Commit Graph

458 Commits

Author SHA1 Message Date
Miroslav Stampar
8994bf2dba Further dealing with time-based SQLi (Issue #1973) 2016-09-27 10:32:22 +02:00
Miroslav Stampar
2f2a63334a Minor cleanup 2016-09-23 13:39:27 +02:00
Miroslav Stampar
23afeb4c7a Fixes #2176 2016-09-23 13:37:44 +02:00
Miroslav Stampar
1b48ff223d Adding initial support for Informix (Issue #552) 2016-09-23 12:33:27 +02:00
Miroslav Stampar
7fea8d608e Fixes #2028 2016-07-16 22:42:15 +02:00
Miroslav Stampar
fba1720b31 Minor patch 2016-05-31 11:16:13 +02:00
Miroslav Stampar
9fad72f28b Adding support for MsAccess usage of parsed FROM table names (e.g. in case of ColdFusion) 2016-05-31 11:08:23 +02:00
Miroslav Stampar
2d59a10515 Better patch than last commit 2016-05-31 10:25:01 +02:00
Miroslav Stampar
21a25c4f00 Bug for fix comments in case of MsAccess 2016-05-31 10:24:13 +02:00
Miroslav Stampar
17a4ddad63 Fixes #1916 2016-05-30 13:10:25 +02:00
Miroslav Stampar
a81ea88eb0 Fixes #1889 2016-05-24 13:59:34 +02:00
Miroslav Stampar
e7aaea2b8e Update for an Issue #1826 2016-05-17 14:10:49 +02:00
Miroslav Stampar
d886b08dd9 Update for an Issue #1826 2016-05-17 13:45:03 +02:00
Miroslav Stampar
f06e498fb0 Implementation for an Issue #1826 2016-04-29 14:19:32 +02:00
Miroslav Stampar
674d516f3e Minor patch 2016-04-08 11:40:09 +02:00
Miroslav Stampar
ce3749622a Minor revisit of payload boundaries (Issue #1800) 2016-04-08 11:28:17 +02:00
Miroslav Stampar
305bfd9d30 Implements #1763 2016-04-04 13:50:10 +02:00
Miroslav Stampar
c50849707f Fixes #1748 2016-03-08 14:35:16 +01:00
Miroslav Stampar
08aae2b7c5 Bug fix (--prefix should not fix the origValue in REPLACEMENT payloads) 2016-02-05 11:53:24 +01:00
Miroslav Stampar
d0d676ccce Update of copyright string 2016-01-06 00:06:12 +01:00
Miroslav Stampar
7fa9c8e938 Patch for an Issue #1546 2015-11-20 11:38:26 +01:00
Miroslav Stampar
4335ae8330 Patching previous commit 2015-11-16 16:59:54 +01:00
Miroslav Stampar
94639d11a3 Another update related to the #1539 2015-11-16 15:33:05 +01:00
Miroslav Stampar
3451372d4e Fixes #1521 2015-11-04 14:48:40 +01:00
Miroslav Stampar
7c1cff6749 Fixing ancient bug (introduced with #6c80f29) - that removes original value when --prefix used 2015-10-22 15:14:12 +02:00
Miroslav Stampar
f793a26095 Removing ugly duplicating of \ (hidden bugs came - e.g. DNS exfiltration) 2015-10-15 16:00:59 +02:00
Miroslav Stampar
570562369b Further fixes for sqlmap to work properly with HSQLDB (WebGoat) 2015-10-13 13:04:59 +02:00
Miroslav Stampar
47a42c234e Fixes #1459 2015-10-10 19:19:50 +02:00
Miroslav Stampar
9641e84dd9 Bug fixes for HSQLDB 2015-10-09 16:52:13 +02:00
Miroslav Stampar
d424d4cdc7 Fixes #1457 2015-10-09 11:54:28 +02:00
Miroslav Stampar
401905b2dd Minor improvement to UNION file write 2015-07-26 17:02:46 +02:00
Miroslav Stampar
96327b6701 Fixes #1290 2015-07-05 01:47:01 +02:00
Miroslav Stampar
166dc98e81 Minor patch 2015-07-05 00:03:29 +02:00
Miroslav Stampar
97244f5e5e Fixes #1279 2015-06-29 00:20:35 +02:00
Miroslav Stampar
b212321c07 Fixes #1278 2015-06-26 10:30:53 +02:00
Miroslav Stampar
b02be9674f Fixes #1277 2015-06-26 10:11:34 +02:00
Miroslav Stampar
7d418af274 Fix for a bug reported privately by email 2015-06-22 16:28:35 +02:00
Miroslav Stampar
9e5ef094a3 Closes #1270 2015-06-16 22:20:21 +02:00
Miroslav Stampar
77c96de4ea Minor patch related to the last commit 2015-04-22 10:33:22 +02:00
Miroslav Stampar
95b52a02ec Minor patch for custom injection into HTTP Authorization header 2015-04-22 10:28:16 +02:00
Miroslav Stampar
45bdefd29b Update of copyright 2015-01-06 15:02:16 +01:00
Miroslav Stampar
4f122ee008 Bug fix regarding a problem reported by user @blink2014 2014-12-20 00:23:31 +01:00
Miroslav Stampar
8cd40f8917 Patch for an Issue #971 2014-11-25 13:54:26 +01:00
Miroslav Stampar
816348f1ab Patch for an Issue #963 2014-11-24 11:54:04 +01:00
Miroslav Stampar
4e0e64d06b Bug fix for DNS Exfiltration in PgSQL case ('invalid URI') 2014-10-31 20:28:37 +01:00
Miroslav Stampar
e239fefe67 Minor patch for JSON requests 2014-10-22 10:38:49 +02:00
Miroslav Stampar
c823c58d47 One patch related to the Issue #846 2014-10-09 14:39:54 +02:00
Miroslav Stampar
00fc842c6f Update agent.py 2014-09-20 10:20:57 +02:00
Miroslav Stampar
637d3cbaf7 Fix for cases when parameter name is urlencoded 2014-09-12 13:29:30 +02:00
Miroslav Stampar
658110e644 Minor fix 2014-08-11 12:46:37 +02:00
Miroslav Stampar
3cfa63646b Minor bug fix 2014-07-19 23:17:23 +02:00
Miroslav Stampar
7f371c499d Commit related to the last one 2014-04-10 21:29:59 +02:00
Miroslav Stampar
096ce7881e Minor beauty patch 2014-04-10 21:18:24 +02:00
Miroslav Stampar
0d1690de61 Minor fix 2014-04-10 21:18:24 +02:00
Miroslav Stampar
1e8349eeaa Minor fix 2014-04-10 21:18:24 +02:00
Miroslav Stampar
1632bec10b Another fix related to the last commit 2014-04-03 09:05:12 +02:00
Miroslav Stampar
3e024ac8e6 Minor update (consistency patch) 2014-03-30 16:51:31 +02:00
Miroslav Stampar
97f603af4a Fix for an Issue #641 2014-03-17 20:20:25 +01:00
Miroslav Stampar
6369a38ebc Adding support for JSON-like data with single quote 2014-02-26 08:56:17 +01:00
Miroslav Stampar
f97fcb7bb3 Adding a switch --invalid-string 2014-01-23 21:56:06 +01:00
Miroslav Stampar
f88f6dcd7e Changing --invalid-bignum from float producing to int producing 2014-01-23 09:07:25 +01:00
Bernardo Damele
43a4e85749 updated copyright 2014-01-13 17:24:49 +00:00
Miroslav Stampar
6c80f2903b Patch for an Issue #564 2013-12-27 11:02:59 +01:00
Miroslav Stampar
cadbddd607 Adding a boundary proposed in Issue #564 2013-12-27 10:46:18 +01:00
Miroslav Stampar
02de2aee6d Patch for an Issue #582 2013-12-26 22:27:04 +01:00
Miroslav Stampar
dd2ddec79a Minor fix (better extraction of original value in case of replacement and custom POST injection mark) 2013-12-03 13:37:04 +01:00
Miroslav Stampar
fabbe63f00 Proper fix for re.sub() call with repl value containing backslash 2013-10-23 18:07:38 +02:00
Miroslav Stampar
28529a92a7 Minor fix (for parameters with \ in value) 2013-10-23 10:49:50 +02:00
Miroslav Stampar
304c9822bd Patch for an Issue #545 2013-10-17 16:38:07 +02:00
Miroslav Stampar
a944028114 Revert of last commit 2013-10-02 22:14:50 +02:00
Miroslav Stampar
9ceb518a50 Minor patch 2013-10-02 22:03:53 +02:00
Miroslav Stampar
2fbd7e8929 Minor fix 2013-09-24 21:56:40 +02:00
stamparm
28cd50b2f1 Patch for an Issue #490 2013-07-16 14:08:32 +02:00
stamparm
ac2d40e259 Revert of last commit (there is a chance that that big integer value is really valid :) 2013-07-15 13:34:38 +02:00
stamparm
a097ee1505 Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant) 2013-07-15 13:31:56 +02:00
stamparm
dc1623a40f Fix for a bug reported over ML (error: unbalanced parenthesis) 2013-07-11 10:20:58 +02:00
stamparm
aad102378a Fix for an Issue #487 2013-07-09 11:00:43 +02:00
stamparm
f97b35dcc1 Patch for an Issue #475 2013-07-01 13:43:38 +02:00
stamparm
f7d15cb465 Official naming is HSQLDB (and/or HyperSQL) 2013-07-01 11:57:47 +02:00
Miroslav Stampar
aeb83ba651 Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
2013-07-01 02:38:04 -07:00
Meatballs
09e1dc814d Fix concat 2013-06-24 23:20:34 +01:00
Miroslav Stampar
fca6772df6 Implementation for an Issue #468 2013-06-22 00:13:46 +02:00
stamparm
1c47b33020 Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple) 2013-04-15 15:23:45 +02:00
Miroslav Stampar
b67f342975 Minor patch 2013-04-01 17:32:16 +02:00
stamparm
473a39b820 Minor language fix 2013-03-26 14:11:17 +01:00
stamparm
ad039c335d Implementation for an Issue #423 2013-03-21 11:28:44 +01:00
stamparm
10e6c70c22 Trivial style update (undoing last dummy commit) 2013-03-19 10:43:29 +01:00
stamparm
70265fd3b5 Trivial style update 2013-03-19 10:43:03 +01:00
stamparm
5adac57ca9 Trivial style update 2013-03-19 10:42:50 +01:00
Miroslav Stampar
5df1f5528e More general update for an Issue #421 2013-03-15 22:49:09 +01:00
Miroslav Stampar
f0a419bdec Patch for an Issue #421 2013-03-15 22:08:15 +01:00
Miroslav Stampar
8e6692d793 Minor fix (for JSON values with :) 2013-03-05 20:12:24 +01:00
stamparm
55f33da85a Fix for invalid logical test cases 2013-03-01 12:04:49 +01:00
Miroslav Stampar
515be4ee0b Minor just in case commit related to the last one 2013-02-14 19:58:10 +01:00
Miroslav Stampar
fef60b73f4 Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases 2013-02-14 19:53:26 +01:00
Miroslav Stampar
c72353321d Minor update for an Issue #392 2013-02-14 13:36:33 +01:00
Bernardo Damele
4b9d8ed673 reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter 2013-02-14 11:32:17 +00:00
Bernardo Damele
a67ef4117f make sure to use Python 2 interpreter when default system Python is version 3 2013-02-14 11:25:04 +00:00
Miroslav Stampar
d78a3e977b Update (allowing regular char * to be inside SOAP/JSON/XML) 2013-02-13 12:24:42 +01:00
Miroslav Stampar
6314d64a70 Renaming --binary to --binary-fields 2013-02-13 11:27:03 +01:00