Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a9d4b37987 
							
						 
					 
					
						
						
							
							Code cleanup and minor refactoring  
						
						
						
					 
					
						2010-12-03 10:51:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							283a04e29a 
							
						 
					 
					
						
						
							
							On my way to properly parse test's <where> tag in exploitation phase  
						
						
						
					 
					
						2010-12-01 23:32:58 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							47f2d22181 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-12-01 17:18:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							089c16a1b8 
							
						 
					 
					
						
						
							
							Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type.  
						
						... 
						
						
						
						Removed some useless tests.
Moved <error> from queries.xml to payloads.xml as it makes more sense.
Beeps at sql inj found only if --beep is provided.
Minor fix in order to be able to pickle advancedDict() objects.
Minor code refactoring.
Removed useless folders. 
						
					 
					
						2010-12-01 17:09:52 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2708aad504 
							
						 
					 
					
						
						
							
							Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.  
						
						
						
					 
					
						2010-12-01 10:31:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c22338ce90 
							
						 
					 
					
						
						
							
							Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more).  
						
						
						
					 
					
						2010-11-29 11:47:58 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e3b24afe6 
							
						 
					 
					
						
						
							
							Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.  
						
						... 
						
						
						
						All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 
						
					 
					
						2010-11-28 18:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							17486e472a 
							
						 
					 
					
						
						
							
							Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!  
						
						
						
					 
					
						2010-11-17 22:00:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							45ec8c169a 
							
						 
					 
					
						
						
							
							Consistency between --*-test switches/output  
						
						
						
					 
					
						2010-11-08 16:46:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							862395ced1 
							
						 
					 
					
						
						
							
							further refactoring (all enumerations are now put into enums.py)  
						
						
						
					 
					
						2010-11-08 09:20:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b6da946883 
							
						 
					 
					
						
						
							
							Added one new verbose level, -v 3 now shows the full injected payload.  
						
						... 
						
						
						
						Fixed also -d verbose output. 
						
					 
					
						2010-11-07 22:34:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d3e7e89e60 
							
						 
					 
					
						
						
							
							major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces  
						
						
						
					 
					
						2010-11-07 21:18:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							685a8e7d2c 
							
						 
					 
					
						
						
							
							refactoring of hard coded dbms names  
						
						
						
					 
					
						2010-11-02 11:59:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							486a113560 
							
						 
					 
					
						
						
							
							Consolidate logger messages for --*-test switches  
						
						
						
					 
					
						2010-10-31 16:58:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a38ac7ea9 
							
						 
					 
					
						
						
							
							important update regarding (Bug  #209 ) - probably more will be needed  
						
						
						
					 
					
						2010-10-29 16:11:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4d70f2c210 
							
						 
					 
					
						
						
							
							reverting back to 100  
						
						
						
					 
					
						2010-10-26 15:42:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8211e6a2bd 
							
						 
					 
					
						
						
							
							possible  
						
						
						
					 
					
						2010-10-26 11:29:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9b127e58d2 
							
						 
					 
					
						
						
							
							Adjusted for MySQL weirdness  
						
						
						
					 
					
						2010-10-26 09:33:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							215175e3b7 
							
						 
					 
					
						
						
							
							Minor code adjustments  
						
						
						
					 
					
						2010-10-25 14:11:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							db260c44d3 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-24 22:25:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aa931efd4d 
							
						 
					 
					
						
						
							
							several MySQL fixes/enhancements pointed out by Anton Mogilin  
						
						
						
					 
					
						2010-10-24 22:05:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bc79eec702 
							
						 
					 
					
						
						
							
							removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)  
						
						
						
					 
					
						2010-10-21 13:13:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c60edf7c17 
							
						 
					 
					
						
						
							
							Minor cosmetics  
						
						
						
					 
					
						2010-10-20 22:43:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							430bb7478f 
							
						 
					 
					
						
						
							
							Minor bug fix  
						
						
						
					 
					
						2010-10-20 21:15:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							34f70657ee 
							
						 
					 
					
						
						
							
							fix for NULL values  
						
						
						
					 
					
						2010-10-20 10:29:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							00449f1402 
							
						 
					 
					
						
						
							
							fix/upgrade/chicken soup  
						
						
						
					 
					
						2010-10-20 09:54:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e24bff0497 
							
						 
					 
					
						
						
							
							nice refactoring  
						
						
						
					 
					
						2010-10-20 09:46:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d3cbec457 
							
						 
					 
					
						
						
							
							no more regex. web server independent.  
						
						
						
					 
					
						2010-10-20 09:35:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							934adb5e8d 
							
						 
					 
					
						
						
							
							code refactoring  
						
						
						
					 
					
						2010-10-20 09:09:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0817d1b78d 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-10-19 23:09:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4009ef385e 
							
						 
					 
					
						
						
							
							more update regarding error based injection support  
						
						
						
					 
					
						2010-10-19 18:17:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f7f20b94f 
							
						 
					 
					
						
						
							
							sorry, cosmetics  
						
						
						
					 
					
						2010-10-14 23:18:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8b48833136 
							
						 
					 
					
						
						
							
							large commit with copyright header modifications  
						
						
						
					 
					
						2010-10-14 14:41:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cbe7c902c1 
							
						 
					 
					
						
						
							
							just a development start of an error based injection support  
						
						
						
					 
					
						2010-10-04 13:05:51 +00:00