Commit Graph

568 Commits

Author SHA1 Message Date
Miroslav Stampar
9825e247db Refactoring search module 2013-01-23 14:22:35 +01:00
Bernardo Damele
599ad74a32 typo fix 2013-01-23 13:05:10 +00:00
Bernardo Damele
7ee07d031a added PostgreSQL stacked queries test case 2013-01-23 12:15:20 +00:00
Bernardo Damele
314ed22fc3 added preventive cleanup test case 2013-01-23 12:12:30 +00:00
Bernardo Damele
f3ff239e62 minor fix 2013-01-23 00:21:11 +00:00
Bernardo Damele
aafc5b5623 added one just in case test case to check if all params are tested as they should be 2013-01-23 00:18:54 +00:00
Bernardo Damele
91c00939f7 added one more test case 2013-01-22 18:28:59 +00:00
Miroslav Stampar
d6a361f859 Proper implementation for --technique=Q --dbms=Firebird 2013-01-22 16:31:26 +01:00
Miroslav Stampar
5ea45af1c4 Warming up for Issue #366 and #367 2013-01-22 14:14:20 +01:00
Bernardo Damele
4f081a6a9b typo fixes 2013-01-22 13:00:15 +00:00
Bernardo Damele
afa9046e74 added Firebird custom enumeration test cases and stricten a few cases to make sure query length calculation function works properly with multi-threading/boolean technique 2013-01-22 12:34:11 +00:00
Bernardo Damele
29a65b5cdc added Firebird search test cases 2013-01-22 11:23:48 +00:00
Miroslav Stampar
b8318efecc Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-22 11:29:15 +01:00
Bernardo Damele
11413a0f03 added Firebird search test cases 2013-01-22 10:04:17 +00:00
Bernardo Damele
e23340f002 added support for search for tables on Firebird (issue #365) 2013-01-22 09:53:05 +00:00
Bernardo Damele
d2ff9bccbb minor adjustment 2013-01-21 21:00:03 +00:00
Bernardo Damele
bc5a7e49e9 done with DB2 test cases (issue #312) 2013-01-21 20:53:11 +00:00
Bernardo Damele
3cfa6cd191 minor adjustments 2013-01-21 16:41:47 +00:00
Bernardo Damele
d5de5306d6 minor fixes following recent enhancements 2013-01-21 16:38:31 +00:00
Miroslav Stampar
472f5e35c2 Removing that space char 2013-01-21 17:35:23 +01:00
Miroslav Stampar
5d318b4980 Fix for a ISNULL mechanism in Firebird 2013-01-21 17:33:09 +01:00
Miroslav Stampar
99bc4a9005 Generic approach for dealing with that nasty Firebird habit of appending spaces to (tec=EU) varchar casted values 2013-01-21 17:17:20 +01:00
Miroslav Stampar
832d95984c IFNULL-like mechanism now works on SQLite 2 too 2013-01-21 15:04:27 +01:00
Miroslav Stampar
aebf2c1350 Slightly better payload for Firebird delay-based SQLi (adding sligtly more delay) 2013-01-20 23:10:58 +01:00
Bernardo Damele
845ec006d7 fixed again 2013-01-20 01:33:22 +00:00
Bernardo Damele
115be9d7b5 minor fixes 2013-01-20 01:26:46 +00:00
Bernardo Damele
a24eaffacc fixed --columns on DB2, inline with Oracle and other DBMSes now 2013-01-19 16:14:25 +00:00
Bernardo Damele
b05c6cbd13 leftover 2013-01-19 00:29:42 +00:00
Bernardo Damele
30273e03fe leftover 2013-01-19 00:28:48 +00:00
Bernardo Damele
0e78fbef56 correctly format SQLi payload for inline query technique 2013-01-19 00:28:03 +00:00
Bernardo Damele
89ddd54a75 added Firebird inline query payload, requires some work though engine-side for the vector to be usable 2013-01-19 00:05:15 +00:00
Bernardo Damele
10d86d042c enough.. 2013-01-18 23:46:26 +00:00
Bernardo Damele
e76213ef5d more fixes 2013-01-18 23:37:13 +00:00
Bernardo Damele
6be7eee8d6 more fixes 2013-01-18 23:35:16 +00:00
Bernardo Damele
56eaa073ce fixed test cases for Firebird - #312 2013-01-18 23:32:39 +00:00
Bernardo Damele
edeb181c4f added first bunch of test cases for Firebird, issue #312 2013-01-18 23:17:43 +00:00
Bernardo Damele
b176cdb578 layout adjustment 2013-01-18 22:10:52 +00:00
Bernardo Damele
2471f325b2 minor adjustments 2013-01-18 21:47:25 +00:00
Bernardo Damele
1ad9e26a21 bug fix for ORDER BY users provided statements (issue #354) 2013-01-18 21:40:50 +00:00
Bernardo Damele
ebd1d3095b done with test cases for Oracle - issue #312 2013-01-18 21:40:11 +00:00
Bernardo Damele
d594978857 typo fix again 2013-01-18 20:48:37 +00:00
Bernardo Damele
bab9485561 typo fix 2013-01-18 20:48:08 +00:00
Bernardo Damele
2550bbc05e fix for #353 2013-01-18 20:40:38 +00:00
Bernardo Damele
2463e51e73 added one more test case for DB2 and a few search-related cases for Oracle (issue #312) 2013-01-18 20:37:20 +00:00
Bernardo Damele
d66f7e22b1 more fixes to test cases 2013-01-18 09:32:05 +00:00
Bernardo Damele
e4ee4f9557 fixed some test cases 2013-01-17 23:17:33 +00:00
Bernardo Damele
ce263b794f on DB2 there are no users password hashes to dump 2013-01-17 22:17:55 +00:00
Bernardo Damele
d2d3878de1 typo fix 2013-01-17 21:58:53 +00:00
Bernardo Damele
acac8c359b fixed --current-db query for IBM DB2 2013-01-17 20:47:35 +00:00
Bernardo Damele
74286e339f test if boolean also works correctly for --os-cmd 2013-01-16 15:36:35 +00:00
Bernardo Damele
6f08d10d07 leftover 2013-01-16 15:16:18 +00:00
Bernardo Damele
1c8bd95e68 more work on Oracle test cases (#312) 2013-01-16 15:13:47 +00:00
Bernardo Damele
6b0ed1c581 fixed parsing reg exps to work with Oracle XE (#312) 2013-01-16 15:00:45 +00:00
Bernardo Damele
a3493769ca minor fix 2013-01-16 00:45:18 +00:00
Bernardo Damele
983593510c ported Oracle checks to express edition 2013-01-15 23:59:29 +00:00
Miroslav Stampar
7a1d484115 Implementation for an Issue #340 2013-01-15 16:05:33 +01:00
Bernardo Damele
3f84cefc77 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2013-01-15 14:59:22 +00:00
Bernardo Damele
1cafe605af added more Oracle test cases 2013-01-15 14:59:15 +00:00
Miroslav Stampar
02f0e72cc6 Minor update of other/corner case titles 2013-01-15 11:10:03 +01:00
Miroslav Stampar
498a576e39 Removing obsolete data 2013-01-15 10:59:46 +01:00
Bernardo Damele
3fa720e699 added first Oracle test cases 2013-01-14 17:30:42 +00:00
Bernardo Damele
8a2b994b94 added SQLite test cases (issue #312) 2013-01-14 16:50:24 +00:00
Bernardo Damele
e555c2be30 added support for --search -T for SQLite 2013-01-14 16:26:11 +00:00
Bernardo Damele
48e0154fc3 added SQLite inline queries payload 2013-01-14 15:30:01 +00:00
Bernardo Damele
3e2c3851f3 Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312) 2013-01-14 13:42:50 +00:00
Bernardo Damele
bd89ade02f minor bug fix for PostgreSQL --file-read 2013-01-14 12:22:00 +00:00
Bernardo Damele
c6d4b89869 minor bug fix for PostgreSQL (issue #338) 2013-01-14 11:41:30 +00:00
Bernardo Damele
b35b8a4835 fixed regexps for --live-test (issue #312) 2013-01-14 10:24:11 +00:00
Bernardo Damele
4acb281414 added first test cases for PostgreSQL 2013-01-14 01:11:57 +00:00
Bernardo Damele
b74cfbf336 minor enhancements for debug purposes (issue #312) 2013-01-13 23:15:56 +00:00
Miroslav Stampar
bc4d8d3e02 Implementation for an Issue #332 2013-01-11 11:17:41 +01:00
Miroslav Stampar
7ea846e111 Removing some junk from queries.xml 2013-01-10 11:46:51 +01:00
Miroslav Stampar
ebde4b190e Minor update 2013-01-10 11:42:37 +01:00
Miroslav Stampar
55a552ddc4 Update for an Issue #24 2013-01-08 10:55:25 +01:00
Miroslav Stampar
614f4657f1 Removing timedelay tags inside queries.xml as we don't use those outside the payloads.xml anymore (Update for an Issue #24) 2013-01-08 10:30:01 +01:00
Bernardo Damele
ec7508ec4f test case to reproduce bug introduced at 76839ff 2013-01-07 17:39:13 +00:00
Miroslav Stampar
a3f9741d6e Fixed unneeded trimming in --hex for MsSQL 2012-12-21 11:40:18 +01:00
Bernardo Damele
a56e384abb updated VM.. 2012-12-20 13:18:45 +00:00
Bernardo Damele
e39ac0f092 added OR boolean-based test case 2012-12-20 12:52:26 +00:00
Bernardo Damele
d019f75e63 for this test case verbose has to be set to 2 as we parse a DEBUG message 2012-12-20 11:48:34 +00:00
Bernardo Damele
190e317992 fixed test case and added new one, commented out metasploit integration case as it cannot be handled easily 2012-12-20 11:05:11 +00:00
Miroslav Stampar
19e2f3bb76 Merge branch 'master' of github.com:sqlmapproject/sqlmap 2012-12-20 10:43:54 +01:00
Miroslav Stampar
03215ef209 Proper length function used now (fixing issues with international letters in multi threaded mode) 2012-12-20 10:43:38 +01:00
Bernardo Damele
076b4063e6 these edits got overwritten from last commits 2012-12-20 09:42:44 +00:00
Bernardo Damele
602405c171 added more test cases 2012-12-19 18:30:04 +00:00
Bernardo Damele
a2c58847e6 fixed title 2012-12-19 18:29:00 +00:00
Bernardo Damele
357da43cea slight improvement of live test engine and added misc test cases to xml 2012-12-19 17:28:41 +00:00
Bernardo Damele
3061eec7d8 added test case for web shell command execution and temporary test case for Metasploit integration (--os-pwn) 2012-12-19 16:39:13 +00:00
Bernardo Damele
282aeb734f ORDER BY does not play well with UNION query SQLi (related to issue #313) 2012-12-19 13:21:16 +00:00
Bernardo Damele
e583ba6826 no point retesting all for time-based too as it uses same engine of boolean-based 2012-12-19 12:35:36 +00:00
Bernardo Damele
2bc2c0431c fixed test cases 2012-12-19 12:33:37 +00:00
Bernardo Damele
5ceadf02ae fixed test cases now that MySQL test db has two more tables and removed old test cases, soon to be replaced with new ones for other DBMSes 2012-12-19 12:22:45 +00:00
Bernardo Damele
54752a9101 typo fix 2012-12-19 11:44:58 +00:00
Bernardo Damele
dee56b17c3 handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308 2012-12-19 10:50:15 +00:00
Bernardo Damele
2c86022aab added test cases for --sql-query and improved tests for --search -C 2012-12-18 16:30:46 +00:00
Bernardo Damele
f8267ece0f added more specific --search -T and -C test cases 2012-12-18 16:13:38 +00:00
Bernardo Damele
61a838bb35 added more test cases 2012-12-18 15:59:48 +00:00
Bernardo Damele
3fa05374bd added tests for all MySQL techniques now (except stacked queries (S) as it is not supported on MySQL/PHP) 2012-12-18 12:07:19 +00:00
Miroslav Stampar
9b716eb805 Implementation for an Issue #135 2012-12-18 10:13:42 +01:00
Bernardo Damele
b957b4790b regexp fix 2012-12-17 13:52:00 +00:00