Bernardo Damele
|
8093f3950d
|
properly distinguish stdout from stderr with a separate pipe (tracebacks go to stderr) - issue #297
|
2013-01-10 00:52:44 +00:00 |
|
Bernardo Damele
|
10f1099944
|
remove logging handler that shows logging messages to stdout - issue #297
|
2013-01-10 00:51:56 +00:00 |
|
Bernardo Damele
|
ccc3c3d1a3
|
minor fix to distinguish stdout from stderr
|
2013-01-10 00:51:05 +00:00 |
|
Bernardo Damele
|
ef40779ad3
|
upgraded to use custom subprocessng for non-blocking send and read functions for spawned processes. Added new method to display range of log messages, just in case and improved parsing/unpickling of read log messages
|
2013-01-10 00:01:28 +00:00 |
|
Bernardo Damele
|
2126a5ba12
|
minor index fix
|
2013-01-10 00:00:00 +00:00 |
|
Bernardo Damele
|
9766f6025e
|
logging is now handled in a separate file descriptor :) - issue #297
|
2013-01-09 22:09:50 +00:00 |
|
Bernardo Damele
|
794700eb37
|
preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297
|
2013-01-09 22:08:50 +00:00 |
|
Bernardo Damele
|
d120dc18d1
|
cleanup
|
2013-01-09 22:06:27 +00:00 |
|
Bernardo Damele
|
58a60562ac
|
avoid exiting with a traceback for missing dependency, handle properly at some point
|
2013-01-09 16:05:55 +00:00 |
|
Bernardo Damele
|
7f4ce4afbb
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 16:04:29 +00:00 |
|
Bernardo Damele
|
510ceb6e19
|
first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28
|
2013-01-09 16:04:23 +00:00 |
|
Miroslav Stampar
|
bf5544903b
|
Minor style update
|
2013-01-09 16:10:26 +01:00 |
|
Miroslav Stampar
|
9bdcb1176d
|
Update for an Issue #169
|
2013-01-09 15:58:13 +01:00 |
|
Miroslav Stampar
|
25f01a419f
|
Minor style update (for the sake of consistency over the code and our PEP8 adaptation)
|
2013-01-09 15:38:41 +01:00 |
|
Miroslav Stampar
|
bdd2592848
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 15:22:30 +01:00 |
|
Miroslav Stampar
|
3d4f381ab5
|
Patch for an Issue #169
|
2013-01-09 15:22:21 +01:00 |
|
Bernardo Damele
|
c44a829b9b
|
pass a pickled options object to sqlmap engine when called from API
|
2013-01-09 12:34:45 +00:00 |
|
Bernardo Damele
|
8457cff278
|
added variable to store the live test traceback if any
|
2013-01-09 12:33:18 +00:00 |
|
Bernardo Damele
|
f11747732e
|
added missing command line options
|
2013-01-09 12:30:13 +00:00 |
|
Miroslav Stampar
|
55a552ddc4
|
Update for an Issue #24
|
2013-01-08 10:55:25 +01:00 |
|
Miroslav Stampar
|
ad85c4c964
|
Minor refactoring for an Issue #295
|
2013-01-08 10:23:02 +01:00 |
|
Bernardo Damele
|
c155c6df84
|
minor bug fix for user's provided LIMIT'd statement when technique is full UNION SQLi
|
2013-01-07 23:31:11 +00:00 |
|
Miroslav Stampar
|
3abe87ac89
|
Minor fix with status update (Issue #305)
|
2013-01-07 18:53:08 +01:00 |
|
Miroslav Stampar
|
a8f02916a9
|
Minor fix (Issue #305)
|
2013-01-07 18:39:35 +01:00 |
|
Miroslav Stampar
|
e219fad8bf
|
Added a short comment
|
2013-01-07 18:19:48 +01:00 |
|
Bernardo Damele
|
1e35b3c8c9
|
proper link
|
2013-01-07 16:59:59 +00:00 |
|
Miroslav Stampar
|
96e5d5d178
|
Some more updates for an Issue #295
|
2013-01-07 16:55:41 +01:00 |
|
Miroslav Stampar
|
74552bea87
|
Cleaning some garbage (hard coded paths with linux native slashes)
|
2013-01-07 16:51:00 +01:00 |
|
Miroslav Stampar
|
425df067eb
|
Fix for an --os-pwn with ICMPsh (it was crashing because methods interleaved with Metasploit ones)
|
2013-01-07 16:44:22 +01:00 |
|
Miroslav Stampar
|
ac407ae4a1
|
Implementation for an Issue #295
|
2013-01-07 15:55:40 +01:00 |
|
Miroslav Stampar
|
76839ff9d6
|
Fix for an Issue #305
|
2013-01-07 12:52:55 +01:00 |
|
Bernardo Damele
|
1e1892c962
|
prep for subprocess..
|
2013-01-07 11:10:33 +00:00 |
|
Bernardo Damele
|
7fa75792dd
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-07 11:10:08 +00:00 |
|
Bernardo Damele
|
a30d7014b9
|
removed unused var
|
2013-01-07 11:05:33 +00:00 |
|
Miroslav Stampar
|
87e923613f
|
Minor adjustment (URI (marked with custom injection char) has precedence over GET/POST)
|
2013-01-05 21:16:47 +01:00 |
|
Miroslav Stampar
|
dc21f3ce67
|
Minor just in case filtering of union results
|
2013-01-04 17:09:07 +01:00 |
|
Miroslav Stampar
|
5b77b20e2e
|
Removing trailing whitespaces (PEP8)
|
2013-01-03 23:57:07 +01:00 |
|
Miroslav Stampar
|
82b468211d
|
Minor update
|
2013-01-03 23:38:29 +01:00 |
|
Miroslav Stampar
|
f340ce8b4b
|
Minor style update
|
2013-01-03 23:35:29 +01:00 |
|
Miroslav Stampar
|
1712603dce
|
Replacing deprecated has_key() with operator in (PEP8)
|
2013-01-03 23:28:07 +01:00 |
|
Miroslav Stampar
|
e4a3c015e5
|
Replacing old and deprecated raise Exception style (PEP8)
|
2013-01-03 23:20:55 +01:00 |
|
Bernardo Damele
|
3a11d36c66
|
minor bug fix
|
2013-01-02 21:49:15 +00:00 |
|
Miroslav Stampar
|
cb15fcc8af
|
Fix for an Issue #329
|
2013-01-02 22:17:06 +01:00 |
|
Miroslav Stampar
|
304e52cb4d
|
Minor language update
|
2013-01-02 22:11:59 +01:00 |
|
Miroslav Stampar
|
09f1cdd8e1
|
Minor style update
|
2013-01-02 21:52:50 +01:00 |
|
Miroslav Stampar
|
0795760255
|
Minor fix
|
2012-12-30 11:22:23 +01:00 |
|
Miroslav Stampar
|
75edb84a71
|
Minor update
|
2012-12-30 11:10:32 +01:00 |
|
Miroslav Stampar
|
58ad2f1c5d
|
Revert of last commit and proper fix
|
2012-12-29 10:35:05 +01:00 |
|
Miroslav Stampar
|
0e18fa9c5f
|
Minor fix
|
2012-12-28 23:43:47 +01:00 |
|
Miroslav Stampar
|
648d91d790
|
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)
|
2012-12-27 22:43:39 +01:00 |
|
Miroslav Stampar
|
3d01890147
|
Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode)
|
2012-12-27 21:15:44 +01:00 |
|
Miroslav Stampar
|
cb91729913
|
Fix for an Issue #324 (crawling when HTML is not well-formed)
|
2012-12-27 20:55:37 +01:00 |
|
Miroslav Stampar
|
127b880577
|
Minor update
|
2012-12-27 15:14:40 +01:00 |
|
Miroslav Stampar
|
6ae4590edc
|
Removing problematic per-MySQL LIMIT prefix
|
2012-12-26 19:48:01 +01:00 |
|
Miroslav Stampar
|
a77b7f00d9
|
Fix for an Issue #323
|
2012-12-23 19:34:35 +01:00 |
|
Bernardo Damele
|
832567ecf6
|
import order
|
2012-12-21 23:34:37 +00:00 |
|
Miroslav Stampar
|
77625e5af7
|
Minor revert
|
2012-12-21 19:31:05 +01:00 |
|
Miroslav Stampar
|
00e55828e4
|
Minor style update
|
2012-12-21 15:06:03 +01:00 |
|
Miroslav Stampar
|
8b3e17ed4d
|
Minor update (better approach for those old NOT IN cases in MsSQL - instead of standard pivot dump table)
|
2012-12-21 14:52:47 +01:00 |
|
Miroslav Stampar
|
6c1ec9b54f
|
Fix for an Issue #318
|
2012-12-21 11:10:05 +01:00 |
|
Miroslav Stampar
|
35728fa443
|
Fix (and some hidden bug fixes/improvements) regarding an Issue #317
|
2012-12-21 10:51:35 +01:00 |
|
Miroslav Stampar
|
352e516400
|
Bottle is a 3rd party tool (not going to extra folder)
|
2012-12-21 10:18:30 +01:00 |
|
Miroslav Stampar
|
b94a5d42d4
|
Removing a leftover
|
2012-12-21 09:49:09 +01:00 |
|
Miroslav Stampar
|
0a122ccce4
|
Related to an Issue #319
|
2012-12-21 09:47:58 +01:00 |
|
Miroslav Stampar
|
0d5d84edc7
|
Minor cleanup
|
2012-12-20 21:03:41 +01:00 |
|
Miroslav Stampar
|
712cf4e4db
|
Fix for an Issue #316
|
2012-12-20 20:55:59 +01:00 |
|
Miroslav Stampar
|
1073ebc697
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 20:51:41 +01:00 |
|
Bernardo Damele
|
89d8c58fd1
|
poor attempt at forking a child process for sqlmap engine execution, output is not handled yet
|
2012-12-20 17:56:53 +00:00 |
|
Bernardo Damele
|
912323c12d
|
minor bug fix (#297)
|
2012-12-20 17:05:44 +00:00 |
|
Bernardo Damele
|
7adaffa71b
|
fixed options initiation
|
2012-12-20 16:53:43 +00:00 |
|
Miroslav Stampar
|
1c4d438aff
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 16:37:03 +01:00 |
|
Bernardo Damele
|
b0635bddcc
|
adjustments
|
2012-12-20 15:29:23 +00:00 |
|
Miroslav Stampar
|
8efe056671
|
Minor refactoring
|
2012-12-20 15:51:03 +01:00 |
|
Bernardo Damele
|
e9ab33e9dd
|
standalone REST API, code cleanup (#297)
|
2012-12-20 14:35:02 +00:00 |
|
Bernardo Damele
|
5632279bf7
|
removed deprecated feature (#287)
|
2012-12-20 13:21:07 +00:00 |
|
Miroslav Stampar
|
63d9b7a1f8
|
No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset)
|
2012-12-20 12:23:37 +01:00 |
|
Miroslav Stampar
|
c2c4601d6e
|
Minor restyling
|
2012-12-20 11:06:52 +01:00 |
|
Bernardo Damele
|
076b4063e6
|
these edits got overwritten from last commits
|
2012-12-20 09:42:44 +00:00 |
|
Miroslav Stampar
|
3cbe60b586
|
Proper fix
|
2012-12-20 10:37:20 +01:00 |
|
Miroslav Stampar
|
0d1ea7f05a
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
Conflicts:
lib/core/testing.py
|
2012-12-20 10:37:11 +01:00 |
|
Miroslav Stampar
|
da93e77eb2
|
Proper fix
|
2012-12-20 10:34:51 +01:00 |
|
Bernardo Damele
|
ac77724970
|
attempt to handle standard input from --live-test
|
2012-12-20 09:30:48 +00:00 |
|
Bernardo Damele
|
2b6ee06de0
|
minor bug fix to correctly parse unicode chars
|
2012-12-20 09:30:13 +00:00 |
|
Miroslav Stampar
|
69310e47ce
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 09:54:39 +01:00 |
|
Miroslav Stampar
|
06d8213ffd
|
minor fix (reading of unicode xml files)
|
2012-12-20 09:53:08 +01:00 |
|
Bernardo Damele
|
86872956d5
|
minor bug fix (for PostgreSQL)
|
2012-12-19 22:55:31 +00:00 |
|
Bernardo Damele
|
77843f44fb
|
minor bug fix (issue #314)
|
2012-12-19 22:49:02 +00:00 |
|
Bernardo Damele
|
357da43cea
|
slight improvement of live test engine and added misc test cases to xml
|
2012-12-19 17:28:41 +00:00 |
|
Bernardo Damele
|
85fcd27e2d
|
added support for random global variables
|
2012-12-19 15:58:06 +00:00 |
|
Bernardo Damele
|
12d34587cc
|
minor restyling
|
2012-12-19 14:34:34 +00:00 |
|
Bernardo Damele
|
326ff404fc
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:25:35 +00:00 |
|
Bernardo Damele
|
12eed58485
|
pointless restyling
|
2012-12-19 14:25:29 +00:00 |
|
Miroslav Stampar
|
37346fe8a3
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 15:23:57 +01:00 |
|
Miroslav Stampar
|
7ee98c7bff
|
Just for one girl out there waiting for this patch ;)
|
2012-12-19 15:23:38 +01:00 |
|
Bernardo Damele
|
3be90c97aa
|
forgot these
|
2012-12-19 14:12:45 +00:00 |
|
Bernardo Damele
|
cefb03c835
|
fixed bug related to issue #223
|
2012-12-19 14:12:09 +00:00 |
|
Bernardo Damele
|
27a12ae85b
|
restyling
|
2012-12-19 13:47:17 +00:00 |
|
Bernardo Damele
|
4b3b4eb374
|
commented out partial work
|
2012-12-19 13:47:04 +00:00 |
|
Bernardo Damele
|
3655d1f12a
|
revert change of name for now
|
2012-12-19 13:45:52 +00:00 |
|
Bernardo Damele
|
874e2176c6
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 13:43:00 +00:00 |
|
Bernardo Damele
|
4f0f729982
|
be more specific in standard output message as to whether or not the read file is same as remote file
|
2012-12-19 13:42:56 +00:00 |
|
Miroslav Stampar
|
23153e8088
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:29:08 +01:00 |
|
Miroslav Stampar
|
244901eda0
|
During --flush-session log file should be cleaned too (especially because of --live-tests)
|
2012-12-19 14:28:54 +01:00 |
|
Bernardo Damele
|
282aeb734f
|
ORDER BY does not play well with UNION query SQLi (related to issue #313)
|
2012-12-19 13:21:16 +00:00 |
|
Bernardo Damele
|
259b345f1f
|
catch ImportError exception if libmagic is not installed
|
2012-12-19 13:10:54 +00:00 |
|
Bernardo Damele
|
128597ee7e
|
--run-case is now case insensitive
|
2012-12-19 12:45:46 +00:00 |
|
Bernardo Damele
|
b91c829103
|
minor bug fix (issue #310)
|
2012-12-19 12:42:31 +00:00 |
|
Bernardo Damele
|
2bc2c0431c
|
fixed test cases
|
2012-12-19 12:33:37 +00:00 |
|
Bernardo Damele
|
9149d77cc8
|
removed duplicate code - fixes issue #310
|
2012-12-19 12:17:56 +00:00 |
|
Bernardo Damele
|
d80744d3d5
|
preparation for issue #310
|
2012-12-19 11:40:00 +00:00 |
|
Bernardo Damele
|
f5450e9f0e
|
layout adjustment
|
2012-12-19 11:39:38 +00:00 |
|
Bernardo Damele
|
dee56b17c3
|
handle "LIMIT num" as well as "LIMIT num, num" across all techniques - fixes issue #308
|
2012-12-19 10:50:15 +00:00 |
|
Miroslav Stampar
|
155c1eddae
|
Debug message with declared page charset
|
2012-12-19 11:16:42 +01:00 |
|
Miroslav Stampar
|
d29dddf5b2
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 10:51:25 +01:00 |
|
Miroslav Stampar
|
92e338251a
|
Finally working inference against MySQL/international letters (even chinese)
|
2012-12-19 10:44:02 +01:00 |
|
Bernardo Damele
|
65ed2304fd
|
comment update
|
2012-12-19 09:38:03 +00:00 |
|
Bernardo Damele
|
0037d52098
|
typo fix
|
2012-12-19 01:11:18 +00:00 |
|
Miroslav Stampar
|
c9b8b51c9c
|
Update lib/core/common.py
Revert of last commit and try 2
|
2012-12-19 01:48:53 +01:00 |
|
Bernardo Damele
|
8e95470415
|
minor refactoring
|
2012-12-19 00:46:23 +00:00 |
|
Bernardo Damele
|
318fcee49c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 00:30:26 +00:00 |
|
Bernardo Damele
|
3c7007097a
|
minor refactoring
|
2012-12-19 00:30:22 +00:00 |
|
Miroslav Stampar
|
50b846b5af
|
Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
|
2012-12-19 01:26:12 +01:00 |
|
Miroslav Stampar
|
9e2f0131b9
|
Update lib/core/agent.py
|
2012-12-18 20:25:00 +01:00 |
|
Bernardo Damele
|
326ed33f31
|
added support for comma separated list of files for --file-read - fixes issue #223
|
2012-12-18 17:55:21 +00:00 |
|
Bernardo Damele
|
58656bbeb5
|
minor bug fix, union query has to be limited 0, 0
|
2012-12-18 16:36:30 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Miroslav Stampar
|
88d8494b5a
|
Implementation for an Issue #307
|
2012-12-18 16:03:35 +01:00 |
|
Miroslav Stampar
|
7f47623876
|
Minor patch
|
2012-12-18 11:10:06 +01:00 |
|
Miroslav Stampar
|
2b64c10710
|
Patch for an Issue #304
|
2012-12-18 09:36:26 +01:00 |
|
Miroslav Stampar
|
4ea0c9e922
|
Another implementation for an Issue #302
|
2012-12-17 15:08:54 +01:00 |
|
Bernardo Damele
|
3c1b696bd6
|
removed more print statements
|
2012-12-17 13:35:32 +00:00 |
|
Bernardo Damele
|
1fdd804e94
|
replaced instances of dataToStdout with logger
|
2012-12-17 13:30:21 +00:00 |
|
Bernardo Damele
|
9f47eb0a59
|
cleaner
|
2012-12-17 13:29:37 +00:00 |
|
Bernardo Damele
|
0500712a03
|
removed unuseful prints
|
2012-12-17 13:29:19 +00:00 |
|
Bernardo Damele
|
ac44cf3ec0
|
minor fix: add also back-end DBMS and web app fingerprint output to log file
|
2012-12-17 13:02:09 +00:00 |
|
Bernardo Damele
|
bbd2adb5fb
|
improvements to --live-test and added --stop-fail switch
|
2012-12-17 11:41:43 +00:00 |
|
Bernardo Damele
|
064d443d60
|
replaced unnecessary dataToStdout() call with appropriate logger.info() call
|
2012-12-17 11:30:08 +00:00 |
|
Bernardo Damele
|
2926c815bf
|
improved test switch --live-test and minor refactoring
|
2012-12-17 11:29:33 +00:00 |
|
Bernardo Damele
|
f40c52cc17
|
comment adjustment
|
2012-12-17 11:28:03 +00:00 |
|
Bernardo Damele
|
2442a58884
|
minor leftover of deprecated XMLRPC service
|
2012-12-17 11:26:31 +00:00 |
|
Miroslav Stampar
|
60baf5071e
|
Patch for an Issue #302
|
2012-12-17 00:40:01 +01:00 |
|
Bernardo Damele
|
d4a061d0c3
|
code cleanup - #297
|
2012-12-15 00:29:35 +00:00 |
|
Bernardo Damele
|
0c3da5c7eb
|
code refactoring and first time logger is handled by a separate file descriptor (issue #297)
|
2012-12-15 00:12:22 +00:00 |
|
Bernardo Damele
|
2f6a31605c
|
code refactoring (#279)
|
2012-12-14 22:00:42 +00:00 |
|
Bernardo Damele
|
8dee8355c2
|
on our way to make it thread safe.. it is a long way actually (issue #297)
|
2012-12-14 18:13:21 +00:00 |
|
Bernardo Damele
|
21ecffb750
|
added more comments, improved cleanup method
|
2012-12-14 17:21:19 +00:00 |
|
Bernardo Damele
|
1421e6a9d4
|
implemented cleanup and status admin methods
|
2012-12-14 16:18:45 +00:00 |
|
Bernardo Damele
|
4fa2f400ec
|
minor fix
|
2012-12-14 15:55:30 +00:00 |
|
Bernardo Damele
|
4c4cb856ff
|
minor bug fix to the /scan/<taskid>output method, forced each taskid to have its own temporary folder for output - issue #297
|
2012-12-14 15:52:35 +00:00 |
|
Bernardo Damele
|
27906f388f
|
added first methods to interact with sqlmap core, it is now possible to launch a scan from the API, hurray! (issue #297)
|
2012-12-14 14:51:01 +00:00 |
|