Commit Graph

5183 Commits

Author SHA1 Message Date
Bernardo Damele
91c00939f7 added one more test case 2013-01-22 18:28:59 +00:00
Bernardo Damele
dea15b5892 notify user if --udf-inject is provided but no stacked queries SQLi is detected 2013-01-22 18:28:48 +00:00
Miroslav Stampar
d6a361f859 Proper implementation for --technique=Q --dbms=Firebird 2013-01-22 16:31:26 +01:00
Miroslav Stampar
719c7f622b Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions) 2013-01-22 15:51:06 +01:00
Miroslav Stampar
2ec828f1cb Fix for an Issue #367 2013-01-22 14:27:17 +01:00
Miroslav Stampar
5ea45af1c4 Warming up for Issue #366 and #367 2013-01-22 14:14:20 +01:00
Miroslav Stampar
09c02c6c72 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-22 14:08:31 +01:00
Miroslav Stampar
15b0ab1b44 Fix for a 'no parameter found' problem when user says N on 'custom injection mark found in POST...' 2013-01-22 14:08:19 +01:00
Bernardo Damele
4f081a6a9b typo fixes 2013-01-22 13:00:15 +00:00
Bernardo Damele
afa9046e74 added Firebird custom enumeration test cases and stricten a few cases to make sure query length calculation function works properly with multi-threading/boolean technique 2013-01-22 12:34:11 +00:00
Bernardo Damele
061aef57ba missing import 2013-01-22 11:25:01 +00:00
Bernardo Damele
29a65b5cdc added Firebird search test cases 2013-01-22 11:23:48 +00:00
Miroslav Stampar
59b02539ca More general approach regarding that last commit 2013-01-22 11:34:34 +01:00
Miroslav Stampar
01f1488f07 Minor patch (annoying trailing spaces for some DBMSes --technique=B --sql-query) 2013-01-22 11:29:51 +01:00
Miroslav Stampar
b8318efecc Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-22 11:29:15 +01:00
Bernardo Damele
bd7fd862b0 forgot import 2013-01-22 10:16:18 +00:00
Bernardo Damele
edb977a74e bug fix so that if search fails with union/error and blind techniques are available, it falls back to them (like any other enumeration switch) and minor bug fix so that in search mode, the provided table name to search is upped 2013-01-22 10:14:35 +00:00
Bernardo Damele
11413a0f03 added Firebird search test cases 2013-01-22 10:04:17 +00:00
Bernardo Damele
e23340f002 added support for search for tables on Firebird (issue #365) 2013-01-22 09:53:05 +00:00
Bernardo Damele
d2ff9bccbb minor adjustment 2013-01-21 21:00:03 +00:00
Bernardo Damele
bc5a7e49e9 done with DB2 test cases (issue #312) 2013-01-21 20:53:11 +00:00
Bernardo Damele
f3cead1729 cosmetics 2013-01-21 20:05:25 +00:00
Bernardo Damele
e9dea8d394 no need to raise an exception if one enumeration fails 2013-01-21 17:11:46 +00:00
Bernardo Damele
e558040810 minor fix to previous commit 2013-01-21 17:10:56 +00:00
Bernardo Damele
d43b04c582 better detection if vulnerable of not for regression test 2013-01-21 17:09:35 +00:00
Bernardo Damele
3cfa6cd191 minor adjustments 2013-01-21 16:41:47 +00:00
Bernardo Damele
d5de5306d6 minor fixes following recent enhancements 2013-01-21 16:38:31 +00:00
Miroslav Stampar
472f5e35c2 Removing that space char 2013-01-21 17:35:23 +01:00
Miroslav Stampar
5d318b4980 Fix for a ISNULL mechanism in Firebird 2013-01-21 17:33:09 +01:00
Miroslav Stampar
f9d330ec98 Fix for that Firebird column data types issue (tec=EU) 2013-01-21 17:20:46 +01:00
Miroslav Stampar
99bc4a9005 Generic approach for dealing with that nasty Firebird habit of appending spaces to (tec=EU) varchar casted values 2013-01-21 17:17:20 +01:00
Miroslav Stampar
b35a0810ef Fix for an Issue #364 2013-01-21 17:01:52 +01:00
Miroslav Stampar
457217f2d3 Fix for an Issue #356 2013-01-21 16:46:48 +01:00
Miroslav Stampar
1e3f68c7ff Rewriting some query crafting parts (especially those .find(' FROM ')) 2013-01-21 16:15:38 +01:00
Miroslav Stampar
832d95984c IFNULL-like mechanism now works on SQLite 2 too 2013-01-21 15:04:27 +01:00
Miroslav Stampar
75bf8528d1 Minor just in case update 2013-01-21 14:50:43 +01:00
Miroslav Stampar
c55a002f95 Language fix 2013-01-21 13:19:08 +01:00
Miroslav Stampar
80255433b0 Trivial style update 2013-01-21 13:18:34 +01:00
Miroslav Stampar
af0db14963 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-21 13:10:36 +01:00
Miroslav Stampar
0e86175342 Adding new common function for further refactoring 2013-01-21 11:50:47 +01:00
Bernardo Damele
e751556e9b Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-21 10:30:54 +00:00
Bernardo Damele
eb68da96d6 stylistic update 2013-01-21 10:30:49 +00:00
Miroslav Stampar
65c55a6a49 Fix for escaping single quote character(s) 2013-01-21 11:21:41 +01:00
Miroslav Stampar
3200134b3b Fix for a regression test #30 test case fail (Firebird inline) 2013-01-21 10:12:54 +01:00
Miroslav Stampar
aebf2c1350 Slightly better payload for Firebird delay-based SQLi (adding sligtly more delay) 2013-01-20 23:10:58 +01:00
Miroslav Stampar
069c6acabd Another update for an Issue #362 2013-01-20 22:47:26 +01:00
Miroslav Stampar
8f955b6364 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-20 22:16:47 +01:00
Miroslav Stampar
a7028af2e9 Patch for an Issue #362 (more work required) 2013-01-20 22:16:34 +01:00
Bernardo Damele
fefad3cba1 stylistic improvements 2013-01-20 17:40:15 +00:00
Miroslav Stampar
b4a55a809e Refactoring DBMS string escaping functions 2013-01-20 13:45:58 +01:00