Commit Graph

440 Commits

Author SHA1 Message Date
Miroslav Stampar
acaef90c7b Minor tuning of auto tagging 2016-04-04 12:34:19 +02:00
Miroslav Stampar
d76ee8f534 Further update for #1765 2016-03-17 17:06:11 +01:00
Miroslav Stampar
a68848faf7 (Auto) adjusting micro version (to current month) 2016-03-17 16:31:34 +01:00
Miroslav Stampar
73f1155847 Adding new shutils file 2016-02-29 00:20:58 +01:00
Miroslav Stampar
8b90d146f6 Update of file attributes 2016-01-14 18:02:15 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
5593bf2fee Another patch related to #1539 (simplifying unicode bad chars and preventing double encoding of safe chars) 2015-11-16 15:02:30 +01:00
Miroslav Stampar
00955a7eb5 Miniscule commit 2015-09-10 15:19:09 +02:00
Miroslav Stampar
fb5a75c9ad Removing leftover 2015-08-31 14:50:51 +02:00
Miroslav Stampar
265a78b455 Fixes #1379 2015-08-31 14:27:47 +02:00
Miroslav Stampar
8df3d7a6fa Minor enhancement for beep 2015-07-24 12:11:12 +02:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
49e8083b40 Bug fix for international letters (range in 160-255 is also printable) 2014-08-20 23:28:45 +02:00
Bernardo Damele
85f60d0c09 leftovers 2014-01-13 17:41:33 +00:00
Bernardo Damele
536b44a429 adapted 2014-01-13 17:38:04 +00:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Bernardo Damele
d546fc5ad5 slight update to regression test regexp 2014-01-13 17:24:09 +00:00
Miroslav Stampar
8e2f4669d8 Removing dependency for bz2 as there are some reported problems with the library on non-standard platforms 2013-10-02 20:32:18 +02:00
Miroslav Stampar
a3defc175d Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself) 2013-09-11 23:17:18 +02:00
Miroslav Stampar
89d8512edc Moving bz2 into the cloak functions itself as it's not available by default in custom built Python installations (if not pre-installed libbz2-dev) 2013-07-13 11:50:03 +02:00
stamparm
473a39b820 Minor language fix 2013-03-26 14:11:17 +01:00
stamparm
bdf72b0ffa Minor fix 2013-02-22 17:34:53 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Bernardo Damele
ae0544d05f minor fix 2013-02-12 14:41:04 +00:00
Bernardo Damele
d6db83fe88 Send an email also when regression test is successful 2013-02-11 18:07:15 +00:00
Bernardo Damele
e48181e28d another attempt to fix the stall during regression test 2013-02-09 12:16:56 +00:00
Bernardo Damele
5324018c7e minor typo fix 2013-02-07 14:28:39 +00:00
Bernardo Damele
13b424a63c important bug fix and minor code restyling 2013-02-07 14:05:57 +00:00
Bernardo Damele
4c13e0e5a1 minor mandatory fix for git pull to work 2013-02-03 11:34:32 +00:00
Bernardo Damele
b63144d90b leftover 2013-02-03 11:32:07 +00:00
Bernardo Damele
a92f1fb3b4 minor update 2013-02-03 11:29:57 +00:00
Bernardo Damele
1907c7c83a fixed stall 2013-01-29 16:39:14 +00:00
Bernardo Damele
8912436c68 tentative fix for stall 2013-01-29 16:30:59 +00:00
Bernardo Damele
1ed2b0e5da missing mandatory update before regression test 2013-01-29 16:13:10 +00:00
Bernardo Damele
4d95573e6c cosmetics 2013-01-27 12:01:50 +00:00
Bernardo Damele
61eb16274e more appropriate log file name 2013-01-26 16:24:27 +00:00
Bernardo Damele
a5ce0c9a04 leftover 2013-01-26 16:23:39 +00:00
Bernardo Damele
39c84ffabe missing import 2013-01-26 16:11:27 +00:00
Bernardo Damele
234e4c9f69 consolidated into one script 2013-01-26 16:11:09 +00:00
Bernardo Damele
2f1c174879 minor bug fix 2013-01-23 00:18:29 +00:00
Bernardo Damele
f3cead1729 cosmetics 2013-01-21 20:05:25 +00:00
Bernardo Damele
eb68da96d6 stylistic update 2013-01-21 10:30:49 +00:00
Bernardo Damele
fefad3cba1 stylistic improvements 2013-01-20 17:40:15 +00:00
Bernardo Damele
3b57fe2924 add test case number to email 2013-01-20 11:43:00 +00:00
Bernardo Damele
d46234e30c minor fix 2013-01-20 01:07:00 +00:00
Bernardo Damele
7aa3338bd4 add start and end times to log 2013-01-19 18:33:09 +00:00
Bernardo Damele
bedfe1ba1f syntax fix 2013-01-19 18:28:24 +00:00
Bernardo Damele
47f0d89fc5 sqlmap.org mail server rejects the email, hence use Gmail 2013-01-19 16:26:22 +00:00
Bernardo Damele
640e0eecc6 improved cron script to report any malfunction by email 2013-01-19 16:25:41 +00:00
Bernardo Damele
ab607bd378 minor bug fix to verify test case file exists before it gets read 2013-01-19 16:07:30 +00:00
Bernardo Damele
7c7b608b95 more adjustments 2013-01-18 15:36:22 +00:00
Bernardo Damele
c61ee5e5ef more adjustments 2013-01-18 15:34:14 +00:00
Bernardo Damele
a73aa422fc minor enhancements - #311 2013-01-18 15:29:21 +00:00
Miroslav Stampar
601eb1e49a Unescaping is renamed to escaping 2013-01-18 15:40:37 +01:00
Bernardo Damele
c717de9c9d added regression test cron job script - issue #311 2013-01-18 14:12:00 +00:00
Bernardo Damele
a43202f3c0 updated copyright 2013-01-18 14:07:51 +00:00
Bernardo Damele
eafc0e776e leftover 2013-01-18 13:54:16 +00:00
Bernardo Damele
fb752e6936 catch SMTP exception if any - issue #311 2013-01-18 13:46:50 +00:00
Bernardo Damele
3dd9f29938 layout adjustment 2013-01-18 13:42:48 +00:00
Bernardo Damele
75d0cee994 minor adjustments - issue #311 2013-01-18 13:36:50 +00:00
Bernardo Damele
454f2ae10b ready for production - closes #311 2013-01-18 13:35:27 +00:00
Bernardo Damele
7ccdfc7244 minor enhancements - issue #311 2013-01-18 13:33:05 +00:00
Bernardo Damele
50d7386012 minor fix - issue #311 2013-01-18 13:27:47 +00:00
Bernardo Damele
7c101d9dfc minor fix - issue #311 2013-01-18 13:25:54 +00:00
Bernardo Damele
c8b1013c42 minor fix - issue #311 2013-01-18 13:20:19 +00:00
Bernardo Damele
13b776fb9f minor fix 2013-01-18 13:10:26 +00:00
Bernardo Damele
5375c705a0 minor fix 2013-01-18 13:09:50 +00:00
Bernardo Damele
27d9d42bd6 minor adjustments - issue #311 2013-01-18 13:05:24 +00:00
Bernardo Damele
b3d9f1a907 more impovements, issue #311 2013-01-18 13:02:23 +00:00
Bernardo Damele
de26a31493 more enhancements - issue #311 2013-01-18 11:04:00 +00:00
Bernardo Damele
dcec56e002 first implementation of automated regression test script (issue #311) 2013-01-18 10:44:38 +00:00
Miroslav Stampar
ff5ec48abd Minor update for an Issue #8 2013-01-16 14:16:22 +01:00
Miroslav Stampar
db91137eda Fix for an Issue #333 2013-01-11 14:09:30 +01:00
Miroslav Stampar
834be1eddc Restyling redundant 'except Exception' form 2013-01-10 15:54:28 +01:00
Miroslav Stampar
934d41dac2 Minor style update (PEP8) 2013-01-10 15:02:28 +01:00
Miroslav Stampar
ca3d35a878 Some PEP8 related style cleaning 2013-01-10 13:18:44 +01:00
Miroslav Stampar
96e5d5d178 Some more updates for an Issue #295 2013-01-07 16:55:41 +01:00
Miroslav Stampar
ac407ae4a1 Implementation for an Issue #295 2013-01-07 15:55:40 +01:00
Miroslav Stampar
1712603dce Replacing deprecated has_key() with operator in (PEP8) 2013-01-03 23:28:07 +01:00
Miroslav Stampar
648d91d790 Distinguishing invalid unicode from safe encoded characters (for proper potential decoding) 2012-12-27 22:43:39 +01:00
Miroslav Stampar
352e516400 Bottle is a 3rd party tool (not going to extra folder) 2012-12-21 10:18:30 +01:00
Miroslav Stampar
2ac99e5021 Minor update 2012-12-20 15:40:56 +01:00
Miroslav Stampar
728e061c53 Preventing double safe char encoding 2012-12-20 12:21:45 +01:00
Bernardo Damele
2e97405ffa bundle bottle library in sqlmap (it is MIT license) - issue #297 2012-12-14 03:00:30 +00:00
Miroslav Stampar
46885d4c28 New pep8 script 2012-12-13 16:07:49 +01:00
Miroslav Stampar
562044577b Implementation for an Issue #292 2012-12-11 12:02:06 +01:00
Miroslav Stampar
9e38ccbc3d Removing unused imports 2012-12-10 17:47:42 +01:00
Miroslav Stampar
6ec536e94d Removing old shutils script and adding new one 2012-12-10 17:44:55 +01:00
Miroslav Stampar
d013644c65 Minor update 2012-12-10 17:37:43 +01:00
Miroslav Stampar
775e0df04b Update for an Issue #278 2012-12-05 10:45:17 +01:00
Miroslav Stampar
c636c26acc Minor update 2012-12-03 17:43:39 +01:00
Miroslav Stampar
d95dd2d16e Preparation for an Issue #254 2012-11-28 10:58:18 +01:00
Miroslav Stampar
735cfeee26 Update extra/shutils/_sqlmap.py
Minor language fix
2012-11-20 14:33:03 +01:00
Vlatko Kosturjak
209a860527 Initial import of zsh completion script 2012-11-20 12:54:07 +01:00
Miroslav Stampar
80120e849f Minor refactoring and update of sqlharvest.py 2012-08-21 13:37:16 +02:00
Bernardo Damele
224e6376a6 cleanup to README files 2012-07-17 00:32:32 +01:00
Bernardo Damele
4940610f38 removed deprecated metasploit module 2012-07-14 19:27:31 +01:00
Miroslav Stampar
87ecf205cb More work for Issue #66 2012-07-14 17:01:04 +02:00
Bernardo Damele
162da75a04 modified homepage address 2012-07-12 18:38:03 +01:00
Miroslav Stampar
569c9214bf Adding support for boldifying important logging messages 2012-07-12 16:30:35 +02:00
Bernardo Damele
64143a146f no need for bold error and critical messages, red is already enough 2012-07-12 14:54:05 +01:00
Bernardo Damele
44ad9bd0f6 removed unused commented lines 2012-07-11 22:40:05 +01:00
Miroslav Stampar
e673a57311 Fix for that ugly red blank line in CRITICAL messages 2012-07-11 20:49:22 +02:00
Bernardo Damele
105ac8ea77 deleted unnecessary hg file 2012-07-11 17:06:56 +01:00
Bernardo Damele
015ea52284 added colorama library, BSD license, http://pypi.python.org/pypi/colorama 2012-07-11 17:04:52 +01:00
Bernardo Damele
9cfea57b10 added termcolor library, MIT license, http://pypi.python.org/pypi/termcolor 2012-07-11 16:45:18 +01:00
Bernardo Damele
ff6ca6fb1a colourize the whole log message 2012-07-11 12:18:48 +01:00
Bernardo Damele
115cd3479e minor import fix 2012-07-10 13:13:21 +01:00
Bernardo Damele
43e58b63ea modified debug colour - issue #77 2012-07-10 02:58:49 +01:00
Bernardo Damele
a14b7e6b6b fixed the colors - issue #77 2012-07-10 02:47:35 +01:00
Miroslav Stampar
e948e4d45b Some more refactoring 2012-07-06 17:18:22 +02:00
Miroslav Stampar
40fc6488bf Fix for Issue #56 (Google has changed few things for retrieving PR) 2012-07-03 21:00:18 +02:00
Miroslav Stampar
f495cfa139 minor update 2012-06-27 23:32:16 +02:00
jekil
c39e5a85ba Removed $id$ tags 2012-06-27 20:56:43 +02:00
Bernardo Damele
c0b9cf539f moved udfhack to its own repository, https://github.com/sqlmapproject/udfhack 2012-06-27 15:15:11 +01:00
Miroslav Stampar
e9f6b00e26 minor fix in a KeepAlive library 2012-05-07 13:36:36 +00:00
Miroslav Stampar
95f89ab63a updating copyright date 2012-01-11 14:59:46 +00:00
Miroslav Stampar
b604057e54 minor update 2011-12-26 16:09:46 +00:00
Miroslav Stampar
068ff92dc4 optimizing a bit pyDes module used in Oracle hash cracking 2011-12-26 15:33:49 +00:00
Miroslav Stampar
8a7b0406c8 minor optimization 2011-12-22 20:08:28 +00:00
Miroslav Stampar
526aacb640 code cleanup 2011-12-21 22:59:23 +00:00
Miroslav Stampar
41b60b26fc minor refactoring 2011-12-21 14:25:39 +00:00
Miroslav Stampar
0b54553a76 quick fix for AV engines 2011-12-21 10:22:03 +00:00
Miroslav Stampar
0f5d48ff20 minor update 2011-12-05 09:25:56 +00:00
Miroslav Stampar
408d12dc41 minor fix 2011-12-05 08:26:00 +00:00
Miroslav Stampar
3fb22ef80a another minor update 2011-12-05 00:03:05 +00:00
Miroslav Stampar
a462a9df43 minor update 2011-12-04 23:59:10 +00:00
Miroslav Stampar
b99c157d0f patching DNS-leakage of SocksiPy extra module 2011-12-04 23:58:22 +00:00
Miroslav Stampar
ef987c6954 adding compatibility support for using --crawl and --forms together 2011-10-29 09:32:20 +00:00
Miroslav Stampar
25f0ec3597 some minor range to xrange conversion (where safe to do) 2011-10-21 22:34:27 +00:00
Bernardo Damele
50f4c4af52 Minor bug fix to parse also MSSQL 2008 R2 signatures 2011-07-24 23:43:01 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00
Miroslav Stampar
b8ffcf9495 few fixes here and there and multi-core processing for dictionary based hash attack 2011-07-04 19:58:41 +00:00
Bernardo Damele
6d606d417b Preparing for PostgreSQL 9.0 DLL (--os-pwn) compilation on Windows 64-bit 2011-06-28 13:41:15 +00:00
Bernardo Damele
1698630bc0 Added PostgreSQL 9.0 shared object for Linux 64-bit 2011-06-28 13:12:18 +00:00
Miroslav Stampar
7c830c2b1a removing xmlobject 2011-06-22 14:33:03 +00:00
Miroslav Stampar
2a4a284a29 crawler fix (skip binary files) 2011-06-20 22:41:38 +00:00
Miroslav Stampar
d9015ed800 fix for a bug reported by krasn@deventum.com 2011-06-20 13:25:19 +00:00
Miroslav Stampar
07e2c72943 adding Beautifulsoup (BSD) into extras; adding --crawl to options 2011-06-20 11:32:30 +00:00
Miroslav Stampar
84978f16c9 fix for a "problem" reported by Kirill Morozov (nt authority\\network service) 2011-06-11 07:54:59 +00:00
Miroslav Stampar
0d0f2863af adding one more tamper script 2011-06-09 09:38:07 +00:00
Bernardo Damele
cce3208b35 Cleanup 2011-06-08 14:15:34 +00:00
Miroslav Stampar
0486d1cdaa minor module update 2011-05-24 10:32:21 +00:00
Miroslav Stampar
25fff8c135 changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux) 2011-05-21 11:46:57 +00:00
Miroslav Stampar
48ac9911c0 more graceful fix related to the last commit 2011-05-11 09:42:35 +00:00
Miroslav Stampar
402c623119 minor fix 2011-05-11 09:40:11 +00:00
Miroslav Stampar
53065ee1fb adding ordered set for kb.targetUrls (now the order of appereance in multiple targets mode will be respected) 2011-05-11 08:55:48 +00:00
Bernardo Damele
28a4ae8eaf Minor improvement to cleanup script 2011-05-06 13:53:10 +00:00
Bernardo Damele
eea96c5b8d code cleanup 2011-05-05 08:50:18 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Miroslav Stampar
6bb4dce3aa minor refactoring 2011-04-29 15:22:32 +00:00
Bernardo Damele
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Miroslav Stampar
41924a6ead fix for a bug reported by saccurso@skygear.com​.ar (UnicodeDecodeError: 'ascii' codec can't decode byte 0xe9 in position 0: ordinal
not in range(128))
2011-04-21 23:17:16 +00:00
Bernardo Damele
8e2e06a7a3 layout adjustment 2011-04-21 09:25:42 +00:00
Miroslav Stampar
354a2ce249 'chardet' heuristic engine added to the project 2011-04-18 13:38:46 +00:00
Bernardo Damele
79d5804519 added propset 2011-04-15 16:28:48 +00:00
Bernardo Damele
48f916d5a4 Fixed a minor bug 2011-04-15 16:25:42 +00:00
Miroslav Stampar
c461fdca54 some refactoring 2011-04-15 13:51:06 +00:00
Miroslav Stampar
bf6ea35145 adding new tool safe2bin for decoding safe encoded values 2011-04-15 13:41:50 +00:00
Miroslav Stampar
a883316e22 i was on some heavy drugs (sys.stdout = fpOut) 2011-04-15 12:58:56 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Bernardo Damele
7c61931b96 Added notes on how to compile and get small shared libraries for UDF 2011-04-12 09:53:52 +00:00
Miroslav Stampar
305115a68b important improvement of data handling (POST data and header values) 2011-04-03 15:02:52 +00:00
Miroslav Stampar
cd7e4f5afc improvement for lots of multiple-selection forms (now by default the first one is selected - till now it was left unchecked which lead to blank get/post data for the whole form) 2011-04-01 22:12:24 +00:00
Miroslav Stampar
d8f7c4bc4c minor update regarding support for crypt(3) 2011-03-26 21:41:37 +00:00
Miroslav Stampar
63b8156c00 some update (if header key is non-unicode comformant) 2011-02-25 09:43:04 +00:00
Miroslav Stampar
2bbbc9a41e few updates 2011-02-25 09:35:24 +00:00
Bernardo Damele
156d8cd99b Directory restyling 2011-02-08 00:15:02 +00:00
Bernardo Damele
0a81415f2f Minor code cleanup 2011-02-08 00:02:54 +00:00
Bernardo Damele
6a71629575 Converted from DOS format (\n\r to \n only) 2011-02-06 23:25:55 +00:00
Miroslav Stampar
4df8a03c04 using OrderedDict to store parameters in order of appearance 2011-02-04 18:07:21 +00:00
Miroslav Stampar
a8fea8e4a8 fix for a bug noticed when using --keep-alive --threads on IIS/MSSQL 2011-02-03 15:09:53 +00:00
Bernardo Damele
06bb369da5 GCC 4.3 makes Linux/MySQL shared objects smaller 2011-02-03 14:59:31 +00:00
Bernardo Damele
8cf88dd0da Ready with PgSQL/Linux/32bit shared object too now 2011-02-03 12:28:00 +00:00
Miroslav Stampar
6393495eb0 comment added 2011-01-31 11:58:35 +00:00
Miroslav Stampar
1b4d68c844 minor update 2011-01-31 11:56:20 +00:00
Miroslav Stampar
fb3513650d adding ID properties 2011-01-31 11:41:28 +00:00
Miroslav Stampar
f9eac97fe8 refactoring of MSSQL XML banner parsing 2011-01-31 11:38:00 +00:00
Miroslav Stampar
367d0639f0 refactoring (class names should always be Capital cased) 2011-01-28 16:36:09 +00:00
Miroslav Stampar
b1c7a17163 fix for a bug reported by malice.anon@gmail.com (UnicodeEncodeError..self.sock.sendall(str)) 2011-01-28 13:26:20 +00:00
Miroslav Stampar
bb6e36fb02 minor updates 2011-01-27 12:38:39 +00:00
Miroslav Stampar
20df2bbd10 minor fix 2011-01-25 15:44:45 +00:00
Miroslav Stampar
c7f260a8bc minor update 2011-01-25 12:54:49 +00:00
Miroslav Stampar
98e48bd682 new script 2011-01-25 12:48:50 +00:00
Miroslav Stampar
bd2e036412 minor fix 2011-01-20 22:00:16 +00:00
Bernardo Damele
1d06c64149 Indentation fix 2011-01-20 21:56:38 +00:00
Bernardo Damele
aa8a20d241 Minor bug fix for a traceback 2011-01-20 21:50:21 +00:00
Miroslav Stampar
44504746cf minor update 2011-01-15 13:43:08 +00:00
Miroslav Stampar
6942c9a001 same thing with mysql as in last commit 2011-01-05 14:41:38 +00:00
Miroslav Stampar
a136915ab6 bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned) 2011-01-05 14:36:41 +00:00
Miroslav Stampar
5c6c870db4 removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode 2011-01-02 08:43:38 +00:00
Miroslav Stampar
6b37ddada4 removed some blank trailing spaces (with extra/shutils/blanks.sh) 2010-12-21 10:31:56 +00:00
Miroslav Stampar
b26e09fc71 another minor update 2010-12-09 12:49:29 +00:00
Miroslav Stampar
f712d2477e removed duplicate entries inside common wordlists (tables & columns) and added a script which does that automatically 2010-12-09 12:41:16 +00:00
Miroslav Stampar
06395b5408 update 2010-12-09 12:03:10 +00:00
Miroslav Stampar
1f8a9fe033 foundations for dictionary attack support combined with the sqlmap's password/hash retrieval functionality (--password switch) 2010-11-20 13:14:13 +00:00
Miroslav Stampar
ef1809464d bug fix for that BadStatusLine (http://bugs.python.org/issue8450) 2010-11-05 11:58:20 +00:00
Miroslav Stampar
effd712ecf added new directory with shell utils needed here and there for project maintanence 2010-11-03 10:19:31 +00:00
Miroslav Stampar
6adee3792a removed all trailing spaces from blank lines 2010-11-03 10:08:27 +00:00