Commit Graph

492 Commits

Author SHA1 Message Date
Miroslav Stampar
6e392b6054 applying contributed patch for DB2 2011-05-06 09:30:39 +00:00
Bernardo Damele
c58dc4a6d8 isDbmsWithin() must stay like this, no getIdentifiedDbms() in there 2011-05-03 14:13:45 +00:00
Miroslav Stampar
b202d73b46 bug fix for MSSQL identificators which were starting with d, b, o and . Thing is that .lstrip strips all occurances of the given chars :) (spotted ancidentally) 2011-05-03 11:09:30 +00:00
Miroslav Stampar
1e6c2fea74 update regarding warning for --random-agent during connection timeout in connection test phase 2011-05-03 10:05:42 +00:00
Bernardo Damele
ac2550535c Proper fix for --technique=U bug 2011-05-01 23:42:41 +00:00
Bernardo Damele
00f14bec5f layout adjustment 2011-04-30 15:22:33 +00:00
Bernardo Damele
9a4ae7d9e2 More code refactoring of Backend class methods used 2011-04-30 14:54:29 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Bernardo Damele
a5968fff3e Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided 2011-04-30 00:22:22 +00:00
Miroslav Stampar
6bb4dce3aa minor refactoring 2011-04-29 15:22:32 +00:00
Bernardo Damele
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Bernardo Damele
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00
Miroslav Stampar
e1a8d268d8 fix for UPX linux/macos 2011-04-21 10:52:34 +00:00
Miroslav Stampar
9ccf720c05 removing funny remark 2011-04-21 10:06:13 +00:00
Bernardo Damele
a91e6a8440 layout 2011-04-21 10:03:18 +00:00
Miroslav Stampar
cbfe743bad added a comment 2011-04-21 10:01:58 +00:00
Miroslav Stampar
3b133303bf refactoring 2011-04-19 22:54:13 +00:00
Miroslav Stampar
de2479b864 dealing with http://bugs.python.org/issue1602 2011-04-19 22:33:03 +00:00
Miroslav Stampar
13f8c001a7 minor update 2011-04-19 11:13:53 +00:00
Miroslav Stampar
a7366bf710 SOAP refactoring 2011-04-17 21:39:00 +00:00
Miroslav Stampar
29ee760021 improving time based data retrieval mechanism 2011-04-17 07:24:18 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Miroslav Stampar
8c6f7c7d5f explicit usage of --time-sec will implicitly turn off auto-adjustment of time delay 2011-04-15 08:52:53 +00:00
Miroslav Stampar
bb99bd2fbe one more commit related to the issue with displaying of garbled characters 2011-04-14 09:43:36 +00:00
Miroslav Stampar
58a93c5b1f better beep for MacOSX 2011-04-13 18:32:47 +00:00
Miroslav Stampar
c193b896be just in case update to prevent gibberish "retrieved: " outputs 2011-04-12 23:07:50 +00:00
Miroslav Stampar
723a7447b2 minor refactoring 2011-04-10 07:16:19 +00:00
Miroslav Stampar
c714ac6421 added support for handling binary data values (no more garbish chars) 2011-04-09 23:13:16 +00:00
Miroslav Stampar
4ad73f9263 added two new valuable functions for dealing with binary data (e.g. binary representations of password hashes) and some cosmetics 2011-04-09 22:39:03 +00:00
Miroslav Stampar
83feb097ef greater flexibility for --batch when default is None 2011-04-08 22:29:50 +00:00
Miroslav Stampar
ae4ea0af45 fix for a bug reported by m4l1c3 (AttributeError: 'NoneType' object has no attribute 'replace') 2011-04-07 13:57:07 +00:00
Bernardo Damele
05d12790f1 closes #219 - unhidden switch --technique and adapted code accordingly (renamed conf.technique to conf.tech to fit properly in the -h help message) 2011-04-06 14:41:44 +00:00
Miroslav Stampar
305115a68b important improvement of data handling (POST data and header values) 2011-04-03 15:02:52 +00:00
Bernardo Damele
c3b54cc222 Cosmetics 2011-04-01 16:40:28 +00:00
Miroslav Stampar
156d24203f speed optimization 2011-03-31 17:16:26 +00:00
Miroslav Stampar
ce51326bff quick fix 2011-03-31 08:43:17 +00:00
Miroslav Stampar
dd01d66f13 proper update regarding last commit 2011-03-29 22:10:08 +00:00
Miroslav Stampar
b6af80bab3 refactoring, cleanup and improvement 2011-03-29 21:54:15 +00:00
Miroslav Stampar
12f3024c8a removing that boring message "reflective value found and filtered out" for headers case (we always include Uri header) 2011-03-29 20:45:21 +00:00
Miroslav Stampar
c5b6d377fb fix for a bug reported by Kirill Morozov (we haven't expected mixed case/copied results in partial union pages) 2011-03-25 12:14:19 +00:00
Miroslav Stampar
1f1c4c0e61 better update related to the last commit 2011-03-24 20:04:20 +00:00
Miroslav Stampar
d79fae724c minor refactoring 2011-03-24 09:16:21 +00:00
Miroslav Stampar
58e9a074d3 masking some more command line arguments 2011-03-18 16:47:18 +00:00
Miroslav Stampar
00b9d85ffc fix regarding bug report from andyroyalbattle@yahoo.it 2011-03-18 16:26:39 +00:00
Miroslav Stampar
6cc745f789 removal of deprecated piece of code (replaced later with that getCurrentThreadData().disableStdOut) 2011-03-11 20:04:15 +00:00
Miroslav Stampar
16b286982d fix for a bug reported by nightman (AttributeError: 'list' object has no attribute 'split') 2011-03-07 09:50:43 +00:00
Miroslav Stampar
f27f05308a minor update for masking sensitive data in error report (added aCred too) 2011-03-02 10:09:17 +00:00
Miroslav Stampar
2bf212ffa9 minor minor update 2011-02-27 20:43:38 +00:00
Miroslav Stampar
21041f8b90 further reflective value handling improvement 2011-02-27 17:43:41 +00:00
Miroslav Stampar
88faedc0fe fix for a bug reported by -insane- 2011-02-26 17:48:19 +00:00
Miroslav Stampar
2bbbc9a41e few updates 2011-02-25 09:35:24 +00:00
Miroslav Stampar
aa88361ab1 incorporation of method for neutralization of reflective values 2011-02-25 09:22:44 +00:00
Miroslav Stampar
dcad5410fe minor refactoring 2011-02-22 12:54:22 +00:00
Miroslav Stampar
6cdf08b81c minor fix 2011-02-17 21:51:40 +00:00
Miroslav Stampar
22cd49a217 --technique can now be something like 123 which includes both techniques 1, 2 and 3 2011-02-17 21:39:16 +00:00
Miroslav Stampar
5fb11fd173 update regarding multiple DBMS payloads 2011-02-13 21:20:21 +00:00
Bernardo Damele
c3eb82e60b Proper fix 2011-02-08 10:08:48 +00:00
Miroslav Stampar
dba2f74588 revert of r3274 2011-02-08 09:44:34 +00:00
Bernardo Damele
cfe2da0195 Minor fix 2011-02-08 00:13:39 +00:00
Miroslav Stampar
e023e0d233 proper fix 2011-02-07 12:32:08 +00:00
Bernardo Damele
3719f085ae Added back-end dbms' OS based methods to Backend object - will be used for refactoring 2011-02-07 00:21:17 +00:00
Miroslav Stampar
4df8a03c04 using OrderedDict to store parameters in order of appearance 2011-02-04 18:07:21 +00:00
Bernardo Damele
fec88f6a6d Minor fix 2011-02-04 15:57:53 +00:00
Miroslav Stampar
accf4e6ce0 one important fix (URI injection parameter '*' now can go anywhere) 2011-02-04 12:43:18 +00:00
Miroslav Stampar
c229efba05 revert 2011-02-04 11:33:21 +00:00
Miroslav Stampar
d211def899 minor adjustment (accepting strange new looking uri formats) 2011-02-04 10:55:03 +00:00
Miroslav Stampar
9a1a28c804 adding comments to filtering function 2011-02-03 23:09:08 +00:00
Miroslav Stampar
2dae57a56d cosmetics 2011-02-02 14:35:21 +00:00
Miroslav Stampar
6c87bd1c63 added maskSensitiveData function 2011-02-02 14:25:16 +00:00
Bernardo Damele
3d966bd569 You never know.. 2011-02-01 22:05:12 +00:00
Miroslav Stampar
705d45f4db minor cosmetics 2011-02-01 11:10:23 +00:00
Miroslav Stampar
196e2d35b2 maybe we could ask user "are you willing to import local data content into error report" and use this function respectably 2011-02-01 11:06:56 +00:00
Bernardo Damele
6761933f75 Just.. cosmetics ;) 2011-01-31 22:51:14 +00:00
Miroslav Stampar
25c175a9a5 minor bug fix 2011-01-31 22:34:57 +00:00
Bernardo Damele
b04e1a0313 More detailed message for unhandled exception 2011-01-31 21:23:40 +00:00
Miroslav Stampar
8ef47307db added checking of header values for GREP (error); still UNION to do 2011-01-31 12:21:17 +00:00
Miroslav Stampar
5e768be509 minor bug fix 2011-01-31 09:34:54 +00:00
Miroslav Stampar
f7feebe0df fix for a bug reported by malice.anon@gmail.com (TypeError: encode() takes no keyword arguments) 2011-01-31 09:28:16 +00:00
Miroslav Stampar
ddf23ba7cc refactoring 2011-01-30 11:36:03 +00:00
Miroslav Stampar
367d0639f0 refactoring (class names should always be Capital cased) 2011-01-28 16:36:09 +00:00
Miroslav Stampar
ddd296030d added some more info to unhandled exception message(s) 2011-01-28 16:15:45 +00:00
Miroslav Stampar
81722b6881 major bug fix reported by Ahmed Shawky (there was a possibility of double url encoding of parameter values) 2011-01-27 18:36:28 +00:00
Miroslav Stampar
6cc69f5e16 now --technique is appliable also after the injections have been identified 2011-01-24 16:47:24 +00:00
Miroslav Stampar
81011be0d7 minor update of parseTargetUrl method 2011-01-24 14:52:50 +00:00
Miroslav Stampar
b18397fbc7 major revisit of --os-shell methods 2011-01-23 20:47:06 +00:00
Bernardo Damele
7d1c704575 Moved little precaution from checks.py to common.py.
Initial refactoring of kb.os* get/set.
2011-01-20 21:56:10 +00:00
Miroslav Stampar
345e2288e1 important fix regarding encoding stuff 2011-01-20 13:54:18 +00:00
Bernardo Damele
bade0e3124 Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-19 23:06:15 +00:00
Miroslav Stampar
aea43a1e43 minor refactoring 2011-01-19 15:26:57 +00:00
Miroslav Stampar
eadaf680de fuck yea 2011-01-19 15:25:48 +00:00
Miroslav Stampar
89e0fd0709 back to roots 2011-01-19 14:06:26 +00:00
Bernardo Damele
33485198e1 Code cleanup 2011-01-18 23:05:32 +00:00
Bernardo Damele
47565f9459 Minor code refactoring 2011-01-17 21:13:59 +00:00
Miroslav Stampar
041abb56e2 you can't believe how much man can learn when having good testing points 2011-01-17 13:59:22 +00:00
Miroslav Stampar
d225c5c9aa was wrong about this one (just now tested on a real site) 2011-01-17 11:00:09 +00:00
Miroslav Stampar
ac0b5e6dbc proper way to handle this (console output has totally different encoding than the page one) 2011-01-17 10:27:36 +00:00
Miroslav Stampar
2041361695 minor cosmetics 2011-01-16 23:20:52 +00:00
Miroslav Stampar
e2c821eb81 minor cosmetics 2011-01-16 22:35:54 +00:00
Miroslav Stampar
e881465a9f minor improvement 2011-01-16 20:55:07 +00:00
Miroslav Stampar
30d6791968 update regarding time based data retrieval 2011-01-16 17:52:42 +00:00