396 Commits

Author	SHA1	Message	Date
Miroslav Stampar	8227298057	user friendliness uber 9000	2011-05-27 08:30:52 +00:00
Miroslav Stampar	5369657cd5	fix for cases with retrieved binary files (preventing difflib nagging around comparison)	2011-05-25 20:54:30 +00:00
Miroslav Stampar	31b48ec11c	removing space left	2011-05-23 14:18:33 +00:00
Miroslav Stampar	fb23beef6f	most elegant way i could think of to deal with "collation incompatibilities" issue on some MySQL/UNION cases (affected about 5% of all targets tested)	2011-05-22 19:14:36 +00:00
Miroslav Stampar	4fdb6ac9b9	adding useful info	2011-05-22 15:30:19 +00:00
Miroslav Stampar	48c20a62ac	minor nag fix	2011-05-22 15:08:55 +00:00
Miroslav Stampar	9e5856caf8	improvement for recognition of scalar vs multiple-row commands	2011-05-19 16:45:05 +00:00
Miroslav Stampar	6ba9dea640	just in case for trimmed output	2011-05-16 06:17:37 +00:00
Miroslav Stampar	d2221e4604	fix for a minor "retrieved" cosmetic issue in partial union technique reported by Devon Mitchell (retrieved: "information_schema","COLUMNS</title><...)	2011-05-16 00:23:50 +00:00
Miroslav Stampar	c64eb38a8b	same thing as for the last commit, but for error technique this time	2011-05-12 11:52:18 +00:00
Miroslav Stampar	84a7e5ffb9	"unfix" for r3172 which was causing "AttributeError: 'list' object has no attribute 'isdigit'" because of change of appereance	2011-05-12 11:36:02 +00:00
Bernardo Damele	3a8309c4b0	Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches	2011-05-10 15:34:54 +00:00
Miroslav Stampar	22a1870c2c	adding some constraining to number of used threads on brute force switches together with a warning in case of connection exception(s) with --threads>1	2011-05-10 12:32:07 +00:00
Miroslav Stampar	83fac3f6d9	fix for proper MSSQL error chunking in some cases (not screwing output length toward lower values at chunk phase)	2011-05-03 21:12:51 +00:00
Miroslav Stampar	e6f010734e	minor fix for cases when the retrieved output is safe encoded (like for --os-shell)	2011-05-03 16:14:03 +00:00
Miroslav Stampar	742b0ef76e	major improvement of ERROR data retrieval on MSSQL	2011-05-03 13:25:20 +00:00
Bernardo Damele	9a4ae7d9e2	More code refactoring of Backend class methods used	2011-04-30 14:54:29 +00:00
Bernardo Damele	f56d135438	Minor code restyling	2011-04-30 13:20:05 +00:00
Miroslav Stampar	f88aa4b165	implemented suppressResumeInfo mechanism (huge slowdown on large tables)	2011-04-22 19:58:10 +00:00
Bernardo Damele	fbe5ba5394	cosmetics	2011-04-21 10:54:12 +00:00
Bernardo Damele	8d8fc2bbd8	cosmetics	2011-04-21 10:17:41 +00:00
Miroslav Stampar	e4d3190f41	reverting back to NVARCHAR because of error technique	2011-04-20 12:59:23 +00:00
Miroslav Stampar	3607f03a9e	fix of a minor typo	2011-04-20 12:42:35 +00:00
Miroslav Stampar	1286cc0913	now showing trimmed output in for of warning message (UNION and ERROR techniques affected)	2011-04-20 12:41:58 +00:00
Miroslav Stampar	4fadcf0615	improvement for UNION/ERROR case	2011-04-20 10:17:42 +00:00
Miroslav Stampar	29ee760021	improving time based data retrieval mechanism	2011-04-17 07:24:18 +00:00
Miroslav Stampar	88c76147e1	removed few trailing whitespace lines	2011-04-15 20:52:08 +00:00
Miroslav Stampar	3b6f9945ae	minor fix regarding report from nightman@email.de (...from time to time sqlmap lost the connection...)	2011-04-15 14:15:29 +00:00
Miroslav Stampar	0387654166	update of copyright string (until year)	2011-04-15 12:33:18 +00:00
Miroslav Stampar	bb99bd2fbe	one more commit related to the issue with displaying of garbled characters	2011-04-14 09:43:36 +00:00
Miroslav Stampar	04986be4b9	update regarding safe character output together with a small fix for newlines	2011-04-14 09:31:45 +00:00
Miroslav Stampar	d06ae9cd47	implemented retrieved items info for partial union too	2011-04-13 14:33:15 +00:00
Miroslav Stampar	f5f2201bbc	minor cosmetics for partial inband retrieval	2011-04-13 11:25:42 +00:00
Miroslav Stampar	c193b896be	just in case update to prevent gibberish "retrieved: " outputs	2011-04-12 23:07:50 +00:00
Miroslav Stampar	6012ab1c46	better one for previous commit	2011-04-10 21:52:08 +00:00
Miroslav Stampar	e6c50df4f9	preventing case duplicates for --common-tables (as some DBMSes have case sensitive table names we can't just use them all with the same case)	2011-04-10 21:38:08 +00:00
Miroslav Stampar	277f16d6b3	removing commented out debug print	2011-04-08 22:44:05 +00:00
Miroslav Stampar	6fa2fd139c	implemented support for __pivotDumpTable on MSSQL as normal tables tend to not play well with normal TOP 1 ..NOT IN..ORDER BY mechanism if the argument for ORDER BY is not the unique one (returns only number of rows equal to the number of distinct values for that field)	2011-04-08 15:17:57 +00:00
Miroslav Stampar	228cc68747	fix for those ugly DEBUG messages in brute mode	2011-04-08 11:02:21 +00:00
Bernardo Damele	5b21352656	cosmeticados ;)	2011-04-08 10:39:07 +00:00
Miroslav Stampar	e33a48d40f	minor refactoring	2011-04-07 12:54:30 +00:00
Bernardo Damele	c6b9d89d31	Accept [RANDNUM] as <char> in payloads.xml and handle it accordingly	2011-04-07 11:10:35 +00:00
Bernardo Damele	8b14a9eaa7	Minor code adjustments	2011-04-06 14:40:45 +00:00
Miroslav Stampar	b327bbcd9b	minor fix (it was quite ... to have this check at the later stage)	2011-04-06 08:39:24 +00:00
Miroslav Stampar	557ed7d665	minor fix for a invalid charset reported by Kirill	2011-03-31 14:39:01 +00:00
Bernardo Damele	fed57282fc	Added one more warning message to show what's going on with ctrl+c	2011-03-31 14:26:14 +00:00
Bernardo Damele	3948cd9e77	Minor layout adjustments	2011-03-31 14:13:53 +00:00
Miroslav Stampar	c5de903eab	minor improvement ("quick defense against substr fields")	2011-03-31 09:35:09 +00:00
Miroslav Stampar	ce51326bff	quick fix	2011-03-31 08:43:17 +00:00
Miroslav Stampar	0916117447	improvement of error-based testing (no more sqlmap aborting on error-based payloads which happens very often on MySQL servers); also, minor improvement on brute forcing of column names	2011-03-30 18:32:10 +00:00