Bernardo Damele
3087c27659
Updated doc
2010-04-22 10:37:58 +00:00
Bernardo Damele
e11d511cad
Updated doc
2010-04-15 12:12:53 +00:00
Bernardo Damele
e0d0913fc6
Updated doc
2010-04-12 09:34:20 +00:00
Bernardo Damele
822d22299f
Updated
2010-04-09 13:48:02 +00:00
Bernardo Damele
bd669dd6fa
Updated
2010-04-06 10:32:56 +00:00
Bernardo Damele
2d55ec19a3
Minor code restyling
2010-04-06 10:15:19 +00:00
Bernardo Damele
f0f1176396
Updated THANKS
2010-03-23 21:24:31 +00:00
Bernardo Damele
9e8a108768
Updated
2010-03-22 15:43:38 +00:00
Bernardo Damele
7f5bc5e3fe
Increased version to 0.9-dev
2010-03-15 11:04:57 +00:00
Bernardo Damele
4d53b17320
Updated THANKS
2010-03-10 22:08:54 +00:00
Miroslav Stampar
0acef530ce
update
2010-03-01 10:51:17 +00:00
Bernardo Damele
16599cf2cf
typo fix
2010-02-16 22:54:22 +00:00
Bernardo Damele
7e0c411c0e
Updated THANKS file
2010-02-11 23:46:50 +00:00
Bernardo Damele
22995787d1
Updated THANKS file
2010-02-04 15:24:13 +00:00
Bernardo Damele
232f927dd0
Slightly updated the documentation
2010-01-04 12:53:58 +00:00
Bernardo Damele
d5b1863dec
Updated documentation and svn properties
2010-01-02 02:07:28 +00:00
Bernardo Damele
c1c14dabd9
Minor bug fix
2009-12-21 11:21:18 +00:00
Bernardo Damele
e6c4154cac
Fixed minor bug in --reg-del
2009-12-21 11:04:54 +00:00
Bernardo Damele
de68a499f5
Typo fix
2009-11-01 12:08:46 +00:00
Bernardo Damele
f1a7d095aa
Minor patch to make the PHP web backdoor work also on Windows
2009-10-22 16:25:19 +00:00
Bernardo Damele
89c43893d4
Merged back from personal branch to trunk (svn merge -r846:940 ...)
...
Changes:
* Major enhancement to the Microsoft SQL Server stored procedure
heap-based buffer overflow exploit (--os-bof) to automatically bypass
DEP memory protection.
* Added support for MySQL and PostgreSQL to execute Metasploit shellcode
via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an
option instead of uploading the standalone payload stager executable.
* Added options for MySQL, PostgreSQL and Microsoft SQL Server to
read/add/delete Windows registry keys.
* Added options for MySQL and PostgreSQL to inject custom user-defined
functions.
* Added support for --first and --last so the user now has even more
granularity in what to enumerate in the query output.
* Minor enhancement to save the session by default in
'output/hostname/session' file if -s option is not specified.
* Minor improvement to automatically remove sqlmap created temporary
files from the DBMS underlying file system.
* Minor bugs fixed.
* Major code refactoring.
2009-09-25 23:03:45 +00:00
Bernardo Damele
458d59416c
Minor bug fix in MSSQL version fingerprint
2009-08-11 09:16:20 +00:00
Bernardo Damele
14578a7a4d
Updated THANKS file
2009-07-30 12:02:34 +00:00
Bernardo Damele
e608a5ca55
Updated THANKS file
2009-07-29 10:44:56 +00:00
Bernardo Damele
bc31bd1dd9
Minor bug fix
2009-06-29 10:13:39 +00:00
Bernardo Damele
fd7de4bbb8
Updated THANKS file
2009-06-24 13:57:50 +00:00
Bernardo Damele
cfd8a83655
Minor adjustment to get also the port when parsing burp logs
2009-06-04 14:36:31 +00:00
Bernardo Damele
81d1a767ac
Minor bug fix in output manager (dumper) object
2009-05-20 13:56:23 +00:00
Bernardo Damele
37d3b3adda
Updated THANKS
2009-05-20 09:58:22 +00:00
Bernardo Damele
f7ee4d578e
Updated THANKS file
2009-05-19 15:56:30 +00:00
Bernardo Damele
e8c115500d
Now it works also on Mac OS X
2009-04-30 10:46:50 +00:00
Bernardo Damele
16b4530bbe
Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).
...
Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS.
2009-04-27 23:05:11 +00:00
Bernardo Damele
69259c5984
Updated THANKS
2009-04-23 08:42:57 +00:00
Bernardo Damele
8c0ac767f4
Updated to sqlmap 0.7 release candidate 1
2009-04-22 11:48:07 +00:00
Bernardo Damele
207e96e2b2
Major bug fix in the comparison algorithm to correctly handle also the
...
case that the url is stable and the False response changes the page
content very little.
2009-02-09 10:28:03 +00:00
Bernardo Damele
770e000cb4
Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs
2009-02-02 23:44:19 +00:00
Bernardo Damele
6054090191
sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.
2009-01-28 14:53:11 +00:00
Bernardo Damele
a8d57bb031
Avoid DeprecationWarning with Python 2.6+
2009-01-22 23:53:01 +00:00
Bernardo Damele
374b9ba878
Updated documentation based upon recent developments
2008-12-21 16:35:45 +00:00
Bernardo Damele
c32ef9d751
Major bug fix to avoid tracebacks when multiple targets are specified and one
...
of them is not reachable.
Minor bug fix to make the --postfix work even if --prefix is not provided.
2008-12-18 20:38:57 +00:00
Bernardo Damele
bb9079aa9d
Minor documentation adjustments
2008-12-17 20:58:19 +00:00
Bernardo Damele
9dbad512f1
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers
...
by providing option --headers. By default Accept, Accept-Language and
Accept-Charset headers are set.
Added support to get the injection payload prefix and postfix from user.
Minor bug fix to exclude image files when parsing (-l) proxies log files.
Minor code adjustments.
Updated documentation.
2008-12-08 21:24:24 +00:00
Bernardo Damele
38c9627700
Minor enhancemet to support also --regexp, --excl-str and --excl-reg
...
options rather than only --string when comparing HTTP responses page
content
2008-12-05 15:34:13 +00:00
Bernardo Damele
7f055924a7
sqlmap 0.6.3-rc4:
...
Minor enhancement to be able to specify the number of seconds before
timeout the connection, default is set to 10 seconds.
Minor improvement to retry the HTTP request up to three times in case
an exception is raised during the connection to the target url.
Minor bug fix to correctly catch connection exceptions and notify to
the user also if they occur within a thread.
Minor code restyling.
Updated documentation.
2008-12-04 17:40:03 +00:00
Bernardo Damele
6e548eb2ec
Completed support to get the list of targets from WebScarab/Burp proxies
...
log file and updated the documentation
2008-11-27 22:33:33 +00:00
Bernardo Damele
dc1f2deb74
Minor bug fix to correctly enumerate columns on Microsoft SQL Server.
...
Minor adjustments to XML signatures.
Updated documentation.
2008-11-25 11:33:44 +00:00
Bernardo Damele
8f74fe2ce9
Added new HTTP response headers on which fingerprint web app technology and web server OS.
...
Updated documentation.
2008-11-19 15:33:39 +00:00
Bernardo Damele
0c5d3df546
sqlmap 0.6.3-rc1:
...
* Minor enhancement to be able to specify the number of seconds to wait between each HTTP request.
* Minor bug fix to handle session.error and session.timeout in HTTP requests.
* Updated documentation.
2008-11-09 16:57:47 +00:00
Bernardo Damele
544ced52b5
Name adjustment
2008-11-04 19:56:07 +00:00
Bernardo Damele
2a01de3f0b
Minor bug fix to correctly dump table entries when the column is provided
2008-11-04 19:54:44 +00:00
Bernardo Damele
95d2a0fcd1
Updated documentation
2008-11-02 22:25:48 +00:00
Bernardo Damele
4eef34c532
Updated documentation
2008-10-28 00:08:00 +00:00
Bernardo Damele
56383cfaad
Updated documentation and removed svn:keyword
2008-10-26 19:12:17 +00:00
Bernardo Damele
fcc16b2346
Updated site, documentation (dev and user) and packaging scripts for 0.6.1
2008-10-20 13:43:18 +00:00
Bernardo Damele
41f8acf0fd
Updated documentation
2008-10-16 15:41:26 +00:00
Bernardo Damele
8e3eb45510
After the storm, a restore..
2008-10-15 15:38:22 +00:00