15:14:52 +02:00
Miroslav Stampar
6809449e31
Minor style update
2012-07-23 15:06:49 +02:00
Miroslav Stampar
63bf99ce77
Minor just in case update for an Issue #117
2012-07-23 14:46:43 +02:00
Miroslav Stampar
c6b724489b
Minor style update
2012-07-23 14:26:42 +02:00
Miroslav Stampar
a7d1a0c250
Implementation for an Issue #117
2012-07-23 14:14:22 +02:00
Miroslav Stampar
3279ce53a8
Minor style update
2012-07-23 13:57:38 +02:00
Miroslav Stampar
534eccc9aa
Fix for an Issue #115
2012-07-23 10:16:47 +02:00
Miroslav Stampar
1b6cb9442f
Fix for an Issue #114
2012-07-21 23:31:36 +02:00
Bernardo Damele
0a4b6431a8
minor bug fix - issue #112
2012-07-21 16:51:01 +01:00
Miroslav Stampar
95e0d46e3e
Fix for an Issue #110
2012-07-21 09:15:54 +02:00
Bernardo Damele
dba0a96c2e
fall-back to UNION technique if web file stager was not uploaded with LIMIT
2012-07-20 17:11:22 +01:00
Bernardo Damele
cbe8f41746
minor code refactoring preparing for #96
2012-07-20 16:20:17 +01:00
Miroslav Stampar
f336afa913
Implementation for Issue #108
2012-07-20 09:48:09 +02:00
Miroslav Stampar
dcf8a27f12
Implementation for an Issue #67
2012-07-18 14:24:10 +02:00
Miroslav Stampar
4fc462c4d9
Minor update for an Issue #105
2012-07-18 14:09:04 +02:00
Miroslav Stampar
655dd55a6f
Implementation of an Issue #105
2012-07-18 13:32:34 +02:00
Miroslav Stampar
08244c7ebf
Fix for an Issue #104
2012-07-17 15:05:50 +02:00
Miroslav Stampar
e30646a54f
Fix for an Issue #103
2012-07-17 10:36:22 +02:00
Miroslav Stampar
41d16e55cb
Typo fix ( #102 )
2012-07-17 09:13:19 +02:00
Bernardo Damele
7198e3185b
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-07-17 00:25:08 +01:00
Bernardo Damele
318a01b867
minor typo fixes
2012-07-17 00:25:02 +01:00
Miroslav Stampar
d6ceb7af5e
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-07-17 00:19:52 +02:00
Miroslav Stampar
81d15e5051
Fix for an Issue #101
2012-07-17 00:19:33 +02:00
Bernardo Damele
5f876bdbbe
minor adjustments
2012-07-16 22:50:29 +01:00
Miroslav Stampar
c96e44b30c
Fix for an Issue #100
2012-07-16 23:28:01 +02:00
Miroslav Stampar
ffbbb10abb
Support for dotted identificator names
2012-07-16 23:13:21 +02:00
Miroslav Stampar
0e21cb54de
Minor fix related to Issue #94
2012-07-16 16:06:39 +02:00
Miroslav Stampar
0f64e1e6c1
Minor update for Issue #94 (not fixing it)
2012-07-16 15:43:02 +02:00
Miroslav Stampar
0eff977c63
Refactoring for Issue #91
2012-07-16 12:24:54 +02:00
Miroslav Stampar
4d759984b2
Implementation for Issue #91
2012-07-16 12:12:52 +02:00
Miroslav Stampar
c1a14257a4
Removing --disable... switches and making changes in default choice(s) for respectable sections
2012-07-16 11:31:51 +02:00
Miroslav Stampar
07a85874fe
Implementation for Issue #92
2012-07-16 11:07:47 +02:00
Miroslav Stampar
87ecf205cb
More work for Issue #66
2012-07-14 17:01:04 +02:00
Miroslav Stampar
38d82771be
Minor style update
2012-07-14 11:23:22 +02:00
Miroslav Stampar
805120ac52
Minor refactoring
2012-07-14 11:01:30 +02:00
Miroslav Stampar
9a7fc24ec2
Minor style update
2012-07-13 15:22:08 +02:00
Miroslav Stampar
ddb9caeef1
Revert of the previous commit
2012-07-13 15:05:19 +02:00
Miroslav Stampar
d165d5d5fe
To not be confused with heuristic method in SQLi
2012-07-13 15:03:43 +02:00
Miroslav Stampar
32b700f130
Minor style update
2012-07-13 15:02:11 +02:00
Miroslav Stampar
fbb5db00ba
Minor style update
2012-07-13 15:00:39 +02:00
Miroslav Stampar
786686da60
Minor language update
2012-07-13 14:53:42 +02:00
Miroslav Stampar
9ff9c951bc
Language update
2012-07-13 14:33:16 +02:00
Miroslav Stampar
6677da63cd
Fix for an Issue #88
2012-07-13 14:25:39 +02:00
Miroslav Stampar
3c81f74823
Minor style update
2012-07-13 12:22:37 +02:00
Miroslav Stampar
6ade007aec
Minor update of language
2012-07-13 12:13:04 +02:00
Miroslav Stampar
c5ecc8b8db
Closing work on Issue #83
2012-07-13 11:23:21 +02:00
Miroslav Stampar
48f68bd076
First commit for Issue #83
2012-07-13 10:35:22 +02:00
Miroslav Stampar
d834e8debf
Minor update
2012-07-13 10:28:03 +02:00
Miroslav Stampar
b11fd8b9f7
Fix for an Issue #87
2012-07-13 10:11:16 +02:00
Bernardo Damele
162da75a04
modified homepage address
2012-07-12 18:38:03 +01:00
Miroslav Stampar
a49d685eb8
Hidding --beep (Issue #84 )
2012-07-12 17:03:24 +02:00
Bernardo Damele
ea9c66108e
cleanup for issue #68
2012-07-12 15:38:43 +01:00
Miroslav Stampar
569c9214bf
Adding support for boldifying important logging messages
2012-07-12 16:30:35 +02:00
Miroslav Stampar
b2fe1c30f8
Minority report
2012-07-12 16:04:01 +02:00
Miroslav Stampar
8e18514e56
Minor refactoring for all that stickyness
2012-07-12 15:58:45 +02:00
Miroslav Stampar
fe61bdce75
Minor update
2012-07-12 15:25:26 +02:00
Miroslav Stampar
dbbca16c69
Minor renaming
2012-07-12 15:24:40 +02:00
Miroslav Stampar
9bc24cea6b
Dealing with kb.currentMessage issue
2012-07-12 15:23:35 +02:00
Miroslav Stampar
b320dc118d
Minor fix (recognizing if it's colorizing handler or not)
2012-07-12 14:55:54 +02:00
Miroslav Stampar
cba2a26b68
Finishing Issue #75 (inference dumping)
2012-07-12 14:46:57 +02:00
Miroslav Stampar
65639cdda6
First update for Issue #75 (error-based dumping)
2012-07-12 14:31:28 +02:00
Miroslav Stampar
3fd5119f3f
Redesigning for Issue #75
2012-07-12 13:42:22 +02:00
Bernardo Damele
3d66e2dfb1
minor bug fix
2012-07-12 10:47:51 +01:00
Bernardo Damele
33cbbed4a8
I think we should not resume checkBooleanExpression() calls if --fresh-queries or --flush-session is provided
2012-07-12 01:39:15 +01:00
Bernardo Damele
f704a46341
silly blank line added
2012-07-12 01:38:29 +01:00
Bernardo Damele
ee3aeb8dcf
actual implementation of issue #75 , still some work to do
2012-07-12 01:16:00 +01:00
Bernardo Damele
3a94953ae2
leftover from previous commit
2012-07-12 01:15:34 +01:00
Bernardo Damele
a5924739f6
minor code refactoring in preparation of ticket #75
2012-07-12 01:12:30 +01:00
Bernardo Damele
53c0336b48
added --hostname switch to retrieve DBMS server hostname - closes issue #69
2012-07-12 00:01:57 +01:00
Bernardo Damele
4e64c1126d
restored bold on questions to users (calls from readInput()) - issue #77
2012-07-11 22:56:11 +01:00
Bernardo Damele
247f95e051
restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")
2012-07-11 22:48:27 +01:00
Bernardo Damele
2b3ea3e3b7
fixed colouring for PAYLOAD (-v 3) - issue #77
2012-07-11 22:40:52 +01:00
Miroslav Stampar
15ee5310d9
Adding traffic in and out to color_map
2012-07-11 20:42:18 +02:00
Miroslav Stampar
43cac2212b
Fix for a case when ColorizingStreamHandler is not used
2012-07-11 20:36:32 +02:00
Miroslav Stampar
72378d4f61
Some more refactoring
2012-07-11 20:29:48 +02:00
Miroslav Stampar
c6464b44be
Some more refactoring
2012-07-11 20:13:23 +02:00
Miroslav Stampar
d7926b8aac
Minor refactoring
2012-07-11 19:54:21 +02:00
Bernardo Damele
53ccd09ca4
now also readInput() uses colouring
2012-07-11 17:53:32 +01:00
Bernardo Damele
02ec25b4b8
code refactoring
2012-07-11 17:44:23 +01:00
Bernardo Damele
77b275f1a6
conf->kb
2012-07-11 17:32:12 +01:00
Bernardo Damele
1d2c87e24e
leftover
2012-07-11 17:22:01 +01:00
Bernardo Damele
105ac8ea77
deleted unnecessary hg file
2012-07-11 17:06:56 +01:00
Bernardo Damele
fa2f6f9a39
colourize manually crafter "logging" messages
2012-07-11 16:48:30 +01:00
Miroslav Stampar
295a7a8e5e
Another update for Issue #80
2012-07-11 16:14:20 +02:00
Miroslav Stampar
9a4f8d5f45
Fix for Issue #80
2012-07-11 16:01:25 +02:00
Bernardo Damele
0702dd70b5
verify also that the web backdoor has been successfully uploaded
2012-07-11 14:08:51 +01:00
Bernardo Damele
31571e6e2d
minor refactoring
2012-07-11 11:55:05 +01:00
Miroslav Stampar
9c4a62f725
Some work on Issue #68
2012-07-11 11:58:47 +02:00
Bernardo Damele
f219b39980
minor fix in case ctypes is not installed on Windows
2012-07-10 13:08:37 +01:00
Miroslav Stampar
8caffac4bc
conf.unescape->kb.unescape
2012-07-10 10:55:04 +02:00
Miroslav Stampar
e7f78bf04f
Fix for an issue where False value was displayed for --is.. switches
2012-07-10 10:31:14 +02:00
Bernardo Damele
ea77e7d9d1
added missing file - issue #77
2012-07-10 03:00:21 +01:00
Bernardo Damele
eb7ffb8f91
setup for implementing logging colouring - issue #77
2012-07-10 02:54:37 +01:00
Bernardo Damele
0a3899858d
missed in previous commit
2012-07-10 01:37:53 +01:00
Bernardo Damele
a27f50ed1d
added conf.unescape global variable to control whether or not the injected statements should be unescaped
2012-07-10 01:37:16 +01:00
Bernardo Damele
f645ac6040
dealing with variables in SQL procs - issue #33
2012-07-10 01:05:03 +01:00
Bernardo Damele
2527554f8e
more work on #33
2012-07-10 00:53:07 +01:00
Bernardo Damele
c4af7b9aa0
initial work for issue #33
2012-07-10 00:27:08 +01:00
Bernardo Damele
d3da3f5c52
refactoring for issue #51
2012-07-10 00:19:32 +01:00
Bernardo Damele
25eca9d671
finally got this working on MSSQL 2005: commands can now be executed as another user (BULK INSERT must be used in such case, see comments in the code) - issue #34
2012-07-09 14:26:23 +01:00
Bernardo Damele
99c5ea54f7
cleanup for #34
2012-07-09 12:39:43 +01:00
Bernardo Damele
d08a54e375
properly display the command stdout
2012-07-09 10:52:48 +01:00
Miroslav Stampar
3ff28e58b4
Update regarding Issue #52
2012-07-08 19:24:25 +02:00
Miroslav Stampar
0d539a876d
Minor fix (subversion->github)
2012-07-07 23:49:34 +02:00
Miroslav Stampar
a525dd4336
Fix for Issue #72
2012-07-07 19:02:46 +02:00
Miroslav Stampar
54e0a2d8ee
--os-shell now works perfect for inference-like techniques too
2012-07-07 17:57:06 +02:00
Miroslav Stampar
823b3d8be8
Minor language fixes
2012-07-07 11:41:52 +02:00
Miroslav Stampar
2669528b24
Language typo
2012-07-07 11:16:33 +02:00
Miroslav Stampar
58f6687194
Some refactoring (reusing xpCmdshellForgeCmd)
2012-07-07 10:51:29 +02:00
Miroslav Stampar
8620767b77
Proper fix
2012-07-07 10:38:07 +02:00
Miroslav Stampar
f00a776d8d
Minor fix for BigArray (now accepting negative indexes)
2012-07-07 10:35:29 +02:00
Miroslav Stampar
1c69eb5d30
Revert "major fix"
...
This reverts commit 3a11fc2d9e
.
2012-07-07 10:26:13 +02:00
Bernardo Damele
3a11fc2d9e
major fix
2012-07-06 22:55:34 +01:00
Miroslav Stampar
8c871476ee
Some more refactoring
2012-07-06 17:34:40 +02:00
Miroslav Stampar
6bc0b34031
Some more refactoring
2012-07-06 17:28:01 +02:00
Miroslav Stampar
e948e4d45b
Some more refactoring
2012-07-06 17:18:22 +02:00
Miroslav Stampar
1a8ebbfd43
Minor refactoring
2012-07-06 17:05:47 +02:00
Bernardo Damele
373fea03a3
fixed display of TABs
2012-07-06 15:13:23 +01:00
Miroslav Stampar
438a636973
Fix for issue Issue #60
2012-07-06 15:36:32 +02:00
Miroslav Stampar
76f7f907c6
Minor update for Issue #61
2012-07-06 14:33:40 +02:00
Miroslav Stampar
6a05e3fd79
Fix for Issue #61
2012-07-06 14:24:44 +02:00
Miroslav Stampar
1ebff35b19
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-07-06 12:25:21 +02:00
Miroslav Stampar
982fcde1c0
Fix for Issue #62
2012-07-06 12:24:55 +02:00
Bernardo Damele
4fa6d51d93
improved issues link
2012-07-05 16:26:50 +01:00
Miroslav Stampar
bc5025b06c
Fix for Issue #59
2012-07-05 12:34:27 +02:00
Miroslav Stampar
c3c1b9e957
Minor restyling
2012-07-04 20:28:18 +02:00
Miroslav Stampar
7ad6697446
Fix for Issue #57
2012-07-04 20:21:44 +02:00
Miroslav Stampar
23fb753759
Finishing work on Issue #52
2012-07-03 22:13:01 +02:00
Miroslav Stampar
40fc6488bf
Fix for Issue #56 (Google has changed few things for retrieving PR)
2012-07-03 21:00:18 +02:00
Miroslav Stampar
bbf41f6658
Removing debugging leftover
2012-07-03 16:50:05 +02:00
Miroslav Stampar
ada627a022
Another update for Issue #52
2012-07-03 16:49:34 +02:00
Miroslav Stampar
70f754f6c5
Making work on Issue #52
2012-07-03 16:34:11 +02:00
Bernardo Damele
793fa464e3
website url fix
2012-07-03 13:14:39 +01:00
Miroslav Stampar
51f35674ca
Removing obsolete switch --version as version is now displayed with every run (Issue #54 )
2012-07-03 13:11:09 +02:00
Miroslav Stampar
481b46a004
Restyling output for Issue #52
2012-07-03 13:06:52 +02:00
Miroslav Stampar
6b419067b7
Another minor update for Issue #54
2012-07-03 12:49:35 +02:00
Miroslav Stampar
8b8677b938
Another minor update for Issue #54
2012-07-03 12:29:42 +02:00
Miroslav Stampar
47b6e696d8
Minor update for Issue #54
2012-07-03 12:21:40 +02:00
Miroslav Stampar
3af1532700
Implementation for Issue #54
2012-07-03 12:09:18 +02:00
Miroslav Stampar
5af6ca58a0
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-07-03 00:50:45 +02:00
Miroslav Stampar
168aeadf76
Adding switch --output-dir (Issue #53 )
2012-07-03 00:50:23 +02:00
Bernardo Damele
fd4cfb0cc0
working on #51
2012-07-02 15:28:19 +01:00
Bernardo Damele
7335072ab8
leftover
2012-07-02 15:11:21 +01:00
Bernardo Damele
04d803c7fd
more tweaking for issue #34 , it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)
2012-07-02 15:02:00 +01:00
Bernardo Damele
b7d2680e55
minor refactoring, issue #51
2012-07-02 12:50:26 +01:00
Miroslav Stampar
8eefe4b71f
Getting back revision number - displayed like in GitHub commits (Issue #52 )
2012-07-02 13:01:20 +02:00
Bernardo Damele
add8352804
make the runAsDBMSUser() generic and ported to abstraction.py so the same function will be used for PostgreSQL dblink() too
2012-07-02 02:14:03 +01:00
Bernardo Damele
6697927098
initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap
2012-07-02 02:04:19 +01:00
Bernardo Damele
7b4ecd9df0
added skeleton code for issue #34 , still not usable
2012-07-02 00:22:34 +01:00
Bernardo Damele
4736d46677
just in case..
2012-07-02 00:00:46 +01:00
Bernardo Damele
03d2c9c818
placeholder message when --update is provided, remove when the function is updated to pull changes from git
2012-07-01 23:59:44 +01:00
Bernardo Damele
18be319d13
hexencoding the command is much shorter than unescaping with CHAR() for MSSQL, also no need for spaces between nested comments when forging the xp_cmdshell command to run
2012-07-01 23:41:10 +01:00
Bernardo Damele
ff9e97a42c
minor code refactoring
2012-07-01 23:31:45 +01:00
Bernardo Damele
ab412da27f
I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes
2012-07-01 23:25:05 +01:00
Miroslav Stampar
d7cd55fb28
Fix for Issue #47
2012-07-01 11:05:04 +02:00
Miroslav Stampar
21d9ae0a2c
some more refactoring
2012-07-01 01:19:54 +02:00
Miroslav Stampar
f6509db31a
minor refactoring
2012-07-01 00:33:19 +02:00
Miroslav Stampar
32f52cdd04
Another language update for Issue #45
2012-06-29 10:33:54 +02:00
Miroslav Stampar
f0e39c3fae
Language update for Issue #45
2012-06-29 10:33:00 +02:00
Miroslav Stampar
c0f16f0c1a
Fix for Issue #45
2012-06-29 10:31:03 +02:00
Miroslav Stampar
e51d3a02f1
Update for Issue #43 (renamed --disable-cracking to --disable-hash)
2012-06-28 18:53:47 +02:00
Miroslav Stampar
18b596ea75
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-06-28 18:48:18 +02:00
Miroslav Stampar
c8bac658f3
Fix for Issue #43
2012-06-28 18:47:55 +02:00
Miroslav Stampar
2a72fcce2b
Fix for Issue #42
2012-06-28 13:55:30 +02:00
jekil
c39e5a85ba
Removed $id$ tags
2012-06-27 20:56:43 +02:00
Miroslav Stampar
01be9381d5
minor update
2012-06-25 16:24:33 +00:00
Miroslav Stampar
6c4bd84d18
minor fix (turning back the functionality of kb.suppressResumeInfo)
2012-06-25 16:19:51 +00:00
Miroslav Stampar
ea5d483c86
session file no more
2012-06-21 11:19:30 +00:00
Miroslav Stampar
ec44e88db8
lots of refactoring regarding removal of already obsolete session file mechanism
2012-06-21 10:09:10 +00:00
Miroslav Stampar
1e67b4f0b9
minor fix
2012-06-20 14:16:26 +00:00
Miroslav Stampar
302d782a0f
minor style update
2012-06-19 08:33:51 +00:00
Miroslav Stampar
452ef202ae
minor fixes
2012-06-17 22:48:23 +00:00
Miroslav Stampar
b9f6943a42
minor update
2012-06-17 21:23:12 +00:00
Miroslav Stampar
e2a60b302f
minor fix
2012-06-17 21:21:45 +00:00
Miroslav Stampar
3da8f86e97
minor fix
2012-06-15 21:01:27 +00:00
Miroslav Stampar
fe49abd45f
minor fix
2012-06-15 20:49:28 +00:00
Miroslav Stampar
06be7bbb18
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
2012-06-15 20:41:53 +00:00
Miroslav Stampar
76c873a222
minor fix
2012-06-15 06:22:44 +00:00
Miroslav Stampar
76584ff0fa
unhidding --test-filter
2012-06-14 14:36:53 +00:00
Miroslav Stampar
d2dd47fb23
some more refactoring
2012-06-14 13:52:56 +00:00
Miroslav Stampar
facce2c0df
some more cleanup
2012-06-14 13:50:36 +00:00
Miroslav Stampar
d5e80089ff
minor summer cleanup
2012-06-14 13:44:16 +00:00
Miroslav Stampar
3a90105fbb
minor refactoring
2012-06-14 13:38:53 +00:00
Miroslav Stampar
1204eb00b2
minor fix
2012-06-14 12:46:32 +00:00
Miroslav Stampar
19c0efec59
just a minor refactoring
2012-06-14 09:10:28 +00:00
Miroslav Stampar
a51d8c4c79
replacing identifier safe char " with [] enclosing for MsSQL
2012-06-13 15:27:42 +00:00
Miroslav Stampar
367de838c1
minor update
2012-06-13 14:08:32 +00:00
Miroslav Stampar
4ac3794e80
minor update
2012-06-12 14:22:14 +00:00
Miroslav Stampar
d7f698fa14
minor update
2012-06-11 22:01:13 +00:00
Miroslav Stampar
96177393e1
minor update regarding --exact switch
2012-06-10 13:38:12 +00:00
Miroslav Stampar
b85a1fc271
minor fix
2012-06-05 22:55:42 +00:00
Miroslav Stampar
058a9c59a2
fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)
2012-06-05 22:40:55 +00:00
Miroslav Stampar
f94ebe3107
minor fix (credentials were only set for the first target)
2012-06-04 22:30:12 +00:00
Miroslav Stampar
738073105e
minor updates
2012-06-04 19:52:51 +00:00
Miroslav Stampar
7b282b1d6c
adding support for newer SSL protocols
2012-06-04 19:46:28 +00:00
Miroslav Stampar
10b0639a96
making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE)
2012-06-04 09:24:46 +00:00
Miroslav Stampar
76a4aa19ac
some more fine tunning
2012-05-28 19:50:12 +00:00
Miroslav Stampar
73dba249e8
one more just in case update
2012-05-28 19:34:47 +00:00
Miroslav Stampar
efb406fbfc
minor revert
2012-05-28 19:13:50 +00:00
Miroslav Stampar
f7cba8d2cb
minor update
2012-05-28 18:05:15 +00:00
Miroslav Stampar
a72cb29c1f
taking care of few issues regarding reverse address lookup of localhost/127.0.0.1 at remote DNS server
2012-05-28 16:57:10 +00:00
Miroslav Stampar
190ae4ca13
no need for conf.timeSec value as inference is always evaluated to False in DNS (large random values used for > ...)
2012-05-28 15:10:17 +00:00
Miroslav Stampar
89e90c3d84
revert of last commit
2012-05-28 15:01:56 +00:00
Miroslav Stampar
96c84e6e5b
minor update
2012-05-28 15:00:06 +00:00
Miroslav Stampar
a70a647aeb
few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...)
2012-05-28 14:51:23 +00:00
Miroslav Stampar
b1d82422a0
changing conf.dnsDomain to conf.dName just because of long text problems in help listing
2012-05-28 14:15:04 +00:00
Miroslav Stampar
d2bbfa4aad
minor style update
2012-05-28 14:04:17 +00:00
Miroslav Stampar
226547b7dc
minor fix for --skip-urlencode and custom post
2012-05-28 09:04:25 +00:00
Miroslav Stampar
75dd1d6a2b
minor fix
2012-05-27 21:54:56 +00:00
Miroslav Stampar
e967bbd70f
minor patch
2012-05-27 21:44:42 +00:00
Miroslav Stampar
76eeba10e2
unhiding --dns-domain switch
2012-05-27 18:41:06 +00:00
Miroslav Stampar
fed0212631
now working with recursive queries too
2012-05-27 10:03:02 +00:00
Miroslav Stampar
71ff081fde
minor update
2012-05-27 09:11:19 +00:00
Miroslav Stampar
09f2144485
full page read is not needed in DNS exfiltration mode
2012-05-26 21:28:43 +00:00
Miroslav Stampar
4e6fcce9ca
minor update
2012-05-26 07:04:32 +00:00
Miroslav Stampar
ce077137c9
minor language update
2012-05-26 07:01:37 +00:00
Miroslav Stampar
d335ec0c34
turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars
2012-05-26 07:00:26 +00:00
Miroslav Stampar
00d22f013f
some consistency in variable naming at the file level
2012-05-25 10:08:55 +00:00
Miroslav Stampar
db526bdbc0
minor update (tainted values are not checked any more in multipleTargets mode)
2012-05-25 09:52:17 +00:00
Miroslav Stampar
dc20bff1d0
minor update
2012-05-25 08:30:24 +00:00
Miroslav Stampar
c394610740
adding switch --skip-urlencode to skip URL encoding of POST data
2012-05-24 23:30:33 +00:00
Miroslav Stampar
7657bbeaf9
minor update
2012-05-24 22:32:06 +00:00
Miroslav Stampar
86fdad2bfa
minor update
2012-05-24 22:07:50 +00:00
Miroslav Stampar
eed8d7eb5d
finalizing support for IPv6
2012-05-24 21:55:57 +00:00
Miroslav Stampar
b6d37d766a
minor update regarding IPv6 support
2012-05-24 21:49:20 +00:00
Miroslav Stampar
92286104e3
minor just in case update
2012-05-24 21:39:10 +00:00
Miroslav Stampar
3e9c57d177
minor fix
2012-05-24 21:36:35 +00:00
Miroslav Stampar
be76928293
minor fix
2012-05-24 20:53:01 +00:00
Miroslav Stampar
1e18168cc8
fix for one silent bug and small language update
2012-05-23 16:35:40 +00:00
Miroslav Stampar
2538e2d5b4
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
2012-05-22 09:33:22 +00:00
Miroslav Stampar
2c057d5b3d
minor style update
2012-05-21 22:40:52 +00:00
Miroslav Stampar
bbfa4b6d5d
minor update
2012-05-14 14:38:16 +00:00
Miroslav Stampar
333f8057a5
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
2012-05-14 14:06:43 +00:00
Miroslav Stampar
595f69fa2c
minor language update
2012-05-10 18:30:25 +00:00
Miroslav Stampar
35f400b45b
minor language upgrade
2012-05-10 18:25:12 +00:00
Miroslav Stampar
80aedbe284
adding a warning about --tor switch
2012-05-10 18:17:32 +00:00
Miroslav Stampar
b81fe42d4b
turning off null connection on -o when --tor used (not compatible)
2012-05-10 17:50:54 +00:00
Miroslav Stampar
efdd86ddcc
minor just in case patch
2012-05-10 14:22:34 +00:00
Miroslav Stampar
6367f59b98
minor code refactoring
2012-05-10 14:15:17 +00:00
Miroslav Stampar
12d32f58f2
fix for that SOAP reported bug
2012-05-10 13:39:54 +00:00
Miroslav Stampar
1418ae9767
little refactoring of parseUnionPage together with a patch for some special case
2012-05-09 18:47:40 +00:00
Miroslav Stampar
7fb1f3fc70
minor renaming
2012-05-09 18:26:02 +00:00
Miroslav Stampar
11d9859199
making nice code
2012-05-09 18:25:04 +00:00
Miroslav Stampar
b0a8238774
minor fixes
2012-05-09 14:58:16 +00:00
Miroslav Stampar
9fa3619262
minor fix
2012-05-09 14:00:07 +00:00
Miroslav Stampar
56a3431be6
minor update for empty tables (skipping other techniques)
2012-05-09 10:34:21 +00:00
Miroslav Stampar
6177317a17
minor update
2012-05-09 10:06:23 +00:00
Miroslav Stampar
37f2709197
making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)
2012-05-09 09:08:23 +00:00
Miroslav Stampar
fdf61015ad
minor patch
2012-05-09 08:41:05 +00:00
Miroslav Stampar
e419177871
minor update
2012-05-08 17:28:19 +00:00
Miroslav Stampar
deec97dfe3
adding Frontbase to error message regexes
2012-05-08 17:02:58 +00:00
Miroslav Stampar
eccd4da00f
minor fix
2012-05-08 15:03:33 +00:00
Miroslav Stampar
938d9ff23e
doing all the work for the users so they wouldn't strain their little hands
2012-05-08 15:00:23 +00:00
Miroslav Stampar
524dd75ff2
that query variable hasn't been used anywhere (obsolete for some time)
2012-05-08 14:34:40 +00:00
Miroslav Stampar
6af110d631
avoiding --no-cast/--hex warning message before a DBMS is fingerprinted
2012-05-08 14:06:41 +00:00
Miroslav Stampar
64c241fe92
limiting original UNION query results to only 1 result (potentially speeding things up in some cases)
2012-05-08 13:45:53 +00:00
Miroslav Stampar
e00f4a8934
minor cosmetics
2012-05-08 10:50:04 +00:00
Miroslav Stampar
a121339395
automatically writing uncracked hashes to a file for eventual further processing
2012-05-08 10:46:05 +00:00
Miroslav Stampar
80ee687b41
minor beauty patch
2012-05-07 13:51:31 +00:00
Miroslav Stampar
96299d3d5d
minor refactoring
2012-05-03 22:34:18 +00:00
Miroslav Stampar
cc28f6db6b
minor update
2012-05-01 20:43:16 +00:00
Miroslav Stampar
17efeaae7f
causing too much confusion among dummy users
2012-05-01 09:04:11 +00:00
Miroslav Stampar
694b14111f
skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set)
2012-04-27 13:16:51 +00:00
Miroslav Stampar
6f67dc85ee
adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical
2012-04-25 20:29:07 +00:00
Bernardo Damele
4da03d898e
Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too. Fixes #236
2012-04-25 07:40:42 +00:00
Miroslav Stampar
cec432f94d
minor update
2012-04-23 14:43:59 +00:00
Miroslav Stampar
697768c01a
adding --purge-output to be one of mandatory switches
2012-04-23 14:42:24 +00:00
Miroslav Stampar
d57d5e4b2c
minor update
2012-04-23 14:33:36 +00:00
Miroslav Stampar
1eecfb3dce
adding new file related to the last commit
2012-04-23 14:25:16 +00:00
Miroslav Stampar
095b25e1d1
adding option '--purge'
2012-04-23 14:24:23 +00:00
Miroslav Stampar
3532d23933
automatically extending ranges for UNION tests in case where at least one other injection technique is usable (boundaries has been established)
2012-04-23 13:41:36 +00:00
Miroslav Stampar
be2da77bf8
minor update
2012-04-23 10:15:04 +00:00
Miroslav Stampar
21c6b52198
minor fix
2012-04-23 10:11:00 +00:00
Miroslav Stampar
775134639d
minor update
2012-04-20 20:33:15 +00:00
Miroslav Stampar
2b1b4c0742
minor fix
2012-04-18 10:01:04 +00:00
Miroslav Stampar
6ebb621228
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
2012-04-17 14:23:00 +00:00
Miroslav Stampar
efd27d7ade
minor renaming
2012-04-17 08:41:19 +00:00
Miroslav Stampar
601d118c68
reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types)
2012-04-15 16:59:03 +00:00
Miroslav Stampar
71b0acc16f
minor fix (checking for full inband should be done with ORIGINAL - more concise)
2012-04-15 16:43:18 +00:00
Miroslav Stampar
5772c52f46
minor refactoring/fix (randQuery is just a part (e.g. abc) of phrase (def 🔤 ghi) - phrase should be searched for, not just randQuery); both phrases should be inside the content for it to be full-inband injectable (...UNION ALL SELECT phrase UNION ALL SELECT phrase2....)
2012-04-15 16:33:47 +00:00
Miroslav Stampar
ae8c70e895
another cosmetics
2012-04-13 15:11:44 +00:00
Miroslav Stampar
d765cdc3a3
minor cosmetics
2012-04-13 15:10:40 +00:00
Miroslav Stampar
54576ab3a6
making a random choice from candidates
2012-04-13 10:54:30 +00:00
Miroslav Stampar
bbbcc95fe5
use it only if page is stable
2012-04-13 10:19:26 +00:00
Miroslav Stampar
052d9455fe
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
2012-04-12 09:44:54 +00:00
Miroslav Stampar
831f79b851
minor generalization
2012-04-12 09:30:19 +00:00
Miroslav Stampar
c7422546e1
tiny update
2012-04-11 23:01:38 +00:00
Miroslav Stampar
2bad73a981
minor update
2012-04-11 21:48:44 +00:00
Miroslav Stampar
e195de2093
correcting comment on reflective removal function
2012-04-11 21:41:48 +00:00
Miroslav Stampar
b45ae10da4
minor fixes
2012-04-11 21:36:37 +00:00
Miroslav Stampar
627bfc589f
some more updates in reflective removal mechanism
2012-04-11 21:26:00 +00:00
Miroslav Stampar
8b130f6497
minor improvement for reflective values (when missing first part of payload like in error reports)
2012-04-11 15:01:28 +00:00
Miroslav Stampar
01bd5d0ab2
some more updates for reflective mechanism
2012-04-11 10:41:33 +00:00
Miroslav Stampar
2e92d8636e
improvement of reflective mechanism
2012-04-11 08:58:03 +00:00
Miroslav Stampar
60ca44e0cf
minor adjustment
2012-04-11 08:35:09 +00:00
Miroslav Stampar
e33ea7c33a
minor fix
2012-04-10 22:29:39 +00:00
Miroslav Stampar
8541222080
minor update
2012-04-10 22:26:42 +00:00
Miroslav Stampar
9c2f244d47
minor fix
2012-04-10 22:20:53 +00:00
Miroslav Stampar
a82206cec4
minor cosmetics
2012-04-10 21:57:00 +00:00
Miroslav Stampar
119eec3598
improving "boolean detection" by automatic recognition of convenient --string candidate
2012-04-10 21:48:34 +00:00
Miroslav Stampar
8c6eb4faa9
adding support for PgSQL DNS data exfiltration
2012-04-07 14:06:11 +00:00
Miroslav Stampar
b2afa87e48
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
2012-04-06 08:42:36 +00:00
Miroslav Stampar
2223c884e5
minor refactoring
2012-04-05 12:55:26 +00:00
Miroslav Stampar
02924eb345
minor update
2012-04-04 23:47:06 +00:00
Miroslav Stampar
e0994947e2
minor update
2012-04-04 23:37:50 +00:00
Miroslav Stampar
b1dd03731a
minor cosmetics
2012-04-04 23:34:08 +00:00
Miroslav Stampar
83387d92bb
minor bug fix
2012-04-04 23:32:20 +00:00
Miroslav Stampar
c89a4162e2
bug fix for --dns-domain with --technique=TS
2012-04-04 18:01:39 +00:00
Miroslav Stampar
098c7c06dd
added few comments
2012-04-04 13:24:58 +00:00
Miroslav Stampar
a5b69eaea4
removing unused imports
2012-04-04 13:18:14 +00:00
Bernardo Damele
52796bb4da
revert
2012-04-04 13:02:50 +00:00
Miroslav Stampar
a4b95ab7dd
works against MySQL/Windows
2012-04-04 12:49:45 +00:00
Bernardo Damele
a1d97e9d7b
Add a space after a comment
2012-04-04 12:48:21 +00:00
Bernardo Damele
025c531d22
leftover
2012-04-04 12:44:25 +00:00
Bernardo Damele
c0946ce2c9
Minor refactoring
2012-04-04 12:42:58 +00:00
Bernardo Damele
75d1dab895
more cosmetics
2012-04-04 12:33:16 +00:00
Bernardo Damele
d106fb5184
layout adjustments
2012-04-04 12:27:24 +00:00
Miroslav Stampar
1b2cd44255
proper fix
2012-04-04 10:35:52 +00:00
Miroslav Stampar
7031ef8e00
removing default values for referer and host from higher level/risk options
2012-04-04 10:34:27 +00:00
Miroslav Stampar
5e358b51f9
few fixes related to bug report by Shadow Folder (AttributeError: 'list' object has no attribute 'isdigit')
2012-04-04 09:25:05 +00:00
Miroslav Stampar
5851badff1
minor refactoring
2012-04-03 14:46:09 +00:00
Miroslav Stampar
b0787f193c
getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)
2012-04-03 14:34:15 +00:00
Miroslav Stampar
556b349be3
minor fix for retrieving non-printable chars in inference and non-multi threading mode
2012-04-03 14:04:07 +00:00
Miroslav Stampar
33bb9c5f19
much cleaner approach in that "flat" representation of retrieved items in union technique
2012-04-03 13:56:11 +00:00
Miroslav Stampar
7fb190f3b1
minor fix
2012-04-03 12:35:19 +00:00
Miroslav Stampar
886aa22efc
minor update
2012-04-03 12:19:37 +00:00
Miroslav Stampar
503988887c
minor update
2012-04-03 10:43:46 +00:00
Miroslav Stampar
78f51fd2e5
minor fix
2012-04-03 10:18:03 +00:00
Miroslav Stampar
2504f4edb8
minor fixes
2012-04-03 10:10:33 +00:00
Miroslav Stampar
e05109812f
minor improvements regarding data retrieval through DNS channel
2012-04-03 09:18:30 +00:00
Miroslav Stampar
5f94987b0f
fix for DNS method for MSSQL
2012-04-02 17:28:18 +00:00
Miroslav Stampar
2c28423cb8
minor update
2012-04-02 14:57:15 +00:00
Miroslav Stampar
8a9d09f79b
minor fixes
2012-04-02 14:11:23 +00:00
Miroslav Stampar
1cd3c3f7af
further update of DNS data retrieval mechanism through SQLi
2012-04-02 14:05:30 +00:00
Miroslav Stampar
1e01203562
few just in case "patches"
2012-04-02 12:58:10 +00:00
Miroslav Stampar
d908d078dd
minor fix
2012-04-02 12:27:30 +00:00
Miroslav Stampar
abffc39929
minor update regarding DNS data retrieval task
2012-04-02 12:22:40 +00:00
Miroslav Stampar
f7a664b120
enablind DNS server for DNS data exfiltration
2012-03-31 12:08:27 +00:00
Miroslav Stampar
8be9cd4ac4
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
2012-03-31 10:22:50 +00:00
Miroslav Stampar
429b8396e9
minor update for DNSServer support
2012-03-30 13:20:29 +00:00
Miroslav Stampar
56638f9e95
making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection
2012-03-30 10:50:01 +00:00
Miroslav Stampar
79c3d6f2aa
minor update
2012-03-30 10:37:46 +00:00
Miroslav Stampar
6acf6b193a
minor update regarding boolean logic comparison mechanism
2012-03-30 09:42:58 +00:00
Miroslav Stampar
5469186540
minor comment update
2012-03-29 14:35:47 +00:00
Miroslav Stampar
637a8d8273
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
2012-03-29 14:33:27 +00:00
Miroslav Stampar
ce4c697bbd
disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code
2012-03-29 13:39:12 +00:00
Miroslav Stampar
772ead8d03
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
2012-03-29 12:44:20 +00:00
Miroslav Stampar
c9cac957bb
adding one more case for false positive check (Generic tests without any DBMS knowledge)
2012-03-29 09:56:09 +00:00
Miroslav Stampar
60146481af
bug fix(es) (flags were used in place of count parameter in re.sub() calls)
2012-03-28 19:33:00 +00:00
Miroslav Stampar
9433bbe26d
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
2012-03-28 19:27:12 +00:00
Miroslav Stampar
7d131d1fb1
minor update
2012-03-28 13:46:31 +00:00
Miroslav Stampar
7fd64df167
minor code cleaning
2012-03-28 13:31:07 +00:00
Miroslav Stampar
769b0d0ae7
more minor updates regarding data retrieval through DNS channel
2012-03-27 19:29:24 +00:00
Miroslav Stampar
1b072f6415
laying foundation for DNS based data retrieval
2012-03-27 18:59:12 +00:00
Miroslav Stampar
3abcd6910a
strange combination of "Set-Cookie" and interleaved pattern of True/False like responses can result in bypassing of the ABAB test
2012-03-22 00:06:50 +00:00
Miroslav Stampar
e88687b1f0
revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection)
2012-03-21 23:15:59 +00:00
Miroslav Stampar
524c1d38ad
making default redirect choice to NO (making fewer requests by default and in lots of cases clearer pages for comparison - original page vs redirect message)
2012-03-21 23:03:57 +00:00
Miroslav Stampar
11132ba993
fix for a bug in reflection removal mechanism
2012-03-19 14:28:18 +00:00
Miroslav Stampar
8e7d360ea2
cleaner refactoring regarding last commit
2012-03-19 12:03:25 +00:00
Miroslav Stampar
401763b6f8
minor fix (it has to be level 1 array like it was with the previous re.findall mechanism)
2012-03-19 12:00:22 +00:00
Miroslav Stampar
037db9b3b8
minor removal of older stuff
2012-03-19 09:38:27 +00:00
Miroslav Stampar
da7f4eeffd
removing left over
2012-03-18 17:33:14 +00:00
Miroslav Stampar
0fc4288a7c
modifying redirection code for only two choices
2012-03-18 17:27:08 +00:00
Bernardo Damele
c03d0e24fb
it must stay as is
2012-03-16 17:42:00 +00:00
Bernardo Damele
3505503a08
no need to return here
2012-03-16 17:30:16 +00:00
Bernardo Damele
942d9e4fa8
code cleanup
2012-03-16 17:27:24 +00:00
Bernardo Damele
a1c943fc79
Major bug fix to comparison algorithm with OR based boolean-based injections
2012-03-16 17:22:55 +00:00
Miroslav Stampar
d66056fe39
one more related commit
2012-03-16 13:16:53 +00:00
Miroslav Stampar
ac02a2d92c
minor fix
2012-03-16 13:14:14 +00:00
Miroslav Stampar
cbdcbdd786
minor minor update
2012-03-16 11:18:18 +00:00
Miroslav Stampar
b130a9e14e
minor fix (writing to HashDB on any interrupt)
2012-03-16 10:15:43 +00:00
Miroslav Stampar
577caac4de
putting kb.negativeLogic setting to the safe place
2012-03-16 09:17:11 +00:00
Miroslav Stampar
209e795369
minor just in case update
2012-03-16 09:02:17 +00:00
Miroslav Stampar
adb5fff6b2
one more update related to the redirection mechanism
2012-03-15 20:17:40 +00:00
Miroslav Stampar
7d313ac911
few more fixes for proper redirecting mechanism
2012-03-15 19:47:59 +00:00
Bernardo Damele
86c4650058
Minor bug fix - revert
2012-03-15 17:12:24 +00:00
Bernardo Damele
cc15373769
More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later)
2012-03-15 16:29:28 +00:00
Bernardo Damele
4520744b4d
second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now
2012-03-15 16:25:26 +00:00
Miroslav Stampar
ddd92476a8
minor fix
2012-03-15 15:58:25 +00:00
Miroslav Stampar
19beb912fa
first step toward negative logic support
2012-03-15 15:52:12 +00:00
Miroslav Stampar
8dd570057b
minor fix (double traffic log for -t in case of HTTP error)
2012-03-15 14:51:16 +00:00
Miroslav Stampar
f7df755f37
minor update
2012-03-15 12:55:22 +00:00
Miroslav Stampar
3d39c6cb3b
some fixes here and there
2012-03-15 12:14:50 +00:00
Miroslav Stampar
3d9b1599d1
minor update
2012-03-15 11:45:32 +00:00
Miroslav Stampar
91f1d6141f
minor fix
2012-03-15 11:24:55 +00:00
Miroslav Stampar
a8c9a47092
redirect logic rewritten from scratch
2012-03-15 11:10:58 +00:00
Bernardo Damele
890bf708bc
Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)
2012-03-15 00:19:57 +00:00
Bernardo Damele
1e71b24dca
More info messages to prove xp_cmdshell (and temporary directory choosen) worked
2012-03-14 22:41:53 +00:00
Miroslav Stampar
52a8b25ff4
minor fix
2012-03-14 14:31:41 +00:00
Miroslav Stampar
ca0d068575
distinguishing NULL from BLANK
2012-03-14 13:52:23 +00:00
Miroslav Stampar
e38b59a2ae
minor update
2012-03-14 13:16:49 +00:00
Miroslav Stampar
cee9ff7885
proper parsing of content in partial union technique
2012-03-14 11:23:30 +00:00
Miroslav Stampar
61ad3b999a
fix for a crash with partial union and --hex
2012-03-14 10:31:24 +00:00
Miroslav Stampar
a7fbc55748
grammar fix
2012-03-13 22:03:23 +00:00
Miroslav Stampar
edfcddd3c3
minor fix for logging only cookies used by request (e.g. --load-cookies case)
2012-03-13 10:58:15 +00:00
Miroslav Stampar
34b0935cb3
refactoring "echo 1" quick test for xp_cmdshell console output
2012-03-13 10:36:49 +00:00
Miroslav Stampar
e827f41cdb
using pickle HIGHEST_PROTOCOL just in case
2012-03-13 09:35:37 +00:00
Miroslav Stampar
e6c610abab
minor fix
2012-03-13 09:14:56 +00:00
Miroslav Stampar
cda8815634
introducing safe deprecation mechanism for HashDB versioning
2012-03-12 22:55:57 +00:00
Miroslav Stampar
48bcde478e
more general update
2012-03-12 15:29:55 +00:00
Miroslav Stampar
1d0c8a7f44
minor update
2012-03-12 15:19:02 +00:00
Miroslav Stampar
6ed1b04bbe
minor update
2012-03-12 13:27:07 +00:00
Miroslav Stampar
c878dd3e5a
doing a dummy test for --os-shell in case of xp_cmdshell
2012-03-09 14:21:41 +00:00
Miroslav Stampar
a0b46963cb
minor fix for some special "unusable" cases (seen on Access/ODBC/Linux setup)
2012-03-09 10:28:19 +00:00
Miroslav Stampar
5a83f1c5f7
minor update
2012-03-08 15:43:22 +00:00
Bernardo Damele
c79807f5fb
Minor layout adjustments
2012-03-08 15:11:24 +00:00
Miroslav Stampar
775e424bf2
bug fix for using --no-cast and --hex switches together
2012-03-08 15:04:52 +00:00
Miroslav Stampar
11c7cc5224
minor temporary fix
2012-03-08 11:08:43 +00:00
Miroslav Stampar
98a3e43f53
bug fix for writing raw pickled data into SQLite HashDB
2012-03-08 10:57:47 +00:00
Miroslav Stampar
cd28eb6544
minor update regarding --load-cookies
2012-03-08 10:19:34 +00:00
Miroslav Stampar
2c87d061e9
minor update
2012-03-08 10:03:59 +00:00
Miroslav Stampar
9ca8bc4d51
minor bug fix
2012-03-08 09:52:33 +00:00
Miroslav Stampar
b4cf8b05b3
added switch --load-cookies
2012-03-07 14:48:45 +00:00
Miroslav Stampar
4cfea96471
minor update
2012-03-05 09:56:48 +00:00
Miroslav Stampar
0ead1fd87e
minor update
2012-03-05 09:42:52 +00:00
Miroslav Stampar
ac5a752b12
Oracle's XMLType doesn't like '#' char too
2012-03-01 11:59:37 +00:00
Miroslav Stampar
f4e410db16
minor fix
2012-03-01 10:17:39 +00:00
Miroslav Stampar
1ec56f93ec
minor update
2012-03-01 10:10:19 +00:00
Miroslav Stampar
2d3c12d2d0
shorter single line info
2012-03-01 09:10:24 +00:00
Miroslav Stampar
37db27b720
turning back on automatic adjusting of delays in time based queries
2012-02-29 15:51:23 +00:00
Miroslav Stampar
0205d96d7b
minor fix
2012-02-29 15:38:01 +00:00
Miroslav Stampar
1bdc07c279
minor update
2012-02-29 15:02:24 +00:00
Miroslav Stampar
8b9c5c66cc
code refactoring regarding charsetType inside inference/bisection
2012-02-29 14:36:23 +00:00
Miroslav Stampar
f6f98f1b41
minor improvement
2012-02-29 14:19:59 +00:00
Miroslav Stampar
d06182347f
fixing few potential problems
2012-02-29 13:56:40 +00:00
Miroslav Stampar
f142c0f782
minor update
2012-02-28 14:04:13 +00:00
Miroslav Stampar
22b3fa0749
minor update
2012-02-27 15:28:36 +00:00
Miroslav Stampar
a9bf0297f6
moving injection data to HashDB
2012-02-27 13:44:07 +00:00
Miroslav Stampar
68e08d2749
minor fix for not displaying 'None' but None in enumeration when data unavailable
2012-02-27 13:15:10 +00:00
Miroslav Stampar
a424de3102
minor fix
2012-02-27 12:55:28 +00:00
Miroslav Stampar
1e82405bb9
HashDB is now supported in -d too
2012-02-27 12:14:01 +00:00
Miroslav Stampar
3909658fc2
few minor just in case updates
2012-02-27 11:15:53 +00:00
Miroslav Stampar
85125018a1
minor bug fix
2012-02-25 22:54:32 +00:00
Miroslav Stampar
5d307cf886
minor update
2012-02-25 10:54:39 +00:00
Miroslav Stampar
06ab3fa134
minor update
2012-02-25 10:53:38 +00:00
Miroslav Stampar
74b19a0386
minor update
2012-02-25 10:43:10 +00:00
Miroslav Stampar
5b67af3b20
minor update
2012-02-24 15:03:39 +00:00
Miroslav Stampar
8a203ef79d
making session data strictly dependent on url through HashDB helper functions
2012-02-24 14:58:24 +00:00
Miroslav Stampar
c36cbbb3ae
minor fix
2012-02-24 14:54:10 +00:00
Miroslav Stampar
9d6fd2e507
bug fix for --schema --technique=BST
2012-02-24 14:12:19 +00:00
Miroslav Stampar
f94b91ad87
added helper function for HashDB data storing/retrieval
2012-02-24 13:07:20 +00:00
Miroslav Stampar
b481c0352f
minor update
2012-02-24 11:25:56 +00:00
Miroslav Stampar
1f6ce265b9
minor fix
2012-02-24 11:05:04 +00:00
Miroslav Stampar
5afbd52b61
more update related to last commits
2012-02-24 10:57:23 +00:00
Miroslav Stampar
570d3a19c2
more general fix
2012-02-24 10:53:28 +00:00
Miroslav Stampar
e8352e504f
fixing problems with chars deletition by logging messages in inference mode
2012-02-24 10:48:19 +00:00
Miroslav Stampar
71028a81f5
fix for proper retrieval of columns in SQLite
2012-02-24 09:55:13 +00:00
Miroslav Stampar
7941504c3a
minor update
2012-02-23 15:32:36 +00:00
Miroslav Stampar
0478e4166a
minor justin case fix
2012-02-23 15:19:20 +00:00
Miroslav Stampar
086c3a3662
minor fix
2012-02-23 13:31:50 +00:00
Miroslav Stampar
6e54cb171f
minor code restyling
2012-02-22 15:53:36 +00:00
Miroslav Stampar
61a25418a9
minor update
2012-02-22 10:45:10 +00:00
Miroslav Stampar
b3bd4144f5
removing of unused imports together with some general code refactoring
2012-02-22 10:40:11 +00:00
Miroslav Stampar
386e98a0e3
using UNION SELECT for where=..NEGATIVE
2012-02-22 09:41:58 +00:00
Miroslav Stampar
c9d570c83b
minor update
2012-02-21 13:49:30 +00:00
Miroslav Stampar
686eacda9a
minor update regarding --hex
2012-02-21 13:38:18 +00:00
Miroslav Stampar
bcf3255fe1
implementation of switch --hex for 4 major DBMSes
2012-02-21 11:44:48 +00:00
Miroslav Stampar
3e4db6d140
minor fix for Python v2.6
2012-02-20 19:35:57 +00:00
Miroslav Stampar
bc4dd7c0dd
fix for -g
2012-02-20 10:02:19 +00:00
Bernardo Damele
121148f27f
There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.
...
Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones
2012-02-17 15:54:49 +00:00
Miroslav Stampar
aee269cc14
gazillion changes, nothing will work, muhahaha
2012-02-17 14:22:48 +00:00
Miroslav Stampar
dcf7277a0f
some more refactorings
2012-02-16 14:42:28 +00:00
Miroslav Stampar
6632aa7308
some more refactoring
2012-02-16 13:46:01 +00:00
Miroslav Stampar
844fc8addb
minor cleanup
2012-02-16 10:19:36 +00:00
Miroslav Stampar
0e23521adc
some more refactoring
2012-02-16 09:54:29 +00:00
Miroslav Stampar
e1f86c97c4
minor refactoring
2012-02-16 09:46:41 +00:00
Miroslav Stampar
bcf9fc6c6f
minor refactoring
2012-02-16 09:32:47 +00:00
Miroslav Stampar
8d7912ad34
minor update and refactoring
2012-02-15 14:05:50 +00:00
Miroslav Stampar
bf923a97df
minor update
2012-02-15 13:45:10 +00:00
Miroslav Stampar
122db6e164
minor update
2012-02-15 13:24:02 +00:00
Miroslav Stampar
9059d30312
adding first code example for SPL snippets
2012-02-15 13:17:01 +00:00
Miroslav Stampar
edeb4b6113
bug fix for --os-shell on Windows (echo ... > requires double quotes if the piped filename contains whitespace, otherwise doesn't hurt)
2012-02-15 11:14:01 +00:00
Miroslav Stampar
35fa214a1e
minor update (it was working before too, but this is cleaner)
2012-02-15 10:14:29 +00:00
Bernardo Damele
1c44d6d3c7
Fixed annoying bug that prevented proper checkBooleanExpression() function to work with direct connection (-d). Now DBMS fingerprint should work properly with -d
2012-02-14 17:29:00 +00:00
Miroslav Stampar
23cc8b6974
minor fix for special cases when parameter value contains html encoded characters
2012-02-14 14:08:10 +00:00
Miroslav Stampar
c1ab02494c
minor grammar and cosmetics
2012-02-14 13:18:37 +00:00
Miroslav Stampar
bb5113980b
minor update
2012-02-14 10:27:56 +00:00
Miroslav Stampar
3f15c52188
minor change in workflow for "tainted" parameter values
2012-02-14 09:26:52 +00:00
Miroslav Stampar
2604e73d88
minor change in workflow
2012-02-13 11:18:47 +00:00
Miroslav Stampar
96f589fc89
minor fix
2012-02-12 19:22:33 +00:00
Miroslav Stampar
8a2bd3897d
minor output fix
2012-02-12 19:11:54 +00:00
Miroslav Stampar
c1368053e5
minor fix
2012-02-12 18:46:25 +00:00
Miroslav Stampar
249cb48b0b
minor fix
2012-02-10 15:59:11 +00:00
Miroslav Stampar
6be95194a7
matter of concision
2012-02-10 15:37:43 +00:00
Miroslav Stampar
eab7a54e03
cosmetics
2012-02-10 15:34:04 +00:00
Miroslav Stampar
92590d0d59
minor fix
2012-02-10 15:26:55 +00:00
Miroslav Stampar
e36e9de57e
minor update by request
2012-02-10 15:12:23 +00:00
Miroslav Stampar
b140ef4a14
minor update (preparing for switching to HashDB from old sessionFile)
2012-02-10 10:24:48 +00:00
Miroslav Stampar
980367b7b2
minor update
2012-02-09 09:48:47 +00:00
Miroslav Stampar
7e9e582eca
minor update
2012-02-08 14:23:57 +00:00
Miroslav Stampar
2662fe84f7
minor update
2012-02-08 12:02:50 +00:00
Miroslav Stampar
85a4ef6593
minor update
2012-02-08 12:00:03 +00:00
Miroslav Stampar
93d7d6c355
minor patch
2012-02-08 10:38:58 +00:00
Miroslav Stampar
6bedb80ffa
adding --force-ssl switch (most useful in combination with -r)
2012-02-08 09:11:57 +00:00
Miroslav Stampar
e50d64546f
minor fix
2012-02-07 14:57:48 +00:00
Miroslav Stampar
2b05ded9c3
just a makeup
2012-02-07 12:05:23 +00:00
Miroslav Stampar
b4f4a982e4
minor update
2012-02-07 11:37:54 +00:00
Miroslav Stampar
11af0b1bbc
minor fix
2012-02-07 11:16:03 +00:00
Miroslav Stampar
f7bf1fbe94
upgrade/fixes for direct DBMS access
2012-02-07 10:46:55 +00:00
Miroslav Stampar
af71e3c563
minor update
2012-02-06 09:48:44 +00:00
Miroslav Stampar
8c45ff0d57
bug fix
2012-02-03 10:38:04 +00:00
Bernardo Damele
c0f4b4632d
Minor fix
2012-02-02 12:55:39 +00:00
Miroslav Stampar
a7970d094a
minor update
2012-02-01 15:10:06 +00:00
Miroslav Stampar
e56309f3b1
minor makeup update
2012-02-01 15:04:56 +00:00
Miroslav Stampar
8405ef59ac
some estetic updates
2012-02-01 14:49:42 +00:00
Miroslav Stampar
f4e7bf1d51
minor update regarding support for Unicode characters in Oracle
2012-02-01 14:17:27 +00:00
Miroslav Stampar
df43157284
minor patch
2012-02-01 12:28:06 +00:00
Miroslav Stampar
2ee198a381
minor "patch"
2012-02-01 11:00:01 +00:00
Miroslav Stampar
2589521ecf
fix of a wrong assumption (e.g. decodeIntToUnicode(12345) has been returning a "09" instead of a single unicode character)
2012-02-01 10:38:43 +00:00
Miroslav Stampar
4d9dcbf5db
minor fix
2012-02-01 10:14:23 +00:00
Miroslav Stampar
46f42f2fe4
minor fix
2012-01-30 13:10:35 +00:00
Miroslav Stampar
f2857e38ba
minor update
2012-01-30 10:19:03 +00:00
Miroslav Stampar
594579bef4
fix for a bug regarding --cookie and --crawl
2012-01-30 09:17:22 +00:00
Miroslav Stampar
2094c715db
minor update
2012-01-23 09:44:17 +00:00
Miroslav Stampar
9e5cf70a5a
minor fix
2012-01-20 11:13:25 +00:00
Miroslav Stampar
9eee6c252d
minor update for --scope
2012-01-16 10:28:21 +00:00
Miroslav Stampar
527ce070a3
minor fix
2012-01-16 10:04:18 +00:00
Miroslav Stampar
b2dad63000
some more refactoring
2012-01-13 22:00:34 +00:00
Miroslav Stampar
e5fe029a78
minor beautification
2012-01-13 21:03:50 +00:00
Miroslav Stampar
6634c4ac20
minor update
2012-01-13 21:01:58 +00:00
Miroslav Stampar
23117e72ca
minor improvement
2012-01-13 20:56:06 +00:00
Bernardo Damele
0043336620
Minor fix and removed leftover debug message
2012-01-13 17:04:59 +00:00
Bernardo Damele
e59ace5409
minor bug fix
2012-01-13 16:57:45 +00:00
Bernardo Damele
b03f91437b
Minor code refactoring
2012-01-13 16:49:52 +00:00
Miroslav Stampar
337973df77
reverting last 2 commits (better solution was the original one)
2012-01-13 15:58:47 +00:00
Miroslav Stampar
1f53ff0633
minor update regarding last commit
2012-01-13 15:56:50 +00:00
Miroslav Stampar
ff96c537a9
minor update for multithreaded mode
2012-01-13 15:50:38 +00:00
Bernardo Damele
7e560eec1f
Minor fix
2012-01-13 12:54:45 +00:00
Miroslav Stampar
dd295bbd4a
minor update regarding -d and time based injections
2012-01-13 12:45:02 +00:00
Miroslav Stampar
04686b83e3
minor update
2012-01-13 11:16:26 +00:00
Miroslav Stampar
305371b7a9
minor update
2012-01-12 14:58:23 +00:00
Miroslav Stampar
95f89ab63a
updating copyright date
2012-01-11 14:59:46 +00:00
Miroslav Stampar
1d0b43b1a2
implemented mechanism for merging cookies by request
2012-01-11 14:28:08 +00:00
Miroslav Stampar
ff52931140
some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)
2012-01-07 19:30:35 +00:00
Miroslav Stampar
18930539cd
more concise language
2012-01-07 17:45:45 +00:00
Miroslav Stampar
2b5e429dc2
one more level of defense against user himself
2012-01-07 17:16:14 +00:00
Miroslav Stampar
a675c88894
minor check added for invalid urls (e.g. deliberately too long)
2012-01-07 16:06:18 +00:00
Miroslav Stampar
164c8a4020
better message in case of update error
2012-01-07 15:47:38 +00:00
Miroslav Stampar
5a8fc44119
minor update
2012-01-07 15:26:54 +00:00
Miroslav Stampar
3f4afdf251
minor fix (crashing if no : in value)
2012-01-07 14:54:56 +00:00
Miroslav Stampar
759465bde5
minor fix
2012-01-06 00:06:38 +00:00
Miroslav Stampar
40398f358c
minor update
2012-01-05 14:55:23 +00:00
Miroslav Stampar
1f085a0241
now [SLEEPTIME] is changeable properly in vivo
2012-01-05 14:45:05 +00:00
Miroslav Stampar
9d50c806e1
bug fix
2012-01-05 10:55:58 +00:00
Miroslav Stampar
804629832d
minor fix
2012-01-05 10:24:27 +00:00
Miroslav Stampar
ea87c89c25
minor fix
2012-01-03 23:44:56 +00:00
Miroslav Stampar
13f2afbbc9
minor fix
2012-01-03 17:28:50 +00:00
Miroslav Stampar
40991a5d52
minor fix
2011-12-31 01:03:54 +00:00
Miroslav Stampar
94d43a4135
minor bug fix
2011-12-30 14:20:06 +00:00
Miroslav Stampar
63bc4ce116
minor patch
2011-12-30 14:11:02 +00:00
Miroslav Stampar
29f502fe29
some refactoring
2011-12-28 16:27:17 +00:00
Miroslav Stampar
37d78ffe01
minor optimization
2011-12-28 15:59:30 +00:00
Miroslav Stampar
22c3fe49bb
some refactoring
2011-12-28 13:50:03 +00:00
Miroslav Stampar
dda979a15a
minor refactoring
2011-12-27 12:31:29 +00:00
Miroslav Stampar
0a6334db22
minor speedup
2011-12-27 11:41:57 +00:00
Miroslav Stampar
b02363b1aa
minor update
2011-12-27 11:25:40 +00:00
Miroslav Stampar
068ff92dc4
optimizing a bit pyDes module used in Oracle hash cracking
2011-12-26 15:33:49 +00:00
Miroslav Stampar
08071f42d0
minor update
2011-12-26 14:31:59 +00:00
Miroslav Stampar
366e86c560
minor "patch"
2011-12-26 14:08:25 +00:00
Miroslav Stampar
c20546dcaa
minor refactoring
2011-12-26 12:24:39 +00:00
Miroslav Stampar
b71a81041d
implemented --tor-port by request
2011-12-23 10:57:09 +00:00
Miroslav Stampar
89d2c7c042
minor update
2011-12-22 20:54:20 +00:00
Miroslav Stampar
abb401879c
minor update
2011-12-22 20:42:57 +00:00
Miroslav Stampar
087e29d272
minor update
2011-12-22 20:14:56 +00:00
Miroslav Stampar
8a7b0406c8
minor optimization
2011-12-22 20:08:28 +00:00
Miroslav Stampar
094129a656
minor optimization
2011-12-22 15:42:21 +00:00
Miroslav Stampar
8585107e3d
minor update
2011-12-22 12:21:30 +00:00
Miroslav Stampar
f622995a29
compatibility with partial union and error technique resumed data
2011-12-22 12:20:21 +00:00
Miroslav Stampar
58a4a02b7e
minor fix
2011-12-22 11:56:42 +00:00
Miroslav Stampar
6f8d8a15aa
minor update
2011-12-22 11:55:02 +00:00
Miroslav Stampar
9f68e54fff
minor cleanup
2011-12-22 10:59:28 +00:00
Miroslav Stampar
aaa29d1f24
minor fix
2011-12-22 10:51:41 +00:00
Miroslav Stampar
4a1a0773b7
speedup of UNION dumping
2011-12-22 10:44:14 +00:00
Miroslav Stampar
1ae413a206
some refactoring/speedup around UNION technique
2011-12-22 10:32:21 +00:00
Miroslav Stampar
b77e2042f2
some optimization
2011-12-21 23:23:00 +00:00
Miroslav Stampar
a6310c0b21
minor update
2011-12-21 23:04:36 +00:00
Miroslav Stampar
526aacb640
code cleanup
2011-12-21 22:59:23 +00:00
Miroslav Stampar
41ccf88990
some more refactoring
2011-12-21 22:09:21 +00:00
Miroslav Stampar
0a039d84e0
some more refactoring
2011-12-21 19:40:42 +00:00
Miroslav Stampar
41b60b26fc
minor refactoring
2011-12-21 14:25:39 +00:00
Miroslav Stampar
81bd9a201b
minor refactoring
2011-12-21 11:50:49 +00:00
Miroslav Stampar
113ebf5e9d
minor update
2011-12-20 16:08:17 +00:00
Miroslav Stampar
8bfff4a28e
minor update
2011-12-20 15:01:27 +00:00
Miroslav Stampar
d3a428c9c8
minor bug fix regarding dumping tables with safe quotes
2011-12-20 13:17:24 +00:00
Miroslav Stampar
95cd9e2af3
adding support for scanning Host header values (-p host)
2011-12-20 12:52:41 +00:00
Miroslav Stampar
bdc724cb46
minor bug fix
2011-12-20 10:34:28 +00:00
Miroslav Stampar
1b16b5e0f1
minor fix
2011-12-20 09:10:44 +00:00
Miroslav Stampar
dcf842692b
minor fix
2011-12-16 12:34:26 +00:00
Miroslav Stampar
c57941c102
minor beautification
2011-12-15 23:33:44 +00:00
Miroslav Stampar
27d244b326
minor update
2011-12-15 23:29:11 +00:00
Miroslav Stampar
563c0c1066
adding switch --tor-type
2011-12-15 23:19:55 +00:00
Miroslav Stampar
316e27a809
minor update
2011-12-15 10:19:31 +00:00
Miroslav Stampar
c98f5f6f94
minor fix
2011-12-15 09:28:58 +00:00
Miroslav Stampar
8793fbc9f5
minor update
2011-12-14 12:59:25 +00:00
Miroslav Stampar
1fd1ec22a1
minor fix
2011-12-14 12:03:21 +00:00
Miroslav Stampar
e6820ebbd2
minor update
2011-12-14 10:26:03 +00:00
Miroslav Stampar
364113441b
adding (for now) hidden switch --tor-http (utilizing Tor proxy bundles)
2011-12-14 10:19:45 +00:00
Miroslav Stampar
73a500833d
minor bug fix
2011-12-12 14:38:06 +00:00
Miroslav Stampar
25cde9e2c7
minor fixes
2011-12-12 09:45:40 +00:00
Bernardo Damele
8fe72d87a8
minor bug fix for mysql -d --file-read
2011-12-06 10:57:23 +00:00
Miroslav Stampar
0f5d48ff20
minor update
2011-12-05 09:25:56 +00:00
Miroslav Stampar
a8a5e61ee1
minor update
2011-12-05 00:06:32 +00:00
Miroslav Stampar
9bc735963b
update of redirection mechanism (now 3-state - redirected, original and "ignored" (containing redirection message itself))
2011-12-04 22:42:19 +00:00
Miroslav Stampar
ec895c3d1a
revert of last commit
2011-12-04 16:37:18 +00:00
Miroslav Stampar
393843bf87
it seems that SOCKS4 is safer solution for TOR socks access
2011-12-04 16:23:08 +00:00
Miroslav Stampar
5f7dbec41f
minor patch
2011-12-03 12:11:46 +00:00
Miroslav Stampar
b9ae28dd5e
minor beautification
2011-12-02 14:11:43 +00:00
Miroslav Stampar
b03a5e8928
people don't know what's "standard deviation" and they are wrongly connecting it's value in seconds to the --time-sec value
2011-12-01 13:30:47 +00:00
Miroslav Stampar
32ab7171ea
minor update
2011-12-01 10:07:39 +00:00
Miroslav Stampar
9975ff8d17
minor update
2011-11-30 19:26:03 +00:00
Miroslav Stampar
f1dfa5c860
minor update
2011-11-30 17:44:34 +00:00
Miroslav Stampar
71c46f50aa
adding option --csv-del
2011-11-30 17:39:41 +00:00
Miroslav Stampar
02bd9a54f3
minor update
2011-11-30 17:19:21 +00:00
Miroslav Stampar
872a73f631
minor refactoring
2011-11-29 19:17:07 +00:00
Miroslav Stampar
3cd8f47686
minor bug fix
2011-11-29 17:17:06 +00:00
Miroslav Stampar
2842c13d75
minor update
2011-11-29 16:59:06 +00:00
Miroslav Stampar
d958c2fe48
minor fix
2011-11-28 11:21:39 +00:00
Miroslav Stampar
885b432808
minor update
2011-11-23 21:39:53 +00:00
Miroslav Stampar
ba4234dc42
switching from HTTP proxy to SOCKS proxy for --tor (sick and tired of Polipo/Privoxy bull; either Tor flag is overwritten every here and there or they are putting all kinds of filter warnings)
2011-11-23 21:17:08 +00:00
Miroslav Stampar
8ea9b19b66
minor update regarding dumping of table content in --forms mode
2011-11-23 20:56:22 +00:00
Miroslav Stampar
d6f936b98d
minor update
2011-11-23 15:51:48 +00:00
Miroslav Stampar
40f21c3917
minor update
2011-11-23 15:38:31 +00:00
Miroslav Stampar
14e8ca6d41
minor fix
2011-11-23 14:26:40 +00:00
Miroslav Stampar
9b99530add
minor bug fix
2011-11-23 08:14:20 +00:00
Miroslav Stampar
d5cddd40f6
minor fix
2011-11-23 03:03:31 +00:00
Miroslav Stampar
f39170a2c4
minor update
2011-11-22 15:06:51 +00:00
Miroslav Stampar
e33f70269b
minor optimization
2011-11-22 12:44:28 +00:00
Miroslav Stampar
501fd85fa1
minor optimization
2011-11-22 12:40:12 +00:00
Miroslav Stampar
2e10de8921
minor update
2011-11-22 12:18:24 +00:00
Miroslav Stampar
ac041399f0
minor patch
2011-11-22 11:04:43 +00:00
Miroslav Stampar
9697e80013
some more optimizations
2011-11-22 10:54:29 +00:00
Miroslav Stampar
267d67b024
minor update
2011-11-22 10:41:56 +00:00