4 Commits

Author	SHA1	Message	Date
Bernardo Damele	e4e081cdc6	sqlmap 0.8-rc2: minor enhancement based on msfencode 3.3.3-dev -t exe-small so that also PostgreSQL supports again the out-of-band via Metasploit payload stager optionally to shellcode execution in-memory via sys_bineval() UDF. Speed up OOB connect back. Cleanup target file system after --os-pwn too. Minor bug fix to correctly forge file system paths with os.path.join() all around. Minor code refactoring and user's manual update.	2009-12-17 22:04:01 +00:00
Bernardo Damele	89c43893d4	Merged back from personal branch to trunk (svn merge -r846:940 ...) ... Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.	2009-09-25 23:03:45 +00:00
Bernardo Damele	d905e5ef9f	Minor bug fix to --os-cmd/--os-shell for Microsoft SQL Server	2009-07-25 11:45:23 +00:00
Bernardo Damele	8c0ac767f4	Updated to sqlmap 0.7 release candidate 1	2009-04-22 11:48:07 +00:00