295 Commits

Author	SHA1	Message	Date
Miroslav Stampar	a19cb2c13a	code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")	2010-12-17 21:29:09 +00:00
Miroslav Stampar	b4450c6ddd	added one more level of MSSQL version check (if first fails for some reason)	2010-12-17 21:01:14 +00:00
Miroslav Stampar	3ee44584d4	i've found a way! thank you hesus! fyea (ASC(MID) was just crashing when MID returned 'empty string')	2010-12-14 12:57:59 +00:00
Miroslav Stampar	4c6e902471	removed obsolete comment	2010-12-14 07:49:30 +00:00
Bernardo Damele	a02dd6b55b	Minor enhancement to speedup active dbms fingerprint (-f). ... Code cleanup and refactoring.	2010-12-13 21:33:42 +00:00
Miroslav Stampar	e98d9c08e1	dumping table is now possible on Firebird too	2010-12-12 14:38:07 +00:00
Miroslav Stampar	f9bc6fc78f	minor fix	2010-12-11 22:14:35 +00:00
Miroslav Stampar	c93634b6c7	blind dumping of tables in sqlite implemented	2010-12-11 22:13:19 +00:00
Miroslav Stampar	b1babeefe5	update regarding dumping of tables with blind on Sqlite	2010-12-11 22:00:16 +00:00
Miroslav Stampar	e6c66fa37c	update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available	2010-12-11 17:55:28 +00:00
Miroslav Stampar	1beb1dd2cc	minor update	2010-12-11 09:30:38 +00:00
Miroslav Stampar	435f48b8cc	polite cosmetics	2010-12-10 15:28:56 +00:00
Bernardo Damele	7c87ad4065	Minor speedup in -f mysql	2010-12-10 13:05:46 +00:00
Miroslav Stampar	b02bd55edc	minor refactoring	2010-12-10 13:04:36 +00:00
Bernardo Damele	d71e51e765	Minor improvement	2010-12-10 11:31:27 +00:00
Bernardo Damele	4741874e9e	Enhancement to speedup MySQL fingerprint	2010-12-10 11:27:36 +00:00
Miroslav Stampar	e98b81fe32	another update	2010-12-10 10:56:55 +00:00
Miroslav Stampar	d5e7a8d305	update	2010-12-10 10:54:17 +00:00
Miroslav Stampar	bbffea2cbc	bug fix	2010-12-09 17:10:22 +00:00
Miroslav Stampar	0eb2c408a9	code refactoring	2010-12-09 16:49:02 +00:00
Miroslav Stampar	cdff29ada7	update	2010-12-09 11:23:44 +00:00
Miroslav Stampar	81c16926c1	code refactoring some more	2010-12-08 14:46:07 +00:00
Miroslav Stampar	d77ddbee47	OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND)	2010-12-06 18:20:57 +00:00
Bernardo Damele	17449754fe	Got rid of UNION false cond	2010-12-05 16:16:15 +00:00
Miroslav Stampar	5764816891	minor cosmetics	2010-12-03 22:28:09 +00:00
Miroslav Stampar	2cc167a42e	fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'"	2010-12-02 18:57:43 +00:00
Miroslav Stampar	bf09b8a6d9	added Firebird error based (WHERE) attack vector	2010-12-02 15:09:21 +00:00
Bernardo Damele	c8f943f5e4	Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase. ... Major code refactoring and commenting to detection engine. Ask user whether or not to proceed to test remaining parameters after an injection point has been identified. Restore beep at SQL injection find. Avoid reuse of same variable in DBMS handler code. Minor adjustment of payloads XML file.	2010-11-30 22:40:25 +00:00
Bernardo Damele	c22338ce90	Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more).	2010-11-29 11:47:58 +00:00
Bernardo Damele	7e3b24afe6	Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own. ... All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!	2010-11-28 18:10:54 +00:00
Miroslav Stampar	ba4ea32603	first working version of dictionary attack	2010-11-23 13:24:02 +00:00
Bernardo Damele	17486e472a	Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!	2010-11-17 22:00:09 +00:00
Bernardo Damele	360aff7a4d	sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle	2010-11-17 17:20:32 +00:00
Miroslav Stampar	6ef3846400	update regarding error parsing (and reporting)	2010-11-16 10:42:42 +00:00
Bernardo Damele	a34c1b287c	Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL)	2010-11-12 11:33:11 +00:00
Bernardo Damele	64b5de44a0	Converted to new XML object format	2010-11-12 10:11:13 +00:00
Bernardo Damele	66c82d72e4	Typo fix	2010-11-12 10:02:02 +00:00
Miroslav Stampar	42272ca78c	minor update	2010-11-11 22:26:36 +00:00
Miroslav Stampar	be992b4471	update regarding common columns existance check	2010-11-11 17:09:31 +00:00
Miroslav Stampar	4be0631161	refactoring of brute force techniques	2010-11-09 09:42:43 +00:00
Bernardo Damele	dac7436edf	Fix inconsistence with -b --error-test	2010-11-08 15:36:07 +00:00
Bernardo Damele	0c8918bf07	Minor bug fix, thanks Alex	2010-11-08 12:45:23 +00:00
Miroslav Stampar	d551423379	further enum refactoring	2010-11-08 09:44:32 +00:00
Miroslav Stampar	862395ced1	further refactoring (all enumerations are now put into enums.py)	2010-11-08 09:20:02 +00:00
Miroslav Stampar	8e44aa605a	refactoring regarding injection place (more left)	2010-11-08 08:02:36 +00:00
Bernardo Damele	27ce4b0cf0	Set proper verbose level for dbms direct error messages	2010-11-07 22:14:06 +00:00
Miroslav Stampar	d3e7e89e60	major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces	2010-11-07 21:18:09 +00:00
Miroslav Stampar	3f0a443b83	some updates	2010-11-04 23:08:59 +00:00
Miroslav Stampar	c8fe2fa8d8	minor fix	2010-11-04 22:00:14 +00:00
Miroslav Stampar	d7dbf814a0	fix/update for Access	2010-11-04 21:47:21 +00:00