Commit Graph

430 Commits

Author SHA1 Message Date
Bernardo Damele
727664aea7 Minor enhancement to fingerprint the web server operating system and
the web application technology by parsing also HTTP response Server
header.
Refactor libraries and plugins that parses XML to fingerprint and show
on standard output the information.
Updated changelog.
2008-11-18 17:42:46 +00:00
Bernardo Damele
654aecedfe Minor layout adjustments, minor fixes and updated changelog 2008-11-17 00:00:54 +00:00
Bernardo Damele
fa0507ab39 Minor enhancement to fingerprint the back-end DBMS operating system (type,
version, release, distribution, codename and service pack) by parsing the
DBMS banner value when both -f and -b are provided: adapted the code and
added XML files defining regular expressions for matching.

Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu:
--8<--
back-end DBMS:	active fingerprint: MySQL >= 5.0.38 and < 5.1.2
                comment injection fingerprint: MySQL 5.0.67
                banner parsing fingerprint: MySQL 5.0.67
                html error message fingerprint: MySQL
back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid)
--8<--
2008-11-15 23:41:31 +00:00
Bernardo Damele
84cbc60659 Major bug fix to correctly handle httplib.BadStatusLine exception.
Minor improvement to set by default in all HTTP requests the standard HTTP headers (Accept, Accept-Encoding, etc.)
Updated user's manual.
2008-11-15 12:25:19 +00:00
Bernardo Damele
0bd5b52d95 Minor fixes 2008-11-13 00:03:04 +00:00
Bernardo Damele
ecc4a98071 Properly moved and improved inject.goStacked() function and newly
implemented Time based blind SQL injection now is a single test file
within the lib/techniques/ folder.
Renamed lib/techniques/inference to lib/techniques/blind, it is more
approriate and adapted the rest of the libraries.
Updated ChangeLog file.
2008-11-12 23:44:09 +00:00
Bernardo Damele
0c5d3df546 sqlmap 0.6.3-rc1:
* Minor enhancement to be able to specify the number of seconds to wait between each HTTP request.
* Minor bug fix to handle session.error and session.timeout in HTTP requests.
* Updated documentation.
2008-11-09 16:57:47 +00:00
Bernardo Damele
544ced52b5 Name adjustment 2008-11-04 19:56:07 +00:00
Bernardo Damele
2a01de3f0b Minor bug fix to correctly dump table entries when the column is provided 2008-11-04 19:54:44 +00:00
Bernardo Damele
be599d5a33 Updated documentation and minor fix in update functionality 2008-11-04 16:33:13 +00:00
Bernardo Damele
359b28bbaf Updated documentation 2008-11-04 16:09:12 +00:00
Bernardo Damele
278f0aad7c Documentation updated 2008-11-03 01:23:55 +00:00
Bernardo Damele
95d2a0fcd1 Updated documentation 2008-11-02 22:25:48 +00:00
Bernardo Damele
04474e3232 Updated ChangeLog 2008-11-02 22:20:02 +00:00
Bernardo Damele
de980ae79f Updated site and doc to 0.6.2 2008-11-02 20:23:06 +00:00
Bernardo Damele
3d81f60962 Updated documentation 2008-11-02 19:29:50 +00:00
Bernardo Damele
09ca578ca1 Major bug fix so that the users' privileges enumeration now works properly also on both MySQL < 5.0 and MySQL >= 5.0 also if the user has provided one or more users with -U option; 2008-11-02 18:17:12 +00:00
Bernardo Damele
7ad9639ed0 Updated the database management system fingerprint checks to correctly identify MySQL 5.1.x, MySQL 6.0.x and PostgreSQL 8.3 2008-10-29 15:32:12 +00:00
Bernardo Damele
a19229cbd8 Updated documentation 2008-10-29 11:42:04 +00:00
Bernardo Damele
5e47518983 Minor layout fix 2008-10-28 00:09:03 +00:00
Bernardo Damele
4eef34c532 Updated documentation 2008-10-28 00:08:00 +00:00
Bernardo Damele
5d5bfaf3db Updated changelog 2008-10-26 20:07:22 +00:00
Bernardo Damele
56383cfaad Updated documentation and removed svn:keyword 2008-10-26 19:12:17 +00:00
Bernardo Damele
fcc16b2346 Updated site, documentation (dev and user) and packaging scripts for 0.6.1 2008-10-20 13:43:18 +00:00
Bernardo Damele
fe6e29fbf6 Minor updates to the user's manual, need still to write on new enhancements 2008-10-17 15:50:36 +00:00
Bernardo Damele
016118ce7a Some more fixes and adjustments before 0.6.1 release. 2008-10-17 15:26:43 +00:00
Bernardo Damele
66136b48c0 Minor fixes.. should work also for Cookie now the % parsing 2008-10-17 11:51:12 +00:00
Bernardo Damele
41f8acf0fd Updated documentation 2008-10-16 15:41:26 +00:00
Bernardo Damele
e5aa557bd4 Minor fix 2008-10-16 15:39:25 +00:00
Bernardo Damele
8e3eb45510 After the storm, a restore.. 2008-10-15 15:38:22 +00:00