sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,349 Commits 4 Branches 117 Tags 97 MiB
b07f165d60
Commit Graph

2343 Commits

Author SHA1 Message Date
Miroslav Stampar
4a3580d10b minor fix 2011-09-19 19:08:08 +00:00
Bernardo Damele
f890b29f81 Proper reference to Metasploit Framework as now it's version 4, not 3 anymore 2011-09-12 17:26:22 +00:00
Miroslav Stampar
4fb6dab1a2 minor bug fix 2011-09-12 14:15:57 +00:00
Miroslav Stampar
1bdde51d0e minor just in case update 2011-09-11 16:41:07 +00:00
Miroslav Stampar
02f993583b minor bug fix 2011-09-09 11:36:09 +00:00
Miroslav Stampar
2f4e34f5a0 minor improvement for URI injections 2011-09-08 11:13:12 +00:00
Miroslav Stampar
d434047482 minor bug fix 2011-09-05 09:28:40 +00:00
Miroslav Stampar
08e0eb9b61 minor lower/upper case fix 2011-08-29 13:47:32 +00:00
Miroslav Stampar
9be89422da implemented parameter --skip 2011-08-29 13:29:42 +00:00
Miroslav Stampar
e0f521cf9d minor update regarding --randomize 2011-08-29 13:08:25 +00:00
Miroslav Stampar
ac00014c4a implemented --randomize switch by request 2011-08-29 12:50:52 +00:00
Miroslav Stampar
8fe069b495 minor fix 2011-08-23 21:48:39 +00:00
Miroslav Stampar
01014eca17 by request 2011-08-23 21:45:01 +00:00
Miroslav Stampar
cfc1f2b70b minor update 2011-08-22 22:43:14 +00:00
Miroslav Stampar
f4127a80d7 improvement of UNION based injection detection (with non-NULL kb.uChar values searching of the content inside -1 UNION.. pages is used) 2011-08-22 21:43:46 +00:00
Miroslav Stampar
8a174248dc fix for a bug reported by blueBoy 2011-08-20 20:08:11 +00:00
Miroslav Stampar
cb32d46f2a minor minor update 2011-08-18 06:09:12 +00:00
Miroslav Stampar
54bcc35ba7 important bug fix (connection exception was causing losing of already retrieved data) 2011-08-17 22:31:33 +00:00
Miroslav Stampar
9d31322f3d update regarding special case when conf.uChar appears only in testable pages 2011-08-17 21:40:42 +00:00
Miroslav Stampar
75ec146224 minor beautification 2011-08-17 21:17:02 +00:00
Miroslav Stampar
f46baac70b bug fix (when comment is None this was errornous) 2011-08-17 10:58:29 +00:00
Bernardo Damele
9361e633f4 Minor bug fix - some applications do really set cookies like param="value" with double-quotes 2011-08-16 09:21:01 +00:00
Miroslav Stampar
e1dbb4443b minor update related to the last commit 2011-08-16 07:01:14 +00:00
Miroslav Stampar
7cc5743c5d minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) 2011-08-16 06:50:20 +00:00
Miroslav Stampar
600ef3eace minor patch 2011-08-16 06:22:04 +00:00
Miroslav Stampar
262996fc5b bug fix 2011-08-16 06:14:40 +00:00
Miroslav Stampar
df4abf1af1 lowering constant value from 10 to 7 for da peace in da houz 2011-08-12 17:19:19 +00:00
Bernardo Damele
702ed73a65 Added --code switch to match in boolean-based tests against the HTTP response code 2011-08-12 16:48:11 +00:00
Bernardo Damele
fff4c34e33 Search for --string and --regexp matches also in HTTP response headers 2011-08-12 15:33:37 +00:00
Bernardo Damele
5e5133b8e7 Should be fixed now 2011-08-12 15:00:11 +00:00
Bernardo Damele
1505cb2a80 typo 2011-08-12 14:51:39 +00:00
Bernardo Damele
702ca22d54 Minor bug fix for URI injections 2011-08-12 14:48:44 +00:00
Bernardo Damele
28bba9f5e6 More verbose warning message 2011-08-12 13:47:38 +00:00
Miroslav Stampar
10bdd90e60 minor speed optimizations (as a result of profiling) 2011-08-12 13:40:37 +00:00
Bernardo Damele
36280b33fa Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site 2011-08-12 13:06:40 +00:00
Miroslav Stampar
41ae9bc7ff minor bug fix 2011-08-09 14:20:25 +00:00
Miroslav Stampar
2ad267132a minor update for empty normal responses (like AJAX requests) 2011-08-05 10:55:21 +00:00
Miroslav Stampar
e849b71027 minor typo 2011-08-03 14:31:42 +00:00
Miroslav Stampar
538b49bcc5 removing word "dramatically". i was too excited at the moment :). it is cool and all but we shouldn't put "highly subjective" attribs in reports 2011-08-03 13:26:38 +00:00
Miroslav Stampar
f7562da754 from now on proper union column count should be displayed in injection info output 2011-08-03 10:34:50 +00:00
Miroslav Stampar
9423d15fb3 ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix 2011-08-03 09:08:16 +00:00
Miroslav Stampar
07afcd5440 fix for a bug reported by Ahmed Shawky (when user uses --suffix intermixing test default comments with the provided suffix is a big no no) 2011-08-02 18:20:21 +00:00
Miroslav Stampar
07c3d4fb18 minor adjustment 2011-08-02 17:35:43 +00:00
Miroslav Stampar
edab7d01a5 minor fix 2011-08-02 17:31:13 +00:00
Bernardo Damele
c15439ab7f Minor improvement to --passwords output 2011-08-02 09:04:34 +00:00
Miroslav Stampar
cb0981d858 proper way of handling 0 length results (as in __goInferenceProxy) 2011-08-02 08:39:32 +00:00
Miroslav Stampar
0643ced651 minor update 2011-08-02 08:12:43 +00:00
Miroslav Stampar
457f501bbd proper fix 2011-08-01 23:48:38 +00:00
Bernardo Damele
cbd0ea0866 Possible fix for a minor bug 2011-08-01 23:24:39 +00:00
Miroslav Stampar
018d7ed646 improvement for limited queries (more stable to have TOP/LIMIT/OFFSET mechanisms as part of a subquery) 2011-07-31 23:40:09 +00:00
Miroslav Stampar
0627bb02cb minor beautification 2011-07-31 10:21:47 +00:00
Miroslav Stampar
93ae1dfa2b minor bug fix 2011-07-31 08:52:48 +00:00
Miroslav Stampar
68ae8ea5b2 minor refactoring 2011-07-29 10:54:25 +00:00
Miroslav Stampar
e522263640 fix for a neverending data retrieval in large full inband cases 2011-07-29 10:45:09 +00:00
Miroslav Stampar
3fc603843e minor fix 2011-07-27 23:26:36 +00:00
Miroslav Stampar
107089c00b bug fix 2011-07-27 08:25:51 +00:00
Miroslav Stampar
f7eaffcec5 i believe that this could be ok 2011-07-26 21:28:48 +00:00
Bernardo Damele
a2483b3bc4 Aligned OS takeover functionalities to recent Metasploit improvements 2011-07-26 10:29:14 +00:00
Bernardo Damele
938716e361 Proper fix for --start and --stop consistency amongst different techniques 2011-07-26 10:06:28 +00:00
Bernardo Damele
e71f96afe7 Reverted dumb "fix" 2011-07-26 09:42:09 +00:00
Miroslav Stampar
6bbb8139a0 update (smaller memory footprint in postprocessing phase because of safecharencode part) 2011-07-25 20:40:31 +00:00
Miroslav Stampar
5770c08784 minor optimization and refactoring 2011-07-25 20:17:44 +00:00
Bernardo Damele
0a7a648694 Minor bug fix for --start, now all techniques return the same result (before blind techniques returned from one entry behind) 2011-07-25 11:15:18 +00:00
Bernardo Damele
6cbb927012 Partial fix for -o not resumed at following runs if missing from command line 2011-07-25 11:05:49 +00:00
Miroslav Stampar
2033a28ae7 minor update regarding last commit (cleaner code) 2011-07-24 20:44:17 +00:00
Miroslav Stampar
3a3561fdaa doing proper big table support for partial union too 2011-07-24 20:36:44 +00:00
Miroslav Stampar
ec1bc0219c hello big tables, this is sqlmap, sqlmap this is big tables 2011-07-24 09:19:33 +00:00
Miroslav Stampar
82e1e61554 minor speedup 2011-07-23 19:51:19 +00:00
Miroslav Stampar
094dc91e2d minor update (prior to some changes regarding large content retrieval) 2011-07-23 19:04:59 +00:00
Miroslav Stampar
a89140e1ce revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function) 2011-07-23 06:07:00 +00:00
Miroslav Stampar
8a00ca83af refactoring. nothing special changed 2011-07-21 10:18:11 +00:00
Miroslav Stampar
963f54e6d2 minor fix for parameters containing '=' inside values itself (remark: no parameter name will have '=' nor '%3d' inside; tested and it does a good job) 2011-07-21 10:06:52 +00:00
Miroslav Stampar
7881ded60d quick fix (this other library was doing problems) 2011-07-20 22:20:16 +00:00
Bernardo Damele
d6b52242c7 Meterpreter's sniffer extension freezes 64-bit systems 
Meterpreter's priv extension is loaded by default since Metasploit 3.5 or so.
There is no shellcodeexec 64-bit yet, anyway as the Metasploit payload is encoded with a 32-bit encoded (alphanumeric), it's all fine.
 2011-07-20 13:50:02 +00:00
Miroslav Stampar
9d996c07fb another quick fix 2011-07-20 13:00:34 +00:00
Miroslav Stampar
fad77dd078 fix for a ImportError bug reported by g@brindi.si 2011-07-20 12:18:36 +00:00
Miroslav Stampar
9cf33ec997 now status is no longer represented in percentage (impossible in cases where we need to support too small and too large dictionaries - technical issues regarding counting) but by the rotating char 2011-07-15 13:24:13 +00:00
Miroslav Stampar
ff8fc90ac7 bug fix 2011-07-13 06:44:15 +00:00
Miroslav Stampar
5c162efbd8 more optimization 2011-07-12 23:21:15 +00:00
Miroslav Stampar
9933edc718 optimization of reflective removal mechanism 2011-07-12 22:28:19 +00:00
Bernardo Damele
cda25cda2f Cosmetics 2011-07-12 20:49:27 +00:00
Miroslav Stampar
3583d6dd1b quick fixes, more work to do 2011-07-12 20:32:19 +00:00
Miroslav Stampar
0126b8eb0e minor revert (it's illegal to use append for updating one array with another array) 2011-07-12 19:34:54 +00:00
Bernardo Damele
48b7245a33 Minor bug fix 2011-07-12 15:47:04 +00:00
Bernardo Damele
0b8c6e4c81 Minor bug fix 2011-07-12 15:30:40 +00:00
Miroslav Stampar
a46b5230f5 minor "patch" 2011-07-11 20:33:16 +00:00
Miroslav Stampar
1f826684f6 disabling multiprocessing (maybe permanently) support for Windows as of complications with sharing dictionary iterator 2011-07-11 13:16:59 +00:00
Miroslav Stampar
7bc6280d53 possible fix for a multi-processing "problem" reported by christopher.oakley@gmail.com 2011-07-11 11:40:27 +00:00
Miroslav Stampar
f5e45bf113 quick fix for a bug reported by jovon.itwaru@gmail.com 2011-07-11 08:54:39 +00:00
Miroslav Stampar
98958f8808 minor minor update 2011-07-10 15:41:45 +00:00
Miroslav Stampar
0d6afca7db adding new switch '--smart' by request 2011-07-10 15:16:58 +00:00
Miroslav Stampar
1e182e6c72 quick fix 2011-07-08 22:34:44 +00:00
Bernardo Damele
651349e229 More verbose critical message 2011-07-08 13:12:53 +00:00
Bernardo Damele
b5dd4d4a63 Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection 2011-07-08 10:19:01 +00:00
Miroslav Stampar
02bfd05b20 more general approach 2011-07-08 10:03:14 +00:00
Miroslav Stampar
5443e06430 cosmetics (in debug mode [0] is used) 2011-07-08 09:43:52 +00:00
Miroslav Stampar
c463c411b9 minor update 2011-07-08 09:32:58 +00:00
Miroslav Stampar
ba2c06c9dc quick fix 2011-07-08 09:01:32 +00:00
Miroslav Stampar
c517e97a44 few fixes and minor cosmetics 2011-07-08 06:02:31 +00:00
Bernardo Damele
aedcf8c8d7 Changed homepage address 2011-07-07 20:10:03 +00:00