Miroslav Stampar
a6a2e993cc
minor update
2010-04-06 15:24:56 +00:00
Miroslav Stampar
c303feab17
fix
2010-04-06 15:14:32 +00:00
Miroslav Stampar
e2810003ae
more update
2010-04-06 15:12:52 +00:00
Miroslav Stampar
c24f1cc07c
some update
2010-04-06 14:59:31 +00:00
Miroslav Stampar
60f04f0a41
new module for interruptable threads
2010-04-06 14:33:57 +00:00
Bernardo Damele
2d55ec19a3
Minor code restyling
2010-04-06 10:15:19 +00:00
Miroslav Stampar
e29e8f82f9
fix for "Problem with --dbms set" reported by David Guimaraes
2010-04-05 23:09:35 +00:00
Miroslav Stampar
0a363d3f2b
fix for not properly clearing cookies when in multiple targets scanning mode spotted by Kasper Fons
2010-04-04 14:38:48 +00:00
Miroslav Stampar
4129cb22a7
update regarding bug reported by Ole Rasmussen
2010-04-03 19:41:47 +00:00
Bernardo Damele
cad8f61d55
Force pymssql to version >= 1.0.2
2010-03-31 15:31:11 +00:00
Bernardo Damele
b19de015c5
Minor bugs fixes
2010-03-31 13:52:51 +00:00
Bernardo Damele
5fdebb5d5b
Added support to directly connect also to Microsoft SQL Server database.
...
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00
Miroslav Stampar
8702cce760
fix
2010-03-30 13:23:20 +00:00
Miroslav Stampar
c2a6f21095
refactoring regarding usage of conf.dbmsConnector.connect()
2010-03-30 13:03:19 +00:00
Miroslav Stampar
a02ec29c15
too
2010-03-30 11:52:45 +00:00
Miroslav Stampar
c9c9c1fb2f
replace only first occurrence
2010-03-30 11:52:01 +00:00
Miroslav Stampar
bfc12e93c5
ms access returns -1 for True
2010-03-30 11:33:51 +00:00
Miroslav Stampar
ae3455a0c2
more update
2010-03-30 11:28:14 +00:00
Miroslav Stampar
738c210075
update
2010-03-30 11:21:26 +00:00
Miroslav Stampar
87d8c6719e
updates, fixes and stuff
2010-03-30 11:06:30 +00:00
Bernardo Damele
a0290a257b
Added support to connect directly also to Oracle - see #158
2010-03-27 21:50:19 +00:00
Bernardo Damele
1416cd0d86
Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
...
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Miroslav Stampar
4ca1adba2c
update
2010-03-26 21:30:36 +00:00
Miroslav Stampar
1ec5221d82
minor update
2010-03-26 20:51:55 +00:00
Miroslav Stampar
0aa8f7309b
added copyright notice and keywords
2010-03-26 20:23:08 +00:00
Miroslav Stampar
2e05e1c54d
new module for Feature #61
2010-03-26 20:19:18 +00:00
Miroslav Stampar
8bab94de64
added two new functions: isBase64EncodedString and isHexEncodedString for Feature #71
2010-03-26 17:18:02 +00:00
Miroslav Stampar
5a6a01f24c
added socket timeout exception handling regarding that timeout message from Fahad Al Shunaiber
2010-03-26 11:51:23 +00:00
Bernardo Damele
be81c20298
Minor layout adjustment
2010-03-25 16:26:50 +00:00
Bernardo Damele
2aadc5c939
Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket #180 .
...
Minor enhancement to Firebird to determine if a DB user is a DBA.
Minor code refactoring.
2010-03-25 15:46:06 +00:00
Bernardo Damele
f4f68218bc
Minor layout adjustment for --threads and --eta output
2010-03-25 11:47:18 +00:00
Bernardo Damele
8e57767c48
Fixes #180 - properly url encode sqlmap payload in POST/Cookie too, like for GET
2010-03-23 10:27:39 +00:00
Bernardo Damele
f9a135e232
Minor bug fix and layout adjustment regarding --threading and standard output
2010-03-22 17:38:19 +00:00
Bernardo Damele
d13ad8b2d7
fixes #181 - proper save/resume information about single entry UNION SQL injection
2010-03-22 15:39:29 +00:00
Bernardo Damele
d00e4a458a
Code cleanup
2010-03-21 00:39:44 +00:00
Bernardo Damele
72f3674844
Minor bug fix
2010-03-18 17:36:58 +00:00
Bernardo Damele
0d559d14df
Initial support for SQLite (90% approx).
...
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Bernardo Damele
d2f86fb0a5
Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now
2010-03-16 15:21:42 +00:00
Bernardo Damele
466df89c4a
Fixes #178 and #179 - proper handling of custom redirects
2010-03-16 14:30:57 +00:00
Bernardo Damele
3b3353e05b
Revert last commit
2010-03-16 13:56:36 +00:00
Miroslav Stampar
1dfe558d3d
Fix for Issue #177
2010-03-16 13:11:44 +00:00
Bernardo Damele
323cf2b7f2
Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g)
2010-03-16 12:14:02 +00:00
Bernardo Damele
6d0ea86414
Fixes #59 - proper customizable redirect (302 and 301)
2010-03-15 14:24:43 +00:00
Miroslav Stampar
417f7fae00
Fix for "bug: -g uses wrong session file"
2010-03-15 12:02:04 +00:00
Miroslav Stampar
8af7d6c58b
minor cosmetic update
2010-03-15 11:55:13 +00:00
Miroslav Stampar
a0ec447b7d
fix for Issue #170
2010-03-15 11:33:34 +00:00
Bernardo Damele
7f5bc5e3fe
Increased version to 0.9-dev
2010-03-15 11:04:57 +00:00
Bernardo Damele
5063401130
Minor bug fix, fixes #170
2010-03-15 11:00:14 +00:00
Bernardo Damele
572b6fd920
sqlmap 0.8 stable!
2010-03-15 01:17:27 +00:00
Miroslav Stampar
a6ab42c873
new file with getch() method which we'll use for good samaritan feature
2010-03-13 17:28:23 +00:00