Commit Graph

3266 Commits

Author SHA1 Message Date
Miroslav Stampar
9a4f8d5f45 Fix for Issue #80 2012-07-11 16:01:25 +02:00
Bernardo Damele
0702dd70b5 verify also that the web backdoor has been successfully uploaded 2012-07-11 14:08:51 +01:00
Bernardo Damele
31571e6e2d minor refactoring 2012-07-11 11:55:05 +01:00
Miroslav Stampar
9c4a62f725 Some work on Issue #68 2012-07-11 11:58:47 +02:00
Bernardo Damele
f219b39980 minor fix in case ctypes is not installed on Windows 2012-07-10 13:08:37 +01:00
Miroslav Stampar
8caffac4bc conf.unescape->kb.unescape 2012-07-10 10:55:04 +02:00
Miroslav Stampar
e7f78bf04f Fix for an issue where False value was displayed for --is.. switches 2012-07-10 10:31:14 +02:00
Bernardo Damele
ea77e7d9d1 added missing file - issue #77 2012-07-10 03:00:21 +01:00
Bernardo Damele
eb7ffb8f91 setup for implementing logging colouring - issue #77 2012-07-10 02:54:37 +01:00
Bernardo Damele
0a3899858d missed in previous commit 2012-07-10 01:37:53 +01:00
Bernardo Damele
a27f50ed1d added conf.unescape global variable to control whether or not the injected statements should be unescaped 2012-07-10 01:37:16 +01:00
Bernardo Damele
f645ac6040 dealing with variables in SQL procs - issue #33 2012-07-10 01:05:03 +01:00
Bernardo Damele
2527554f8e more work on #33 2012-07-10 00:53:07 +01:00
Bernardo Damele
c4af7b9aa0 initial work for issue #33 2012-07-10 00:27:08 +01:00
Bernardo Damele
d3da3f5c52 refactoring for issue #51 2012-07-10 00:19:32 +01:00
Bernardo Damele
25eca9d671 finally got this working on MSSQL 2005: commands can now be executed as another user (BULK INSERT must be used in such case, see comments in the code) - issue #34 2012-07-09 14:26:23 +01:00
Bernardo Damele
99c5ea54f7 cleanup for #34 2012-07-09 12:39:43 +01:00
Bernardo Damele
d08a54e375 properly display the command stdout 2012-07-09 10:52:48 +01:00
Miroslav Stampar
3ff28e58b4 Update regarding Issue #52 2012-07-08 19:24:25 +02:00
Miroslav Stampar
0d539a876d Minor fix (subversion->github) 2012-07-07 23:49:34 +02:00
Miroslav Stampar
a525dd4336 Fix for Issue #72 2012-07-07 19:02:46 +02:00
Miroslav Stampar
54e0a2d8ee --os-shell now works perfect for inference-like techniques too 2012-07-07 17:57:06 +02:00
Miroslav Stampar
823b3d8be8 Minor language fixes 2012-07-07 11:41:52 +02:00
Miroslav Stampar
2669528b24 Language typo 2012-07-07 11:16:33 +02:00
Miroslav Stampar
58f6687194 Some refactoring (reusing xpCmdshellForgeCmd) 2012-07-07 10:51:29 +02:00
Miroslav Stampar
8620767b77 Proper fix 2012-07-07 10:38:07 +02:00
Miroslav Stampar
f00a776d8d Minor fix for BigArray (now accepting negative indexes) 2012-07-07 10:35:29 +02:00
Miroslav Stampar
1c69eb5d30 Revert "major fix"
This reverts commit 3a11fc2d9e.
2012-07-07 10:26:13 +02:00
Bernardo Damele
3a11fc2d9e major fix 2012-07-06 22:55:34 +01:00
Miroslav Stampar
8c871476ee Some more refactoring 2012-07-06 17:34:40 +02:00
Miroslav Stampar
6bc0b34031 Some more refactoring 2012-07-06 17:28:01 +02:00
Miroslav Stampar
e948e4d45b Some more refactoring 2012-07-06 17:18:22 +02:00
Miroslav Stampar
1a8ebbfd43 Minor refactoring 2012-07-06 17:05:47 +02:00
Bernardo Damele
373fea03a3 fixed display of TABs 2012-07-06 15:13:23 +01:00
Miroslav Stampar
438a636973 Fix for issue Issue #60 2012-07-06 15:36:32 +02:00
Miroslav Stampar
76f7f907c6 Minor update for Issue #61 2012-07-06 14:33:40 +02:00
Miroslav Stampar
6a05e3fd79 Fix for Issue #61 2012-07-06 14:24:44 +02:00
Miroslav Stampar
1ebff35b19 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-07-06 12:25:21 +02:00
Miroslav Stampar
982fcde1c0 Fix for Issue #62 2012-07-06 12:24:55 +02:00
Bernardo Damele
4fa6d51d93 improved issues link 2012-07-05 16:26:50 +01:00
Miroslav Stampar
bc5025b06c Fix for Issue #59 2012-07-05 12:34:27 +02:00
Miroslav Stampar
c3c1b9e957 Minor restyling 2012-07-04 20:28:18 +02:00
Miroslav Stampar
7ad6697446 Fix for Issue #57 2012-07-04 20:21:44 +02:00
Miroslav Stampar
23fb753759 Finishing work on Issue #52 2012-07-03 22:13:01 +02:00
Miroslav Stampar
40fc6488bf Fix for Issue #56 (Google has changed few things for retrieving PR) 2012-07-03 21:00:18 +02:00
Miroslav Stampar
bbf41f6658 Removing debugging leftover 2012-07-03 16:50:05 +02:00
Miroslav Stampar
ada627a022 Another update for Issue #52 2012-07-03 16:49:34 +02:00
Miroslav Stampar
70f754f6c5 Making work on Issue #52 2012-07-03 16:34:11 +02:00
Bernardo Damele
793fa464e3 website url fix 2012-07-03 13:14:39 +01:00
Miroslav Stampar
51f35674ca Removing obsolete switch --version as version is now displayed with every run (Issue #54) 2012-07-03 13:11:09 +02:00
Miroslav Stampar
481b46a004 Restyling output for Issue #52 2012-07-03 13:06:52 +02:00
Miroslav Stampar
6b419067b7 Another minor update for Issue #54 2012-07-03 12:49:35 +02:00
Miroslav Stampar
8b8677b938 Another minor update for Issue #54 2012-07-03 12:29:42 +02:00
Miroslav Stampar
47b6e696d8 Minor update for Issue #54 2012-07-03 12:21:40 +02:00
Miroslav Stampar
3af1532700 Implementation for Issue #54 2012-07-03 12:09:18 +02:00
Miroslav Stampar
5af6ca58a0 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-07-03 00:50:45 +02:00
Miroslav Stampar
168aeadf76 Adding switch --output-dir (Issue #53) 2012-07-03 00:50:23 +02:00
Bernardo Damele
fd4cfb0cc0 working on #51 2012-07-02 15:28:19 +01:00
Bernardo Damele
7335072ab8 leftover 2012-07-02 15:11:21 +01:00
Bernardo Damele
04d803c7fd more tweaking for issue #34, it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005) 2012-07-02 15:02:00 +01:00
Bernardo Damele
b7d2680e55 minor refactoring, issue #51 2012-07-02 12:50:26 +01:00
Miroslav Stampar
8eefe4b71f Getting back revision number - displayed like in GitHub commits (Issue #52) 2012-07-02 13:01:20 +02:00
Bernardo Damele
add8352804 make the runAsDBMSUser() generic and ported to abstraction.py so the same function will be used for PostgreSQL dblink() too 2012-07-02 02:14:03 +01:00
Bernardo Damele
6697927098 initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap 2012-07-02 02:04:19 +01:00
Bernardo Damele
7b4ecd9df0 added skeleton code for issue #34, still not usable 2012-07-02 00:22:34 +01:00
Bernardo Damele
4736d46677 just in case.. 2012-07-02 00:00:46 +01:00
Bernardo Damele
03d2c9c818 placeholder message when --update is provided, remove when the function is updated to pull changes from git 2012-07-01 23:59:44 +01:00
Bernardo Damele
18be319d13 hexencoding the command is much shorter than unescaping with CHAR() for MSSQL, also no need for spaces between nested comments when forging the xp_cmdshell command to run 2012-07-01 23:41:10 +01:00
Bernardo Damele
ff9e97a42c minor code refactoring 2012-07-01 23:31:45 +01:00
Bernardo Damele
ab412da27f I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes 2012-07-01 23:25:05 +01:00
Miroslav Stampar
d7cd55fb28 Fix for Issue #47 2012-07-01 11:05:04 +02:00
Miroslav Stampar
21d9ae0a2c some more refactoring 2012-07-01 01:19:54 +02:00
Miroslav Stampar
f6509db31a minor refactoring 2012-07-01 00:33:19 +02:00
Miroslav Stampar
32f52cdd04 Another language update for Issue #45 2012-06-29 10:33:54 +02:00
Miroslav Stampar
f0e39c3fae Language update for Issue #45 2012-06-29 10:33:00 +02:00
Miroslav Stampar
c0f16f0c1a Fix for Issue #45 2012-06-29 10:31:03 +02:00
Miroslav Stampar
e51d3a02f1 Update for Issue #43 (renamed --disable-cracking to --disable-hash) 2012-06-28 18:53:47 +02:00
Miroslav Stampar
18b596ea75 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-06-28 18:48:18 +02:00
Miroslav Stampar
c8bac658f3 Fix for Issue #43 2012-06-28 18:47:55 +02:00
Miroslav Stampar
2a72fcce2b Fix for Issue #42 2012-06-28 13:55:30 +02:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Miroslav Stampar
01be9381d5 minor update 2012-06-25 16:24:33 +00:00
Miroslav Stampar
6c4bd84d18 minor fix (turning back the functionality of kb.suppressResumeInfo) 2012-06-25 16:19:51 +00:00
Miroslav Stampar
ea5d483c86 session file no more 2012-06-21 11:19:30 +00:00
Miroslav Stampar
ec44e88db8 lots of refactoring regarding removal of already obsolete session file mechanism 2012-06-21 10:09:10 +00:00
Miroslav Stampar
1e67b4f0b9 minor fix 2012-06-20 14:16:26 +00:00
Miroslav Stampar
302d782a0f minor style update 2012-06-19 08:33:51 +00:00
Miroslav Stampar
452ef202ae minor fixes 2012-06-17 22:48:23 +00:00
Miroslav Stampar
b9f6943a42 minor update 2012-06-17 21:23:12 +00:00
Miroslav Stampar
e2a60b302f minor fix 2012-06-17 21:21:45 +00:00
Miroslav Stampar
3da8f86e97 minor fix 2012-06-15 21:01:27 +00:00
Miroslav Stampar
fe49abd45f minor fix 2012-06-15 20:49:28 +00:00
Miroslav Stampar
06be7bbb18 few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test) 2012-06-15 20:41:53 +00:00
Miroslav Stampar
76c873a222 minor fix 2012-06-15 06:22:44 +00:00
Miroslav Stampar
76584ff0fa unhidding --test-filter 2012-06-14 14:36:53 +00:00
Miroslav Stampar
d2dd47fb23 some more refactoring 2012-06-14 13:52:56 +00:00
Miroslav Stampar
facce2c0df some more cleanup 2012-06-14 13:50:36 +00:00
Miroslav Stampar
d5e80089ff minor summer cleanup 2012-06-14 13:44:16 +00:00
Miroslav Stampar
3a90105fbb minor refactoring 2012-06-14 13:38:53 +00:00
Miroslav Stampar
1204eb00b2 minor fix 2012-06-14 12:46:32 +00:00
Miroslav Stampar
19c0efec59 just a minor refactoring 2012-06-14 09:10:28 +00:00
Miroslav Stampar
a51d8c4c79 replacing identifier safe char " with [] enclosing for MsSQL 2012-06-13 15:27:42 +00:00
Miroslav Stampar
367de838c1 minor update 2012-06-13 14:08:32 +00:00
Miroslav Stampar
4ac3794e80 minor update 2012-06-12 14:22:14 +00:00
Miroslav Stampar
d7f698fa14 minor update 2012-06-11 22:01:13 +00:00
Miroslav Stampar
96177393e1 minor update regarding --exact switch 2012-06-10 13:38:12 +00:00
Miroslav Stampar
b85a1fc271 minor fix 2012-06-05 22:55:42 +00:00
Miroslav Stampar
058a9c59a2 fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results) 2012-06-05 22:40:55 +00:00
Miroslav Stampar
f94ebe3107 minor fix (credentials were only set for the first target) 2012-06-04 22:30:12 +00:00
Miroslav Stampar
738073105e minor updates 2012-06-04 19:52:51 +00:00
Miroslav Stampar
7b282b1d6c adding support for newer SSL protocols 2012-06-04 19:46:28 +00:00
Miroslav Stampar
10b0639a96 making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE) 2012-06-04 09:24:46 +00:00
Miroslav Stampar
76a4aa19ac some more fine tunning 2012-05-28 19:50:12 +00:00
Miroslav Stampar
73dba249e8 one more just in case update 2012-05-28 19:34:47 +00:00
Miroslav Stampar
efb406fbfc minor revert 2012-05-28 19:13:50 +00:00
Miroslav Stampar
f7cba8d2cb minor update 2012-05-28 18:05:15 +00:00
Miroslav Stampar
a72cb29c1f taking care of few issues regarding reverse address lookup of localhost/127.0.0.1 at remote DNS server 2012-05-28 16:57:10 +00:00
Miroslav Stampar
190ae4ca13 no need for conf.timeSec value as inference is always evaluated to False in DNS (large random values used for > ...) 2012-05-28 15:10:17 +00:00
Miroslav Stampar
89e90c3d84 revert of last commit 2012-05-28 15:01:56 +00:00
Miroslav Stampar
96c84e6e5b minor update 2012-05-28 15:00:06 +00:00
Miroslav Stampar
a70a647aeb few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...) 2012-05-28 14:51:23 +00:00
Miroslav Stampar
b1d82422a0 changing conf.dnsDomain to conf.dName just because of long text problems in help listing 2012-05-28 14:15:04 +00:00
Miroslav Stampar
d2bbfa4aad minor style update 2012-05-28 14:04:17 +00:00
Miroslav Stampar
226547b7dc minor fix for --skip-urlencode and custom post 2012-05-28 09:04:25 +00:00
Miroslav Stampar
75dd1d6a2b minor fix 2012-05-27 21:54:56 +00:00
Miroslav Stampar
e967bbd70f minor patch 2012-05-27 21:44:42 +00:00
Miroslav Stampar
76eeba10e2 unhiding --dns-domain switch 2012-05-27 18:41:06 +00:00
Miroslav Stampar
fed0212631 now working with recursive queries too 2012-05-27 10:03:02 +00:00
Miroslav Stampar
71ff081fde minor update 2012-05-27 09:11:19 +00:00
Miroslav Stampar
09f2144485 full page read is not needed in DNS exfiltration mode 2012-05-26 21:28:43 +00:00
Miroslav Stampar
4e6fcce9ca minor update 2012-05-26 07:04:32 +00:00
Miroslav Stampar
ce077137c9 minor language update 2012-05-26 07:01:37 +00:00
Miroslav Stampar
d335ec0c34 turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars 2012-05-26 07:00:26 +00:00
Miroslav Stampar
00d22f013f some consistency in variable naming at the file level 2012-05-25 10:08:55 +00:00
Miroslav Stampar
db526bdbc0 minor update (tainted values are not checked any more in multipleTargets mode) 2012-05-25 09:52:17 +00:00
Miroslav Stampar
dc20bff1d0 minor update 2012-05-25 08:30:24 +00:00
Miroslav Stampar
c394610740 adding switch --skip-urlencode to skip URL encoding of POST data 2012-05-24 23:30:33 +00:00
Miroslav Stampar
7657bbeaf9 minor update 2012-05-24 22:32:06 +00:00
Miroslav Stampar
86fdad2bfa minor update 2012-05-24 22:07:50 +00:00
Miroslav Stampar
eed8d7eb5d finalizing support for IPv6 2012-05-24 21:55:57 +00:00
Miroslav Stampar
b6d37d766a minor update regarding IPv6 support 2012-05-24 21:49:20 +00:00
Miroslav Stampar
92286104e3 minor just in case update 2012-05-24 21:39:10 +00:00
Miroslav Stampar
3e9c57d177 minor fix 2012-05-24 21:36:35 +00:00
Miroslav Stampar
be76928293 minor fix 2012-05-24 20:53:01 +00:00
Miroslav Stampar
1e18168cc8 fix for one silent bug and small language update 2012-05-23 16:35:40 +00:00
Miroslav Stampar
2538e2d5b4 fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring 2012-05-22 09:33:22 +00:00
Miroslav Stampar
2c057d5b3d minor style update 2012-05-21 22:40:52 +00:00
Miroslav Stampar
bbfa4b6d5d minor update 2012-05-14 14:38:16 +00:00
Miroslav Stampar
333f8057a5 minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces 2012-05-14 14:06:43 +00:00
Miroslav Stampar
595f69fa2c minor language update 2012-05-10 18:30:25 +00:00
Miroslav Stampar
35f400b45b minor language upgrade 2012-05-10 18:25:12 +00:00
Miroslav Stampar
80aedbe284 adding a warning about --tor switch 2012-05-10 18:17:32 +00:00
Miroslav Stampar
b81fe42d4b turning off null connection on -o when --tor used (not compatible) 2012-05-10 17:50:54 +00:00
Miroslav Stampar
efdd86ddcc minor just in case patch 2012-05-10 14:22:34 +00:00
Miroslav Stampar
6367f59b98 minor code refactoring 2012-05-10 14:15:17 +00:00
Miroslav Stampar
12d32f58f2 fix for that SOAP reported bug 2012-05-10 13:39:54 +00:00
Miroslav Stampar
1418ae9767 little refactoring of parseUnionPage together with a patch for some special case 2012-05-09 18:47:40 +00:00
Miroslav Stampar
7fb1f3fc70 minor renaming 2012-05-09 18:26:02 +00:00
Miroslav Stampar
11d9859199 making nice code 2012-05-09 18:25:04 +00:00
Miroslav Stampar
b0a8238774 minor fixes 2012-05-09 14:58:16 +00:00
Miroslav Stampar
9fa3619262 minor fix 2012-05-09 14:00:07 +00:00
Miroslav Stampar
56a3431be6 minor update for empty tables (skipping other techniques) 2012-05-09 10:34:21 +00:00
Miroslav Stampar
6177317a17 minor update 2012-05-09 10:06:23 +00:00
Miroslav Stampar
37f2709197 making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it) 2012-05-09 09:08:23 +00:00
Miroslav Stampar
fdf61015ad minor patch 2012-05-09 08:41:05 +00:00
Miroslav Stampar
e419177871 minor update 2012-05-08 17:28:19 +00:00
Miroslav Stampar
deec97dfe3 adding Frontbase to error message regexes 2012-05-08 17:02:58 +00:00
Miroslav Stampar
eccd4da00f minor fix 2012-05-08 15:03:33 +00:00
Miroslav Stampar
938d9ff23e doing all the work for the users so they wouldn't strain their little hands 2012-05-08 15:00:23 +00:00
Miroslav Stampar
524dd75ff2 that query variable hasn't been used anywhere (obsolete for some time) 2012-05-08 14:34:40 +00:00
Miroslav Stampar
6af110d631 avoiding --no-cast/--hex warning message before a DBMS is fingerprinted 2012-05-08 14:06:41 +00:00
Miroslav Stampar
64c241fe92 limiting original UNION query results to only 1 result (potentially speeding things up in some cases) 2012-05-08 13:45:53 +00:00
Miroslav Stampar
e00f4a8934 minor cosmetics 2012-05-08 10:50:04 +00:00
Miroslav Stampar
a121339395 automatically writing uncracked hashes to a file for eventual further processing 2012-05-08 10:46:05 +00:00
Miroslav Stampar
80ee687b41 minor beauty patch 2012-05-07 13:51:31 +00:00
Miroslav Stampar
96299d3d5d minor refactoring 2012-05-03 22:34:18 +00:00
Miroslav Stampar
cc28f6db6b minor update 2012-05-01 20:43:16 +00:00
Miroslav Stampar
17efeaae7f causing too much confusion among dummy users 2012-05-01 09:04:11 +00:00
Miroslav Stampar
694b14111f skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set) 2012-04-27 13:16:51 +00:00
Miroslav Stampar
6f67dc85ee adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical 2012-04-25 20:29:07 +00:00
Bernardo Damele
4da03d898e Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too. Fixes #236 2012-04-25 07:40:42 +00:00
Miroslav Stampar
cec432f94d minor update 2012-04-23 14:43:59 +00:00
Miroslav Stampar
697768c01a adding --purge-output to be one of mandatory switches 2012-04-23 14:42:24 +00:00
Miroslav Stampar
d57d5e4b2c minor update 2012-04-23 14:33:36 +00:00
Miroslav Stampar
1eecfb3dce adding new file related to the last commit 2012-04-23 14:25:16 +00:00
Miroslav Stampar
095b25e1d1 adding option '--purge' 2012-04-23 14:24:23 +00:00
Miroslav Stampar
3532d23933 automatically extending ranges for UNION tests in case where at least one other injection technique is usable (boundaries has been established) 2012-04-23 13:41:36 +00:00
Miroslav Stampar
be2da77bf8 minor update 2012-04-23 10:15:04 +00:00
Miroslav Stampar
21c6b52198 minor fix 2012-04-23 10:11:00 +00:00
Miroslav Stampar
775134639d minor update 2012-04-20 20:33:15 +00:00
Miroslav Stampar
2b1b4c0742 minor fix 2012-04-18 10:01:04 +00:00
Miroslav Stampar
6ebb621228 adding support for (custom) POST injection (marking injection point with '*' in conf.data) 2012-04-17 14:23:00 +00:00
Miroslav Stampar
efd27d7ade minor renaming 2012-04-17 08:41:19 +00:00
Miroslav Stampar
601d118c68 reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types) 2012-04-15 16:59:03 +00:00
Miroslav Stampar
71b0acc16f minor fix (checking for full inband should be done with ORIGINAL - more concise) 2012-04-15 16:43:18 +00:00
Miroslav Stampar
5772c52f46 minor refactoring/fix (randQuery is just a part (e.g. abc) of phrase (def🔤ghi) - phrase should be searched for, not just randQuery); both phrases should be inside the content for it to be full-inband injectable (...UNION ALL SELECT phrase UNION ALL SELECT phrase2....) 2012-04-15 16:33:47 +00:00
Miroslav Stampar
ae8c70e895 another cosmetics 2012-04-13 15:11:44 +00:00
Miroslav Stampar
d765cdc3a3 minor cosmetics 2012-04-13 15:10:40 +00:00
Miroslav Stampar
54576ab3a6 making a random choice from candidates 2012-04-13 10:54:30 +00:00
Miroslav Stampar
bbbcc95fe5 use it only if page is stable 2012-04-13 10:19:26 +00:00
Miroslav Stampar
052d9455fe warning user in cases of "User xyz already has more than 'max_user_connections' active connections" 2012-04-12 09:44:54 +00:00
Miroslav Stampar
831f79b851 minor generalization 2012-04-12 09:30:19 +00:00
Miroslav Stampar
c7422546e1 tiny update 2012-04-11 23:01:38 +00:00
Miroslav Stampar
2bad73a981 minor update 2012-04-11 21:48:44 +00:00
Miroslav Stampar
e195de2093 correcting comment on reflective removal function 2012-04-11 21:41:48 +00:00
Miroslav Stampar
b45ae10da4 minor fixes 2012-04-11 21:36:37 +00:00
Miroslav Stampar
627bfc589f some more updates in reflective removal mechanism 2012-04-11 21:26:00 +00:00
Miroslav Stampar
8b130f6497 minor improvement for reflective values (when missing first part of payload like in error reports) 2012-04-11 15:01:28 +00:00
Miroslav Stampar
01bd5d0ab2 some more updates for reflective mechanism 2012-04-11 10:41:33 +00:00
Miroslav Stampar
2e92d8636e improvement of reflective mechanism 2012-04-11 08:58:03 +00:00
Miroslav Stampar
60ca44e0cf minor adjustment 2012-04-11 08:35:09 +00:00
Miroslav Stampar
e33ea7c33a minor fix 2012-04-10 22:29:39 +00:00
Miroslav Stampar
8541222080 minor update 2012-04-10 22:26:42 +00:00
Miroslav Stampar
9c2f244d47 minor fix 2012-04-10 22:20:53 +00:00
Miroslav Stampar
a82206cec4 minor cosmetics 2012-04-10 21:57:00 +00:00
Miroslav Stampar
119eec3598 improving "boolean detection" by automatic recognition of convenient --string candidate 2012-04-10 21:48:34 +00:00
Miroslav Stampar
8c6eb4faa9 adding support for PgSQL DNS data exfiltration 2012-04-07 14:06:11 +00:00
Miroslav Stampar
b2afa87e48 reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases) 2012-04-06 08:42:36 +00:00
Miroslav Stampar
2223c884e5 minor refactoring 2012-04-05 12:55:26 +00:00
Miroslav Stampar
02924eb345 minor update 2012-04-04 23:47:06 +00:00
Miroslav Stampar
e0994947e2 minor update 2012-04-04 23:37:50 +00:00
Miroslav Stampar
b1dd03731a minor cosmetics 2012-04-04 23:34:08 +00:00
Miroslav Stampar
83387d92bb minor bug fix 2012-04-04 23:32:20 +00:00
Miroslav Stampar
c89a4162e2 bug fix for --dns-domain with --technique=TS 2012-04-04 18:01:39 +00:00
Miroslav Stampar
098c7c06dd added few comments 2012-04-04 13:24:58 +00:00
Miroslav Stampar
a5b69eaea4 removing unused imports 2012-04-04 13:18:14 +00:00
Bernardo Damele
52796bb4da revert 2012-04-04 13:02:50 +00:00
Miroslav Stampar
a4b95ab7dd works against MySQL/Windows 2012-04-04 12:49:45 +00:00
Bernardo Damele
a1d97e9d7b Add a space after a comment 2012-04-04 12:48:21 +00:00
Bernardo Damele
025c531d22 leftover 2012-04-04 12:44:25 +00:00
Bernardo Damele
c0946ce2c9 Minor refactoring 2012-04-04 12:42:58 +00:00
Bernardo Damele
75d1dab895 more cosmetics 2012-04-04 12:33:16 +00:00
Bernardo Damele
d106fb5184 layout adjustments 2012-04-04 12:27:24 +00:00
Miroslav Stampar
1b2cd44255 proper fix 2012-04-04 10:35:52 +00:00
Miroslav Stampar
7031ef8e00 removing default values for referer and host from higher level/risk options 2012-04-04 10:34:27 +00:00
Miroslav Stampar
5e358b51f9 few fixes related to bug report by Shadow Folder (AttributeError: 'list' object has no attribute 'isdigit') 2012-04-04 09:25:05 +00:00
Miroslav Stampar
5851badff1 minor refactoring 2012-04-03 14:46:09 +00:00
Miroslav Stampar
b0787f193c getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached) 2012-04-03 14:34:15 +00:00
Miroslav Stampar
556b349be3 minor fix for retrieving non-printable chars in inference and non-multi threading mode 2012-04-03 14:04:07 +00:00
Miroslav Stampar
33bb9c5f19 much cleaner approach in that "flat" representation of retrieved items in union technique 2012-04-03 13:56:11 +00:00
Miroslav Stampar
7fb190f3b1 minor fix 2012-04-03 12:35:19 +00:00
Miroslav Stampar
886aa22efc minor update 2012-04-03 12:19:37 +00:00
Miroslav Stampar
503988887c minor update 2012-04-03 10:43:46 +00:00
Miroslav Stampar
78f51fd2e5 minor fix 2012-04-03 10:18:03 +00:00
Miroslav Stampar
2504f4edb8 minor fixes 2012-04-03 10:10:33 +00:00
Miroslav Stampar
e05109812f minor improvements regarding data retrieval through DNS channel 2012-04-03 09:18:30 +00:00
Miroslav Stampar
5f94987b0f fix for DNS method for MSSQL 2012-04-02 17:28:18 +00:00
Miroslav Stampar
2c28423cb8 minor update 2012-04-02 14:57:15 +00:00
Miroslav Stampar
8a9d09f79b minor fixes 2012-04-02 14:11:23 +00:00
Miroslav Stampar
1cd3c3f7af further update of DNS data retrieval mechanism through SQLi 2012-04-02 14:05:30 +00:00
Miroslav Stampar
1e01203562 few just in case "patches" 2012-04-02 12:58:10 +00:00
Miroslav Stampar
d908d078dd minor fix 2012-04-02 12:27:30 +00:00
Miroslav Stampar
abffc39929 minor update regarding DNS data retrieval task 2012-04-02 12:22:40 +00:00
Miroslav Stampar
f7a664b120 enablind DNS server for DNS data exfiltration 2012-03-31 12:08:27 +00:00
Miroslav Stampar
8be9cd4ac4 bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value) 2012-03-31 10:22:50 +00:00
Miroslav Stampar
429b8396e9 minor update for DNSServer support 2012-03-30 13:20:29 +00:00
Miroslav Stampar
56638f9e95 making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection 2012-03-30 10:50:01 +00:00
Miroslav Stampar
79c3d6f2aa minor update 2012-03-30 10:37:46 +00:00
Miroslav Stampar
6acf6b193a minor update regarding boolean logic comparison mechanism 2012-03-30 09:42:58 +00:00
Miroslav Stampar
5469186540 minor comment update 2012-03-29 14:35:47 +00:00
Miroslav Stampar
637a8d8273 improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism 2012-03-29 14:33:27 +00:00
Miroslav Stampar
ce4c697bbd disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code 2012-03-29 13:39:12 +00:00
Miroslav Stampar
772ead8d03 fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values 2012-03-29 12:44:20 +00:00
Miroslav Stampar
c9cac957bb adding one more case for false positive check (Generic tests without any DBMS knowledge) 2012-03-29 09:56:09 +00:00
Miroslav Stampar
60146481af bug fix(es) (flags were used in place of count parameter in re.sub() calls) 2012-03-28 19:33:00 +00:00
Miroslav Stampar
9433bbe26d memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed) 2012-03-28 19:27:12 +00:00
Miroslav Stampar
7d131d1fb1 minor update 2012-03-28 13:46:31 +00:00
Miroslav Stampar
7fd64df167 minor code cleaning 2012-03-28 13:31:07 +00:00
Miroslav Stampar
769b0d0ae7 more minor updates regarding data retrieval through DNS channel 2012-03-27 19:29:24 +00:00
Miroslav Stampar
1b072f6415 laying foundation for DNS based data retrieval 2012-03-27 18:59:12 +00:00
Miroslav Stampar
3abcd6910a strange combination of "Set-Cookie" and interleaved pattern of True/False like responses can result in bypassing of the ABAB test 2012-03-22 00:06:50 +00:00
Miroslav Stampar
e88687b1f0 revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection) 2012-03-21 23:15:59 +00:00
Miroslav Stampar
524c1d38ad making default redirect choice to NO (making fewer requests by default and in lots of cases clearer pages for comparison - original page vs redirect message) 2012-03-21 23:03:57 +00:00
Miroslav Stampar
11132ba993 fix for a bug in reflection removal mechanism 2012-03-19 14:28:18 +00:00
Miroslav Stampar
8e7d360ea2 cleaner refactoring regarding last commit 2012-03-19 12:03:25 +00:00
Miroslav Stampar
401763b6f8 minor fix (it has to be level 1 array like it was with the previous re.findall mechanism) 2012-03-19 12:00:22 +00:00
Miroslav Stampar
037db9b3b8 minor removal of older stuff 2012-03-19 09:38:27 +00:00
Miroslav Stampar
da7f4eeffd removing left over 2012-03-18 17:33:14 +00:00
Miroslav Stampar
0fc4288a7c modifying redirection code for only two choices 2012-03-18 17:27:08 +00:00
Bernardo Damele
c03d0e24fb it must stay as is 2012-03-16 17:42:00 +00:00
Bernardo Damele
3505503a08 no need to return here 2012-03-16 17:30:16 +00:00
Bernardo Damele
942d9e4fa8 code cleanup 2012-03-16 17:27:24 +00:00
Bernardo Damele
a1c943fc79 Major bug fix to comparison algorithm with OR based boolean-based injections 2012-03-16 17:22:55 +00:00
Miroslav Stampar
d66056fe39 one more related commit 2012-03-16 13:16:53 +00:00
Miroslav Stampar
ac02a2d92c minor fix 2012-03-16 13:14:14 +00:00
Miroslav Stampar
cbdcbdd786 minor minor update 2012-03-16 11:18:18 +00:00
Miroslav Stampar
b130a9e14e minor fix (writing to HashDB on any interrupt) 2012-03-16 10:15:43 +00:00
Miroslav Stampar
577caac4de putting kb.negativeLogic setting to the safe place 2012-03-16 09:17:11 +00:00
Miroslav Stampar
209e795369 minor just in case update 2012-03-16 09:02:17 +00:00
Miroslav Stampar
adb5fff6b2 one more update related to the redirection mechanism 2012-03-15 20:17:40 +00:00
Miroslav Stampar
7d313ac911 few more fixes for proper redirecting mechanism 2012-03-15 19:47:59 +00:00
Bernardo Damele
86c4650058 Minor bug fix - revert 2012-03-15 17:12:24 +00:00
Bernardo Damele
cc15373769 More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later) 2012-03-15 16:29:28 +00:00
Bernardo Damele
4520744b4d second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now 2012-03-15 16:25:26 +00:00
Miroslav Stampar
ddd92476a8 minor fix 2012-03-15 15:58:25 +00:00
Miroslav Stampar
19beb912fa first step toward negative logic support 2012-03-15 15:52:12 +00:00
Miroslav Stampar
8dd570057b minor fix (double traffic log for -t in case of HTTP error) 2012-03-15 14:51:16 +00:00
Miroslav Stampar
f7df755f37 minor update 2012-03-15 12:55:22 +00:00
Miroslav Stampar
3d39c6cb3b some fixes here and there 2012-03-15 12:14:50 +00:00
Miroslav Stampar
3d9b1599d1 minor update 2012-03-15 11:45:32 +00:00
Miroslav Stampar
91f1d6141f minor fix 2012-03-15 11:24:55 +00:00
Miroslav Stampar
a8c9a47092 redirect logic rewritten from scratch 2012-03-15 11:10:58 +00:00
Bernardo Damele
890bf708bc Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported) 2012-03-15 00:19:57 +00:00
Bernardo Damele
1e71b24dca More info messages to prove xp_cmdshell (and temporary directory choosen) worked 2012-03-14 22:41:53 +00:00
Miroslav Stampar
52a8b25ff4 minor fix 2012-03-14 14:31:41 +00:00
Miroslav Stampar
ca0d068575 distinguishing NULL from BLANK 2012-03-14 13:52:23 +00:00
Miroslav Stampar
e38b59a2ae minor update 2012-03-14 13:16:49 +00:00
Miroslav Stampar
cee9ff7885 proper parsing of content in partial union technique 2012-03-14 11:23:30 +00:00
Miroslav Stampar
61ad3b999a fix for a crash with partial union and --hex 2012-03-14 10:31:24 +00:00
Miroslav Stampar
a7fbc55748 grammar fix 2012-03-13 22:03:23 +00:00
Miroslav Stampar
edfcddd3c3 minor fix for logging only cookies used by request (e.g. --load-cookies case) 2012-03-13 10:58:15 +00:00
Miroslav Stampar
34b0935cb3 refactoring "echo 1" quick test for xp_cmdshell console output 2012-03-13 10:36:49 +00:00
Miroslav Stampar
e827f41cdb using pickle HIGHEST_PROTOCOL just in case 2012-03-13 09:35:37 +00:00
Miroslav Stampar
e6c610abab minor fix 2012-03-13 09:14:56 +00:00
Miroslav Stampar
cda8815634 introducing safe deprecation mechanism for HashDB versioning 2012-03-12 22:55:57 +00:00
Miroslav Stampar
48bcde478e more general update 2012-03-12 15:29:55 +00:00
Miroslav Stampar
1d0c8a7f44 minor update 2012-03-12 15:19:02 +00:00
Miroslav Stampar
6ed1b04bbe minor update 2012-03-12 13:27:07 +00:00
Miroslav Stampar
c878dd3e5a doing a dummy test for --os-shell in case of xp_cmdshell 2012-03-09 14:21:41 +00:00
Miroslav Stampar
a0b46963cb minor fix for some special "unusable" cases (seen on Access/ODBC/Linux setup) 2012-03-09 10:28:19 +00:00
Miroslav Stampar
5a83f1c5f7 minor update 2012-03-08 15:43:22 +00:00
Bernardo Damele
c79807f5fb Minor layout adjustments 2012-03-08 15:11:24 +00:00
Miroslav Stampar
775e424bf2 bug fix for using --no-cast and --hex switches together 2012-03-08 15:04:52 +00:00
Miroslav Stampar
11c7cc5224 minor temporary fix 2012-03-08 11:08:43 +00:00
Miroslav Stampar
98a3e43f53 bug fix for writing raw pickled data into SQLite HashDB 2012-03-08 10:57:47 +00:00
Miroslav Stampar
cd28eb6544 minor update regarding --load-cookies 2012-03-08 10:19:34 +00:00
Miroslav Stampar
2c87d061e9 minor update 2012-03-08 10:03:59 +00:00
Miroslav Stampar
9ca8bc4d51 minor bug fix 2012-03-08 09:52:33 +00:00
Miroslav Stampar
b4cf8b05b3 added switch --load-cookies 2012-03-07 14:48:45 +00:00
Miroslav Stampar
4cfea96471 minor update 2012-03-05 09:56:48 +00:00
Miroslav Stampar
0ead1fd87e minor update 2012-03-05 09:42:52 +00:00
Miroslav Stampar
ac5a752b12 Oracle's XMLType doesn't like '#' char too 2012-03-01 11:59:37 +00:00
Miroslav Stampar
f4e410db16 minor fix 2012-03-01 10:17:39 +00:00
Miroslav Stampar
1ec56f93ec minor update 2012-03-01 10:10:19 +00:00
Miroslav Stampar
2d3c12d2d0 shorter single line info 2012-03-01 09:10:24 +00:00
Miroslav Stampar
37db27b720 turning back on automatic adjusting of delays in time based queries 2012-02-29 15:51:23 +00:00
Miroslav Stampar
0205d96d7b minor fix 2012-02-29 15:38:01 +00:00
Miroslav Stampar
1bdc07c279 minor update 2012-02-29 15:02:24 +00:00
Miroslav Stampar
8b9c5c66cc code refactoring regarding charsetType inside inference/bisection 2012-02-29 14:36:23 +00:00
Miroslav Stampar
f6f98f1b41 minor improvement 2012-02-29 14:19:59 +00:00
Miroslav Stampar
d06182347f fixing few potential problems 2012-02-29 13:56:40 +00:00
Miroslav Stampar
f142c0f782 minor update 2012-02-28 14:04:13 +00:00
Miroslav Stampar
22b3fa0749 minor update 2012-02-27 15:28:36 +00:00
Miroslav Stampar
a9bf0297f6 moving injection data to HashDB 2012-02-27 13:44:07 +00:00
Miroslav Stampar
68e08d2749 minor fix for not displaying 'None' but None in enumeration when data unavailable 2012-02-27 13:15:10 +00:00
Miroslav Stampar
a424de3102 minor fix 2012-02-27 12:55:28 +00:00
Miroslav Stampar
1e82405bb9 HashDB is now supported in -d too 2012-02-27 12:14:01 +00:00
Miroslav Stampar
3909658fc2 few minor just in case updates 2012-02-27 11:15:53 +00:00
Miroslav Stampar
85125018a1 minor bug fix 2012-02-25 22:54:32 +00:00
Miroslav Stampar
5d307cf886 minor update 2012-02-25 10:54:39 +00:00