Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							382db1b67a 
							
						 
					 
					
						
						
							
							degrading Microsoft Access UNION tests for one level down (it really does take toooooo long to scan a site with no vulnerable parameters and normal level)  
						
						
						
					 
					
						2011-08-31 20:35:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d283e3eb3c 
							
						 
					 
					
						
						
							
							adding support for pre-WHERE injections  
						
						
						
					 
					
						2011-08-24 09:04:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							13eb20cea1 
							
						 
					 
					
						
						
							
							minor beautification  
						
						
						
					 
					
						2011-08-03 10:12:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2e20eb1a88 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2011-08-03 10:08:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b8e2d60bfa 
							
						 
					 
					
						
						
							
							Added MSSQL 2008 R2 signatures  
						
						
						
					 
					
						2011-07-24 23:42:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							48f580fb10 
							
						 
					 
					
						
						
							
							Minor adjustments to MSSQL fingerprint  
						
						
						
					 
					
						2011-07-24 23:30:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							99a0b62d0d 
							
						 
					 
					
						
						
							
							Minor adjustments  
						
						
						
					 
					
						2011-07-24 22:26:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ca83305b58 
							
						 
					 
					
						
						
							
							added MySQL updatexml error-based payload  
						
						
						
					 
					
						2011-07-24 21:08:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a89140e1ce 
							
						 
					 
					
						
						
							
							revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function)  
						
						
						
					 
					
						2011-07-23 06:07:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4cb9988243 
							
						 
					 
					
						
						
							
							quick fix  
						
						
						
					 
					
						2011-07-12 21:09:33 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c9ba58acb6 
							
						 
					 
					
						
						
							
							Moved MS Access UNION query tests after generic as generic test must identify MSSQL  
						
						
						
					 
					
						2011-07-11 09:47:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d31eb5ef7 
							
						 
					 
					
						
						
							
							cosmetics and also tested against testing env - works perfectly  
						
						
						
					 
					
						2011-07-10 09:07:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eb42cedf2a 
							
						 
					 
					
						
						
							
							adding extractvalue MySQL >= 5.1 error payload ( http://www.notsosecure.com/folder2/2010/06/29/mysql-exploitation-with-error-messages/ ) - untested (lack of particular ver for testing) and prone to level/risk adjustment  
						
						
						
					 
					
						2011-07-10 08:54:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93219b9e13 
							
						 
					 
					
						
						
							
							i've accidentally left table_schema removed while doing some tests. now it should be ok  
						
						
						
					 
					
						2011-07-08 10:24:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b5dd4d4a63 
							
						 
					 
					
						
						
							
							Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection  
						
						
						
					 
					
						2011-07-08 10:19:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c517e97a44 
							
						 
					 
					
						
						
							
							few fixes and minor cosmetics  
						
						
						
					 
					
						2011-07-08 06:02:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							067354b97f 
							
						 
					 
					
						
						
							
							Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access  
						
						
						
					 
					
						2011-07-07 13:20:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9eb683531d 
							
						 
					 
					
						
						
							
							Minor improvement at blind SQL inj technique for DB2  
						
						
						
					 
					
						2011-06-27 22:28:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							ed4cfbb6d2 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2011-06-27 08:58:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bedf16b88b 
							
						 
					 
					
						
						
							
							adding payloads for time-based injection on SAP MaxDB (heavy query)  
						
						
						
					 
					
						2011-06-26 23:46:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d0490cc4e7 
							
						 
					 
					
						
						
							
							adding payloads for time-based injection on DB2 (heavy query)  
						
						
						
					 
					
						2011-06-26 16:38:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							36c96ef796 
							
						 
					 
					
						
						
							
							Added DB2 support - patch provided by Sebastian Bittig  
						
						
						
					 
					
						2011-06-25 09:44:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b2e6cf3ed9 
							
						 
					 
					
						
						
							
							Enabled --search -C also for Oracle  
						
						
						
					 
					
						2011-06-24 14:34:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4188df0501 
							
						 
					 
					
						
						
							
							fixes for Sybase  
						
						
						
					 
					
						2011-06-15 18:49:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9f6b70f3f9 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2011-05-26 22:45:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0baf931669 
							
						 
					 
					
						
						
							
							real generic comment is "-- " not "--" (MySQL doesn't support "--")  
						
						
						
					 
					
						2011-05-24 09:16:21 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							171a4c389b 
							
						 
					 
					
						
						
							
							added MySQL >=4.1 <=5.0 error based WHERE/HAVING payload  
						
						
						
					 
					
						2011-05-23 06:24:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							939e6541d0 
							
						 
					 
					
						
						
							
							far safer way for dealing with error-based payloads on MySQL (no timeouts with .CHARACTER_SETS on testing platforms versus when used .TABLES)  
						
						
						
					 
					
						2011-05-19 23:36:51 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bd1b07fbc2 
							
						 
					 
					
						
						
							
							one more parameter replace payload for MySQL and rising level of GENERATE_SERIES for PostgreSQL  
						
						
						
					 
					
						2011-05-19 06:32:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7f086916c0 
							
						 
					 
					
						
						
							
							decent parameter replace payload for PostgreSQL (GENERATE_SERIES)  
						
						
						
					 
					
						2011-05-18 23:40:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e58d6d2e00 
							
						 
					 
					
						
						
							
							removing (CBRT(LN(0)) because it's nothing special compared to standard 1/0; also, removing parameter replacement with returned value 1 as it doesn't have much sense in comparison to origvalue one (which is far more stable and usable)  
						
						
						
					 
					
						2011-05-18 23:20:02 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe50d09cc8 
							
						 
					 
					
						
						
							
							added new payload for PostgreSQL (parameter replace)  
						
						
						
					 
					
						2011-05-18 23:01:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3a8309c4b0 
							
						 
					 
					
						
						
							
							Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches  
						
						
						
					 
					
						2011-05-10 15:34:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							aae140080e 
							
						 
					 
					
						
						
							
							SVN roll back, DB2 patch will be recommitted after testing:  
						
						... 
						
						
						
						$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD  https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847  . 
						
					 
					
						2011-05-06 10:27:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6e392b6054 
							
						 
					 
					
						
						
							
							applying contributed patch for DB2  
						
						
						
					 
					
						2011-05-06 09:30:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							36a9ddaacc 
							
						 
					 
					
						
						
							
							Minor bug fixes and code restyling for --privileges and --passwords  
						
						
						
					 
					
						2011-04-30 14:50:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7df954dd9f 
							
						 
					 
					
						
						
							
							paranoy  
						
						
						
					 
					
						2011-04-21 23:41:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0764c4c752 
							
						 
					 
					
						
						
							
							parenthesis were missing; banning OR NOT from payloads  
						
						
						
					 
					
						2011-04-21 23:32:53 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1d61611145 
							
						 
					 
					
						
						
							
							leftover  
						
						
						
					 
					
						2011-04-21 22:46:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							870f773d70 
							
						 
					 
					
						
						
							
							In some old versions of MySQL (perhaps others DBMS too) the NOT clause is not supported, hence we need also OR tests without NOT - tested and works like this  
						
						
						
					 
					
						2011-04-21 20:36:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							05a0e1d3b0 
							
						 
					 
					
						
						
							
							fix for a bug reported by m4l1c3 (TypeError: not all arguments converted during string formatting)  
						
						
						
					 
					
						2011-04-15 11:34:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							136e85abf3 
							
						 
					 
					
						
						
							
							little refresh of PHPIDS rules for --check-payload  
						
						
						
					 
					
						2011-04-11 15:37:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							75f286cf6d 
							
						 
					 
					
						
						
							
							minor update conformant to  http://dev.mysql.com/doc/refman/4.1/en/comments.html  
						
						
						
					 
					
						2011-04-10 23:41:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3177c6023d 
							
						 
					 
					
						
						
							
							lol. re-revert  
						
						
						
					 
					
						2011-04-10 23:30:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9ea4010508 
							
						 
					 
					
						
						
							
							Leave it as is :)  
						
						
						
					 
					
						2011-04-10 23:20:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3e680978a9 
							
						 
					 
					
						
						
							
							revert of that last commit (waiting for some better days)  
						
						
						
					 
					
						2011-04-10 23:18:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f532478a34 
							
						 
					 
					
						
						
							
							update of MySQL comments  
						
						
						
					 
					
						2011-04-10 23:08:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							af096b2c83 
							
						 
					 
					
						
						
							
							Leave it as is!!!  
						
						
						
					 
					
						2011-04-10 21:47:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d0cef21d9c 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2011-04-10 21:19:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6fa2fd139c 
							
						 
					 
					
						
						
							
							implemented support for __pivotDumpTable on MSSQL as normal tables tend to not play well with normal TOP 1 ..NOT IN..ORDER BY mechanism if the argument for ORDER BY is not the unique one (returns only number of rows equal to the number of distinct values for that field)  
						
						
						
					 
					
						2011-04-08 15:17:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							02eeeccd33 
							
						 
					 
					
						
						
							
							Added UNION query SQL injection tests also with a random number for columns (not only NULL)  
						
						
						
					 
					
						2011-04-07 13:39:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ca009e9fe2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-04-07 10:43:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							672abc27fd 
							
						 
					 
					
						
						
							
							minor adjustment of livetests for new flavor of --technique  
						
						
						
					 
					
						2011-04-07 10:41:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e27afef6be 
							
						 
					 
					
						
						
							
							minor update regarding --current-db on Oracle  
						
						
						
					 
					
						2011-04-01 15:56:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							60102209f6 
							
						 
					 
					
						
						
							
							quick fix for a bug reported by Kirill (AttributeError: 'NoneType' object has no attribute 'split')  
						
						
						
					 
					
						2011-04-01 11:14:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b7813f9e68 
							
						 
					 
					
						
						
							
							incrementing level for MySQL stacked payloads  
						
						
						
					 
					
						2011-03-29 07:31:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							86f93713d3 
							
						 
					 
					
						
						
							
							fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update  
						
						
						
					 
					
						2011-03-29 06:25:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73e5d20ade 
							
						 
					 
					
						
						
							
							bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries)  
						
						
						
					 
					
						2011-03-28 11:01:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5eb7787fc9 
							
						 
					 
					
						
						
							
							adding partial union cases to the live tests  
						
						
						
					 
					
						2011-03-25 15:56:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							670aa7f99b 
							
						 
					 
					
						
						
							
							update for live tests (added dumping of columns and table values)  
						
						
						
					 
					
						2011-03-25 15:37:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e80c9e08d8 
							
						 
					 
					
						
						
							
							minor update regarding --live-test  
						
						
						
					 
					
						2011-03-25 09:03:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							82ab4c8dc2 
							
						 
					 
					
						
						
							
							minor fix (ORDER BY 1 screws things up in blind mode)  
						
						
						
					 
					
						2011-03-24 14:19:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							06a5c39efe 
							
						 
					 
					
						
						
							
							fix related to the bug reported by Alone Shell  
						
						
						
					 
					
						2011-03-24 14:03:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cef2c0879d 
							
						 
					 
					
						
						
							
							adding live test cases for --technique=1 too  
						
						
						
					 
					
						2011-03-24 12:19:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							33c01726dd 
							
						 
					 
					
						
						
							
							adding basic live tests for MSSQL too  
						
						
						
					 
					
						2011-03-24 12:01:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2b15ad57c2 
							
						 
					 
					
						
						
							
							basic live tests against 3 major DBMSes  
						
						
						
					 
					
						2011-03-24 11:47:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b72cdfe9e6 
							
						 
					 
					
						
						
							
							fix for mssql regarding usage of schema names reported by jabra@spl0it.org  
						
						
						
					 
					
						2011-03-23 10:40:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b5c9ccb755 
							
						 
					 
					
						
						
							
							Oracle XML based error payload has problems with char $ as with space  
						
						
						
					 
					
						2011-03-21 13:13:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4889764114 
							
						 
					 
					
						
						
							
							minor update regarding last commit  
						
						
						
					 
					
						2011-03-21 11:40:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5291fe35c9 
							
						 
					 
					
						
						
							
							proper implementation of --dbs on Oracle (we are using now schema names as a counterpart to dbs in other DBMSes)  
						
						
						
					 
					
						2011-03-21 11:29:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0535225fe7 
							
						 
					 
					
						
						
							
							throwing out obsolete ORDER BY 1 from inband queries  
						
						
						
					 
					
						2011-03-16 14:18:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							eedd6a990d 
							
						 
					 
					
						
						
							
							removing space after , for our payloads  
						
						
						
					 
					
						2011-03-08 14:29:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3dc31f6273 
							
						 
					 
					
						
						
							
							removing spaces after , in our queries  
						
						
						
					 
					
						2011-03-08 14:07:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff9080de48 
							
						 
					 
					
						
						
							
							MaxDB always precalculates values for both TRUE and FALSE, hence we can't trick him to run any "faulty" command (e.g. 1/0). This payload is fairly ok because in case of FALSE --> something=NULL is always NULL  
						
						
						
					 
					
						2011-02-21 20:59:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							08697e60a9 
							
						 
					 
					
						
						
							
							added some Microsoft Access payloads  
						
						
						
					 
					
						2011-02-21 20:04:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3e8c204121 
							
						 
					 
					
						
						
							
							Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba  
						
						
						
					 
					
						2011-02-21 16:00:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68a95fd1b1 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-20 22:45:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aac817935a 
							
						 
					 
					
						
						
							
							further improvement of MaxDB support  
						
						
						
					 
					
						2011-02-20 22:41:42 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a3ba8b6928 
							
						 
					 
					
						
						
							
							--dump now works on MaxDB too  
						
						
						
					 
					
						2011-02-20 22:07:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							59e666d16e 
							
						 
					 
					
						
						
							
							--is-dba (related) update for Sybase  
						
						
						
					 
					
						2011-02-20 17:28:06 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							67ec691eb1 
							
						 
					 
					
						
						
							
							more updates regarding Sybase  
						
						
						
					 
					
						2011-02-20 16:28:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							823e4351b5 
							
						 
					 
					
						
						
							
							minor change  
						
						
						
					 
					
						2011-02-20 12:34:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f30dea74f3 
							
						 
					 
					
						
						
							
							more Sybase updates  
						
						
						
					 
					
						2011-02-19 18:36:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b71bb321dd 
							
						 
					 
					
						
						
							
							some more Sybase updates  
						
						
						
					 
					
						2011-02-19 18:04:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e0efe453ab 
							
						 
					 
					
						
						
							
							minor update regarding Sybase support  
						
						
						
					 
					
						2011-02-19 14:07:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5f4ffc9287 
							
						 
					 
					
						
						
							
							update regarding Sybase dumping  
						
						
						
					 
					
						2011-02-19 00:36:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5fb11fd173 
							
						 
					 
					
						
						
							
							update regarding multiple DBMS payloads  
						
						
						
					 
					
						2011-02-13 21:20:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							394ccb5cc5 
							
						 
					 
					
						
						
							
							Added query for MSSQL/--privileges  
						
						
						
					 
					
						2011-02-10 15:52:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5050a76b59 
							
						 
					 
					
						
						
							
							update regarding reading of table names from access system tables  
						
						
						
					 
					
						2011-02-09 10:33:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1a5a66870e 
							
						 
					 
					
						
						
							
							problem fixed  
						
						
						
					 
					
						2011-02-07 11:57:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7dcfcca87f 
							
						 
					 
					
						
						
							
							Tests' titles adjustments  
						
						
						
					 
					
						2011-02-06 23:17:39 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5ecb75cc56 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-06 15:14:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f754953c4f 
							
						 
					 
					
						
						
							
							reverting this one. spotted a major bug. dbms is not properly enforced at this moment, don't know why. if it was this would be properly encoded.  
						
						
						
					 
					
						2011-02-06 12:33:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							97f9c9d119 
							
						 
					 
					
						
						
							
							bug fix (playing with wavsep i've realized that we are sending in this payload quoted 'string' (causing problems), while MD5 also accepts integer values  
						
						
						
					 
					
						2011-02-06 12:24:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							27601babb4 
							
						 
					 
					
						
						
							
							Minor adjustments to levels of boundaries  
						
						
						
					 
					
						2011-02-04 11:57:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							76ab14f20f 
							
						 
					 
					
						
						
							
							revert of r3203  
						
						
						
					 
					
						2011-02-04 09:30:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							78d696fd4f 
							
						 
					 
					
						
						
							
							i believe that this one should be the first level 1 boundary  
						
						
						
					 
					
						2011-02-03 21:27:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							64f18724ad 
							
						 
					 
					
						
						
							
							new default UNION test(s) ranges  
						
						
						
					 
					
						2011-02-03 16:26:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4bb7ffcb3a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-02-03 13:18:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8397c526d8 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2011-01-31 21:20:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9eac97fe8 
							
						 
					 
					
						
						
							
							refactoring of MSSQL XML banner parsing  
						
						
						
					 
					
						2011-01-31 11:38:00 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							14de5809ea 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2011-01-31 11:08:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5aa958a146 
							
						 
					 
					
						
						
							
							ASCII & CHR is quite common, so removing this one  
						
						
						
					 
					
						2011-01-24 22:51:15 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a1619f84b6 
							
						 
					 
					
						
						
							
							changing level of last payload  
						
						
						
					 
					
						2011-01-24 22:31:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8155f95b82 
							
						 
					 
					
						
						
							
							new payload - PostgreSQL boolean-based blind - Parameter replace (based on CHR(0) - "SQL error: ERROR: null character not permitted")  
						
						
						
					 
					
						2011-01-24 22:28:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9f76468005 
							
						 
					 
					
						
						
							
							another premiere, yeeej. IDSes, watch yourself :)  
						
						
						
					 
					
						2011-01-24 21:30:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2fb0c946d2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 21:21:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							15645f50d4 
							
						 
					 
					
						
						
							
							world premiere :)  
						
						
						
					 
					
						2011-01-24 21:21:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440264341c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 17:43:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0eea5665b2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-24 17:41:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b0dc6c24eb 
							
						 
					 
					
						
						
							
							Moved  
						
						
						
					 
					
						2011-01-24 17:04:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c188996627 
							
						 
					 
					
						
						
							
							patch for possible query optimization (avoid precalculation of 1/0)  
						
						
						
					 
					
						2011-01-24 16:21:27 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							47fa600c04 
							
						 
					 
					
						
						
							
							Minor fix and cosmetics  
						
						
						
					 
					
						2011-01-24 11:12:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							db76bcb327 
							
						 
					 
					
						
						
							
							fix for cases when mixing ingres dbms with spanish word "ingresa"  
						
						
						
					 
					
						2011-01-23 11:19:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7bf05bf2cb 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-22 00:12:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d6d8d54eda 
							
						 
					 
					
						
						
							
							implemented Johannes Dahse / Reiners' technique  
						
						
						
					 
					
						2011-01-22 00:06:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0743202879 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-21 23:54:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cb0e7080c5 
							
						 
					 
					
						
						
							
							more appropriate name (on  http://websec.wordpress.com/  they use term "conditional" for something very similar, although not stacked)  
						
						
						
					 
					
						2011-01-21 23:47:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7c4c79477d 
							
						 
					 
					
						
						
							
							world premiere of "forced-error blind stacked" payloads (spent 3 hours on pgsql)  
						
						
						
					 
					
						2011-01-21 18:32:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							79e4b1efd5 
							
						 
					 
					
						
						
							
							added new signature for SQLite error messages  
						
						
						
					 
					
						2011-01-20 22:47:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6c490bfc8f 
							
						 
					 
					
						
						
							
							Avoid a traceback elsewhere  
						
						
						
					 
					
						2011-01-20 21:43:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7ce49bcf0d 
							
						 
					 
					
						
						
							
							Sorted boundaries so that the ones with parenthesis are tested first - it has to be like this!  
						
						... 
						
						
						
						Adjusted comments accordingly to new UNION-specific tags. 
						
					 
					
						2011-01-20 21:42:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f6d79f58bc 
							
						 
					 
					
						
						
							
							another fix (LIMIT is not a good idea to have in inband queries)  
						
						
						
					 
					
						2011-01-20 21:13:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff1a44c335 
							
						 
					 
					
						
						
							
							probably a fix for that SQLite bug reported by Ahmed Shawky  
						
						
						
					 
					
						2011-01-20 20:30:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a1d77737f5 
							
						 
					 
					
						
						
							
							minor grammar update (this should be a better form)  
						
						
						
					 
					
						2011-01-20 18:35:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							81be23976e 
							
						 
					 
					
						
						
							
							Confirmed HAVING payloads work as WHERE ones.  
						
						... 
						
						
						
						Changed <risk> value of all 'heavy query' tests to 2 as it can potentially lead to a DoS.
Proper handling of title for UNION tests when --union-char is provided. 
						
					 
					
						2011-01-18 22:55:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7d9b22510 
							
						 
					 
					
						
						
							
							because other major DBMSes have at least one level 1 time based payload  
						
						
						
					 
					
						2011-01-18 20:32:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bdcb10cdab 
							
						 
					 
					
						
						
							
							added MSSQL time based vector  
						
						
						
					 
					
						2011-01-18 02:05:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c2a358561f 
							
						 
					 
					
						
						
							
							Proper support for --union-cols  
						
						
						
					 
					
						2011-01-17 22:57:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb166e9445 
							
						 
					 
					
						
						
							
							adding USER_LOCK stacked query support for ORACLE (older versions)  
						
						
						
					 
					
						2011-01-16 10:31:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f31c028232 
							
						 
					 
					
						
						
							
							Oracle stacked vector based on DBMS_LOCK.SLEEP ( https://foro.undersecurity.net/read.php?46,1436 )  
						
						
						
					 
					
						2011-01-16 10:07:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1b3717c79c 
							
						 
					 
					
						
						
							
							Improvement to make time-based blind to work also against login forms  
						
						
						
					 
					
						2011-01-12 16:20:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d7a7993e0d 
							
						 
					 
					
						
						
							
							Minor comment fix  
						
						
						
					 
					
						2011-01-12 11:57:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2f5995a7eb 
							
						 
					 
					
						
						
							
							Added generic and mysql UNION tests from 1 to 25 columns.  
						
						... 
						
						
						
						Adapted config file and command line removing now outdated --union-test switch.
Minor bug fix.
Minor code refactoring.
Got rid of some debug messages, standardized logging of UNION tests. 
						
					 
					
						2011-01-11 22:56:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							300128042c 
							
						 
					 
					
						
						
							
							First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though.  
						
						... 
						
						
						
						Major refactoring to Agent.payload() method.
Minor bug fixes, some code refactoring and a lot of core adjustments here and there.
Added more checks for injection in GROUP BY and ORDER BY. 
						
					 
					
						2011-01-11 22:18:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c86ec374e 
							
						 
					 
					
						
						
							
							Code refactoring and cosmetics  
						
						
						
					 
					
						2011-01-07 15:41:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2efe7928c0 
							
						 
					 
					
						
						
							
							more concise than previously  
						
						
						
					 
					
						2011-01-02 17:06:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a56934e68b 
							
						 
					 
					
						
						
							
							one more MSSQL/ASPX error banner regex  
						
						
						
					 
					
						2011-01-02 15:36:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e6f0c4d857 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-02 15:32:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1d0dde769 
							
						 
					 
					
						
						
							
							added support for .NET banners ( http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx )  
						
						
						
					 
					
						2011-01-02 14:46:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93cb75ff65 
							
						 
					 
					
						
						
							
							added Nginx  
						
						
						
					 
					
						2011-01-02 08:50:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ded9798e3d 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-01-01 23:07:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c3065f6ecc 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-29 20:38:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							96c3ffd3d7 
							
						 
					 
					
						
						
							
							changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload  
						
						
						
					 
					
						2010-12-27 19:02:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2c8115eed9 
							
						 
					 
					
						
						
							
							further improvement for ms access table dumping  
						
						
						
					 
					
						2010-12-26 01:04:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb099615e2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-25 11:16:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							272476773f 
							
						 
					 
					
						
						
							
							getPageTextWordsSet on tableExists is pretty powerful stuff  
						
						
						
					 
					
						2010-12-25 09:37:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							706d8e0b88 
							
						 
					 
					
						
						
							
							development update (basic ms access dumping implemented)  
						
						
						
					 
					
						2010-12-24 19:53:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							edcf1a0872 
							
						 
					 
					
						
						
							
							few bug fixes  
						
						
						
					 
					
						2010-12-24 18:40:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3043ed095a 
							
						 
					 
					
						
						
							
							bug fix (those two regexes where too generic making false MS ACCESS positives here and there)  
						
						
						
					 
					
						2010-12-24 00:11:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a0aef0f33 
							
						 
					 
					
						
						
							
							fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server  
						
						
						
					 
					
						2010-12-23 09:53:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fc60215ed 
							
						 
					 
					
						
						
							
							lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.  
						
						
						
					 
					
						2010-12-22 19:12:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c9ab8ae60e 
							
						 
					 
					
						
						
							
							Bug fix to properly identify if current user is DBA (--is-dba) on MySQL  
						
						
						
					 
					
						2010-12-22 14:06:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e791f8f2b7 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2010-12-20 10:33:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bfdc4fa000 
							
						 
					 
					
						
						
							
							new error vector for MS SQL (from David Guimaraes' mail)  
						
						
						
					 
					
						2010-12-17 19:00:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3ee44584d4 
							
						 
					 
					
						
						
							
							i've found a way! thank you hesus! fyea (ASC(MID) was just crashing when MID returned 'empty string')  
						
						
						
					 
					
						2010-12-14 12:57:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							207f63cebc 
							
						 
					 
					
						
						
							
							Prepare for UNION query tests at detection phase  
						
						
						
					 
					
						2010-12-13 21:31:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							33639578ee 
							
						 
					 
					
						
						
							
							minor update for MS Access  
						
						
						
					 
					
						2010-12-12 15:25:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b1babeefe5 
							
						 
					 
					
						
						
							
							update regarding dumping of tables with blind on Sqlite  
						
						
						
					 
					
						2010-12-11 22:00:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							acc7d6d40c 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-12-11 11:03:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac9080c07b 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-11 08:24:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe2039f5ba 
							
						 
					 
					
						
						
							
							coollyy little commits  
						
						
						
					 
					
						2010-12-10 11:32:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7e2984b4b6 
							
						 
					 
					
						
						
							
							added stacked query support for Oracle  
						
						
						
					 
					
						2010-12-09 15:24:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4bb40c0a06 
							
						 
					 
					
						
						
							
							Higher the level for Oracle stacked tests just in case the SQL inj is within a PL/SQL function ('cause of no support for stacked queries by design on Oracle)  
						
						
						
					 
					
						2010-12-09 15:14:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d8edc5b244 
							
						 
					 
					
						
						
							
							adding stacked-query vector for Firebird  
						
						
						
					 
					
						2010-12-09 15:11:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							13b522efc2 
							
						 
					 
					
						
						
							
							Added error-based support for MySQL < 5.0 -  closes   #14  
						
						
						
					 
					
						2010-12-09 15:09:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5aafd19957 
							
						 
					 
					
						
						
							
							added vector for SQLite's stacked query payload  
						
						
						
					 
					
						2010-12-09 15:06:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71761ba9a5 
							
						 
					 
					
						
						
							
							another fix for another beautiful heavy query payload which took a few 100 megs and 5 mins to run  
						
						
						
					 
					
						2010-12-09 10:35:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							094baadc5b 
							
						 
					 
					
						
						
							
							bug fix (in SELECT based heavy queries COUNT(*) should be used; otherwise multiple row error happens without proper delay)  
						
						
						
					 
					
						2010-12-09 10:17:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b293c4ea7 
							
						 
					 
					
						
						
							
							Added possible stacked queries time-based blind vector for MSSQL  
						
						
						
					 
					
						2010-12-08 23:55:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f5ce739bdf 
							
						 
					 
					
						
						
							
							Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.  
						
						
						
					 
					
						2010-12-08 23:52:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							69c4f94980 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-08 15:40:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ad00fe13c1 
							
						 
					 
					
						
						
							
							another fix for MySQL time based payloads  
						
						
						
					 
					
						2010-12-08 12:00:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8227e6d3cf 
							
						 
					 
					
						
						
							
							bug fix for BENCHMARK time-based vectors  
						
						
						
					 
					
						2010-12-08 11:49:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8ff7c9a5a1 
							
						 
					 
					
						
						
							
							Works on Oracle's GROUP BY too  
						
						
						
					 
					
						2010-12-07 17:17:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f01d4c109 
							
						 
					 
					
						
						
							
							number crunching based time payloads are now affected by conf.timeSec  
						
						
						
					 
					
						2010-12-07 13:24:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d0936bc8ed 
							
						 
					 
					
						
						
							
							adding vectors for SQLite time-based payloads  
						
						
						
					 
					
						2010-12-07 13:14:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							54b8cb76a1 
							
						 
					 
					
						
						
							
							Messed up with my last merge, all fixed now  
						
						
						
					 
					
						2010-12-07 12:59:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b38a634d95 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-12-07 12:55:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7c32db6e9d 
							
						 
					 
					
						
						
							
							Forgot when merged with my last commit  
						
						
						
					 
					
						2010-12-07 12:52:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							acac0d346f 
							
						 
					 
					
						
						
							
							Minor bug fixes and adjustments  
						
						
						
					 
					
						2010-12-07 12:45:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2b2b7dc3a6 
							
						 
					 
					
						
						
							
							added vectors for time-based Firebird payloads  
						
						
						
					 
					
						2010-12-07 12:20:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							36a7fca8d5 
							
						 
					 
					
						
						
							
							added time-based payload vector for MSSQL  
						
						
						
					 
					
						2010-12-07 12:06:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							485981c619 
							
						 
					 
					
						
						
							
							added vectors for PostgresSQL time-based payloads  
						
						
						
					 
					
						2010-12-07 11:57:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9085e01e7 
							
						 
					 
					
						
						
							
							added vectors for Oracle time-based payloads  
						
						
						
					 
					
						2010-12-07 11:47:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3d87489de5 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-07 08:05:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							90b776c1a2 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-07 00:58:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0da1ebde7d 
							
						 
					 
					
						
						
							
							introducing PostgreSQL time based blind  
						
						
						
					 
					
						2010-12-07 00:51:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ba98dc9ec 
							
						 
					 
					
						
						
							
							found a fix for a OR time-based MySQL payload :)  
						
						
						
					 
					
						2010-12-07 00:31:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61f82fd274 
							
						 
					 
					
						
						
							
							introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic  
						
						
						
					 
					
						2010-12-07 00:27:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							32f1909131 
							
						 
					 
					
						
						
							
							Some more "advanced" boundaries  
						
						
						
					 
					
						2010-12-06 23:15:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							84a038d0a3 
							
						 
					 
					
						
						
							
							added one more subtag  
						
						
						
					 
					
						2010-12-06 23:10:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1031723c89 
							
						 
					 
					
						
						
							
							added one more time based blind for Oracle  
						
						
						
					 
					
						2010-12-06 23:05:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7697d19292 
							
						 
					 
					
						
						
							
							space replace is not needed in other two Oracle error based payloads; removing incorrect dbms_version for ctxsys.drithsx.sn as it also works on 10g  
						
						
						
					 
					
						2010-12-06 22:52:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2735848ab6 
							
						 
					 
					
						
						
							
							removed ERROR_SPACE  
						
						
						
					 
					
						2010-12-06 22:40:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f516c18a2a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-06 21:39:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0c5c2aa807 
							
						 
					 
					
						
						
							
							adding one more error based payload for Oracle  
						
						
						
					 
					
						2010-12-06 21:20:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							956a155377 
							
						 
					 
					
						
						
							
							adding one more error based payload for Oracle  
						
						
						
					 
					
						2010-12-06 20:43:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff43a4a955 
							
						 
					 
					
						
						
							
							minor update to preserve consistency of payload naming  
						
						
						
					 
					
						2010-12-06 20:28:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c0e05d6869 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-06 19:11:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e4b51dd549 
							
						 
					 
					
						
						
							
							proper way of handling OR based injections (completely compatible with current AND based inference engine)  
						
						
						
					 
					
						2010-12-06 17:23:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a1e89d3e94 
							
						 
					 
					
						
						
							
							Minor tweak  
						
						
						
					 
					
						2010-12-05 13:12:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bf425d90bc 
							
						 
					 
					
						
						
							
							More tweaking  
						
						
						
					 
					
						2010-12-05 12:23:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							41e1b95c6c 
							
						 
					 
					
						
						
							
							Minor code refactoring and finally make exploitation work also on OR boolean-based injections  
						
						
						
					 
					
						2010-12-05 11:25:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							191ba3118f 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-12-05 11:08:52 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1b17bac494 
							
						 
					 
					
						
						
							
							Sorted out  
						
						
						
					 
					
						2010-12-05 11:06:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8066610217 
							
						 
					 
					
						
						
							
							Minor improvements to OR based injections  
						
						
						
					 
					
						2010-12-05 10:55:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2612615978 
							
						 
					 
					
						
						
							
							Major improvements  
						
						
						
					 
					
						2010-12-04 16:40:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9e5f933ace 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-12-04 15:47:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							95a3f4b52f 
							
						 
					 
					
						
						
							
							Rudimental OR boolean-based tests for login forms  
						
						
						
					 
					
						2010-12-03 22:58:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9d55c4da87 
							
						 
					 
					
						
						
							
							Done with support for injection in ORDER BY and GROUP BY (hopefully)  
						
						
						
					 
					
						2010-12-03 16:12:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							072835e04b 
							
						 
					 
					
						
						
							
							Removed for time being  
						
						
						
					 
					
						2010-12-03 14:48:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							11058667e4 
							
						 
					 
					
						
						
							
							Better naming  
						
						
						
					 
					
						2010-12-03 14:45:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73dfb69308 
							
						 
					 
					
						
						
							
							minor update for OR based time injection (Firebird)  
						
						
						
					 
					
						2010-12-03 12:15:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4dec049c22 
							
						 
					 
					
						
						
							
							Major bug fix for test on ORDER BY and GROUP BY clauses.  
						
						... 
						
						
						
						Minor bug fix to skip following tests if they do not match any of the clause previously identified (injection.clause value). 
						
					 
					
						2010-12-03 12:00:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							23a86ed612 
							
						 
					 
					
						
						
							
							minor bug fix related to Firebird time based test vectors  
						
						
						
					 
					
						2010-12-03 11:05:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0069a21a0d 
							
						 
					 
					
						
						
							
							Added also OR error-based checks, tweaked some TODOs and added some new boundaries for login forms (yet to test)  
						
						
						
					 
					
						2010-12-03 10:52:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bf09b8a6d9 
							
						 
					 
					
						
						
							
							added Firebird error based (WHERE) attack vector  
						
						
						
					 
					
						2010-12-02 15:09:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							df4cb1a601 
							
						 
					 
					
						
						
							
							On the way to get full support for injection on ORDER BY and GROUP BY clauses  
						
						
						
					 
					
						2010-12-01 23:30:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							089c16a1b8 
							
						 
					 
					
						
						
							
							Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type.  
						
						... 
						
						
						
						Removed some useless tests.
Moved <error> from queries.xml to payloads.xml as it makes more sense.
Beeps at sql inj found only if --beep is provided.
Minor fix in order to be able to pickle advancedDict() objects.
Minor code refactoring.
Removed useless folders. 
						
					 
					
						2010-12-01 17:09:52 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2708aad504 
							
						 
					 
					
						
						
							
							Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.  
						
						
						
					 
					
						2010-12-01 10:31:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c8f943f5e4 
							
						 
					 
					
						
						
							
							Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.  
						
						... 
						
						
						
						Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file. 
						
					 
					
						2010-11-30 22:40:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6525e08d6b 
							
						 
					 
					
						
						
							
							Minor adjustment to detect the proper parameter type based upon --prefix and --suffix values  
						
						
						
					 
					
						2010-11-29 12:13:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							75f7df75b6 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2010-11-28 23:33:51 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e3b24afe6 
							
						 
					 
					
						
						
							
							Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.  
						
						... 
						
						
						
						All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 
						
					 
					
						2010-11-28 18:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e32be2b4e7 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2010-11-23 15:06:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c6545f5c9f 
							
						 
					 
					
						
						
							
							we had a bug (nooooooooo!!!! :))  
						
						
						
					 
					
						2010-11-19 10:36:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							17486e472a 
							
						 
					 
					
						
						
							
							Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!  
						
						
						
					 
					
						2010-11-17 22:00:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							42272ca78c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-11 22:26:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1a708cf12d 
							
						 
					 
					
						
						
							
							update for ASP/Ingres  
						
						
						
					 
					
						2010-11-05 16:21:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							173e893d11 
							
						 
					 
					
						
						
							
							added error message support for Ingres  
						
						
						
					 
					
						2010-11-05 16:19:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f0a443b83 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-11-04 23:08:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d5fcc9d8b5 
							
						 
					 
					
						
						
							
							few updates/fixes here and there  
						
						
						
					 
					
						2010-11-04 08:03:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							977df7276d 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-03 06:25:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4b56fa4f8f 
							
						 
					 
					
						
						
							
							now --tables work for MaxDB  
						
						
						
					 
					
						2010-11-02 22:11:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b761523f3f 
							
						 
					 
					
						
						
							
							now --users works for MaxDB too  
						
						
						
					 
					
						2010-11-02 21:52:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cd0d4135ac 
							
						 
					 
					
						
						
							
							implemented --banner for MaxDB and some minor fixes  
						
						
						
					 
					
						2010-11-02 20:51:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							49bf34ffd9 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-11-02 18:43:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							720e235d9a 
							
						 
					 
					
						
						
							
							Fixed Windows 2003/2008 signatures. Added more old RedHat Server header signatures. Added old Debian etch signature too.  
						
						
						
					 
					
						2010-10-31 18:18:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7d42af046 
							
						 
					 
					
						
						
							
							some fixes regarding --check-payload  
						
						
						
					 
					
						2010-10-29 11:00:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0efecde248 
							
						 
					 
					
						
						
							
							Minor update to properly differentiate Windows 2003 by 2008 via HTTP response headers  
						
						
						
					 
					
						2010-10-27 10:09:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							749e25a217 
							
						 
					 
					
						
						
							
							Implementation of --passwords for Sybase  
						
						
						
					 
					
						2010-10-26 21:35:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1b90c1d131 
							
						 
					 
					
						
						
							
							added FreeBSD  
						
						
						
					 
					
						2010-10-26 20:48:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4da2046492 
							
						 
					 
					
						
						
							
							massive update of server fingerprints  
						
						
						
					 
					
						2010-10-26 20:00:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							080c5aef80 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-26 19:08:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8a9a57c709 
							
						 
					 
					
						
						
							
							update for Sybase and major bug fix for --passwords on MSSQL  
						
						
						
					 
					
						2010-10-25 22:11:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9b56fbafbe 
							
						 
					 
					
						
						
							
							that Sybase is going to be pain in the ass  
						
						
						
					 
					
						2010-10-25 21:43:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							228ac0cde5 
							
						 
					 
					
						
						
							
							refactoring regarding --check-payload  
						
						
						
					 
					
						2010-10-25 18:38:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							378653a1ec 
							
						 
					 
					
						
						
							
							added IDS payload testing  
						
						
						
					 
					
						2010-10-25 15:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aa931efd4d 
							
						 
					 
					
						
						
							
							several MySQL fixes/enhancements pointed out by Anton Mogilin  
						
						
						
					 
					
						2010-10-24 22:05:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68d39d5976 
							
						 
					 
					
						
						
							
							minor minor fix  
						
						
						
					 
					
						2010-10-23 09:12:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							32a4350779 
							
						 
					 
					
						
						
							
							update for MaxDB  
						
						
						
					 
					
						2010-10-23 09:03:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							98f5586b87 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-23 08:05:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f8850e3f41 
							
						 
					 
					
						
						
							
							update (xml fix and refactoring)  
						
						
						
					 
					
						2010-10-23 07:44:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a7a53af924 
							
						 
					 
					
						
						
							
							update for Sybase  
						
						
						
					 
					
						2010-10-23 07:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dec4d858b3 
							
						 
					 
					
						
						
							
							fix for Bug  #207  
						
						
						
					 
					
						2010-10-22 14:01:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e24bff0497 
							
						 
					 
					
						
						
							
							nice refactoring  
						
						
						
					 
					
						2010-10-20 09:46:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d3cbec457 
							
						 
					 
					
						
						
							
							no more regex. web server independent.  
						
						
						
					 
					
						2010-10-20 09:35:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b032fdbf74 
							
						 
					 
					
						
						
							
							added randInt to error injection vectors  
						
						
						
					 
					
						2010-10-20 08:56:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f2dae98448 
							
						 
					 
					
						
						
							
							fix for MySQL error queries  
						
						
						
					 
					
						2010-10-19 23:30:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1fce9683f8 
							
						 
					 
					
						
						
							
							now --users work for MSSQL too  
						
						
						
					 
					
						2010-10-19 15:05:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							80505de15b 
							
						 
					 
					
						
						
							
							now --users work on Oracle and Postgre (tested)  
						
						
						
					 
					
						2010-10-19 14:56:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4bc541ec3c 
							
						 
					 
					
						
						
							
							error based update  
						
						
						
					 
					
						2010-10-19 14:47:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bf850af2d8 
							
						 
					 
					
						
						
							
							fix for Oracle error based query "space" problem  
						
						
						
					 
					
						2010-10-19 14:10:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							878135fe40 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-10-19 14:00:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6a8b1046d4 
							
						 
					 
					
						
						
							
							first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)  
						
						
						
					 
					
						2010-10-19 12:02:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d123bb741a 
							
						 
					 
					
						
						
							
							added error based queries for MySQL, Postgre, MS SQL and Oracle  
						
						
						
					 
					
						2010-10-18 21:26:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9f79ffbaf 
							
						 
					 
					
						
						
							
							basic stuff for sybase  
						
						
						
					 
					
						2010-10-12 19:05:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9840d25b55 
							
						 
					 
					
						
						
							
							update of MaxDB queries  
						
						
						
					 
					
						2010-10-12 17:04:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							de0f6b6f72 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-10-10 17:46:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							18d27cabc5 
							
						 
					 
					
						
						
							
							more changes  
						
						
						
					 
					
						2010-10-07 15:34:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440ff639bb 
							
						 
					 
					
						
						
							
							more refactoring  
						
						
						
					 
					
						2010-10-07 14:05:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1e9ae40397 
							
						 
					 
					
						
						
							
							major refactoring  
						
						
						
					 
					
						2010-10-07 12:12:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							de6fa1247b 
							
						 
					 
					
						
						
							
							moved injections to xml format  
						
						
						
					 
					
						2010-10-06 22:29:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d9d0c971fa 
							
						 
					 
					
						
						
							
							new file  
						
						
						
					 
					
						2010-10-06 14:37:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							10ab6371f2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-06 11:58:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3cd15960a0 
							
						 
					 
					
						
						
							
							more updates  
						
						
						
					 
					
						2010-09-27 13:26:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3b9fe3e1c8 
							
						 
					 
					
						
						
							
							everything is ready for testing (smoke and live)  
						
						
						
					 
					
						2010-09-27 11:20:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dc11ae0d65 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-09-26 14:56:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							35f35605df 
							
						 
					 
					
						
						
							
							changes regarding Feature  #160  
						
						
						
					 
					
						2010-09-26 14:02:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							76233ff5a3 
							
						 
					 
					
						
						
							
							added skeleton for live testing  
						
						
						
					 
					
						2010-09-15 13:55:28 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c4040ab297 
							
						 
					 
					
						
						
							
							fix for Feature  #136  
						
						
						
					 
					
						2010-08-31 14:25:37 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							27496b91b2 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-08-31 13:08:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							266974829d 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-08-30 22:39:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							48cc87f6a9 
							
						 
					 
					
						
						
							
							added support for fingerprinting SAP MaxDB (Issue 143)  
						
						
						
					 
					
						2010-08-30 13:29:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							5bb8e154eb 
							
						 
					 
					
						
						
							
							Minor code improvements  
						
						
						
					 
					
						2010-06-10 14:15:32 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							06af405efd 
							
						 
					 
					
						
						
							
							Adapted and merged in patch to support XML output (-x switch) - still in beta.  
						
						... 
						
						
						
						Minor bug fixes and adjustments. 
						
					 
					
						2010-05-28 16:43:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e0e2349529 
							
						 
					 
					
						
						
							
							Refactor to --search -C and minor bug fix - See  #190 .  
						
						
						
					 
					
						2010-05-17 16:16:49 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c9ee11e0e4 
							
						 
					 
					
						
						
							
							Added support to search for tables (--search with -T). See  #190 .  
						
						
						
					 
					
						2010-05-16 20:46:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							65a05452f7 
							
						 
					 
					
						
						
							
							Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See  #190 :  
						
						... 
						
						
						
						* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C 
						
					 
					
						2010-05-07 13:40:57 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							14f8514fb5 
							
						 
					 
					
						
						
							
							Minor "revert" to make resume of queries work again  
						
						
						
					 
					
						2010-04-15 11:56:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							b72ddb6f1e 
							
						 
					 
					
						
						
							
							Fixes non-deterministic unsorted results for most of the DBMSes - see  #185  
						
						
						
					 
					
						2010-04-09 15:48:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d583cc07e7 
							
						 
					 
					
						
						
							
							ms access update  
						
						
						
					 
					
						2010-03-30 15:04:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1416cd0d86 
							
						 
					 
					
						
						
							
							Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see  #158 . This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).  
						
						... 
						
						
						
						Minor layout adjustments. 
						
					 
					
						2010-03-26 23:23:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2aadc5c939 
							
						 
					 
					
						
						
							
							Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket  #180 .  
						
						... 
						
						
						
						Minor enhancement to Firebird to determine if a DB user is a DBA.
Minor code refactoring. 
						
					 
					
						2010-03-25 15:46:06 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0d559d14df 
							
						 
					 
					
						
						
							
							Initial support for SQLite (90% approx).  
						
						... 
						
						
						
						Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments. 
						
					 
					
						2010-03-18 17:20:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							49aa1ae542 
							
						 
					 
					
						
						
							
							some fix/revert of mssql banner file  
						
						
						
					 
					
						2010-03-03 14:37:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f941159f81 
							
						 
					 
					
						
						
							
							Updated MSSQL xml signatures file  
						
						
						
					 
					
						2010-03-03 13:46:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6a5a5d55f2 
							
						 
					 
					
						
						
							
							fix for that --stacked-test error reported by dsu@dsu.com.ua  
						
						
						
					 
					
						2010-02-09 11:27:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9ed0744510 
							
						 
					 
					
						
						
							
							Added some error messages to detect back-end DBMS  
						
						
						
					 
					
						2010-01-30 22:24:20 +00:00