Miroslav Stampar
da7f4eeffd
removing left over
2012-03-18 17:33:14 +00:00
Miroslav Stampar
0fc4288a7c
modifying redirection code for only two choices
2012-03-18 17:27:08 +00:00
Bernardo Damele
c03d0e24fb
it must stay as is
2012-03-16 17:42:00 +00:00
Bernardo Damele
3505503a08
no need to return here
2012-03-16 17:30:16 +00:00
Bernardo Damele
942d9e4fa8
code cleanup
2012-03-16 17:27:24 +00:00
Bernardo Damele
a1c943fc79
Major bug fix to comparison algorithm with OR based boolean-based injections
2012-03-16 17:22:55 +00:00
Miroslav Stampar
577caac4de
putting kb.negativeLogic setting to the safe place
2012-03-16 09:17:11 +00:00
Miroslav Stampar
209e795369
minor just in case update
2012-03-16 09:02:17 +00:00
Miroslav Stampar
adb5fff6b2
one more update related to the redirection mechanism
2012-03-15 20:17:40 +00:00
Miroslav Stampar
7d313ac911
few more fixes for proper redirecting mechanism
2012-03-15 19:47:59 +00:00
Bernardo Damele
86c4650058
Minor bug fix - revert
2012-03-15 17:12:24 +00:00
Bernardo Damele
cc15373769
More explicit function name also getRatioValue parameter has nothing to do with comparison at this stage as far as I can see (that might have fixed another "bug", to be checked later)
2012-03-15 16:29:28 +00:00
Bernardo Damele
4520744b4d
second step toward negative logic support (ported to detection phase too) - works well with --string, --regexp and --code now
2012-03-15 16:25:26 +00:00
Miroslav Stampar
ddd92476a8
minor fix
2012-03-15 15:58:25 +00:00
Miroslav Stampar
19beb912fa
first step toward negative logic support
2012-03-15 15:52:12 +00:00
Miroslav Stampar
8dd570057b
minor fix (double traffic log for -t in case of HTTP error)
2012-03-15 14:51:16 +00:00
Miroslav Stampar
f7df755f37
minor update
2012-03-15 12:55:22 +00:00
Miroslav Stampar
3d39c6cb3b
some fixes here and there
2012-03-15 12:14:50 +00:00
Miroslav Stampar
91f1d6141f
minor fix
2012-03-15 11:24:55 +00:00
Miroslav Stampar
a8c9a47092
redirect logic rewritten from scratch
2012-03-15 11:10:58 +00:00
Miroslav Stampar
52a8b25ff4
minor fix
2012-03-14 14:31:41 +00:00
Miroslav Stampar
a7fbc55748
grammar fix
2012-03-13 22:03:23 +00:00
Miroslav Stampar
edfcddd3c3
minor fix for logging only cookies used by request (e.g. --load-cookies case)
2012-03-13 10:58:15 +00:00
Miroslav Stampar
34b0935cb3
refactoring "echo 1" quick test for xp_cmdshell console output
2012-03-13 10:36:49 +00:00
Miroslav Stampar
e6c610abab
minor fix
2012-03-13 09:14:56 +00:00
Miroslav Stampar
48bcde478e
more general update
2012-03-12 15:29:55 +00:00
Miroslav Stampar
1d0c8a7f44
minor update
2012-03-12 15:19:02 +00:00
Miroslav Stampar
5a83f1c5f7
minor update
2012-03-08 15:43:22 +00:00
Miroslav Stampar
cd28eb6544
minor update regarding --load-cookies
2012-03-08 10:19:34 +00:00
Miroslav Stampar
1ec56f93ec
minor update
2012-03-01 10:10:19 +00:00
Miroslav Stampar
a424de3102
minor fix
2012-02-27 12:55:28 +00:00
Miroslav Stampar
1e82405bb9
HashDB is now supported in -d too
2012-02-27 12:14:01 +00:00
Miroslav Stampar
f94b91ad87
added helper function for HashDB data storing/retrieval
2012-02-24 13:07:20 +00:00
Miroslav Stampar
0478e4166a
minor justin case fix
2012-02-23 15:19:20 +00:00
Miroslav Stampar
b3bd4144f5
removing of unused imports together with some general code refactoring
2012-02-22 10:40:11 +00:00
Bernardo Damele
121148f27f
There was no point relying on a support table (sqlmapoutput) to get the stdout of executed OS commands when using direct connection (-d) and it saves also number of requests.
...
Also, BULK INSERT apparently does not work on MSSQL when running as Network Service (at least on Windows XP) so one more reason to avoid using support table.
Minor fix also to threat MSSQL's EXEC statements as SELECT ones
2012-02-17 15:54:49 +00:00
Miroslav Stampar
aee269cc14
gazillion changes, nothing will work, muhahaha
2012-02-17 14:22:48 +00:00
Miroslav Stampar
dcf7277a0f
some more refactorings
2012-02-16 14:42:28 +00:00
Miroslav Stampar
e1f86c97c4
minor refactoring
2012-02-16 09:46:41 +00:00
Bernardo Damele
1c44d6d3c7
Fixed annoying bug that prevented proper checkBooleanExpression() function to work with direct connection (-d). Now DBMS fingerprint should work properly with -d
2012-02-14 17:29:00 +00:00
Miroslav Stampar
85a4ef6593
minor update
2012-02-08 12:00:03 +00:00
Miroslav Stampar
e50d64546f
minor fix
2012-02-07 14:57:48 +00:00
Miroslav Stampar
2b05ded9c3
just a makeup
2012-02-07 12:05:23 +00:00
Miroslav Stampar
f7bf1fbe94
upgrade/fixes for direct DBMS access
2012-02-07 10:46:55 +00:00
Miroslav Stampar
af71e3c563
minor update
2012-02-06 09:48:44 +00:00
Miroslav Stampar
a7970d094a
minor update
2012-02-01 15:10:06 +00:00
Miroslav Stampar
8405ef59ac
some estetic updates
2012-02-01 14:49:42 +00:00
Miroslav Stampar
594579bef4
fix for a bug regarding --cookie and --crawl
2012-01-30 09:17:22 +00:00
Miroslav Stampar
2094c715db
minor update
2012-01-23 09:44:17 +00:00
Miroslav Stampar
527ce070a3
minor fix
2012-01-16 10:04:18 +00:00