Commit Graph

348 Commits

Author SHA1 Message Date
Miroslav Stampar
bbb7e1562d adding AGAINST full-text search boundaries 2011-11-12 14:16:43 +00:00
Miroslav Stampar
2e5222bfd8 adding INSERT/UPDATE generic boundaries 2011-10-28 11:00:09 +00:00
Miroslav Stampar
b6ccc0cc43 minor update 2011-10-18 14:35:42 +00:00
Miroslav Stampar
597d554153 minor update 2011-10-18 13:05:49 +00:00
Miroslav Stampar
382db1b67a degrading Microsoft Access UNION tests for one level down (it really does take toooooo long to scan a site with no vulnerable parameters and normal level) 2011-08-31 20:35:57 +00:00
Miroslav Stampar
d283e3eb3c adding support for pre-WHERE injections 2011-08-24 09:04:18 +00:00
Miroslav Stampar
13eb20cea1 minor beautification 2011-08-03 10:12:06 +00:00
Bernardo Damele
2e20eb1a88 Minor fix 2011-08-03 10:08:59 +00:00
Bernardo Damele
b8e2d60bfa Added MSSQL 2008 R2 signatures 2011-07-24 23:42:32 +00:00
Bernardo Damele
48f580fb10 Minor adjustments to MSSQL fingerprint 2011-07-24 23:30:23 +00:00
Bernardo Damele
99a0b62d0d Minor adjustments 2011-07-24 22:26:11 +00:00
Miroslav Stampar
ca83305b58 added MySQL updatexml error-based payload 2011-07-24 21:08:32 +00:00
Miroslav Stampar
a89140e1ce revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function) 2011-07-23 06:07:00 +00:00
Miroslav Stampar
4cb9988243 quick fix 2011-07-12 21:09:33 +00:00
Bernardo Damele
c9ba58acb6 Moved MS Access UNION query tests after generic as generic test must identify MSSQL 2011-07-11 09:47:52 +00:00
Miroslav Stampar
5d31eb5ef7 cosmetics and also tested against testing env - works perfectly 2011-07-10 09:07:07 +00:00
Miroslav Stampar
eb42cedf2a adding extractvalue MySQL >= 5.1 error payload (http://www.notsosecure.com/folder2/2010/06/29/mysql-exploitation-with-error-messages/) - untested (lack of particular ver for testing) and prone to level/risk adjustment 2011-07-10 08:54:22 +00:00
Miroslav Stampar
93219b9e13 i've accidentally left table_schema removed while doing some tests. now it should be ok 2011-07-08 10:24:46 +00:00
Bernardo Damele
b5dd4d4a63 Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection 2011-07-08 10:19:01 +00:00
Miroslav Stampar
c517e97a44 few fixes and minor cosmetics 2011-07-08 06:02:31 +00:00
Bernardo Damele
067354b97f Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access 2011-07-07 13:20:40 +00:00
Bernardo Damele
9eb683531d Minor improvement at blind SQL inj technique for DB2 2011-06-27 22:28:12 +00:00
Bernardo Damele
ed4cfbb6d2 Minor fix 2011-06-27 08:58:59 +00:00
Miroslav Stampar
bedf16b88b adding payloads for time-based injection on SAP MaxDB (heavy query) 2011-06-26 23:46:09 +00:00
Miroslav Stampar
d0490cc4e7 adding payloads for time-based injection on DB2 (heavy query) 2011-06-26 16:38:22 +00:00
Bernardo Damele
36c96ef796 Added DB2 support - patch provided by Sebastian Bittig 2011-06-25 09:44:24 +00:00
Bernardo Damele
b2e6cf3ed9 Enabled --search -C also for Oracle 2011-06-24 14:34:20 +00:00
Miroslav Stampar
4188df0501 fixes for Sybase 2011-06-15 18:49:35 +00:00
Miroslav Stampar
9f6b70f3f9 update 2011-05-26 22:45:33 +00:00
Miroslav Stampar
0baf931669 real generic comment is "-- " not "--" (MySQL doesn't support "--") 2011-05-24 09:16:21 +00:00
Miroslav Stampar
171a4c389b added MySQL >=4.1 <=5.0 error based WHERE/HAVING payload 2011-05-23 06:24:45 +00:00
Miroslav Stampar
939e6541d0 far safer way for dealing with error-based payloads on MySQL (no timeouts with .CHARACTER_SETS on testing platforms versus when used .TABLES) 2011-05-19 23:36:51 +00:00
Miroslav Stampar
bd1b07fbc2 one more parameter replace payload for MySQL and rising level of GENERATE_SERIES for PostgreSQL 2011-05-19 06:32:23 +00:00
Miroslav Stampar
7f086916c0 decent parameter replace payload for PostgreSQL (GENERATE_SERIES) 2011-05-18 23:40:42 +00:00
Miroslav Stampar
e58d6d2e00 removing (CBRT(LN(0)) because it's nothing special compared to standard 1/0; also, removing parameter replacement with returned value 1 as it doesn't have much sense in comparison to origvalue one (which is far more stable and usable) 2011-05-18 23:20:02 +00:00
Miroslav Stampar
fe50d09cc8 added new payload for PostgreSQL (parameter replace) 2011-05-18 23:01:41 +00:00
Bernardo Damele
3a8309c4b0 Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches 2011-05-10 15:34:54 +00:00
Bernardo Damele
aae140080e SVN roll back, DB2 patch will be recommitted after testing:
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
2011-05-06 10:27:43 +00:00
Miroslav Stampar
6e392b6054 applying contributed patch for DB2 2011-05-06 09:30:39 +00:00
Bernardo Damele
36a9ddaacc Minor bug fixes and code restyling for --privileges and --passwords 2011-04-30 14:50:27 +00:00
Bernardo Damele
7df954dd9f paranoy 2011-04-21 23:41:25 +00:00
Miroslav Stampar
0764c4c752 parenthesis were missing; banning OR NOT from payloads 2011-04-21 23:32:53 +00:00
Bernardo Damele
1d61611145 leftover 2011-04-21 22:46:43 +00:00
Bernardo Damele
870f773d70 In some old versions of MySQL (perhaps others DBMS too) the NOT clause is not supported, hence we need also OR tests without NOT - tested and works like this 2011-04-21 20:36:50 +00:00
Miroslav Stampar
05a0e1d3b0 fix for a bug reported by m4l1c3 (TypeError: not all arguments converted during string formatting) 2011-04-15 11:34:14 +00:00
Miroslav Stampar
136e85abf3 little refresh of PHPIDS rules for --check-payload 2011-04-11 15:37:49 +00:00
Miroslav Stampar
75f286cf6d minor update conformant to http://dev.mysql.com/doc/refman/4.1/en/comments.html 2011-04-10 23:41:00 +00:00
Miroslav Stampar
3177c6023d lol. re-revert 2011-04-10 23:30:56 +00:00
Bernardo Damele
9ea4010508 Leave it as is :) 2011-04-10 23:20:35 +00:00
Miroslav Stampar
3e680978a9 revert of that last commit (waiting for some better days) 2011-04-10 23:18:38 +00:00