Miroslav Stampar
fd632e5ada
Update for unhandled exception mechanism (BADA)
2015-01-26 09:09:38 +01:00
Miroslav Stampar
f0eac38ab4
Minor fix
2015-01-26 08:48:37 +01:00
Miroslav Stampar
779db7cbc3
Minor enhancement
2015-01-22 09:17:45 +01:00
Miroslav Stampar
02b3eb941f
Patch for an Issue #1124
2015-01-21 09:26:30 +01:00
Miroslav Stampar
e73ac6c8e3
Minor patch on request of an user
2015-01-17 21:47:57 +01:00
Miroslav Stampar
7bcb3ce599
Patch for an Issue #1099
2015-01-08 09:22:47 +01:00
Miroslav Stampar
45bdefd29b
Update of copyright
2015-01-06 15:02:16 +01:00
Miroslav Stampar
c474c16b4a
Removing ML email address
2015-01-06 12:30:49 +01:00
Miroslav Stampar
2985050fce
Minor patch
2014-12-30 16:07:08 +00:00
Miroslav Stampar
f93bca4564
Patch for an Issue #1058
2014-12-23 08:23:40 +01:00
Miroslav Stampar
fc7dd2a9b9
Patch for an Issue #1056
2014-12-22 06:02:39 +01:00
Miroslav Stampar
4f122ee008
Bug fix regarding a problem reported by user @blink2014
2014-12-20 00:23:31 +01:00
Miroslav Stampar
cf3b02ee04
Proper fix for #1053
2014-12-19 09:26:01 +01:00
Miroslav Stampar
e6de92ce88
Minor patch (unicode related)
2014-12-15 13:36:08 +01:00
Miroslav Stampar
4c6331daa6
Patch for an Issue #1028
2014-12-15 09:30:54 +01:00
Miroslav Stampar
fb645b90f7
Minor update
2014-12-14 00:14:18 +01:00
Miroslav Stampar
84ba5f35ac
Minor update for #1022
2014-12-13 13:41:39 +01:00
Miroslav Stampar
bb4ac41ff7
Patch for an Issue #1016
2014-12-12 04:40:44 +01:00
Miroslav Stampar
785e3d0317
Patch for an Issue #1014
2014-12-11 13:29:42 +01:00
Miroslav Stampar
2bcaae3a0b
Another just in case update for an Issue #1011
2014-12-11 00:14:35 +01:00
Miroslav Stampar
763f720675
Patch for an Issue #1011
2014-12-11 00:11:52 +01:00
Miroslav Stampar
ee20d98bca
Minor fix for --forms
2014-12-10 12:13:37 +01:00
Miroslav Stampar
0d931a7b09
Fix for an Issue #999
2014-12-07 15:55:22 +01:00
Miroslav Stampar
7673f3e045
Minor style update
2014-12-05 11:15:33 +01:00
Miroslav Stampar
a3507d65fd
Minor update
2014-12-04 09:34:37 +01:00
Miroslav Stampar
d3060f20d7
Minor improvement
2014-12-03 13:22:55 +01:00
Miroslav Stampar
aa95a05477
Minor update
2014-12-03 13:14:06 +01:00
Miroslav Stampar
17db587e2c
Adding some friendly warning messages (regarding blocking)
2014-12-03 10:06:21 +01:00
Miroslav Stampar
e4b00bdbcb
Patch for an Issue #983
2014-12-02 10:57:50 +01:00
Miroslav Stampar
56b6bf72f4
Patch for an Issue #978
2014-11-29 23:33:24 +01:00
Miroslav Stampar
605b126758
Patch for an Issue #976
2014-11-26 13:38:21 +01:00
Miroslav Stampar
2f744139fc
Patch for an Issue #968
2014-11-24 10:13:56 +01:00
Miroslav Stampar
2284535267
Update for an Issue #963
2014-11-24 05:44:38 +01:00
Miroslav Stampar
69cdad4148
Patch for an Issue #958
2014-11-23 15:55:12 +01:00
Miroslav Stampar
28d6af6237
Minor update
2014-11-23 15:42:41 +01:00
Miroslav Stampar
f853f8973f
Minor refactorign
2014-11-23 15:41:24 +01:00
Miroslav Stampar
080a873922
Patch for an Issue #964
2014-11-23 15:39:08 +01:00
Miroslav Stampar
d3551631c4
Minor update
2014-11-20 16:10:25 +01:00
Miroslav Stampar
bb56eb583a
Minor update
2014-11-16 13:34:35 +01:00
Miroslav Stampar
671facc6d9
Patch for an Issue #930
2014-11-13 10:28:38 +01:00
Miroslav Stampar
d0afa7f325
Bug fix for not displaying proper version in unhandled exception win cases
2014-11-12 11:53:42 +01:00
Miroslav Stampar
dfa8e0456d
Potential patch for an Issue #914
2014-11-10 14:51:31 +01:00
Miroslav Stampar
06bb957d13
Preventing a run of duplicate issues
2014-11-09 22:07:11 +01:00
Miroslav Stampar
de1cf26fe6
Minor patch
2014-11-09 18:58:25 +01:00
Miroslav Stampar
5e9c73f9c1
Just in case update (for unhandled exceptions happening too soon)
2014-11-08 21:44:46 +01:00
Miroslav Stampar
3b06665c9f
Patch for an Issue #910
2014-11-08 21:22:03 +01:00
Miroslav Stampar
8fdf9ff746
Probable fix for an Issue #908
2014-11-07 15:47:42 +01:00
Miroslav Stampar
97cc679f9c
Fix for an Issue #900
2014-11-04 15:15:58 +01:00
Miroslav Stampar
4d5b48b2ae
Patch for an Issue #896
2014-11-04 00:34:35 +01:00
Miroslav Stampar
9652e41226
Path for an Issue #891
2014-11-02 23:32:19 +01:00
Miroslav Stampar
1ef2c4006d
Patch for an Issue #892
2014-11-02 11:01:46 +01:00
Miroslav Stampar
a4d058d70c
More anonymization of unhanded exception data
2014-11-02 10:55:38 +01:00
Miroslav Stampar
38978c3e54
Fix for an Issue #884
2014-10-31 16:45:26 +01:00
Miroslav Stampar
455ea9922c
Minor update
2014-10-28 15:26:28 +01:00
Miroslav Stampar
258a700b2e
More anonymization of unhandled exception messages
2014-10-28 15:14:41 +01:00
Miroslav Stampar
725c3a6a95
Minor update
2014-10-28 14:08:06 +01:00
Miroslav Stampar
3b3b8d4ef2
Potential bug fix (escaping formatted regular expressions)
2014-10-28 14:02:55 +01:00
Miroslav Stampar
19aed90ae5
Implementation for an Issue #874
2014-10-27 00:37:46 +01:00
Miroslav Stampar
7fc9e82d28
Minor style update
2014-10-23 11:44:38 +02:00
Miroslav Stampar
34aed7cde0
Bug fix (now it's possible to use multiple parsed requests without mixing associated headers)
2014-10-22 13:49:29 +02:00
Miroslav Stampar
70215a95a1
Patch for an Issue #847
2014-10-07 13:02:47 +02:00
Miroslav Stampar
2ab4558859
Potential fix for an Issue #846
2014-10-07 11:49:53 +02:00
Miroslav Stampar
ddfec1c668
Initial patch for an Issue #846
2014-10-07 11:34:47 +02:00
Miroslav Stampar
fdef53aa67
Minor update of unhandled exception message
2014-10-01 14:23:45 +02:00
Miroslav Stampar
8c9014c39f
Adding a dummy (auxiliary) XSS check
2014-10-01 13:31:48 +02:00
Miroslav Stampar
5b0732e9f9
Minor update for Issue #832
2014-09-16 15:17:50 +02:00
Miroslav Stampar
45f5548113
Minor update regarding shell history file
2014-09-16 08:58:25 +02:00
Miroslav Stampar
637d3cbaf7
Fix for cases when parameter name is urlencoded
2014-09-12 13:29:30 +02:00
Miroslav Stampar
112a0cb1ae
Patch for output directory (using unicode for international support)
2014-09-03 21:49:30 +02:00
Miroslav Stampar
e501b2a80b
Minor patch
2014-08-30 20:58:59 +02:00
Miroslav Stampar
03c8e7b7a2
Patch for an Issue #810
2014-08-30 17:13:02 +02:00
Miroslav Stampar
fce671c899
Patch for an Issue #801
2014-08-28 00:00:16 +02:00
Miroslav Stampar
2a268199d4
Patch for an Issue #798
2014-08-26 23:11:44 +02:00
Miroslav Stampar
decd092b2a
Minor patch
2014-08-26 22:40:50 +02:00
Miroslav Stampar
2be0ebd883
Minor fix (e.g. Oracle identifier names can contain character $)
2014-08-26 22:40:15 +02:00
Miroslav Stampar
77513e1de9
Minor style update
2014-08-21 01:19:10 +02:00
Miroslav Stampar
c5b71cff10
Some filtering
2014-08-21 01:12:44 +02:00
Miroslav Stampar
3cfdb5ff0f
Removing / from auto directories (it doesn't make sense to auto-test for uploading to /)
2014-08-21 00:43:37 +02:00
Miroslav Stampar
cd92de1702
Adding colorful banner
2014-08-19 22:19:22 +02:00
Miroslav Stampar
0809a61fc3
Bug fix (whole page output as a result of partial union runs)
2014-08-13 15:18:11 +02:00
Miroslav Stampar
0a74ae736f
Probable fix for an Issue #788
2014-08-13 14:01:57 +02:00
Miroslav Stampar
1eecabaea8
Patch for an Issue #746
2014-07-02 10:11:31 +02:00
Miroslav Stampar
54be398e83
Patch for an Issue #711
2014-06-04 16:35:07 +02:00
Miroslav Stampar
680ab10ca6
Patch for an Issue #703
2014-05-27 21:41:07 +02:00
Miroslav Stampar
24954776a5
Patch for an Issue #697
2014-05-20 22:00:26 +02:00
Miroslav Stampar
babe49f086
Minor update (added new warning message)
2014-05-20 17:14:40 +02:00
Miroslav Stampar
3a2916724c
Minor style update
2014-05-11 17:12:15 +02:00
Miroslav Stampar
a72d73804e
Revert of 9255174890
(bug was introduced with it)
2014-05-10 01:31:44 +02:00
Miroslav Stampar
8f0807d7f9
Another fix related to the last commit
2014-05-09 22:55:16 +02:00
Miroslav Stampar
5eae002084
Minor fix
2014-05-09 22:45:43 +02:00
Miroslav Stampar
9255174890
Minor fix
2014-05-09 22:39:56 +02:00
Miroslav Stampar
eb8e31c23f
Adding a failsafe output directory
2014-04-27 22:40:41 +02:00
Miroslav Stampar
fd884ec67b
Adding another comment
2014-04-12 17:22:47 +02:00
Miroslav Stampar
b5cca742e4
Adding a comment
2014-04-12 17:22:47 +02:00
Miroslav Stampar
7cc4159316
Renaming conf.cDel to conf.cookieDel
2014-04-06 16:50:58 +02:00
Miroslav Stampar
0ae8ac707e
Renaming conf.pDel to conf.paramDel
2014-04-06 16:48:46 +02:00
Miroslav Stampar
76b9fad24a
Fix for an Issue #656
2014-03-30 16:21:18 +02:00
Miroslav Stampar
d7f0da5599
Minor patch for an Issue #646
2014-03-20 13:08:28 +01:00
Miroslav Stampar
17742df0fa
Update for an Issue #636 (to prevent eventual future reports with lack of stack trace)
2014-03-11 21:18:31 +01:00
Miroslav Stampar
291a0d772a
Update for an Issue #615
2014-02-27 14:23:14 +01:00
Miroslav Stampar
534c2ee0e6
Minor update
2014-02-01 22:12:00 +01:00
Bernardo Damele
dfa9076a70
fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d
)
2014-01-13 17:12:37 +00:00
Miroslav Stampar
02de2aee6d
Patch for an Issue #582
2013-12-26 22:27:04 +01:00
Miroslav Stampar
2c2667b2be
Minor patch for an Issue #575
2013-12-18 00:56:24 +01:00
Miroslav Stampar
5b2ded0b18
Fix for an Issue #577
2013-12-13 21:00:26 +01:00
Miroslav Stampar
437278e32d
Fix for an Issue #580
2013-12-13 19:48:05 +01:00
Miroslav Stampar
bf3fbb0ae0
Ignore Google analytics cookies
2013-12-04 09:56:37 +01:00
Miroslav Stampar
3c67ba08c5
Minor fix
2013-11-12 14:53:05 +01:00
Miroslav Stampar
d84ddf23bd
Replacing os.sep constructs with os.path.join
2013-11-12 14:08:41 +01:00
Miroslav Stampar
48bd2e75e9
Minor patch
2013-10-28 13:59:38 +01:00
Miroslav Stampar
7ed05f01b3
Minor update
2013-10-27 00:24:57 +02:00
Miroslav Stampar
9e975210ac
Implementation for an Issue #515
2013-08-30 10:22:43 +02:00
Miroslav Stampar
28eca2116f
Fix for an Issue #513
2013-08-27 13:55:38 +02:00
Miroslav Stampar
bc19f40d09
Minor update
2013-08-22 10:44:21 +02:00
Miroslav Stampar
23f2c5f166
Finishing implementation for an Issue #58
2013-08-20 19:35:49 +02:00
Miroslav Stampar
1f2c8fbf59
Fix for an Issue #500
2013-08-13 20:40:36 +02:00
Miroslav Stampar
b2855e0281
Minor patch
2013-08-12 14:25:51 +02:00
Miroslav Stampar
a711c9ed36
Minor cleanup and initial work for #58
2013-08-09 14:13:48 +02:00
Miroslav Stampar
6b826ef64d
Reintroducing option --cookie-del
2013-07-31 20:41:19 +02:00
Miroslav Stampar
eaacbe0b12
Minor language fix
2013-07-31 09:24:34 +02:00
Miroslav Stampar
4f58e0af0c
Minor fix
2013-07-31 08:45:04 +02:00
stamparm
8d3435ab0b
Removing reflective warning for parsing heuristic test
2013-07-08 11:48:33 +02:00
stamparm
f7d15cb465
Official naming is HSQLDB (and/or HyperSQL)
2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651
Merge pull request #475 from Meatballs1/hsql_clean
...
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
Meatballs
4595b2c287
decodeHexValue
2013-06-24 23:45:39 +01:00
Miroslav Stampar
0355e29b7c
Minor fix (NoneType has no attribute split)
2013-06-24 14:49:53 +02:00
Miroslav Stampar
3583f45ee7
Fix for an Issue #461
2013-06-10 11:44:56 +02:00
Miroslav Stampar
c1592e8508
Code refactoring (moving import ctypes to be used only when needed)
2013-06-04 22:23:44 +02:00
Miroslav Stampar
351c70b390
Locale module screws string.letters, etc. in some cases (e.g. IDLE run)
2013-06-01 14:06:58 +02:00
Miroslav Stampar
ed8f16e754
Minor update on user's request
2013-05-30 12:01:13 +02:00
Miroslav Stampar
793a8ad349
Minor fix
2013-05-30 11:38:24 +02:00
stamparm
c3038fcb65
Minor cosmetic update
2013-05-29 15:46:59 +02:00
stamparm
dfd6ee20bb
Patch for an Issue #454
2013-05-29 15:26:11 +02:00
stamparm
60df3e9d1e
Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access)
2013-05-29 15:04:14 +02:00
Miroslav Stampar
e7ddc2fcab
Minor fix
2013-05-23 12:57:33 +04:00
Miroslav Stampar
b2b3b3b5a6
Minor bug fix (level names not properly used in non-logger output)
2013-05-18 16:44:21 +02:00
stamparm
936815128d
Minor fix
2013-05-13 13:42:43 +02:00
Miroslav Stampar
034e123b0c
Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent)
2013-05-12 16:24:13 +02:00
stamparm
fc57b7565d
Implementation for an Issue #432
2013-05-09 14:26:29 +02:00
stamparm
0d92145fc6
Minor bug fix
2013-04-19 15:40:25 +02:00
stamparm
0cb3ce5765
Bug fix (maybe it will have repercusions in future as this was a silent bug)
2013-04-19 10:10:06 +02:00
stamparm
2defc30dc6
From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML)
2013-04-17 11:12:15 +02:00
stamparm
aed738d6e6
Update for an Issue #361
2013-04-15 14:20:21 +02:00
stamparm
a9a0d1a3f9
Minor update
2013-04-15 11:56:19 +02:00
stamparm
10fbeaed7b
Code refactoring
2013-04-15 11:49:11 +02:00
stamparm
349f885f08
Minor patch
2013-04-15 11:41:53 +02:00
Miroslav Stampar
b6fee638ef
Neutralizing time of cookie expiration (in case of --load-cookies)
2013-04-14 01:13:08 +02:00
stamparm
8c9da95343
Style and consistency update (url -> URL)
2013-04-09 11:48:42 +02:00
Miroslav Stampar
50ac3aab7a
Minor patch
2013-04-06 01:56:24 +02:00
Miroslav Stampar
76a0d20799
Minor patch
2013-04-01 22:18:41 +02:00
stamparm
7447773237
Update for consistency (all other enums are using _ in between words)
2013-03-20 11:10:24 +01:00
Miroslav Stampar
4cb378ce3e
Another update for an Issue #352 and couple of fixes
2013-03-13 21:57:09 +01:00
Miroslav Stampar
b35122a42c
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-03-13 19:52:17 +01:00
Miroslav Stampar
eb08c8d752
Another update for an Issue #352
2013-03-13 19:42:22 +01:00
Bernardo Damele
dea62189b2
fixes #420
2013-03-12 22:16:42 +00:00
Miroslav Stampar
65306f1ac1
Update for an Issue #352
2013-03-12 20:10:32 +01:00
Miroslav Stampar
db0a1e58b9
Update for an Issue #352
2013-03-11 14:58:05 +01:00
Miroslav Stampar
d6fc10092f
Minor refactoring
2013-03-11 13:31:50 +01:00
Miroslav Stampar
1e731f87a4
Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request)
2013-03-09 19:33:04 +01:00
stamparm
6fbd902265
Minor refactoring (Issue #411 )
2013-02-25 10:44:04 +01:00
stamparm
ad471368f5
Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a
2013-02-22 11:42:09 +01:00
stamparm
44a46d2b10
Fix for an Issue #409
2013-02-22 10:18:22 +01:00
stamparm
6b2981ef4e
Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)
2013-02-21 11:14:57 +01:00
Miroslav Stampar
7f293afe74
Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b
)
2013-02-18 15:18:53 +01:00
Miroslav Stampar
9b5f33560b
Oracle is too specific (only column names can be enclosed) - removing it
2013-02-15 17:36:58 +01:00
Miroslav Stampar
bf82506c1b
Oracle can't enclose table names with double quotations
2013-02-15 17:36:58 +01:00
Miroslav Stampar
1b3d749488
Proper fix related to the last commit/revert
2013-02-15 17:36:58 +01:00
Miroslav Stampar
5a793cbc7c
Minor revert
2013-02-15 17:36:58 +01:00
Miroslav Stampar
799bd51c2e
Minor fix when two readInput/dataToStdout are called one at a time
2013-02-15 17:36:58 +01:00
Bernardo Damele
b472d9809a
another consistency fix to readInput()
2013-02-15 09:35:09 +00:00
Bernardo Damele
4727589135
code consistency
2013-02-15 00:17:13 +00:00
Bernardo Damele
d91530f885
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-02-14 17:16:55 +00:00
Bernardo Damele
52264f544e
minor fix for Windows file paths, do not strip the windows drive letter
2013-02-14 17:16:49 +00:00
Miroslav Stampar
fdf00e4842
Fix for an Issue #397
2013-02-14 17:14:36 +01:00
Miroslav Stampar
6c0054bc5f
Putting that ugly parameter xyz is not inside the Cookie into the debug messages
2013-02-14 15:38:44 +01:00
Bernardo Damele
4b9d8ed673
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f
make sure to use Python 2 interpreter when default system Python is version 3
2013-02-14 11:25:04 +00:00
Miroslav Stampar
0a4605644e
Minor fix for previous commit
2013-02-13 16:31:03 +01:00
Miroslav Stampar
2b121c938b
Minor fix
2013-02-13 16:24:21 +01:00
Miroslav Stampar
965fa04a33
Trivial update
2013-02-13 12:28:51 +01:00
Miroslav Stampar
dc41484b3f
Refactoring of funcionality for finding out if stacking is available
2013-02-13 09:57:16 +01:00
Miroslav Stampar
c34f6e25b2
Minor fix for --eval (urldecoded values should be used inside evaluation)
2013-02-12 17:01:47 +01:00
Miroslav Stampar
212e92ea01
Minor update regarding --load-cookies (warning about expired ones)
2013-02-12 14:29:56 +01:00
Miroslav Stampar
c67b39d14d
Update for a last update
2013-02-12 12:58:15 +01:00
Miroslav Stampar
72984a578d
Update for --load-cookies
2013-02-12 12:42:12 +01:00
Miroslav Stampar
c75560ba69
Minor bug fix (getting ? in < 0xf char cases)
2013-02-11 21:16:35 +01:00
Bernardo Damele
07fe6d44fb
unnecessary condition here
2013-02-07 14:18:52 +00:00
Bernardo Damele
b477c56b52
first steps to allow multiple scans on the same taskid - issue #297
2013-02-07 00:05:26 +00:00
Bernardo Damele
5c8335876f
minor bug fix to make --disable-coloring work on log messages too
2013-02-06 21:04:54 +00:00
Miroslav Stampar
e836629215
Bug fixes for search (safeStringFormat should not replace all if given scalar values)
2013-02-05 11:37:49 +01:00
Miroslav Stampar
6cab3d4759
Minor update
2013-02-04 16:46:08 +01:00
Miroslav Stampar
7e1ff1bb8e
Same refactoring as the last commit
2013-02-04 15:26:44 +01:00
Bernardo Damele
9370f96a67
step by step getting there to partial output presentation to restful API (issue #297 ), not quite yet though..
2013-02-03 22:09:33 +00:00
Bernardo Damele
bd1ea13b8d
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-02-03 11:31:12 +00:00
Bernardo Damele
f8bc74758c
improvement to restful API to store to IPC database partial entries, not yet functional (issue #297 )
2013-02-03 11:31:05 +00:00
Miroslav Stampar
6d942f92b5
Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))
2013-02-01 10:03:06 +01:00
Miroslav Stampar
8d51b4b63a
Minor bug fix
2013-01-31 16:24:44 +01:00
Miroslav Stampar
f391937083
Minor refactoring
2013-01-30 10:43:46 +01:00
Miroslav Stampar
d6fb0e8545
Update for an Issue #352
2013-01-30 10:38:11 +01:00
Miroslav Stampar
bd08ede117
Minor fine tuning
2013-01-29 21:06:02 +01:00
Miroslav Stampar
f41460f8d8
Better naming
2013-01-29 20:53:11 +01:00
Bernardo Damele
c47b44e93f
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-01-29 15:38:16 +00:00
Bernardo Damele
92ae8145df
ignore any non-relevant string: avoid storing to the API, careful this can introduce bugs but it is necessary at this stage of development (issue #297 )
2013-01-29 15:35:51 +00:00
Miroslav Stampar
a104de01d7
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-01-29 15:35:01 +01:00
Miroslav Stampar
7e73825ece
Minor cosmetics
2013-01-29 15:34:41 +01:00
Bernardo Damele
085495024f
minor adjustment
2013-01-29 01:44:57 +00:00
Bernardo Damele
f1ab887c55
major enhancement, code refactoring for issue #297
2013-01-29 01:39:27 +00:00
Miroslav Stampar
194a9e7b88
Implementation for an Issue #377
2013-01-25 12:34:57 +01:00
Miroslav Stampar
719c7f622b
Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions)
2013-01-22 15:51:06 +01:00
Miroslav Stampar
c55a002f95
Language fix
2013-01-21 13:19:08 +01:00
Miroslav Stampar
80255433b0
Trivial style update
2013-01-21 13:18:34 +01:00
Miroslav Stampar
0e86175342
Adding new common function for further refactoring
2013-01-21 11:50:47 +01:00
Bernardo Damele
115be9d7b5
minor fixes
2013-01-20 01:26:46 +00:00
Bernardo Damele
f89b25fdb6
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-01-19 18:04:38 +00:00
Bernardo Damele
adf97e630f
add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL
2013-01-19 18:04:33 +00:00
Miroslav Stampar
bb6b89fe93
Patch for an Issue #360
2013-01-19 18:06:36 +01:00
Miroslav Stampar
601eb1e49a
Unescaping is renamed to escaping
2013-01-18 15:40:37 +01:00
Bernardo Damele
a43202f3c0
updated copyright
2013-01-18 14:07:51 +00:00
Miroslav Stampar
4d5bae7131
Removing some obsolete functions
2013-01-18 11:18:56 +01:00
Miroslav Stampar
bcc907ce09
Minor update
2013-01-18 11:00:21 +01:00
Miroslav Stampar
d1008b45b5
Minor removal of unused function
2013-01-18 10:46:06 +01:00
Miroslav Stampar
caae773b2d
Minor removal of redundant code
2013-01-18 10:44:57 +01:00
Miroslav Stampar
507f185b69
Revert of patch for an Issue #347
2013-01-17 18:38:37 +01:00
Miroslav Stampar
f7eda07d92
Patch for an Issue #347
2013-01-17 15:30:14 +01:00
Miroslav Stampar
a38b3e397c
Patch for an Issue #286
2013-01-17 14:17:39 +01:00
Miroslav Stampar
65273295e3
Implementing a check for an Issue #25
2013-01-17 13:56:04 +01:00
Miroslav Stampar
9428d1819e
Fix for an Issue #346
2013-01-17 12:03:02 +01:00
Miroslav Stampar
ec4e49d771
Minor refactoring
2013-01-10 16:09:28 +01:00
Miroslav Stampar
1363f26367
Minor refactoring
2013-01-10 15:59:02 +01:00
Miroslav Stampar
834be1eddc
Restyling redundant 'except Exception' form
2013-01-10 15:54:28 +01:00
Miroslav Stampar
acfeeb4f51
Restyling old form of urlparse
2013-01-10 15:41:07 +01:00
Miroslav Stampar
ca3d35a878
Some PEP8 related style cleaning
2013-01-10 13:18:44 +01:00
Miroslav Stampar
6cfa9cb0b3
Removing unused imports
2013-01-10 12:15:12 +01:00
Bernardo Damele
510ceb6e19
first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28
2013-01-09 16:04:23 +00:00
Miroslav Stampar
ad85c4c964
Minor refactoring for an Issue #295
2013-01-08 10:23:02 +01:00
Miroslav Stampar
74552bea87
Cleaning some garbage (hard coded paths with linux native slashes)
2013-01-07 16:51:00 +01:00
Miroslav Stampar
e4a3c015e5
Replacing old and deprecated raise Exception style (PEP8)
2013-01-03 23:20:55 +01:00
Miroslav Stampar
09f1cdd8e1
Minor style update
2013-01-02 21:52:50 +01:00
Miroslav Stampar
0795760255
Minor fix
2012-12-30 11:22:23 +01:00
Miroslav Stampar
648d91d790
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)
2012-12-27 22:43:39 +01:00
Miroslav Stampar
3d01890147
Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode)
2012-12-27 21:15:44 +01:00
Miroslav Stampar
35728fa443
Fix (and some hidden bug fixes/improvements) regarding an Issue #317
2012-12-21 10:51:35 +01:00
Miroslav Stampar
0a122ccce4
Related to an Issue #319
2012-12-21 09:47:58 +01:00
Miroslav Stampar
8efe056671
Minor refactoring
2012-12-20 15:51:03 +01:00
Miroslav Stampar
63d9b7a1f8
No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset)
2012-12-20 12:23:37 +01:00
Miroslav Stampar
06d8213ffd
minor fix (reading of unicode xml files)
2012-12-20 09:53:08 +01:00
Bernardo Damele
cefb03c835
fixed bug related to issue #223
2012-12-19 14:12:09 +00:00
Bernardo Damele
282aeb734f
ORDER BY does not play well with UNION query SQLi (related to issue #313 )
2012-12-19 13:21:16 +00:00
Miroslav Stampar
92e338251a
Finally working inference against MySQL/international letters (even chinese)
2012-12-19 10:44:02 +01:00
Miroslav Stampar
c9b8b51c9c
Update lib/core/common.py
...
Revert of last commit and try 2
2012-12-19 01:48:53 +01:00
Bernardo Damele
318fcee49c
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2012-12-19 00:30:26 +00:00
Bernardo Damele
3c7007097a
minor refactoring
2012-12-19 00:30:22 +00:00
Miroslav Stampar
50b846b5af
Update lib/core/common.py
...
Fixing wrong assumption in case of MySQL inference international character retrieval
2012-12-19 01:26:12 +01:00
Miroslav Stampar
df0f08bc6a
Cleaning some (web upload based) garbage
2012-12-13 13:19:47 +01:00
Miroslav Stampar
5150172178
Minor update
2012-12-13 10:03:21 +01:00
Miroslav Stampar
fc4be0a77c
Minor fix
2012-12-12 16:45:29 +01:00
Miroslav Stampar
a6448e8768
Update for an Issue #287
2012-12-12 11:54:59 +01:00
Miroslav Stampar
b5884c7eda
Minor language update
2012-12-11 15:24:02 +01:00
Miroslav Stampar
562044577b
Implementation for an Issue #292
2012-12-11 12:02:06 +01:00
Miroslav Stampar
974407396e
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
2012-12-06 14:14:19 +01:00
Miroslav Stampar
baccbd6f48
Implementation for an Issue #283
2012-12-06 11:57:57 +01:00
Miroslav Stampar
ab67344448
Removed unused imports and variables (pyflake-ing)
2012-12-06 11:15:05 +01:00
Miroslav Stampar
b6650add46
Introducing 'new style classes' (idea from Pull request #284 )
2012-12-06 10:42:53 +01:00
Miroslav Stampar
6b39e661a7
Fix for an issue #279
2012-12-05 12:15:14 +01:00
Miroslav Stampar
87a92ab330
Deprecating --replicate (Issue #254 )
2012-11-28 11:10:57 +01:00
Miroslav Stampar
bd33128085
Fix for an Issue #262
2012-11-27 10:08:22 +01:00
Miroslav Stampar
ef2038f1c8
Implementation for an Issue #253
2012-11-21 10:16:13 +01:00
Miroslav Stampar
93e071fc33
Fix for an Issue #251
2012-11-20 11:19:23 +01:00
Miroslav Stampar
302348b0cd
Minor update
2012-11-19 11:59:28 +01:00
Miroslav Stampar
9a54a911a8
Patch for an Issue #231
2012-11-14 11:30:29 +01:00
Miroslav Stampar
2de52927f3
Code refactoring (epecially Google search code)
2012-10-30 18:38:10 +01:00
Miroslav Stampar
7c7aff12c6
Update for an Issue #225
2012-10-30 01:26:19 +01:00
Miroslav Stampar
1d07b93730
Bug fix for --os-shell on MySQL (it was not working for a long time because of this)
2012-10-29 15:45:30 +01:00
Miroslav Stampar
5358d85d37
Important refactoring for web-based functionality
2012-10-29 15:09:05 +01:00
Miroslav Stampar
81ccf28785
Minor refactoring
2012-10-29 14:08:48 +01:00
Miroslav Stampar
25a5073281
Bug fix for --hex/--technique=B (especially MsSQL)
2012-10-28 12:22:33 +01:00
Miroslav Stampar
8617fe0d65
Bug fix for international letters decoded with --hex on MsSQL
2012-10-28 11:50:16 +01:00
Miroslav Stampar
43ddf39bea
Minor refactoring
2012-10-28 01:16:02 +02:00
Miroslav Stampar
bcdba7b7bb
Dealing with rare cases when getIdentifiedDbms is needed prior to DBMS isfingerprinted and there are multiples of dbmses inside details
2012-10-28 01:11:50 +02:00
Miroslav Stampar
c1b8226329
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
2012-10-28 00:36:09 +02:00
Miroslav Stampar
965d7eee17
Minor bug fix for a reflection removal mechanism
2012-10-26 00:06:15 +02:00
Miroslav Stampar
5477c9f7ba
Fix for an Issue #216
2012-10-24 22:59:46 +02:00
Miroslav Stampar
056be32ac1
Fix for Issue #213
2012-10-23 17:06:31 +02:00
Miroslav Stampar
f2bbf1ead9
Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)
2012-10-23 11:05:00 +02:00
Miroslav Stampar
5ff2e33c43
Minor fix
2012-10-23 10:54:26 +02:00
Miroslav Stampar
68d5faa287
Minor update
2012-10-23 10:46:17 +02:00
Miroslav Stampar
64b4586883
Minor update
2012-10-18 11:36:12 +02:00
Miroslav Stampar
1cb2ca4195
Minor update
2012-10-18 10:55:27 +02:00
Miroslav Stampar
2cb1b054bb
Implementation for an Issue #79
2012-10-16 12:32:58 +02:00
Miroslav Stampar
8b57e1fce6
Minor update for an Issue #203
2012-10-15 23:15:52 +02:00
Miroslav Stampar
048e720f69
Minor refactoring for an Issue #203
2012-10-15 17:55:57 +02:00
Miroslav Stampar
9aba690a60
Patch for an Issue #203
2012-10-15 16:23:41 +02:00
Miroslav Stampar
56832fe9c4
Better adjustTimeDelay() candidate algorithm
2012-10-11 14:23:53 +02:00
Miroslav Stampar
e61c4c22c9
Implementation for an Issue #200
2012-10-09 15:19:47 +02:00
Miroslav Stampar
8c5fb1b064
Minor update
2012-10-09 14:46:45 +02:00
Miroslav Stampar
d464678e10
Minor update for an Issue #49
2012-10-04 18:01:42 +02:00
Miroslav Stampar
461e5ebc5f
Work for Issue #197 and Issue #49
2012-10-04 11:25:44 +02:00
Miroslav Stampar
6bc5f44b20
Minor just in case update for an Issue #195 (safer behavior on forced charsets)
2012-09-25 15:09:07 +02:00
Miroslav Stampar
d175decdfc
Fix for an Issue #190
2012-09-22 20:59:40 +02:00
Miroslav Stampar
e4bc471f81
Fix for an Issue #173
2012-09-07 10:09:19 +02:00
Miroslav Stampar
2170e64ca5
Minor bug fix
2012-08-31 19:48:45 +02:00
Miroslav Stampar
7286d89cb6
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
2012-08-31 12:15:09 +02:00
Miroslav Stampar
a6d743ec4c
Minor console output fix (redundant newline has been displayed in case of rawInput)
2012-08-22 14:43:57 +02:00
Miroslav Stampar
8a5042b6a4
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)
2012-08-22 11:56:30 +02:00
Miroslav Stampar
ad59abe018
Cleaning leftover
2012-08-21 14:37:09 +02:00
Miroslav Stampar
1b86fffc6d
Fix for an Issue #157
2012-08-21 14:36:04 +02:00
Miroslav Stampar
d421f9a618
Fix for an Issue #157
2012-08-21 14:34:19 +02:00
Miroslav Stampar
01f481c332
Minor refactoring of dictionaries
2012-08-21 11:19:15 +02:00
Miroslav Stampar
f358ab2e73
Implementation of an Issue #147
2012-08-15 16:37:18 +02:00
Miroslav Stampar
36b55cf209
Proper fix for an Issue #145
2012-08-14 22:28:42 +02:00
Miroslav Stampar
ab35ab4e2a
Fix for an Issue #145
2012-08-14 18:52:45 +02:00
Miroslav Stampar
432b567584
Fix for an Issue #141
2012-08-08 00:03:58 +02:00
Miroslav Stampar
31ceb0cb6c
Fix for an Issue #140
2012-08-07 10:57:29 +02:00
Miroslav Stampar
142fc887f1
Fix for an Issue #129
2012-07-31 11:03:44 +02:00
Miroslav Stampar
bdbe8ff9d9
Fix for an Issue #132
2012-07-30 22:39:45 +02:00
Miroslav Stampar
20a66567a3
Minor refactoring
2012-07-30 10:06:14 +02:00
Miroslav Stampar
3e9f1fe410
Minor style update
2012-07-26 12:13:16 +02:00
Miroslav Stampar
30f8d09651
Implementation for an Issue #70
2012-07-26 12:06:02 +02:00
Miroslav Stampar
231f0f76b5
Fix for an Issue #119
2012-07-26 00:49:51 +02:00
Miroslav Stampar
f8c9868cb6
Implementation for an Issue #118
2012-07-24 15:34:50 +02:00
Miroslav Stampar
42f518b2d6
Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized
2012-07-24 14:44:44 +02:00
Miroslav Stampar
b820975217
Improvement of decodeIntToUnicode()
2012-07-23 19:31:06 +02:00
Miroslav Stampar
1b6cb9442f
Fix for an Issue #114
2012-07-21 23:31:36 +02:00
Miroslav Stampar
dcf8a27f12
Implementation for an Issue #67
2012-07-18 14:24:10 +02:00
Miroslav Stampar
81d15e5051
Fix for an Issue #101
2012-07-17 00:19:33 +02:00
Miroslav Stampar
ffbbb10abb
Support for dotted identificator names
2012-07-16 23:13:21 +02:00
Miroslav Stampar
87ecf205cb
More work for Issue #66
2012-07-14 17:01:04 +02:00
Miroslav Stampar
c5ecc8b8db
Closing work on Issue #83
2012-07-13 11:23:21 +02:00
Miroslav Stampar
48f68bd076
First commit for Issue #83
2012-07-13 10:35:22 +02:00
Bernardo Damele
162da75a04
modified homepage address
2012-07-12 18:38:03 +01:00
Miroslav Stampar
569c9214bf
Adding support for boldifying important logging messages
2012-07-12 16:30:35 +02:00
Miroslav Stampar
8e18514e56
Minor refactoring for all that stickyness
2012-07-12 15:58:45 +02:00
Miroslav Stampar
fe61bdce75
Minor update
2012-07-12 15:25:26 +02:00
Miroslav Stampar
dbbca16c69
Minor renaming
2012-07-12 15:24:40 +02:00
Miroslav Stampar
9bc24cea6b
Dealing with kb.currentMessage issue
2012-07-12 15:23:35 +02:00
Miroslav Stampar
b320dc118d
Minor fix (recognizing if it's colorizing handler or not)
2012-07-12 14:55:54 +02:00
Bernardo Damele
4e64c1126d
restored bold on questions to users (calls from readInput()) - issue #77
2012-07-11 22:56:11 +01:00
Bernardo Damele
247f95e051
restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")
2012-07-11 22:48:27 +01:00
Miroslav Stampar
15ee5310d9
Adding traffic in and out to color_map
2012-07-11 20:42:18 +02:00
Miroslav Stampar
43cac2212b
Fix for a case when ColorizingStreamHandler is not used
2012-07-11 20:36:32 +02:00
Miroslav Stampar
72378d4f61
Some more refactoring
2012-07-11 20:29:48 +02:00
Miroslav Stampar
c6464b44be
Some more refactoring
2012-07-11 20:13:23 +02:00
Miroslav Stampar
d7926b8aac
Minor refactoring
2012-07-11 19:54:21 +02:00
Bernardo Damele
53ccd09ca4
now also readInput() uses colouring
2012-07-11 17:53:32 +01:00
Bernardo Damele
02ec25b4b8
code refactoring
2012-07-11 17:44:23 +01:00
Bernardo Damele
77b275f1a6
conf->kb
2012-07-11 17:32:12 +01:00
Bernardo Damele
1d2c87e24e
leftover
2012-07-11 17:22:01 +01:00
Bernardo Damele
fa2f6f9a39
colourize manually crafter "logging" messages
2012-07-11 16:48:30 +01:00
Bernardo Damele
eb7ffb8f91
setup for implementing logging colouring - issue #77
2012-07-10 02:54:37 +01:00
Bernardo Damele
a27f50ed1d
added conf.unescape global variable to control whether or not the injected statements should be unescaped
2012-07-10 01:37:16 +01:00
Bernardo Damele
f645ac6040
dealing with variables in SQL procs - issue #33
2012-07-10 01:05:03 +01:00
Bernardo Damele
2527554f8e
more work on #33
2012-07-10 00:53:07 +01:00
Bernardo Damele
d3da3f5c52
refactoring for issue #51
2012-07-10 00:19:32 +01:00
Miroslav Stampar
0d539a876d
Minor fix (subversion->github)
2012-07-07 23:49:34 +02:00
Miroslav Stampar
e948e4d45b
Some more refactoring
2012-07-06 17:18:22 +02:00
Miroslav Stampar
438a636973
Fix for issue Issue #60
2012-07-06 15:36:32 +02:00
Miroslav Stampar
c3c1b9e957
Minor restyling
2012-07-04 20:28:18 +02:00
Miroslav Stampar
40fc6488bf
Fix for Issue #56 (Google has changed few things for retrieving PR)
2012-07-03 21:00:18 +02:00
Miroslav Stampar
481b46a004
Restyling output for Issue #52
2012-07-03 13:06:52 +02:00
Miroslav Stampar
8eefe4b71f
Getting back revision number - displayed like in GitHub commits (Issue #52 )
2012-07-02 13:01:20 +02:00
Miroslav Stampar
d7cd55fb28
Fix for Issue #47
2012-07-01 11:05:04 +02:00
Miroslav Stampar
21d9ae0a2c
some more refactoring
2012-07-01 01:19:54 +02:00
Miroslav Stampar
f6509db31a
minor refactoring
2012-07-01 00:33:19 +02:00
jekil
c39e5a85ba
Removed $id$ tags
2012-06-27 20:56:43 +02:00
Miroslav Stampar
ec44e88db8
lots of refactoring regarding removal of already obsolete session file mechanism
2012-06-21 10:09:10 +00:00
Miroslav Stampar
302d782a0f
minor style update
2012-06-19 08:33:51 +00:00
Miroslav Stampar
06be7bbb18
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
2012-06-15 20:41:53 +00:00
Miroslav Stampar
d2dd47fb23
some more refactoring
2012-06-14 13:52:56 +00:00
Miroslav Stampar
3a90105fbb
minor refactoring
2012-06-14 13:38:53 +00:00
Miroslav Stampar
a51d8c4c79
replacing identifier safe char " with [] enclosing for MsSQL
2012-06-13 15:27:42 +00:00
Miroslav Stampar
367de838c1
minor update
2012-06-13 14:08:32 +00:00
Miroslav Stampar
db526bdbc0
minor update (tainted values are not checked any more in multipleTargets mode)
2012-05-25 09:52:17 +00:00
Miroslav Stampar
86fdad2bfa
minor update
2012-05-24 22:07:50 +00:00
Miroslav Stampar
eed8d7eb5d
finalizing support for IPv6
2012-05-24 21:55:57 +00:00
Miroslav Stampar
b6d37d766a
minor update regarding IPv6 support
2012-05-24 21:49:20 +00:00
Miroslav Stampar
92286104e3
minor just in case update
2012-05-24 21:39:10 +00:00
Miroslav Stampar
3e9c57d177
minor fix
2012-05-24 21:36:35 +00:00
Miroslav Stampar
be76928293
minor fix
2012-05-24 20:53:01 +00:00
Miroslav Stampar
bbfa4b6d5d
minor update
2012-05-14 14:38:16 +00:00
Miroslav Stampar
333f8057a5
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
2012-05-14 14:06:43 +00:00
Miroslav Stampar
b81fe42d4b
turning off null connection on -o when --tor used (not compatible)
2012-05-10 17:50:54 +00:00
Miroslav Stampar
efdd86ddcc
minor just in case patch
2012-05-10 14:22:34 +00:00
Miroslav Stampar
1418ae9767
little refactoring of parseUnionPage together with a patch for some special case
2012-05-09 18:47:40 +00:00
Miroslav Stampar
96299d3d5d
minor refactoring
2012-05-03 22:34:18 +00:00
Miroslav Stampar
efd27d7ade
minor renaming
2012-04-17 08:41:19 +00:00
Miroslav Stampar
c7422546e1
tiny update
2012-04-11 23:01:38 +00:00
Miroslav Stampar
2bad73a981
minor update
2012-04-11 21:48:44 +00:00
Miroslav Stampar
e195de2093
correcting comment on reflective removal function
2012-04-11 21:41:48 +00:00
Miroslav Stampar
b45ae10da4
minor fixes
2012-04-11 21:36:37 +00:00
Miroslav Stampar
627bfc589f
some more updates in reflective removal mechanism
2012-04-11 21:26:00 +00:00
Miroslav Stampar
8b130f6497
minor improvement for reflective values (when missing first part of payload like in error reports)
2012-04-11 15:01:28 +00:00
Miroslav Stampar
01bd5d0ab2
some more updates for reflective mechanism
2012-04-11 10:41:33 +00:00
Miroslav Stampar
2e92d8636e
improvement of reflective mechanism
2012-04-11 08:58:03 +00:00
Miroslav Stampar
60ca44e0cf
minor adjustment
2012-04-11 08:35:09 +00:00
Miroslav Stampar
119eec3598
improving "boolean detection" by automatic recognition of convenient --string candidate
2012-04-10 21:48:34 +00:00
Miroslav Stampar
8c6eb4faa9
adding support for PgSQL DNS data exfiltration
2012-04-07 14:06:11 +00:00
Miroslav Stampar
1b2cd44255
proper fix
2012-04-04 10:35:52 +00:00
Miroslav Stampar
7031ef8e00
removing default values for referer and host from higher level/risk options
2012-04-04 10:34:27 +00:00
Miroslav Stampar
b0787f193c
getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)
2012-04-03 14:34:15 +00:00
Miroslav Stampar
33bb9c5f19
much cleaner approach in that "flat" representation of retrieved items in union technique
2012-04-03 13:56:11 +00:00
Miroslav Stampar
e05109812f
minor improvements regarding data retrieval through DNS channel
2012-04-03 09:18:30 +00:00
Miroslav Stampar
2c28423cb8
minor update
2012-04-02 14:57:15 +00:00
Miroslav Stampar
1cd3c3f7af
further update of DNS data retrieval mechanism through SQLi
2012-04-02 14:05:30 +00:00
Miroslav Stampar
1e01203562
few just in case "patches"
2012-04-02 12:58:10 +00:00
Miroslav Stampar
abffc39929
minor update regarding DNS data retrieval task
2012-04-02 12:22:40 +00:00
Miroslav Stampar
8be9cd4ac4
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
2012-03-31 10:22:50 +00:00
Miroslav Stampar
79c3d6f2aa
minor update
2012-03-30 10:37:46 +00:00
Miroslav Stampar
637a8d8273
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
2012-03-29 14:33:27 +00:00
Miroslav Stampar
772ead8d03
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
2012-03-29 12:44:20 +00:00
Miroslav Stampar
9433bbe26d
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
2012-03-28 19:27:12 +00:00
Miroslav Stampar
7fd64df167
minor code cleaning
2012-03-28 13:31:07 +00:00
Miroslav Stampar
11132ba993
fix for a bug in reflection removal mechanism
2012-03-19 14:28:18 +00:00
Bernardo Damele
890bf708bc
Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)
2012-03-15 00:19:57 +00:00
Miroslav Stampar
61ad3b999a
fix for a crash with partial union and --hex
2012-03-14 10:31:24 +00:00
Miroslav Stampar
a7fbc55748
grammar fix
2012-03-13 22:03:23 +00:00
Miroslav Stampar
cda8815634
introducing safe deprecation mechanism for HashDB versioning
2012-03-12 22:55:57 +00:00
Miroslav Stampar
98a3e43f53
bug fix for writing raw pickled data into SQLite HashDB
2012-03-08 10:57:47 +00:00
Miroslav Stampar
cd28eb6544
minor update regarding --load-cookies
2012-03-08 10:19:34 +00:00
Miroslav Stampar
4cfea96471
minor update
2012-03-05 09:56:48 +00:00
Miroslav Stampar
37db27b720
turning back on automatic adjusting of delays in time based queries
2012-02-29 15:51:23 +00:00
Miroslav Stampar
0205d96d7b
minor fix
2012-02-29 15:38:01 +00:00
Miroslav Stampar
8b9c5c66cc
code refactoring regarding charsetType inside inference/bisection
2012-02-29 14:36:23 +00:00
Miroslav Stampar
f6f98f1b41
minor improvement
2012-02-29 14:19:59 +00:00
Miroslav Stampar
d06182347f
fixing few potential problems
2012-02-29 13:56:40 +00:00
Miroslav Stampar
5b67af3b20
minor update
2012-02-24 15:03:39 +00:00
Miroslav Stampar
8a203ef79d
making session data strictly dependent on url through HashDB helper functions
2012-02-24 14:58:24 +00:00
Miroslav Stampar
c36cbbb3ae
minor fix
2012-02-24 14:54:10 +00:00
Miroslav Stampar
9d6fd2e507
bug fix for --schema --technique=BST
2012-02-24 14:12:19 +00:00
Miroslav Stampar
f94b91ad87
added helper function for HashDB data storing/retrieval
2012-02-24 13:07:20 +00:00
Miroslav Stampar
b481c0352f
minor update
2012-02-24 11:25:56 +00:00
Miroslav Stampar
1f6ce265b9
minor fix
2012-02-24 11:05:04 +00:00
Miroslav Stampar
5afbd52b61
more update related to last commits
2012-02-24 10:57:23 +00:00
Miroslav Stampar
570d3a19c2
more general fix
2012-02-24 10:53:28 +00:00
Miroslav Stampar
e8352e504f
fixing problems with chars deletition by logging messages in inference mode
2012-02-24 10:48:19 +00:00
Miroslav Stampar
71028a81f5
fix for proper retrieval of columns in SQLite
2012-02-24 09:55:13 +00:00
Miroslav Stampar
7941504c3a
minor update
2012-02-23 15:32:36 +00:00
Miroslav Stampar
0478e4166a
minor justin case fix
2012-02-23 15:19:20 +00:00
Miroslav Stampar
6e54cb171f
minor code restyling
2012-02-22 15:53:36 +00:00
Miroslav Stampar
b3bd4144f5
removing of unused imports together with some general code refactoring
2012-02-22 10:40:11 +00:00
Miroslav Stampar
686eacda9a
minor update regarding --hex
2012-02-21 13:38:18 +00:00
Miroslav Stampar
bcf3255fe1
implementation of switch --hex for 4 major DBMSes
2012-02-21 11:44:48 +00:00
Miroslav Stampar
3e4db6d140
minor fix for Python v2.6
2012-02-20 19:35:57 +00:00
Miroslav Stampar
aee269cc14
gazillion changes, nothing will work, muhahaha
2012-02-17 14:22:48 +00:00
Miroslav Stampar
dcf7277a0f
some more refactorings
2012-02-16 14:42:28 +00:00
Miroslav Stampar
6632aa7308
some more refactoring
2012-02-16 13:46:01 +00:00
Miroslav Stampar
844fc8addb
minor cleanup
2012-02-16 10:19:36 +00:00
Miroslav Stampar
0e23521adc
some more refactoring
2012-02-16 09:54:29 +00:00
Miroslav Stampar
e1f86c97c4
minor refactoring
2012-02-16 09:46:41 +00:00
Miroslav Stampar
bcf9fc6c6f
minor refactoring
2012-02-16 09:32:47 +00:00
Miroslav Stampar
8d7912ad34
minor update and refactoring
2012-02-15 14:05:50 +00:00
Miroslav Stampar
bf923a97df
minor update
2012-02-15 13:45:10 +00:00
Miroslav Stampar
122db6e164
minor update
2012-02-15 13:24:02 +00:00
Miroslav Stampar
9059d30312
adding first code example for SPL snippets
2012-02-15 13:17:01 +00:00
Miroslav Stampar
23cc8b6974
minor fix for special cases when parameter value contains html encoded characters
2012-02-14 14:08:10 +00:00
Miroslav Stampar
bb5113980b
minor update
2012-02-14 10:27:56 +00:00
Miroslav Stampar
3f15c52188
minor change in workflow for "tainted" parameter values
2012-02-14 09:26:52 +00:00
Miroslav Stampar
b140ef4a14
minor update (preparing for switching to HashDB from old sessionFile)
2012-02-10 10:24:48 +00:00
Miroslav Stampar
980367b7b2
minor update
2012-02-09 09:48:47 +00:00
Miroslav Stampar
7e9e582eca
minor update
2012-02-08 14:23:57 +00:00
Miroslav Stampar
93d7d6c355
minor patch
2012-02-08 10:38:58 +00:00
Miroslav Stampar
6bedb80ffa
adding --force-ssl switch (most useful in combination with -r)
2012-02-08 09:11:57 +00:00
Miroslav Stampar
2b05ded9c3
just a makeup
2012-02-07 12:05:23 +00:00
Miroslav Stampar
b4f4a982e4
minor update
2012-02-07 11:37:54 +00:00
Miroslav Stampar
11af0b1bbc
minor fix
2012-02-07 11:16:03 +00:00
Miroslav Stampar
f7bf1fbe94
upgrade/fixes for direct DBMS access
2012-02-07 10:46:55 +00:00
Miroslav Stampar
8c45ff0d57
bug fix
2012-02-03 10:38:04 +00:00
Miroslav Stampar
f4e7bf1d51
minor update regarding support for Unicode characters in Oracle
2012-02-01 14:17:27 +00:00
Miroslav Stampar
2589521ecf
fix of a wrong assumption (e.g. decodeIntToUnicode(12345) has been returning a "09" instead of a single unicode character)
2012-02-01 10:38:43 +00:00
Miroslav Stampar
b2dad63000
some more refactoring
2012-01-13 22:00:34 +00:00
Miroslav Stampar
23117e72ca
minor improvement
2012-01-13 20:56:06 +00:00
Bernardo Damele
0043336620
Minor fix and removed leftover debug message
2012-01-13 17:04:59 +00:00
Bernardo Damele
b03f91437b
Minor code refactoring
2012-01-13 16:49:52 +00:00
Miroslav Stampar
04686b83e3
minor update
2012-01-13 11:16:26 +00:00
Miroslav Stampar
305371b7a9
minor update
2012-01-12 14:58:23 +00:00
Miroslav Stampar
95f89ab63a
updating copyright date
2012-01-11 14:59:46 +00:00
Miroslav Stampar
ff52931140
some refactoring (skipping duplicate messages in case that UNION/ERROR techniques failed and BOOLEAN/TIMED/STACKED are not available)
2012-01-07 19:30:35 +00:00
Miroslav Stampar
2b5e429dc2
one more level of defense against user himself
2012-01-07 17:16:14 +00:00
Miroslav Stampar
a675c88894
minor check added for invalid urls (e.g. deliberately too long)
2012-01-07 16:06:18 +00:00
Miroslav Stampar
13f2afbbc9
minor fix
2012-01-03 17:28:50 +00:00
Miroslav Stampar
29f502fe29
some refactoring
2011-12-28 16:27:17 +00:00
Miroslav Stampar
0a6334db22
minor speedup
2011-12-27 11:41:57 +00:00
Miroslav Stampar
366e86c560
minor "patch"
2011-12-26 14:08:25 +00:00
Miroslav Stampar
c20546dcaa
minor refactoring
2011-12-26 12:24:39 +00:00
Miroslav Stampar
087e29d272
minor update
2011-12-22 20:14:56 +00:00
Miroslav Stampar
8a7b0406c8
minor optimization
2011-12-22 20:08:28 +00:00
Miroslav Stampar
094129a656
minor optimization
2011-12-22 15:42:21 +00:00
Miroslav Stampar
f622995a29
compatibility with partial union and error technique resumed data
2011-12-22 12:20:21 +00:00
Miroslav Stampar
58a4a02b7e
minor fix
2011-12-22 11:56:42 +00:00
Miroslav Stampar
6f8d8a15aa
minor update
2011-12-22 11:55:02 +00:00
Miroslav Stampar
9f68e54fff
minor cleanup
2011-12-22 10:59:28 +00:00
Miroslav Stampar
aaa29d1f24
minor fix
2011-12-22 10:51:41 +00:00
Miroslav Stampar
4a1a0773b7
speedup of UNION dumping
2011-12-22 10:44:14 +00:00
Miroslav Stampar
1ae413a206
some refactoring/speedup around UNION technique
2011-12-22 10:32:21 +00:00
Miroslav Stampar
b77e2042f2
some optimization
2011-12-21 23:23:00 +00:00
Miroslav Stampar
526aacb640
code cleanup
2011-12-21 22:59:23 +00:00
Miroslav Stampar
41ccf88990
some more refactoring
2011-12-21 22:09:21 +00:00
Miroslav Stampar
0a039d84e0
some more refactoring
2011-12-21 19:40:42 +00:00
Miroslav Stampar
81bd9a201b
minor refactoring
2011-12-21 11:50:49 +00:00
Miroslav Stampar
113ebf5e9d
minor update
2011-12-20 16:08:17 +00:00
Miroslav Stampar
8bfff4a28e
minor update
2011-12-20 15:01:27 +00:00
Miroslav Stampar
95cd9e2af3
adding support for scanning Host header values (-p host)
2011-12-20 12:52:41 +00:00
Miroslav Stampar
dcf842692b
minor fix
2011-12-16 12:34:26 +00:00
Miroslav Stampar
8793fbc9f5
minor update
2011-12-14 12:59:25 +00:00
Miroslav Stampar
1fd1ec22a1
minor fix
2011-12-14 12:03:21 +00:00
Miroslav Stampar
73a500833d
minor bug fix
2011-12-12 14:38:06 +00:00
Miroslav Stampar
25cde9e2c7
minor fixes
2011-12-12 09:45:40 +00:00
Miroslav Stampar
f1dfa5c860
minor update
2011-11-30 17:44:34 +00:00
Miroslav Stampar
71c46f50aa
adding option --csv-del
2011-11-30 17:39:41 +00:00
Miroslav Stampar
02bd9a54f3
minor update
2011-11-30 17:19:21 +00:00
Miroslav Stampar
e94efff187
some more optimization
2011-11-22 09:00:00 +00:00
Miroslav Stampar
2ed3efba12
speed optimization and bug fix (kb.absFilePaths were not stored previously; also, they are now extracted only in heuristic phase)
2011-11-22 08:39:13 +00:00
Miroslav Stampar
493e436e16
minor update
2011-11-22 07:32:39 +00:00
Miroslav Stampar
e905ea2a54
minor bug fix
2011-11-22 07:07:52 +00:00
Miroslav Stampar
eee03871d7
minor refactoring
2011-11-21 21:31:08 +00:00
Miroslav Stampar
65b2b0ad87
adding switch --eval
2011-11-21 16:41:02 +00:00
Miroslav Stampar
7c1af97852
minor optimization
2011-11-20 19:38:56 +00:00
Miroslav Stampar
367627c331
minor fix for Python 2.6
2011-11-13 19:09:13 +00:00
Miroslav Stampar
76fb6ba666
minor update
2011-11-13 10:38:27 +00:00
Miroslav Stampar
ccbd93cc2e
fix for redirect/HOST header bug
2011-11-11 11:28:27 +00:00
Miroslav Stampar
24bda96d9e
adding items from John the Ripper's word list to the dictionary for Oracle cracking
2011-11-02 11:21:49 +00:00
Miroslav Stampar
6ec522e14b
removal of minor obsolete thingy
2011-11-02 10:41:12 +00:00
Miroslav Stampar
60cadf4747
better regex used
2011-10-29 10:31:52 +00:00
Miroslav Stampar
ef987c6954
adding compatibility support for using --crawl and --forms together
2011-10-29 09:32:20 +00:00
Miroslav Stampar
ddc4dfe5ff
minor refactoring for regarding --forms
2011-10-29 08:32:24 +00:00
Miroslav Stampar
666a7da12a
minor update
2011-10-28 11:28:21 +00:00
Miroslav Stampar
b83fe6113e
turning off time adjustment off (now is shown as a tip) because it seems that it never was actually used (payload always left the same)
2011-10-28 11:25:07 +00:00
Miroslav Stampar
3c31ccd16e
minor update
2011-10-26 22:37:04 +00:00
Miroslav Stampar
b07f165d60
quick fix
2011-10-24 18:11:34 +00:00
Miroslav Stampar
d39d36f7a7
minor language beautification
2011-10-23 23:27:56 +00:00
Miroslav Stampar
1dd3fae930
minor fix
2011-10-23 22:27:45 +00:00
Miroslav Stampar
5863429fc1
minor update
2011-10-23 21:17:45 +00:00
Miroslav Stampar
4a469c3258
minor update
2011-10-23 21:12:34 +00:00
Miroslav Stampar
3f0517d3f3
support for non-latin (e.g. cyrillic) URLs
2011-10-23 17:02:48 +00:00
Miroslav Stampar
25f0ec3597
some minor range to xrange conversion (where safe to do)
2011-10-21 22:34:27 +00:00
Miroslav Stampar
b4ce857f9b
added some comments
2011-10-21 21:29:24 +00:00
Miroslav Stampar
7a3096ce25
some refactoring
2011-10-21 21:12:48 +00:00
Miroslav Stampar
566d6e4974
minor fix
2011-10-21 20:21:29 +00:00
Miroslav Stampar
12a7fd4054
quick fix
2011-10-20 08:28:57 +00:00
Miroslav Stampar
8720aad6dc
transformed cDel to pDel as a more generic option
2011-10-06 22:03:33 +00:00
Miroslav Stampar
7e80274fac
refactoring
2011-09-25 21:10:45 +00:00
Miroslav Stampar
4fb6dab1a2
minor bug fix
2011-09-12 14:15:57 +00:00
Miroslav Stampar
1bdde51d0e
minor just in case update
2011-09-11 16:41:07 +00:00
Miroslav Stampar
d434047482
minor bug fix
2011-09-05 09:28:40 +00:00
Miroslav Stampar
08e0eb9b61
minor lower/upper case fix
2011-08-29 13:47:32 +00:00
Miroslav Stampar
ac00014c4a
implemented --randomize switch by request
2011-08-29 12:50:52 +00:00
Bernardo Damele
36280b33fa
Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site
2011-08-12 13:06:40 +00:00
Miroslav Stampar
41ae9bc7ff
minor bug fix
2011-08-09 14:20:25 +00:00
Miroslav Stampar
457f501bbd
proper fix
2011-08-01 23:48:38 +00:00
Bernardo Damele
cbd0ea0866
Possible fix for a minor bug
2011-08-01 23:24:39 +00:00
Miroslav Stampar
0627bb02cb
minor beautification
2011-07-31 10:21:47 +00:00
Miroslav Stampar
68ae8ea5b2
minor refactoring
2011-07-29 10:54:25 +00:00
Miroslav Stampar
e522263640
fix for a neverending data retrieval in large full inband cases
2011-07-29 10:45:09 +00:00
Miroslav Stampar
107089c00b
bug fix
2011-07-27 08:25:51 +00:00
Bernardo Damele
e71f96afe7
Reverted dumb "fix"
2011-07-26 09:42:09 +00:00
Bernardo Damele
0a7a648694
Minor bug fix for --start, now all techniques return the same result (before blind techniques returned from one entry behind)
2011-07-25 11:15:18 +00:00
Bernardo Damele
6cbb927012
Partial fix for -o not resumed at following runs if missing from command line
2011-07-25 11:05:49 +00:00
Miroslav Stampar
2033a28ae7
minor update regarding last commit (cleaner code)
2011-07-24 20:44:17 +00:00
Miroslav Stampar
3a3561fdaa
doing proper big table support for partial union too
2011-07-24 20:36:44 +00:00
Miroslav Stampar
ec1bc0219c
hello big tables, this is sqlmap, sqlmap this is big tables
2011-07-24 09:19:33 +00:00
Miroslav Stampar
82e1e61554
minor speedup
2011-07-23 19:51:19 +00:00
Miroslav Stampar
094dc91e2d
minor update (prior to some changes regarding large content retrieval)
2011-07-23 19:04:59 +00:00
Miroslav Stampar
8a00ca83af
refactoring. nothing special changed
2011-07-21 10:18:11 +00:00
Miroslav Stampar
963f54e6d2
minor fix for parameters containing '=' inside values itself (remark: no parameter name will have '=' nor '%3d' inside; tested and it does a good job)
2011-07-21 10:06:52 +00:00
Miroslav Stampar
ff8fc90ac7
bug fix
2011-07-13 06:44:15 +00:00
Miroslav Stampar
5c162efbd8
more optimization
2011-07-12 23:21:15 +00:00
Miroslav Stampar
9933edc718
optimization of reflective removal mechanism
2011-07-12 22:28:19 +00:00
Miroslav Stampar
3583d6dd1b
quick fixes, more work to do
2011-07-12 20:32:19 +00:00
Miroslav Stampar
c517e97a44
few fixes and minor cosmetics
2011-07-08 06:02:31 +00:00
Bernardo Damele
aedcf8c8d7
Changed homepage address
2011-07-07 20:10:03 +00:00
Bernardo Damele
6f6038b534
Quick fix (revert..)
2011-07-06 11:32:12 +00:00
Miroslav Stampar
93b296e02c
few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation")
2011-07-06 05:44:47 +00:00
Miroslav Stampar
34d9a91af1
bulk of fixes
2011-07-02 22:48:56 +00:00
Bernardo Damele
861cdb1b14
cosmetics
2011-07-01 10:04:34 +00:00
Miroslav Stampar
4513ef409e
massive (like really massive) dictionary support
2011-06-30 23:44:49 +00:00
Miroslav Stampar
43db6b03a7
update with a feature request (file with list of wordlist files)
2011-06-30 08:42:43 +00:00
Miroslav Stampar
be9b8bca78
bug fix
2011-06-29 17:39:58 +00:00
Miroslav Stampar
8a8b94883b
minor update (that default quit in --batch was bothering me - my original idea and it was bad :)
2011-06-27 14:14:49 +00:00
Bernardo Damele
36c96ef796
Added DB2 support - patch provided by Sebastian Bittig
2011-06-25 09:44:24 +00:00
Miroslav Stampar
52ba3c281e
minor update
2011-06-22 14:59:49 +00:00
Miroslav Stampar
4ca37901da
thread safe logging+stdout (no more overlapping of log messages and raw output)
2011-06-22 14:53:42 +00:00
Bernardo Damele
1cb12ea659
replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license)
2011-06-22 13:31:07 +00:00
Miroslav Stampar
d6062e8fc9
minor fix for crawler and far less message overlaps in future
2011-06-20 21:18:12 +00:00
Miroslav Stampar
8c04aa871a
english typo
2011-06-20 11:00:23 +00:00
Miroslav Stampar
83af83da9e
minor beautification (WordsSet is considered as a bad english)
2011-06-18 15:47:19 +00:00
Miroslav Stampar
1440c9f2d4
minor update
2011-06-17 22:28:07 +00:00
Miroslav Stampar
87e9842371
better language
2011-06-17 22:13:45 +00:00
Miroslav Stampar
ce3170edef
minor update/better language
2011-06-17 22:11:40 +00:00
Miroslav Stampar
ec6fa384eb
update
2011-06-17 22:04:25 +00:00
Miroslav Stampar
0eeb48f8f5
some fixes
2011-06-16 13:41:02 +00:00
Miroslav Stampar
7733e5866a
minor update regarding mnemonics (again)
2011-06-16 12:34:38 +00:00
Miroslav Stampar
17e4c6b564
minor update regarding mnemonics
2011-06-16 12:26:50 +00:00
Miroslav Stampar
25b923bbc3
minor fixes and minor updates
2011-06-16 12:12:30 +00:00
Miroslav Stampar
6f681b45ad
cleaning up a bit for a configuration mess
2011-06-16 11:42:13 +00:00
Miroslav Stampar
e0ad72031f
minor update
2011-06-15 12:04:30 +00:00
Miroslav Stampar
1d93a03eeb
introducing mnemonics
2011-06-15 11:58:50 +00:00
Bernardo Damele
7152a1ed3b
Added --dependences to show which sqlmap dependences are not available
2011-06-13 18:44:02 +00:00
Miroslav Stampar
fae089646b
minor fix
2011-06-09 08:38:17 +00:00
Miroslav Stampar
af5fe457bd
revert of the revert (it's a good idea to have it like this because of problems with e.g. --text-only and binary content)
2011-06-09 07:53:31 +00:00
Miroslav Stampar
8ec4bc9d9d
revert of the last commit. have to think about it
2011-06-09 06:32:53 +00:00
Miroslav Stampar
9c093d91f2
minor update
2011-06-09 06:14:35 +00:00
Bernardo Damele
64bef644c3
This was missing
2011-06-08 15:30:59 +00:00
Miroslav Stampar
4a9640160e
more concise
2011-06-08 14:35:23 +00:00
Miroslav Stampar
6b81eef65a
refactoring
2011-06-08 14:30:12 +00:00
Miroslav Stampar
f65abdaae3
added switch --cookie-del by request
2011-06-08 08:27:24 +00:00
Miroslav Stampar
26062ec71e
minor update
2011-06-07 15:13:51 +00:00
Miroslav Stampar
03c3f83893
minor fix
2011-06-06 13:34:49 +00:00
Miroslav Stampar
24ed99e5a3
fix for a bug reported by aboynes@gmail.com
2011-06-06 08:50:48 +00:00
Miroslav Stampar
f27181c628
minor improvement for blind based injections with reflected values
2011-06-03 14:41:36 +00:00
Miroslav Stampar
faf7814869
fix for a fuzz "bug" reported by daniele.rivetti@yahoo.com
2011-06-03 11:01:26 +00:00
Miroslav Stampar
8aa5625cd0
proper fix related to the last commit
2011-06-01 23:00:18 +00:00
Miroslav Stampar
63145236b9
minor fix
2011-05-31 21:53:29 +00:00
Miroslav Stampar
3c12799ff0
minor improvement
2011-05-30 20:34:34 +00:00
Miroslav Stampar
20988e58ed
warp 5 mr spock :)
2011-05-30 09:46:32 +00:00
Miroslav Stampar
eb9b84d1da
type correction
2011-05-28 17:53:05 +00:00
Miroslav Stampar
f3ed61af5f
bug fix when using inference and kb.pageEncoding is None (like in binary cases)
2011-05-25 21:12:12 +00:00
Miroslav Stampar
69eb173eca
minor just in case patch
2011-05-24 15:07:37 +00:00
Miroslav Stampar
bfe8e51b7c
minor fix for retrieving stuff like "SELECT * FROM testdb..users"
2011-05-23 19:45:40 +00:00
Miroslav Stampar
0ed03d474f
now supporting "blank tables" - schema of the table will be preserved, even if it's empty - especially nice feature for --replicate
2011-05-23 11:09:44 +00:00
Miroslav Stampar
9b2623514a
one bug fix for Host header (value should be without port number); one improvement for --tables - when no tables ask user if he wants to brute force them; one tweak - adding kb.ignoreTimeout for --tables
2011-05-22 09:48:46 +00:00
Miroslav Stampar
db72428765
minor update
2011-05-19 15:57:29 +00:00
Miroslav Stampar
f40c6b2ce7
added --cookie for maskSensitiveData too
2011-05-19 15:42:59 +00:00
Miroslav Stampar
9832fc42d4
minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)
2011-05-18 21:47:40 +00:00
Miroslav Stampar
dfe81cc66f
minor yielding
2011-05-16 20:14:10 +00:00
Miroslav Stampar
a5ad4621c9
minor refactoring
2011-05-16 20:09:12 +00:00
Miroslav Stampar
90e84c9a6d
removing xmlcharrefreplace error handler as it seems that it wasn't such a good idea at the end
2011-05-15 21:43:38 +00:00
Miroslav Stampar
c3bb5a03e1
minor improvement
2011-05-14 20:09:37 +00:00
Miroslav Stampar
3484a4426b
fix for a bug reported by itxx@qq.com (TypeError: encode() takes no keyword arguments)
2011-05-14 19:57:28 +00:00
Bernardo Damele
aae140080e
SVN roll back, DB2 patch will be recommitted after testing:
...
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
2011-05-06 10:27:43 +00:00
Miroslav Stampar
6e392b6054
applying contributed patch for DB2
2011-05-06 09:30:39 +00:00
Bernardo Damele
c58dc4a6d8
isDbmsWithin() must stay like this, no getIdentifiedDbms() in there
2011-05-03 14:13:45 +00:00
Miroslav Stampar
b202d73b46
bug fix for MSSQL identificators which were starting with d, b, o and . Thing is that .lstrip strips all occurances of the given chars :) (spotted ancidentally)
2011-05-03 11:09:30 +00:00
Miroslav Stampar
1e6c2fea74
update regarding warning for --random-agent during connection timeout in connection test phase
2011-05-03 10:05:42 +00:00
Bernardo Damele
ac2550535c
Proper fix for --technique=U bug
2011-05-01 23:42:41 +00:00
Bernardo Damele
00f14bec5f
layout adjustment
2011-04-30 15:22:33 +00:00
Bernardo Damele
9a4ae7d9e2
More code refactoring of Backend class methods used
2011-04-30 14:54:29 +00:00
Bernardo Damele
f56d135438
Minor code restyling
2011-04-30 13:20:05 +00:00
Bernardo Damele
a5968fff3e
Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided
2011-04-30 00:22:22 +00:00
Miroslav Stampar
6bb4dce3aa
minor refactoring
2011-04-29 15:22:32 +00:00
Bernardo Damele
e35f25b2cb
Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
...
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec .
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Bernardo Damele
d0dff82ce0
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch
2011-04-23 16:25:09 +00:00
Miroslav Stampar
e1a8d268d8
fix for UPX linux/macos
2011-04-21 10:52:34 +00:00
Miroslav Stampar
9ccf720c05
removing funny remark
2011-04-21 10:06:13 +00:00
Bernardo Damele
a91e6a8440
layout
2011-04-21 10:03:18 +00:00
Miroslav Stampar
cbfe743bad
added a comment
2011-04-21 10:01:58 +00:00
Miroslav Stampar
3b133303bf
refactoring
2011-04-19 22:54:13 +00:00
Miroslav Stampar
de2479b864
dealing with http://bugs.python.org/issue1602
2011-04-19 22:33:03 +00:00
Miroslav Stampar
13f8c001a7
minor update
2011-04-19 11:13:53 +00:00
Miroslav Stampar
a7366bf710
SOAP refactoring
2011-04-17 21:39:00 +00:00
Miroslav Stampar
29ee760021
improving time based data retrieval mechanism
2011-04-17 07:24:18 +00:00
Miroslav Stampar
0387654166
update of copyright string (until year)
2011-04-15 12:33:18 +00:00