Bernardo Damele
2aadc5c939
Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket #180 .
...
Minor enhancement to Firebird to determine if a DB user is a DBA.
Minor code refactoring.
2010-03-25 15:46:06 +00:00
Bernardo Damele
a63e251b25
Ahead with code refactoring, related to r1502.
...
Fixed svn:keywords propset to all .py files.
2010-03-23 21:26:45 +00:00
Bernardo Damele
09768a7b62
Major code refactoring: moved and split plugins (mysql, pgsql, mssql, oracle) more granularly and organized.
...
Todo for firebird, sqlite, access.
2010-03-22 22:57:57 +00:00
Bernardo Damele
0d559d14df
Initial support for SQLite (90% approx).
...
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Miroslav Stampar
5f76d27779
minor typo correction
2010-03-13 10:44:24 +00:00
Bernardo Damele
7d8cc1a482
Get rid of Churrasco (Token kidnapping technique to --priv-esc). Reasons why:
...
1. there's kitrap0d (MS10-015) which is far more reliable, just recently fixed
2. works only to priv esc basically on MSSQL when it runs as NETWORK SERVICE and the machine is not patched against MS09-012 which is "rare" (hopefully) nowadays.
Now sqlmap relies on kitrap0d and incognito to privilege escalate the database process' user privileges to SYSTEM, both via Meterpreter.
Minor layout adjustments.
2010-03-12 22:43:35 +00:00
Miroslav Stampar
0a2fe651ab
some fixes regarding registry reading
2010-03-12 22:09:58 +00:00
Bernardo Damele
18d1d09f1c
Minor bug fix
2010-03-12 13:34:46 +00:00
Bernardo Damele
cc611c0010
Minor layout adjustments
2010-03-09 22:14:26 +00:00
Bernardo Damele
5bd8504f21
Newline adjustment
2010-03-04 14:23:52 +00:00
Miroslav Stampar
58d54b6515
added new option --flush-session
2010-03-04 13:01:18 +00:00
Miroslav Stampar
8663b5b68b
minor fixes
2010-03-04 09:16:45 +00:00
Miroslav Stampar
b544405878
fixed some issue involving banner parsing
2010-03-04 09:15:26 +00:00
Bernardo Damele
156fdd96ef
Updated copyright
2010-03-03 15:26:27 +00:00
Miroslav Stampar
aa62465aad
minor update, also for that banner error
2010-03-01 10:49:07 +00:00
Bernardo Damele
694356821d
sqlmap does not save nor leave back in temporary folder any file named 'sqlmapRANDOM', only random names now, less suspicious
2010-02-26 13:13:50 +00:00
Bernardo Damele
42f53f380f
Now can work 'cause isWindowsPath has been fixed, normalizePath called after ntToPosixSlashes
2010-02-26 12:40:23 +00:00
Bernardo Damele
8c68d25b39
Major bug fix, be careful when editing isWindowsPath() and normalizePath() in common.py, they can break all
2010-02-26 12:00:47 +00:00
Bernardo Damele
66c9885b96
Minor path fix
2010-02-26 11:34:48 +00:00
Miroslav Stampar
38a37b89f6
fix for those slashes
2010-02-26 11:07:23 +00:00
Bernardo Damele
89dc99188d
--read-file on PostgreSQL now relies on the new sys_fileread() UDF so that also binary files can be read.
...
Fixed a minor bug in custom UDF injection feature --udf-inject.
Major code refactoring.
2010-02-11 22:57:50 +00:00
Bernardo Damele
f728208ff7
Minor cosmetic fix
2010-02-10 15:51:52 +00:00
Bernardo Damele
5c92fad5dc
Avoid to check for existence of not needed UDFs and minor code adjustment for cleanup() method
2010-02-05 23:14:16 +00:00
Miroslav Stampar
d291464cd4
code refactoring regarding path normalization
2010-02-04 14:50:54 +00:00
Miroslav Stampar
ec63fc4036
code refactoring - added functions posixToNtSlashes and ntToPosixSlashes
2010-02-04 14:37:00 +00:00
Bernardo Damele
950dba5139
Minor bug fix for --start and --stop
2010-02-02 14:17:39 +00:00
Bernardo Damele
7faefcca88
Minor logging messages adjustments
2010-01-29 23:19:52 +00:00
Bernardo Damele
200518724c
By default do not use Churrasco, but still let the user choose it.
...
The default technique to privilege escalate the OS user to SYSTEM when --priv-esc is provided now it 'run kitrap0d'.
2010-01-29 02:27:50 +00:00
Bernardo Damele
144dc1b8c4
Show proper warning message when --priv-esc is provided and underlying OS is not Windows
2010-01-28 17:22:17 +00:00
Miroslav Stampar
732ed48e2b
some refactoring regarding decloaking
2010-01-28 16:50:34 +00:00
Miroslav Stampar
921e449454
added support for cloaking Churrasco.exe file
2010-01-28 00:07:33 +00:00
Bernardo Damele
6437c16156
run kitrap0d script along with listing Windows Impersonation Tokens via meterpreter's incognito extension when --priv-esc is provided (see #149 ).
2010-01-26 01:14:44 +00:00
Bernardo Damele
6d697d60b2
Minor adjustment
2010-01-15 18:00:15 +00:00
Bernardo Damele
1d968f51e9
More code refactoring
2010-01-14 15:11:32 +00:00
Bernardo Damele
c9863bc1d2
Minor code refactoring
2010-01-14 14:33:08 +00:00
Bernardo Damele
070ccc30e9
Added automatic support in --os-pwn to use the web uploader/backdoor to upload and execute the Metasploit payload stager when stacked queries SQL injection is not supported, for instance on MySQL/PHP and MySQL/ASP.
...
Updated ChangeLog.
Major code refactoring.
2010-01-14 14:03:16 +00:00
Bernardo Damele
746cbdba96
Added support for takeover functionalities on PgSQL 8.4 running on Windows
2010-01-14 01:40:11 +00:00
Bernardo Damele
b4ddfe8333
Minor bug fixed (variable undeclared)
2010-01-13 21:26:59 +00:00
Bernardo Damele
4a72ad113a
Enhancements to PostgreSQL active fingerprint, now it covers also PostgreSQL 8.4 and minor speedups.
2010-01-12 11:44:47 +00:00
Bernardo Damele
c7e1649655
Minor speedup
2010-01-12 11:43:32 +00:00
Bernardo Damele
3a9f685e18
Enhancements to MySQL active fingerprint and comment injection fingerprint, now it covers also MySQL 5.5.x and improved on MySQL 5.1.x.
2010-01-12 11:21:28 +00:00
Bernardo Damele
4512ef56d1
Minor bug fixes
2010-01-11 13:06:16 +00:00
Bernardo Damele
80bd146696
Added support for --dump with -C also on MSSQL
2010-01-10 19:12:54 +00:00
Bernardo Damele
e5dc3f51c8
Display a better message for the moment while working on support for --dump -C on MSSQL
2010-01-10 00:30:45 +00:00
Bernardo Damele
6c1b31d93c
Adjusted --columns with -C also for Microsoft SQL Server
2010-01-10 00:21:03 +00:00
Bernardo Damele
ef1180c3c2
Ask also which table(s) to enumerate from when --dump and -C are provided (but not -T) and minor layout adjustment
2010-01-09 21:39:10 +00:00
Bernardo Damele
f316e722c1
sqlmap 0.8-rc4: --dump option now can also accept only -C: user can provide a string column and sqlmap will enumerate all databases, tables and columns that contain the 'provided_string' or '%provided_string%' then ask the user to dump the entries of only those columns.
...
--columns now accepts also -C option: user can provide a string column and sqlmap will enumerate all columns of a specific table like '%provided_string%'.
Minor enhancements.
Minor bug fixes.
2010-01-09 00:05:00 +00:00
Bernardo Damele
80df1fdcf9
Minor bug fix with --sql-query/shell when providing a statement with DISTINCT
2010-01-05 16:15:31 +00:00
Bernardo Damele
bb61010a45
Avoid useless checks for --os-bof (no need to check for DBA or for xp_cmdshell). Minor code restyling.
2010-01-04 15:02:56 +00:00
Bernardo Damele
2eb24c6368
Avoid useless queries
2010-01-04 12:35:53 +00:00