sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	e1a92d59de	implementing WordPress phpass hash cracking routine	2011-11-20 19:10:46 +00:00
Miroslav Stampar	f1979936c8	minor update	2011-11-18 15:32:33 +00:00
Miroslav Stampar	0df768e24a	minor refactoring/optimization	2011-11-16 16:06:21 +00:00
Miroslav Stampar	7314de3490	language update	2011-11-15 11:17:39 +00:00
Miroslav Stampar	ad2762118d	minor update	2011-11-14 15:10:39 +00:00
Miroslav Stampar	b888829d12	minor update	2011-11-14 11:39:18 +00:00
Miroslav Stampar	367627c331	minor fix for Python 2.6	2011-11-13 19:09:13 +00:00
Miroslav Stampar	76fb6ba666	minor update	2011-11-13 10:38:27 +00:00
Miroslav Stampar	ccbd93cc2e	fix for redirect/HOST header bug	2011-11-11 11:28:27 +00:00
Miroslav Stampar	1061c06617	improvement of redirecting code	2011-11-11 11:07:49 +00:00
Miroslav Stampar	e183437f0b	minor typo	2011-11-10 10:30:53 +00:00
Miroslav Stampar	62f8f8d36c	bug fix (thanks to zhen zhou)	2011-11-10 10:22:35 +00:00
Miroslav Stampar	6c07573e30	minor update	2011-11-06 11:42:02 +00:00
Miroslav Stampar	030c57a0c8	minor update	2011-11-06 11:18:16 +00:00
Miroslav Stampar	2dbd51e357	fix for google searches	2011-11-06 08:55:09 +00:00
Miroslav Stampar	61e3621855	minor update	2011-11-02 14:33:23 +00:00
Miroslav Stampar	24bda96d9e	adding items from John the Ripper's word list to the dictionary for Oracle cracking	2011-11-02 11:21:49 +00:00
Miroslav Stampar	6ec522e14b	removal of minor obsolete thingy	2011-11-02 10:41:12 +00:00
Miroslav Stampar	ea125d820d	some more speed ups for hash cracking	2011-11-02 09:57:42 +00:00
Miroslav Stampar	2f355db230	minor fix	2011-11-02 09:32:15 +00:00
Miroslav Stampar	0e96af65e6	minor update	2011-11-02 07:06:07 +00:00
Miroslav Stampar	d735582536	major speed improvement of hash cracking	2011-11-02 06:53:43 +00:00
Miroslav Stampar	b3a57391e4	minor update	2011-11-01 20:39:22 +00:00
Miroslav Stampar	3e3f037f1e	improvement of hash cracking routine	2011-11-01 19:58:22 +00:00
Miroslav Stampar	4cafc5f31b	language update	2011-11-01 19:09:17 +00:00
Miroslav Stampar	43340a7ea5	language	2011-11-01 19:06:27 +00:00
Miroslav Stampar	f9bb762d1d	minor improvement (resuming of already cracked values)	2011-11-01 19:00:34 +00:00
Miroslav Stampar	c0cd29f01c	minor update	2011-10-31 15:20:40 +00:00
Miroslav Stampar	60cadf4747	better regex used	2011-10-29 10:31:52 +00:00
Miroslav Stampar	ef987c6954	adding compatibility support for using --crawl and --forms together	2011-10-29 09:32:20 +00:00
Miroslav Stampar	ddc4dfe5ff	minor refactoring for regarding --forms	2011-10-29 08:32:24 +00:00
Miroslav Stampar	d7866ac78d	added support for automatic filtering of badly formed HTML in --forms mode	2011-10-28 21:28:03 +00:00
Miroslav Stampar	1b45c5b56a	bug fix	2011-10-28 15:24:35 +00:00
Miroslav Stampar	666a7da12a	minor update	2011-10-28 11:28:21 +00:00
Miroslav Stampar	b83fe6113e	turning off time adjustment off (now is shown as a tip) because it seems that it never was actually used (payload always left the same)	2011-10-28 11:25:07 +00:00
Miroslav Stampar	e290f2b80b	minor update	2011-10-28 11:11:55 +00:00
Miroslav Stampar	7ce3af68fc	fixing support for parsing BURP logs	2011-10-27 17:31:34 +00:00
Miroslav Stampar	6b7920d89a	minor patch for --tor	2011-10-27 10:52:06 +00:00
Miroslav Stampar	3c31ccd16e	minor update	2011-10-26 22:37:04 +00:00
Miroslav Stampar	9d31230d5e	minor update	2011-10-26 21:56:26 +00:00
Miroslav Stampar	d64c0af461	minor update	2011-10-26 14:31:00 +00:00
Miroslav Stampar	9c1d1ca5d8	minor update	2011-10-26 14:13:38 +00:00
Miroslav Stampar	2a72c1ae68	minor fix	2011-10-26 11:30:10 +00:00
Miroslav Stampar	a99547363f	some fixes	2011-10-26 11:24:15 +00:00
Miroslav Stampar	3d883a2218	minor update	2011-10-26 11:10:15 +00:00
Miroslav Stampar	d467b40ff6	minor fix	2011-10-26 10:54:43 +00:00
Miroslav Stampar	8d668b1833	some updates regarding hash attack	2011-10-26 10:30:32 +00:00
Miroslav Stampar	f41ae9cf49	minor update	2011-10-26 09:40:47 +00:00
Miroslav Stampar	0b68144c8f	minor fixes for hash cracking	2011-10-26 09:29:41 +00:00
Miroslav Stampar	18affca0bc	minor update	2011-10-26 09:14:18 +00:00
Miroslav Stampar	64ca01ea0e	minor update	2011-10-25 22:06:47 +00:00
Miroslav Stampar	35c889a411	minor update	2011-10-25 18:07:33 +00:00
Miroslav Stampar	ee76fed56a	minor update	2011-10-25 17:48:20 +00:00
Miroslav Stampar	41ad7f9eab	minor update	2011-10-25 17:44:30 +00:00
Miroslav Stampar	86b4a3562f	added switch --check-tor	2011-10-25 17:37:43 +00:00
Miroslav Stampar	eaaf6041b9	minor fix	2011-10-25 11:20:42 +00:00
Miroslav Stampar	c1486ed4be	adding usage of non-encoded/decoded post data (if data is recognized to be already encoded) by user request	2011-10-25 09:53:44 +00:00
Miroslav Stampar	b07f165d60	quick fix	2011-10-24 18:11:34 +00:00
Miroslav Stampar	23bf52e496	minor refactoring	2011-10-24 09:55:50 +00:00
Miroslav Stampar	cd00c0d084	minor patch	2011-10-24 09:43:59 +00:00
Miroslav Stampar	6d64f87190	minor update	2011-10-24 00:46:54 +00:00
Miroslav Stampar	20ae1c2187	added switch --logic-negative	2011-10-24 00:40:06 +00:00
Miroslav Stampar	8bd3cfdc8e	minor update	2011-10-24 00:17:38 +00:00
Miroslav Stampar	d39d36f7a7	minor language beautification	2011-10-23 23:27:56 +00:00
Miroslav Stampar	7c626f1dbe	minor fix	2011-10-23 23:18:39 +00:00
Miroslav Stampar	d77a5f5928	update (generalizing ORDER BY approach)	2011-10-23 23:02:01 +00:00
Miroslav Stampar	1dd3fae930	minor fix	2011-10-23 22:27:45 +00:00
Miroslav Stampar	0c29311eb2	minor update	2011-10-23 22:24:57 +00:00
Miroslav Stampar	5863429fc1	minor update	2011-10-23 21:17:45 +00:00
Miroslav Stampar	4a469c3258	minor update	2011-10-23 21:12:34 +00:00
Miroslav Stampar	1f7d87c6a4	bug fix for --code (previously redirecting codes where not considered)	2011-10-23 20:48:37 +00:00
Miroslav Stampar	77e630d89e	replaced longer CHAR form of escaped MySQL strings with more compact hex form	2011-10-23 20:19:42 +00:00
Miroslav Stampar	3f0517d3f3	support for non-latin (e.g. cyrillic) URLs	2011-10-23 17:02:48 +00:00
Miroslav Stampar	1c3f4e9e54	minor update	2011-10-23 08:44:21 +00:00
Miroslav Stampar	25f0ec3597	some minor range to xrange conversion (where safe to do)	2011-10-21 22:34:27 +00:00
Miroslav Stampar	eb240243ea	minor update	2011-10-21 22:21:41 +00:00
Miroslav Stampar	b4ce857f9b	added some comments	2011-10-21 21:29:24 +00:00
Miroslav Stampar	7a3096ce25	some refactoring	2011-10-21 21:12:48 +00:00
Miroslav Stampar	9356f8005c	important bug fix	2011-10-21 21:07:06 +00:00
Miroslav Stampar	0a8e45955c	minor update	2011-10-21 20:44:18 +00:00
Miroslav Stampar	566d6e4974	minor fix	2011-10-21 20:21:29 +00:00
Miroslav Stampar	05b9951a8b	minor beautification	2011-10-21 09:19:31 +00:00
Miroslav Stampar	0db0571f35	minor patch	2011-10-21 09:06:00 +00:00
Miroslav Stampar	12a7fd4054	quick fix	2011-10-20 08:28:57 +00:00
Miroslav Stampar	0cbcbf159c	minor fix	2011-10-19 21:35:01 +00:00
Miroslav Stampar	e3a719e7d2	minor update	2011-10-11 22:40:00 +00:00
Miroslav Stampar	7956390631	minor update	2011-10-11 22:27:49 +00:00
Miroslav Stampar	a7a29f33ad	minor update	2011-10-11 21:58:57 +00:00
Miroslav Stampar	dacfeafc5f	minor optimization	2011-10-10 17:45:16 +00:00
Miroslav Stampar	4989e8e6d3	minor update	2011-10-10 17:29:54 +00:00
Miroslav Stampar	c204f2b221	minor optimization	2011-10-10 14:47:48 +00:00
Miroslav Stampar	47b27a5988	minor improvement of HashDB	2011-10-10 14:23:17 +00:00
Miroslav Stampar	323aa7bf2f	minor update	2011-10-09 21:21:41 +00:00
Miroslav Stampar	a31a0aa8d4	minor update	2011-10-06 22:29:49 +00:00
Miroslav Stampar	8720aad6dc	transformed cDel to pDel as a more generic option	2011-10-06 22:03:33 +00:00
Miroslav Stampar	dd0ed5f5da	adding redirect response to the traffic file	2011-09-28 08:13:46 +00:00
Miroslav Stampar	6d2536f217	minor update	2011-09-27 22:27:34 +00:00
Miroslav Stampar	c0910ca2c8	added one more warning message by request	2011-09-27 22:25:15 +00:00
Miroslav Stampar	b888a84764	minor update	2011-09-27 14:31:58 +00:00
Miroslav Stampar	88f1110c44	adding a new (for now) hidden switch --test-filter for filtering tests by their name	2011-09-27 14:09:25 +00:00
Miroslav Stampar	fd9acfd7d2	fix	2011-09-26 13:36:08 +00:00
Miroslav Stampar	b3b4459c72	minor fix	2011-09-26 13:01:43 +00:00
Miroslav Stampar	34738129c9	minor update	2011-09-25 21:27:58 +00:00
Miroslav Stampar	7e80274fac	refactoring	2011-09-25 21:10:45 +00:00
Miroslav Stampar	744636a8c1	switching to SQLite resume support (on error and union techniques this moment)	2011-09-25 20:36:32 +00:00
Miroslav Stampar	ba5eff1de6	minor bug fix	2011-09-23 18:29:45 +00:00
Miroslav Stampar	d95ff4350d	bug fix	2011-09-20 13:08:35 +00:00
Miroslav Stampar	4a3580d10b	minor fix	2011-09-19 19:08:08 +00:00
Bernardo Damele	f890b29f81	Proper reference to Metasploit Framework as now it's version 4, not 3 anymore	2011-09-12 17:26:22 +00:00
Miroslav Stampar	4fb6dab1a2	minor bug fix	2011-09-12 14:15:57 +00:00
Miroslav Stampar	1bdde51d0e	minor just in case update	2011-09-11 16:41:07 +00:00
Miroslav Stampar	02f993583b	minor bug fix	2011-09-09 11:36:09 +00:00
Miroslav Stampar	2f4e34f5a0	minor improvement for URI injections	2011-09-08 11:13:12 +00:00
Miroslav Stampar	d434047482	minor bug fix	2011-09-05 09:28:40 +00:00
Miroslav Stampar	08e0eb9b61	minor lower/upper case fix	2011-08-29 13:47:32 +00:00
Miroslav Stampar	9be89422da	implemented parameter --skip	2011-08-29 13:29:42 +00:00
Miroslav Stampar	e0f521cf9d	minor update regarding --randomize	2011-08-29 13:08:25 +00:00
Miroslav Stampar	ac00014c4a	implemented --randomize switch by request	2011-08-29 12:50:52 +00:00
Miroslav Stampar	8fe069b495	minor fix	2011-08-23 21:48:39 +00:00
Miroslav Stampar	01014eca17	by request	2011-08-23 21:45:01 +00:00
Miroslav Stampar	cfc1f2b70b	minor update	2011-08-22 22:43:14 +00:00
Miroslav Stampar	f4127a80d7	improvement of UNION based injection detection (with non-NULL kb.uChar values searching of the content inside -1 UNION.. pages is used)	2011-08-22 21:43:46 +00:00
Miroslav Stampar	8a174248dc	fix for a bug reported by blueBoy	2011-08-20 20:08:11 +00:00
Miroslav Stampar	cb32d46f2a	minor minor update	2011-08-18 06:09:12 +00:00
Miroslav Stampar	54bcc35ba7	important bug fix (connection exception was causing losing of already retrieved data)	2011-08-17 22:31:33 +00:00
Miroslav Stampar	9d31322f3d	update regarding special case when conf.uChar appears only in testable pages	2011-08-17 21:40:42 +00:00
Miroslav Stampar	75ec146224	minor beautification	2011-08-17 21:17:02 +00:00
Miroslav Stampar	f46baac70b	bug fix (when comment is None this was errornous)	2011-08-17 10:58:29 +00:00
Bernardo Damele	9361e633f4	Minor bug fix - some applications do really set cookies like param="value" with double-quotes	2011-08-16 09:21:01 +00:00
Miroslav Stampar	e1dbb4443b	minor update related to the last commit	2011-08-16 07:01:14 +00:00
Miroslav Stampar	7cc5743c5d	minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters)	2011-08-16 06:50:20 +00:00
Miroslav Stampar	600ef3eace	minor patch	2011-08-16 06:22:04 +00:00
Miroslav Stampar	262996fc5b	bug fix	2011-08-16 06:14:40 +00:00
Miroslav Stampar	df4abf1af1	lowering constant value from 10 to 7 for da peace in da houz	2011-08-12 17:19:19 +00:00
Bernardo Damele	702ed73a65	Added --code switch to match in boolean-based tests against the HTTP response code	2011-08-12 16:48:11 +00:00
Bernardo Damele	fff4c34e33	Search for --string and --regexp matches also in HTTP response headers	2011-08-12 15:33:37 +00:00
Bernardo Damele	5e5133b8e7	Should be fixed now	2011-08-12 15:00:11 +00:00
Bernardo Damele	1505cb2a80	typo	2011-08-12 14:51:39 +00:00
Bernardo Damele	702ca22d54	Minor bug fix for URI injections	2011-08-12 14:48:44 +00:00
Bernardo Damele	28bba9f5e6	More verbose warning message	2011-08-12 13:47:38 +00:00
Miroslav Stampar	10bdd90e60	minor speed optimizations (as a result of profiling)	2011-08-12 13:40:37 +00:00
Bernardo Damele	36280b33fa	Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site	2011-08-12 13:06:40 +00:00
Miroslav Stampar	41ae9bc7ff	minor bug fix	2011-08-09 14:20:25 +00:00
Miroslav Stampar	2ad267132a	minor update for empty normal responses (like AJAX requests)	2011-08-05 10:55:21 +00:00
Miroslav Stampar	e849b71027	minor typo	2011-08-03 14:31:42 +00:00
Miroslav Stampar	538b49bcc5	removing word "dramatically". i was too excited at the moment :). it is cool and all but we shouldn't put "highly subjective" attribs in reports	2011-08-03 13:26:38 +00:00
Miroslav Stampar	f7562da754	from now on proper union column count should be displayed in injection info output	2011-08-03 10:34:50 +00:00
Miroslav Stampar	9423d15fb3	ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix	2011-08-03 09:08:16 +00:00
Miroslav Stampar	07afcd5440	fix for a bug reported by Ahmed Shawky (when user uses --suffix intermixing test default comments with the provided suffix is a big no no)	2011-08-02 18:20:21 +00:00
Miroslav Stampar	07c3d4fb18	minor adjustment	2011-08-02 17:35:43 +00:00
Miroslav Stampar	edab7d01a5	minor fix	2011-08-02 17:31:13 +00:00
Bernardo Damele	c15439ab7f	Minor improvement to --passwords output	2011-08-02 09:04:34 +00:00
Miroslav Stampar	cb0981d858	proper way of handling 0 length results (as in __goInferenceProxy)	2011-08-02 08:39:32 +00:00
Miroslav Stampar	0643ced651	minor update	2011-08-02 08:12:43 +00:00
Miroslav Stampar	457f501bbd	proper fix	2011-08-01 23:48:38 +00:00
Bernardo Damele	cbd0ea0866	Possible fix for a minor bug	2011-08-01 23:24:39 +00:00
Miroslav Stampar	018d7ed646	improvement for limited queries (more stable to have TOP/LIMIT/OFFSET mechanisms as part of a subquery)	2011-07-31 23:40:09 +00:00
Miroslav Stampar	0627bb02cb	minor beautification	2011-07-31 10:21:47 +00:00
Miroslav Stampar	93ae1dfa2b	minor bug fix	2011-07-31 08:52:48 +00:00
Miroslav Stampar	68ae8ea5b2	minor refactoring	2011-07-29 10:54:25 +00:00
Miroslav Stampar	e522263640	fix for a neverending data retrieval in large full inband cases	2011-07-29 10:45:09 +00:00
Miroslav Stampar	3fc603843e	minor fix	2011-07-27 23:26:36 +00:00
Miroslav Stampar	107089c00b	bug fix	2011-07-27 08:25:51 +00:00
Miroslav Stampar	f7eaffcec5	i believe that this could be ok	2011-07-26 21:28:48 +00:00
Bernardo Damele	a2483b3bc4	Aligned OS takeover functionalities to recent Metasploit improvements	2011-07-26 10:29:14 +00:00
Bernardo Damele	938716e361	Proper fix for --start and --stop consistency amongst different techniques	2011-07-26 10:06:28 +00:00
Bernardo Damele	e71f96afe7	Reverted dumb "fix"	2011-07-26 09:42:09 +00:00
Miroslav Stampar	6bbb8139a0	update (smaller memory footprint in postprocessing phase because of safecharencode part)	2011-07-25 20:40:31 +00:00
Miroslav Stampar	5770c08784	minor optimization and refactoring	2011-07-25 20:17:44 +00:00
Bernardo Damele	0a7a648694	Minor bug fix for --start, now all techniques return the same result (before blind techniques returned from one entry behind)	2011-07-25 11:15:18 +00:00
Bernardo Damele	6cbb927012	Partial fix for -o not resumed at following runs if missing from command line	2011-07-25 11:05:49 +00:00
Miroslav Stampar	2033a28ae7	minor update regarding last commit (cleaner code)	2011-07-24 20:44:17 +00:00
Miroslav Stampar	3a3561fdaa	doing proper big table support for partial union too	2011-07-24 20:36:44 +00:00
Miroslav Stampar	ec1bc0219c	hello big tables, this is sqlmap, sqlmap this is big tables	2011-07-24 09:19:33 +00:00
Miroslav Stampar	82e1e61554	minor speedup	2011-07-23 19:51:19 +00:00
Miroslav Stampar	094dc91e2d	minor update (prior to some changes regarding large content retrieval)	2011-07-23 19:04:59 +00:00
Miroslav Stampar	a89140e1ce	revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function)	2011-07-23 06:07:00 +00:00
Miroslav Stampar	8a00ca83af	refactoring. nothing special changed	2011-07-21 10:18:11 +00:00
Miroslav Stampar	963f54e6d2	minor fix for parameters containing '=' inside values itself (remark: no parameter name will have '=' nor '%3d' inside; tested and it does a good job)	2011-07-21 10:06:52 +00:00
Miroslav Stampar	7881ded60d	quick fix (this other library was doing problems)	2011-07-20 22:20:16 +00:00
Bernardo Damele	d6b52242c7	Meterpreter's sniffer extension freezes 64-bit systems Meterpreter's priv extension is loaded by default since Metasploit 3.5 or so. There is no shellcodeexec 64-bit yet, anyway as the Metasploit payload is encoded with a 32-bit encoded (alphanumeric), it's all fine.	2011-07-20 13:50:02 +00:00
Miroslav Stampar	9d996c07fb	another quick fix	2011-07-20 13:00:34 +00:00
Miroslav Stampar	fad77dd078	fix for a ImportError bug reported by g@brindi.si	2011-07-20 12:18:36 +00:00
Miroslav Stampar	9cf33ec997	now status is no longer represented in percentage (impossible in cases where we need to support too small and too large dictionaries - technical issues regarding counting) but by the rotating char	2011-07-15 13:24:13 +00:00
Miroslav Stampar	ff8fc90ac7	bug fix	2011-07-13 06:44:15 +00:00
Miroslav Stampar	5c162efbd8	more optimization	2011-07-12 23:21:15 +00:00
Miroslav Stampar	9933edc718	optimization of reflective removal mechanism	2011-07-12 22:28:19 +00:00
Bernardo Damele	cda25cda2f	Cosmetics	2011-07-12 20:49:27 +00:00
Miroslav Stampar	3583d6dd1b	quick fixes, more work to do	2011-07-12 20:32:19 +00:00
Miroslav Stampar	0126b8eb0e	minor revert (it's illegal to use append for updating one array with another array)	2011-07-12 19:34:54 +00:00
Bernardo Damele	48b7245a33	Minor bug fix	2011-07-12 15:47:04 +00:00
Bernardo Damele	0b8c6e4c81	Minor bug fix	2011-07-12 15:30:40 +00:00
Miroslav Stampar	a46b5230f5	minor "patch"	2011-07-11 20:33:16 +00:00
Miroslav Stampar	1f826684f6	disabling multiprocessing (maybe permanently) support for Windows as of complications with sharing dictionary iterator	2011-07-11 13:16:59 +00:00
Miroslav Stampar	7bc6280d53	possible fix for a multi-processing "problem" reported by christopher.oakley@gmail.com	2011-07-11 11:40:27 +00:00
Miroslav Stampar	f5e45bf113	quick fix for a bug reported by jovon.itwaru@gmail.com	2011-07-11 08:54:39 +00:00
Miroslav Stampar	98958f8808	minor minor update	2011-07-10 15:41:45 +00:00
Miroslav Stampar	0d6afca7db	adding new switch '--smart' by request	2011-07-10 15:16:58 +00:00
Miroslav Stampar	1e182e6c72	quick fix	2011-07-08 22:34:44 +00:00
Bernardo Damele	651349e229	More verbose critical message	2011-07-08 13:12:53 +00:00

... 2 3 4 5 6 ...

2550 Commits