Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							345e2288e1 
							
						 
					 
					
						
						
							
							important fix regarding encoding stuff  
						
						
						
					 
					
						2011-01-20 13:54:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bade0e3124 
							
						 
					 
					
						
						
							
							Major code refactoring - centralized all kb.dbms* info for both retrieval and set.  
						
						
						
					 
					
						2011-01-19 23:06:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aea43a1e43 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-01-19 15:26:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eadaf680de 
							
						 
					 
					
						
						
							
							fuck yea  
						
						
						
					 
					
						2011-01-19 15:25:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							89e0fd0709 
							
						 
					 
					
						
						
							
							back to roots  
						
						
						
					 
					
						2011-01-19 14:06:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							33485198e1 
							
						 
					 
					
						
						
							
							Code cleanup  
						
						
						
					 
					
						2011-01-18 23:05:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							47565f9459 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2011-01-17 21:13:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							041abb56e2 
							
						 
					 
					
						
						
							
							you can't believe how much man can learn when having good testing points  
						
						
						
					 
					
						2011-01-17 13:59:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d225c5c9aa 
							
						 
					 
					
						
						
							
							was wrong about this one (just now tested on a real site)  
						
						
						
					 
					
						2011-01-17 11:00:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac0b5e6dbc 
							
						 
					 
					
						
						
							
							proper way to handle this (console output has totally different encoding than the page one)  
						
						
						
					 
					
						2011-01-17 10:27:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2041361695 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2011-01-16 23:20:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e2c821eb81 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2011-01-16 22:35:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e881465a9f 
							
						 
					 
					
						
						
							
							minor improvement  
						
						
						
					 
					
						2011-01-16 20:55:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							30d6791968 
							
						 
					 
					
						
						
							
							update regarding time based data retrieval  
						
						
						
					 
					
						2011-01-16 17:52:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2001bad7e1 
							
						 
					 
					
						
						
							
							automatic adjustment of timeSec for delayed queries  
						
						
						
					 
					
						2011-01-16 12:04:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71391874eb 
							
						 
					 
					
						
						
							
							slightly faster and thread safer inference  
						
						
						
					 
					
						2011-01-16 10:52:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							29ea0950b6 
							
						 
					 
					
						
						
							
							now False is also affected (along with None and "")  
						
						
						
					 
					
						2011-01-15 23:43:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							558f3894f4 
							
						 
					 
					
						
						
							
							Minor improvement  
						
						
						
					 
					
						2011-01-15 23:20:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5bdb50c224 
							
						 
					 
					
						
						
							
							code review part 3  
						
						
						
					 
					
						2011-01-15 13:15:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6a0e0cde3c 
							
						 
					 
					
						
						
							
							code review of modules in lib/core directory  
						
						
						
					 
					
						2011-01-15 12:13:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							daf5662eab 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2011-01-14 15:33:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1cfd6a6b9d 
							
						 
					 
					
						
						
							
							Code cleanup  
						
						
						
					 
					
						2011-01-14 15:16:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							08f7e20c51 
							
						 
					 
					
						
						
							
							minor code refactoring  
						
						
						
					 
					
						2011-01-14 14:55:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb9d7cdfaa 
							
						 
					 
					
						
						
							
							refactoring, code clearing and removal of obsolete switch --longest-common  
						
						
						
					 
					
						2011-01-14 14:37:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3c95d71ea5 
							
						 
					 
					
						
						
							
							Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase  
						
						
						
					 
					
						2011-01-14 11:55:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7d9fd5a7b7 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2011-01-14 09:49:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							676b95b30a 
							
						 
					 
					
						
						
							
							minor code refactoring  
						
						
						
					 
					
						2011-01-14 09:44:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f8c04ce020 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2011-01-13 20:59:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2ac8debea0 
							
						 
					 
					
						
						
							
							Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.  
						
						... 
						
						
						
						Minor bug fixes thanks to previous refactoring too. 
						
					 
					
						2011-01-13 17:36:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							877ea31521 
							
						 
					 
					
						
						
							
							Verbose docstring  
						
						
						
					 
					
						2011-01-13 12:05:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac5b49f555 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2011-01-13 11:24:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							af4ee81e62 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2011-01-13 11:23:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ece2eb31ca 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-13 11:08:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2f5995a7eb 
							
						 
					 
					
						
						
							
							Added generic and mysql UNION tests from 1 to 25 columns.  
						
						... 
						
						
						
						Adapted config file and command line removing now outdated --union-test switch.
Minor bug fix.
Minor code refactoring.
Got rid of some debug messages, standardized logging of UNION tests. 
						
					 
					
						2011-01-11 22:56:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							300128042c 
							
						 
					 
					
						
						
							
							First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though.  
						
						... 
						
						
						
						Major refactoring to Agent.payload() method.
Minor bug fixes, some code refactoring and a lot of core adjustments here and there.
Added more checks for injection in GROUP BY and ORDER BY. 
						
					 
					
						2011-01-11 22:18:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							394b6bc029 
							
						 
					 
					
						
						
							
							reverting some changes  
						
						
						
					 
					
						2011-01-11 12:11:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							54e0ba935a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-11 12:08:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0676b38063 
							
						 
					 
					
						
						
							
							revert of one thing for Bernardo and minor update  
						
						
						
					 
					
						2011-01-10 10:30:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							77b51dae57 
							
						 
					 
					
						
						
							
							adding openFile method with an exception block around file opening part  
						
						
						
					 
					
						2011-01-08 09:30:10 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e373dac1f2 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2011-01-07 16:50:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c17714c423 
							
						 
					 
					
						
						
							
							suppress session in case of brute methods  
						
						
						
					 
					
						2011-01-07 16:47:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b313a20a3f 
							
						 
					 
					
						
						
							
							some fixes  
						
						
						
					 
					
						2011-01-07 16:39:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1a079c62cb 
							
						 
					 
					
						
						
							
							minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones)  
						
						
						
					 
					
						2011-01-07 16:08:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c86ec374e 
							
						 
					 
					
						
						
							
							Code refactoring and cosmetics  
						
						
						
					 
					
						2011-01-07 15:41:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a8d660db54 
							
						 
					 
					
						
						
							
							fixes for bugs reported by pragmatk@gmail.com  
						
						
						
					 
					
						2011-01-06 16:59:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							694a65f6f1 
							
						 
					 
					
						
						
							
							minor fix/update  
						
						
						
					 
					
						2011-01-05 13:32:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7ae5192070 
							
						 
					 
					
						
						
							
							adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data)  
						
						
						
					 
					
						2011-01-05 10:25:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c83e9f6ca5 
							
						 
					 
					
						
						
							
							foundation for filtering binary string values (for example, replacement of non readable chars with #)  
						
						
						
					 
					
						2011-01-04 21:56:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0eabca9fd4 
							
						 
					 
					
						
						
							
							update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)  
						
						
						
					 
					
						2011-01-03 22:31:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							08ccbf2c1e 
							
						 
					 
					
						
						
							
							important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding)  
						
						
						
					 
					
						2011-01-03 22:02:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d19a8d53e4 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-03 08:46:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8625494ff2 
							
						 
					 
					
						
						
							
							added one new quick check for multiple target(s) mode  
						
						
						
					 
					
						2011-01-03 08:32:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f9b6b2254 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2011-01-02 16:51:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							da138c46c1 
							
						 
					 
					
						
						
							
							added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly)  
						
						
						
					 
					
						2011-01-02 07:37:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							428e817a32 
							
						 
					 
					
						
						
							
							some refactoring  
						
						
						
					 
					
						2011-01-01 23:57:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0e815177c8 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-01 19:07:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8f32c740ff 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-29 19:39:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93838fb155 
							
						 
					 
					
						
						
							
							"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)  
						
						
						
					 
					
						2010-12-28 14:40:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							89c2640d23 
							
						 
					 
					
						
						
							
							basic --search now works with MS Access  
						
						
						
					 
					
						2010-12-26 23:50:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ceeb6374e8 
							
						 
					 
					
						
						
							
							bug fix (TypeError: object of type 'NoneType' has no len())  
						
						
						
					 
					
						2010-12-26 13:27:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							569e060aab 
							
						 
					 
					
						
						
							
							important improvement  
						
						
						
					 
					
						2010-12-26 13:20:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a555d1ad68 
							
						 
					 
					
						
						
							
							minor improvement  
						
						
						
					 
					
						2010-12-26 11:15:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b472b96f92 
							
						 
					 
					
						
						
							
							bug fix, refactoring and improved extractErrorMessage capabilities  
						
						
						
					 
					
						2010-12-25 10:16:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2c23a59ba5 
							
						 
					 
					
						
						
							
							fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)  
						
						
						
					 
					
						2010-12-24 12:13:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							23dc408901 
							
						 
					 
					
						
						
							
							prioritization of tests based on DBMS error messages and some comments in common.py  
						
						
						
					 
					
						2010-12-24 10:55:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d9f08e4aa3 
							
						 
					 
					
						
						
							
							randomization of user agents  
						
						
						
					 
					
						2010-12-24 10:04:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							017ea9e686 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-23 14:06:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c06dbffc3 
							
						 
					 
					
						
						
							
							bug fix (AttributeError: 'unicode' object has no attribute 'sort')  
						
						
						
					 
					
						2010-12-22 18:55:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6c1133c4d4 
							
						 
					 
					
						
						
							
							some code refactoring  
						
						
						
					 
					
						2010-12-21 15:13:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							385e208f38 
							
						 
					 
					
						
						
							
							code refactoring regarding standard output suppression and some threading issues  
						
						
						
					 
					
						2010-12-21 14:21:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6b37ddada4 
							
						 
					 
					
						
						
							
							removed some blank trailing spaces (with extra/shutils/blanks.sh)  
						
						
						
					 
					
						2010-12-21 10:31:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1a3f57e5fe 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-12-21 09:23:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							116c141dfa 
							
						 
					 
					
						
						
							
							another fix  
						
						
						
					 
					
						2010-12-21 00:47:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8067365b93 
							
						 
					 
					
						
						
							
							fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident')  
						
						
						
					 
					
						2010-12-20 23:47:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fd3e7ba1f 
							
						 
					 
					
						
						
							
							thread based data added  
						
						
						
					 
					
						2010-12-20 22:45:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c9e8aae8a2 
							
						 
					 
					
						
						
							
							we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads)  
						
						
						
					 
					
						2010-12-20 19:34:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e09bc2406c 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2010-12-20 19:24:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5852bad963 
							
						 
					 
					
						
						
							
							some refactoring  
						
						
						
					 
					
						2010-12-20 18:56:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19d8733e9a 
							
						 
					 
					
						
						
							
							this is strictly for educational purposes  
						
						
						
					 
					
						2010-12-20 17:30:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe67d3827c 
							
						 
					 
					
						
						
							
							code refactoring and some fixes  
						
						
						
					 
					
						2010-12-18 09:51:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a19cb2c13a 
							
						 
					 
					
						
						
							
							code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")  
						
						
						
					 
					
						2010-12-17 21:29:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7cfeb5447b 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-15 11:46:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f8a01ddaf8 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-15 11:21:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b75d7fa348 
							
						 
					 
					
						
						
							
							minor cache based optimization  
						
						
						
					 
					
						2010-12-14 12:22:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cfcee6439e 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-12-13 21:55:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e98d9c08e1 
							
						 
					 
					
						
						
							
							dumping table is now possible on Firebird too  
						
						
						
					 
					
						2010-12-12 14:38:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c93634b6c7 
							
						 
					 
					
						
						
							
							blind dumping of tables in sqlite implemented  
						
						
						
					 
					
						2010-12-11 22:13:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b1babeefe5 
							
						 
					 
					
						
						
							
							update regarding dumping of tables with blind on Sqlite  
						
						
						
					 
					
						2010-12-11 22:00:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6a24048aa6 
							
						 
					 
					
						
						
							
							urllib2 doesn't play well with '\n' when non unescaped chars used  
						
						
						
					 
					
						2010-12-11 21:17:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d2a3e8f44f 
							
						 
					 
					
						
						
							
							first time firebird error-based query success  
						
						
						
					 
					
						2010-12-11 11:17:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d5e7a8d305 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-10 10:54:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9c61adb21d 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-12-09 00:26:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							81c16926c1 
							
						 
					 
					
						
						
							
							code refactoring some more  
						
						
						
					 
					
						2010-12-08 14:46:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							95b48746a6 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2010-12-08 14:29:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							01cf1394a4 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-08 14:26:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b21eb88905 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-07 22:45:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ecd4a5a532 
							
						 
					 
					
						
						
							
							added standard deviation check in time based tests  
						
						
						
					 
					
						2010-12-07 16:39:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							294119d2ec 
							
						 
					 
					
						
						
							
							more advanced time technique(s)  
						
						
						
					 
					
						2010-12-07 16:04:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							effd2ca0e3 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-12-07 12:32:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61f82fd274 
							
						 
					 
					
						
						
							
							introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic  
						
						
						
					 
					
						2010-12-07 00:27:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f9450b9dc 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-04 14:43:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eeb199375b 
							
						 
					 
					
						
						
							
							usage of compiled regexes in case of dynamic markings and other refactoring  
						
						
						
					 
					
						2010-12-04 13:23:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0fc7a8f9e8 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-12-04 10:13:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b3a094b9d6 
							
						 
					 
					
						
						
							
							fix for a bug reported by ToR (when resuming: queries[kb.dbms] -> KeyError: u'mysql')  
						
						
						
					 
					
						2010-12-03 22:44:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5764816891 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-12-03 22:28:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							612ee08a0b 
							
						 
					 
					
						
						
							
							added response time kb attribute  
						
						
						
					 
					
						2010-12-03 13:19:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2cc167a42e 
							
						 
					 
					
						
						
							
							fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'"  
						
						
						
					 
					
						2010-12-02 18:57:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							70e87d959e 
							
						 
					 
					
						
						
							
							update of dynamicity engine  
						
						
						
					 
					
						2010-11-29 15:14:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e3b24afe6 
							
						 
					 
					
						
						
							
							Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.  
						
						... 
						
						
						
						All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 
						
					 
					
						2010-11-28 18:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6712f4da55 
							
						 
					 
					
						
						
							
							some refactoring and one less request for aspx maintanance during --os-shell  
						
						
						
					 
					
						2010-11-24 14:20:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							253eafb643 
							
						 
					 
					
						
						
							
							paranoid cosmetics  
						
						
						
					 
					
						2010-11-24 12:03:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b2b521fc8a 
							
						 
					 
					
						
						
							
							gready regex bastard :)  
						
						
						
					 
					
						2010-11-24 12:01:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9579a97039 
							
						 
					 
					
						
						
							
							now ASPX works too for --os-shell  
						
						
						
					 
					
						2010-11-24 11:38:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9f076ba97 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-11-23 21:00:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7877a931d5 
							
						 
					 
					
						
						
							
							more cosmetics regarding dictionary attack  
						
						
						
					 
					
						2010-11-23 20:54:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c4414df594 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-23 15:33:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							78024eafe0 
							
						 
					 
					
						
						
							
							little precaution  
						
						
						
					 
					
						2010-11-23 15:31:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aa5d038f18 
							
						 
					 
					
						
						
							
							more code refactoring  
						
						
						
					 
					
						2010-11-23 14:50:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3cae76627c 
							
						 
					 
					
						
						
							
							code refactoring regarding dictionary attack  
						
						
						
					 
					
						2010-11-23 13:58:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ba4ea32603 
							
						 
					 
					
						
						
							
							first working version of dictionary attack  
						
						
						
					 
					
						2010-11-23 13:24:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d757e4ae1c 
							
						 
					 
					
						
						
							
							bug fix (when user manually sets web root, that same directory should be used as one of potentionaly default dirs)  
						
						
						
					 
					
						2010-11-17 09:46:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2a8e270bef 
							
						 
					 
					
						
						
							
							proper handling of carriage return character from Windows target machines  
						
						
						
					 
					
						2010-11-16 15:11:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ab33651f96 
							
						 
					 
					
						
						
							
							minor bug fix for displaying text from windows machines (\r was interfering with normal dataToStdout behavior)  
						
						
						
					 
					
						2010-11-16 15:02:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3487429eac 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-11-16 14:41:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e7a66371f8 
							
						 
					 
					
						
						
							
							update regarding os shell-ing regarding JSP and ASPX  
						
						
						
					 
					
						2010-11-16 13:46:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6ef3846400 
							
						 
					 
					
						
						
							
							update regarding error parsing (and reporting)  
						
						
						
					 
					
						2010-11-16 10:42:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a777d59870 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-11-12 15:17:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							697b32554c 
							
						 
					 
					
						
						
							
							fix for a bug "ordinal not in range(128)" reported by bugtrace  
						
						
						
					 
					
						2010-11-12 11:48:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a34c1b287c 
							
						 
					 
					
						
						
							
							Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL)  
						
						
						
					 
					
						2010-11-12 11:33:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							66c82d72e4 
							
						 
					 
					
						
						
							
							Typo fix  
						
						
						
					 
					
						2010-11-12 10:02:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7752b5efe9 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-09 09:51:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							221f976fbd 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-09 01:23:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							78d7b17483 
							
						 
					 
					
						
						
							
							More replacements for refactoring.  
						
						... 
						
						
						
						Minor layout adjustments.
Alignment of conffile/optiondict/cmdline parameters. 
						
					 
					
						2010-11-08 12:36:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3de10e3a2 
							
						 
					 
					
						
						
							
							new option -t  
						
						
						
					 
					
						2010-11-08 11:22:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							862395ced1 
							
						 
					 
					
						
						
							
							further refactoring (all enumerations are now put into enums.py)  
						
						
						
					 
					
						2010-11-08 09:20:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8e44aa605a 
							
						 
					 
					
						
						
							
							refactoring regarding injection place (more left)  
						
						
						
					 
					
						2010-11-08 08:02:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							508b9cc763 
							
						 
					 
					
						
						
							
							dynamicity engine update  
						
						
						
					 
					
						2010-11-07 00:12:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3619fc5127 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-06 08:31:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06760182f1 
							
						 
					 
					
						
						
							
							cosmetics  
						
						
						
					 
					
						2010-11-05 16:08:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f3e3420677 
							
						 
					 
					
						
						
							
							fix for a bug reported by Marcos Mateos Garcia (ValueError)  
						
						
						
					 
					
						2010-11-05 11:34:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3aba0b1bec 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-04 12:51:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							18aea251b3 
							
						 
					 
					
						
						
							
							added concept of tamper script priority  
						
						
						
					 
					
						2010-11-04 10:29:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6adee3792a 
							
						 
					 
					
						
						
							
							removed all trailing spaces from blank lines  
						
						
						
					 
					
						2010-11-03 10:08:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							70f6eab715 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-02 12:08:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							685a8e7d2c 
							
						 
					 
					
						
						
							
							refactoring of hard coded dbms names  
						
						
						
					 
					
						2010-11-02 11:59:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5269cb8c08 
							
						 
					 
					
						
						
							
							some code refactoring and beautification  
						
						
						
					 
					
						2010-11-02 09:06:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							13e93f564a 
							
						 
					 
					
						
						
							
							one bug fix in dynamic content engine and some code refactoring  
						
						
						
					 
					
						2010-11-02 07:32:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73b33ed765 
							
						 
					 
					
						
						
							
							fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic  
						
						
						
					 
					
						2010-11-01 20:56:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c7b374534b 
							
						 
					 
					
						
						
							
							Minor cosmetics  
						
						
						
					 
					
						2010-10-31 12:29:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a38ac7ea9 
							
						 
					 
					
						
						
							
							important update regarding (Bug  #209 ) - probably more will be needed  
						
						
						
					 
					
						2010-10-29 16:11:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b3b2c3864a 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2010-10-29 10:51:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d75578c81f 
							
						 
					 
					
						
						
							
							some update regarding common tables  
						
						
						
					 
					
						2010-10-29 09:00:51 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							43de8247ac 
							
						 
					 
					
						
						
							
							Code refactoring  
						
						
						
					 
					
						2010-10-27 20:39:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d554ffc0ae 
							
						 
					 
					
						
						
							
							yes, I am quite paranoid with cosmetics  
						
						
						
					 
					
						2010-10-27 10:37:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8803096343 
							
						 
					 
					
						
						
							
							some update regarding beep()  
						
						
						
					 
					
						2010-10-26 08:32:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b9ff91b6e9 
							
						 
					 
					
						
						
							
							update of beep  
						
						
						
					 
					
						2010-10-26 06:30:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9ec9d223e1 
							
						 
					 
					
						
						
							
							minor  
						
						
						
					 
					
						2010-10-26 06:08:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7effd0c301 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-10-25 22:54:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73eea81b3a 
							
						 
					 
					
						
						
							
							minor cosmetics  
						
						
						
					 
					
						2010-10-25 19:45:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d7bf94d4d6 
							
						 
					 
					
						
						
							
							fix for --beep  
						
						
						
					 
					
						2010-10-25 19:16:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							228ac0cde5 
							
						 
					 
					
						
						
							
							refactoring regarding --check-payload  
						
						
						
					 
					
						2010-10-25 18:38:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							24c5d7b313 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-10-25 14:06:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8df7c88174 
							
						 
					 
					
						
						
							
							implementation of a new dynamic content removal engine  
						
						
						
					 
					
						2010-10-25 10:41:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1288def3b7 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-10-22 14:23:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bc79eec702 
							
						 
					 
					
						
						
							
							removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)  
						
						
						
					 
					
						2010-10-21 13:13:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							be443c6947 
							
						 
					 
					
						
						
							
							refactoring regarding __START__,...  
						
						
						
					 
					
						2010-10-21 09:51:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d8bfa76dca 
							
						 
					 
					
						
						
							
							Minor possible bug fix  
						
						
						
					 
					
						2010-10-20 22:12:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e73e06069b 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2010-10-20 22:09:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b5c5cc457 
							
						 
					 
					
						
						
							
							Minor possible bug fix  
						
						
						
					 
					
						2010-10-20 21:49:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f95098693f 
							
						 
					 
					
						
						
							
							Removed unused functions  
						
						
						
					 
					
						2010-10-20 21:16:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1b376c99a6 
							
						 
					 
					
						
						
							
							removed temp dictionary and replaced with kb.misc  
						
						
						
					 
					
						2010-10-19 23:00:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7b71262de6 
							
						 
					 
					
						
						
							
							Cosmetic fix  
						
						
						
					 
					
						2010-10-16 22:07:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							84ed7f192a 
							
						 
					 
					
						
						
							
							Cosmetic fixes  
						
						
						
					 
					
						2010-10-16 15:10:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c9f0c75030 
							
						 
					 
					
						
						
							
							removed --space (usage of tampering modules is now a prefered way to do it)  
						
						
						
					 
					
						2010-10-15 12:52:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9fcab68700 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2010-10-15 10:28:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							207bef7f19 
							
						 
					 
					
						
						
							
							fix for that SQLite3 vs SQLite2 issue  
						
						
						
					 
					
						2010-10-15 09:39:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f7f20b94f 
							
						 
					 
					
						
						
							
							sorry, cosmetics  
						
						
						
					 
					
						2010-10-14 23:18:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8b48833136 
							
						 
					 
					
						
						
							
							large commit with copyright header modifications  
						
						
						
					 
					
						2010-10-14 14:41:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f07608ef4d 
							
						 
					 
					
						
						
							
							show static words in a sorted manner  
						
						
						
					 
					
						2010-10-14 12:38:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							162d01abed 
							
						 
					 
					
						
						
							
							commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...)  
						
						
						
					 
					
						2010-10-14 11:06:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9a08f7feb8 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-12 20:01:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9ffa928783 
							
						 
					 
					
						
						
							
							added some user interaction when page is dynamic  
						
						
						
					 
					
						2010-10-12 15:49:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							43892cddbb 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-10-11 12:26:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1e9ae40397 
							
						 
					 
					
						
						
							
							major refactoring  
						
						
						
					 
					
						2010-10-07 12:12:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1bf8939e2f 
							
						 
					 
					
						
						
							
							further updates  
						
						
						
					 
					
						2010-10-06 22:43:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							de6fa1247b 
							
						 
					 
					
						
						
							
							moved injections to xml format  
						
						
						
					 
					
						2010-10-06 22:29:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cf8e92699c 
							
						 
					 
					
						
						
							
							changes regarding EXISTS feature  
						
						
						
					 
					
						2010-09-30 12:35:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							35f35605df 
							
						 
					 
					
						
						
							
							changes regarding Feature  #160  
						
						
						
					 
					
						2010-09-26 14:02:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9cd5d3bde7 
							
						 
					 
					
						
						
							
							added new option --space  
						
						
						
					 
					
						2010-09-24 21:59:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							abc12bc361 
							
						 
					 
					
						
						
							
							more refactoring  
						
						
						
					 
					
						2010-09-15 13:28:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							682872689a 
							
						 
					 
					
						
						
							
							some more refactoring  
						
						
						
					 
					
						2010-09-15 12:59:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							91a0b5df3c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-09-15 12:52:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b699f98cbb 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2010-09-15 12:51:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							77a53228c5 
							
						 
					 
					
						
						
							
							changes regarding dynamic content recognition  
						
						
						
					 
					
						2010-09-13 21:01:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19fb2e3dcf 
							
						 
					 
					
						
						
							
							fix for Bug  #165  
						
						
						
					 
					
						2010-09-13 13:31:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61120b0bac 
							
						 
					 
					
						
						
							
							minor comment added  
						
						
						
					 
					
						2010-09-09 14:08:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1b3d287a09 
							
						 
					 
					
						
						
							
							fix for a bug reported by shaohua pan (and one other bug)  
						
						
						
					 
					
						2010-09-07 10:21:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e810fe7b0b 
							
						 
					 
					
						
						
							
							no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions  
						
						
						
					 
					
						2010-08-31 13:37:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f5953bacc0 
							
						 
					 
					
						
						
							
							fix for direct connection parsing (now on windows machines python sqlmap.py -d access://C:\testdb.mdb is valid, while before it wasn't)  
						
						
						
					 
					
						2010-08-30 16:35:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							48cc87f6a9 
							
						 
					 
					
						
						
							
							added support for fingerprinting SAP MaxDB (Issue 143)  
						
						
						
					 
					
						2010-08-30 13:29:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2cd8f31003 
							
						 
					 
					
						
						
							
							some doc test samples included  
						
						
						
					 
					
						2010-08-20 21:27:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4edf6ebe00 
							
						 
					 
					
						
						
							
							update for smoke tests  
						
						
						
					 
					
						2010-08-20 21:01:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							02523dbfb5 
							
						 
					 
					
						
						
							
							fix of fix  
						
						
						
					 
					
						2010-08-09 22:13:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6eab7997d1 
							
						 
					 
					
						
						
							
							fix for bug reported by dragoun dash (TypeError: sequence item 0: expected string, NoneType found)  
						
						
						
					 
					
						2010-08-08 22:25:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e0fe5d1504 
							
						 
					 
					
						
						
							
							bug fix for error reported by Marek Sarvas (error data)  
						
						
						
					 
					
						2010-08-08 21:48:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7dcc2031ac 
							
						 
					 
					
						
						
							
							smoke test adjustments  
						
						
						
					 
					
						2010-07-30 12:57:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							092829c189 
							
						 
					 
					
						
						
							
							implemented basic smoke testing mechanism  
						
						
						
					 
					
						2010-07-30 12:49:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8625763c07 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2010-06-30 11:22:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8576817a2b 
							
						 
					 
					
						
						
							
							Added support for SOAP requests: fixed, extended and tested a user's patch -  closes   #196 .  
						
						
						
					 
					
						2010-06-29 21:07:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7cad3cbda6 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2010-06-28 13:47:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ccfc9b0fec 
							
						 
					 
					
						
						
							
							fix for that bug linux man reported (UnicodeEncodeError inside raw_input)  
						
						
						
					 
					
						2010-06-23 07:30:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							17e228024b 
							
						 
					 
					
						
						
							
							Minor enhancements and bug fixes to "good samaritan" feature - see  #4  
						
						
						
					 
					
						2010-06-21 14:40:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fd76f048b6 
							
						 
					 
					
						
						
							
							Added common pattern value support to bisection algorithm  
						
						
						
					 
					
						2010-06-17 11:38:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d3c8e461cf 
							
						 
					 
					
						
						
							
							Minor layout adjustments  
						
						
						
					 
					
						2010-06-10 14:14:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac55e1b75f 
							
						 
					 
					
						
						
							
							fix for localhost firebird direct db access  
						
						
						
					 
					
						2010-06-10 12:02:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9e76b847b3 
							
						 
					 
					
						
						
							
							fix regarding bug discovered by Andreas Constantinides  
						
						
						
					 
					
						2010-06-04 17:07:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							12a5ec9f3d 
							
						 
					 
					
						
						
							
							more unicode refactoring  
						
						
						
					 
					
						2010-06-02 12:45:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2fb8bf3b6a 
							
						 
					 
					
						
						
							
							more dump/unicode cleanup  
						
						
						
					 
					
						2010-06-02 12:31:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6df2d98fc9 
							
						 
					 
					
						
						
							
							Minor bug fix in common.py goGoodSamaritan().  
						
						... 
						
						
						
						Minor code cleanup and adjustments. 
						
					 
					
						2010-05-31 15:05:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							db7ede96fd 
							
						 
					 
					
						
						
							
							more updates/fixes  
						
						
						
					 
					
						2010-05-31 11:11:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4bb5885413 
							
						 
					 
					
						
						
							
							some changes regarding --common-outputs feature  
						
						
						
					 
					
						2010-05-31 09:41:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0450df8a77 
							
						 
					 
					
						
						
							
							added kb.cache for storing cached results (e.g. kb.cache.regex for storing compiled regular expressions and kb.cache.md5 for storing precalculated MD5 values during '--users --common-prediction' session)  
						
						
						
					 
					
						2010-05-31 08:13:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b798222dd7 
							
						 
					 
					
						
						
							
							Minor fixes  
						
						
						
					 
					
						2010-05-30 14:53:13 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							89c721a451 
							
						 
					 
					
						
						
							
							More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files.  
						
						
						
					 
					
						2010-05-29 10:10:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e811101dce 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-05-28 23:39:52 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							10521b68eb 
							
						 
					 
					
						
						
							
							Major bug fix in multipartpost and minor adjustments elsewhere  
						
						
						
					 
					
						2010-05-28 23:12:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a138dbe5f6 
							
						 
					 
					
						
						
							
							Minor bug fixes and code refactoring  
						
						
						
					 
					
						2010-05-28 15:57:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3db3c03c1 
							
						 
					 
					
						
						
							
							str() -> unicode()  
						
						
						
					 
					
						2010-05-28 13:05:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f24187f251 
							
						 
					 
					
						
						
							
							few fixes here and there  
						
						
						
					 
					
						2010-05-28 12:47:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f36e093fa7 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-05-28 09:13:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9de1671b8f 
							
						 
					 
					
						
						
							
							Code refactoring and minor bug fixes.  
						
						
						
					 
					
						2010-05-27 16:45:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c431a74d9e 
							
						 
					 
					
						
						
							
							minor fix/adjustment regarding getCompiledRegex  
						
						
						
					 
					
						2010-05-27 11:52:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ce29c841cf 
							
						 
					 
					
						
						
							
							some comments added  
						
						
						
					 
					
						2010-05-26 11:14:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1a3dfd8ced 
							
						 
					 
					
						
						
							
							some more changes  
						
						
						
					 
					
						2010-05-26 11:01:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bbdbe44e3f 
							
						 
					 
					
						
						
							
							fuck yea, first tests (MySQL/--tables & --common-prediction) are great :)  
						
						
						
					 
					
						2010-05-26 10:41:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7f0db26e99 
							
						 
					 
					
						
						
							
							more code updates regarding good samaritan (common output) feature  
						
						
						
					 
					
						2010-05-26 09:48:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8ed76b3024 
							
						 
					 
					
						
						
							
							minor update regarding good samaritan  
						
						
						
					 
					
						2010-05-25 14:51:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							065d5b02ec 
							
						 
					 
					
						
						
							
							added singleValue parameter for good samaritan (same thing Bernardo wanted :)  
						
						
						
					 
					
						2010-05-25 13:51:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							056d1ad76e 
							
						 
					 
					
						
						
							
							new commit regarding good samaritan feature  
						
						
						
					 
					
						2010-05-25 13:06:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dc83f794ea 
							
						 
					 
					
						
						
							
							fix regarding proper string isinstance checking (including unicode)  
						
						
						
					 
					
						2010-05-25 10:09:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a43eb64c5d 
							
						 
					 
					
						
						
							
							Minor refactoring  
						
						
						
					 
					
						2010-05-24 15:46:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0197f8db5c 
							
						 
					 
					
						
						
							
							code refactoring regarding issue  #184  
						
						
						
					 
					
						2010-05-24 11:12:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e9be60e1ac 
							
						 
					 
					
						
						
							
							added support for proper unicode session(s) storage/retrieval  
						
						
						
					 
					
						2010-05-24 11:00:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							03fb84e29f 
							
						 
					 
					
						
						
							
							Minor enhancement to internal --profile function  
						
						
						
					 
					
						2010-05-21 15:06:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d5ebd49b6 
							
						 
					 
					
						
						
							
							introducing regex caching mechanism  
						
						
						
					 
					
						2010-05-21 14:42:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7ee20480a4 
							
						 
					 
					
						
						
							
							Added a TODO note  
						
						
						
					 
					
						2010-05-21 13:24:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							319adef8c4 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2010-05-21 13:19:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							050015d2bb 
							
						 
					 
					
						
						
							
							minor adjustments  
						
						
						
					 
					
						2010-05-21 13:15:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a5b31ad53 
							
						 
					 
					
						
						
							
							minor code adjustment  
						
						
						
					 
					
						2010-05-21 13:03:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							64f2afe585 
							
						 
					 
					
						
						
							
							in a mood for more changes  
						
						
						
					 
					
						2010-05-21 12:44:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							78547bb79e 
							
						 
					 
					
						
						
							
							quick fix  
						
						
						
					 
					
						2010-05-21 12:19:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a21a7fc56d 
							
						 
					 
					
						
						
							
							Minor code refactoring  
						
						
						
					 
					
						2010-05-21 12:09:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9b91b30b69 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2010-05-21 10:41:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f44696530 
							
						 
					 
					
						
						
							
							changes regarding putting of gprof2dot script inside extras and its usage  
						
						
						
					 
					
						2010-05-21 10:30:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68e13c3872 
							
						 
					 
					
						
						
							
							periodical commit  
						
						
						
					 
					
						2010-05-21 09:35:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							19a82e151c 
							
						 
					 
					
						
						
							
							minor cleanup  
						
						
						
					 
					
						2010-05-14 14:03:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7107e8fd6a 
							
						 
					 
					
						
						
							
							optimization of CPU intensive sanitizeAsciiString  
						
						
						
					 
					
						2010-05-14 13:55:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5396f13bab 
							
						 
					 
					
						
						
							
							added CPU throttling for lowering sqlmap's CPU intensivity  
						
						
						
					 
					
						2010-05-13 15:19:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ca3e12ae73 
							
						 
					 
					
						
						
							
							added calculateDeltaSeconds method for dealing with non-deterministic time behaviour in some cases (e.g. WAITFOR DELAY in case of MSSQL)  
						
						
						
					 
					
						2010-05-13 11:05:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							65a05452f7 
							
						 
					 
					
						
						
							
							Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See  #190 :  
						
						... 
						
						
						
						* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C 
						
					 
					
						2010-05-07 13:40:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							789dd6c66f 
							
						 
					 
					
						
						
							
							more quick fixes  
						
						
						
					 
					
						2010-05-04 08:43:14 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4d46f997a7 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-04-29 13:34:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a1b1f960cc 
							
						 
					 
					
						
						
							
							Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function  
						
						
						
					 
					
						2010-04-23 16:34:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0f80768e66 
							
						 
					 
					
						
						
							
							Reverted  
						
						
						
					 
					
						2010-04-22 16:35:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7b070acd17 
							
						 
					 
					
						
						
							
							Reimported needed imports!  
						
						
						
					 
					
						2010-04-22 16:13:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1bcec80e95 
							
						 
					 
					
						
						
							
							fix for that takeover bug Ethan Robish posted (Windows/PHP)  
						
						
						
					 
					
						2010-04-22 10:31:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2840f20605 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-04-17 15:43:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							915d3441e9 
							
						 
					 
					
						
						
							
							some code refactoring  
						
						
						
					 
					
						2010-04-16 19:57:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							938a3ab0b9 
							
						 
					 
					
						
						
							
							fix for Bug  #183  (--threads dot output)  
						
						
						
					 
					
						2010-04-16 13:40:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1ab78ce60e 
							
						 
					 
					
						
						
							
							Added support to directly connect also to SQLite 2 db file  
						
						
						
					 
					
						2010-04-13 22:43:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fee062781f 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2010-04-13 11:13:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							da1ea48947 
							
						 
					 
					
						
						
							
							added some nagging for connection details  
						
						
						
					 
					
						2010-04-13 11:00:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fcceceed45 
							
						 
					 
					
						
						
							
							fix for bug reported by shiftzwei@gmail.com regarding formatDBMSfp with unknown DBMS version  
						
						
						
					 
					
						2010-04-09 10:40:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cad8f61d55 
							
						 
					 
					
						
						
							
							Force pymssql to version >= 1.0.2  
						
						
						
					 
					
						2010-03-31 15:31:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5fdebb5d5b 
							
						 
					 
					
						
						
							
							Added support to directly connect also to Microsoft SQL Server database.  
						
						... 
						
						
						
						Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods. 
						
					 
					
						2010-03-31 10:50:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ae3455a0c2 
							
						 
					 
					
						
						
							
							more update  
						
						
						
					 
					
						2010-03-30 11:28:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							738c210075 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-03-30 11:21:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							87d8c6719e 
							
						 
					 
					
						
						
							
							updates, fixes and stuff  
						
						
						
					 
					
						2010-03-30 11:06:30 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a0290a257b 
							
						 
					 
					
						
						
							
							Added support to connect directly also to Oracle - see  #158  
						
						
						
					 
					
						2010-03-27 21:50:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1416cd0d86 
							
						 
					 
					
						
						
							
							Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see  #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).  
						
						... 
						
						
						
						Minor layout adjustments. 
						
					 
					
						2010-03-26 23:23:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8bab94de64 
							
						 
					 
					
						
						
							
							added two new functions: isBase64EncodedString and isHexEncodedString for Feature  #71  
						
						
						
					 
					
						2010-03-26 17:18:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f9a135e232 
							
						 
					 
					
						
						
							
							Minor bug fix and layout adjustment regarding --threading and standard output  
						
						
						
					 
					
						2010-03-22 17:38:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d00e4a458a 
							
						 
					 
					
						
						
							
							Code cleanup  
						
						
						
					 
					
						2010-03-21 00:39:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0d559d14df 
							
						 
					 
					
						
						
							
							Initial support for SQLite (90% approx).  
						
						... 
						
						
						
						Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments. 
						
					 
					
						2010-03-18 17:20:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b3353e05b 
							
						 
					 
					
						
						
							
							Revert last commit  
						
						
						
					 
					
						2010-03-16 13:56:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1dfe558d3d 
							
						 
					 
					
						
						
							
							Fix for Issue  #177  
						
						
						
					 
					
						2010-03-16 13:11:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5063401130 
							
						 
					 
					
						
						
							
							Minor bug fix,  fixes   #170  
						
						
						
					 
					
						2010-03-15 11:00:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b544405878 
							
						 
					 
					
						
						
							
							fixed some issue involving banner parsing  
						
						
						
					 
					
						2010-03-04 09:15:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a654a426ef 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2010-03-03 16:19:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							156fdd96ef 
							
						 
					 
					
						
						
							
							Updated copyright  
						
						
						
					 
					
						2010-03-03 15:26:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							694356821d 
							
						 
					 
					
						
						
							
							sqlmap does not save nor leave back in temporary folder any file named 'sqlmapRANDOM', only random names now, less suspicious  
						
						
						
					 
					
						2010-02-26 13:13:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8c68d25b39 
							
						 
					 
					
						
						
							
							Major bug fix, be careful when editing isWindowsPath() and normalizePath() in common.py, they can break all  
						
						
						
					 
					
						2010-02-26 12:00:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							98496fd173 
							
						 
					 
					
						
						
							
							Show also site in the banner  
						
						
						
					 
					
						2010-02-25 17:37:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							404927d04a 
							
						 
					 
					
						
						
							
							Adjusted banner, increased release candidate to rc7  
						
						
						
					 
					
						2010-02-25 17:34:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d95a8850c8 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-02-25 16:38:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0913d700a8 
							
						 
					 
					
						
						
							
							important update regarding default directories  
						
						
						
					 
					
						2010-02-25 15:22:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a10adcfe08 
							
						 
					 
					
						
						
							
							Minor code cleanup  
						
						
						
					 
					
						2010-02-25 15:16:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3721451cd6 
							
						 
					 
					
						
						
							
							default dirs update  
						
						
						
					 
					
						2010-02-25 14:51:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9c014c0fd0 
							
						 
					 
					
						
						
							
							minor change  
						
						
						
					 
					
						2010-02-20 23:11:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cef248a5ea 
							
						 
					 
					
						
						
							
							update for that invalid target url Otavio Augusto reported  
						
						
						
					 
					
						2010-02-10 12:06:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							00a23ace9a 
							
						 
					 
					
						
						
							
							some changes regarding web takeover  
						
						
						
					 
					
						2010-02-09 14:27:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ec63fc4036 
							
						 
					 
					
						
						
							
							code refactoring - added functions posixToNtSlashes and ntToPosixSlashes  
						
						
						
					 
					
						2010-02-04 14:37:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e4699f389d 
							
						 
					 
					
						
						
							
							some bug fixes regarding --os-shell usage against windows servers  
						
						
						
					 
					
						2010-02-04 09:49:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ea045eaa2f 
							
						 
					 
					
						
						
							
							fixed serious issue with adding file paths into kb.absFilePaths (dirname was wrongly added, and afterwards getDirs used dirname of dirname)  
						
						... 
						
						
						
						also, fixed some issues with Windows paths 
						
					 
					
						2010-02-03 16:40:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							494e014a4a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-02-03 16:04:44 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							894b9f0f80 
							
						 
					 
					
						
						
							
							minor minor update  
						
						
						
					 
					
						2010-02-03 15:15:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							25f1a9c7d0 
							
						 
					 
					
						
						
							
							upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this)  
						
						
						
					 
					
						2010-02-03 15:06:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c74b920f54 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-02-03 14:49:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							92817159dc 
							
						 
					 
					
						
						
							
							cloaked upx for windows (used mkstemp because of execution and file access rights problem)  
						
						
						
					 
					
						2010-01-29 10:12:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6f5d2ed171 
							
						 
					 
					
						
						
							
							Minor cosmetic adjustments  
						
						
						
					 
					
						2010-01-28 17:07:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							732ed48e2b 
							
						 
					 
					
						
						
							
							some refactoring regarding decloaking  
						
						
						
					 
					
						2010-01-28 16:50:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							645afee359 
							
						 
					 
					
						
						
							
							some changes  
						
						
						
					 
					
						2010-01-28 00:25:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a4d8234875 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-01-24 14:23:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							98205cc488 
							
						 
					 
					
						
						
							
							another fix for Bug  #148  
						
						
						
					 
					
						2010-01-23 23:29:34 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4ce3abc56d 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2010-01-15 17:42:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f171340f5 
							
						 
					 
					
						
						
							
							introduced safe string formatting  
						
						
						
					 
					
						2010-01-15 16:06:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dcf0b2a3c1 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-01-15 11:45:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f5c422efb4 
							
						 
					 
					
						
						
							
							updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before  
						
						
						
					 
					
						2010-01-15 11:44:05 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6a62a78b0a 
							
						 
					 
					
						
						
							
							More generic  
						
						
						
					 
					
						2010-01-08 23:50:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							80df1fdcf9 
							
						 
					 
					
						
						
							
							Minor bug fix with --sql-query/shell when providing a statement with DISTINCT  
						
						
						
					 
					
						2010-01-05 16:15:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							954a927cee 
							
						 
					 
					
						
						
							
							Minor bug fix to properly execute --time-test also on MySQL >= 5.0.12  
						
						
						
					 
					
						2010-01-05 11:43:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71547a3496 
							
						 
					 
					
						
						
							
							getDocRoot changes  
						
						
						
					 
					
						2010-01-05 11:30:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ce022a3b6e 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.  
						
						
						
					 
					
						2010-01-02 02:02:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e4e081cdc6 
							
						 
					 
					
						
						
							
							sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.  
						
						
						
					 
					
						2009-12-17 22:04:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							89c43893d4 
							
						 
					 
					
						
						
							
							Merged back from personal branch to trunk (svn merge -r846:940 ...)  
						
						... 
						
						
						
						Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring. 
						
					 
					
						2009-09-25 23:03:45 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b4fd71e8b9 
							
						 
					 
					
						
						
							
							Minor adjustment to reflect Metasploit r6849 ( http://trac.metasploit.com/changeset/6849 ) and minor code refactoring.  
						
						
						
					 
					
						2009-07-20 14:36:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cb3d2bac16 
							
						 
					 
					
						
						
							
							Minor improvement so that sqlmap tests also all parameters with no value (ig. par=).  
						
						
						
					 
					
						2009-07-09 11:25:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							516fdb9356 
							
						 
					 
					
						
						
							
							Avoid to upload the web backdoor to unexisting empty-name directory  
						
						
						
					 
					
						2009-07-09 11:11:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							150abc0f1e 
							
						 
					 
					
						
						
							
							sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.  
						
						
						
					 
					
						2009-06-11 15:01:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							45dff4a00a 
							
						 
					 
					
						
						
							
							Added new function to search a file within the PATH environment variable paths:  
						
						... 
						
						
						
						it will be used when sqlmap will be packaged as DEB and RPM 
						
					 
					
						2009-05-12 20:24:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							57b8bb4c8e 
							
						 
					 
					
						
						
							
							Minor syntax adjustment for web backdoor functionality  
						
						
						
					 
					
						2009-04-28 21:51:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1d7de719b9 
							
						 
					 
					
						
						
							
							Almost done with web backdoor functionality  
						
						
						
					 
					
						2009-04-28 11:05:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							16b4530bbe 
							
						 
					 
					
						
						
							
							Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).  
						
						... 
						
						
						
						Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS. 
						
					 
					
						2009-04-27 23:05:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aefa7ef988 
							
						 
					 
					
						
						
							
							Avoid libmagic traceback on Windows.  
						
						... 
						
						
						
						WARNING: this release is a candidate, it only works on Linux/Unices for the moment! 
						
					 
					
						2009-04-22 12:44:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8c0ac767f4 
							
						 
					 
					
						
						
							
							Updated to sqlmap 0.7 release candidate 1  
						
						
						
					 
					
						2009-04-22 11:48:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6054090191 
							
						 
					 
					
						
						
							
							sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.  
						
						
						
					 
					
						2009-01-28 14:53:11 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bc448211c5 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2009-01-13 23:15:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5560f0b68a 
							
						 
					 
					
						
						
							
							Updated the copyright  
						
						
						
					 
					
						2009-01-12 21:35:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ad228e6947 
							
						 
					 
					
						
						
							
							Ahead with the improvements to the comparison algorithm.  
						
						... 
						
						
						
						Added support internally to forge CASE statements, used only by
--is-dba query at the moment.
Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and
SQL shell.
Minor code adjustments. 
						
					 
					
						2008-12-19 20:09:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c32ef9d751 
							
						 
					 
					
						
						
							
							Major bug fix to avoid tracebacks when multiple targets are specified and one  
						
						... 
						
						
						
						of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided. 
						
					 
					
						2008-12-18 20:38:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							072eb7154c 
							
						 
					 
					
						
						
							
							Major enhancement to support Partial UNION query SQL injection technique too.  
						
						... 
						
						
						
						Minor code cleanup. 
						
					 
					
						2008-12-10 17:23:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a777f1ca35 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2008-12-01 23:27:51 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6e548eb2ec 
							
						 
					 
					
						
						
							
							Completed support to get the list of targets from WebScarab/Burp proxies  
						
						... 
						
						
						
						log file and updated the documentation 
						
					 
					
						2008-11-27 22:33:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							dc1f2deb74 
							
						 
					 
					
						
						
							
							Minor bug fix to correctly enumerate columns on Microsoft SQL Server.  
						
						... 
						
						
						
						Minor adjustments to XML signatures.
Updated documentation. 
						
					 
					
						2008-11-25 11:33:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9be844cf3e 
							
						 
					 
					
						
						
							
							Adapted the code to support a list of targets from a text file (Burp log file) or from a directory (WebScarab conversations folder) with command line option -l.  
						
						
						
					 
					
						2008-11-20 17:56:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							736b2e7323 
							
						 
					 
					
						
						
							
							Minor adjustments to the operating system fingerprint.  
						
						
						
					 
					
						2008-11-19 00:36:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							727664aea7 
							
						 
					 
					
						
						
							
							Minor enhancement to fingerprint the web server operating system and  
						
						... 
						
						
						
						the web application technology by parsing also HTTP response Server
header.
Refactor libraries and plugins that parses XML to fingerprint and show
on standard output the information.
Updated changelog. 
						
					 
					
						2008-11-18 17:42:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7d0724843f 
							
						 
					 
					
						
						
							
							Major enhancement to the engine to parse XML files and matches on DBMS banner  
						
						... 
						
						
						
						and HTTP response headers.
Initial web application technology fingerprint (for the moment based only on
X-Powered-By HTTP response header and not shown yet to the user).
Minor layout adjustments. 
						
					 
					
						2008-11-17 17:41:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							654aecedfe 
							
						 
					 
					
						
						
							
							Minor layout adjustments, minor fixes and updated changelog  
						
						
						
					 
					
						2008-11-17 00:00:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							fa0507ab39 
							
						 
					 
					
						
						
							
							Minor enhancement to fingerprint the back-end DBMS operating system (type,  
						
						... 
						
						
						
						version, release, distribution, codename and service pack) by parsing the
DBMS banner value when both -f and -b are provided: adapted the code and
added XML files defining regular expressions for matching.
Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu:
--8<--
back-end DBMS:	active fingerprint: MySQL >= 5.0.38 and < 5.1.2
                comment injection fingerprint: MySQL 5.0.67
                banner parsing fingerprint: MySQL 5.0.67
                html error message fingerprint: MySQL
back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid)
--8<-- 
						
					 
					
						2008-11-15 23:41:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9329f8c9c4 
							
						 
					 
					
						
						
							
							Minor enhancement to be able to enumerate table columns and dump table  
						
						... 
						
						
						
						entries also if the database name is not provided by using the current
database on MySQL and MSSQL, the 'public' scheme on PostgreSQL and the
'USERS' TABLESPACE_NAME on Oracle.
Minor bug fix so that when the user provide as SELECT statement to be
processed an asterisk, now it also work if in the FROM there is no
database name specified.
Minor layout adjustments. 
						
					 
					
						2008-11-12 22:53:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							91a47246f8 
							
						 
					 
					
						
						
							
							Minor bug fix to correctly handle --start and --stop  
						
						
						
					 
					
						2008-11-02 14:39:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f90a7cce28 
							
						 
					 
					
						
						
							
							Minor fix to urldecode %3d and any other urlencoded values in target url, posted data and cookie  
						
						
						
					 
					
						2008-10-16 16:31:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a5b2366033 
							
						 
					 
					
						
						
							
							Implemented a better way to deal with % characters in parameters' value. Minor code restyle.  
						
						
						
					 
					
						2008-10-16 15:31:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							892a7b2f8a 
							
						 
					 
					
						
						
							
							propsets..  
						
						
						
					 
					
						2008-10-15 15:56:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8e3eb45510 
							
						 
					 
					
						
						
							
							After the storm, a restore..  
						
						
						
					 
					
						2008-10-15 15:38:22 +00:00