sqlmap

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-23 01:56:36 +03:00

Author	SHA1	Message	Date
Miroslav Stampar	359e734954	Minor refactoring	2012-10-29 10:48:49 +01:00
Miroslav Stampar	25a5073281	Bug fix for --hex/--technique=B (especially MsSQL)	2012-10-28 12:22:33 +01:00
Miroslav Stampar	c1b8226329	Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)	2012-10-28 00:36:09 +02:00
Miroslav Stampar	a435ba6863	Minor fix	2012-10-28 00:19:00 +02:00
Miroslav Stampar	0aeb9dbe8b	Bug fix (in --dump mode if error/inband failed with None other techniques were ignored)	2012-10-27 23:42:52 +02:00
Miroslav Stampar	12fc9442b9	Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)	2012-10-25 10:10:23 +02:00
Miroslav Stampar	b82eb3a1ae	Fix for an Issue #210	2012-10-23 13:58:25 +02:00
Miroslav Stampar	3f596cda85	Minor fix for --dump --technique=B when empty strings are returned	2012-10-22 11:49:23 +02:00
Miroslav Stampar	21481df239	Minor update for Issue #209	2012-10-21 19:00:37 +02:00
Miroslav Stampar	fb1497aa89	Minor update for Issue #209	2012-10-21 18:53:31 +02:00
Miroslav Stampar	261b286021	Fix for an Issue #209	2012-10-20 13:17:45 +02:00
Miroslav Stampar	6a271fe800	Update for an Issue #2	2012-10-19 11:29:03 +02:00
Miroslav Stampar	998eb70288	Minor update	2012-10-19 11:05:10 +02:00
Miroslav Stampar	987f167e12	Minor update	2012-10-19 11:03:54 +02:00
Miroslav Stampar	d65d9e25cd	Implementation for an Issue #2	2012-10-19 11:02:14 +02:00
Miroslav Stampar	688a2db27a	Fix for an Issue #208	2012-10-19 10:04:09 +02:00
Miroslav Stampar	b5060c0010	Fix for an Issue #205	2012-10-16 14:28:46 +02:00
Miroslav Stampar	2cb1b054bb	Implementation for an Issue #79	2012-10-16 12:32:58 +02:00
Miroslav Stampar	42b2c85517	Minor cosmetics	2012-10-15 18:45:13 +02:00
Miroslav Stampar	c7cf8b2e80	Minor refactoring of direct()	2012-10-15 18:41:41 +02:00
Miroslav Stampar	e440b096c5	Fix for an Issue #202	2012-10-15 12:24:30 +02:00
Miroslav Stampar	e61c4c22c9	Implementation for an Issue #200	2012-10-09 15:19:47 +02:00
Miroslav Stampar	5a91b6e622	Minor cleanup	2012-10-09 10:21:52 +02:00
Miroslav Stampar	8e7449ccd5	Minor update	2012-10-07 20:28:24 +02:00
Miroslav Stampar	ff205f088b	Minor update	2012-10-07 20:12:55 +02:00
Miroslav Stampar	098e446ca4	Adding support for generic XML POST data	2012-10-04 18:44:12 +02:00
Miroslav Stampar	f71b937add	Minor language cleanup	2012-10-04 18:28:36 +02:00
Miroslav Stampar	8865fe69d7	Minor cleanup	2012-10-04 18:26:07 +02:00
Miroslav Stampar	d464678e10	Minor update for an Issue #49	2012-10-04 18:01:42 +02:00
Miroslav Stampar	84b05e2d18	Better treating of numeric values (Issue #49 )	2012-10-04 16:08:37 +02:00
Miroslav Stampar	461e5ebc5f	Work for Issue #197 and Issue #49	2012-10-04 11:25:44 +02:00
Miroslav Stampar	bcbf0571a5	Implementation for an Issue #49	2012-10-02 14:23:58 +02:00
Miroslav Stampar	763dc98311	Minor refactoring	2012-10-02 13:36:15 +02:00
Miroslav Stampar	a8aecaa036	Minor style update	2012-10-02 13:33:10 +02:00
Miroslav Stampar	687f3991de	Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.	2012-09-26 11:27:43 +02:00
Miroslav Stampar	ec43ceec40	Some more cleanup related to the last commit (unneeded manual crafting/unneeded closing with ;)	2012-09-25 14:29:22 +02:00
Miroslav Stampar	c9e7e71ea2	Implementation for an Issue #195	2012-09-25 10:17:25 +02:00
Miroslav Stampar	d175decdfc	Fix for an Issue #190	2012-09-22 20:59:40 +02:00
Miroslav Stampar	e570858db9	Implementation for an Issue #183	2012-09-12 11:50:38 +02:00
Miroslav Stampar	511c3b8dcc	Update and fix for an Issue #182	2012-09-11 14:58:52 +02:00
Miroslav Stampar	10b671d625	Update for an Issue #182	2012-09-11 12:08:34 +02:00
Miroslav Stampar	5d23d72ff5	Fix for an Issue #176	2012-09-08 17:58:03 +02:00
Miroslav Stampar	dbce417cdd	Potential fix for an Issue #171	2012-09-02 22:48:41 +02:00
Miroslav Stampar	b916db34a4	Another update for an Issue #79	2012-08-31 12:38:02 +02:00
Miroslav Stampar	47d162f391	Minor update (same but cleaner)	2012-08-31 12:27:40 +02:00
Miroslav Stampar	7286d89cb6	Few fixes for an Issue #79 (problem with case sensitivity of request get_header)	2012-08-31 12:15:09 +02:00
Miroslav Stampar	cdd3ed6abc	Minor bug fix	2012-08-30 14:22:18 +02:00
Miroslav Stampar	32a36f1ff3	El Cosmeticado	2012-08-22 09:58:39 +02:00
Miroslav Stampar	d421f9a618	Fix for an Issue #157	2012-08-21 14:34:19 +02:00
Miroslav Stampar	01f481c332	Minor refactoring of dictionaries	2012-08-21 11:19:15 +02:00
Miroslav Stampar	b9c63eb908	Fix for an Issue #156	2012-08-21 10:46:29 +02:00
Miroslav Stampar	7a8ace78f9	Removing redundant newline char as logger already adds it's own	2012-08-21 09:58:40 +02:00
Miroslav Stampar	233b9a3815	Fix for Issue #150 and Issue #151 (urllib2 is automatically adding those)	2012-08-20 22:17:39 +02:00
Miroslav Stampar	823dde73ab	Minor cleanup	2012-08-20 11:40:49 +02:00
Miroslav Stampar	76338add17	Fix for an Issue #152	2012-08-20 10:41:43 +02:00
Miroslav Stampar	fec8a5cc9d	Fix for an Issue #139	2012-08-07 00:50:58 +02:00
Miroslav Stampar	142fc887f1	Fix for an Issue #129	2012-07-31 11:03:44 +02:00
Miroslav Stampar	47073f4afd	Implementation of an Issue #131	2012-07-30 21:50:46 +02:00
Miroslav Stampar	a86f9798b2	Minor refactoring together with a wider support for html entities	2012-07-30 11:21:32 +02:00
Miroslav Stampar	07738004cc	Fix for an Issue #123	2012-07-27 10:02:47 +02:00
Miroslav Stampar	a5062c1e4f	Adding a warn message when --dns-domain is ignored (because of faster techniques)	2012-07-27 09:48:48 +02:00
Bernardo Damele	92c2b3bd4c	Merge branch 'master' of github.com:sqlmapproject/sqlmap	2012-07-26 23:11:11 +01:00
Bernardo Damele	d492291744	working on issue #12	2012-07-26 23:11:07 +01:00
Miroslav Stampar	efa99c4519	Implementation for an Issue #4	2012-07-26 14:07:05 +02:00
Miroslav Stampar	b3552494c4	Minor preparation for an Issue #48	2012-07-26 12:26:57 +02:00
Miroslav Stampar	30f8d09651	Implementation for an Issue #70	2012-07-26 12:06:02 +02:00
Miroslav Stampar	f8c9868cb6	Implementation for an Issue #118	2012-07-24 15:34:50 +02:00
Miroslav Stampar	1153b4563c	Minor update for an Issue #111	2012-07-23 18:44:50 +02:00
Miroslav Stampar	fccd69721e	Update for an Issue #111	2012-07-23 18:38:46 +02:00
Miroslav Stampar	ab9cb80602	Implementing Issue #111	2012-07-23 15:14:52 +02:00
Miroslav Stampar	63bf99ce77	Minor just in case update for an Issue #117	2012-07-23 14:46:43 +02:00
Miroslav Stampar	c6b724489b	Minor style update	2012-07-23 14:26:42 +02:00
Miroslav Stampar	a7d1a0c250	Implementation for an Issue #117	2012-07-23 14:14:22 +02:00
Miroslav Stampar	534eccc9aa	Fix for an Issue #115	2012-07-23 10:16:47 +02:00
Miroslav Stampar	f336afa913	Implementation for Issue #108	2012-07-20 09:48:09 +02:00
Miroslav Stampar	81d15e5051	Fix for an Issue #101	2012-07-17 00:19:33 +02:00
Miroslav Stampar	0e21cb54de	Minor fix related to Issue #94	2012-07-16 16:06:39 +02:00
Miroslav Stampar	87ecf205cb	More work for Issue #66	2012-07-14 17:01:04 +02:00
Miroslav Stampar	805120ac52	Minor refactoring	2012-07-14 11:01:30 +02:00
Miroslav Stampar	ddb9caeef1	Revert of the previous commit	2012-07-13 15:05:19 +02:00
Miroslav Stampar	d165d5d5fe	To not be confused with heuristic method in SQLi	2012-07-13 15:03:43 +02:00
Miroslav Stampar	3c81f74823	Minor style update	2012-07-13 12:22:37 +02:00
Miroslav Stampar	d834e8debf	Minor update	2012-07-13 10:28:03 +02:00
Bernardo Damele	162da75a04	modified homepage address	2012-07-12 18:38:03 +01:00
Bernardo Damele	ea9c66108e	cleanup for issue #68	2012-07-12 15:38:43 +01:00
Miroslav Stampar	65639cdda6	First update for Issue #75 (error-based dumping)	2012-07-12 14:31:28 +02:00
Bernardo Damele	33cbbed4a8	I think we should not resume checkBooleanExpression() calls if --fresh-queries or --flush-session is provided	2012-07-12 01:39:15 +01:00
Bernardo Damele	3a94953ae2	leftover from previous commit	2012-07-12 01:15:34 +01:00
Bernardo Damele	31571e6e2d	minor refactoring	2012-07-11 11:55:05 +01:00
Miroslav Stampar	9c4a62f725	Some work on Issue #68	2012-07-11 11:58:47 +02:00
Miroslav Stampar	2669528b24	Language typo	2012-07-07 11:16:33 +02:00
Miroslav Stampar	e948e4d45b	Some more refactoring	2012-07-06 17:18:22 +02:00
Bernardo Damele	6697927098	initial support for --dbms-cred for MSSQL: can be used to execute OS commands as another DB use - useful if you have retrieved and cracked the 'sa' DBA password by any mean and can provide it to sqlmap	2012-07-02 02:04:19 +01:00
Bernardo Damele	7b4ecd9df0	added skeleton code for issue #34 , still not usable	2012-07-02 00:22:34 +01:00
jekil	c39e5a85ba	Removed $id$ tags	2012-06-27 20:56:43 +02:00
Miroslav Stampar	01be9381d5	minor update	2012-06-25 16:24:33 +00:00
Miroslav Stampar	ec44e88db8	lots of refactoring regarding removal of already obsolete session file mechanism	2012-06-21 10:09:10 +00:00
Miroslav Stampar	06be7bbb18	few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)	2012-06-15 20:41:53 +00:00
Miroslav Stampar	3a90105fbb	minor refactoring	2012-06-14 13:38:53 +00:00
Miroslav Stampar	4ac3794e80	minor update	2012-06-12 14:22:14 +00:00
Miroslav Stampar	738073105e	minor updates	2012-06-04 19:52:51 +00:00
Miroslav Stampar	7b282b1d6c	adding support for newer SSL protocols	2012-06-04 19:46:28 +00:00
Miroslav Stampar	76a4aa19ac	some more fine tunning	2012-05-28 19:50:12 +00:00
Miroslav Stampar	efb406fbfc	minor revert	2012-05-28 19:13:50 +00:00
Miroslav Stampar	f7cba8d2cb	minor update	2012-05-28 18:05:15 +00:00
Miroslav Stampar	a72cb29c1f	taking care of few issues regarding reverse address lookup of localhost/127.0.0.1 at remote DNS server	2012-05-28 16:57:10 +00:00
Miroslav Stampar	89e90c3d84	revert of last commit	2012-05-28 15:01:56 +00:00
Miroslav Stampar	96c84e6e5b	minor update	2012-05-28 15:00:06 +00:00
Miroslav Stampar	a70a647aeb	few fixes regarding --dns-domain usage (time-based technique should not be used as a failback because of few things, --time-sec should be put to 0 just in case,...)	2012-05-28 14:51:23 +00:00
Miroslav Stampar	b1d82422a0	changing conf.dnsDomain to conf.dName just because of long text problems in help listing	2012-05-28 14:15:04 +00:00
Miroslav Stampar	226547b7dc	minor fix for --skip-urlencode and custom post	2012-05-28 09:04:25 +00:00
Miroslav Stampar	e967bbd70f	minor patch	2012-05-27 21:44:42 +00:00
Miroslav Stampar	fed0212631	now working with recursive queries too	2012-05-27 10:03:02 +00:00
Miroslav Stampar	09f2144485	full page read is not needed in DNS exfiltration mode	2012-05-26 21:28:43 +00:00
Miroslav Stampar	c394610740	adding switch --skip-urlencode to skip URL encoding of POST data	2012-05-24 23:30:33 +00:00
Miroslav Stampar	2538e2d5b4	fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring	2012-05-22 09:33:22 +00:00
Miroslav Stampar	333f8057a5	minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces	2012-05-14 14:06:43 +00:00
Miroslav Stampar	12d32f58f2	fix for that SOAP reported bug	2012-05-10 13:39:54 +00:00
Miroslav Stampar	fdf61015ad	minor patch	2012-05-09 08:41:05 +00:00
Miroslav Stampar	6af110d631	avoiding --no-cast/--hex warning message before a DBMS is fingerprinted	2012-05-08 14:06:41 +00:00
Miroslav Stampar	775134639d	minor update	2012-04-20 20:33:15 +00:00
Miroslav Stampar	6ebb621228	adding support for (custom) POST injection (marking injection point with '*' in conf.data)	2012-04-17 14:23:00 +00:00
Miroslav Stampar	052d9455fe	warning user in cases of "User xyz already has more than 'max_user_connections' active connections"	2012-04-12 09:44:54 +00:00
Miroslav Stampar	119eec3598	improving "boolean detection" by automatic recognition of convenient --string candidate	2012-04-10 21:48:34 +00:00
Miroslav Stampar	8c6eb4faa9	adding support for PgSQL DNS data exfiltration	2012-04-07 14:06:11 +00:00
Miroslav Stampar	b2afa87e48	reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)	2012-04-06 08:42:36 +00:00
Miroslav Stampar	2223c884e5	minor refactoring	2012-04-05 12:55:26 +00:00
Miroslav Stampar	e0994947e2	minor update	2012-04-04 23:37:50 +00:00
Miroslav Stampar	b1dd03731a	minor cosmetics	2012-04-04 23:34:08 +00:00
Miroslav Stampar	c89a4162e2	bug fix for --dns-domain with --technique=TS	2012-04-04 18:01:39 +00:00
Miroslav Stampar	098c7c06dd	added few comments	2012-04-04 13:24:58 +00:00
Miroslav Stampar	a4b95ab7dd	works against MySQL/Windows	2012-04-04 12:49:45 +00:00
Bernardo Damele	c0946ce2c9	Minor refactoring	2012-04-04 12:42:58 +00:00
Bernardo Damele	75d1dab895	more cosmetics	2012-04-04 12:33:16 +00:00
Bernardo Damele	d106fb5184	layout adjustments	2012-04-04 12:27:24 +00:00
Miroslav Stampar	503988887c	minor update	2012-04-03 10:43:46 +00:00
Miroslav Stampar	2504f4edb8	minor fixes	2012-04-03 10:10:33 +00:00
Miroslav Stampar	e05109812f	minor improvements regarding data retrieval through DNS channel	2012-04-03 09:18:30 +00:00
Miroslav Stampar	1cd3c3f7af	further update of DNS data retrieval mechanism through SQLi	2012-04-02 14:05:30 +00:00
Miroslav Stampar	abffc39929	minor update regarding DNS data retrieval task	2012-04-02 12:22:40 +00:00
Miroslav Stampar	429b8396e9	minor update for DNSServer support	2012-03-30 13:20:29 +00:00
Miroslav Stampar	6acf6b193a	minor update regarding boolean logic comparison mechanism	2012-03-30 09:42:58 +00:00
Miroslav Stampar	5469186540	minor comment update	2012-03-29 14:35:47 +00:00
Miroslav Stampar	637a8d8273	improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism	2012-03-29 14:33:27 +00:00
Miroslav Stampar	ce4c697bbd	disabling "negative logic" as it's not half done (it was "luckily" working for --string/--regex/--code but it was a sheer luck); removing "dirty fix" from checks.py; proof that this was not ready for the release is that there was not check for negative logic anywhere for anything more then --string/--regex/--code	2012-03-29 13:39:12 +00:00
Miroslav Stampar	60146481af	bug fix(es) (flags were used in place of count parameter in re.sub() calls)	2012-03-28 19:33:00 +00:00
Miroslav Stampar	7d131d1fb1	minor update	2012-03-28 13:46:31 +00:00
Miroslav Stampar	769b0d0ae7	more minor updates regarding data retrieval through DNS channel	2012-03-27 19:29:24 +00:00
Miroslav Stampar	1b072f6415	laying foundation for DNS based data retrieval	2012-03-27 18:59:12 +00:00
Miroslav Stampar	e88687b1f0	revert of last commit (it would be faster for sure, but not sure if it's clever to do it by default regarding SQLi detection)	2012-03-21 23:15:59 +00:00

1 2 3 4 5 ...

944 Commits