Miroslav Stampar
|
a3de10e3a2
|
new option -t
|
2010-11-08 11:22:47 +00:00 |
|
Miroslav Stampar
|
4e6d1b5118
|
added "Detection" part in help listing
|
2010-11-08 10:11:43 +00:00 |
|
Bernardo Damele
|
b6da946883
|
Added one new verbose level, -v 3 now shows the full injected payload.
Fixed also -d verbose output.
|
2010-11-07 22:34:29 +00:00 |
|
Miroslav Stampar
|
00dfd55830
|
added powerful switch --longest-common for dealing with heavy dynamicity
|
2010-11-07 08:52:09 +00:00 |
|
Bernardo Damele
|
debaf2215f
|
Consistency between cmdline.py, optiondict.py and sqlmap.conf and got rid of --union-use switch
|
2010-10-25 15:54:45 +00:00 |
|
Miroslav Stampar
|
378653a1ec
|
added IDS payload testing
|
2010-10-25 15:37:43 +00:00 |
|
Bernardo Damele
|
bdb9c37a7e
|
Cosmetics
|
2010-10-25 15:17:59 +00:00 |
|
Miroslav Stampar
|
aa931efd4d
|
several MySQL fixes/enhancements pointed out by Anton Mogilin
|
2010-10-24 22:05:14 +00:00 |
|
Miroslav Stampar
|
52f910f752
|
added --beep (tested on Windows and Linux; for now turned off) switch
|
2010-10-23 09:38:46 +00:00 |
|
Miroslav Stampar
|
f1e2c1867f
|
Cosmetics
|
2010-10-22 21:13:12 +00:00 |
|
Miroslav Stampar
|
415524bd5a
|
remove --error, now it's only --error-test (it needs to return True to be able to use it)
|
2010-10-19 18:34:14 +00:00 |
|
Miroslav Stampar
|
4009ef385e
|
more update regarding error based injection support
|
2010-10-19 18:17:34 +00:00 |
|
Miroslav Stampar
|
4bc541ec3c
|
error based update
|
2010-10-19 14:47:13 +00:00 |
|
Bernardo Damele
|
cd0fe8dde0
|
Updated sample configuration file and cmdline help
|
2010-10-17 00:07:53 +00:00 |
|
Bernardo Damele
|
64b9f94fcf
|
Renamed --common-prediction switch to --predict-output
|
2010-10-16 23:50:13 +00:00 |
|
Bernardo Damele
|
6211915da5
|
Cosmetic fix
|
2010-10-16 22:31:16 +00:00 |
|
Bernardo Damele
|
2129935e06
|
Split character for tamper scripts (--tamper option) is now comma, not semi-colon.
Minor enhancement
|
2010-10-16 21:52:16 +00:00 |
|
Miroslav Stampar
|
1336b97c2c
|
removed --useBetween switch and added new tampering module ./tamper/between.py
|
2010-10-15 23:48:07 +00:00 |
|
Miroslav Stampar
|
1ae4d0fc2a
|
added optimization group
|
2010-10-15 23:26:48 +00:00 |
|
Miroslav Stampar
|
c9f0c75030
|
removed --space (usage of tampering modules is now a prefered way to do it)
|
2010-10-15 12:52:33 +00:00 |
|
Bernardo Damele
|
c5e385f77a
|
More layout adjustments
|
2010-10-15 10:28:34 +00:00 |
|
Miroslav Stampar
|
4f7f20b94f
|
sorry, cosmetics
|
2010-10-14 23:18:29 +00:00 |
|
Miroslav Stampar
|
8b48833136
|
large commit with copyright header modifications
|
2010-10-14 14:41:14 +00:00 |
|
Miroslav Stampar
|
43a3ac2c3a
|
some bug fixes
|
2010-10-13 20:54:18 +00:00 |
|
Miroslav Stampar
|
34580f56fc
|
added --tamper option
|
2010-10-12 22:45:25 +00:00 |
|
Miroslav Stampar
|
d2ec132469
|
added --text-only switch
|
2010-10-12 19:41:29 +00:00 |
|
Miroslav Stampar
|
8fcad29bbf
|
new feature --forms (still unfinished)
|
2010-10-10 18:56:43 +00:00 |
|
Miroslav Stampar
|
cf8e92699c
|
changes regarding EXISTS feature
|
2010-09-30 12:35:45 +00:00 |
|
Miroslav Stampar
|
1da672e3c5
|
added default="False" to "store_true" parameters as it's a prefered way by http://docs.python.org/library/optparse.html
|
2010-09-27 13:23:29 +00:00 |
|
Miroslav Stampar
|
2e5f269650
|
update regarding --space option
|
2010-09-24 22:35:32 +00:00 |
|
Miroslav Stampar
|
9cd5d3bde7
|
added new option --space
|
2010-09-24 21:59:03 +00:00 |
|
Miroslav Stampar
|
abe1289016
|
minor update
|
2010-09-24 13:20:51 +00:00 |
|
Miroslav Stampar
|
48e0261e68
|
update for Feature #61
|
2010-09-24 13:19:35 +00:00 |
|
Miroslav Stampar
|
4fd7db52dd
|
minor update
|
2010-09-16 10:23:51 +00:00 |
|
Miroslav Stampar
|
6259114c02
|
added optimization switch (-o)
|
2010-09-16 10:12:53 +00:00 |
|
Miroslav Stampar
|
bfffd5e333
|
added --null-connection as an experimental option
|
2010-09-16 10:01:33 +00:00 |
|
Miroslav Stampar
|
9a72a25704
|
again minor update
|
2010-09-15 13:59:55 +00:00 |
|
Miroslav Stampar
|
798ab4989b
|
fix for a Bug #200
|
2010-09-14 10:35:01 +00:00 |
|
Miroslav Stampar
|
8aa12db425
|
added option --proxy-cred for setting proxy credentials (Feature #195)
|
2010-08-18 22:45:00 +00:00 |
|
Miroslav Stampar
|
057ec8a6b2
|
added --ratio option for direct manipulation of conf.matchRatio parameter
|
2010-08-10 19:53:29 +00:00 |
|
Miroslav Stampar
|
092829c189
|
implemented basic smoke testing mechanism
|
2010-07-30 12:49:25 +00:00 |
|
Bernardo Damele
|
d40a238335
|
Make --keep-alive public
|
2010-06-30 11:29:35 +00:00 |
|
Miroslav Stampar
|
eb94edc48c
|
added keepalive module
|
2010-06-01 12:21:10 +00:00 |
|
Bernardo Damele
|
06af405efd
|
Adapted and merged in patch to support XML output (-x switch) - still in beta.
Minor bug fixes and adjustments.
|
2010-05-28 16:43:04 +00:00 |
|
Miroslav Stampar
|
37b8d0c480
|
utf8 decoding of program arguments
|
2010-05-28 11:48:44 +00:00 |
|
Miroslav Stampar
|
68e13c3872
|
periodical commit
|
2010-05-21 09:35:36 +00:00 |
|
Miroslav Stampar
|
893bc04fe4
|
changes regarding Feature #157 (Evaluate BETWEEN for inference algorithm)
|
2010-05-12 11:30:32 +00:00 |
|
Bernardo Damele
|
65a05452f7
|
Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See #190:
* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C
|
2010-05-07 13:40:57 +00:00 |
|
Miroslav Stampar
|
1aeaa5db47
|
implementation of Feature #176 (Safe URL: avoid being kicked out after N unsuccessful requests)
|
2010-04-16 12:44:47 +00:00 |
|
Bernardo Damele
|
1416cd0d86
|
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
|
2010-03-26 23:23:25 +00:00 |
|