stamparm
|
9d045e14e8
|
Implementation for an Issue #437
|
2013-04-18 17:06:45 +02:00 |
|
Miroslav Stampar
|
840ee26a14
|
If SQLAlchemy is available and it has problems while connecting then it should be smarter to not force the other (standard) method - if available
|
2013-04-15 18:42:26 +02:00 |
|
stamparm
|
de99717b00
|
Disable sqlalchemy warnings if applicable
|
2013-04-15 16:29:08 +02:00 |
|
stamparm
|
1c2197e8de
|
Minor bug fix for an Issue #361 (removal of that ugly garbage clean warning message after sqlmap ends)
|
2013-04-15 16:18:40 +02:00 |
|
stamparm
|
6ab2e8eca4
|
Trivial style update
|
2013-04-15 16:09:04 +02:00 |
|
stamparm
|
9ccbdb3fdf
|
Added a check for an Issue #361
|
2013-04-15 15:36:10 +02:00 |
|
stamparm
|
1c47b33020
|
Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple)
|
2013-04-15 15:23:45 +02:00 |
|
stamparm
|
f936746423
|
Code restyling
|
2013-04-15 14:31:27 +02:00 |
|
stamparm
|
aed738d6e6
|
Update for an Issue #361
|
2013-04-15 14:20:21 +02:00 |
|
stamparm
|
8853e43616
|
Applying patch from Brandon Perry via ML
|
2013-04-15 11:01:07 +02:00 |
|
stamparm
|
3e65037a05
|
Introducing lib/utils/sqlalchemy.py (Issue #361)
|
2013-04-15 10:33:25 +02:00 |
|
stamparm
|
8c9da95343
|
Style and consistency update (url -> URL)
|
2013-04-09 11:48:42 +02:00 |
|
stamparm
|
3948b527dd
|
Update for an Issue #429
|
2013-04-09 11:36:33 +02:00 |
|
stamparm
|
91054099aa
|
Minor style update
|
2013-04-09 10:42:58 +02:00 |
|
stamparm
|
d1ae62b22b
|
Patch for an Issue #422
|
2013-03-19 12:27:49 +01:00 |
|
stamparm
|
7111cdabe3
|
Minor cosmetics
|
2013-03-18 11:41:15 +01:00 |
|
Miroslav Stampar
|
eb08c8d752
|
Another update for an Issue #352
|
2013-03-13 19:42:22 +01:00 |
|
Miroslav Stampar
|
9e49d8c68f
|
Adding support for SHA2 hash functions
|
2013-03-05 11:04:46 +01:00 |
|
Bernardo Damele
|
63ddeb9008
|
unnecessary variable
|
2013-02-15 13:26:28 +00:00 |
|
Bernardo Damele
|
20c5f9a030
|
consistency fix
|
2013-02-15 09:29:36 +00:00 |
|
Bernardo Damele
|
87db5d0dab
|
minor bug fix to avoid duplicates - #297
|
2013-02-15 00:53:05 +00:00 |
|
Bernardo Damele
|
4b9d8ed673
|
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
|
2013-02-14 11:32:17 +00:00 |
|
Bernardo Damele
|
cb6d549e57
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-02-14 11:25:12 +00:00 |
|
Bernardo Damele
|
a67ef4117f
|
make sure to use Python 2 interpreter when default system Python is version 3
|
2013-02-14 11:25:04 +00:00 |
|
Miroslav Stampar
|
efe1bf0ded
|
Minor fix (for those multiline cases like in MsSQL)
|
2013-02-14 12:20:40 +01:00 |
|
Miroslav Stampar
|
9b231f87d6
|
Minor bug fix (regarding Issue #379) - in case that two processes enter the same proc_count decrementing line sqlmap would halt
|
2013-02-13 15:31:50 +01:00 |
|
Miroslav Stampar
|
8138d1318e
|
Minor fix
|
2013-02-13 15:10:49 +01:00 |
|
Miroslav Stampar
|
6a98d375b1
|
More general except
|
2013-02-12 14:39:21 +01:00 |
|
Miroslav Stampar
|
ee1017a5a7
|
Minor fix
|
2013-02-08 13:46:39 +01:00 |
|
Bernardo Damele
|
b477c56b52
|
first steps to allow multiple scans on the same taskid - issue #297
|
2013-02-07 00:05:26 +00:00 |
|
Bernardo Damele
|
dd6c73ea24
|
fixed --passwords output for API - #297
|
2013-02-06 21:45:51 +00:00 |
|
Bernardo Damele
|
21afba9571
|
got the partial output finally properly replaced by complete output in IPC database - #297
|
2013-02-06 21:32:26 +00:00 |
|
Bernardo Damele
|
2fa2f30d21
|
slighlty better, still not optimal
|
2013-02-06 17:45:52 +00:00 |
|
Bernardo Damele
|
e439c3d3f5
|
minor refactoring - #297
|
2013-02-06 17:09:43 +00:00 |
|
Miroslav Stampar
|
060eac110a
|
Cleaner version checking
|
2013-02-06 10:28:17 +01:00 |
|
Miroslav Stampar
|
b1f31103f9
|
Removing that ugly disk I/O error in live testing mode
|
2013-02-05 17:04:42 +01:00 |
|
Miroslav Stampar
|
934808f53b
|
Fix for an Issue #379
|
2013-02-05 16:13:45 +01:00 |
|
Bernardo Damele
|
f7d826fee1
|
first case where partial output is retrievable via RESTful API - issue #297
|
2013-02-05 14:43:03 +00:00 |
|
Miroslav Stampar
|
4faa5f0f49
|
Fix for stalling in retrieving international letters (--technique=B)
|
2013-02-05 10:27:31 +01:00 |
|
Miroslav Stampar
|
74e82b2b53
|
Removing redundant check
|
2013-02-04 20:42:28 +01:00 |
|
Miroslav Stampar
|
cf8e5d535d
|
Minor cleanup
|
2013-02-04 20:15:44 +01:00 |
|
Miroslav Stampar
|
c5ae967fe0
|
Potential fix for an Issue #379
|
2013-02-04 17:43:58 +01:00 |
|
Bernardo Damele
|
9370f96a67
|
step by step getting there to partial output presentation to restful API (issue #297), not quite yet though..
|
2013-02-03 22:09:33 +00:00 |
|
Bernardo Damele
|
b55555e4e5
|
minor bug fix
|
2013-02-03 21:39:26 +00:00 |
|
Bernardo Damele
|
bd1ea13b8d
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-02-03 11:31:12 +00:00 |
|
Bernardo Damele
|
f8bc74758c
|
improvement to restful API to store to IPC database partial entries, not yet functional (issue #297)
|
2013-02-03 11:31:05 +00:00 |
|
Miroslav Stampar
|
6d942f92b5
|
Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))
|
2013-02-01 10:03:06 +01:00 |
|
Bernardo Damele
|
e8bd3c9c9f
|
cosmetics
|
2013-01-29 17:00:28 +00:00 |
|
Bernardo Damele
|
edd6699ed1
|
code refactoring and added /status method for scan (issue #297)
|
2013-01-29 16:11:25 +00:00 |
|
Bernardo Damele
|
1152cf8958
|
increased SQLite connection timeout to 3 seconds, the object will now wait for the lock to go away max 3 seconds, no longer 1 only. Relevant code refactoring and minor improvements all over the API library (issue #297)
|
2013-01-29 15:38:09 +00:00 |
|
Bernardo Damele
|
f1ab887c55
|
major enhancement, code refactoring for issue #297
|
2013-01-29 01:39:27 +00:00 |
|
Bernardo Damele
|
d07881b6c3
|
apply a little bit of secure coding practices to the API
|
2013-01-27 12:26:40 +00:00 |
|
Bernardo Damele
|
195d17449e
|
first test of stdout/stderr redirect to a database when sqlmap is executed from restful API (#297)
|
2013-01-25 17:11:31 +00:00 |
|
Bernardo Damele
|
5b3c8d8991
|
first implementation of asynchronous inter-protocol communication between the sqlmap RESTful API and the sqlmap engine with SQLite
|
2013-01-24 12:57:24 +00:00 |
|
Miroslav Stampar
|
601eb1e49a
|
Unescaping is renamed to escaping
|
2013-01-18 15:40:37 +01:00 |
|
Bernardo Damele
|
a43202f3c0
|
updated copyright
|
2013-01-18 14:07:51 +00:00 |
|
Miroslav Stampar
|
33ea811c6c
|
Removing some unused stuff (mainly imports)
|
2013-01-18 11:50:02 +01:00 |
|
Bernardo Damele
|
5e059ab6db
|
added check for DB2 lib
|
2013-01-17 14:20:34 +00:00 |
|
Miroslav Stampar
|
7a1d484115
|
Implementation for an Issue #340
|
2013-01-15 16:05:33 +01:00 |
|
Miroslav Stampar
|
2cac7e860e
|
Minor refactoring
|
2013-01-14 16:27:50 +01:00 |
|
Miroslav Stampar
|
31302eb707
|
Minor update
|
2013-01-14 16:26:07 +01:00 |
|
Miroslav Stampar
|
2a86c1cadc
|
Another cosmetics
|
2013-01-14 16:24:55 +01:00 |
|
Miroslav Stampar
|
1e1f560d0c
|
Minor cosmetics
|
2013-01-14 16:24:28 +01:00 |
|
Miroslav Stampar
|
0c2474cc22
|
Minor update
|
2013-01-14 16:21:40 +01:00 |
|
Miroslav Stampar
|
a5a309212a
|
Fix for an Issue #339
|
2013-01-14 16:18:03 +01:00 |
|
Miroslav Stampar
|
834be1eddc
|
Restyling redundant 'except Exception' form
|
2013-01-10 15:54:28 +01:00 |
|
Miroslav Stampar
|
934d41dac2
|
Minor style update (PEP8)
|
2013-01-10 15:02:28 +01:00 |
|
Miroslav Stampar
|
ca3d35a878
|
Some PEP8 related style cleaning
|
2013-01-10 13:18:44 +01:00 |
|
Bernardo Damele
|
8093f3950d
|
properly distinguish stdout from stderr with a separate pipe (tracebacks go to stderr) - issue #297
|
2013-01-10 00:52:44 +00:00 |
|
Bernardo Damele
|
ef40779ad3
|
upgraded to use custom subprocessng for non-blocking send and read functions for spawned processes. Added new method to display range of log messages, just in case and improved parsing/unpickling of read log messages
|
2013-01-10 00:01:28 +00:00 |
|
Bernardo Damele
|
9766f6025e
|
logging is now handled in a separate file descriptor :) - issue #297
|
2013-01-09 22:09:50 +00:00 |
|
Miroslav Stampar
|
bf5544903b
|
Minor style update
|
2013-01-09 16:10:26 +01:00 |
|
Miroslav Stampar
|
bdd2592848
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 15:22:30 +01:00 |
|
Miroslav Stampar
|
3d4f381ab5
|
Patch for an Issue #169
|
2013-01-09 15:22:21 +01:00 |
|
Bernardo Damele
|
c44a829b9b
|
pass a pickled options object to sqlmap engine when called from API
|
2013-01-09 12:34:45 +00:00 |
|
Bernardo Damele
|
1e1892c962
|
prep for subprocess..
|
2013-01-07 11:10:33 +00:00 |
|
Miroslav Stampar
|
e4a3c015e5
|
Replacing old and deprecated raise Exception style (PEP8)
|
2013-01-03 23:20:55 +01:00 |
|
Miroslav Stampar
|
cb91729913
|
Fix for an Issue #324 (crawling when HTML is not well-formed)
|
2012-12-27 20:55:37 +01:00 |
|
Bernardo Damele
|
832567ecf6
|
import order
|
2012-12-21 23:34:37 +00:00 |
|
Miroslav Stampar
|
352e516400
|
Bottle is a 3rd party tool (not going to extra folder)
|
2012-12-21 10:18:30 +01:00 |
|
Miroslav Stampar
|
0d5d84edc7
|
Minor cleanup
|
2012-12-20 21:03:41 +01:00 |
|
Miroslav Stampar
|
712cf4e4db
|
Fix for an Issue #316
|
2012-12-20 20:55:59 +01:00 |
|
Bernardo Damele
|
89d8c58fd1
|
poor attempt at forking a child process for sqlmap engine execution, output is not handled yet
|
2012-12-20 17:56:53 +00:00 |
|
Bernardo Damele
|
912323c12d
|
minor bug fix (#297)
|
2012-12-20 17:05:44 +00:00 |
|
Bernardo Damele
|
7adaffa71b
|
fixed options initiation
|
2012-12-20 16:53:43 +00:00 |
|
Bernardo Damele
|
b0635bddcc
|
adjustments
|
2012-12-20 15:29:23 +00:00 |
|
Bernardo Damele
|
e9ab33e9dd
|
standalone REST API, code cleanup (#297)
|
2012-12-20 14:35:02 +00:00 |
|
Bernardo Damele
|
5632279bf7
|
removed deprecated feature (#287)
|
2012-12-20 13:21:07 +00:00 |
|
Miroslav Stampar
|
c2c4601d6e
|
Minor restyling
|
2012-12-20 11:06:52 +01:00 |
|
Bernardo Damele
|
0500712a03
|
removed unuseful prints
|
2012-12-17 13:29:19 +00:00 |
|
Bernardo Damele
|
f40c52cc17
|
comment adjustment
|
2012-12-17 11:28:03 +00:00 |
|
Bernardo Damele
|
d4a061d0c3
|
code cleanup - #297
|
2012-12-15 00:29:35 +00:00 |
|
Bernardo Damele
|
0c3da5c7eb
|
code refactoring and first time logger is handled by a separate file descriptor (issue #297)
|
2012-12-15 00:12:22 +00:00 |
|
Bernardo Damele
|
2f6a31605c
|
code refactoring (#279)
|
2012-12-14 22:00:42 +00:00 |
|
Bernardo Damele
|
8dee8355c2
|
on our way to make it thread safe.. it is a long way actually (issue #297)
|
2012-12-14 18:13:21 +00:00 |
|
Bernardo Damele
|
21ecffb750
|
added more comments, improved cleanup method
|
2012-12-14 17:21:19 +00:00 |
|
Bernardo Damele
|
1421e6a9d4
|
implemented cleanup and status admin methods
|
2012-12-14 16:18:45 +00:00 |
|
Bernardo Damele
|
4fa2f400ec
|
minor fix
|
2012-12-14 15:55:30 +00:00 |
|
Bernardo Damele
|
4c4cb856ff
|
minor bug fix to the /scan/<taskid>output method, forced each taskid to have its own temporary folder for output - issue #297
|
2012-12-14 15:52:35 +00:00 |
|
Bernardo Damele
|
27906f388f
|
added first methods to interact with sqlmap core, it is now possible to launch a scan from the API, hurray! (issue #297)
|
2012-12-14 14:51:01 +00:00 |
|
Bernardo Damele
|
f52d81c834
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-14 13:40:36 +00:00 |
|
Bernardo Damele
|
0b71c85d95
|
refactoring, code cleanup, more security-related headers and first /scan method implementation (issue #297)
|
2012-12-14 13:40:25 +00:00 |
|
Miroslav Stampar
|
a3acf72e52
|
Fix for argparse issue
|
2012-12-14 14:35:11 +01:00 |
|
Bernardo Damele
|
3d9779ffd4
|
further improvements to RESTful API: enforce security headers across all HTTP responses properly and make consistent responses across methods (#297)
|
2012-12-14 12:15:04 +00:00 |
|
Bernardo Damele
|
7b43837238
|
cleaner solution for imports as standalone client/server (issue #297)
|
2012-12-14 12:04:44 +00:00 |
|
Bernardo Damele
|
90d5696b25
|
enhanced RESTful API to support JSON requests and improved standalone client/server skeleton (issue #297)
|
2012-12-14 12:01:13 +00:00 |
|
Bernardo Damele
|
2e97405ffa
|
bundle bottle library in sqlmap (it is MIT license) - issue #297
|
2012-12-14 03:00:30 +00:00 |
|
Bernardo Damele
|
0ec420cc70
|
leftovers
|
2012-12-14 02:54:16 +00:00 |
|
Bernardo Damele
|
a1b83cd56f
|
added first implementation of REST-JSON API library - issue #297
|
2012-12-14 02:52:31 +00:00 |
|
Bernardo Damele
|
6e31e87de1
|
added initial support (hidden from -hh and not yet usable) for REST-JSON API
|
2012-12-14 02:49:25 +00:00 |
|
Miroslav Stampar
|
c040323821
|
Minor update
|
2012-12-13 14:55:20 +01:00 |
|
Miroslav Stampar
|
b78b56d782
|
Update for an Issue #287 regarding read_output returning values
|
2012-12-12 17:17:36 +01:00 |
|
Miroslav Stampar
|
e381158058
|
Hmmm... Let me guess. Update for an Issue #287
|
2012-12-12 16:31:20 +01:00 |
|
Miroslav Stampar
|
c3f20a136f
|
Minor update for an Issue #287
|
2012-12-12 14:03:03 +01:00 |
|
Miroslav Stampar
|
32b39c72e4
|
Minor update
|
2012-12-12 12:07:56 +01:00 |
|
Miroslav Stampar
|
af52e8e8c2
|
Minor update for an Issue #287
|
2012-12-12 12:01:18 +01:00 |
|
Miroslav Stampar
|
a6448e8768
|
Update for an Issue #287
|
2012-12-12 11:54:59 +01:00 |
|
Miroslav Stampar
|
ef33729381
|
Writing only unique hashes to an output file (for eventual cracking with 3rd party tools)
|
2012-12-12 09:59:24 +01:00 |
|
Miroslav Stampar
|
b9f6fc5f4e
|
First commit (and working one) for an Issue #287 (XML-RPC server)
|
2012-12-11 16:02:06 +01:00 |
|
Miroslav Stampar
|
75e6d77fbc
|
Minor refactoring
|
2012-12-07 11:54:34 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|
Miroslav Stampar
|
baccbd6f48
|
Implementation for an Issue #283
|
2012-12-06 11:57:57 +01:00 |
|
Miroslav Stampar
|
ab67344448
|
Removed unused imports and variables (pyflake-ing)
|
2012-12-06 11:15:05 +01:00 |
|
Miroslav Stampar
|
b6650add46
|
Introducing 'new style classes' (idea from Pull request #284)
|
2012-12-06 10:42:53 +01:00 |
|
Miroslav Stampar
|
0f191f624c
|
Taking some goodies from Pull request #284
|
2012-12-06 10:21:53 +01:00 |
|
Miroslav Stampar
|
d4b5133df7
|
Update for an Issue #272
|
2012-12-04 17:04:32 +01:00 |
|
Miroslav Stampar
|
a14697e8cf
|
Implementation for an Issue #272
|
2012-12-04 16:47:34 +01:00 |
|
Miroslav Stampar
|
0664e72bea
|
Minor fix for an Issue #230
|
2012-11-30 12:13:34 +01:00 |
|
Miroslav Stampar
|
181c3534f0
|
Patch for an Issue #237
|
2012-11-08 19:16:37 +01:00 |
|
Miroslav Stampar
|
3cf5fc2f5a
|
Fix for an Issue #230
|
2012-11-05 15:10:49 +01:00 |
|
Miroslav Stampar
|
2de52927f3
|
Code refactoring (epecially Google search code)
|
2012-10-30 18:38:10 +01:00 |
|
Miroslav Stampar
|
76b793b199
|
Fix for an Issue #228
|
2012-10-30 18:08:25 +01:00 |
|
Miroslav Stampar
|
6e2041bc13
|
Better language than in last commit
|
2012-10-30 11:54:21 +01:00 |
|
Miroslav Stampar
|
1bbeb92eb6
|
Better language (used formation 'not required' in case of help for --dependencies while 'required'->'needs' in a check itself)
|
2012-10-30 11:19:39 +01:00 |
|
Miroslav Stampar
|
919f75db9b
|
Improvement and fix for pivotDumpTable mechanism
|
2012-10-28 23:09:35 +01:00 |
|
Miroslav Stampar
|
d7973c3e32
|
Improvement of pivotDumpTable mechanism (no more fail on first entry)
|
2012-10-28 22:18:22 +01:00 |
|
Miroslav Stampar
|
c1b8226329
|
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
|
2012-10-28 00:36:09 +02:00 |
|
Miroslav Stampar
|
a435ba6863
|
Minor fix
|
2012-10-28 00:19:00 +02:00 |
|
Miroslav Stampar
|
06805b27f2
|
Bug fix (time was also meant to be disabled in case of error/inband getvalues)
|
2012-10-27 23:16:25 +02:00 |
|
Miroslav Stampar
|
7207cf29dd
|
Minor update
|
2012-10-26 11:05:44 +02:00 |
|
Miroslav Stampar
|
afd82b92dd
|
Patch for an Issue #221
|
2012-10-25 10:21:36 +02:00 |
|
Miroslav Stampar
|
eb6f17b561
|
Fix for --dump and -d=mssql
|
2012-10-23 15:02:43 +02:00 |
|
Miroslav Stampar
|
fccdb824bb
|
Patch for an Issue #193
|
2012-09-25 11:21:39 +02:00 |
|
Miroslav Stampar
|
12d33c7a38
|
Fix for Issue #180 and #181 (missing module from an Issue #179)
|
2012-09-10 22:39:56 +02:00 |
|
Miroslav Stampar
|
f1f6364690
|
Changing default readInput value on dictionary-based attack depending on conf.multipleTargets
|
2012-08-22 16:10:38 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
b7415d36df
|
Minor refactoring
|
2012-08-21 10:28:25 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Miroslav Stampar
|
cba387a0a0
|
Minor speed up
|
2012-07-26 15:42:04 +02:00 |
|
Miroslav Stampar
|
655dd55a6f
|
Implementation of an Issue #105
|
2012-07-18 13:32:34 +02:00 |
|