Miroslav Stampar
c33e493e0d
Fix for an Issue #885
2014-10-31 17:06:09 +01:00
Miroslav Stampar
0feb379b47
Fix for an Issue #887
2014-10-31 16:39:29 +01:00
Miroslav Stampar
006d9d1859
Bug fix for a problem reported by a user via ML (--os-shell)
2014-10-13 12:00:34 +02:00
Miroslav Stampar
7278af01ee
Implementation for an Issue #832
2014-09-16 14:12:43 +02:00
Miroslav Stampar
57eb19377e
Minor code refactoring
2014-09-16 09:07:31 +02:00
Miroslav Stampar
c5b71cff10
Some filtering
2014-08-21 01:12:44 +02:00
Bernardo Damele
4e909a2a05
code cleanup
2014-07-01 00:58:49 +01:00
Bernardo Damele
018748f52e
increase the timeout for the Metasploit session initialization to 5 minutes, better on slow speed connections
2014-07-01 00:34:09 +01:00
Miroslav Stampar
c2f14e57e7
Patch for an Issue #740
2014-06-29 00:27:23 +02:00
Miroslav Stampar
0f581ccb6c
Minor fix
2014-05-13 15:36:28 +02:00
Miroslav Stampar
e0fb21c26a
Patch for an Issue #673
2014-04-21 21:57:30 +02:00
Miroslav Stampar
9c7fbd1a90
Minor refactoring
2014-04-06 18:19:54 +02:00
Bernardo Damele
9f838c3d5b
typo fix
2014-03-21 11:37:34 +00:00
Bernardo Damele
8091a88d3e
minor code cleanup and bug fix
2014-03-21 11:35:30 +00:00
Bernardo Damele
c211255773
replaced outfile with dumpfile so works even if the original statement outputs blob
2014-03-21 11:01:57 +00:00
Miroslav Stampar
d405fc1157
Minor update (for the consistency sake)
2014-02-16 22:04:12 +01:00
Miroslav Stampar
58eac364a2
Bug fix
2014-02-16 21:57:14 +01:00
Miroslav Stampar
dfa727cbc5
Fix for a same bug mentioned in last commit
2014-02-16 21:47:14 +01:00
Miroslav Stampar
43df4efd11
Bug fix (bad idea is to do os.path.join on web URLs - especially on Windows OS)
2014-02-16 21:44:57 +01:00
Bernardo Damele
be6767b3b0
minor fix for command execution via web shell
2014-02-10 09:59:57 +00:00
Miroslav Stampar
0e44132778
Removing unused imports
2014-02-01 21:49:12 +01:00
Bernardo Damele
1505f1dc74
removed useless sink
2014-01-13 23:55:32 +00:00
Bernardo Damele
124ebefc7f
code cleanup
2014-01-13 23:48:15 +00:00
Bernardo Damele
43a4e85749
updated copyright
2014-01-13 17:24:49 +00:00
Bernardo Damele
dfa9076a70
fixed and improved web shell upload in MySQL (it was actually broken since fc57b7565d
)
2014-01-13 17:12:37 +00:00
Miroslav Stampar
95ed6b7203
Minor patch (Issue #470 )
2013-06-24 14:37:45 +02:00
Bernardo Damele
a72096a345
slightly more appropriate definition of output variable
2013-06-19 20:25:01 +01:00
Bernardo Damele
cae108d9fc
careful at merging pull requests with TABs ( #466 )
2013-06-19 19:49:53 +01:00
Meatballs
c5087399c1
Fix exception if init technique not available
2013-06-16 10:47:27 +01:00
Meatballs
2c98507f1e
Add better error msg
2013-06-16 10:27:08 +01:00
Meatballs
caa326774c
Fallback to blind
2013-06-16 10:22:20 +01:00
stamparm
8fbf4b11d2
Trivial update regarding last commit
2013-05-29 15:45:13 +02:00
Miroslav Stampar
e18796dbe1
Minor style update
2013-05-25 18:00:20 +02:00
stamparm
214d9aaf4b
Language fix
2013-04-30 14:06:04 +02:00
stamparm
3266c6c1f1
Language fix
2013-04-30 14:06:04 +02:00
stamparm
ae6ce7db30
Removal of unused imports
2013-03-20 10:44:15 +01:00
Miroslav Stampar
8acf033715
Code refactoring
2013-03-19 19:24:14 +01:00
Bernardo Damele
0c79d7b1e2
unnecessary import
2013-02-14 18:33:47 +00:00
Bernardo Damele
614ff6029d
working on #396 - handle the case when we dont have a web backdoor/file stager for the language API, added a few more log messages to give further information about what is going on, minor bug fix to docRoot
2013-02-14 18:31:14 +00:00
Bernardo Damele
3b38b20176
working on #396 - adaptation for the verification phase
2013-02-14 18:29:55 +00:00
Bernardo Damele
261db6ed4f
working on #396 - verify shellcodeexec executable has been properly uploaded
2013-02-14 18:29:35 +00:00
Bernardo Damele
4d5ecc3b03
working on #396 - verify icmpsh executable has been properly uploaded
2013-02-14 18:28:48 +00:00
Bernardo Damele
66cee83ca4
if needed, allow to reinitialize the environment for takeover - issue #396
2013-02-14 17:39:19 +00:00
Bernardo Damele
d42d28392a
avoid tracebacks because the parameter does not exist
2013-02-14 13:18:33 +00:00
Bernardo Damele
4b9d8ed673
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
2013-02-14 11:32:17 +00:00
Bernardo Damele
2267dd8f47
working on #392 to fix --os-cmd and --os-shell output parsing
2013-02-14 11:31:20 +00:00
Bernardo Damele
a67ef4117f
make sure to use Python 2 interpreter when default system Python is version 3
2013-02-14 11:25:04 +00:00
Miroslav Stampar
dd6f50a00e
Removing unused imports
2013-02-13 11:15:24 +01:00
Miroslav Stampar
dc41484b3f
Refactoring of funcionality for finding out if stacking is available
2013-02-13 09:57:16 +01:00
Miroslav Stampar
7c06a937e5
Minor refactoring
2013-02-09 20:21:17 +01:00
Bernardo Damele
f970b4f240
minor adjustment fixing the regression test stall
2013-02-09 12:19:21 +00:00
Bernardo Damele
e48181e28d
another attempt to fix the stall during regression test
2013-02-09 12:16:56 +00:00
Bernardo Damele
138a846cf1
possible fix for regression test stall
2013-02-09 10:50:06 +00:00
Bernardo Damele
1596b9ed59
revert
2013-02-08 16:43:49 +00:00
Bernardo Damele
98864e425f
minor "fix"
2013-02-08 16:30:34 +00:00
Bernardo Damele
8b510c55fb
minor code cleanup
2013-02-08 16:29:16 +00:00
Miroslav Stampar
5aaf7f1aa6
BUG fix
2013-02-08 16:44:30 +01:00
Miroslav Stampar
c0e59d94a9
Better naming
2013-02-08 16:28:58 +01:00
Miroslav Stampar
cdfe43560b
Update for an Issue #207 (and a potential patch for regression tests)
2013-02-08 16:20:48 +01:00
Miroslav Stampar
f41460f8d8
Better naming
2013-01-29 20:53:11 +01:00
Bernardo Damele
f4028bd7d2
minor adjustment
2013-01-23 02:10:38 +00:00
Bernardo Damele
d8a0e7eacb
fixes #187
2013-01-23 01:27:01 +00:00
Bernardo Damele
dea15b5892
notify user if --udf-inject is provided but no stacked queries SQLi is detected
2013-01-22 18:28:48 +00:00
Bernardo Damele
adf97e630f
add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL
2013-01-19 18:04:33 +00:00
Miroslav Stampar
601eb1e49a
Unescaping is renamed to escaping
2013-01-18 15:40:37 +01:00
Bernardo Damele
a43202f3c0
updated copyright
2013-01-18 14:07:51 +00:00
Bernardo Damele
3e2c3851f3
Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312 )
2013-01-14 13:42:50 +00:00
Miroslav Stampar
934d41dac2
Minor style update (PEP8)
2013-01-10 15:02:28 +01:00
Miroslav Stampar
ca3d35a878
Some PEP8 related style cleaning
2013-01-10 13:18:44 +01:00
Bernardo Damele
7f4ce4afbb
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2013-01-09 16:04:29 +00:00
Bernardo Damele
510ceb6e19
first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28
2013-01-09 16:04:23 +00:00
Miroslav Stampar
25f01a419f
Minor style update (for the sake of consistency over the code and our PEP8 adaptation)
2013-01-09 15:38:41 +01:00
Miroslav Stampar
96e5d5d178
Some more updates for an Issue #295
2013-01-07 16:55:41 +01:00
Miroslav Stampar
74552bea87
Cleaning some garbage (hard coded paths with linux native slashes)
2013-01-07 16:51:00 +01:00
Miroslav Stampar
425df067eb
Fix for an --os-pwn with ICMPsh (it was crashing because methods interleaved with Metasploit ones)
2013-01-07 16:44:22 +01:00
Miroslav Stampar
ac407ae4a1
Implementation for an Issue #295
2013-01-07 15:55:40 +01:00
Miroslav Stampar
e4a3c015e5
Replacing old and deprecated raise Exception style (PEP8)
2013-01-03 23:20:55 +01:00
Miroslav Stampar
cb15fcc8af
Fix for an Issue #329
2013-01-02 22:17:06 +01:00
Miroslav Stampar
a77b7f00d9
Fix for an Issue #323
2012-12-23 19:34:35 +01:00
Miroslav Stampar
00e55828e4
Minor style update
2012-12-21 15:06:03 +01:00
Miroslav Stampar
6c1ec9b54f
Fix for an Issue #318
2012-12-21 11:10:05 +01:00
Miroslav Stampar
35728fa443
Fix (and some hidden bug fixes/improvements) regarding an Issue #317
2012-12-21 10:51:35 +01:00
Bernardo Damele
65ed2304fd
comment update
2012-12-19 09:38:03 +00:00
Bernardo Damele
0037d52098
typo fix
2012-12-19 01:11:18 +00:00
Miroslav Stampar
df0f08bc6a
Cleaning some (web upload based) garbage
2012-12-13 13:19:47 +01:00
Miroslav Stampar
974407396e
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
2012-12-06 14:14:19 +01:00
Miroslav Stampar
003d21e962
Minor style update (capitalization of leftover class names)
2012-12-06 13:46:24 +01:00
Miroslav Stampar
ab67344448
Removed unused imports and variables (pyflake-ing)
2012-12-06 11:15:05 +01:00
Miroslav Stampar
775e0df04b
Update for an Issue #278
2012-12-05 10:45:17 +01:00
Miroslav Stampar
7c7aff12c6
Update for an Issue #225
2012-10-30 01:26:19 +01:00
Miroslav Stampar
726de868e2
Fix for an Issue #225
2012-10-30 00:37:43 +01:00
Miroslav Stampar
5358d85d37
Important refactoring for web-based functionality
2012-10-29 15:09:05 +01:00
Miroslav Stampar
d6e16e8641
Minor update
2012-10-29 11:08:02 +01:00
Miroslav Stampar
359e734954
Minor refactoring
2012-10-29 10:48:49 +01:00
Miroslav Stampar
c1b8226329
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
2012-10-28 00:36:09 +02:00
Miroslav Stampar
06805b27f2
Bug fix (time was also meant to be disabled in case of error/inband getvalues)
2012-10-27 23:16:25 +02:00
Miroslav Stampar
54fbb22ab8
Minor refactoring
2012-10-25 09:56:36 +02:00
Miroslav Stampar
f3aa09c794
Minor language fix
2012-10-23 15:52:43 +02:00
Miroslav Stampar
a6eeebfca8
Fix for an Issue #188
2012-09-20 11:30:07 +02:00
Miroslav Stampar
ebab05cf7c
Fix for an Issue #158
2012-08-21 20:20:38 +02:00
Miroslav Stampar
1669c6bdb4
Another update for an Issue #28
2012-07-27 17:05:21 +02:00
Miroslav Stampar
6ffc5665d0
Update for Issue #28
2012-07-27 16:29:33 +02:00
Miroslav Stampar
f8c9868cb6
Implementation for an Issue #118
2012-07-24 15:34:50 +02:00
Bernardo Damele
0a4b6431a8
minor bug fix - issue #112
2012-07-21 16:51:01 +01:00
Bernardo Damele
dba0a96c2e
fall-back to UNION technique if web file stager was not uploaded with LIMIT
2012-07-20 17:11:22 +01:00
Bernardo Damele
cbe8f41746
minor code refactoring preparing for #96
2012-07-20 16:20:17 +01:00
Bernardo Damele
318a01b867
minor typo fixes
2012-07-17 00:25:02 +01:00
Miroslav Stampar
87ecf205cb
More work for Issue #66
2012-07-14 17:01:04 +02:00
Miroslav Stampar
9ff9c951bc
Language update
2012-07-13 14:33:16 +02:00
Miroslav Stampar
6677da63cd
Fix for an Issue #88
2012-07-13 14:25:39 +02:00
Miroslav Stampar
c5ecc8b8db
Closing work on Issue #83
2012-07-13 11:23:21 +02:00
Miroslav Stampar
48f68bd076
First commit for Issue #83
2012-07-13 10:35:22 +02:00
Bernardo Damele
162da75a04
modified homepage address
2012-07-12 18:38:03 +01:00
Bernardo Damele
0702dd70b5
verify also that the web backdoor has been successfully uploaded
2012-07-11 14:08:51 +01:00
Miroslav Stampar
9c4a62f725
Some work on Issue #68
2012-07-11 11:58:47 +02:00
Bernardo Damele
d3da3f5c52
refactoring for issue #51
2012-07-10 00:19:32 +01:00
Bernardo Damele
25eca9d671
finally got this working on MSSQL 2005: commands can now be executed as another user (BULK INSERT must be used in such case, see comments in the code) - issue #34
2012-07-09 14:26:23 +01:00
Bernardo Damele
99c5ea54f7
cleanup for #34
2012-07-09 12:39:43 +01:00
Bernardo Damele
d08a54e375
properly display the command stdout
2012-07-09 10:52:48 +01:00
Miroslav Stampar
54e0a2d8ee
--os-shell now works perfect for inference-like techniques too
2012-07-07 17:57:06 +02:00
Miroslav Stampar
58f6687194
Some refactoring (reusing xpCmdshellForgeCmd)
2012-07-07 10:51:29 +02:00
Miroslav Stampar
8620767b77
Proper fix
2012-07-07 10:38:07 +02:00
Miroslav Stampar
1c69eb5d30
Revert "major fix"
...
This reverts commit 3a11fc2d9e
.
2012-07-07 10:26:13 +02:00
Bernardo Damele
3a11fc2d9e
major fix
2012-07-06 22:55:34 +01:00
Miroslav Stampar
e948e4d45b
Some more refactoring
2012-07-06 17:18:22 +02:00
Miroslav Stampar
982fcde1c0
Fix for Issue #62
2012-07-06 12:24:55 +02:00
Bernardo Damele
fd4cfb0cc0
working on #51
2012-07-02 15:28:19 +01:00
Bernardo Damele
7335072ab8
leftover
2012-07-02 15:11:21 +01:00
Bernardo Damele
04d803c7fd
more tweaking for issue #34 , it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)
2012-07-02 15:02:00 +01:00
Bernardo Damele
b7d2680e55
minor refactoring, issue #51
2012-07-02 12:50:26 +01:00
Bernardo Damele
add8352804
make the runAsDBMSUser() generic and ported to abstraction.py so the same function will be used for PostgreSQL dblink() too
2012-07-02 02:14:03 +01:00
Bernardo Damele
6697927098
initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap
2012-07-02 02:04:19 +01:00
Bernardo Damele
18be319d13
hexencoding the command is much shorter than unescaping with CHAR() for MSSQL, also no need for spaces between nested comments when forging the xp_cmdshell command to run
2012-07-01 23:41:10 +01:00
Bernardo Damele
ff9e97a42c
minor code refactoring
2012-07-01 23:31:45 +01:00
Bernardo Damele
ab412da27f
I am back on stage and here to stay!!! to start.. a removal of confirm switch which masked cases where file write operations failed when set to False automatically, now at least it asks the user and defaults to Yes
2012-07-01 23:25:05 +01:00
jekil
c39e5a85ba
Removed $id$ tags
2012-06-27 20:56:43 +02:00
Miroslav Stampar
06be7bbb18
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
2012-06-15 20:41:53 +00:00
Bernardo Damele
4da03d898e
Added support to create files with a visual basic script - no longer reliant on debug.exe so works on Windows 64-bit too. Fixes #236
2012-04-25 07:40:42 +00:00
Miroslav Stampar
5e358b51f9
few fixes related to bug report by Shadow Folder (AttributeError: 'list' object has no attribute 'isdigit')
2012-04-04 09:25:05 +00:00
Miroslav Stampar
e05109812f
minor improvements regarding data retrieval through DNS channel
2012-04-03 09:18:30 +00:00
Bernardo Damele
1e71b24dca
More info messages to prove xp_cmdshell (and temporary directory choosen) worked
2012-03-14 22:41:53 +00:00
Miroslav Stampar
61ad3b999a
fix for a crash with partial union and --hex
2012-03-14 10:31:24 +00:00
Miroslav Stampar
34b0935cb3
refactoring "echo 1" quick test for xp_cmdshell console output
2012-03-13 10:36:49 +00:00
Miroslav Stampar
c878dd3e5a
doing a dummy test for --os-shell in case of xp_cmdshell
2012-03-09 14:21:41 +00:00
Miroslav Stampar
8b9c5c66cc
code refactoring regarding charsetType inside inference/bisection
2012-02-29 14:36:23 +00:00
Miroslav Stampar
85125018a1
minor bug fix
2012-02-25 22:54:32 +00:00
Miroslav Stampar
06ab3fa134
minor update
2012-02-25 10:53:38 +00:00
Miroslav Stampar
b3bd4144f5
removing of unused imports together with some general code refactoring
2012-02-22 10:40:11 +00:00
Bernardo Damele
121148f27f
There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.
...
Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones
2012-02-17 15:54:49 +00:00
Miroslav Stampar
8d7912ad34
minor update and refactoring
2012-02-15 14:05:50 +00:00