Commit Graph

85 Commits

Author SHA1 Message Date
Miroslav Stampar
da1ea48947 added some nagging for connection details 2010-04-13 11:00:15 +00:00
Miroslav Stampar
fcceceed45 fix for bug reported by shiftzwei@gmail.com regarding formatDBMSfp with unknown DBMS version 2010-04-09 10:40:08 +00:00
Bernardo Damele
cad8f61d55 Force pymssql to version >= 1.0.2 2010-03-31 15:31:11 +00:00
Bernardo Damele
5fdebb5d5b Added support to directly connect also to Microsoft SQL Server database.
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00
Miroslav Stampar
ae3455a0c2 more update 2010-03-30 11:28:14 +00:00
Miroslav Stampar
738c210075 update 2010-03-30 11:21:26 +00:00
Miroslav Stampar
87d8c6719e updates, fixes and stuff 2010-03-30 11:06:30 +00:00
Bernardo Damele
a0290a257b Added support to connect directly also to Oracle - see #158 2010-03-27 21:50:19 +00:00
Bernardo Damele
1416cd0d86 Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).
Minor layout adjustments.
2010-03-26 23:23:25 +00:00
Miroslav Stampar
8bab94de64 added two new functions: isBase64EncodedString and isHexEncodedString for Feature #71 2010-03-26 17:18:02 +00:00
Bernardo Damele
f9a135e232 Minor bug fix and layout adjustment regarding --threading and standard output 2010-03-22 17:38:19 +00:00
Bernardo Damele
d00e4a458a Code cleanup 2010-03-21 00:39:44 +00:00
Bernardo Damele
0d559d14df Initial support for SQLite (90% approx).
Initial support for Firebird (30% approx).
Initial support for Access (10% approx).
Shared libraries code/installation scripts ported to 64bit, directory structure adapted.
Minor code adjustments.
2010-03-18 17:20:54 +00:00
Bernardo Damele
3b3353e05b Revert last commit 2010-03-16 13:56:36 +00:00
Miroslav Stampar
1dfe558d3d Fix for Issue #177 2010-03-16 13:11:44 +00:00
Bernardo Damele
5063401130 Minor bug fix, fixes #170 2010-03-15 11:00:14 +00:00
Miroslav Stampar
b544405878 fixed some issue involving banner parsing 2010-03-04 09:15:26 +00:00
Bernardo Damele
a654a426ef Minor adjustments 2010-03-03 16:19:17 +00:00
Bernardo Damele
156fdd96ef Updated copyright 2010-03-03 15:26:27 +00:00
Bernardo Damele
694356821d sqlmap does not save nor leave back in temporary folder any file named 'sqlmapRANDOM', only random names now, less suspicious 2010-02-26 13:13:50 +00:00
Bernardo Damele
8c68d25b39 Major bug fix, be careful when editing isWindowsPath() and normalizePath() in common.py, they can break all 2010-02-26 12:00:47 +00:00
Bernardo Damele
98496fd173 Show also site in the banner 2010-02-25 17:37:46 +00:00
Bernardo Damele
404927d04a Adjusted banner, increased release candidate to rc7 2010-02-25 17:34:54 +00:00
Miroslav Stampar
d95a8850c8 fix 2010-02-25 16:38:39 +00:00
Miroslav Stampar
0913d700a8 important update regarding default directories 2010-02-25 15:22:41 +00:00
Bernardo Damele
a10adcfe08 Minor code cleanup 2010-02-25 15:16:41 +00:00
Miroslav Stampar
3721451cd6 default dirs update 2010-02-25 14:51:39 +00:00
Miroslav Stampar
9c014c0fd0 minor change 2010-02-20 23:11:05 +00:00
Miroslav Stampar
cef248a5ea update for that invalid target url Otavio Augusto reported 2010-02-10 12:06:23 +00:00
Miroslav Stampar
00a23ace9a some changes regarding web takeover 2010-02-09 14:27:41 +00:00
Miroslav Stampar
ec63fc4036 code refactoring - added functions posixToNtSlashes and ntToPosixSlashes 2010-02-04 14:37:00 +00:00
Miroslav Stampar
e4699f389d some bug fixes regarding --os-shell usage against windows servers 2010-02-04 09:49:31 +00:00
Miroslav Stampar
ea045eaa2f fixed serious issue with adding file paths into kb.absFilePaths (dirname was wrongly added, and afterwards getDirs used dirname of dirname)
also, fixed some issues with Windows paths
2010-02-03 16:40:12 +00:00
Miroslav Stampar
494e014a4a minor update 2010-02-03 16:04:44 +00:00
Miroslav Stampar
894b9f0f80 minor minor update 2010-02-03 15:15:30 +00:00
Miroslav Stampar
25f1a9c7d0 upgrade of web directory parsing for things like C:/xampp/htdocs/sqlmap/mysql/get_int.php (XAMPP uses this) 2010-02-03 15:06:41 +00:00
Miroslav Stampar
c74b920f54 bug fix 2010-02-03 14:49:28 +00:00
Miroslav Stampar
92817159dc cloaked upx for windows (used mkstemp because of execution and file access rights problem) 2010-01-29 10:12:09 +00:00
Bernardo Damele
6f5d2ed171 Minor cosmetic adjustments 2010-01-28 17:07:34 +00:00
Miroslav Stampar
732ed48e2b some refactoring regarding decloaking 2010-01-28 16:50:34 +00:00
Miroslav Stampar
645afee359 some changes 2010-01-28 00:25:36 +00:00
Miroslav Stampar
a4d8234875 minor update 2010-01-24 14:23:19 +00:00
Miroslav Stampar
98205cc488 another fix for Bug #148 2010-01-23 23:29:34 +00:00
Bernardo Damele
4ce3abc56d Minor adjustments 2010-01-15 17:42:46 +00:00
Miroslav Stampar
5f171340f5 introduced safe string formatting 2010-01-15 16:06:59 +00:00
Miroslav Stampar
dcf0b2a3c1 minor update 2010-01-15 11:45:48 +00:00
Miroslav Stampar
f5c422efb4 updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before 2010-01-15 11:44:05 +00:00
Bernardo Damele
6a62a78b0a More generic 2010-01-08 23:50:06 +00:00
Bernardo Damele
80df1fdcf9 Minor bug fix with --sql-query/shell when providing a statement with DISTINCT 2010-01-05 16:15:31 +00:00
Bernardo Damele
954a927cee Minor bug fix to properly execute --time-test also on MySQL >= 5.0.12 2010-01-05 11:43:16 +00:00