Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							284c69a686 
							
						 
					 
					
						
						
							
							Improved --tables for MSSQL too, like r3798  
						
						
						
					 
					
						2011-04-30 22:05:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aeb149db22 
							
						 
					 
					
						
						
							
							Proper ordering of enumeration methods, consistent with the others enumeration classes  
						
						
						
					 
					
						2011-04-30 22:04:08 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							955dbc85e7 
							
						 
					 
					
						
						
							
							Minor variable rename  
						
						
						
					 
					
						2011-04-30 15:29:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							cb9b9c4204 
							
						 
					 
					
						
						
							
							Code refactoring and improvements to --dbs and --tables: now --tables accepts also -D CD as an alias for Current Database and as usual multiple database comma-separated are supported too  
						
						
						
					 
					
						2011-04-30 15:29:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b3a0424269 
							
						 
					 
					
						
						
							
							More Backend class method usage refactoring  
						
						
						
					 
					
						2011-04-30 15:24:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							00f14bec5f 
							
						 
					 
					
						
						
							
							layout adjustment  
						
						
						
					 
					
						2011-04-30 15:22:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9a4ae7d9e2 
							
						 
					 
					
						
						
							
							More code refactoring of Backend class methods used  
						
						
						
					 
					
						2011-04-30 14:54:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2f2758b033 
							
						 
					 
					
						
						
							
							Long form contributor name  
						
						
						
					 
					
						2011-04-30 14:51:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							36a9ddaacc 
							
						 
					 
					
						
						
							
							Minor bug fixes and code restyling for --privileges and --passwords  
						
						
						
					 
					
						2011-04-30 14:50:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f56d135438 
							
						 
					 
					
						
						
							
							Minor code restyling  
						
						
						
					 
					
						2011-04-30 13:20:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							983546d6bf 
							
						 
					 
					
						
						
							
							proper fix  
						
						
						
					 
					
						2011-04-30 07:01:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1a052245a6 
							
						 
					 
					
						
						
							
							duplicate code  
						
						
						
					 
					
						2011-04-30 00:25:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a5968fff3e 
							
						 
					 
					
						
						
							
							Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided  
						
						
						
					 
					
						2011-04-30 00:22:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							529595fd85 
							
						 
					 
					
						
						
							
							Moved method below  
						
						
						
					 
					
						2011-04-29 22:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							956e75e2b5 
							
						 
					 
					
						
						
							
							Minor adjustment to --mobile.  
						
						... 
						
						
						
						Bug fix to --random-agent. 
						
					 
					
						2011-04-29 21:50:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							14bf6abb7e 
							
						 
					 
					
						
						
							
							Minor layout adjustment  
						
						
						
					 
					
						2011-04-29 21:40:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f449688f93 
							
						 
					 
					
						
						
							
							Proper resume of --schema data when calling with --columns switch, minor fixes too  
						
						
						
					 
					
						2011-04-29 21:17:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a23ca952e4 
							
						 
					 
					
						
						
							
							Actually brute-force switches make more sense just after their "normal" version. Also, getSchema() method is preferably to be called before getColumns(), see next commit for reason  
						
						
						
					 
					
						2011-04-29 21:09:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							46f96f3c4c 
							
						 
					 
					
						
						
							
							removing Kindle from list as it's not really a smartphone  
						
						
						
					 
					
						2011-04-29 19:32:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							11124b21f9 
							
						 
					 
					
						
						
							
							implemented --mobile switch  
						
						
						
					 
					
						2011-04-29 19:27:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b299912de4 
							
						 
					 
					
						
						
							
							fix for a bug reported by ahmed@isecur1ty.org (UnicodeDecodeError: 'ascii' codec can't decode byte 0x84 in position 396: ordinal not in range(128)) for multipartpost  
						
						
						
					 
					
						2011-04-29 16:56:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6bb4dce3aa 
							
						 
					 
					
						
						
							
							minor refactoring  
						
						
						
					 
					
						2011-04-29 15:22:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a2bb0d72e8 
							
						 
					 
					
						
						
							
							fix for a bug reported by rdsears@mtu.edu (TypeError: expected string or buffer)  
						
						
						
					 
					
						2011-04-29 14:40:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a6015b59df 
							
						 
					 
					
						
						
							
							fix for a bug reported by jaccovantuijl@gmail.com (entries = zip(*[entries[colName] for colName in colList]))  
						
						
						
					 
					
						2011-04-29 14:33:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9927f5a7db 
							
						 
					 
					
						
						
							
							Let --schema work also for Sybase and MaxDB  
						
						
						
					 
					
						2011-04-29 00:02:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							edac0b2558 
							
						 
					 
					
						
						
							
							Added switch --schema to enumerate DBMS schema and now --columns does not require a mandatory table (-T) anymore, instead it will act as an alias for --schema  
						
						
						
					 
					
						2011-04-28 23:59:00 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d3ed3268c3 
							
						 
					 
					
						
						
							
							minor adjustments  
						
						
						
					 
					
						2011-04-28 21:17:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8e63e1b70d 
							
						 
					 
					
						
						
							
							more people to thanks  
						
						
						
					 
					
						2011-04-28 21:15:15 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3e66dae103 
							
						 
					 
					
						
						
							
							as we don't use UPX anymore..  
						
						
						
					 
					
						2011-04-28 20:54:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							441c288dd9 
							
						 
					 
					
						
						
							
							cosmeticados  
						
						
						
					 
					
						2011-04-25 00:36:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							98f9f3e774 
							
						 
					 
					
						
						
							
							Minor bug fix in local shellcodeexec for Windows path  
						
						
						
					 
					
						2011-04-25 00:03:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e35f25b2cb 
							
						 
					 
					
						
						
							
							Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:  
						
						... 
						
						
						
						* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec .
Minor code refactoring. 
						
					 
					
						2011-04-24 23:01:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0a534dee5 
							
						 
					 
					
						
						
							
							Do not even prompt for ICMP tunnel if the target OS is not Windows  
						
						
						
					 
					
						2011-04-23 21:57:07 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d0dff82ce0 
							
						 
					 
					
						
						
							
							Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch  
						
						
						
					 
					
						2011-04-23 16:25:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							75142b383d 
							
						 
					 
					
						
						
							
							huge speed up (4x times faster)  
						
						
						
					 
					
						2011-04-22 21:00:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f88aa4b165 
							
						 
					 
					
						
						
							
							implemented suppressResumeInfo mechanism (huge slowdown on large tables)  
						
						
						
					 
					
						2011-04-22 19:58:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							493b9adf8e 
							
						 
					 
					
						
						
							
							speed up of resume values (compiled regexes used)  
						
						
						
					 
					
						2011-04-22 19:27:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7b3b9e6a87 
							
						 
					 
					
						
						
							
							it seems that this was indeed not meant to be here  
						
						
						
					 
					
						2011-04-22 15:07:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							304500a2e8 
							
						 
					 
					
						
						
							
							implemented checkFalsePositives method (simple Turing like tests)  
						
						
						
					 
					
						2011-04-22 12:24:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7df954dd9f 
							
						 
					 
					
						
						
							
							paranoy  
						
						
						
					 
					
						2011-04-21 23:41:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0764c4c752 
							
						 
					 
					
						
						
							
							parenthesis were missing; banning OR NOT from payloads  
						
						
						
					 
					
						2011-04-21 23:32:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							41924a6ead 
							
						 
					 
					
						
						
							
							fix for a bug reported by saccurso@skygear.com.ar (UnicodeDecodeError: 'ascii' codec can't decode byte 0xe9 in position 0: ordinal  
						
						... 
						
						
						
						not in range(128)) 
						
					 
					
						2011-04-21 23:17:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1d61611145 
							
						 
					 
					
						
						
							
							leftover  
						
						
						
					 
					
						2011-04-21 22:46:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f3088079c0 
							
						 
					 
					
						
						
							
							error message adjustment  
						
						
						
					 
					
						2011-04-21 22:31:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							eabb5a2ba7 
							
						 
					 
					
						
						
							
							More adjustments to the error message when no sql injections are detected  
						
						
						
					 
					
						2011-04-21 22:04:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6d07dddf60 
							
						 
					 
					
						
						
							
							updated doc and minor layout adjustments  
						
						
						
					 
					
						2011-04-21 21:53:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							06a00fe85e 
							
						 
					 
					
						
						
							
							For development version, print also the revision number in the banner  
						
						
						
					 
					
						2011-04-21 21:34:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							770b1523ff 
							
						 
					 
					
						
						
							
							More verbose output when no SQL injections are detected  
						
						
						
					 
					
						2011-04-21 21:31:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							edc2d75702 
							
						 
					 
					
						
						
							
							Cosmetics and major bug fix  
						
						
						
					 
					
						2011-04-21 21:15:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							870f773d70 
							
						 
					 
					
						
						
							
							In some old versions of MySQL (perhaps others DBMS too) the NOT clause is not supported, hence we need also OR tests without NOT - tested and works like this  
						
						
						
					 
					
						2011-04-21 20:36:50 +00:00