Miroslav Stampar
|
9825e247db
|
Refactoring search module
|
2013-01-23 14:22:35 +01:00 |
|
Bernardo Damele
|
599ad74a32
|
typo fix
|
2013-01-23 13:05:10 +00:00 |
|
Bernardo Damele
|
7ee07d031a
|
added PostgreSQL stacked queries test case
|
2013-01-23 12:15:20 +00:00 |
|
Bernardo Damele
|
314ed22fc3
|
added preventive cleanup test case
|
2013-01-23 12:12:30 +00:00 |
|
Bernardo Damele
|
f3ff239e62
|
minor fix
|
2013-01-23 00:21:11 +00:00 |
|
Bernardo Damele
|
aafc5b5623
|
added one just in case test case to check if all params are tested as they should be
|
2013-01-23 00:18:54 +00:00 |
|
Bernardo Damele
|
91c00939f7
|
added one more test case
|
2013-01-22 18:28:59 +00:00 |
|
Miroslav Stampar
|
d6a361f859
|
Proper implementation for --technique=Q --dbms=Firebird
|
2013-01-22 16:31:26 +01:00 |
|
Miroslav Stampar
|
5ea45af1c4
|
Warming up for Issue #366 and #367
|
2013-01-22 14:14:20 +01:00 |
|
Bernardo Damele
|
4f081a6a9b
|
typo fixes
|
2013-01-22 13:00:15 +00:00 |
|
Bernardo Damele
|
afa9046e74
|
added Firebird custom enumeration test cases and stricten a few cases to make sure query length calculation function works properly with multi-threading/boolean technique
|
2013-01-22 12:34:11 +00:00 |
|
Bernardo Damele
|
29a65b5cdc
|
added Firebird search test cases
|
2013-01-22 11:23:48 +00:00 |
|
Miroslav Stampar
|
b8318efecc
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-22 11:29:15 +01:00 |
|
Bernardo Damele
|
11413a0f03
|
added Firebird search test cases
|
2013-01-22 10:04:17 +00:00 |
|
Bernardo Damele
|
e23340f002
|
added support for search for tables on Firebird (issue #365)
|
2013-01-22 09:53:05 +00:00 |
|
Bernardo Damele
|
d2ff9bccbb
|
minor adjustment
|
2013-01-21 21:00:03 +00:00 |
|
Bernardo Damele
|
bc5a7e49e9
|
done with DB2 test cases (issue #312)
|
2013-01-21 20:53:11 +00:00 |
|
Bernardo Damele
|
3cfa6cd191
|
minor adjustments
|
2013-01-21 16:41:47 +00:00 |
|
Bernardo Damele
|
d5de5306d6
|
minor fixes following recent enhancements
|
2013-01-21 16:38:31 +00:00 |
|
Miroslav Stampar
|
472f5e35c2
|
Removing that space char
|
2013-01-21 17:35:23 +01:00 |
|
Miroslav Stampar
|
5d318b4980
|
Fix for a ISNULL mechanism in Firebird
|
2013-01-21 17:33:09 +01:00 |
|
Miroslav Stampar
|
99bc4a9005
|
Generic approach for dealing with that nasty Firebird habit of appending spaces to (tec=EU) varchar casted values
|
2013-01-21 17:17:20 +01:00 |
|
Miroslav Stampar
|
832d95984c
|
IFNULL-like mechanism now works on SQLite 2 too
|
2013-01-21 15:04:27 +01:00 |
|
Miroslav Stampar
|
aebf2c1350
|
Slightly better payload for Firebird delay-based SQLi (adding sligtly more delay)
|
2013-01-20 23:10:58 +01:00 |
|
Bernardo Damele
|
845ec006d7
|
fixed again
|
2013-01-20 01:33:22 +00:00 |
|
Bernardo Damele
|
115be9d7b5
|
minor fixes
|
2013-01-20 01:26:46 +00:00 |
|
Bernardo Damele
|
a24eaffacc
|
fixed --columns on DB2, inline with Oracle and other DBMSes now
|
2013-01-19 16:14:25 +00:00 |
|
Bernardo Damele
|
b05c6cbd13
|
leftover
|
2013-01-19 00:29:42 +00:00 |
|
Bernardo Damele
|
30273e03fe
|
leftover
|
2013-01-19 00:28:48 +00:00 |
|
Bernardo Damele
|
0e78fbef56
|
correctly format SQLi payload for inline query technique
|
2013-01-19 00:28:03 +00:00 |
|
Bernardo Damele
|
89ddd54a75
|
added Firebird inline query payload, requires some work though engine-side for the vector to be usable
|
2013-01-19 00:05:15 +00:00 |
|
Bernardo Damele
|
10d86d042c
|
enough..
|
2013-01-18 23:46:26 +00:00 |
|
Bernardo Damele
|
e76213ef5d
|
more fixes
|
2013-01-18 23:37:13 +00:00 |
|
Bernardo Damele
|
6be7eee8d6
|
more fixes
|
2013-01-18 23:35:16 +00:00 |
|
Bernardo Damele
|
56eaa073ce
|
fixed test cases for Firebird - #312
|
2013-01-18 23:32:39 +00:00 |
|
Bernardo Damele
|
edeb181c4f
|
added first bunch of test cases for Firebird, issue #312
|
2013-01-18 23:17:43 +00:00 |
|
Bernardo Damele
|
b176cdb578
|
layout adjustment
|
2013-01-18 22:10:52 +00:00 |
|
Bernardo Damele
|
2471f325b2
|
minor adjustments
|
2013-01-18 21:47:25 +00:00 |
|
Bernardo Damele
|
1ad9e26a21
|
bug fix for ORDER BY users provided statements (issue #354)
|
2013-01-18 21:40:50 +00:00 |
|
Bernardo Damele
|
ebd1d3095b
|
done with test cases for Oracle - issue #312
|
2013-01-18 21:40:11 +00:00 |
|
Bernardo Damele
|
d594978857
|
typo fix again
|
2013-01-18 20:48:37 +00:00 |
|
Bernardo Damele
|
bab9485561
|
typo fix
|
2013-01-18 20:48:08 +00:00 |
|
Bernardo Damele
|
2550bbc05e
|
fix for #353
|
2013-01-18 20:40:38 +00:00 |
|
Bernardo Damele
|
2463e51e73
|
added one more test case for DB2 and a few search-related cases for Oracle (issue #312)
|
2013-01-18 20:37:20 +00:00 |
|
Bernardo Damele
|
d66f7e22b1
|
more fixes to test cases
|
2013-01-18 09:32:05 +00:00 |
|
Bernardo Damele
|
e4ee4f9557
|
fixed some test cases
|
2013-01-17 23:17:33 +00:00 |
|
Bernardo Damele
|
ce263b794f
|
on DB2 there are no users password hashes to dump
|
2013-01-17 22:17:55 +00:00 |
|
Bernardo Damele
|
d2d3878de1
|
typo fix
|
2013-01-17 21:58:53 +00:00 |
|
Bernardo Damele
|
acac8c359b
|
fixed --current-db query for IBM DB2
|
2013-01-17 20:47:35 +00:00 |
|
Bernardo Damele
|
74286e339f
|
test if boolean also works correctly for --os-cmd
|
2013-01-16 15:36:35 +00:00 |
|
Bernardo Damele
|
6f08d10d07
|
leftover
|
2013-01-16 15:16:18 +00:00 |
|
Bernardo Damele
|
1c8bd95e68
|
more work on Oracle test cases (#312)
|
2013-01-16 15:13:47 +00:00 |
|
Bernardo Damele
|
6b0ed1c581
|
fixed parsing reg exps to work with Oracle XE (#312)
|
2013-01-16 15:00:45 +00:00 |
|
Bernardo Damele
|
a3493769ca
|
minor fix
|
2013-01-16 00:45:18 +00:00 |
|
Bernardo Damele
|
983593510c
|
ported Oracle checks to express edition
|
2013-01-15 23:59:29 +00:00 |
|
Miroslav Stampar
|
7a1d484115
|
Implementation for an Issue #340
|
2013-01-15 16:05:33 +01:00 |
|
Bernardo Damele
|
3f84cefc77
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-15 14:59:22 +00:00 |
|
Bernardo Damele
|
1cafe605af
|
added more Oracle test cases
|
2013-01-15 14:59:15 +00:00 |
|
Miroslav Stampar
|
02f0e72cc6
|
Minor update of other/corner case titles
|
2013-01-15 11:10:03 +01:00 |
|
Miroslav Stampar
|
498a576e39
|
Removing obsolete data
|
2013-01-15 10:59:46 +01:00 |
|
Bernardo Damele
|
3fa720e699
|
added first Oracle test cases
|
2013-01-14 17:30:42 +00:00 |
|
Bernardo Damele
|
8a2b994b94
|
added SQLite test cases (issue #312)
|
2013-01-14 16:50:24 +00:00 |
|
Bernardo Damele
|
e555c2be30
|
added support for --search -T for SQLite
|
2013-01-14 16:26:11 +00:00 |
|
Bernardo Damele
|
48e0154fc3
|
added SQLite inline queries payload
|
2013-01-14 15:30:01 +00:00 |
|
Bernardo Damele
|
3e2c3851f3
|
Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312)
|
2013-01-14 13:42:50 +00:00 |
|
Bernardo Damele
|
bd89ade02f
|
minor bug fix for PostgreSQL --file-read
|
2013-01-14 12:22:00 +00:00 |
|
Bernardo Damele
|
c6d4b89869
|
minor bug fix for PostgreSQL (issue #338)
|
2013-01-14 11:41:30 +00:00 |
|
Bernardo Damele
|
b35b8a4835
|
fixed regexps for --live-test (issue #312)
|
2013-01-14 10:24:11 +00:00 |
|
Bernardo Damele
|
4acb281414
|
added first test cases for PostgreSQL
|
2013-01-14 01:11:57 +00:00 |
|
Bernardo Damele
|
b74cfbf336
|
minor enhancements for debug purposes (issue #312)
|
2013-01-13 23:15:56 +00:00 |
|
Miroslav Stampar
|
bc4d8d3e02
|
Implementation for an Issue #332
|
2013-01-11 11:17:41 +01:00 |
|
Miroslav Stampar
|
7ea846e111
|
Removing some junk from queries.xml
|
2013-01-10 11:46:51 +01:00 |
|
Miroslav Stampar
|
ebde4b190e
|
Minor update
|
2013-01-10 11:42:37 +01:00 |
|
Miroslav Stampar
|
55a552ddc4
|
Update for an Issue #24
|
2013-01-08 10:55:25 +01:00 |
|
Miroslav Stampar
|
614f4657f1
|
Removing timedelay tags inside queries.xml as we don't use those outside the payloads.xml anymore (Update for an Issue #24)
|
2013-01-08 10:30:01 +01:00 |
|
Bernardo Damele
|
ec7508ec4f
|
test case to reproduce bug introduced at 76839ff
|
2013-01-07 17:39:13 +00:00 |
|
Miroslav Stampar
|
a3f9741d6e
|
Fixed unneeded trimming in --hex for MsSQL
|
2012-12-21 11:40:18 +01:00 |
|
Bernardo Damele
|
a56e384abb
|
updated VM..
|
2012-12-20 13:18:45 +00:00 |
|
Bernardo Damele
|
e39ac0f092
|
added OR boolean-based test case
|
2012-12-20 12:52:26 +00:00 |
|
Bernardo Damele
|
d019f75e63
|
for this test case verbose has to be set to 2 as we parse a DEBUG message
|
2012-12-20 11:48:34 +00:00 |
|
Bernardo Damele
|
190e317992
|
fixed test case and added new one, commented out metasploit integration case as it cannot be handled easily
|
2012-12-20 11:05:11 +00:00 |
|
Miroslav Stampar
|
19e2f3bb76
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 10:43:54 +01:00 |
|
Miroslav Stampar
|
03215ef209
|
Proper length function used now (fixing issues with international letters in multi threaded mode)
|
2012-12-20 10:43:38 +01:00 |
|
Bernardo Damele
|
076b4063e6
|
these edits got overwritten from last commits
|
2012-12-20 09:42:44 +00:00 |
|
Bernardo Damele
|
602405c171
|
added more test cases
|
2012-12-19 18:30:04 +00:00 |
|
Bernardo Damele
|
a2c58847e6
|
fixed title
|
2012-12-19 18:29:00 +00:00 |
|
Bernardo Damele
|
357da43cea
|
slight improvement of live test engine and added misc test cases to xml
|
2012-12-19 17:28:41 +00:00 |
|
Bernardo Damele
|
3061eec7d8
|
added test case for web shell command execution and temporary test case for Metasploit integration (--os-pwn)
|
2012-12-19 16:39:13 +00:00 |
|
Bernardo Damele
|
282aeb734f
|
ORDER BY does not play well with UNION query SQLi (related to issue #313)
|
2012-12-19 13:21:16 +00:00 |
|
Bernardo Damele
|
e583ba6826
|
no point retesting all for time-based too as it uses same engine of boolean-based
|
2012-12-19 12:35:36 +00:00 |
|
Bernardo Damele
|
2bc2c0431c
|
fixed test cases
|
2012-12-19 12:33:37 +00:00 |
|
Bernardo Damele
|
5ceadf02ae
|
fixed test cases now that MySQL test db has two more tables and removed old test cases, soon to be replaced with new ones for other DBMSes
|
2012-12-19 12:22:45 +00:00 |
|
Bernardo Damele
|
54752a9101
|
typo fix
|
2012-12-19 11:44:58 +00:00 |
|
Bernardo Damele
|
dee56b17c3
|
handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308
|
2012-12-19 10:50:15 +00:00 |
|
Bernardo Damele
|
2c86022aab
|
added test cases for --sql-query and improved tests for --search -C
|
2012-12-18 16:30:46 +00:00 |
|
Bernardo Damele
|
f8267ece0f
|
added more specific --search -T and -C test cases
|
2012-12-18 16:13:38 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Bernardo Damele
|
3fa05374bd
|
added tests for all MySQL techniques now (except stacked queries (S) as it is not supported on MySQL/PHP)
|
2012-12-18 12:07:19 +00:00 |
|
Miroslav Stampar
|
9b716eb805
|
Implementation for an Issue #135
|
2012-12-18 10:13:42 +01:00 |
|
Bernardo Damele
|
b957b4790b
|
regexp fix
|
2012-12-17 13:52:00 +00:00 |
|