Commit Graph

1532 Commits

Author SHA1 Message Date
Miroslav Stampar
2af8835a94 fix for a bug reported by ToR (origValue = paramDict[kb.injection.parameter] -> KeyError in resume with missing injection parameter) 2010-12-07 10:57:32 +00:00
Miroslav Stampar
3d87489de5 minor update 2010-12-07 08:05:03 +00:00
Miroslav Stampar
0da1ebde7d introducing PostgreSQL time based blind 2010-12-07 00:51:14 +00:00
Miroslav Stampar
61f82fd274 introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic 2010-12-07 00:27:26 +00:00
Miroslav Stampar
2735848ab6 removed ERROR_SPACE 2010-12-06 22:40:07 +00:00
Miroslav Stampar
9ccc8f90a3 minor cosmetic update ("heuristics shows" is not grammatically correct) 2010-12-06 18:47:22 +00:00
Miroslav Stampar
d336f1df23 minor update 2010-12-06 18:44:42 +00:00
Miroslav Stampar
d77ddbee47 OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND) 2010-12-06 18:20:57 +00:00
Miroslav Stampar
27ee9a5ccf minor refactoring 2010-12-06 15:50:19 +00:00
Miroslav Stampar
e8be14e00a minor refactoring 2010-12-06 07:48:14 +00:00
Miroslav Stampar
a43d252ae9 minor update 2010-12-06 00:14:08 +00:00
Miroslav Stampar
5189f138d7 increasing socket timeout in case of time based checks 2010-12-05 23:18:16 +00:00
Bernardo Damele
17449754fe Got rid of UNION false cond 2010-12-05 16:16:15 +00:00
Bernardo Damele
da3fd17fc3 Adjustment to make it work also in OR based injection 2010-12-05 12:24:23 +00:00
Bernardo Damele
41e1b95c6c Minor code refactoring and finally make exploitation work also on OR boolean-based injections 2010-12-05 11:25:44 +00:00
Miroslav Stampar
7a5cd3b35f minor comment update 2010-12-05 11:15:09 +00:00
Bernardo Damele
618b3b0211 Cosmetics 2010-12-05 11:05:57 +00:00
Miroslav Stampar
9e5f933ace some updates 2010-12-04 15:47:02 +00:00
Miroslav Stampar
3f9450b9dc minor fix 2010-12-04 14:43:35 +00:00
Miroslav Stampar
1f795622b3 some fine tuning of dynamicity removing engine 2010-12-04 13:39:35 +00:00
Miroslav Stampar
eeb199375b usage of compiled regexes in case of dynamic markings and other refactoring 2010-12-04 13:23:28 +00:00
Miroslav Stampar
0fc7a8f9e8 code refactoring 2010-12-04 10:13:18 +00:00
Miroslav Stampar
04714374f9 now you can use kb.pageTemplate to set a page which will be used as a template in comparison process (at least in '-[RANDNUM] OR' cases we'll need to use different template(s)) 2010-12-04 10:05:18 +00:00
Miroslav Stampar
b3a094b9d6 fix for a bug reported by ToR (when resuming: queries[kb.dbms] -> KeyError: u'mysql') 2010-12-03 22:44:29 +00:00
Miroslav Stampar
5764816891 minor cosmetics 2010-12-03 22:28:09 +00:00
Bernardo Damele
5d37df6104 Ugly code to set the cookies when got them from a 302 redirect too 2010-12-03 17:41:10 +00:00
Bernardo Damele
9d55c4da87 Done with support for injection in ORDER BY and GROUP BY (hopefully) 2010-12-03 16:12:47 +00:00
Bernardo Damele
91c3cf8fd0 Minor improvement 2010-12-03 16:11:57 +00:00
Bernardo Damele
0e6359ab6e Minor layout adjustment 2010-12-03 16:11:35 +00:00
Bernardo Damele
6e73adec47 Get rid of one useless attribute 2010-12-03 16:11:13 +00:00
Bernardo Damele
126a1479d8 Bug fix for --union-test 2010-12-03 14:57:30 +00:00
Bernardo Damele
11058667e4 Better naming 2010-12-03 14:45:13 +00:00
Bernardo Damele
b824826a89 Minor enhancement to prefix payload in ORDER BY and GROUP BY clauses 2010-12-03 14:39:51 +00:00
Bernardo Damele
bb40ab9fb0 Major bug fix for default boolean-based vector still work and minor adjustments 2010-12-03 14:31:11 +00:00
Miroslav Stampar
612ee08a0b added response time kb attribute 2010-12-03 13:19:34 +00:00
Bernardo Damele
4dec049c22 Major bug fix for test on ORDER BY and GROUP BY clauses.
Minor bug fix to skip following tests if they do not match any of the clause previously identified (injection.clause value).
2010-12-03 12:00:03 +00:00
Bernardo Damele
827a0aea05 Minor bug fix 2010-12-03 11:15:11 +00:00
Bernardo Damele
7690aa85ce Added a comment needed to understand this hack when looking at the code in a month or so ;) 2010-12-03 11:00:41 +00:00
Bernardo Damele
a9d4b37987 Code cleanup and minor refactoring 2010-12-03 10:51:27 +00:00
Bernardo Damele
22de82634a Important update to parse correctly the <where> tag during exploitation phase.
Minor code cleanup.
2010-12-03 10:44:16 +00:00
Bernardo Damele
7d6f51f758 Avoid blank space between prefix and test's payload if it's a stacked queries test 2010-12-03 10:42:46 +00:00
Bernardo Damele
b0928e02c6 Proper comment 2010-12-03 10:39:36 +00:00
Miroslav Stampar
2cc167a42e fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'" 2010-12-02 18:57:43 +00:00
Bernardo Damele
283a04e29a On my way to properly parse test's <where> tag in exploitation phase 2010-12-01 23:32:58 +00:00
Bernardo Damele
09b265a1ea Got rid of conf.logic for the moment, haven't decided yet what to do with parenthesis check 2010-12-01 23:32:02 +00:00
Bernardo Damele
47f2d22181 Minor bug fix 2010-12-01 17:18:31 +00:00
Bernardo Damele
089c16a1b8 Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type.
Removed some useless tests.
Moved <error> from queries.xml to payloads.xml as it makes more sense.
Beeps at sql inj found only if --beep is provided.
Minor fix in order to be able to pickle advancedDict() objects.
Minor code refactoring.
Removed useless folders.
2010-12-01 17:09:52 +00:00
Bernardo Damele
c00ea7f5e5 Store and resume also UNION char to session file (--union-char) 2010-12-01 10:59:58 +00:00
Bernardo Damele
025361c970 Higher precedence to union query sql inj than error-based 2010-12-01 10:57:17 +00:00
Bernardo Damele
56d2b2f322 Avoid storing to session file also payload delimiters 2010-12-01 10:55:59 +00:00
Bernardo Damele
2708aad504 Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests. 2010-12-01 10:31:50 +00:00
Bernardo Damele
8d84dcc5dc More sense 2010-12-01 09:17:17 +00:00
Bernardo Damele
c8f943f5e4 Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.
Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file.
2010-11-30 22:40:25 +00:00
Miroslav Stampar
fcdebbd55f cosmeticados 2010-11-30 14:48:13 +00:00
Miroslav Stampar
47a7708950 minor improvement of dynamic content detection/removal part 2010-11-30 12:45:42 +00:00
Bernardo Damele
8b9706656e Got rid of unreliable 'ORDER BY' technique to detect UNION query SQL injection, consequently switch --union-tech has gone now.
Minor code refactoring too.
2010-11-29 17:18:38 +00:00
Bernardo Damele
e9291932e5 Apply --level also to User-Agent (level >= 4) and Cookie (level >= 3).
GET and POST parameters are always tested.
2010-11-29 16:33:20 +00:00
Miroslav Stampar
e735f2960a minor update 2010-11-29 15:25:45 +00:00
Bernardo Damele
c76d740a25 just a precaution 2010-11-29 15:21:56 +00:00
Miroslav Stampar
70e87d959e update of dynamicity engine 2010-11-29 15:14:49 +00:00
Bernardo Damele
ee4e04ebca Minor adjustment 2010-11-29 15:09:40 +00:00
Bernardo Damele
2efb3b78ea Consider also --dbms value during the detection phase 2010-11-29 14:48:07 +00:00
Miroslav Stampar
be6df7abd9 improvement of dynamicity engine 2010-11-29 14:30:57 +00:00
Bernardo Damele
76ce9cc888 Minor bug fix for --forms 2010-11-29 12:46:18 +00:00
Bernardo Damele
6525e08d6b Minor adjustment to detect the proper parameter type based upon --prefix and --suffix values 2010-11-29 12:13:42 +00:00
Bernardo Damele
c22338ce90 Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more). 2010-11-29 11:47:58 +00:00
Bernardo Damele
e8c6c01e27 precaution 2010-11-29 09:54:30 +00:00
Bernardo Damele
9d7087e2ff Proper saving and resuming when more than a parameter are injectable.
Minor bug fix to --stacked-test
Minor code refactoring.
2010-11-29 01:04:42 +00:00
Bernardo Damele
75f7df75b6 Minor fix 2010-11-28 23:33:51 +00:00
Bernardo Damele
472f4465a6 Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase.
Minor bug fix to properly handle the case that no injections are found.
Nicer display of injection vulnerabilities detected.
Minor code refactoring.
2010-11-28 21:27:47 +00:00
Bernardo Damele
7e3b24afe6 Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.
All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 18:10:54 +00:00
Miroslav Stampar
6712f4da55 some refactoring and one less request for aspx maintanance during --os-shell 2010-11-24 14:20:43 +00:00
Bernardo Damele
253eafb643 paranoid cosmetics 2010-11-24 12:03:01 +00:00
Miroslav Stampar
b2b521fc8a gready regex bastard :) 2010-11-24 12:01:36 +00:00
Miroslav Stampar
9579a97039 now ASPX works too for --os-shell 2010-11-24 11:38:27 +00:00
Miroslav Stampar
c54c9ee5d1 minor update 2010-11-23 22:33:00 +00:00
Miroslav Stampar
57ad59206b cosmetics as it's best 2010-11-23 22:09:10 +00:00
Miroslav Stampar
7a147041c4 cosmetics 2010-11-23 21:44:58 +00:00
Miroslav Stampar
f4f0bc9db3 minor fix 2010-11-23 21:17:01 +00:00
Miroslav Stampar
f9f076ba97 code refactoring 2010-11-23 21:00:42 +00:00
Miroslav Stampar
7877a931d5 more cosmetics regarding dictionary attack 2010-11-23 20:54:40 +00:00
Miroslav Stampar
e3b3e05748 minor update 2010-11-23 19:21:30 +00:00
Miroslav Stampar
0d24a15182 more cosmetics 2010-11-23 19:10:34 +00:00
Miroslav Stampar
836a1c214a los cosmeticados (of hash dictionary attack) 2010-11-23 18:57:00 +00:00
Miroslav Stampar
c4414df594 minor update 2010-11-23 15:33:13 +00:00
Miroslav Stampar
78024eafe0 little precaution 2010-11-23 15:31:23 +00:00
Miroslav Stampar
4af000e699 minor language update (in testing phase "used" is more preferable than "provided") 2010-11-23 15:11:15 +00:00
Miroslav Stampar
b41ee8d0d0 minor refactoring 2010-11-23 14:57:36 +00:00
Miroslav Stampar
aa5d038f18 more code refactoring 2010-11-23 14:50:47 +00:00
Miroslav Stampar
3cae76627c code refactoring regarding dictionary attack 2010-11-23 13:58:01 +00:00
Miroslav Stampar
ba4ea32603 first working version of dictionary attack 2010-11-23 13:24:02 +00:00
Miroslav Stampar
c471b815cc fix for a bug reported by BugTrace (IndexError: list index out of range) 2010-11-22 10:58:08 +00:00
Miroslav Stampar
bfc9378542 sorry, even more proper naming should be like this (passwd is a standard naming for this kind of function(s)) 2010-11-20 13:22:59 +00:00
Miroslav Stampar
db59faedb9 more proper naming 2010-11-20 13:20:28 +00:00
Miroslav Stampar
1f8a9fe033 foundations for dictionary attack support combined with the sqlmap's password/hash retrieval functionality (--password switch) 2010-11-20 13:14:13 +00:00
Miroslav Stampar
71107e4e9e quick fix for google searches 2010-11-19 21:38:20 +00:00
Bernardo Damele
99a23e23cf Extra check on --union-cols value 2010-11-19 16:39:26 +00:00
Bernardo Damele
c23126547e Improved --union-cols to accept a range to test for union SQL injection. By default it is 1-20. 2010-11-19 15:48:24 +00:00
Bernardo Damele
ad17e9ed2a Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any) 2010-11-19 14:56:20 +00:00
Miroslav Stampar
df88280681 minor update of google regex (that * was a junky one) 2010-11-19 10:04:29 +00:00
Miroslav Stampar
e8bef28337 updating google parsing regex (for the better, of course) 2010-11-19 10:00:29 +00:00
Miroslav Stampar
d97e97d884 minor update :) 2010-11-19 09:02:44 +00:00
Bernardo Damele
4a9bd3a240 Finally a proper union query SQL injection test engine for --union-test. It does much more requests, but for god sake now it works well! 2010-11-18 17:55:43 +00:00
Bernardo Damele
544327379f Little precaution 2010-11-18 14:32:52 +00:00
Bernardo Damele
f6a17cb1a8 Revert wrong fix 2010-11-18 10:41:06 +00:00
Bernardo Damele
17486e472a Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only! 2010-11-17 22:00:09 +00:00
Miroslav Stampar
ca5125bbe0 minor update related to r2401 2010-11-17 20:50:31 +00:00
Bernardo Damele
360aff7a4d sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle 2010-11-17 17:20:32 +00:00
Miroslav Stampar
a0df36beda when in multi target mode this should be done (another bug was reported by ToR for using "old" data - kb was not properly cleared) 2010-11-17 15:33:07 +00:00
Miroslav Stampar
17f0609263 minor bug fix 2010-11-17 13:29:57 +00:00
Miroslav Stampar
3d25071d06 another minor improvement regarding logging of http traffic 2010-11-17 12:16:48 +00:00
Miroslav Stampar
3e569a1693 minor update 2010-11-17 12:04:33 +00:00
Miroslav Stampar
2802923dbe some improvements regarding --os-shell web server application choice 2010-11-17 11:45:52 +00:00
Miroslav Stampar
5abbea4a9f fix for a bug reported by nightman (unknown charset 'null') 2010-11-17 09:57:32 +00:00
Miroslav Stampar
d757e4ae1c bug fix (when user manually sets web root, that same directory should be used as one of potentionaly default dirs) 2010-11-17 09:46:04 +00:00
Miroslav Stampar
bec152609a minor cosmetics and bug fix for Windows machines ('\\' is interpreted as \ and inside the script it can screw things up as it's a marker for a special character - thus '\\\\' is interpreted as \\ which represents special character \) 2010-11-17 09:33:05 +00:00
Miroslav Stampar
76c3f5768b cosmetics 2010-11-17 09:12:48 +00:00
Miroslav Stampar
2a8e270bef proper handling of carriage return character from Windows target machines 2010-11-16 15:11:03 +00:00
Miroslav Stampar
ab33651f96 minor bug fix for displaying text from windows machines (\r was interfering with normal dataToStdout behavior) 2010-11-16 15:02:22 +00:00
Miroslav Stampar
3487429eac minor cosmetics 2010-11-16 14:41:46 +00:00
Miroslav Stampar
3640dbf745 fix for --parse-errors (on IIS HTTP error is raised which need to be processed) 2010-11-16 14:33:30 +00:00
Miroslav Stampar
cccb565859 cosmetics 2010-11-16 14:11:32 +00:00
Miroslav Stampar
b9d9f18939 added General cmdline group 2010-11-16 14:09:09 +00:00
Miroslav Stampar
e7a66371f8 update regarding os shell-ing regarding JSP and ASPX 2010-11-16 13:46:46 +00:00
Miroslav Stampar
6232397129 minor update 2010-11-16 10:52:49 +00:00
Miroslav Stampar
6ef3846400 update regarding error parsing (and reporting) 2010-11-16 10:42:42 +00:00
Bernardo Damele
71cb982039 Another bug fix to --union-test 2010-11-15 21:42:56 +00:00
Miroslav Stampar
b3ad63b71e major bug fix (haven't applied dynamic content removal to the original comparison (conf.seqMatcher.a) page) 2010-11-15 14:59:37 +00:00
Miroslav Stampar
ff310475c8 some reporting update for --forms 2010-11-15 14:17:51 +00:00
Miroslav Stampar
20d6b9a5c1 minor fix 2010-11-15 12:24:32 +00:00
Miroslav Stampar
39c6c9f386 minor update 2010-11-15 12:19:22 +00:00
Miroslav Stampar
819085155e minor update/fix 2010-11-15 12:07:13 +00:00
Miroslav Stampar
c25c017c08 cosmetics regarding --forms 2010-11-15 11:50:33 +00:00
Miroslav Stampar
36c544f440 update (--forms acts now more like -g switch) 2010-11-15 11:34:57 +00:00
Bernardo Damele
5f46a549ba Cosmetics for --forms 2010-11-14 21:59:35 +00:00
Bernardo Damele
0bfc1b411a Another bug fix for --union-test 2010-11-14 15:39:57 +00:00
Miroslav Stampar
a0fb96816f fix for a bug reported by ToR (value += actVer) 2010-11-14 08:31:29 +00:00
Bernardo Damele
8d07272c82 Added --union-cols switch to specify the max number of columns to test for UNION query sql injection.
Now stores/resumes also the exact UNION payload to session file.
2010-11-13 23:24:41 +00:00
Bernardo Damele
df5dc10111 Major enhancement to --union-test check 2010-11-13 22:47:37 +00:00
Miroslav Stampar
84849316b3 improvement of heuristic check (now original value is included too) 2010-11-12 23:06:01 +00:00
Miroslav Stampar
06a872fc99 update/fix for an issue reported by nightman (IncompleteRead: IncompleteRead(1284 bytes read)) 2010-11-12 22:57:33 +00:00
Miroslav Stampar
27735b14df update (--string and --regex should be done regardless of wasLastRequestError) 2010-11-12 22:44:15 +00:00
Miroslav Stampar
0d66f101da fix for a bug reported by Bugtrace (--string "pengcheng_cui" and "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource" on False pages) 2010-11-12 22:29:33 +00:00
Bernardo Damele
a777d59870 Minor bug fix 2010-11-12 15:17:12 +00:00
Bernardo Damele
0a83a830d9 Properly handle both HTTPS and HTTP requests through proxy 2010-11-12 14:21:46 +00:00
Bernardo Damele
e1ef27f592 work-around to be able to pass in the -r request file the Host header, the ending string ":443" and so sqlmap will go over https 2010-11-12 12:25:02 +00:00
Bernardo Damele
9f53048ff4 Put a space always between the user's provided prefix and sqlmap payload 2010-11-12 11:48:26 +00:00
Miroslav Stampar
697b32554c fix for a bug "ordinal not in range(128)" reported by bugtrace 2010-11-12 11:48:25 +00:00
Bernardo Damele
f83dd2251b Properly save error-based enumerated data in session file, able to be resumed like with other techniques 2010-11-12 11:40:37 +00:00
Bernardo Damele
a34c1b287c Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL) 2010-11-12 11:33:11 +00:00
Bernardo Damele
8cec75656c Bug fix to properly save the match ratio only if numeric (to avoid also tracebacks when match is based on --string or --regexp) 2010-11-12 10:31:42 +00:00
Bernardo Damele
a14e4d9668 Referer does not have to be static, it's already a switch (--referer) so that user can specify it manually. 2010-11-12 10:16:39 +00:00
Bernardo Damele
66c82d72e4 Typo fix 2010-11-12 10:02:02 +00:00
Miroslav Stampar
42272ca78c minor update 2010-11-11 22:26:36 +00:00
Miroslav Stampar
8aefd0bbf7 improvement of --common-tables and --common-columns 2010-11-11 20:37:25 +00:00
Miroslav Stampar
2d872f850a quick fix 2010-11-11 19:54:54 +00:00
Miroslav Stampar
24238ccd0b re-renaming of brute force switches. this way is better. 2010-11-11 07:57:44 +00:00
Miroslav Stampar
96d88877ba bug fix (reported by ToR) 2010-11-10 19:44:51 +00:00
Miroslav Stampar
19c1bfa368 just a precaution (now i really need to go for a sleep) 2010-11-09 23:38:29 +00:00
Miroslav Stampar
88c00e61d3 another update 2010-11-09 23:35:37 +00:00
Miroslav Stampar
47720a43dd minor fix (while we've calculated conf.matchRation for stable pages, we've put a constant value (0.900) for dynamic ones - so putting (ratio - conf.matchRatio) > DIFF_TOLERANCE for dynamic pages too would just effectively increase it's value to 0.900 + DIFF_TOLERANCE (in our case to 0.950) which is too narrow space for True result) 2010-11-09 23:21:21 +00:00
Miroslav Stampar
5ebd5d935c another name change 2010-11-09 22:49:31 +00:00
Miroslav Stampar
06f00cf8c1 name change 2010-11-09 22:48:22 +00:00
Miroslav Stampar
6807fb04cc minor update 2010-11-09 22:44:23 +00:00
Miroslav Stampar
fef60d5cb7 some fixes :) 2010-11-09 22:32:05 +00:00
Bernardo Damele
1cc99e2247 Possible quick fix for missing of True/False comparison of stable-but-not-really pages 2010-11-09 21:39:58 +00:00
Bernardo Damele
2205099a5e Python stylish 2010-11-09 21:39:05 +00:00
Miroslav Stampar
cee888b613 tuning detection engine (None results from queryPage/comparison should not be treated as False in checkSqlInjection routine - None is returned when error is detected) 2010-11-09 19:14:55 +00:00
Miroslav Stampar
726825ca70 minor update 2010-11-09 16:59:36 +00:00
Miroslav Stampar
b43334165d update regarding brute forcing 2010-11-09 16:53:33 +00:00
Miroslav Stampar
a7fa8d4975 update regarding brute force retrieval of table names and table column names 2010-11-09 16:15:55 +00:00
Miroslav Stampar
7752b5efe9 minor update 2010-11-09 09:51:54 +00:00
Miroslav Stampar
4be0631161 refactoring of brute force techniques 2010-11-09 09:42:43 +00:00
Miroslav Stampar
221f976fbd minor update 2010-11-09 01:23:54 +00:00
Bernardo Damele
45ec8c169a Consistency between --*-test switches/output 2010-11-08 16:46:25 +00:00
Miroslav Stampar
fda8752dca revert of some HTTP headers handling 2010-11-08 13:26:45 +00:00
Bernardo Damele
78d7b17483 More replacements for refactoring.
Minor layout adjustments.
Alignment of conffile/optiondict/cmdline parameters.
2010-11-08 12:36:48 +00:00
Miroslav Stampar
eb999de0f1 added Range handler (dealing with 206 HTTP messages) 2010-11-08 12:26:13 +00:00
Miroslav Stampar
875781bf97 another minor fix 2010-11-08 11:55:56 +00:00
Miroslav Stampar
4a4a3051e5 fix 2010-11-08 11:39:07 +00:00
Miroslav Stampar
a3de10e3a2 new option -t 2010-11-08 11:22:47 +00:00
Miroslav Stampar
4e6d1b5118 added "Detection" part in help listing 2010-11-08 10:11:43 +00:00
Miroslav Stampar
0d0e2a2228 minor update 2010-11-08 09:49:57 +00:00
Miroslav Stampar
d551423379 further enum refactoring 2010-11-08 09:44:32 +00:00
Miroslav Stampar
862395ced1 further refactoring (all enumerations are now put into enums.py) 2010-11-08 09:20:02 +00:00
Miroslav Stampar
8e44aa605a refactoring regarding injection place (more left) 2010-11-08 08:02:36 +00:00
Miroslav Stampar
0482e02c37 minor optimization 2010-11-07 23:37:15 +00:00
Miroslav Stampar
4f346eab33 fix for resume from session 2010-11-07 23:25:53 +00:00
Bernardo Damele
ea1b0d31be Avoid displaying single retrieved character when --verbose > 2 2010-11-07 22:42:56 +00:00
Bernardo Damele
b6da946883 Added one new verbose level, -v 3 now shows the full injected payload.
Fixed also -d verbose output.
2010-11-07 22:34:29 +00:00
Bernardo Damele
a96467b3e2 Refactoring 2010-11-07 21:55:24 +00:00
Miroslav Stampar
7a6c086a27 setting direct query info output to same level as payload info (logger.DEBUG) 2010-11-07 21:42:36 +00:00
Miroslav Stampar
d3e7e89e60 major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces 2010-11-07 21:18:09 +00:00
Miroslav Stampar
620fa1c8fb trust me, i know what i am doing :) 2010-11-07 20:33:33 +00:00
Bernardo Damele
73e85bfc75 Minor bug fix: the --tamper scripts have to be provided from the highest to the lowest priority, if not, sqlmap will reverse-sort them automatically as per user's choice. Tested, works now 2010-11-07 16:24:44 +00:00
Bernardo Damele
4d81da6bc8 Cosmetics 2010-11-07 16:23:03 +00:00
Bernardo Damele
6716315a76 Minor bug fix to properly set the ratio just before the check for injection, not before the check for dynamicity 2010-11-07 15:45:26 +00:00
Bernardo Damele
9669dbdae1 Minor cosmetics and adjustments 2010-11-07 15:34:52 +00:00
Miroslav Stampar
afba26a53f tiny winy update 2010-11-07 09:00:45 +00:00
Miroslav Stampar
2b8c942b4a more update 2010-11-07 08:58:24 +00:00
Miroslav Stampar
00dfd55830 added powerful switch --longest-common for dealing with heavy dynamicity 2010-11-07 08:52:09 +00:00
Miroslav Stampar
16f52ab7ba cosmetic fix 2010-11-07 08:13:20 +00:00
Miroslav Stampar
8d93bdfa4b minor update (optimization) regarding -a switch 2010-11-07 08:11:56 +00:00
Miroslav Stampar
508b9cc763 dynamicity engine update 2010-11-07 00:12:00 +00:00
Miroslav Stampar
3619fc5127 minor update 2010-11-06 08:31:11 +00:00
Miroslav Stampar
06760182f1 cosmetics 2010-11-05 16:08:42 +00:00
Miroslav Stampar
9bc9302e58 minor fix 2010-11-05 16:03:12 +00:00
Miroslav Stampar
44435adc4a added some fancy Ctrl+C when having multiple targets 2010-11-05 15:59:25 +00:00
Miroslav Stampar
0e895fa512 update of dynamicity testing and few misc fixes 2010-11-05 13:14:12 +00:00
Miroslav Stampar
ef1809464d bug fix for that BadStatusLine (http://bugs.python.org/issue8450) 2010-11-05 11:58:20 +00:00
Miroslav Stampar
6295a59a30 minor update/fix 2010-11-05 11:39:35 +00:00
Miroslav Stampar
f3e3420677 fix for a bug reported by Marcos Mateos Garcia (ValueError) 2010-11-05 11:34:09 +00:00
Miroslav Stampar
5f7f4bf15b minor debug update (probably temporary) 2010-11-05 11:04:00 +00:00
Miroslav Stampar
3f0a443b83 some updates 2010-11-04 23:08:59 +00:00
Miroslav Stampar
29b7c5366c cosmetics 2010-11-04 17:22:33 +00:00
Miroslav Stampar
ad6b2e9c21 minor fix 2010-11-04 16:47:18 +00:00
Miroslav Stampar
e1cec8c02b fix for all that stable, dynamic mambo jambo :) 2010-11-04 16:44:34 +00:00
Miroslav Stampar
f1f7e0bfe0 fix for "unknown charset 'en_us'" (reported by ToR) 2010-11-04 13:56:01 +00:00
Miroslav Stampar
3aba0b1bec minor update 2010-11-04 12:51:04 +00:00
Miroslav Stampar
63af5444fd fix (NameError: global name 'DBMS' is not defined) 2010-11-04 12:47:34 +00:00
Bernardo Damele
91a3a582e8 Minor bug fix to avoid crash when running sqlmap behind a proxy server 2010-11-04 12:22:04 +00:00
Bernardo Damele
0e9515c540 Cosmetics 2010-11-04 12:21:06 +00:00
Miroslav Stampar
18aea251b3 added concept of tamper script priority 2010-11-04 10:29:40 +00:00
Miroslav Stampar
303359e8b1 refix 2010-11-04 09:34:04 +00:00
Miroslav Stampar
efe75aa8a3 added some debug messages 2010-11-04 09:18:32 +00:00
Bernardo Damele
b152b1a04d Cosmetics 2010-11-03 22:07:13 +00:00
Miroslav Stampar
71d0b1bcd7 several bug fixes 2010-11-03 21:51:36 +00:00
Miroslav Stampar
44678fa320 fix for a bug reported by ToR (TypeError: unsupported operand type(s) for *: 'float' and 'NoneType') 2010-11-03 12:40:11 +00:00
Miroslav Stampar
6adee3792a removed all trailing spaces from blank lines 2010-11-03 10:08:27 +00:00
Miroslav Stampar
cd0d4135ac implemented --banner for MaxDB and some minor fixes 2010-11-02 20:51:55 +00:00
Miroslav Stampar
861706fb31 fix for bug reported by ToR (unknown charset 'utf-8, text/html') 2010-11-02 18:01:10 +00:00
Bernardo Damele
c7c84c3089 Closes #111 (DECLARE/CHAR encode xp_cmdshell parameter in MSSQL). 2010-11-02 15:31:51 +00:00
Miroslav Stampar
70f6eab715 minor update 2010-11-02 12:08:28 +00:00
Miroslav Stampar
685a8e7d2c refactoring of hard coded dbms names 2010-11-02 11:59:24 +00:00
Miroslav Stampar
5269cb8c08 some code refactoring and beautification 2010-11-02 09:06:38 +00:00
Miroslav Stampar
13e93f564a one bug fix in dynamic content engine and some code refactoring 2010-11-02 07:32:08 +00:00
Miroslav Stampar
73b33ed765 fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic 2010-11-01 20:56:13 +00:00
Bernardo Damele
486a113560 Consolidate logger messages for --*-test switches 2010-10-31 16:58:38 +00:00
Bernardo Damele
46be570463 Proper HTTP version display 2010-10-31 15:41:28 +00:00
Bernardo Damele
f3cc41601c Added check on --first and --last values 2010-10-31 14:42:13 +00:00
Bernardo Damele
0ffffef088 Implemented --tamper for direct connection too (-d) 2010-10-31 14:22:32 +00:00
Bernardo Damele
65a0a8d285 Delegate urlencoding to agent.py only 2010-10-31 13:28:05 +00:00
Bernardo Damele
c7b374534b Minor cosmetics 2010-10-31 12:29:00 +00:00
Bernardo Damele
617edf7fc2 Minor bug fix 2010-10-31 12:24:19 +00:00
Bernardo Damele
fcada4df0f Removed debug print 2010-10-31 12:21:22 +00:00
Bernardo Damele
2a2f949275 Minor bug fix 2010-10-31 12:20:38 +00:00
Bernardo Damele
264247d318 revert of a stupid commit 2010-10-31 12:09:55 +00:00
Bernardo Damele
2fb059a644 Bug fix 2010-10-31 12:02:20 +00:00
Bernardo Damele
9d08cb3a6f Revert r2209 and minor code refactoring 2010-10-31 11:51:45 +00:00
Bernardo Damele
3eda4510e2 Properly encode the cookie 2010-10-31 11:26:33 +00:00
Bernardo Damele
3869ccebe8 Minor code refactoring 2010-10-31 11:17:51 +00:00
Bernardo Damele
6afc9bffaa Minor bug fix: there will always be only one pair of delimiters as we add it for each place 2010-10-31 11:09:29 +00:00
Bernardo Damele
3a48bee9b0 Minor code refactoring 2010-10-31 11:03:59 +00:00
Bernardo Damele
8cf0ebde1e Cosmetics 2010-10-29 23:00:48 +00:00
Miroslav Stampar
0125198210 minor fix 2010-10-29 21:19:28 +00:00
Miroslav Stampar
cbf38436f2 minor update 2010-10-29 16:15:23 +00:00
Miroslav Stampar
5a38ac7ea9 important update regarding (Bug #209) - probably more will be needed 2010-10-29 16:11:50 +00:00
Bernardo Damele
a0df231aa4 Avoid waiting 30 seconds when cleaning up the dbms and file system from sqlmap data 2010-10-29 13:09:53 +00:00
Miroslav Stampar
f7d42af046 some fixes regarding --check-payload 2010-10-29 11:00:23 +00:00
Bernardo Damele
b3b2c3864a Minor code refactoring 2010-10-29 10:51:09 +00:00
Miroslav Stampar
d75578c81f some update regarding common tables 2010-10-29 09:00:51 +00:00
Miroslav Stampar
895efd28a6 one more update regarding Bug #205 2010-10-28 23:22:13 +00:00
Miroslav Stampar
788eb8fb50 update regarding Bug #205 2010-10-28 22:59:51 +00:00
Bernardo Damele
4f8e9da1b6 Minor bug fix to properly delete sqlmap temporary files on the database server file system at shutdown.
Minor improvements at ICMPsh tunnel to cleanup properly the dbms at shutdown and avoid checking/writing sys_bineval() UDF as it's a PE and needs to be called by sys_exec() only.
Got rid of useless doubleslash param in delRemoteFile() method.
Major code refactoring to xp_cmdshell.py methods and parent calls.
2010-10-28 00:19:40 +00:00
Bernardo Damele
56c16cb471 Minor bug fixes and enhancements to ICMPsh tunnel 2010-10-27 23:01:17 +00:00
Bernardo Damele
a391be833b Implemented ICMP tunneling for out-of-band takeover (--os-pwn) as an alternative to TCP tunneling (Metasploit). It relies on icmpsh, the back-end dbms server has to be Windows as the icmpsh slave runs on Windows only for the moment. sqlmap needs to be executed as root to work. 2010-10-27 21:02:22 +00:00
Bernardo Damele
43de8247ac Code refactoring 2010-10-27 20:39:50 +00:00
Bernardo Damele
d554ffc0ae yes, I am quite paranoid with cosmetics 2010-10-27 10:37:54 +00:00
Miroslav Stampar
5cc1bd8a12 major fix for heuristic check 2010-10-27 08:27:31 +00:00
Miroslav Stampar
4d70f2c210 reverting back to 100 2010-10-26 15:42:54 +00:00
Miroslav Stampar
8211e6a2bd possible 2010-10-26 11:29:09 +00:00
Bernardo Damele
9b127e58d2 Adjusted for MySQL weirdness 2010-10-26 09:33:18 +00:00
Miroslav Stampar
8803096343 some update regarding beep() 2010-10-26 08:32:58 +00:00
Miroslav Stampar
b9ff91b6e9 update of beep 2010-10-26 06:30:27 +00:00
Miroslav Stampar
9ec9d223e1 minor 2010-10-26 06:08:40 +00:00
Bernardo Damele
f5904d0bc0 Major bug fix to --union-test 2010-10-25 23:39:55 +00:00
Bernardo Damele
7effd0c301 Cosmetics 2010-10-25 22:54:56 +00:00
Miroslav Stampar
73eea81b3a minor cosmetics 2010-10-25 19:45:53 +00:00
Miroslav Stampar
d7bf94d4d6 fix for --beep 2010-10-25 19:16:42 +00:00
Miroslav Stampar
228ac0cde5 refactoring regarding --check-payload 2010-10-25 18:38:54 +00:00
Bernardo Damele
7c343c2d67 Forgot 2010-10-25 16:34:43 +00:00
Bernardo Damele
debaf2215f Consistency between cmdline.py, optiondict.py and sqlmap.conf and got rid of --union-use switch 2010-10-25 15:54:45 +00:00
Miroslav Stampar
378653a1ec added IDS payload testing 2010-10-25 15:37:43 +00:00
Bernardo Damele
bdb9c37a7e Cosmetics 2010-10-25 15:17:59 +00:00
Bernardo Damele
215175e3b7 Minor code adjustments 2010-10-25 14:11:47 +00:00
Miroslav Stampar
24c5d7b313 code refactoring 2010-10-25 14:06:56 +00:00
Miroslav Stampar
9c94a233a1 conf.md5hash thrown out 2010-10-25 13:52:21 +00:00
Miroslav Stampar
9a3879feba keeping things neat and tidy 2010-10-25 12:33:49 +00:00
Miroslav Stampar
32728d14b7 fix for --union-use with --error-test 2010-10-25 12:25:29 +00:00
Miroslav Stampar
71543092b7 update regarding comparison engine 2010-10-25 12:00:59 +00:00
Miroslav Stampar
8df7c88174 implementation of a new dynamic content removal engine 2010-10-25 10:41:37 +00:00
Miroslav Stampar
db260c44d3 minor update 2010-10-24 22:25:05 +00:00
Miroslav Stampar
aa931efd4d several MySQL fixes/enhancements pointed out by Anton Mogilin 2010-10-24 22:05:14 +00:00
Miroslav Stampar
52f910f752 added --beep (tested on Windows and Linux; for now turned off) switch 2010-10-23 09:38:46 +00:00
Miroslav Stampar
98f5586b87 minor update 2010-10-23 08:05:24 +00:00
Miroslav Stampar
f1e2c1867f Cosmetics 2010-10-22 21:13:12 +00:00
Miroslav Stampar
2194d47782 setting conf.threads when -o switch is used 2010-10-22 19:10:45 +00:00
Miroslav Stampar
e6e48c5556 fix for Bug #204 2010-10-22 18:23:46 +00:00
Bernardo Damele
1288def3b7 Cosmetics 2010-10-22 14:23:14 +00:00
Miroslav Stampar
dec4d858b3 fix for Bug #207 2010-10-22 14:01:48 +00:00
Miroslav Stampar
1b2ec826bf misc fixes regarding new query retrieval format 2010-10-21 23:17:06 +00:00
Miroslav Stampar
a9b50a1e82 minor fix 2010-10-21 23:09:57 +00:00
Miroslav Stampar
bc79eec702 removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO) 2010-10-21 13:13:12 +00:00
Miroslav Stampar
be443c6947 refactoring regarding __START__,... 2010-10-21 09:51:07 +00:00
Miroslav Stampar
2668c95ef4 added default HTTP version used by httplib and urllib2 2010-10-21 09:10:07 +00:00
Bernardo Damele
7f1aa3b94f Removed unused imports 2010-10-20 22:48:51 +00:00
Bernardo Damele
c60edf7c17 Minor cosmetics 2010-10-20 22:43:02 +00:00
Bernardo Damele
d8bfa76dca Minor possible bug fix 2010-10-20 22:12:53 +00:00
Bernardo Damele
e73e06069b Minor code refactoring 2010-10-20 22:09:03 +00:00
Bernardo Damele
862cc9ac53 Minor cosmetic fixes 2010-10-20 21:58:33 +00:00
Bernardo Damele
3b5c5cc457 Minor possible bug fix 2010-10-20 21:49:05 +00:00
Bernardo Damele
f95098693f Removed unused functions 2010-10-20 21:16:28 +00:00
Bernardo Damele
430bb7478f Minor bug fix 2010-10-20 21:15:06 +00:00
Miroslav Stampar
34f70657ee fix for NULL values 2010-10-20 10:29:18 +00:00
Miroslav Stampar
00449f1402 fix/upgrade/chicken soup 2010-10-20 09:54:17 +00:00
Miroslav Stampar
e24bff0497 nice refactoring 2010-10-20 09:46:57 +00:00
Miroslav Stampar
5d3cbec457 no more regex. web server independent. 2010-10-20 09:35:46 +00:00
Miroslav Stampar
934adb5e8d code refactoring 2010-10-20 09:09:04 +00:00
Miroslav Stampar
b032fdbf74 added randInt to error injection vectors 2010-10-20 08:56:58 +00:00
Miroslav Stampar
dabbcf9e23 fix for that 'Subquery returns more than 1 row' 2010-10-20 08:50:05 +00:00
Miroslav Stampar
82f44989ce update of error based injection and bug fix for --roles on MSSQL server 2010-10-20 06:40:33 +00:00
Bernardo Damele
0817d1b78d Cosmetics 2010-10-19 23:09:30 +00:00
Miroslav Stampar
8776db872c minor refactoring 2010-10-19 23:05:24 +00:00
Miroslav Stampar
1b376c99a6 removed temp dictionary and replaced with kb.misc 2010-10-19 23:00:19 +00:00
Bernardo Damele
813f44da16 Minor bug fix for MSSQL connector --tables option 2010-10-19 22:11:17 +00:00
Miroslav Stampar
7927e97007 update 2010-10-19 18:34:57 +00:00
Miroslav Stampar
415524bd5a remove --error, now it's only --error-test (it needs to return True to be able to use it) 2010-10-19 18:34:14 +00:00
Miroslav Stampar
8d9201a3dc minor update 2010-10-19 18:23:21 +00:00
Miroslav Stampar
4009ef385e more update regarding error based injection support 2010-10-19 18:17:34 +00:00
Miroslav Stampar
b2e0b615f8 fix for that MySQL checking 2010-10-19 17:38:39 +00:00
Miroslav Stampar
34d7de1d46 cosmetics 2010-10-19 15:28:54 +00:00
Miroslav Stampar
d7622bb9cf major fix for MySQL error based injections 2010-10-19 15:17:16 +00:00
Miroslav Stampar
80505de15b now --users work on Oracle and Postgre (tested) 2010-10-19 14:56:57 +00:00
Miroslav Stampar
4bc541ec3c error based update 2010-10-19 14:47:13 +00:00
Miroslav Stampar
d0ebe428da i've left error flag 2010-10-19 14:12:34 +00:00
Miroslav Stampar
bf850af2d8 fix for Oracle error based query "space" problem 2010-10-19 14:10:09 +00:00
Miroslav Stampar
6a8b1046d4 first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py) 2010-10-19 12:02:04 +00:00
Miroslav Stampar
ccda92536f added header 2010-10-19 09:13:30 +00:00
Miroslav Stampar
264e0a6fda added support for displaying revision number at unhandled exception message 2010-10-19 08:55:14 +00:00
Miroslav Stampar
9a7fd29d4f using pushValue and popValue 2010-10-18 22:22:41 +00:00
Miroslav Stampar
a97319656c optimization - now if DBMS was detected by error based HTML parser, then it's moved at the first place for testing 2010-10-18 21:47:11 +00:00
Miroslav Stampar
729156e91c proper fix 2010-10-18 21:39:46 +00:00
Miroslav Stampar
3d5494845c minor bug fix 2010-10-18 21:32:50 +00:00
Miroslav Stampar
8b8fff41fe cosmetics (adding html parsed DBMS) regarding heuristic check 2010-10-18 12:11:16 +00:00
Bernardo Damele
1d74036ee3 Minor cosmetic fixes 2010-10-18 11:34:53 +00:00
Bernardo Damele
36bc410333 Minor bug fix 2010-10-18 09:50:23 +00:00
Miroslav Stampar
6b70dadfb2 minor cosmetics 2010-10-18 09:09:22 +00:00
Miroslav Stampar
149837ebf5 added the same for proxy authorization header 2010-10-18 09:02:56 +00:00
Miroslav Stampar
aaebb4336e fix for Bug #202 2010-10-18 08:54:08 +00:00
Bernardo Damele
683184cc8f Minor refactoring 2010-10-17 21:06:52 +00:00
Bernardo Damele
cd0fe8dde0 Updated sample configuration file and cmdline help 2010-10-17 00:07:53 +00:00
Bernardo Damele
64b9f94fcf Renamed --common-prediction switch to --predict-output 2010-10-16 23:50:13 +00:00
Bernardo Damele
f54c134d22 Minor adjustment 2010-10-16 22:43:05 +00:00
Bernardo Damele
6211915da5 Cosmetic fix 2010-10-16 22:31:16 +00:00
Bernardo Damele
7b71262de6 Cosmetic fix 2010-10-16 22:07:29 +00:00
Bernardo Damele
a2997a6dce Minor bug fix to --tamper 2010-10-16 21:55:34 +00:00
Bernardo Damele
2129935e06 Split character for tamper scripts (--tamper option) is now comma, not semi-colon.
Minor enhancement
2010-10-16 21:52:16 +00:00
Bernardo Damele
2dae934a2b Minor bug fixes, code refactoring and enhanced --tamper functionality 2010-10-16 21:33:15 +00:00
Bernardo Damele
84ed7f192a Cosmetic fixes 2010-10-16 15:10:48 +00:00
Miroslav Stampar
1336b97c2c removed --useBetween switch and added new tampering module ./tamper/between.py 2010-10-15 23:48:07 +00:00
Miroslav Stampar
1ae4d0fc2a added optimization group 2010-10-15 23:26:48 +00:00
Bernardo Damele
e7c8be1d45 Minor layout adjustments 2010-10-15 15:37:15 +00:00
Miroslav Stampar
c9f0c75030 removed --space (usage of tampering modules is now a prefered way to do it) 2010-10-15 12:52:33 +00:00
Miroslav Stampar
d0514d18ec removed that spaces from URI payloads 2010-10-15 12:49:03 +00:00
Bernardo Damele
bf56f8c63c Cosmetic fix 2010-10-15 12:46:41 +00:00
Miroslav Stampar
dcb9c2103a just in case update 2010-10-15 11:20:19 +00:00
Bernardo Damele
5f6d88a418 Minor comment 2010-10-15 11:17:17 +00:00
Miroslav Stampar
2fa8836c01 bug fix 2010-10-15 11:14:59 +00:00
Miroslav Stampar
d50684a057 added one more check 2010-10-15 11:05:50 +00:00
Miroslav Stampar
2b476e078c minor cosmetics 2010-10-15 10:36:29 +00:00
Bernardo Damele
a80f6110cd don't call variables 'file', it's a reserved word :) 2010-10-15 10:29:24 +00:00
Bernardo Damele
c5e385f77a More layout adjustments 2010-10-15 10:28:34 +00:00
Bernardo Damele
9fcab68700 Minor adjustments 2010-10-15 10:28:06 +00:00
Bernardo Damele
48cc8a308d More verbose messages on successful --null-connection 2010-10-15 10:24:54 +00:00
Miroslav Stampar
0f48dd6f73 fix for skipping non-GET urls 2010-10-15 09:54:29 +00:00
Miroslav Stampar
207bef7f19 fix for that SQLite3 vs SQLite2 issue 2010-10-15 09:39:41 +00:00
Miroslav Stampar
d0df8cdac9 fix for that duplicates 2010-10-15 00:34:16 +00:00
Miroslav Stampar
4f7f20b94f sorry, cosmetics 2010-10-14 23:18:29 +00:00
Bernardo Damele
1674142d82 Minor cosmetic fixes 2010-10-14 15:28:54 +00:00
Miroslav Stampar
2bbe0c9ba6 bug fix for Ctrl+C 2010-10-14 15:23:42 +00:00
Miroslav Stampar
8b48833136 large commit with copyright header modifications 2010-10-14 14:41:14 +00:00
Miroslav Stampar
f07608ef4d show static words in a sorted manner 2010-10-14 12:38:06 +00:00
Miroslav Stampar
162d01abed commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...) 2010-10-14 11:06:28 +00:00
Miroslav Stampar
7e1f784eaa cosmetic update 2010-10-14 06:00:10 +00:00
Miroslav Stampar
dc50543ea4 major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects) 2010-10-13 23:01:23 +00:00
Miroslav Stampar
36ef8ca575 bug fix 2010-10-13 22:42:48 +00:00
Miroslav Stampar
02a14d4c45 added Referer (part of Feature #37) 2010-10-13 22:08:09 +00:00
Miroslav Stampar
43a3ac2c3a some bug fixes 2010-10-13 20:54:18 +00:00
Miroslav Stampar
f700692c74 added missing files for Sybase 2010-10-13 18:55:17 +00:00
Miroslav Stampar
562df9c107 temporary fix (files left at home) 2010-10-13 07:39:48 +00:00
Miroslav Stampar
34580f56fc added --tamper option 2010-10-12 22:45:25 +00:00
Miroslav Stampar
9a08f7feb8 minor update 2010-10-12 20:01:59 +00:00
Miroslav Stampar
d2ec132469 added --text-only switch 2010-10-12 19:41:29 +00:00
Miroslav Stampar
f9f79ffbaf basic stuff for sybase 2010-10-12 19:05:12 +00:00
Miroslav Stampar
9ffa928783 added some user interaction when page is dynamic 2010-10-12 15:49:04 +00:00
Miroslav Stampar
b748e6ea44 minor update 2010-10-12 12:52:06 +00:00
Miroslav Stampar
73b77255e3 minor cosmetic update 2010-10-12 12:32:02 +00:00
Miroslav Stampar
6dcd05c39c minor update 2010-10-11 14:38:04 +00:00
Miroslav Stampar
e2bbfbe650 bug fix 2010-10-11 14:32:02 +00:00
Miroslav Stampar
1369529103 minor cosmetic update 2010-10-11 13:52:32 +00:00
Miroslav Stampar
43892cddbb some updates 2010-10-11 12:26:35 +00:00
Miroslav Stampar
8b0a132fa9 minor update 2010-10-11 11:47:07 +00:00
Miroslav Stampar
2198a60684 bug fix (reported by james@ev6.net) 2010-10-10 20:51:11 +00:00
Miroslav Stampar
7a5bb2b0d6 update 2010-10-10 19:50:10 +00:00
Miroslav Stampar
8fcad29bbf new feature --forms (still unfinished) 2010-10-10 18:56:43 +00:00
Miroslav Stampar
18d27cabc5 more changes 2010-10-07 15:34:17 +00:00
Miroslav Stampar
440ff639bb more refactoring 2010-10-07 14:05:34 +00:00
Miroslav Stampar
e80a66acc5 minor update 2010-10-07 12:21:59 +00:00
Miroslav Stampar
1e9ae40397 major refactoring 2010-10-07 12:12:26 +00:00
Miroslav Stampar
1bf8939e2f further updates 2010-10-06 22:43:04 +00:00
Miroslav Stampar
de6fa1247b moved injections to xml format 2010-10-06 22:29:52 +00:00
Miroslav Stampar
adf2231edb minor update 2010-10-06 13:38:03 +00:00
Miroslav Stampar
56dbf0038f minor update (for future implementation of more advanced error page logic) 2010-10-06 12:10:00 +00:00
Miroslav Stampar
cbe7c902c1 just a development start of an error based injection support 2010-10-04 13:05:51 +00:00
Miroslav Stampar
0ad8090ad8 fix for a google bug reported by Brandon E. 2010-10-01 08:03:39 +00:00
Miroslav Stampar
49915f3c33 minor update 2010-09-30 19:49:14 +00:00
Miroslav Stampar
8abcdae1b5 some update 2010-09-30 19:45:23 +00:00
Miroslav Stampar
87abec16bd probable fix for a bug reported by Prashant Jadhav 2010-09-30 18:52:33 +00:00
Miroslav Stampar
cf8e92699c changes regarding EXISTS feature 2010-09-30 12:35:45 +00:00
Miroslav Stampar
c6bf0e43af minor update 2010-09-27 13:41:18 +00:00
Miroslav Stampar
cf17debf79 changed connection message priority to critical (when verbose=0 it's displayed too) 2010-09-27 13:34:52 +00:00
Miroslav Stampar
3cd15960a0 more updates 2010-09-27 13:26:46 +00:00
Miroslav Stampar
1da672e3c5 added default="False" to "store_true" parameters as it's a prefered way by http://docs.python.org/library/optparse.html 2010-09-27 13:23:29 +00:00
Miroslav Stampar
3b9fe3e1c8 everything is ready for testing (smoke and live) 2010-09-27 11:20:48 +00:00
Miroslav Stampar
dc11ae0d65 update 2010-09-26 14:56:55 +00:00
Miroslav Stampar
35f35605df changes regarding Feature #160 2010-09-26 14:02:13 +00:00
Miroslav Stampar
99d9f9e624 update for smoke testing 2010-09-26 10:47:04 +00:00
Miroslav Stampar
2e5f269650 update regarding --space option 2010-09-24 22:35:32 +00:00
Miroslav Stampar
9cd5d3bde7 added new option --space 2010-09-24 21:59:03 +00:00
Miroslav Stampar
327bfcbe97 update regarding Feature #61 2010-09-24 14:34:05 +00:00
Miroslav Stampar
b6ff03690f update regarding Feature #61 2010-09-24 13:34:46 +00:00
Miroslav Stampar
abe1289016 minor update 2010-09-24 13:20:51 +00:00
Miroslav Stampar
48e0261e68 update for Feature #61 2010-09-24 13:19:35 +00:00
Miroslav Stampar
ff419f7384 more changes regarding path (URI) injection 2010-09-24 09:19:14 +00:00
Miroslav Stampar
e4925eb3dd update 2010-09-23 21:57:11 +00:00
Miroslav Stampar
13bb3a6212 minor update 2010-09-23 14:07:23 +00:00
Miroslav Stampar
927ad7bf13 update 2010-09-22 12:21:21 +00:00
Miroslav Stampar
da8ae5578b first commit regarding Feature #144 2010-09-22 11:56:35 +00:00
Miroslav Stampar
540a9b391f stripped some trailing spaces 2010-09-16 13:19:13 +00:00
Miroslav Stampar
8cf1aa6abe added keepAlive under -o switch too 2010-09-16 10:41:52 +00:00
Miroslav Stampar
4fd7db52dd minor update 2010-09-16 10:23:51 +00:00
Miroslav Stampar
6259114c02 added optimization switch (-o) 2010-09-16 10:12:53 +00:00
Miroslav Stampar
bfffd5e333 added --null-connection as an experimental option 2010-09-16 10:01:33 +00:00
Miroslav Stampar
975b96ae28 minor refactoring 2010-09-16 09:47:33 +00:00
Miroslav Stampar
1741801ade implementation of HEAD/Range methods 2010-09-16 09:32:09 +00:00
Miroslav Stampar
b745331974 added null connection check 2010-09-16 08:43:10 +00:00
Miroslav Stampar
ecd6b573f7 added method parameter to the queryPage function 2010-09-15 14:17:17 +00:00
Miroslav Stampar
9a72a25704 again minor update 2010-09-15 13:59:55 +00:00
Miroslav Stampar
76233ff5a3 added skeleton for live testing 2010-09-15 13:55:28 +00:00
Miroslav Stampar
53800ef65f more refactoring 2010-09-15 13:32:42 +00:00
Miroslav Stampar
abc12bc361 more refactoring 2010-09-15 13:28:56 +00:00
Miroslav Stampar
682872689a some more refactoring 2010-09-15 12:59:51 +00:00
Miroslav Stampar
91a0b5df3c minor update 2010-09-15 12:52:28 +00:00
Miroslav Stampar
b699f98cbb minor refactoring 2010-09-15 12:51:02 +00:00
Miroslav Stampar
34a8cd75e3 added support for setting HTTP method manualy 2010-09-15 12:45:41 +00:00
Miroslav Stampar
798ab4989b fix for a Bug #200 2010-09-14 10:35:01 +00:00
Miroslav Stampar
77a53228c5 changes regarding dynamic content recognition 2010-09-13 21:01:46 +00:00
Miroslav Stampar
c886659f82 fix 2010-09-13 15:24:56 +00:00
Miroslav Stampar
827cd1d56b minor fix 2010-09-13 15:22:29 +00:00
Miroslav Stampar
2350a3c74d minor change 2010-09-13 15:20:13 +00:00
Miroslav Stampar
cdc6bdcbe8 changes 2010-09-13 15:19:47 +00:00
Miroslav Stampar
19fb2e3dcf fix for Bug #165 2010-09-13 13:31:01 +00:00
Miroslav Stampar
61120b0bac minor comment added 2010-09-09 14:08:53 +00:00
Miroslav Stampar
53289c6a42 fix for bug reported by Marek Sarvas (unicode) 2010-09-09 14:03:45 +00:00
Miroslav Stampar
1b3d287a09 fix for a bug reported by shaohua pan (and one other bug) 2010-09-07 10:21:42 +00:00
Miroslav Stampar
27d76847fe fix for bug reported by Truong Duc Luong 2010-09-01 08:46:21 +00:00
Miroslav Stampar
e810fe7b0b no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions 2010-08-31 13:37:53 +00:00
Miroslav Stampar
f5953bacc0 fix for direct connection parsing (now on windows machines python sqlmap.py -d access://C:\testdb.mdb is valid, while before it wasn't) 2010-08-30 16:35:28 +00:00
Miroslav Stampar
48cc87f6a9 added support for fingerprinting SAP MaxDB (Issue 143) 2010-08-30 13:29:19 +00:00
Miroslav Stampar
436b7d82fb fixed a bug reported by Marek Sarvas 2010-08-22 08:52:15 +00:00
Miroslav Stampar
2cd8f31003 some doc test samples included 2010-08-20 21:27:47 +00:00
Miroslav Stampar
4edf6ebe00 update for smoke tests 2010-08-20 21:01:51 +00:00
Miroslav Stampar
8aa12db425 added option --proxy-cred for setting proxy credentials (Feature #195) 2010-08-18 22:45:00 +00:00
Miroslav Stampar
70197affa0 little update (--ratio has a bigger priority then resumed value) 2010-08-10 19:57:59 +00:00
Miroslav Stampar
057ec8a6b2 added --ratio option for direct manipulation of conf.matchRatio parameter 2010-08-10 19:53:29 +00:00
Miroslav Stampar
02523dbfb5 fix of fix 2010-08-09 22:13:56 +00:00
Miroslav Stampar
6eab7997d1 fix for bug reported by dragoun dash (TypeError: sequence item 0: expected string, NoneType found) 2010-08-08 22:25:33 +00:00
Miroslav Stampar
e0fe5d1504 bug fix for error reported by Marek Sarvas (error data) 2010-08-08 21:48:22 +00:00
Miroslav Stampar
0cab4a5355 fix for bug reported by m4l1c3 (UnicodeEncodeError) 2010-08-08 21:22:37 +00:00
Miroslav Stampar
8cb95583e3 some more adjustments 2010-07-30 12:59:44 +00:00
Miroslav Stampar
7dcc2031ac smoke test adjustments 2010-07-30 12:57:58 +00:00
Miroslav Stampar
092829c189 implemented basic smoke testing mechanism 2010-07-30 12:49:25 +00:00
Miroslav Stampar
28d9115373 fix for Feature #187 (Skip duplicates parameters in -g) 2010-07-29 20:01:04 +00:00
Miroslav Stampar
6a6ff09c9a fix for a bug reported by Marek Sarvas 2010-07-26 08:11:28 +00:00
Miroslav Stampar
c39d819dd2 fix for a resume bug reported by Augusto Urbieta 2010-07-20 08:13:02 +00:00
Miroslav Stampar
d2f88b6ebe detecting infinite redirect loops (Feature #192) 2010-07-19 12:38:30 +00:00
Miroslav Stampar
b37dca1c2c minor adjustment 2010-07-19 09:06:19 +00:00
Miroslav Stampar
9edd468caf multithreading save to session on abort 2010-07-19 08:37:45 +00:00
Miroslav Stampar
48a67d6d51 fix for "unknown charset 'windows-874'" reported by Phat R. 2010-07-15 08:44:42 +00:00
Bernardo Damele
49af0c43a5 Forgot 2010-07-01 15:26:18 +00:00
Bernardo Damele
7349f3a70f Closes #197 2010-07-01 15:25:57 +00:00
Miroslav Stampar
bb9401ba52 minor minor fixup 2010-07-01 14:14:43 +00:00
Miroslav Stampar
9d28ae23ca fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval) 2010-07-01 14:11:45 +00:00
Bernardo Damele
8dfe08a353 Minor bug fix to -d 2010-07-01 10:44:31 +00:00
Miroslav Stampar
0d08903bc3 some charset fix up 2010-06-30 12:09:33 +00:00
Bernardo Damele
24428c1a1b Added warning message if both --proxy and --keep-alive are provided 2010-06-30 11:41:42 +00:00
Bernardo Damele
d40a238335 Make --keep-alive public 2010-06-30 11:29:35 +00:00
Bernardo Damele
8625763c07 Minor code refactoring 2010-06-30 11:22:25 +00:00
Bernardo Damele
c33f3ef844 Minor adjustment to HTTP headers handling 2010-06-29 23:51:44 +00:00
Bernardo Damele
fb9f669544 More verbose comments 2010-06-29 21:10:33 +00:00
Bernardo Damele
8576817a2b Added support for SOAP requests: fixed, extended and tested a user's patch - closes #196. 2010-06-29 21:07:23 +00:00
Bernardo Damele
ea45d75f2d Major bug fix to parse and store all HTTP headers from the request file (-r) 2010-06-29 21:06:03 +00:00
Bernardo Damele
7cad3cbda6 Minor code refactoring 2010-06-28 13:47:20 +00:00
Bernardo Damele
9ea72f9640 Minor bug fixes to -d 2010-06-25 13:24:43 +00:00
Miroslav Stampar
ccfc9b0fec fix for that bug linux man reported (UnicodeEncodeError inside raw_input) 2010-06-23 07:30:15 +00:00
Bernardo Damele
17e228024b Minor enhancements and bug fixes to "good samaritan" feature - see #4 2010-06-21 14:40:12 +00:00
Bernardo Damele
b98f6ac71c Minor layout adjustment 2010-06-17 13:27:43 +00:00
Bernardo Damele
fd76f048b6 Added common pattern value support to bisection algorithm 2010-06-17 11:38:32 +00:00
Bernardo Damele
9bce22683b Minor bug fix and adjustment to deal with Keep-Alive also against Google (-g) 2010-06-11 10:08:19 +00:00
Bernardo Damele
c23ea4c749 --keep-alive is not compatible with --proxy 2010-06-10 21:19:45 +00:00
Bernardo Damele
75dc44deb8 Minor adjustments 2010-06-10 15:34:28 +00:00
Miroslav Stampar
35642a0450 some more adjustments 2010-06-10 15:03:08 +00:00
Miroslav Stampar
1b30c46348 fix for an bug reported by David Guimaraes 2010-06-10 14:52:33 +00:00
Bernardo Damele
fea2414759 Display HTTP request in -v>=3 even if connection failed 2010-06-10 14:42:17 +00:00
Bernardo Damele
5bb8e154eb Minor code improvements 2010-06-10 14:15:32 +00:00
Bernardo Damele
d3c8e461cf Minor layout adjustments 2010-06-10 14:14:56 +00:00
Miroslav Stampar
ac55e1b75f fix for localhost firebird direct db access 2010-06-10 12:02:48 +00:00
Miroslav Stampar
36953221f8 few quick changes 2010-06-10 11:34:17 +00:00
Miroslav Stampar
c398353e06 support for loading 'faulty character set' session files 2010-06-09 16:07:47 +00:00
Miroslav Stampar
eaef068c90 major bug fix (different HTTP content charsets are now properly handled) 2010-06-09 14:40:36 +00:00
Miroslav Stampar
38e5e342f8 added prettyprint module with fixed toprettyxml() method 2010-06-07 09:03:03 +00:00
Miroslav Stampar
9e76b847b3 fix regarding bug discovered by Andreas Constantinides 2010-06-04 17:07:17 +00:00
Miroslav Stampar
7fbeebc4d9 grammar fix 2010-06-03 08:55:13 +00:00
Miroslav Stampar
464f171a8c added reusage of xml output and removed toprettyxml which has lots and lots of problems (output once stored is not usable any more from any xml parser/reader because it adds whitespaces all over the output just to be more 'human' readable) 2010-06-03 07:36:30 +00:00
Miroslav Stampar
bf071d33d2 some comments added 2010-06-02 15:18:33 +00:00
Miroslav Stampar
c470255c18 minor update 2010-06-02 14:56:39 +00:00
Miroslav Stampar
12a5ec9f3d more unicode refactoring 2010-06-02 12:45:40 +00:00
Miroslav Stampar
2fb8bf3b6a more dump/unicode cleanup 2010-06-02 12:31:36 +00:00
Bernardo Damele
64ad3b03be Minor bug fix 2010-06-02 11:01:41 +00:00
Miroslav Stampar
17e0e83990 minor unimportant update 2010-06-02 08:34:57 +00:00
Miroslav Stampar
32a0ba9296 fixing unicode mess 2010-06-02 08:28:38 +00:00
Miroslav Stampar
eb94edc48c added keepalive module 2010-06-01 12:21:10 +00:00
Miroslav Stampar
af2f184464 some comments regarding inference.py 2010-05-31 15:20:20 +00:00
Bernardo Damele
6df2d98fc9 Minor bug fix in common.py goGoodSamaritan().
Minor code cleanup and adjustments.
2010-05-31 15:05:29 +00:00
Miroslav Stampar
db7ede96fd more updates/fixes 2010-05-31 11:11:53 +00:00
Miroslav Stampar
4bb5885413 some changes regarding --common-outputs feature 2010-05-31 09:41:41 +00:00
Miroslav Stampar
0450df8a77 added kb.cache for storing cached results (e.g. kb.cache.regex for storing compiled regular expressions and kb.cache.md5 for storing precalculated MD5 values during '--users --common-prediction' session) 2010-05-31 08:13:08 +00:00
Bernardo Damele
b798222dd7 Minor fixes 2010-05-30 14:53:13 +00:00
Bernardo Damele
8be91a98cc Minor bug fix and adjustment 2010-05-29 15:28:37 +00:00
Bernardo Damele
e98b049e7f Added unicode support also to PostgreSQL connector - see #184. 2010-05-29 11:46:41 +00:00
Bernardo Damele
89c721a451 More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files. 2010-05-29 10:10:28 +00:00
Bernardo Damele
84778f0e6c Minor fix, leave like this 2010-05-29 08:58:55 +00:00
Miroslav Stampar
a4155269c5 bug fix (unicode(unicode) results in “TypeError: decoding Unicode is not supported” (http://www.red-mercury.com/blog/eclectic-tech/python-mystery-of-the-day/) 2010-05-29 07:25:38 +00:00
Miroslav Stampar
d3e527aba3 minor update 2010-05-29 07:13:54 +00:00
Bernardo Damele
e811101dce Minor bug fix 2010-05-28 23:39:52 +00:00
Bernardo Damele
10521b68eb Major bug fix in multipartpost and minor adjustments elsewhere 2010-05-28 23:12:20 +00:00
Bernardo Damele
06af405efd Adapted and merged in patch to support XML output (-x switch) - still in beta.
Minor bug fixes and adjustments.
2010-05-28 16:43:04 +00:00
Bernardo Damele
a138dbe5f6 Minor bug fixes and code refactoring 2010-05-28 15:57:43 +00:00
Miroslav Stampar
919a8345d6 minor fix 2010-05-28 15:30:02 +00:00
Miroslav Stampar
ad3c425a18 quick fix 2010-05-28 15:26:55 +00:00