Commit Graph

11 Commits

Author SHA1 Message Date
Bernardo Damele
8076984f69 Adapted Visual Studio files to compile under VS2005 and recompiled UDFs' DLLs for Windows under VS2005 to make DLLs smaller (no need for UPX anymore) 2010-03-01 00:00:40 +00:00
Miroslav Stampar
8567ad8f3e newly compiled postgresql udfs (manifest included) on VS2005 pro 2010-02-26 19:08:52 +00:00
Bernardo Damele
3c34066d19 Added newly compiled PostgreSQL UDFs for Windows 2010-02-20 20:59:13 +00:00
Bernardo Damele
af1d9f129c Recompiled and tested PostgreSQL shared object (Linux) optimized for size (gcc flag -Os). 2010-02-20 19:10:55 +00:00
Bernardo Damele
6267e74bfb Added newly compiled PostgreSQL UDFs for Linux 2010-02-19 23:29:27 +00:00
Bernardo Damele
89dc99188d --read-file on PostgreSQL now relies on the new sys_fileread() UDF so that also binary files can be read.
Fixed a minor bug in custom UDF injection feature --udf-inject.
Major code refactoring.
2010-02-11 22:57:50 +00:00
Bernardo Damele
1febdcac9b Added support for takeover functionalities on PgSQL 8.4 running on Linux too.
Recompilation of MySQL shared object with MySQL 5.1 development libraries on Debian 5.3.
Tweaked the UDF compilation/installation files for both MySQL and PgSQL.
2010-01-14 10:50:03 +00:00
Bernardo Damele
746cbdba96 Added support for takeover functionalities on PgSQL 8.4 running on Windows 2010-01-14 01:40:11 +00:00
Bernardo Damele
625cc5cc0d Slight update to the shared libraries (UDF dlls). 2010-01-13 21:28:05 +00:00
Bernardo Damele
89c43893d4 Merged back from personal branch to trunk (svn merge -r846:940 ...)
Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.
2009-09-25 23:03:45 +00:00
Bernardo Damele
8c0ac767f4 Updated to sqlmap 0.7 release candidate 1 2009-04-22 11:48:07 +00:00