Commit Graph

13 Commits

Author SHA1 Message Date
Bernardo Damele
b4139f5b82 added takeover shared object for PgSQL 9.1 Linux 32-bit - issue #20 2014-01-10 18:16:25 +00:00
Bernardo Damele
ddb6ba6d47 Added PostgreSQL 9.0 shared object for Linux 32-bit 2011-06-28 13:14:32 +00:00
Bernardo Damele
1698630bc0 Added PostgreSQL 9.0 shared object for Linux 64-bit 2011-06-28 13:12:18 +00:00
Bernardo Damele
12090a86bc Done with PostgreSQL/Linux 64bit shared objects too 2011-02-03 14:53:07 +00:00
Bernardo Damele
8cf88dd0da Ready with PgSQL/Linux/32bit shared object too now 2011-02-03 12:28:00 +00:00
Miroslav Stampar
a136915ab6 bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned) 2011-01-05 14:36:41 +00:00
Bernardo Damele
0d559d14df Initial support for SQLite (90% approx).
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Bernardo Damele
af1d9f129c Recompiled and tested PostgreSQL shared object (Linux) optimized for size (gcc flag -Os). 2010-02-20 19:10:55 +00:00
Bernardo Damele
6267e74bfb Added newly compiled PostgreSQL UDFs for Linux 2010-02-19 23:29:27 +00:00
Bernardo Damele
89dc99188d --read-file on PostgreSQL now relies on the new sys_fileread() UDF so that also binary files can be read.
Fixed a minor bug in custom UDF injection feature --udf-inject.
Major code refactoring.
2010-02-11 22:57:50 +00:00
Bernardo Damele
1febdcac9b Added support for takeover functionalities on PgSQL 8.4 running on Linux too.
Recompilation of MySQL shared object with MySQL 5.1 development libraries on Debian 5.3.
Tweaked the UDF compilation/installation files for both MySQL and PgSQL.
2010-01-14 10:50:03 +00:00
Bernardo Damele
89c43893d4 Merged back from personal branch to trunk (svn merge -r846:940 ...)
Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.
2009-09-25 23:03:45 +00:00
Bernardo Damele
8c0ac767f4 Updated to sqlmap 0.7 release candidate 1 2009-04-22 11:48:07 +00:00