Miroslav Stampar
|
d9d4e3ea9b
|
minor fix
|
2011-12-21 17:43:50 +00:00 |
|
Miroslav Stampar
|
41b60b26fc
|
minor refactoring
|
2011-12-21 14:25:39 +00:00 |
|
Miroslav Stampar
|
81bd9a201b
|
minor refactoring
|
2011-12-21 11:50:49 +00:00 |
|
Miroslav Stampar
|
d1bfdc6a48
|
minor fix for --start/--stop mechanism in pivot dumping mode
|
2011-12-20 13:04:57 +00:00 |
|
Miroslav Stampar
|
39b406c5c1
|
fix for --search on Oracle
|
2011-12-02 18:13:27 +00:00 |
|
Miroslav Stampar
|
96aacbf945
|
upgrade of --search mechanism (lowest common denominator is now searched for - e.g. if -D -T and -C are given then -C is searched for in -D and -T)
|
2011-12-02 13:32:30 +00:00 |
|
Miroslav Stampar
|
9697e80013
|
some more optimizations
|
2011-11-22 10:54:29 +00:00 |
|
Miroslav Stampar
|
b117c40aa5
|
major improvement of HashDB speed in multi-threaded mode
|
2011-11-22 10:09:35 +00:00 |
|
Miroslav Stampar
|
440b7efe55
|
minor optimization
|
2011-11-20 20:14:47 +00:00 |
|
Miroslav Stampar
|
bd7da45546
|
minor update
|
2011-10-28 13:07:23 +00:00 |
|
Miroslav Stampar
|
f7be0ca4e2
|
minor fix
|
2011-10-28 12:49:35 +00:00 |
|
Miroslav Stampar
|
6c0e8b0ea8
|
returning alphabetically sorted database and table names
|
2011-10-28 12:40:59 +00:00 |
|
Miroslav Stampar
|
9523da7663
|
minor optimization
|
2011-10-25 13:21:01 +00:00 |
|
Miroslav Stampar
|
23bf52e496
|
minor refactoring
|
2011-10-24 09:55:50 +00:00 |
|
Miroslav Stampar
|
b6ccc0cc43
|
minor update
|
2011-10-18 14:35:42 +00:00 |
|
Miroslav Stampar
|
7f9f744b87
|
update regarding last commit
|
2011-10-12 12:37:05 +00:00 |
|
Miroslav Stampar
|
39e33bea99
|
important fix (LIMIT m,n should not be considered deterministic in column by column table dumping)
|
2011-10-12 12:31:47 +00:00 |
|
Miroslav Stampar
|
2d7d84e16b
|
minor fix
|
2011-09-25 19:42:24 +00:00 |
|
Miroslav Stampar
|
9a1ac96756
|
bug fix
|
2011-09-11 17:22:27 +00:00 |
|
Miroslav Stampar
|
8a174248dc
|
fix for a bug reported by blueBoy
|
2011-08-20 20:08:11 +00:00 |
|
Miroslav Stampar
|
fb6a84b10b
|
minor update (when columns are missing from information_schema too)
|
2011-08-18 07:03:53 +00:00 |
|
Miroslav Stampar
|
262996fc5b
|
bug fix
|
2011-08-16 06:14:40 +00:00 |
|
Miroslav Stampar
|
10bdd90e60
|
minor speed optimizations (as a result of profiling)
|
2011-08-12 13:40:37 +00:00 |
|
Miroslav Stampar
|
41ae9bc7ff
|
minor bug fix
|
2011-08-09 14:20:25 +00:00 |
|
Miroslav Stampar
|
9423d15fb3
|
ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix
|
2011-08-03 09:08:16 +00:00 |
|
Bernardo Damele
|
c15439ab7f
|
Minor improvement to --passwords output
|
2011-08-02 09:04:34 +00:00 |
|
Bernardo Damele
|
ad4584da70
|
Minor bug fix when dumping tables with UNION query technique on Access, Firebird and MaxDB
|
2011-08-01 23:44:14 +00:00 |
|
Miroslav Stampar
|
4ca81dd345
|
quick fix
|
2011-08-01 23:25:58 +00:00 |
|
Miroslav Stampar
|
e0fda9f985
|
minor fix
|
2011-08-01 10:13:25 +00:00 |
|
Miroslav Stampar
|
79b4e26e23
|
bug fix
|
2011-08-01 00:17:26 +00:00 |
|
Miroslav Stampar
|
0627bb02cb
|
minor beautification
|
2011-07-31 10:21:47 +00:00 |
|
Miroslav Stampar
|
4d923ec375
|
change in invalid logic regarding --sql-shell (retrieving output for non-query commands did nothing at all)
|
2011-07-30 21:46:59 +00:00 |
|
Miroslav Stampar
|
a6ade08c28
|
just in case commit to prevent join string iteration over 'None' values
|
2011-07-30 13:01:37 +00:00 |
|
Miroslav Stampar
|
684ddc43e6
|
minor patch
|
2011-07-28 08:53:09 +00:00 |
|
Miroslav Stampar
|
ec1bc0219c
|
hello big tables, this is sqlmap, sqlmap this is big tables
|
2011-07-24 09:19:33 +00:00 |
|
Miroslav Stampar
|
9c694ce3ec
|
bug fix (--tables --columns)
|
2011-07-12 23:27:47 +00:00 |
|
Miroslav Stampar
|
c517e97a44
|
few fixes and minor cosmetics
|
2011-07-08 06:02:31 +00:00 |
|
Bernardo Damele
|
aedcf8c8d7
|
Changed homepage address
|
2011-07-07 20:10:03 +00:00 |
|
Miroslav Stampar
|
a1fe9d07ca
|
minor revert
|
2011-07-02 23:00:22 +00:00 |
|
Miroslav Stampar
|
34d9a91af1
|
bulk of fixes
|
2011-07-02 22:48:56 +00:00 |
|
Miroslav Stampar
|
8a36f7fc03
|
fix for a bug reported by aboynes@gmail.com (UnboundLocalError: local variable 'infoMsg' referenced before assignment)
|
2011-06-29 18:04:58 +00:00 |
|
Bernardo Damele
|
36c96ef796
|
Added DB2 support - patch provided by Sebastian Bittig
|
2011-06-25 09:44:24 +00:00 |
|
Bernardo Damele
|
ddfae39d9e
|
Minor bug fixes for --search with -C
|
2011-06-24 09:27:54 +00:00 |
|
Miroslav Stampar
|
ca6f9acf30
|
minor fix for resuming in multi threading mode
|
2011-06-18 12:23:18 +00:00 |
|
Miroslav Stampar
|
d27afaed7e
|
some fixes
|
2011-06-16 14:27:44 +00:00 |
|
Miroslav Stampar
|
0eeb48f8f5
|
some fixes
|
2011-06-16 13:41:02 +00:00 |
|
Miroslav Stampar
|
afe0579487
|
minor fixes for pivot dumping
|
2011-06-15 19:03:37 +00:00 |
|
Miroslav Stampar
|
60ecf95383
|
fix for a bug reported by seyi.akin@gmail.com
|
2011-06-14 08:40:25 +00:00 |
|
Bernardo Damele
|
9126c84442
|
Refactoring (standardized with --search -C ...)
|
2011-06-08 16:39:41 +00:00 |
|
Miroslav Stampar
|
4a9640160e
|
more concise
|
2011-06-08 14:35:23 +00:00 |
|
Miroslav Stampar
|
6b81eef65a
|
refactoring
|
2011-06-08 14:30:12 +00:00 |
|
Bernardo Damele
|
cce3208b35
|
Cleanup
|
2011-06-08 14:15:34 +00:00 |
|
Bernardo Damele
|
161ece5587
|
Rephrase
|
2011-06-08 11:33:45 +00:00 |
|
Miroslav Stampar
|
89a7516c35
|
bug fix
|
2011-06-06 09:55:22 +00:00 |
|
Miroslav Stampar
|
3fa8e1db72
|
better language
|
2011-05-31 15:45:54 +00:00 |
|
Miroslav Stampar
|
4bb9754dfe
|
using --dump for msaccess with -C switch was for some reason pain in the ass (you had to do the brute forcing again and again). now -C forces the result in those cases
|
2011-05-30 23:34:48 +00:00 |
|
Miroslav Stampar
|
bf2b58ba82
|
minor update
|
2011-05-26 15:23:28 +00:00 |
|
Miroslav Stampar
|
79f0b3a92a
|
adding support for --start and --stop for __pivotDumpTable
|
2011-05-26 15:16:57 +00:00 |
|
Miroslav Stampar
|
b6fe5b12a4
|
adding --schema to the wizard/Basic as it looks like a cool thingy to put there
|
2011-05-26 14:30:05 +00:00 |
|
Miroslav Stampar
|
a397baa89a
|
fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches
|
2011-05-26 08:17:21 +00:00 |
|
Miroslav Stampar
|
1067d43f14
|
minor update
|
2011-05-23 19:16:29 +00:00 |
|
Miroslav Stampar
|
0ed03d474f
|
now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate
|
2011-05-23 11:09:44 +00:00 |
|
Miroslav Stampar
|
7b52bbe3fb
|
reverting that ignoreTimeout for --tables (because of this and that)
|
2011-05-22 09:59:19 +00:00 |
|
Miroslav Stampar
|
9b2623514a
|
one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables
|
2011-05-22 09:48:46 +00:00 |
|
Miroslav Stampar
|
2ea613b170
|
type correction and adding global flag kb.ignoreTimeout which could be useful
|
2011-05-22 08:24:13 +00:00 |
|
Miroslav Stampar
|
5a979f7667
|
minor bug fix for empty colList; also added "do you want to use LIKE" (LIKE is default) question when -C used
|
2011-05-19 17:35:33 +00:00 |
|
Miroslav Stampar
|
4efc284b83
|
adding more info for --passwords
|
2011-05-11 12:35:32 +00:00 |
|
Bernardo Damele
|
b5f090cc4f
|
Minor bug fix
|
2011-05-10 15:48:48 +00:00 |
|
Bernardo Damele
|
ac74557614
|
Minor adjustment for --dump-all
|
2011-05-08 10:25:40 +00:00 |
|
Bernardo Damele
|
356037ca22
|
cosmetics
|
2011-05-08 02:11:34 +00:00 |
|
Bernardo Damele
|
9955483052
|
Major improvement for --dump.
Minor improvement for --dump-all.
Minor bug fix for infinite loop
|
2011-05-08 02:08:18 +00:00 |
|
Bernardo Damele
|
d3589493d1
|
Temporary fix for bug reported by ultramegaman (infinite loop)
|
2011-05-07 23:28:59 +00:00 |
|
Bernardo Damele
|
aae140080e
|
SVN roll back, DB2 patch will be recommitted after testing:
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
|
2011-05-06 10:27:43 +00:00 |
|
Miroslav Stampar
|
6e392b6054
|
applying contributed patch for DB2
|
2011-05-06 09:30:39 +00:00 |
|
Miroslav Stampar
|
8e8886cd20
|
minor improvement for --sql-shell/--sql-query (when non-SELECT default is N for retrieve data output which automatically does STACKED injection)
|
2011-05-01 21:41:14 +00:00 |
|
Bernardo Damele
|
64bb480414
|
Do not raise otherwise it won't work with --schema
|
2011-04-30 23:20:16 +00:00 |
|
Bernardo Damele
|
b31b861d7b
|
Major rewrote of --columns: now it accepts -D only (enumerate all tables' columns of a specific database), -D and -T (enumerate all columns of a specific database's table), -T (enumerate all columns of a current database's table), etc.
|
2011-04-30 22:10:27 +00:00 |
|
Bernardo Damele
|
cb9b9c4204
|
Code refactoring and improvements to --dbs and --tables: now --tables accepts also -D CD as an alias for Current Database and as usual multiple database comma-separated are supported too
|
2011-04-30 15:29:19 +00:00 |
|
Bernardo Damele
|
9a4ae7d9e2
|
More code refactoring of Backend class methods used
|
2011-04-30 14:54:29 +00:00 |
|
Bernardo Damele
|
36a9ddaacc
|
Minor bug fixes and code restyling for --privileges and --passwords
|
2011-04-30 14:50:27 +00:00 |
|
Bernardo Damele
|
f56d135438
|
Minor code restyling
|
2011-04-30 13:20:05 +00:00 |
|
Bernardo Damele
|
1a052245a6
|
duplicate code
|
2011-04-30 00:25:15 +00:00 |
|
Bernardo Damele
|
a5968fff3e
|
Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided
|
2011-04-30 00:22:22 +00:00 |
|
Bernardo Damele
|
529595fd85
|
Moved method below
|
2011-04-29 22:37:43 +00:00 |
|
Bernardo Damele
|
14bf6abb7e
|
Minor layout adjustment
|
2011-04-29 21:40:48 +00:00 |
|
Bernardo Damele
|
f449688f93
|
Proper resume of --schema data when calling with --columns switch, minor fixes too
|
2011-04-29 21:17:59 +00:00 |
|
Miroslav Stampar
|
a6015b59df
|
fix for a bug reported by jaccovantuijl@gmail.com (entries = zip(*[entries[colName] for colName in colList]))
|
2011-04-29 14:33:47 +00:00 |
|
Bernardo Damele
|
edac0b2558
|
Added switch --schema to enumerate DBMS schema and now --columns does not require a mandatory table (-T) anymore, instead it will act as an alias for --schema
|
2011-04-28 23:59:00 +00:00 |
|
Miroslav Stampar
|
88c76147e1
|
removed few trailing whitespace lines
|
2011-04-15 20:52:08 +00:00 |
|
Miroslav Stampar
|
c16b74ce1a
|
covering __pivotDumpTable for keyboard and connection exceptions too
|
2011-04-15 14:21:13 +00:00 |
|
Miroslav Stampar
|
0387654166
|
update of copyright string (until year)
|
2011-04-15 12:33:18 +00:00 |
|
Miroslav Stampar
|
aed994192e
|
disabling safecharencode for --banner
|
2011-04-15 08:15:21 +00:00 |
|
Miroslav Stampar
|
8ddac7fe5a
|
minor fix and speedup when pivoting empty table
|
2011-04-14 21:11:20 +00:00 |
|
Miroslav Stampar
|
384ca98ded
|
don't let sqlmapNoneDataException for one table to break whole dumpAll()
|
2011-04-14 20:56:12 +00:00 |
|
Miroslav Stampar
|
dbbaefa79d
|
minor update (pivot value should be safechardecoded)
|
2011-04-14 20:38:03 +00:00 |
|
Miroslav Stampar
|
d06ae9cd47
|
implemented retrieved items info for partial union too
|
2011-04-13 14:33:15 +00:00 |
|
Bernardo Damele
|
f4745a95ea
|
Possible fix for bug reported by David
|
2011-04-11 21:45:25 +00:00 |
|
Miroslav Stampar
|
941daa1645
|
just in case to prevent "object of type 'NoneType' has no len()" error reports
|
2011-04-11 11:59:02 +00:00 |
|
Miroslav Stampar
|
e20848c711
|
first commit toward v1.0 (it's smarter to start testing for pivot point from shorter column names as they tend to be some kind of identifiers)
|
2011-04-11 09:40:52 +00:00 |
|
Miroslav Stampar
|
c714ac6421
|
added support for handling binary data values (no more garbish chars)
|
2011-04-09 23:13:16 +00:00 |
|
Miroslav Stampar
|
6fa2fd139c
|
implemented support for __pivotDumpTable on MSSQL as normal tables tend to not play well with normal TOP 1 ..NOT IN..ORDER BY mechanism if the argument for ORDER BY is not the unique one (returns only number of rows equal to the number of distinct values for that field)
|
2011-04-08 15:17:57 +00:00 |
|
Miroslav Stampar
|
e8259a7665
|
minor update (now --dump also supports only -D parameter)
|
2011-04-07 22:38:13 +00:00 |
|
Bernardo Damele
|
bac53eeef1
|
Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s)
|
2011-04-07 22:08:10 +00:00 |
|
Miroslav Stampar
|
60102209f6
|
quick fix for a bug reported by Kirill (AttributeError: 'NoneType' object has no attribute 'split')
|
2011-04-01 11:14:24 +00:00 |
|
Miroslav Stampar
|
b6af80bab3
|
refactoring, cleanup and improvement
|
2011-03-29 21:54:15 +00:00 |
|
Miroslav Stampar
|
4312a42b5d
|
another minor fix
|
2011-03-28 12:04:39 +00:00 |
|
Miroslav Stampar
|
3173adbf6b
|
minor update
|
2011-03-28 12:02:31 +00:00 |
|
Miroslav Stampar
|
73e5d20ade
|
bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries)
|
2011-03-28 11:01:55 +00:00 |
|
Miroslav Stampar
|
76b7e3517d
|
minor update
|
2011-03-27 07:58:15 +00:00 |
|
Miroslav Stampar
|
04c4578df7
|
minor fix
|
2011-03-26 05:55:49 +00:00 |
|
Miroslav Stampar
|
58f8703ecd
|
minor update before bedtime
|
2011-03-25 22:59:18 +00:00 |
|
Miroslav Stampar
|
ae12dee990
|
minor update
|
2011-03-25 22:08:54 +00:00 |
|
Miroslav Stampar
|
c9baa0094b
|
going global for protection of non-standard identificator naming
|
2011-03-25 22:02:28 +00:00 |
|
Miroslav Stampar
|
5a1f733a43
|
minor update (_ is part of normal identificator naming)
|
2011-03-25 21:49:20 +00:00 |
|
Miroslav Stampar
|
1a98095a93
|
minor improvement for that MySQL identification naming
|
2011-03-25 21:46:49 +00:00 |
|
Miroslav Stampar
|
48c4460e2c
|
bug fixed (there was a huge problem with space containing identifiers - fixed and tested for MySQL)
|
2011-03-25 21:22:06 +00:00 |
|
Miroslav Stampar
|
af39a441fa
|
minor improvement when --dbs returns no database names (like in many cases with MySQL 4)
|
2011-03-25 19:50:06 +00:00 |
|
Miroslav Stampar
|
f3858a5fcf
|
another fix related to the bug reported by Alone Shell
|
2011-03-24 17:08:14 +00:00 |
|
Miroslav Stampar
|
02379c01a2
|
minor update (will do "schema update" for sybase some other time; that COUNT(*) blew my mind)
|
2011-03-23 11:42:36 +00:00 |
|
Miroslav Stampar
|
0f7bce5c66
|
fixing a huge mess going on because of counting on error and union techniques
|
2011-03-23 11:36:40 +00:00 |
|
Miroslav Stampar
|
7ea45e9032
|
minor update for Sybase regarding last commit
|
2011-03-23 11:04:15 +00:00 |
|
Miroslav Stampar
|
b72cdfe9e6
|
fix for mssql regarding usage of schema names reported by jabra@spl0it.org
|
2011-03-23 10:40:34 +00:00 |
|
Miroslav Stampar
|
5291fe35c9
|
proper implementation of --dbs on Oracle (we are using now schema names as a counterpart to dbs in other DBMSes)
|
2011-03-21 11:29:43 +00:00 |
|
Bernardo Damele
|
74ef1e53c7
|
Minor bug fixes to --privileges for PostgreSQL query (corner case)
|
2011-03-11 14:54:41 +00:00 |
|
Miroslav Stampar
|
eb1cda7065
|
minor refactoring (more consistent)
|
2011-03-09 12:06:32 +00:00 |
|
Miroslav Stampar
|
62e3510387
|
minor refactoring
|
2011-03-09 11:37:37 +00:00 |
|
Miroslav Stampar
|
16b286982d
|
fix for a bug reported by nightman (AttributeError: 'list' object has no attribute 'split')
|
2011-03-07 09:50:43 +00:00 |
|
Bernardo Damele
|
60605b6e7c
|
Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only)
|
2011-02-27 12:14:13 +00:00 |
|
Miroslav Stampar
|
13f0d5ce00
|
minor bug fix
|
2011-02-22 14:51:42 +00:00 |
|
Miroslav Stampar
|
640ba5d744
|
minor refactoring
|
2011-02-22 14:19:39 +00:00 |
|
Bernardo Damele
|
3e8c204121
|
Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba
|
2011-02-21 16:00:56 +00:00 |
|
Miroslav Stampar
|
aac817935a
|
further improvement of MaxDB support
|
2011-02-20 22:41:42 +00:00 |
|
Miroslav Stampar
|
a3ba8b6928
|
--dump now works on MaxDB too
|
2011-02-20 22:07:12 +00:00 |
|
Miroslav Stampar
|
59e666d16e
|
--is-dba (related) update for Sybase
|
2011-02-20 17:28:06 +00:00 |
|
Miroslav Stampar
|
4d52f7fc6e
|
minor fix regarding --dump-table on Sybase for --technique=23
|
2011-02-20 16:58:01 +00:00 |
|
Miroslav Stampar
|
cc47737c44
|
minor update
|
2011-02-20 16:00:13 +00:00 |
|
Miroslav Stampar
|
2f9227bcce
|
Sybase update (--passwords)
|
2011-02-20 12:07:32 +00:00 |
|
Miroslav Stampar
|
f30dea74f3
|
more Sybase updates
|
2011-02-19 18:36:26 +00:00 |
|
Miroslav Stampar
|
b71bb321dd
|
some more Sybase updates
|
2011-02-19 18:04:27 +00:00 |
|
Miroslav Stampar
|
cec7694aac
|
some progress regarding SYBASE
|
2011-02-19 14:56:58 +00:00 |
|
Miroslav Stampar
|
e0efe453ab
|
minor update regarding Sybase support
|
2011-02-19 14:07:08 +00:00 |
|
Miroslav Stampar
|
de7ca5a27c
|
minor update
|
2011-02-19 09:40:41 +00:00 |
|
Miroslav Stampar
|
72fc0a0565
|
minor refactoring
|
2011-02-19 09:36:57 +00:00 |
|
Miroslav Stampar
|
5f4ffc9287
|
update regarding Sybase dumping
|
2011-02-19 00:36:47 +00:00 |
|
Miroslav Stampar
|
199f14df46
|
implementation of MySQL GROUP_CONCAT technique
|
2011-02-15 00:28:27 +00:00 |
|
Bernardo Damele
|
c078de894f
|
Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA
|
2011-02-10 14:24:04 +00:00 |
|
Bernardo Damele
|
a2c20acf94
|
Minor fixes once more
|
2011-02-10 11:34:16 +00:00 |
|
Miroslav Stampar
|
7539881ffa
|
fix for dump on Oracle but we still need to discuss some things around
|
2011-02-09 14:52:07 +00:00 |
|
Miroslav Stampar
|
caf6220c53
|
done with implementation for retrieving table names via access system table(s)
|
2011-02-09 10:50:38 +00:00 |
|
Miroslav Stampar
|
5050a76b59
|
update regarding reading of table names from access system tables
|
2011-02-09 10:33:29 +00:00 |
|