Miroslav Stampar
|
bd75fd26e9
|
implementing a --page-rank switch as requested by l0rda@l0rda.biz
|
2011-03-23 11:57:57 +00:00 |
|
Miroslav Stampar
|
5a1aaecf16
|
minor fix so concatenated queries could be run in Oracle --sql-shell (e.g. select NAME||chr(58)||OWNER FROM ALL_SOURCE WHERE TYPE='FUNCTION')
|
2011-03-22 13:07:37 +00:00 |
|
Miroslav Stampar
|
b5c9ccb755
|
Oracle XML based error payload has problems with char $ as with space
|
2011-03-21 13:13:12 +00:00 |
|
Miroslav Stampar
|
3ca5cddca7
|
massive BUG FIX (if NULL is one of dumping values it will screw everything in corner cases because "SELECT 1 WHERE NULL IN (NULL)" and "SELECT 1 WHERE NULL NOT IN (NULL)" will always return nothing/nadda/zero/not even NULL)
|
2011-03-20 23:54:56 +00:00 |
|
Miroslav Stampar
|
088c815567
|
minor update (exposing --tor switch)
|
2011-03-19 18:28:51 +00:00 |
|
Miroslav Stampar
|
2cc91b8470
|
minor fix
|
2011-03-19 17:44:34 +00:00 |
|
Miroslav Stampar
|
7c2b3afafb
|
minor fix (-r required Content-Length which is a part of Burp log and as we share the parsing logic this was a headache for -r)
|
2011-03-19 17:37:26 +00:00 |
|
Miroslav Stampar
|
139448eeb9
|
little stabilization regarding POST url(de/en)coding
|
2011-03-19 16:53:14 +00:00 |
|
Miroslav Stampar
|
0fcd999e51
|
fix for a bug reported by malice
|
2011-03-18 16:52:46 +00:00 |
|
Miroslav Stampar
|
58e9a074d3
|
masking some more command line arguments
|
2011-03-18 16:47:18 +00:00 |
|
Miroslav Stampar
|
36233fac42
|
update regarding a feature request from andyroyalbattle@yahoo.it
|
2011-03-18 16:35:30 +00:00 |
|
Miroslav Stampar
|
00b9d85ffc
|
fix regarding bug report from andyroyalbattle@yahoo.it
|
2011-03-18 16:26:39 +00:00 |
|
Miroslav Stampar
|
4e300baaf2
|
minor cosmetics
|
2011-03-18 14:09:18 +00:00 |
|
Miroslav Stampar
|
3628887110
|
los cosmeticados
|
2011-03-18 14:08:36 +00:00 |
|
Miroslav Stampar
|
75c0e09f43
|
little refactoring
|
2011-03-18 13:46:51 +00:00 |
|
Miroslav Stampar
|
c301b245a9
|
adding default value for referer in case --referer was not defined and --level>=3 used (so it could be tested with default value)
|
2011-03-18 13:39:51 +00:00 |
|
Miroslav Stampar
|
b53c9a2599
|
minor fix and some refactoring
|
2011-03-18 00:24:02 +00:00 |
|
Miroslav Stampar
|
fbd0cfda29
|
minor update toward the implementation of request from Santiago
|
2011-03-17 06:39:05 +00:00 |
|
Bernardo Damele
|
f00aff5303
|
-v 0 shows both error, critical and raw_input messages
|
2011-03-11 22:02:38 +00:00 |
|
Bernardo Damele
|
d7d47b6257
|
Minor bug fix (revert)
|
2011-03-11 21:56:45 +00:00 |
|
Miroslav Stampar
|
e64f225e65
|
minor refactoring
|
2011-03-11 20:16:34 +00:00 |
|
Miroslav Stampar
|
6cc745f789
|
removal of deprecated piece of code (replaced later with that getCurrentThreadData().disableStdOut)
|
2011-03-11 20:04:15 +00:00 |
|
Miroslav Stampar
|
5eae525010
|
this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly)
|
2011-03-11 19:57:44 +00:00 |
|
Bernardo Damele
|
3cb0ca4b63
|
Minor bug fix for --privileges on PgSQL with error-based SQL inj technique
|
2011-03-11 15:24:25 +00:00 |
|
Bernardo Damele
|
5af7410cb1
|
Another bug fix for --privileges on PgSQL with UNION query technique
|
2011-03-11 15:13:09 +00:00 |
|
Bernardo Damele
|
74ef1e53c7
|
Minor bug fixes to --privileges for PostgreSQL query (corner case)
|
2011-03-11 14:54:41 +00:00 |
|
Miroslav Stampar
|
eb1cda7065
|
minor refactoring (more consistent)
|
2011-03-09 12:06:32 +00:00 |
|
Miroslav Stampar
|
62e3510387
|
minor refactoring
|
2011-03-09 11:37:37 +00:00 |
|
Miroslav Stampar
|
5c97f9a496
|
improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries)
|
2011-03-09 09:36:56 +00:00 |
|
Miroslav Stampar
|
9b2962ff1c
|
now when we don't urlencode whole URI using : and \ as safe chars is not a good idea
|
2011-03-09 08:56:29 +00:00 |
|
Miroslav Stampar
|
30619c599b
|
minor update regarding encoding (adding few safe chars for e.g. CHR(50)|...)
|
2011-03-08 11:53:59 +00:00 |
|
Miroslav Stampar
|
cc0306044c
|
adding SVN revision number support for non SVN client platforms
|
2011-03-07 21:54:30 +00:00 |
|
Miroslav Stampar
|
16b286982d
|
fix for a bug reported by nightman (AttributeError: 'list' object has no attribute 'split')
|
2011-03-07 09:50:43 +00:00 |
|
Miroslav Stampar
|
8edc3b3302
|
further update regarding last commit
|
2011-03-03 10:39:04 +00:00 |
|
Miroslav Stampar
|
bc50387a17
|
possible fix for a bug reported by Black Zero (UnicodeDecodeError for --forms)
|
2011-03-03 09:42:50 +00:00 |
|
Miroslav Stampar
|
f27f05308a
|
minor update for masking sensitive data in error report (added aCred too)
|
2011-03-02 10:09:17 +00:00 |
|
Miroslav Stampar
|
ad2e4002ea
|
minor improvement
|
2011-03-01 10:38:27 +00:00 |
|
Miroslav Stampar
|
0f3cc153a3
|
fix for --technique
|
2011-03-01 09:54:06 +00:00 |
|
Miroslav Stampar
|
2bf212ffa9
|
minor minor update
|
2011-02-27 20:43:38 +00:00 |
|
Miroslav Stampar
|
7036190e8e
|
minor improvement of regular expression
|
2011-02-27 17:58:01 +00:00 |
|
Miroslav Stampar
|
21041f8b90
|
further reflective value handling improvement
|
2011-02-27 17:43:41 +00:00 |
|
Bernardo Damele
|
6e8ebd35f4
|
Hide switch -x (XML output format) as it is incomplete and bugged and won't make it for 0.9 stable
|
2011-02-27 12:17:41 +00:00 |
|
Miroslav Stampar
|
88faedc0fe
|
fix for a bug reported by -insane-
|
2011-02-26 17:48:19 +00:00 |
|
Miroslav Stampar
|
11996ce12e
|
bug fix for international encoded letters
|
2011-02-25 22:43:01 +00:00 |
|
Miroslav Stampar
|
2bbbc9a41e
|
few updates
|
2011-02-25 09:35:24 +00:00 |
|
Miroslav Stampar
|
aa88361ab1
|
incorporation of method for neutralization of reflective values
|
2011-02-25 09:22:44 +00:00 |
|
Miroslav Stampar
|
708ddf5608
|
added protection mechanism against reflected values
|
2011-02-24 16:52:46 +00:00 |
|
Miroslav Stampar
|
38dc82e13e
|
If no Accept header field is present, then it is assumed that the client accepts all media types.
|
2011-02-22 22:26:22 +00:00 |
|
Miroslav Stampar
|
d05bd75068
|
adding experimental for --group-concat
|
2011-02-22 14:35:38 +00:00 |
|
Miroslav Stampar
|
3f8eadf4fe
|
minor refactoring
|
2011-02-22 13:00:58 +00:00 |
|
Miroslav Stampar
|
dcad5410fe
|
minor refactoring
|
2011-02-22 12:54:22 +00:00 |
|
Bernardo Damele
|
3e8c204121
|
Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba
|
2011-02-21 16:00:56 +00:00 |
|
Miroslav Stampar
|
aac817935a
|
further improvement of MaxDB support
|
2011-02-20 22:41:42 +00:00 |
|
Miroslav Stampar
|
70449eb01b
|
minor bug fix
|
2011-02-20 21:35:28 +00:00 |
|
Miroslav Stampar
|
345df5968d
|
minor update
|
2011-02-20 21:27:38 +00:00 |
|
Bernardo Damele
|
8e60acae5d
|
Added support for --scope also in WebScarab logs (-l)
|
2011-02-19 21:03:55 +00:00 |
|
Miroslav Stampar
|
b71bb321dd
|
some more Sybase updates
|
2011-02-19 18:04:27 +00:00 |
|
Miroslav Stampar
|
cec7694aac
|
some progress regarding SYBASE
|
2011-02-19 14:56:58 +00:00 |
|
Miroslav Stampar
|
e0efe453ab
|
minor update regarding Sybase support
|
2011-02-19 14:07:08 +00:00 |
|
Miroslav Stampar
|
df58bcaf95
|
minor improvement
|
2011-02-18 14:27:02 +00:00 |
|
Miroslav Stampar
|
6cdf08b81c
|
minor fix
|
2011-02-17 21:51:40 +00:00 |
|
Miroslav Stampar
|
22cd49a217
|
--technique can now be something like 123 which includes both techniques 1, 2 and 3
|
2011-02-17 21:39:16 +00:00 |
|
Miroslav Stampar
|
199f14df46
|
implementation of MySQL GROUP_CONCAT technique
|
2011-02-15 00:28:27 +00:00 |
|
Bernardo Damele
|
2ea828e416
|
Proper fix for r3307 (file-write on MySQL via UNION query tech)
|
2011-02-13 22:48:01 +00:00 |
|
Miroslav Stampar
|
417b311475
|
minor update
|
2011-02-13 22:02:47 +00:00 |
|
Miroslav Stampar
|
50d25c3b4d
|
update regarding explicit testing of ua and referer when using -p
|
2011-02-13 21:58:48 +00:00 |
|
Miroslav Stampar
|
5fb11fd173
|
update regarding multiple DBMS payloads
|
2011-02-13 21:20:21 +00:00 |
|
Miroslav Stampar
|
9f7d666451
|
removing --method per request of buawig
|
2011-02-12 19:50:27 +00:00 |
|
Bernardo Damele
|
7253362114
|
Minor bug fix so that --file-write on MySQL via UNION query now works again
|
2011-02-11 23:35:45 +00:00 |
|
Miroslav Stampar
|
535eb9f3eb
|
implementation of referer feature
|
2011-02-11 23:07:03 +00:00 |
|
Miroslav Stampar
|
4295a78c5f
|
minor update
|
2011-02-10 19:51:34 +00:00 |
|
Bernardo Damele
|
c078de894f
|
Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA
|
2011-02-10 14:24:04 +00:00 |
|
Bernardo Damele
|
864eade744
|
Fixed store and resume of brute-forced tables/columns for MSSQL/Sybase
|
2011-02-10 11:14:05 +00:00 |
|
Bernardo Damele
|
aa0fb276ba
|
More fixes for --common-columns to work against MSSQL too
|
2011-02-09 17:22:07 +00:00 |
|
Miroslav Stampar
|
7d9be18789
|
added one comment
|
2011-02-09 14:34:18 +00:00 |
|
Miroslav Stampar
|
bafc8a1b0f
|
another update
|
2011-02-09 13:29:52 +00:00 |
|
Miroslav Stampar
|
600f729139
|
fix for a bug reported by skysbsb@gmail.com (double ORDER BY)
|
2011-02-09 12:43:09 +00:00 |
|
Miroslav Stampar
|
5b57a69f3e
|
fix
|
2011-02-09 11:20:03 +00:00 |
|
Miroslav Stampar
|
37f7001143
|
first commit with mysql/error/substringing
|
2011-02-08 16:23:33 +00:00 |
|
Bernardo Damele
|
c3eb82e60b
|
Proper fix
|
2011-02-08 10:08:48 +00:00 |
|
Miroslav Stampar
|
dba2f74588
|
revert of r3274
|
2011-02-08 09:44:34 +00:00 |
|
Bernardo Damele
|
cfe2da0195
|
Minor fix
|
2011-02-08 00:13:39 +00:00 |
|
Bernardo Damele
|
0a81415f2f
|
Minor code cleanup
|
2011-02-08 00:02:54 +00:00 |
|
Miroslav Stampar
|
771020abd6
|
one more related commit
|
2011-02-07 16:32:08 +00:00 |
|
Miroslav Stampar
|
265e7ca272
|
fix for that MSSQL limit/top problem
|
2011-02-07 16:24:23 +00:00 |
|
Miroslav Stampar
|
99e9412f74
|
minor update
|
2011-02-07 12:34:23 +00:00 |
|
Miroslav Stampar
|
e023e0d233
|
proper fix
|
2011-02-07 12:32:08 +00:00 |
|
Bernardo Damele
|
39decebe85
|
Minor fixes to checking/re-enabling of xp_cmdshell procedure
|
2011-02-07 12:17:19 +00:00 |
|
Miroslav Stampar
|
096efea282
|
added BULK to EXCLUDE_UNESCAPE and preventing crashes when output=[]
|
2011-02-07 10:22:43 +00:00 |
|
Bernardo Damele
|
ba3a8a69d4
|
More statements to exclude from unescap'ing
|
2011-02-07 00:33:54 +00:00 |
|
Bernardo Damele
|
3719f085ae
|
Added back-end dbms' OS based methods to Backend object - will be used for refactoring
|
2011-02-07 00:21:17 +00:00 |
|
Bernardo Damele
|
2e00656235
|
Minor fix
|
2011-02-07 00:20:23 +00:00 |
|
Bernardo Damele
|
bf5ca4bd9a
|
No point in unescaping the expression also in suffixQuery() also 'cause it will exit sqlmap if the parameter value is a string hence injection payload starts with single quote (')
|
2011-02-06 23:30:43 +00:00 |
|
Bernardo Damele
|
061f56daf9
|
More adjustments related to unescape() and cleanupPayload().
Minor code cleanup related to error-based payload.
|
2011-02-06 23:27:56 +00:00 |
|
Bernardo Damele
|
6a71629575
|
Converted from DOS format (\n\r to \n only)
|
2011-02-06 23:25:55 +00:00 |
|
Bernardo Damele
|
0800d9e49b
|
Major bug fix for semi-centralize unescape() and cleanupPayload() into prefixQuery() and suffixQuery()
|
2011-02-06 22:58:12 +00:00 |
|
Bernardo Damele
|
f3d6be7868
|
Code cleanup
|
2011-02-06 22:32:44 +00:00 |
|
Miroslav Stampar
|
078a2207cc
|
few reverts
|
2011-02-06 22:10:28 +00:00 |
|
Miroslav Stampar
|
b9b2fe0e7c
|
little cleanup
|
2011-02-06 21:52:39 +00:00 |
|
Miroslav Stampar
|
c4c2cf1d58
|
can't stay as it is right now. temporary disabling.
|
2011-02-06 21:17:41 +00:00 |
|