sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-26 19:43:48 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,720 Commits 4 Branches 117 Tags 97 MiB
b3a0424269
Commit Graph

300 Commits

Author SHA1 Message Date
Bernardo Damele
b3a0424269 More Backend class method usage refactoring 2011-04-30 15:24:15 +00:00
Bernardo Damele
9a4ae7d9e2 More code refactoring of Backend class methods used 2011-04-30 14:54:29 +00:00
Bernardo Damele
36a9ddaacc Minor bug fixes and code restyling for --privileges and --passwords 2011-04-30 14:50:27 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Bernardo Damele
1a052245a6 duplicate code 2011-04-30 00:25:15 +00:00
Bernardo Damele
a5968fff3e Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided 2011-04-30 00:22:22 +00:00
Bernardo Damele
529595fd85 Moved method below 2011-04-29 22:37:43 +00:00
Bernardo Damele
14bf6abb7e Minor layout adjustment 2011-04-29 21:40:48 +00:00
Bernardo Damele
f449688f93 Proper resume of --schema data when calling with --columns switch, minor fixes too 2011-04-29 21:17:59 +00:00
Miroslav Stampar
a6015b59df fix for a bug reported by jaccovantuijl@gmail.​com (entries = zip(*[entries[colName] for colName in colList])) 2011-04-29 14:33:47 +00:00
Bernardo Damele
edac0b2558 Added switch --schema to enumerate DBMS schema and now --columns does not require a mandatory table (-T) anymore, instead it will act as an alias for --schema 2011-04-28 23:59:00 +00:00
Bernardo Damele
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: 
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
 2011-04-24 23:01:21 +00:00
Bernardo Damele
d0a534dee5 Do not even prompt for ICMP tunnel if the target OS is not Windows 2011-04-23 21:57:07 +00:00
Bernardo Damele
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00
Miroslav Stampar
bd4fbb3251 fix for a bug reported by l0rda@l0rda.biz (TypeError: cannot concatenate 'str' and 'NoneType' objects) 2011-04-21 14:53:02 +00:00
Miroslav Stampar
5052013ffa minor update 2011-04-20 14:48:23 +00:00
Miroslav Stampar
88c76147e1 removed few trailing whitespace lines 2011-04-15 20:52:08 +00:00
Miroslav Stampar
c16b74ce1a covering __pivotDumpTable for keyboard and connection exceptions too 2011-04-15 14:21:13 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Miroslav Stampar
aed994192e disabling safecharencode for --banner 2011-04-15 08:15:21 +00:00
Miroslav Stampar
8ddac7fe5a minor fix and speedup when pivoting empty table 2011-04-14 21:11:20 +00:00
Miroslav Stampar
384ca98ded don't let sqlmapNoneDataException for one table to break whole dumpAll() 2011-04-14 20:56:12 +00:00
Miroslav Stampar
dbbaefa79d minor update (pivot value should be safechardecoded) 2011-04-14 20:38:03 +00:00
Miroslav Stampar
d06ae9cd47 implemented retrieved items info for partial union too 2011-04-13 14:33:15 +00:00
Bernardo Damele
f4745a95ea Possible fix for bug reported by David 2011-04-11 21:45:25 +00:00
Miroslav Stampar
941daa1645 just in case to prevent "object of type 'NoneType' has no len()" error reports 2011-04-11 11:59:02 +00:00
Miroslav Stampar
e20848c711 first commit toward v1.0 (it's smarter to start testing for pivot point from shorter column names as they tend to be some kind of identifiers) 2011-04-11 09:40:52 +00:00
Bernardo Damele
fbf8e7f32d Minor bug fix to --file-read 2011-04-10 19:53:42 +00:00
Bernardo Damele
7dd5bd9d59 Minor fix for --cleanup on MSSQL 2011-04-10 13:48:29 +00:00
Miroslav Stampar
c714ac6421 added support for handling binary data values (no more garbish chars) 2011-04-09 23:13:16 +00:00
Miroslav Stampar
6fa2fd139c implemented support for __pivotDumpTable on MSSQL as normal tables tend to not play well with normal TOP 1 ..NOT IN..ORDER BY mechanism if the argument for ORDER BY is not the unique one (returns only number of rows equal to the number of distinct values for that field) 2011-04-08 15:17:57 +00:00
Miroslav Stampar
e8259a7665 minor update (now --dump also supports only -D parameter) 2011-04-07 22:38:13 +00:00
Bernardo Damele
bac53eeef1 Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s) 2011-04-07 22:08:10 +00:00
Miroslav Stampar
60102209f6 quick fix for a bug reported by Kirill (AttributeError: 'NoneType' object has no attribute 'split') 2011-04-01 11:14:24 +00:00
Miroslav Stampar
b6af80bab3 refactoring, cleanup and improvement 2011-03-29 21:54:15 +00:00
Miroslav Stampar
4312a42b5d another minor fix 2011-03-28 12:04:39 +00:00
Miroslav Stampar
3173adbf6b minor update 2011-03-28 12:02:31 +00:00
Miroslav Stampar
73e5d20ade bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries) 2011-03-28 11:01:55 +00:00
Miroslav Stampar
76b7e3517d minor update 2011-03-27 07:58:15 +00:00
Miroslav Stampar
04c4578df7 minor fix 2011-03-26 05:55:49 +00:00
Miroslav Stampar
58f8703ecd minor update before bedtime 2011-03-25 22:59:18 +00:00
Miroslav Stampar
ae12dee990 minor update 2011-03-25 22:08:54 +00:00
Miroslav Stampar
c9baa0094b going global for protection of non-standard identificator naming 2011-03-25 22:02:28 +00:00
Miroslav Stampar
5a1f733a43 minor update (_ is part of normal identificator naming) 2011-03-25 21:49:20 +00:00
Miroslav Stampar
1a98095a93 minor improvement for that MySQL identification naming 2011-03-25 21:46:49 +00:00
Miroslav Stampar
48c4460e2c bug fixed (there was a huge problem with space containing identifiers - fixed and tested for MySQL) 2011-03-25 21:22:06 +00:00
Miroslav Stampar
af39a441fa minor improvement when --dbs returns no database names (like in many cases with MySQL 4) 2011-03-25 19:50:06 +00:00
Miroslav Stampar
f3858a5fcf another fix related to the bug reported by Alone Shell 2011-03-24 17:08:14 +00:00
Miroslav Stampar
02379c01a2 minor update (will do "schema update" for sybase some other time; that COUNT(*) blew my mind) 2011-03-23 11:42:36 +00:00
Miroslav Stampar
0f7bce5c66 fixing a huge mess going on because of counting on error and union techniques 2011-03-23 11:36:40 +00:00