Bernardo Damele
|
e5a01d500e
|
Minor bug fix in --update option, updated also Microsoft XML versions file
|
2009-06-16 15:12:02 +00:00 |
|
Bernardo Damele
|
150abc0f1e
|
sqlmap 0.7-rc3: Reset takeover OOB features (if any of --os-pwn, --os-smbrelay or --os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter. Correctly handle fcntl to be imported only on systems different from Windows. Minor code refactoring.
|
2009-06-11 15:01:48 +00:00 |
|
Bernardo Damele
|
3bca0d4b28
|
Minor improvement so that user's options can also be passed directly as a dictionary/advancedDict rather than only as an optparse instance.
|
2009-06-05 10:15:55 +00:00 |
|
Bernardo Damele
|
5ac2b0658c
|
Fixed regular expression to parse burp log file hosts' scheme/port
|
2009-06-04 14:42:53 +00:00 |
|
Bernardo Damele
|
cfd8a83655
|
Minor adjustment to get also the port when parsing burp logs
|
2009-06-04 14:36:31 +00:00 |
|
Bernardo Damele
|
966f34f381
|
Minor parsing syntax adjustment due to sligh differences between Burp 1.2 lite and professional editions
|
2009-06-03 15:26:18 +00:00 |
|
Bernardo Damele
|
c7b72abc0e
|
Minor bug fix in parsing Burp (WebScarab too?) log to correctly parse httpS urls
|
2009-06-03 15:04:40 +00:00 |
|
Bernardo Damele
|
81d1a767ac
|
Minor bug fix in output manager (dumper) object
|
2009-05-20 13:56:23 +00:00 |
|
Bernardo Damele
|
ef3846e0de
|
Minor fix in Host header value by Oliver Gruskovnjak
|
2009-05-19 14:40:04 +00:00 |
|
Bernardo Damele
|
45dff4a00a
|
Added new function to search a file within the PATH environment variable paths:
it will be used when sqlmap will be packaged as DEB and RPM
|
2009-05-12 20:24:47 +00:00 |
|
Bernardo Damele
|
b463205544
|
Minor fixes for MacOSX
|
2009-05-12 20:24:00 +00:00 |
|
Bernardo Damele
|
ccedadd780
|
Finished Mac OS X
|
2009-04-30 21:42:54 +00:00 |
|
Bernardo Damele
|
e8c115500d
|
Now it works also on Mac OS X
|
2009-04-30 10:46:50 +00:00 |
|
Bernardo Damele
|
722ca8bf2f
|
Minor "fix"
|
2009-04-29 19:45:12 +00:00 |
|
Bernardo Damele
|
57b8bb4c8e
|
Minor syntax adjustment for web backdoor functionality
|
2009-04-28 21:51:22 +00:00 |
|
Bernardo Damele
|
1d7de719b9
|
Almost done with web backdoor functionality
|
2009-04-28 11:05:07 +00:00 |
|
Bernardo Damele
|
16b4530bbe
|
Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).
Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS.
|
2009-04-27 23:05:11 +00:00 |
|
Bernardo Damele
|
5121a4dcba
|
Send IE7.0 as default User-Agent
|
2009-04-24 20:13:21 +00:00 |
|
Bernardo Damele
|
546a6c32e3
|
Avoid deprecation warning on sha and md5 libraries on Python >= 2.6
|
2009-04-24 20:10:30 +00:00 |
|
Bernardo Damele
|
4ce74764b7
|
More verbose when reporting failure to create shellcode/payload stager (via Metasploit)
|
2009-04-23 20:39:32 +00:00 |
|
Bernardo Damele
|
1af6898618
|
Fixed POST parsing when -l option is provided (burp/webscarab log file)
|
2009-04-23 15:04:28 +00:00 |
|
Bernardo Damele
|
aefa7ef988
|
Avoid libmagic traceback on Windows.
WARNING: this release is a candidate, it only works on Linux/Unices for the moment!
|
2009-04-22 12:44:16 +00:00 |
|
Bernardo Damele
|
8c0ac767f4
|
Updated to sqlmap 0.7 release candidate 1
|
2009-04-22 11:48:07 +00:00 |
|
Bernardo Damele
|
0c1a6b3edf
|
Minor typo fix
|
2009-02-19 00:38:54 +00:00 |
|
Bernardo Damele
|
2355885712
|
Minor adjustment
|
2009-02-09 10:29:07 +00:00 |
|
Bernardo Damele
|
207e96e2b2
|
Major bug fix in the comparison algorithm to correctly handle also the
case that the url is stable and the False response changes the page
content very little.
|
2009-02-09 10:28:03 +00:00 |
|
Bernardo Damele
|
b12d955274
|
Updated packaging scripts, site and finalized the documentation to release version 0.6.4
|
2009-02-03 15:38:40 +00:00 |
|
Bernardo Damele
|
770e000cb4
|
Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs
|
2009-02-02 23:44:19 +00:00 |
|
Bernardo Damele
|
dded57f1cd
|
Minor bug fix to correctly unpack user's custom queries on Microsoft SQL Server
|
2009-01-30 23:58:48 +00:00 |
|
Bernardo Damele
|
6054090191
|
sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.
|
2009-01-28 14:53:11 +00:00 |
|
Bernardo Damele
|
a8d57bb031
|
Avoid DeprecationWarning with Python 2.6+
|
2009-01-22 23:53:01 +00:00 |
|
Bernardo Damele
|
c25b49e80e
|
Major bugfix to avoid "IFNULL and CAST" on CASE
|
2009-01-19 21:27:51 +00:00 |
|
Bernardo Damele
|
fd7cb9101c
|
Major bug fix to forge SQL injection payload on Oracle
|
2009-01-13 23:15:57 +00:00 |
|
Bernardo Damele
|
bc448211c5
|
Minor layout adjustment
|
2009-01-13 23:15:23 +00:00 |
|
Bernardo Damele
|
5560f0b68a
|
Updated the copyright
|
2009-01-12 21:35:38 +00:00 |
|
Bernardo Damele
|
e10ab5aa0e
|
Major bug fixes
|
2009-01-10 14:39:27 +00:00 |
|
Bernardo Damele
|
9c125a2b57
|
Minor improvement to use Python ConfigParser library when --save if specified.
Minor update to the user's manual
|
2009-01-03 22:59:22 +00:00 |
|
Bernardo Damele
|
d0604ef513
|
Major bug fix to correctly handle custom SQL "limited" queries on Oracle
|
2009-01-03 01:19:04 +00:00 |
|
Bernardo Damele
|
2d87a3349f
|
Fixed custom MSSQL "limited" query support also for Partial UNION query technique
|
2009-01-03 00:27:04 +00:00 |
|
Bernardo Damele
|
9c42a883be
|
Major bug fix to make it work properly with MSSQL custom limited (SELECT
TOP ...) queries with both inferential blind and Full UNION query
injection
|
2009-01-02 23:26:45 +00:00 |
|
Bernardo Damele
|
c1010c20d8
|
Minor adjustments
|
2008-12-30 21:24:01 +00:00 |
|
Bernardo Damele
|
a4d62af2ea
|
Minor layout adjustments to --union-tech
|
2008-12-29 18:48:23 +00:00 |
|
Bernardo Damele
|
9340bf59fb
|
Updated Microsoft SQL Server signature XML file.
Minor layout adjustments to --update output messages/diff
|
2008-12-29 18:46:43 +00:00 |
|
Bernardo Damele
|
64bb57d786
|
Minor bug fix to make the Partial UNION query SQL injection technique
work properly also on Oracle and Microsoft SQL Server.
|
2008-12-22 22:48:44 +00:00 |
|
Bernardo Damele
|
1f7810e46a
|
Major bug fix to make partial UNION query sql injection work properly
also on Microsoft SQL Server
|
2008-12-22 19:36:01 +00:00 |
|
Bernardo Damele
|
04c187c66a
|
Working on a bug (fix for Partial UNION query SQL injection technique
both Oracle and Microsoft SQL Server).
|
2008-12-22 00:51:09 +00:00 |
|
Bernardo Damele
|
2f406b3e56
|
Minor adjustments
|
2008-12-22 00:04:28 +00:00 |
|
Bernardo Damele
|
4ae464c80d
|
Minor enhancement to support an option (--union-tech) to specify the
technique to use to detect the number of columns used in the web
application SELECT statement: NULL bruteforcing (default) or ORDER BY
clause.
|
2008-12-21 21:39:53 +00:00 |
|
Bernardo Damele
|
996a872e51
|
We are already on sqlmap 0.6.4 release candidate 1..
|
2008-12-20 13:23:26 +00:00 |
|
Bernardo Damele
|
c18efe5084
|
Minor adjustments
|
2008-12-20 13:21:47 +00:00 |
|