Miroslav Stampar
|
9832fc42d4
|
minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)
|
2011-05-18 21:47:40 +00:00 |
|
Miroslav Stampar
|
3048e9f710
|
minor refactoring
|
2011-05-17 23:03:31 +00:00 |
|
Miroslav Stampar
|
cc07e5dc97
|
added --charset option to force charset encoding of the retrieved data (e.g. when the backend collation is different than the current web page charset) as requested by devon.mitchell1988@yahoo.com
|
2011-05-17 22:55:22 +00:00 |
|
Miroslav Stampar
|
dfe81cc66f
|
minor yielding
|
2011-05-16 20:14:10 +00:00 |
|
Miroslav Stampar
|
a5ad4621c9
|
minor refactoring
|
2011-05-16 20:09:12 +00:00 |
|
Miroslav Stampar
|
ba1df457ab
|
fix for a charset euc_tw reported by devon.mitchell1988@yahoo.com
|
2011-05-16 19:26:58 +00:00 |
|
Miroslav Stampar
|
6ba9dea640
|
just in case for trimmed output
|
2011-05-16 06:17:37 +00:00 |
|
Miroslav Stampar
|
d2221e4604
|
fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...)
|
2011-05-16 00:23:50 +00:00 |
|
Miroslav Stampar
|
faa74cd2bc
|
introducing results file for multiple target mode
|
2011-05-15 22:21:38 +00:00 |
|
Miroslav Stampar
|
90e84c9a6d
|
removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end
|
2011-05-15 21:43:38 +00:00 |
|
Miroslav Stampar
|
c3bb5a03e1
|
minor improvement
|
2011-05-14 20:09:37 +00:00 |
|
Miroslav Stampar
|
3484a4426b
|
fix for a bug reported by itxx@qq.com (TypeError: encode() takes no keyword arguments)
|
2011-05-14 19:57:28 +00:00 |
|
Miroslav Stampar
|
053c245114
|
few minor fixes
|
2011-05-13 09:56:12 +00:00 |
|
Miroslav Stampar
|
a7d7be5ce0
|
bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host)
|
2011-05-13 01:01:53 +00:00 |
|
Miroslav Stampar
|
f11d5c91e3
|
minor update so that only one DNS request per scan is being done (before this commit there were two)
|
2011-05-12 14:32:39 +00:00 |
|
Miroslav Stampar
|
70688fb8b5
|
minor enhancement for dumping 'None' values (proper way should be empty string because None is too pythonic)
|
2011-05-12 12:00:17 +00:00 |
|
Miroslav Stampar
|
c64eb38a8b
|
same thing as for the last commit, but for error technique this time
|
2011-05-12 11:52:18 +00:00 |
|
Miroslav Stampar
|
84a7e5ffb9
|
"unfix" for r3172 which was causing "AttributeError: 'list' object has no attribute 'isdigit'" because of change of appereance
|
2011-05-12 11:36:02 +00:00 |
|
Miroslav Stampar
|
0b2da2f9f5
|
minor beautification for --tor switch
|
2011-05-12 05:46:17 +00:00 |
|
Miroslav Stampar
|
e05a9c0554
|
i was probably very tired or very stupid to do this
|
2011-05-11 13:13:46 +00:00 |
|
Miroslav Stampar
|
2ab9e30f7a
|
bug fix
|
2011-05-11 12:54:33 +00:00 |
|
Miroslav Stampar
|
53065ee1fb
|
adding ordered set for kb.targetUrls (now the order of appereance in multiple targets mode will be respected)
|
2011-05-11 08:55:48 +00:00 |
|
Miroslav Stampar
|
5ee07b90b9
|
added -m switch for bulk loading multiple targets
|
2011-05-11 08:46:40 +00:00 |
|
Miroslav Stampar
|
120b0d756e
|
unfix
|
2011-05-10 21:33:06 +00:00 |
|
Miroslav Stampar
|
6b66fce72c
|
minor fix
|
2011-05-10 20:52:43 +00:00 |
|
Miroslav Stampar
|
192c685bc8
|
changing conf attribute to a more proper name
|
2011-05-10 20:48:34 +00:00 |
|
Miroslav Stampar
|
deae534ee7
|
minor refactoring
|
2011-05-10 20:44:36 +00:00 |
|
Bernardo Damele
|
97bc816aeb
|
layout
|
2011-05-10 16:24:09 +00:00 |
|
Bernardo Damele
|
3a8309c4b0
|
Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches
|
2011-05-10 15:34:54 +00:00 |
|
Miroslav Stampar
|
707edc7b1a
|
fix for a bug (previously --dbms="mysql 4" was ignored and abruptly terminated while the mechanism was here all along)
|
2011-05-10 13:28:07 +00:00 |
|
Miroslav Stampar
|
1dea609019
|
fix for a bug reported by David (UnicodeDecodeError: url = url + '?' + query)
|
2011-05-10 12:51:37 +00:00 |
|
Miroslav Stampar
|
a64407d9db
|
minor bug fix for multithreading and lots of connection retries
|
2011-05-10 12:40:01 +00:00 |
|
Miroslav Stampar
|
22a1870c2c
|
adding some constraining to number of used threads on brute force switches together with a warning in case of connection exception(s) with --threads>1
|
2011-05-10 12:32:07 +00:00 |
|
Miroslav Stampar
|
ec4d9178f8
|
minor update related to the previous commit
|
2011-05-08 06:28:58 +00:00 |
|
Miroslav Stampar
|
4d6e7c738c
|
minor update
|
2011-05-08 06:17:43 +00:00 |
|
Bernardo Damele
|
9955483052
|
Major improvement for --dump.
Minor improvement for --dump-all.
Minor bug fix for infinite loop
|
2011-05-08 02:08:18 +00:00 |
|
Bernardo Damele
|
8179fd63c0
|
Minor fix
|
2011-05-07 23:48:03 +00:00 |
|
Bernardo Damele
|
6653907700
|
forgot in last commit
|
2011-05-07 21:13:56 +00:00 |
|
Bernardo Damele
|
1151af52bb
|
More fix for save/resume of --technique
|
2011-05-07 21:08:14 +00:00 |
|
Bernardo Damele
|
aae140080e
|
SVN roll back, DB2 patch will be recommitted after testing:
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
|
2011-05-06 10:27:43 +00:00 |
|
Miroslav Stampar
|
42bca80968
|
removing blank lines and adding newline at the end of files
|
2011-05-06 09:35:53 +00:00 |
|
Miroslav Stampar
|
6e392b6054
|
applying contributed patch for DB2
|
2011-05-06 09:30:39 +00:00 |
|
Bernardo Damele
|
2d8408c885
|
More fix for --technique resume
|
2011-05-05 16:38:46 +00:00 |
|
Bernardo Damele
|
e96a533a04
|
Bug fix to resume of --technique
|
2011-05-05 15:18:33 +00:00 |
|
Miroslav Stampar
|
b324b99f6e
|
minor update of warning message
|
2011-05-04 10:41:08 +00:00 |
|
Miroslav Stampar
|
83fac3f6d9
|
fix for proper MSSQL error chunking in some cases (not screwing output length toward lower values at chunk phase)
|
2011-05-03 21:12:51 +00:00 |
|
Miroslav Stampar
|
e6f010734e
|
minor fix for cases when the retrieved output is safe encoded (like for --os-shell)
|
2011-05-03 16:14:03 +00:00 |
|
Miroslav Stampar
|
4d4e3802e4
|
decoding of chars for --os-shell
|
2011-05-03 15:31:12 +00:00 |
|
Bernardo Damele
|
c58dc4a6d8
|
isDbmsWithin() must stay like this, no getIdentifiedDbms() in there
|
2011-05-03 14:13:45 +00:00 |
|
Miroslav Stampar
|
742b0ef76e
|
major improvement of ERROR data retrieval on MSSQL
|
2011-05-03 13:25:20 +00:00 |
|