sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,450 Commits 4 Branches 117 Tags 97 MiB
827a0aea05
Commit Graph

996 Commits

Author SHA1 Message Date
Miroslav Stampar
4af000e699 minor language update (in testing phase "used" is more preferable than "provided") 2010-11-23 15:11:15 +00:00
Miroslav Stampar
b41ee8d0d0 minor refactoring 2010-11-23 14:57:36 +00:00
Miroslav Stampar
aa5d038f18 more code refactoring 2010-11-23 14:50:47 +00:00
Miroslav Stampar
3cae76627c code refactoring regarding dictionary attack 2010-11-23 13:58:01 +00:00
Miroslav Stampar
ba4ea32603 first working version of dictionary attack 2010-11-23 13:24:02 +00:00
Miroslav Stampar
c471b815cc fix for a bug reported by BugTrace (IndexError: list index out of range) 2010-11-22 10:58:08 +00:00
Miroslav Stampar
bfc9378542 sorry, even more proper naming should be like this (passwd is a standard naming for this kind of function(s)) 2010-11-20 13:22:59 +00:00
Miroslav Stampar
db59faedb9 more proper naming 2010-11-20 13:20:28 +00:00
Miroslav Stampar
1f8a9fe033 foundations for dictionary attack support combined with the sqlmap's password/hash retrieval functionality (--password switch) 2010-11-20 13:14:13 +00:00
Miroslav Stampar
71107e4e9e quick fix for google searches 2010-11-19 21:38:20 +00:00
Bernardo Damele
99a23e23cf Extra check on --union-cols value 2010-11-19 16:39:26 +00:00
Bernardo Damele
c23126547e Improved --union-cols to accept a range to test for union SQL injection. By default it is 1-20. 2010-11-19 15:48:24 +00:00
Bernardo Damele
ad17e9ed2a Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any) 2010-11-19 14:56:20 +00:00
Miroslav Stampar
df88280681 minor update of google regex (that * was a junky one) 2010-11-19 10:04:29 +00:00
Miroslav Stampar
e8bef28337 updating google parsing regex (for the better, of course) 2010-11-19 10:00:29 +00:00
Miroslav Stampar
d97e97d884 minor update :) 2010-11-19 09:02:44 +00:00
Bernardo Damele
4a9bd3a240 Finally a proper union query SQL injection test engine for --union-test. It does much more requests, but for god sake now it works well! 2010-11-18 17:55:43 +00:00
Bernardo Damele
544327379f Little precaution 2010-11-18 14:32:52 +00:00
Bernardo Damele
f6a17cb1a8 Revert wrong fix 2010-11-18 10:41:06 +00:00
Bernardo Damele
17486e472a Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! 2010-11-17 22:00:09 +00:00
Miroslav Stampar
ca5125bbe0 minor update related to r2401 2010-11-17 20:50:31 +00:00
Bernardo Damele
360aff7a4d sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle 2010-11-17 17:20:32 +00:00
Miroslav Stampar
a0df36beda when in multi target mode this should be done (another bug was reported by ToR for using "old" data - kb was not properly cleared) 2010-11-17 15:33:07 +00:00
Miroslav Stampar
17f0609263 minor bug fix 2010-11-17 13:29:57 +00:00
Miroslav Stampar
3d25071d06 another minor improvement regarding logging of http traffic 2010-11-17 12:16:48 +00:00
Miroslav Stampar
3e569a1693 minor update 2010-11-17 12:04:33 +00:00
Miroslav Stampar
2802923dbe some improvements regarding --os-shell web server application choice 2010-11-17 11:45:52 +00:00
Miroslav Stampar
5abbea4a9f fix for a bug reported by nightman (unknown charset 'null') 2010-11-17 09:57:32 +00:00
Miroslav Stampar
d757e4ae1c bug fix (when user manually sets web root, that same directory should be used as one of potentionaly default dirs) 2010-11-17 09:46:04 +00:00
Miroslav Stampar
bec152609a minor cosmetics and bug fix for Windows machines ('\\' is interpreted as \ and inside the script it can screw things up as it's a marker for a special character - thus '\\\\' is interpreted as \\ which represents special character \) 2010-11-17 09:33:05 +00:00
Miroslav Stampar
76c3f5768b cosmetics 2010-11-17 09:12:48 +00:00
Miroslav Stampar
2a8e270bef proper handling of carriage return character from Windows target machines 2010-11-16 15:11:03 +00:00
Miroslav Stampar
ab33651f96 minor bug fix for displaying text from windows machines (\r was interfering with normal dataToStdout behavior) 2010-11-16 15:02:22 +00:00
Miroslav Stampar
3487429eac minor cosmetics 2010-11-16 14:41:46 +00:00
Miroslav Stampar
3640dbf745 fix for --parse-errors (on IIS HTTP error is raised which need to be processed) 2010-11-16 14:33:30 +00:00
Miroslav Stampar
cccb565859 cosmetics 2010-11-16 14:11:32 +00:00
Miroslav Stampar
b9d9f18939 added General cmdline group 2010-11-16 14:09:09 +00:00
Miroslav Stampar
e7a66371f8 update regarding os shell-ing regarding JSP and ASPX 2010-11-16 13:46:46 +00:00
Miroslav Stampar
6232397129 minor update 2010-11-16 10:52:49 +00:00
Miroslav Stampar
6ef3846400 update regarding error parsing (and reporting) 2010-11-16 10:42:42 +00:00
Bernardo Damele
71cb982039 Another bug fix to --union-test 2010-11-15 21:42:56 +00:00
Miroslav Stampar
b3ad63b71e major bug fix (haven't applied dynamic content removal to the original comparison (conf.seqMatcher.a) page) 2010-11-15 14:59:37 +00:00
Miroslav Stampar
ff310475c8 some reporting update for --forms 2010-11-15 14:17:51 +00:00
Miroslav Stampar
20d6b9a5c1 minor fix 2010-11-15 12:24:32 +00:00
Miroslav Stampar
39c6c9f386 minor update 2010-11-15 12:19:22 +00:00
Miroslav Stampar
819085155e minor update/fix 2010-11-15 12:07:13 +00:00
Miroslav Stampar
c25c017c08 cosmetics regarding --forms 2010-11-15 11:50:33 +00:00
Miroslav Stampar
36c544f440 update (--forms acts now more like -g switch) 2010-11-15 11:34:57 +00:00
Bernardo Damele
5f46a549ba Cosmetics for --forms 2010-11-14 21:59:35 +00:00
Bernardo Damele
0bfc1b411a Another bug fix for --union-test 2010-11-14 15:39:57 +00:00
Miroslav Stampar
a0fb96816f fix for a bug reported by ToR (value += actVer) 2010-11-14 08:31:29 +00:00
Bernardo Damele
8d07272c82 Added --union-cols switch to specify the max number of columns to test for UNION query sql injection. 
Now stores/resumes also the exact UNION payload to session file.
 2010-11-13 23:24:41 +00:00
Bernardo Damele
df5dc10111 Major enhancement to --union-test check 2010-11-13 22:47:37 +00:00
Miroslav Stampar
84849316b3 improvement of heuristic check (now original value is included too) 2010-11-12 23:06:01 +00:00
Miroslav Stampar
06a872fc99 update/fix for an issue reported by nightman (IncompleteRead: IncompleteRead(1284 bytes read)) 2010-11-12 22:57:33 +00:00
Miroslav Stampar
27735b14df update (--string and --regex should be done regardless of wasLastRequestError) 2010-11-12 22:44:15 +00:00
Miroslav Stampar
0d66f101da fix for a bug reported by Bugtrace (--string "pengcheng_cui" and "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource" on False pages) 2010-11-12 22:29:33 +00:00
Bernardo Damele
a777d59870 Minor bug fix 2010-11-12 15:17:12 +00:00
Bernardo Damele
0a83a830d9 Properly handle both HTTPS and HTTP requests through proxy 2010-11-12 14:21:46 +00:00
Bernardo Damele
e1ef27f592 work-around to be able to pass in the -r request file the Host header, the ending string ":443" and so sqlmap will go over https 2010-11-12 12:25:02 +00:00
Bernardo Damele
9f53048ff4 Put a space always between the user's provided prefix and sqlmap payload 2010-11-12 11:48:26 +00:00
Miroslav Stampar
697b32554c fix for a bug "ordinal not in range(128)" reported by bugtrace 2010-11-12 11:48:25 +00:00
Bernardo Damele
f83dd2251b Properly save error-based enumerated data in session file, able to be resumed like with other techniques 2010-11-12 11:40:37 +00:00
Bernardo Damele
a34c1b287c Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL) 2010-11-12 11:33:11 +00:00
Bernardo Damele
8cec75656c Bug fix to properly save the match ratio only if numeric (to avoid also tracebacks when match is based on --string or --regexp) 2010-11-12 10:31:42 +00:00
Bernardo Damele
a14e4d9668 Referer does not have to be static, it's already a switch (--referer) so that user can specify it manually. 2010-11-12 10:16:39 +00:00
Bernardo Damele
66c82d72e4 Typo fix 2010-11-12 10:02:02 +00:00
Miroslav Stampar
42272ca78c minor update 2010-11-11 22:26:36 +00:00
Miroslav Stampar
8aefd0bbf7 improvement of --common-tables and --common-columns 2010-11-11 20:37:25 +00:00
Miroslav Stampar
2d872f850a quick fix 2010-11-11 19:54:54 +00:00
Miroslav Stampar
24238ccd0b re-renaming of brute force switches. this way is better. 2010-11-11 07:57:44 +00:00
Miroslav Stampar
96d88877ba bug fix (reported by ToR) 2010-11-10 19:44:51 +00:00
Miroslav Stampar
19c1bfa368 just a precaution (now i really need to go for a sleep) 2010-11-09 23:38:29 +00:00
Miroslav Stampar
88c00e61d3 another update 2010-11-09 23:35:37 +00:00
Miroslav Stampar
47720a43dd minor fix (while we've calculated conf.matchRation for stable pages, we've put a constant value (0.900) for dynamic ones - so putting (ratio - conf.matchRatio) > DIFF_TOLERANCE for dynamic pages too would just effectively increase it's value to 0.900 + DIFF_TOLERANCE (in our case to 0.950) which is too narrow space for True result) 2010-11-09 23:21:21 +00:00
Miroslav Stampar
5ebd5d935c another name change 2010-11-09 22:49:31 +00:00
Miroslav Stampar
06f00cf8c1 name change 2010-11-09 22:48:22 +00:00
Miroslav Stampar
6807fb04cc minor update 2010-11-09 22:44:23 +00:00
Miroslav Stampar
fef60d5cb7 some fixes :) 2010-11-09 22:32:05 +00:00
Bernardo Damele
1cc99e2247 Possible quick fix for missing of True/False comparison of stable-but-not-really pages 2010-11-09 21:39:58 +00:00
Bernardo Damele
2205099a5e Python stylish 2010-11-09 21:39:05 +00:00
Miroslav Stampar
cee888b613 tuning detection engine (None results from queryPage/comparison should not be treated as False in checkSqlInjection routine - None is returned when error is detected) 2010-11-09 19:14:55 +00:00
Miroslav Stampar
726825ca70 minor update 2010-11-09 16:59:36 +00:00
Miroslav Stampar
b43334165d update regarding brute forcing 2010-11-09 16:53:33 +00:00
Miroslav Stampar
a7fa8d4975 update regarding brute force retrieval of table names and table column names 2010-11-09 16:15:55 +00:00
Miroslav Stampar
7752b5efe9 minor update 2010-11-09 09:51:54 +00:00
Miroslav Stampar
4be0631161 refactoring of brute force techniques 2010-11-09 09:42:43 +00:00
Miroslav Stampar
221f976fbd minor update 2010-11-09 01:23:54 +00:00
Bernardo Damele
45ec8c169a Consistency between --*-test switches/output 2010-11-08 16:46:25 +00:00
Miroslav Stampar
fda8752dca revert of some HTTP headers handling 2010-11-08 13:26:45 +00:00
Bernardo Damele
78d7b17483 More replacements for refactoring. 
Minor layout adjustments.
Alignment of conffile/optiondict/cmdline parameters.
 2010-11-08 12:36:48 +00:00
Miroslav Stampar
eb999de0f1 added Range handler (dealing with 206 HTTP messages) 2010-11-08 12:26:13 +00:00
Miroslav Stampar
875781bf97 another minor fix 2010-11-08 11:55:56 +00:00
Miroslav Stampar
4a4a3051e5 fix 2010-11-08 11:39:07 +00:00
Miroslav Stampar
a3de10e3a2 new option -t 2010-11-08 11:22:47 +00:00
Miroslav Stampar
4e6d1b5118 added "Detection" part in help listing 2010-11-08 10:11:43 +00:00
Miroslav Stampar
0d0e2a2228 minor update 2010-11-08 09:49:57 +00:00
Miroslav Stampar
d551423379 further enum refactoring 2010-11-08 09:44:32 +00:00
Miroslav Stampar
862395ced1 further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Miroslav Stampar
8e44aa605a refactoring regarding injection place (more left) 2010-11-08 08:02:36 +00:00