Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff1a44c335 
							
						 
					 
					
						
						
							
							probably a fix for that SQLite bug reported by Ahmed Shawky  
						
						
						
					 
					
						2011-01-20 20:30:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a1d77737f5 
							
						 
					 
					
						
						
							
							minor grammar update (this should be a better form)  
						
						
						
					 
					
						2011-01-20 18:35:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							81be23976e 
							
						 
					 
					
						
						
							
							Confirmed HAVING payloads work as WHERE ones.  
						
						... 
						
						
						
						Changed <risk> value of all 'heavy query' tests to 2 as it can potentially lead to a DoS.
Proper handling of title for UNION tests when --union-char is provided. 
						
					 
					
						2011-01-18 22:55:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7d9b22510 
							
						 
					 
					
						
						
							
							because other major DBMSes have at least one level 1 time based payload  
						
						
						
					 
					
						2011-01-18 20:32:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bdcb10cdab 
							
						 
					 
					
						
						
							
							added MSSQL time based vector  
						
						
						
					 
					
						2011-01-18 02:05:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c2a358561f 
							
						 
					 
					
						
						
							
							Proper support for --union-cols  
						
						
						
					 
					
						2011-01-17 22:57:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb166e9445 
							
						 
					 
					
						
						
							
							adding USER_LOCK stacked query support for ORACLE (older versions)  
						
						
						
					 
					
						2011-01-16 10:31:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f31c028232 
							
						 
					 
					
						
						
							
							Oracle stacked vector based on DBMS_LOCK.SLEEP ( https://foro.undersecurity.net/read.php?46,1436 )  
						
						
						
					 
					
						2011-01-16 10:07:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1b3717c79c 
							
						 
					 
					
						
						
							
							Improvement to make time-based blind to work also against login forms  
						
						
						
					 
					
						2011-01-12 16:20:29 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							d7a7993e0d 
							
						 
					 
					
						
						
							
							Minor comment fix  
						
						
						
					 
					
						2011-01-12 11:57:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2f5995a7eb 
							
						 
					 
					
						
						
							
							Added generic and mysql UNION tests from 1 to 25 columns.  
						
						... 
						
						
						
						Adapted config file and command line removing now outdated --union-test switch.
Minor bug fix.
Minor code refactoring.
Got rid of some debug messages, standardized logging of UNION tests. 
						
					 
					
						2011-01-11 22:56:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							300128042c 
							
						 
					 
					
						
						
							
							First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though.  
						
						... 
						
						
						
						Major refactoring to Agent.payload() method.
Minor bug fixes, some code refactoring and a lot of core adjustments here and there.
Added more checks for injection in GROUP BY and ORDER BY. 
						
					 
					
						2011-01-11 22:18:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1c86ec374e 
							
						 
					 
					
						
						
							
							Code refactoring and cosmetics  
						
						
						
					 
					
						2011-01-07 15:41:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2efe7928c0 
							
						 
					 
					
						
						
							
							more concise than previously  
						
						
						
					 
					
						2011-01-02 17:06:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a56934e68b 
							
						 
					 
					
						
						
							
							one more MSSQL/ASPX error banner regex  
						
						
						
					 
					
						2011-01-02 15:36:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e6f0c4d857 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2011-01-02 15:32:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c1d0dde769 
							
						 
					 
					
						
						
							
							added support for .NET banners ( http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx )  
						
						
						
					 
					
						2011-01-02 14:46:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							93cb75ff65 
							
						 
					 
					
						
						
							
							added Nginx  
						
						
						
					 
					
						2011-01-02 08:50:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ded9798e3d 
							
						 
					 
					
						
						
							
							minor bug fix  
						
						
						
					 
					
						2011-01-01 23:07:50 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c3065f6ecc 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-12-29 20:38:56 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							96c3ffd3d7 
							
						 
					 
					
						
						
							
							changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload  
						
						
						
					 
					
						2010-12-27 19:02:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2c8115eed9 
							
						 
					 
					
						
						
							
							further improvement for ms access table dumping  
						
						
						
					 
					
						2010-12-26 01:04:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fb099615e2 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-25 11:16:35 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							272476773f 
							
						 
					 
					
						
						
							
							getPageTextWordsSet on tableExists is pretty powerful stuff  
						
						
						
					 
					
						2010-12-25 09:37:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							706d8e0b88 
							
						 
					 
					
						
						
							
							development update (basic ms access dumping implemented)  
						
						
						
					 
					
						2010-12-24 19:53:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							edcf1a0872 
							
						 
					 
					
						
						
							
							few bug fixes  
						
						
						
					 
					
						2010-12-24 18:40:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3043ed095a 
							
						 
					 
					
						
						
							
							bug fix (those two regexes where too generic making false MS ACCESS positives here and there)  
						
						
						
					 
					
						2010-12-24 00:11:10 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5a0aef0f33 
							
						 
					 
					
						
						
							
							fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server  
						
						
						
					 
					
						2010-12-23 09:53:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8fc60215ed 
							
						 
					 
					
						
						
							
							lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.  
						
						
						
					 
					
						2010-12-22 19:12:46 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c9ab8ae60e 
							
						 
					 
					
						
						
							
							Bug fix to properly identify if current user is DBA (--is-dba) on MySQL  
						
						
						
					 
					
						2010-12-22 14:06:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e791f8f2b7 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2010-12-20 10:33:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bfdc4fa000 
							
						 
					 
					
						
						
							
							new error vector for MS SQL (from David Guimaraes' mail)  
						
						
						
					 
					
						2010-12-17 19:00:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3ee44584d4 
							
						 
					 
					
						
						
							
							i've found a way! thank you hesus! fyea (ASC(MID) was just crashing when MID returned 'empty string')  
						
						
						
					 
					
						2010-12-14 12:57:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							207f63cebc 
							
						 
					 
					
						
						
							
							Prepare for UNION query tests at detection phase  
						
						
						
					 
					
						2010-12-13 21:31:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							33639578ee 
							
						 
					 
					
						
						
							
							minor update for MS Access  
						
						
						
					 
					
						2010-12-12 15:25:19 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b1babeefe5 
							
						 
					 
					
						
						
							
							update regarding dumping of tables with blind on Sqlite  
						
						
						
					 
					
						2010-12-11 22:00:16 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							acc7d6d40c 
							
						 
					 
					
						
						
							
							fix  
						
						
						
					 
					
						2010-12-11 11:03:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ac9080c07b 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-11 08:24:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							fe2039f5ba 
							
						 
					 
					
						
						
							
							coollyy little commits  
						
						
						
					 
					
						2010-12-10 11:32:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7e2984b4b6 
							
						 
					 
					
						
						
							
							added stacked query support for Oracle  
						
						
						
					 
					
						2010-12-09 15:24:48 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4bb40c0a06 
							
						 
					 
					
						
						
							
							Higher the level for Oracle stacked tests just in case the SQL inj is within a PL/SQL function ('cause of no support for stacked queries by design on Oracle)  
						
						
						
					 
					
						2010-12-09 15:14:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d8edc5b244 
							
						 
					 
					
						
						
							
							adding stacked-query vector for Firebird  
						
						
						
					 
					
						2010-12-09 15:11:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							13b522efc2 
							
						 
					 
					
						
						
							
							Added error-based support for MySQL < 5.0 -  closes   #14  
						
						
						
					 
					
						2010-12-09 15:09:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5aafd19957 
							
						 
					 
					
						
						
							
							added vector for SQLite's stacked query payload  
						
						
						
					 
					
						2010-12-09 15:06:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							71761ba9a5 
							
						 
					 
					
						
						
							
							another fix for another beautiful heavy query payload which took a few 100 megs and 5 mins to run  
						
						
						
					 
					
						2010-12-09 10:35:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							094baadc5b 
							
						 
					 
					
						
						
							
							bug fix (in SELECT based heavy queries COUNT(*) should be used; otherwise multiple row error happens without proper delay)  
						
						
						
					 
					
						2010-12-09 10:17:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							3b293c4ea7 
							
						 
					 
					
						
						
							
							Added possible stacked queries time-based blind vector for MSSQL  
						
						
						
					 
					
						2010-12-08 23:55:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							f5ce739bdf 
							
						 
					 
					
						
						
							
							Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.  
						
						
						
					 
					
						2010-12-08 23:52:31 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							69c4f94980 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-08 15:40:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ad00fe13c1 
							
						 
					 
					
						
						
							
							another fix for MySQL time based payloads  
						
						
						
					 
					
						2010-12-08 12:00:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8227e6d3cf 
							
						 
					 
					
						
						
							
							bug fix for BENCHMARK time-based vectors  
						
						
						
					 
					
						2010-12-08 11:49:55 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8ff7c9a5a1 
							
						 
					 
					
						
						
							
							Works on Oracle's GROUP BY too  
						
						
						
					 
					
						2010-12-07 17:17:01 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4f01d4c109 
							
						 
					 
					
						
						
							
							number crunching based time payloads are now affected by conf.timeSec  
						
						
						
					 
					
						2010-12-07 13:24:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d0936bc8ed 
							
						 
					 
					
						
						
							
							adding vectors for SQLite time-based payloads  
						
						
						
					 
					
						2010-12-07 13:14:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							54b8cb76a1 
							
						 
					 
					
						
						
							
							Messed up with my last merge, all fixed now  
						
						
						
					 
					
						2010-12-07 12:59:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b38a634d95 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-12-07 12:55:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7c32db6e9d 
							
						 
					 
					
						
						
							
							Forgot when merged with my last commit  
						
						
						
					 
					
						2010-12-07 12:52:09 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							acac0d346f 
							
						 
					 
					
						
						
							
							Minor bug fixes and adjustments  
						
						
						
					 
					
						2010-12-07 12:45:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2b2b7dc3a6 
							
						 
					 
					
						
						
							
							added vectors for time-based Firebird payloads  
						
						
						
					 
					
						2010-12-07 12:20:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							36a7fca8d5 
							
						 
					 
					
						
						
							
							added time-based payload vector for MSSQL  
						
						
						
					 
					
						2010-12-07 12:06:25 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							485981c619 
							
						 
					 
					
						
						
							
							added vectors for PostgresSQL time-based payloads  
						
						
						
					 
					
						2010-12-07 11:57:33 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9085e01e7 
							
						 
					 
					
						
						
							
							added vectors for Oracle time-based payloads  
						
						
						
					 
					
						2010-12-07 11:47:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3d87489de5 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-07 08:05:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							90b776c1a2 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-07 00:58:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0da1ebde7d 
							
						 
					 
					
						
						
							
							introducing PostgreSQL time based blind  
						
						
						
					 
					
						2010-12-07 00:51:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1ba98dc9ec 
							
						 
					 
					
						
						
							
							found a fix for a OR time-based MySQL payload :)  
						
						
						
					 
					
						2010-12-07 00:31:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							61f82fd274 
							
						 
					 
					
						
						
							
							introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic  
						
						
						
					 
					
						2010-12-07 00:27:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							32f1909131 
							
						 
					 
					
						
						
							
							Some more "advanced" boundaries  
						
						
						
					 
					
						2010-12-06 23:15:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							84a038d0a3 
							
						 
					 
					
						
						
							
							added one more subtag  
						
						
						
					 
					
						2010-12-06 23:10:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1031723c89 
							
						 
					 
					
						
						
							
							added one more time based blind for Oracle  
						
						
						
					 
					
						2010-12-06 23:05:53 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							7697d19292 
							
						 
					 
					
						
						
							
							space replace is not needed in other two Oracle error based payloads; removing incorrect dbms_version for ctxsys.drithsx.sn as it also works on 10g  
						
						
						
					 
					
						2010-12-06 22:52:18 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							2735848ab6 
							
						 
					 
					
						
						
							
							removed ERROR_SPACE  
						
						
						
					 
					
						2010-12-06 22:40:07 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f516c18a2a 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-12-06 21:39:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							0c5c2aa807 
							
						 
					 
					
						
						
							
							adding one more error based payload for Oracle  
						
						
						
					 
					
						2010-12-06 21:20:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							956a155377 
							
						 
					 
					
						
						
							
							adding one more error based payload for Oracle  
						
						
						
					 
					
						2010-12-06 20:43:23 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							ff43a4a955 
							
						 
					 
					
						
						
							
							minor update to preserve consistency of payload naming  
						
						
						
					 
					
						2010-12-06 20:28:26 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c0e05d6869 
							
						 
					 
					
						
						
							
							update  
						
						
						
					 
					
						2010-12-06 19:11:05 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e4b51dd549 
							
						 
					 
					
						
						
							
							proper way of handling OR based injections (completely compatible with current AND based inference engine)  
						
						
						
					 
					
						2010-12-06 17:23:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							a1e89d3e94 
							
						 
					 
					
						
						
							
							Minor tweak  
						
						
						
					 
					
						2010-12-05 13:12:12 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							bf425d90bc 
							
						 
					 
					
						
						
							
							More tweaking  
						
						
						
					 
					
						2010-12-05 12:23:18 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							41e1b95c6c 
							
						 
					 
					
						
						
							
							Minor code refactoring and finally make exploitation work also on OR boolean-based injections  
						
						
						
					 
					
						2010-12-05 11:25:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							191ba3118f 
							
						 
					 
					
						
						
							
							Cosmetics  
						
						
						
					 
					
						2010-12-05 11:08:52 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							1b17bac494 
							
						 
					 
					
						
						
							
							Sorted out  
						
						
						
					 
					
						2010-12-05 11:06:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							8066610217 
							
						 
					 
					
						
						
							
							Minor improvements to OR based injections  
						
						
						
					 
					
						2010-12-05 10:55:19 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2612615978 
							
						 
					 
					
						
						
							
							Major improvements  
						
						
						
					 
					
						2010-12-04 16:40:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9e5f933ace 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-12-04 15:47:02 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							95a3f4b52f 
							
						 
					 
					
						
						
							
							Rudimental OR boolean-based tests for login forms  
						
						
						
					 
					
						2010-12-03 22:58:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							9d55c4da87 
							
						 
					 
					
						
						
							
							Done with support for injection in ORDER BY and GROUP BY (hopefully)  
						
						
						
					 
					
						2010-12-03 16:12:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							072835e04b 
							
						 
					 
					
						
						
							
							Removed for time being  
						
						
						
					 
					
						2010-12-03 14:48:31 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							11058667e4 
							
						 
					 
					
						
						
							
							Better naming  
						
						
						
					 
					
						2010-12-03 14:45:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							73dfb69308 
							
						 
					 
					
						
						
							
							minor update for OR based time injection (Firebird)  
						
						
						
					 
					
						2010-12-03 12:15:41 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							4dec049c22 
							
						 
					 
					
						
						
							
							Major bug fix for test on ORDER BY and GROUP BY clauses.  
						
						... 
						
						
						
						Minor bug fix to skip following tests if they do not match any of the clause previously identified (injection.clause value). 
						
					 
					
						2010-12-03 12:00:03 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							23a86ed612 
							
						 
					 
					
						
						
							
							minor bug fix related to Firebird time based test vectors  
						
						
						
					 
					
						2010-12-03 11:05:16 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0069a21a0d 
							
						 
					 
					
						
						
							
							Added also OR error-based checks, tweaked some TODOs and added some new boundaries for login forms (yet to test)  
						
						
						
					 
					
						2010-12-03 10:52:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bf09b8a6d9 
							
						 
					 
					
						
						
							
							added Firebird error based (WHERE) attack vector  
						
						
						
					 
					
						2010-12-02 15:09:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							df4cb1a601 
							
						 
					 
					
						
						
							
							On the way to get full support for injection on ORDER BY and GROUP BY clauses  
						
						
						
					 
					
						2010-12-01 23:30:38 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							089c16a1b8 
							
						 
					 
					
						
						
							
							Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type.  
						
						... 
						
						
						
						Removed some useless tests.
Moved <error> from queries.xml to payloads.xml as it makes more sense.
Beeps at sql inj found only if --beep is provided.
Minor fix in order to be able to pickle advancedDict() objects.
Minor code refactoring.
Removed useless folders. 
						
					 
					
						2010-12-01 17:09:52 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							2708aad504 
							
						 
					 
					
						
						
							
							Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.  
						
						
						
					 
					
						2010-12-01 10:31:50 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							c8f943f5e4 
							
						 
					 
					
						
						
							
							Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.  
						
						... 
						
						
						
						Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file. 
						
					 
					
						2010-11-30 22:40:25 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							6525e08d6b 
							
						 
					 
					
						
						
							
							Minor adjustment to detect the proper parameter type based upon --prefix and --suffix values  
						
						
						
					 
					
						2010-11-29 12:13:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							75f7df75b6 
							
						 
					 
					
						
						
							
							Minor fix  
						
						
						
					 
					
						2010-11-28 23:33:51 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							7e3b24afe6 
							
						 
					 
					
						
						
							
							Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.  
						
						... 
						
						
						
						All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work! 
						
					 
					
						2010-11-28 18:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							e32be2b4e7 
							
						 
					 
					
						
						
							
							Minor adjustment  
						
						
						
					 
					
						2010-11-23 15:06:40 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							c6545f5c9f 
							
						 
					 
					
						
						
							
							we had a bug (nooooooooo!!!! :))  
						
						
						
					 
					
						2010-11-19 10:36:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							17486e472a 
							
						 
					 
					
						
						
							
							Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!  
						
						
						
					 
					
						2010-11-17 22:00:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							42272ca78c 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-11 22:26:36 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1a708cf12d 
							
						 
					 
					
						
						
							
							update for ASP/Ingres  
						
						
						
					 
					
						2010-11-05 16:21:22 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							173e893d11 
							
						 
					 
					
						
						
							
							added error message support for Ingres  
						
						
						
					 
					
						2010-11-05 16:19:41 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							3f0a443b83 
							
						 
					 
					
						
						
							
							some updates  
						
						
						
					 
					
						2010-11-04 23:08:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d5fcc9d8b5 
							
						 
					 
					
						
						
							
							few updates/fixes here and there  
						
						
						
					 
					
						2010-11-04 08:03:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							977df7276d 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-11-03 06:25:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4b56fa4f8f 
							
						 
					 
					
						
						
							
							now --tables work for MaxDB  
						
						
						
					 
					
						2010-11-02 22:11:45 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b761523f3f 
							
						 
					 
					
						
						
							
							now --users works for MaxDB too  
						
						
						
					 
					
						2010-11-02 21:52:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							cd0d4135ac 
							
						 
					 
					
						
						
							
							implemented --banner for MaxDB and some minor fixes  
						
						
						
					 
					
						2010-11-02 20:51:55 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							49bf34ffd9 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-11-02 18:43:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							720e235d9a 
							
						 
					 
					
						
						
							
							Fixed Windows 2003/2008 signatures. Added more old RedHat Server header signatures. Added old Debian etch signature too.  
						
						
						
					 
					
						2010-10-31 18:18:49 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f7d42af046 
							
						 
					 
					
						
						
							
							some fixes regarding --check-payload  
						
						
						
					 
					
						2010-10-29 11:00:23 +00:00 
						 
				 
			
				
					
						
							
							
								Bernardo Damele 
							
						 
					 
					
						
						
						
						
							
						
						
							0efecde248 
							
						 
					 
					
						
						
							
							Minor update to properly differentiate Windows 2003 by 2008 via HTTP response headers  
						
						
						
					 
					
						2010-10-27 10:09:47 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							749e25a217 
							
						 
					 
					
						
						
							
							Implementation of --passwords for Sybase  
						
						
						
					 
					
						2010-10-26 21:35:30 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1b90c1d131 
							
						 
					 
					
						
						
							
							added FreeBSD  
						
						
						
					 
					
						2010-10-26 20:48:52 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4da2046492 
							
						 
					 
					
						
						
							
							massive update of server fingerprints  
						
						
						
					 
					
						2010-10-26 20:00:29 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							080c5aef80 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-26 19:08:11 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							8a9a57c709 
							
						 
					 
					
						
						
							
							update for Sybase and major bug fix for --passwords on MSSQL  
						
						
						
					 
					
						2010-10-25 22:11:38 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9b56fbafbe 
							
						 
					 
					
						
						
							
							that Sybase is going to be pain in the ass  
						
						
						
					 
					
						2010-10-25 21:43:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							228ac0cde5 
							
						 
					 
					
						
						
							
							refactoring regarding --check-payload  
						
						
						
					 
					
						2010-10-25 18:38:54 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							378653a1ec 
							
						 
					 
					
						
						
							
							added IDS payload testing  
						
						
						
					 
					
						2010-10-25 15:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							aa931efd4d 
							
						 
					 
					
						
						
							
							several MySQL fixes/enhancements pointed out by Anton Mogilin  
						
						
						
					 
					
						2010-10-24 22:05:14 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							68d39d5976 
							
						 
					 
					
						
						
							
							minor minor fix  
						
						
						
					 
					
						2010-10-23 09:12:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							32a4350779 
							
						 
					 
					
						
						
							
							update for MaxDB  
						
						
						
					 
					
						2010-10-23 09:03:59 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							98f5586b87 
							
						 
					 
					
						
						
							
							minor update  
						
						
						
					 
					
						2010-10-23 08:05:24 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f8850e3f41 
							
						 
					 
					
						
						
							
							update (xml fix and refactoring)  
						
						
						
					 
					
						2010-10-23 07:44:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							a7a53af924 
							
						 
					 
					
						
						
							
							update for Sybase  
						
						
						
					 
					
						2010-10-23 07:37:43 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							dec4d858b3 
							
						 
					 
					
						
						
							
							fix for Bug  #207  
						
						
						
					 
					
						2010-10-22 14:01:48 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							e24bff0497 
							
						 
					 
					
						
						
							
							nice refactoring  
						
						
						
					 
					
						2010-10-20 09:46:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							5d3cbec457 
							
						 
					 
					
						
						
							
							no more regex. web server independent.  
						
						
						
					 
					
						2010-10-20 09:35:46 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							b032fdbf74 
							
						 
					 
					
						
						
							
							added randInt to error injection vectors  
						
						
						
					 
					
						2010-10-20 08:56:58 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f2dae98448 
							
						 
					 
					
						
						
							
							fix for MySQL error queries  
						
						
						
					 
					
						2010-10-19 23:30:08 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1fce9683f8 
							
						 
					 
					
						
						
							
							now --users work for MSSQL too  
						
						
						
					 
					
						2010-10-19 15:05:32 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							80505de15b 
							
						 
					 
					
						
						
							
							now --users work on Oracle and Postgre (tested)  
						
						
						
					 
					
						2010-10-19 14:56:57 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							4bc541ec3c 
							
						 
					 
					
						
						
							
							error based update  
						
						
						
					 
					
						2010-10-19 14:47:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							bf850af2d8 
							
						 
					 
					
						
						
							
							fix for Oracle error based query "space" problem  
						
						
						
					 
					
						2010-10-19 14:10:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							878135fe40 
							
						 
					 
					
						
						
							
							minor fix  
						
						
						
					 
					
						2010-10-19 14:00:27 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							6a8b1046d4 
							
						 
					 
					
						
						
							
							first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)  
						
						
						
					 
					
						2010-10-19 12:02:04 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							d123bb741a 
							
						 
					 
					
						
						
							
							added error based queries for MySQL, Postgre, MS SQL and Oracle  
						
						
						
					 
					
						2010-10-18 21:26:13 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							f9f79ffbaf 
							
						 
					 
					
						
						
							
							basic stuff for sybase  
						
						
						
					 
					
						2010-10-12 19:05:12 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							9840d25b55 
							
						 
					 
					
						
						
							
							update of MaxDB queries  
						
						
						
					 
					
						2010-10-12 17:04:20 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							de0f6b6f72 
							
						 
					 
					
						
						
							
							bug fix  
						
						
						
					 
					
						2010-10-10 17:46:09 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							18d27cabc5 
							
						 
					 
					
						
						
							
							more changes  
						
						
						
					 
					
						2010-10-07 15:34:17 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							440ff639bb 
							
						 
					 
					
						
						
							
							more refactoring  
						
						
						
					 
					
						2010-10-07 14:05:34 +00:00 
						 
				 
			
				
					
						
							
							
								Miroslav Stampar 
							
						 
					 
					
						
						
						
						
							
						
						
							1e9ae40397 
							
						 
					 
					
						
						
							
							major refactoring  
						
						
						
					 
					
						2010-10-07 12:12:26 +00:00