sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	199f14df46	implementation of MySQL GROUP_CONCAT technique	2011-02-15 00:28:27 +00:00
Bernardo Damele	2ea828e416	Proper fix for r3307 (file-write on MySQL via UNION query tech)	2011-02-13 22:48:01 +00:00
Miroslav Stampar	417b311475	minor update	2011-02-13 22:02:47 +00:00
Miroslav Stampar	50d25c3b4d	update regarding explicit testing of ua and referer when using -p	2011-02-13 21:58:48 +00:00
Miroslav Stampar	5fb11fd173	update regarding multiple DBMS payloads	2011-02-13 21:20:21 +00:00
Miroslav Stampar	9f7d666451	removing --method per request of buawig	2011-02-12 19:50:27 +00:00
Bernardo Damele	7253362114	Minor bug fix so that --file-write on MySQL via UNION query now works again	2011-02-11 23:35:45 +00:00
Miroslav Stampar	535eb9f3eb	implementation of referer feature	2011-02-11 23:07:03 +00:00
Miroslav Stampar	4295a78c5f	minor update	2011-02-10 19:51:34 +00:00
Bernardo Damele	c078de894f	Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA	2011-02-10 14:24:04 +00:00
Bernardo Damele	864eade744	Fixed store and resume of brute-forced tables/columns for MSSQL/Sybase	2011-02-10 11:14:05 +00:00
Bernardo Damele	aa0fb276ba	More fixes for --common-columns to work against MSSQL too	2011-02-09 17:22:07 +00:00
Miroslav Stampar	7d9be18789	added one comment	2011-02-09 14:34:18 +00:00
Miroslav Stampar	bafc8a1b0f	another update	2011-02-09 13:29:52 +00:00
Miroslav Stampar	600f729139	fix for a bug reported by skysbsb@gmail.com (double ORDER BY)	2011-02-09 12:43:09 +00:00
Miroslav Stampar	5b57a69f3e	fix	2011-02-09 11:20:03 +00:00
Miroslav Stampar	37f7001143	first commit with mysql/error/substringing	2011-02-08 16:23:33 +00:00
Bernardo Damele	c3eb82e60b	Proper fix	2011-02-08 10:08:48 +00:00
Miroslav Stampar	dba2f74588	revert of r3274	2011-02-08 09:44:34 +00:00
Bernardo Damele	cfe2da0195	Minor fix	2011-02-08 00:13:39 +00:00
Bernardo Damele	0a81415f2f	Minor code cleanup	2011-02-08 00:02:54 +00:00
Miroslav Stampar	771020abd6	one more related commit	2011-02-07 16:32:08 +00:00
Miroslav Stampar	265e7ca272	fix for that MSSQL limit/top problem	2011-02-07 16:24:23 +00:00
Miroslav Stampar	99e9412f74	minor update	2011-02-07 12:34:23 +00:00
Miroslav Stampar	e023e0d233	proper fix	2011-02-07 12:32:08 +00:00
Bernardo Damele	39decebe85	Minor fixes to checking/re-enabling of xp_cmdshell procedure	2011-02-07 12:17:19 +00:00
Miroslav Stampar	096efea282	added BULK to EXCLUDE_UNESCAPE and preventing crashes when output=[]	2011-02-07 10:22:43 +00:00
Bernardo Damele	ba3a8a69d4	More statements to exclude from unescap'ing	2011-02-07 00:33:54 +00:00
Bernardo Damele	3719f085ae	Added back-end dbms' OS based methods to Backend object - will be used for refactoring	2011-02-07 00:21:17 +00:00
Bernardo Damele	2e00656235	Minor fix	2011-02-07 00:20:23 +00:00
Bernardo Damele	bf5ca4bd9a	No point in unescaping the expression also in suffixQuery() also 'cause it will exit sqlmap if the parameter value is a string hence injection payload starts with single quote (')	2011-02-06 23:30:43 +00:00
Bernardo Damele	061f56daf9	More adjustments related to unescape() and cleanupPayload(). Minor code cleanup related to error-based payload.	2011-02-06 23:27:56 +00:00
Bernardo Damele	6a71629575	Converted from DOS format (\n\r to \n only)	2011-02-06 23:25:55 +00:00
Bernardo Damele	0800d9e49b	Major bug fix for semi-centralize unescape() and cleanupPayload() into prefixQuery() and suffixQuery()	2011-02-06 22:58:12 +00:00
Bernardo Damele	f3d6be7868	Code cleanup	2011-02-06 22:32:44 +00:00
Miroslav Stampar	078a2207cc	few reverts	2011-02-06 22:10:28 +00:00
Miroslav Stampar	b9b2fe0e7c	little cleanup	2011-02-06 21:52:39 +00:00
Miroslav Stampar	c4c2cf1d58	can't stay as it is right now. temporary disabling.	2011-02-06 21:17:41 +00:00
Bernardo Damele	6191a7f26f	Major fix for a silent bug	2011-02-06 15:53:43 +00:00
Miroslav Stampar	4df8a03c04	using OrderedDict to store parameters in order of appearance	2011-02-04 18:07:21 +00:00
Miroslav Stampar	acb986ae80	minor refactoring	2011-02-04 17:40:55 +00:00
Bernardo Damele	fec88f6a6d	Minor fix	2011-02-04 15:57:53 +00:00
Miroslav Stampar	09e88cfb19	fix for a bug reported by zack.payton@executiveinstruments.com (object of type 'NoneType' has no len())	2011-02-04 14:05:47 +00:00
Miroslav Stampar	f83f1a1e06	minor just in case update	2011-02-04 13:08:54 +00:00
Miroslav Stampar	c69b76776e	minor refactoring	2011-02-04 13:04:19 +00:00
Miroslav Stampar	accf4e6ce0	one important fix (URI injection parameter '*' now can go anywhere)	2011-02-04 12:43:18 +00:00
Miroslav Stampar	c19d481bb1	little clean up	2011-02-04 12:25:14 +00:00
Miroslav Stampar	c229efba05	revert	2011-02-04 11:33:21 +00:00
Miroslav Stampar	d211def899	minor adjustment (accepting strange new looking uri formats)	2011-02-04 10:55:03 +00:00
Miroslav Stampar	e4933f0c92	refactoring	2011-02-03 23:25:56 +00:00

1 2 3 4 5 ...

909 Commits