Commit Graph

77 Commits

Author SHA1 Message Date
Miroslav Stampar
862395ced1 further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Miroslav Stampar
8e44aa605a refactoring regarding injection place (more left) 2010-11-08 08:02:36 +00:00
Bernardo Damele
27ce4b0cf0 Set proper verbose level for dbms direct error messages 2010-11-07 22:14:06 +00:00
Miroslav Stampar
d3e7e89e60 major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces 2010-11-07 21:18:09 +00:00
Miroslav Stampar
6adee3792a removed all trailing spaces from blank lines 2010-11-03 10:08:27 +00:00
Miroslav Stampar
685a8e7d2c refactoring of hard coded dbms names 2010-11-02 11:59:24 +00:00
Bernardo Damele
215175e3b7 Minor code adjustments 2010-10-25 14:11:47 +00:00
Bernardo Damele
60a1b48194 Major bug fix for --os-pwn 2010-10-17 20:44:16 +00:00
Miroslav Stampar
4f7f20b94f sorry, cosmetics 2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136 large commit with copyright header modifications 2010-10-14 14:41:14 +00:00
Miroslav Stampar
1369529103 minor cosmetic update 2010-10-11 13:52:32 +00:00
Miroslav Stampar
78ba5da4f7 fix 2010-09-23 22:07:33 +00:00
Bernardo Damele
26d1a07a1d Minor code refactoring and bug fix in the *rare case* that MySQL on Linux runs as root or the plugin dir (/usr/lib/.*?/plugin is world-writable 2010-07-01 10:39:04 +00:00
Bernardo Damele
9ea72f9640 Minor bug fixes to -d 2010-06-25 13:24:43 +00:00
Miroslav Stampar
12a5ec9f3d more unicode refactoring 2010-06-02 12:45:40 +00:00
Miroslav Stampar
a3db3c03c1 str() -> unicode() 2010-05-28 13:05:02 +00:00
Miroslav Stampar
f24187f251 few fixes here and there 2010-05-28 12:47:03 +00:00
Bernardo Damele
a1b1f960cc Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function 2010-04-23 16:34:20 +00:00
Bernardo Damele
eecee3b274 Added resume functionality to -d and fixed logging with -d 2010-04-12 09:35:20 +00:00
Miroslav Stampar
e2810003ae more update 2010-04-06 15:12:52 +00:00
Miroslav Stampar
c24f1cc07c some update 2010-04-06 14:59:31 +00:00
Bernardo Damele
5fdebb5d5b Added support to directly connect also to Microsoft SQL Server database.
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00
Miroslav Stampar
1973024ebf added support for reusing connections 2010-03-30 13:52:47 +00:00
Miroslav Stampar
c2a6f21095 refactoring regarding usage of conf.dbmsConnector.connect() 2010-03-30 13:03:19 +00:00
Bernardo Damele
1416cd0d86 Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Bernardo Damele
a63e251b25 Ahead with code refactoring, related to r1502.
Fixed svn:keywords propset to all .py files.
2010-03-23 21:26:45 +00:00
Bernardo Damele
09768a7b62 Major code refactoring: moved and split plugins (mysql, pgsql, mssql, oracle) more granularly and organized.
Todo for firebird, sqlite, access.
2010-03-22 22:57:57 +00:00