Miroslav Stampar
|
45c88b36c6
|
Fix for an Issue #532
|
2013-09-30 09:33:39 +02:00 |
|
Miroslav Stampar
|
2fbd7e8929
|
Minor fix
|
2013-09-24 21:56:40 +02:00 |
|
Miroslav Stampar
|
df9b1d72de
|
Minor update
|
2013-09-24 21:44:59 +02:00 |
|
Miroslav Stampar
|
f11e15a180
|
Minor update
|
2013-09-11 23:22:10 +02:00 |
|
Miroslav Stampar
|
a3defc175d
|
Fix (we are not using certificate but PEM private key file in this particular authentication; also, auxiliary cert_file is holding certificate chain that is ignored by python itself)
|
2013-09-11 23:17:18 +02:00 |
|
Miroslav Stampar
|
4cf49bc0cc
|
Minor fix for an Issue #517
|
2013-09-05 09:22:11 +02:00 |
|
Miroslav Stampar
|
b17bb07301
|
Minor regex update
|
2013-09-04 19:28:59 +02:00 |
|
Miroslav Stampar
|
bf57f636a3
|
Fix for an Issue #517
|
2013-09-04 19:22:24 +02:00 |
|
Miroslav Stampar
|
9e975210ac
|
Implementation for an Issue #515
|
2013-08-30 10:22:43 +02:00 |
|
Miroslav Stampar
|
e0bfb0503c
|
Minor language update
|
2013-08-30 09:55:57 +02:00 |
|
Miroslav Stampar
|
28eca2116f
|
Fix for an Issue #513
|
2013-08-27 13:55:38 +02:00 |
|
Miroslav Stampar
|
7cb3ea20dd
|
Minor patch for a problem noticed yesterday too (in some cases if Ctrl-C is pressed sent is most probably a None value)
|
2013-08-23 11:59:58 +02:00 |
|
Miroslav Stampar
|
bc19f40d09
|
Minor update
|
2013-08-22 10:44:21 +02:00 |
|
Miroslav Stampar
|
23f2c5f166
|
Finishing implementation for an Issue #58
|
2013-08-20 19:35:49 +02:00 |
|
Miroslav Stampar
|
6cc0cf3702
|
Minor comment update
|
2013-08-20 18:36:31 +02:00 |
|
Miroslav Stampar
|
1f2c8fbf59
|
Fix for an Issue #500
|
2013-08-13 20:40:36 +02:00 |
|
Miroslav Stampar
|
52a71546d0
|
Implementation for an Issue #507
|
2013-08-13 18:55:23 +02:00 |
|
bladeswords
|
6d756317c3
|
Remove debugging which prevents sqlmap from running smoothly
|
2013-08-13 13:58:45 +10:00 |
|
Miroslav Stampar
|
b2855e0281
|
Minor patch
|
2013-08-12 14:25:51 +02:00 |
|
Miroslav Stampar
|
a711c9ed36
|
Minor cleanup and initial work for #58
|
2013-08-09 14:13:48 +02:00 |
|
Miroslav Stampar
|
1088011bf0
|
Adding new binary file formats for excluding in crawling
|
2013-08-02 23:07:13 +02:00 |
|
Miroslav Stampar
|
953b5815d8
|
Implementation for an Issue #496
|
2013-07-31 21:15:03 +02:00 |
|
Miroslav Stampar
|
6b826ef64d
|
Reintroducing option --cookie-del
|
2013-07-31 20:41:19 +02:00 |
|
Miroslav Stampar
|
eaacbe0b12
|
Minor language fix
|
2013-07-31 09:24:34 +02:00 |
|
Miroslav Stampar
|
4f58e0af0c
|
Minor fix
|
2013-07-31 08:45:04 +02:00 |
|
Miroslav Stampar
|
a585aa4bff
|
Adding support for ~
|
2013-07-29 20:42:29 +02:00 |
|
Miroslav Stampar
|
de31688c4f
|
Update for an Issue #481
|
2013-07-29 18:25:27 +02:00 |
|
stamparm
|
dbb0d7f700
|
Important fix (Issue #489) - we had a bad presumption than only public schema could be used for enumeration (while all schemas inside a current db could be used)
|
2013-07-19 13:24:35 +02:00 |
|
stamparm
|
28cd50b2f1
|
Patch for an Issue #490
|
2013-07-16 14:08:32 +02:00 |
|
stamparm
|
ac2d40e259
|
Revert of last commit (there is a chance that that big integer value is really valid :)
|
2013-07-15 13:34:38 +02:00 |
|
stamparm
|
a097ee1505
|
Switching --invalid-bignum to a pure integer constant (more generic - more statements require pure integer constant)
|
2013-07-15 13:31:56 +02:00 |
|
stamparm
|
dc1623a40f
|
Fix for a bug reported over ML (error: unbalanced parenthesis)
|
2013-07-11 10:20:58 +02:00 |
|
stamparm
|
01159575b2
|
Fix for an Issue #488
|
2013-07-11 10:11:43 +02:00 |
|
stamparm
|
aad102378a
|
Fix for an Issue #487
|
2013-07-09 11:00:43 +02:00 |
|
stamparm
|
be5ce760b6
|
Fix for an Issue #485 (failing back to single-thread mode if over some bisection length)
|
2013-07-09 10:24:48 +02:00 |
|
stamparm
|
8d3435ab0b
|
Removing reflective warning for parsing heuristic test
|
2013-07-08 11:48:33 +02:00 |
|
stamparm
|
db536427f0
|
Adding a question for storing hashes to a temporary file (after a mention of it on Twitter)
|
2013-07-04 15:34:00 +02:00 |
|
stamparm
|
f97b35dcc1
|
Patch for an Issue #475
|
2013-07-01 13:43:38 +02:00 |
|
stamparm
|
017ce22a2f
|
Minor consistency patch (Issue #475)
|
2013-07-01 13:01:53 +02:00 |
|
stamparm
|
5ff09aff63
|
Some more adjustments (Issue #475)
|
2013-07-01 12:50:12 +02:00 |
|
stamparm
|
04046f38eb
|
Minor update (Issue #475)
|
2013-07-01 12:26:57 +02:00 |
|
stamparm
|
f7d15cb465
|
Official naming is HSQLDB (and/or HyperSQL)
|
2013-07-01 11:57:47 +02:00 |
|
Miroslav Stampar
|
aeb83ba651
|
Merge pull request #475 from Meatballs1/hsql_clean
HSQL Payloads and Query Support
|
2013-07-01 02:38:04 -07:00 |
|
Meatballs
|
4595b2c287
|
decodeHexValue
|
2013-06-24 23:45:39 +01:00 |
|
Meatballs
|
09e1dc814d
|
Fix concat
|
2013-06-24 23:20:34 +01:00 |
|
Meatballs
|
ed40a76c9d
|
Fix dummy table
|
2013-06-24 23:18:47 +01:00 |
|
Meatballs
|
9212b05eeb
|
Add call to execute statements
|
2013-06-24 15:01:44 +01:00 |
|
Meatballs
|
62000c6406
|
Remaining files
|
2013-06-24 14:42:58 +01:00 |
|
Meatballs
|
7b6cc3d183
|
Add hsql settings
|
2013-06-24 14:38:44 +01:00 |
|
Meatballs
|
20a5d9a16e
|
Include HSQL dummy table
|
2013-06-24 14:37:42 +01:00 |
|
Miroslav Stampar
|
0355e29b7c
|
Minor fix (NoneType has no attribute split)
|
2013-06-24 14:49:53 +02:00 |
|
Miroslav Stampar
|
fca6772df6
|
Implementation for an Issue #468
|
2013-06-22 00:13:46 +02:00 |
|
stamparm
|
a53823f9b7
|
Minor refactoring
|
2013-06-19 10:59:26 +02:00 |
|
stamparm
|
9a6f5a95f5
|
Minor patch for SQLAlchemy/MSSQL
|
2013-06-18 09:36:09 +02:00 |
|
Miroslav Stampar
|
63d0e9bb12
|
Adding support for MsSQL >=2012 hash format (based on commit 70107f74f0be5357654f170a3f321e3e55e81881)
|
2013-06-13 21:50:35 +02:00 |
|
Miroslav Stampar
|
cdb434805a
|
Using alpha character as a boundary in union/error techniques (instead of ':') to support wider range of (output filtering) cases
|
2013-06-10 22:14:45 +02:00 |
|
Miroslav Stampar
|
3583f45ee7
|
Fix for an Issue #461
|
2013-06-10 11:44:56 +02:00 |
|
Miroslav Stampar
|
c1592e8508
|
Code refactoring (moving import ctypes to be used only when needed)
|
2013-06-04 22:23:44 +02:00 |
|
Miroslav Stampar
|
213d0ecfb9
|
Minor fix
|
2013-06-03 23:32:57 +02:00 |
|
Miroslav Stampar
|
351c70b390
|
Locale module screws string.letters, etc. in some cases (e.g. IDLE run)
|
2013-06-01 14:06:58 +02:00 |
|
Miroslav Stampar
|
b7989f93c5
|
Trivial update regarding last commit
|
2013-05-30 12:04:56 +02:00 |
|
Miroslav Stampar
|
ed8f16e754
|
Minor update on user's request
|
2013-05-30 12:01:13 +02:00 |
|
Miroslav Stampar
|
12870e6ff3
|
Minor fix
|
2013-05-30 11:42:27 +02:00 |
|
Miroslav Stampar
|
793a8ad349
|
Minor fix
|
2013-05-30 11:38:24 +02:00 |
|
stamparm
|
c3038fcb65
|
Minor cosmetic update
|
2013-05-29 15:46:59 +02:00 |
|
stamparm
|
dfd6ee20bb
|
Patch for an Issue #454
|
2013-05-29 15:26:11 +02:00 |
|
stamparm
|
60df3e9d1e
|
Minor cosmetic update (displaying 'Technique: DIRECT' instead of 'Technique: None' in case of direct access)
|
2013-05-29 15:04:14 +02:00 |
|
stamparm
|
e28b056028
|
Dummy fix
|
2013-05-29 14:26:00 +02:00 |
|
Miroslav Stampar
|
f3f752d85c
|
Patch for an Issue #452
|
2013-05-25 18:52:59 +02:00 |
|
Miroslav Stampar
|
a85a0e53de
|
Fix for an Issue 'ValueError: Invalid IPv6 URL'
|
2013-05-25 18:00:21 +02:00 |
|
Miroslav Stampar
|
e7ddc2fcab
|
Minor fix
|
2013-05-23 12:57:33 +04:00 |
|
Miroslav Stampar
|
eb8e12b7c2
|
Minor adjustment (for headers like 'name:http://asdas')
|
2013-05-23 11:29:43 +04:00 |
|
stamparm
|
1b3f1a4016
|
More appropriate naming (also, preventing ambiguities with --smart)
|
2013-05-22 23:21:43 +04:00 |
|
Miroslav Stampar
|
1a4ea186ca
|
Consistency fix
|
2013-05-19 23:00:40 +02:00 |
|
Miroslav Stampar
|
ea5c742595
|
Update (lagging checking is now always done once when time based compare is done; not only in case if statistical model is being filled)
|
2013-05-18 21:30:21 +02:00 |
|
Miroslav Stampar
|
b2b3b3b5a6
|
Minor bug fix (level names not properly used in non-logger output)
|
2013-05-18 16:44:21 +02:00 |
|
Miroslav Stampar
|
dcea745576
|
Minor update (not displaying safe enclosings in table dumps)
|
2013-05-18 16:13:34 +02:00 |
|
stamparm
|
76b4e1ccb9
|
Implementation for an Issue #450
|
2013-05-17 15:04:25 +02:00 |
|
stamparm
|
cb9ea67c8d
|
Code refactoring (moving progress.py to lib/utils)
|
2013-05-13 14:48:39 +02:00 |
|
stamparm
|
936815128d
|
Minor fix
|
2013-05-13 13:42:43 +02:00 |
|
Miroslav Stampar
|
034e123b0c
|
Minor fix (to accept -p cookie without need for raising --level / as it's already done for referer and user_agent)
|
2013-05-12 16:24:13 +02:00 |
|
Miroslav Stampar
|
6676eaf88f
|
Minor fix
|
2013-05-12 14:02:50 +02:00 |
|
Miroslav Stampar
|
f8cef1fc6f
|
Minor fix for a test case 211
|
2013-05-09 21:20:17 +02:00 |
|
stamparm
|
3873805dab
|
Partial implementation for an Issue #189 (error-based; still partial union left)
|
2013-05-09 16:23:57 +02:00 |
|
stamparm
|
9fe5a8832f
|
Update for an Issue #189 (code refactoring of ProgressBar so it could be ready for usage in non-inference cases out of box)
|
2013-05-09 15:52:18 +02:00 |
|
stamparm
|
fc57b7565d
|
Implementation for an Issue #432
|
2013-05-09 14:26:29 +02:00 |
|
stamparm
|
ebe8ee3500
|
Fix for crawler and redirection case
|
2013-04-30 18:08:26 +02:00 |
|
stamparm
|
d2a5548889
|
Some more reordering
|
2013-04-30 14:32:11 +02:00 |
|
stamparm
|
16866119b8
|
Another minor update
|
2013-04-30 14:11:56 +02:00 |
|
stamparm
|
08fbfda5d2
|
Minor update
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
69e3a2cb9e
|
Minor update
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
03c4eb8338
|
Minor update
|
2013-04-30 14:06:04 +02:00 |
|
stamparm
|
46557198a5
|
Minor update of doc root names
|
2013-04-29 11:29:59 +02:00 |
|
stamparm
|
63d7707346
|
Adding support for appending to the existing table dump if --start/--stop is used
|
2013-04-24 16:08:40 +02:00 |
|
stamparm
|
8d382f00e8
|
Minor style update
|
2013-04-22 11:38:47 +02:00 |
|
Miroslav Stampar
|
a475116853
|
Minor check
|
2013-04-21 21:42:23 +02:00 |
|
stamparm
|
0d92145fc6
|
Minor bug fix
|
2013-04-19 15:40:25 +02:00 |
|
stamparm
|
0cb3ce5765
|
Bug fix (maybe it will have repercusions in future as this was a silent bug)
|
2013-04-19 10:10:06 +02:00 |
|
stamparm
|
b7d4afcc63
|
Moving '--pivot-column' to a General section (Issue #437)
|
2013-04-18 17:12:32 +02:00 |
|
stamparm
|
9d045e14e8
|
Implementation for an Issue #437
|
2013-04-18 17:06:45 +02:00 |
|
stamparm
|
2defc30dc6
|
From now on --dbms-cred can be used also in combination with -d (more flexibility as spotted that one user used in that way on ML)
|
2013-04-17 11:12:15 +02:00 |
|
stamparm
|
feed2274c3
|
Patch for an Issue #435
|
2013-04-17 10:48:17 +02:00 |
|
stamparm
|
c73489aff3
|
Adding a couple of new option validation checks
|
2013-04-16 14:31:10 +02:00 |
|
stamparm
|
7204ec5616
|
Adding a basic validation check (-d with --url)
|
2013-04-16 14:23:27 +02:00 |
|
stamparm
|
1c47b33020
|
Few bug fixes in -d (there were late values in payloads in some cases; sqlalchemy returns RowProxy for tuple)
|
2013-04-15 15:23:45 +02:00 |
|
stamparm
|
aed738d6e6
|
Update for an Issue #361
|
2013-04-15 14:20:21 +02:00 |
|
stamparm
|
a9a0d1a3f9
|
Minor update
|
2013-04-15 11:56:19 +02:00 |
|
stamparm
|
10fbeaed7b
|
Code refactoring
|
2013-04-15 11:49:11 +02:00 |
|
stamparm
|
349f885f08
|
Minor patch
|
2013-04-15 11:41:53 +02:00 |
|
stamparm
|
3e65037a05
|
Introducing lib/utils/sqlalchemy.py (Issue #361)
|
2013-04-15 10:33:25 +02:00 |
|
Miroslav Stampar
|
b6fee638ef
|
Neutralizing time of cookie expiration (in case of --load-cookies)
|
2013-04-14 01:13:08 +02:00 |
|
stamparm
|
7edd7ee2aa
|
Trivial code change
|
2013-04-12 16:25:24 +02:00 |
|
Miroslav Stampar
|
0b449bb1d9
|
Fix for an Issue #433
|
2013-04-10 19:33:31 +02:00 |
|
stamparm
|
f67148a9a4
|
Update for an Issue #431
|
2013-04-10 16:43:57 +02:00 |
|
stamparm
|
8c9da95343
|
Style and consistency update (url -> URL)
|
2013-04-09 11:48:42 +02:00 |
|
stamparm
|
3948b527dd
|
Update for an Issue #429
|
2013-04-09 11:36:33 +02:00 |
|
stamparm
|
cce541cc33
|
Patch for an Issue #429
|
2013-04-09 10:39:20 +02:00 |
|
Miroslav Stampar
|
7614c815ed
|
Minor update/patch
|
2013-04-07 21:32:03 +02:00 |
|
Miroslav Stampar
|
50ac3aab7a
|
Minor patch
|
2013-04-06 01:56:24 +02:00 |
|
stamparm
|
a75d3ed0b8
|
Minor style update
|
2013-04-06 01:56:23 +02:00 |
|
Miroslav Stampar
|
f387333415
|
Minor cosmetics
|
2013-04-02 17:34:56 +02:00 |
|
Miroslav Stampar
|
4b5335a323
|
Moving --force-ssl from [Request] to [General] options
|
2013-04-02 17:18:21 +02:00 |
|
Miroslav Stampar
|
76a0d20799
|
Minor patch
|
2013-04-01 22:18:41 +02:00 |
|
Miroslav Stampar
|
b67f342975
|
Minor patch
|
2013-04-01 17:32:16 +02:00 |
|
stamparm
|
a371f182ac
|
Minor patch (previous combination is not working well with oriental characters - 0 length normalized unicode string is being returned)
|
2013-03-28 15:37:14 +01:00 |
|
stamparm
|
e1ffdde532
|
Little cleaning a mess with url encoding and post hint types
|
2013-03-27 13:39:27 +01:00 |
|
stamparm
|
0882fe0ce3
|
Minor update related to the last two
|
2013-03-26 16:04:56 +01:00 |
|
stamparm
|
eb1bfc20cb
|
Update related to the last commit
|
2013-03-26 15:36:44 +01:00 |
|
stamparm
|
2fe6aea0eb
|
Minor fix
|
2013-03-26 15:07:14 +01:00 |
|
stamparm
|
825aa4b8dd
|
Minor language update
|
2013-03-26 14:27:51 +01:00 |
|
stamparm
|
473a39b820
|
Minor language fix
|
2013-03-26 14:11:17 +01:00 |
|
stamparm
|
ad039c335d
|
Implementation for an Issue #423
|
2013-03-21 11:28:44 +01:00 |
|
stamparm
|
7447773237
|
Update for consistency (all other enums are using _ in between words)
|
2013-03-20 11:10:24 +01:00 |
|
Miroslav Stampar
|
8acf033715
|
Code refactoring
|
2013-03-19 19:24:14 +01:00 |
|
stamparm
|
6969874c02
|
Switch --no-cast is incompatible with switch --hex (integer values are not being casted in case of --no-cast --hex which is causing unwanted decodings of returned values)
|
2013-03-19 10:52:37 +01:00 |
|
stamparm
|
10e6c70c22
|
Trivial style update (undoing last dummy commit)
|
2013-03-19 10:43:29 +01:00 |
|
stamparm
|
70265fd3b5
|
Trivial style update
|
2013-03-19 10:43:03 +01:00 |
|
stamparm
|
5adac57ca9
|
Trivial style update
|
2013-03-19 10:42:50 +01:00 |
|
Miroslav Stampar
|
5df1f5528e
|
More general update for an Issue #421
|
2013-03-15 22:49:09 +01:00 |
|
Miroslav Stampar
|
f0a419bdec
|
Patch for an Issue #421
|
2013-03-15 22:08:15 +01:00 |
|
Miroslav Stampar
|
4cb378ce3e
|
Another update for an Issue #352 and couple of fixes
|
2013-03-13 21:57:09 +01:00 |
|
Miroslav Stampar
|
b35122a42c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-03-13 19:52:17 +01:00 |
|
Miroslav Stampar
|
eb08c8d752
|
Another update for an Issue #352
|
2013-03-13 19:42:22 +01:00 |
|
Bernardo Damele
|
dea62189b2
|
fixes #420
|
2013-03-12 22:16:42 +00:00 |
|
Miroslav Stampar
|
2f43c3eb9b
|
Minor fix (digest live test case) and some refactoring
|
2013-03-12 21:16:44 +01:00 |
|
Miroslav Stampar
|
65306f1ac1
|
Update for an Issue #352
|
2013-03-12 20:10:32 +01:00 |
|
Miroslav Stampar
|
db0a1e58b9
|
Update for an Issue #352
|
2013-03-11 14:58:05 +01:00 |
|
Miroslav Stampar
|
d6fc10092f
|
Minor refactoring
|
2013-03-11 13:31:50 +01:00 |
|
Miroslav Stampar
|
1e731f87a4
|
Patch for an Issue #419 (Authentication header is now properly being cached - no more one reauth per each request)
|
2013-03-09 19:33:04 +01:00 |
|
Miroslav Stampar
|
8e6692d793
|
Minor fix (for JSON values with :)
|
2013-03-05 20:12:24 +01:00 |
|
Miroslav Stampar
|
9e49d8c68f
|
Adding support for SHA2 hash functions
|
2013-03-05 11:04:46 +01:00 |
|
Miroslav Stampar
|
2ada9e9b84
|
Patch for an Issue Issue #416
|
2013-03-04 18:05:40 +01:00 |
|
Miroslav Stampar
|
084cfc797a
|
Fix for an Issue #415
|
2013-03-02 09:55:12 +01:00 |
|
stamparm
|
55f33da85a
|
Fix for invalid logical test cases
|
2013-03-01 12:04:49 +01:00 |
|
Miroslav Stampar
|
0e89cc62a2
|
Adding a hidden switch --dummy used for dummy runs (getPage() returns random data) - usefull for testing purposes for skipping connections
|
2013-02-28 20:20:08 +01:00 |
|
stamparm
|
9ef79df23d
|
Cleaning up cases with Set-Cookie (conf.cj is handling it automatically; also, default redirector needed to be patched)
|
2013-02-28 13:51:08 +01:00 |
|
stamparm
|
be50192d8d
|
Refactoring WAF scripts
|
2013-02-26 15:54:50 +01:00 |
|
stamparm
|
e5835dc74f
|
Update for WAF scripts
|
2013-02-26 15:30:11 +01:00 |
|
stamparm
|
17fa0f568c
|
Minor patch for an Issue #404
|
2013-02-26 12:55:09 +01:00 |
|
stamparm
|
ecbcd4afe6
|
Minor update
|
2013-02-26 12:55:09 +01:00 |
|
stamparm
|
e5e39bc682
|
Fix for an Issue #410
|
2013-02-25 11:07:30 +01:00 |
|
stamparm
|
6fbd902265
|
Minor refactoring (Issue #411)
|
2013-02-25 10:44:04 +01:00 |
|
stamparm
|
7127869ede
|
Minor bug fix (live test specific verbosity should be valid only inside of it)
|
2013-02-22 17:26:48 +01:00 |
|
stamparm
|
ad471368f5
|
Fixing a display bug (cases where messages are just appended after the readInput line in batch mode) introduced with b472d9809a
|
2013-02-22 11:42:09 +01:00 |
|
stamparm
|
42cbd94fa4
|
Better update regarding 6acb2480b8
|
2013-02-22 10:49:45 +01:00 |
|
stamparm
|
44a46d2b10
|
Fix for an Issue #409
|
2013-02-22 10:18:22 +01:00 |
|
Miroslav Stampar
|
6acb2480b8
|
Adding WAF script for SecureIIS
|
2013-02-21 21:34:26 +01:00 |
|
stamparm
|
08f0670aca
|
Minor refactoring for an Issue #290
|
2013-02-21 14:39:22 +01:00 |
|
stamparm
|
8e49872d7c
|
Finalizing implementation for an Issue #290
|
2013-02-21 14:33:12 +01:00 |
|
stamparm
|
6b2981ef4e
|
Update for an Issue #290 (adding tamper-like scripts into (new) directory waf)
|
2013-02-21 11:14:57 +01:00 |
|
Miroslav Stampar
|
7f293afe74
|
Proper escaping for SQL identificators in Oracle (also, revert for 9b5f33560b )
|
2013-02-18 15:18:53 +01:00 |
|
Miroslav Stampar
|
9b5f33560b
|
Oracle is too specific (only column names can be enclosed) - removing it
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
bf82506c1b
|
Oracle can't enclose table names with double quotations
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
1b3d749488
|
Proper fix related to the last commit/revert
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
5a793cbc7c
|
Minor revert
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
799bd51c2e
|
Minor fix when two readInput/dataToStdout are called one at a time
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
97c06854a4
|
Minor fixes
|
2013-02-15 17:36:58 +01:00 |
|
Miroslav Stampar
|
014e4e0055
|
Minor represenation fix
|
2013-02-15 14:48:24 +01:00 |
|
Miroslav Stampar
|
345d10a9e0
|
Consistency fix (everywhere else we show unsafe format of identificator names)
|
2013-02-15 14:05:14 +01:00 |
|
Bernardo Damele
|
b472d9809a
|
another consistency fix to readInput()
|
2013-02-15 09:35:09 +00:00 |
|
Bernardo Damele
|
c3f1e196e1
|
added missing parameter
|
2013-02-15 00:43:46 +00:00 |
|
Bernardo Damele
|
4727589135
|
code consistency
|
2013-02-15 00:17:13 +00:00 |
|
Miroslav Stampar
|
515be4ee0b
|
Minor just in case commit related to the last one
|
2013-02-14 19:58:10 +01:00 |
|
Miroslav Stampar
|
fef60b73f4
|
Minor update for proper display of [PAYLOAD] in JSON/XML/SOAP cases
|
2013-02-14 19:53:26 +01:00 |
|
Bernardo Damele
|
d91530f885
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-02-14 17:16:55 +00:00 |
|
Bernardo Damele
|
52264f544e
|
minor fix for Windows file paths, do not strip the windows drive letter
|
2013-02-14 17:16:49 +00:00 |
|
Miroslav Stampar
|
fdf00e4842
|
Fix for an Issue #397
|
2013-02-14 17:14:36 +01:00 |
|
Miroslav Stampar
|
368a2fd297
|
Fix for an Issue #393
|
2013-02-14 16:18:16 +01:00 |
|
Miroslav Stampar
|
f97f575018
|
Trivial restyling
|
2013-02-14 15:41:27 +01:00 |
|
Miroslav Stampar
|
605c5b089e
|
Minor style update
|
2013-02-14 15:38:44 +01:00 |
|
Miroslav Stampar
|
06d8547916
|
Implementation for an Issue #394
|
2013-02-14 15:38:44 +01:00 |
|
Miroslav Stampar
|
7944684ff2
|
This was supposed to be a separate commit (going to commit it in next one)
|
2013-02-14 15:38:44 +01:00 |
|
Miroslav Stampar
|
6c0054bc5f
|
Putting that ugly parameter xyz is not inside the Cookie into the debug messages
|
2013-02-14 15:38:44 +01:00 |
|
Bernardo Damele
|
646df37884
|
minor bug fix for --reg-read
|
2013-02-14 13:17:30 +00:00 |
|
Miroslav Stampar
|
c72353321d
|
Minor update for an Issue #392
|
2013-02-14 13:36:33 +01:00 |
|
Bernardo Damele
|
4b9d8ed673
|
reverted a previous commit as not all distributions create a link file /usr/bin/python2 to the Python interpreter
|
2013-02-14 11:32:17 +00:00 |
|
Bernardo Damele
|
a67ef4117f
|
make sure to use Python 2 interpreter when default system Python is version 3
|
2013-02-14 11:25:04 +00:00 |
|
Miroslav Stampar
|
6629233de5
|
Minor update
|
2013-02-14 10:18:40 +01:00 |
|
Miroslav Stampar
|
0a4605644e
|
Minor fix for previous commit
|
2013-02-13 16:31:03 +01:00 |
|
Miroslav Stampar
|
2b121c938b
|
Minor fix
|
2013-02-13 16:24:21 +01:00 |
|
Miroslav Stampar
|
c6d29e093e
|
Fixing issue with newlines after the data in -r mode
|
2013-02-13 12:36:01 +01:00 |
|
Miroslav Stampar
|
965fa04a33
|
Trivial update
|
2013-02-13 12:28:51 +01:00 |
|
Miroslav Stampar
|
d78a3e977b
|
Update (allowing regular char * to be inside SOAP/JSON/XML)
|
2013-02-13 12:24:42 +01:00 |
|
Miroslav Stampar
|
6314d64a70
|
Renaming --binary to --binary-fields
|
2013-02-13 11:27:03 +01:00 |
|
Miroslav Stampar
|
7c802ed8cc
|
Minor fix
|
2013-02-13 11:14:45 +01:00 |
|
Miroslav Stampar
|
dc41484b3f
|
Refactoring of funcionality for finding out if stacking is available
|
2013-02-13 09:57:16 +01:00 |
|
Miroslav Stampar
|
8b4f72322a
|
Adding (for now hidden) option --binary (works like -C but deliberately retrieves data in hex format and displays in hex format)
|
2013-02-13 09:56:44 +01:00 |
|
Miroslav Stampar
|
c34f6e25b2
|
Minor fix for --eval (urldecoded values should be used inside evaluation)
|
2013-02-12 17:01:47 +01:00 |
|
Miroslav Stampar
|
212e92ea01
|
Minor update regarding --load-cookies (warning about expired ones)
|
2013-02-12 14:29:56 +01:00 |
|
Miroslav Stampar
|
c67b39d14d
|
Update for a last update
|
2013-02-12 12:58:15 +01:00 |
|
Miroslav Stampar
|
72984a578d
|
Update for --load-cookies
|
2013-02-12 12:42:12 +01:00 |
|
Miroslav Stampar
|
c2672e78fc
|
Support for multiple injection marks inside the same header value (Issue #48)
|
2013-02-12 12:06:13 +01:00 |
|
Miroslav Stampar
|
c75560ba69
|
Minor bug fix (getting ? in < 0xf char cases)
|
2013-02-11 21:16:35 +01:00 |
|
Miroslav Stampar
|
c0e59d94a9
|
Better naming
|
2013-02-08 16:28:58 +01:00 |
|
Miroslav Stampar
|
cdfe43560b
|
Update for an Issue #207 (and a potential patch for regression tests)
|
2013-02-08 16:20:48 +01:00 |
|
Bernardo Damele
|
d015bf98fc
|
renamed variable to avoid confusion
|
2013-02-07 14:19:07 +00:00 |
|
Bernardo Damele
|
07fe6d44fb
|
unnecessary condition here
|
2013-02-07 14:18:52 +00:00 |
|
Bernardo Damele
|
b477c56b52
|
first steps to allow multiple scans on the same taskid - issue #297
|
2013-02-07 00:05:26 +00:00 |
|
Bernardo Damele
|
5c8335876f
|
minor bug fix to make --disable-coloring work on log messages too
|
2013-02-06 21:04:54 +00:00 |
|
Bernardo Damele
|
477c66ac4b
|
minor refactoring and trivial bug fix
|
2013-02-06 17:45:25 +00:00 |
|
Bernardo Damele
|
f7d826fee1
|
first case where partial output is retrievable via RESTful API - issue #297
|
2013-02-05 14:43:03 +00:00 |
|
Miroslav Stampar
|
e836629215
|
Bug fixes for search (safeStringFormat should not replace all if given scalar values)
|
2013-02-05 11:37:49 +01:00 |
|
Bernardo Damele
|
9d04ae5db5
|
minor improvement to temporary folder name
|
2013-02-05 09:11:38 +00:00 |
|
Miroslav Stampar
|
6cab3d4759
|
Minor update
|
2013-02-04 16:46:08 +01:00 |
|
Miroslav Stampar
|
f4b8a3c1d8
|
Bug fix for boolean (multithreaded Ctrl+C) resumed values
|
2013-02-04 15:49:29 +01:00 |
|
Miroslav Stampar
|
5e4e863986
|
Bug fix (introduced with f1ab887c55 )
|
2013-02-04 15:31:28 +01:00 |
|
Miroslav Stampar
|
235153ab39
|
Removal of unused imports
|
2013-02-04 15:29:13 +01:00 |
|
Miroslav Stampar
|
7e1ff1bb8e
|
Same refactoring as the last commit
|
2013-02-04 15:26:44 +01:00 |
|
Bernardo Damele
|
9370f96a67
|
step by step getting there to partial output presentation to restful API (issue #297), not quite yet though..
|
2013-02-03 22:09:33 +00:00 |
|
Bernardo Damele
|
df3cc38cd9
|
minor improvements
|
2013-02-03 15:39:07 +00:00 |
|
Bernardo Damele
|
bd1ea13b8d
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-02-03 11:31:12 +00:00 |
|
Bernardo Damele
|
f8bc74758c
|
improvement to restful API to store to IPC database partial entries, not yet functional (issue #297)
|
2013-02-03 11:31:05 +00:00 |
|
Miroslav Stampar
|
e7b93b5b66
|
Implementation for an Issue #363
|
2013-02-01 17:24:04 +01:00 |
|
Miroslav Stampar
|
6d942f92b5
|
Removing --check-payload (PHPIDS doesn't update rules lately; also, WAF/IDS/IPS is more than just regexes (unencoding, removing junk, etc.))
|
2013-02-01 10:03:06 +01:00 |
|
Miroslav Stampar
|
8d51b4b63a
|
Minor bug fix
|
2013-01-31 16:24:44 +01:00 |
|
Miroslav Stampar
|
d6606a8f31
|
Patch to prevent problems like Issue #381
|
2013-01-31 13:58:39 +01:00 |
|
Miroslav Stampar
|
cfcf8a3abb
|
Another update for an Issue #380 (--common-... switches)
|
2013-01-31 13:49:19 +01:00 |
|
Miroslav Stampar
|
2420a4b626
|
Update for an Issue #342 and #372
|
2013-01-31 10:01:52 +01:00 |
|
Miroslav Stampar
|
9b4eaa9272
|
Minor fix
|
2013-01-30 18:21:15 +01:00 |
|
Miroslav Stampar
|
fdea8ddea6
|
Starting to clean up a mess in Oracle's world of DISTINCT (part of Issue #342 and #372)
|
2013-01-30 16:55:09 +01:00 |
|
Bernardo Damele
|
103045d284
|
variable renamed
|
2013-01-30 15:30:34 +00:00 |
|
Miroslav Stampar
|
f33bf06c88
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-30 11:38:20 +01:00 |
|
Bernardo Damele
|
6dfe91165d
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-30 10:34:51 +00:00 |
|
Bernardo Damele
|
8519717f25
|
minor fixes to --live-test
|
2013-01-30 10:32:56 +00:00 |
|
Miroslav Stampar
|
f391937083
|
Minor refactoring
|
2013-01-30 10:43:46 +01:00 |
|
Miroslav Stampar
|
d6fb0e8545
|
Update for an Issue #352
|
2013-01-30 10:38:11 +01:00 |
|
Miroslav Stampar
|
bd08ede117
|
Minor fine tuning
|
2013-01-29 21:06:02 +01:00 |
|
Miroslav Stampar
|
f41460f8d8
|
Better naming
|
2013-01-29 20:53:11 +01:00 |
|
Bernardo Damele
|
e8bd3c9c9f
|
cosmetics
|
2013-01-29 17:00:28 +00:00 |
|
Bernardo Damele
|
8f36f92dd3
|
minor fix
|
2013-01-29 16:23:30 +00:00 |
|
Bernardo Damele
|
c47b44e93f
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-29 15:38:16 +00:00 |
|
Bernardo Damele
|
9677e0f910
|
more data content types for API (issue #297)
|
2013-01-29 15:36:19 +00:00 |
|
Bernardo Damele
|
92ae8145df
|
ignore any non-relevant string: avoid storing to the API, careful this can introduce bugs but it is necessary at this stage of development (issue #297)
|
2013-01-29 15:35:51 +00:00 |
|
Bernardo Damele
|
bfce7210e6
|
improvements to the dump library to output to the API data fetched properly formatted (issue #297)
|
2013-01-29 15:34:20 +00:00 |
|
Bernardo Damele
|
eeecb3fe2c
|
split init() into two separate functions for API purposes (issue #297)
|
2013-01-29 15:33:16 +00:00 |
|
Miroslav Stampar
|
f4b7b3fd35
|
Minor cosmetics
|
2013-01-29 16:04:20 +01:00 |
|
Miroslav Stampar
|
9eca41bae2
|
Minor fix
|
2013-01-29 15:55:50 +01:00 |
|
Miroslav Stampar
|
a104de01d7
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-29 15:35:01 +01:00 |
|
Miroslav Stampar
|
7e73825ece
|
Minor cosmetics
|
2013-01-29 15:34:41 +01:00 |
|
Bernardo Damele
|
085495024f
|
minor adjustment
|
2013-01-29 01:44:57 +00:00 |
|
Bernardo Damele
|
f1ab887c55
|
major enhancement, code refactoring for issue #297
|
2013-01-29 01:39:27 +00:00 |
|
Bernardo Damele
|
cd4075f6a3
|
no raise, just pass at ctrl-c
|
2013-01-26 15:33:09 +00:00 |
|
Bernardo Damele
|
a0b9e0f1c5
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-25 17:11:38 +00:00 |
|
Bernardo Damele
|
195d17449e
|
first test of stdout/stderr redirect to a database when sqlmap is executed from restful API (#297)
|
2013-01-25 17:11:31 +00:00 |
|
Miroslav Stampar
|
c06f94e2c8
|
Fix for an Issue #378
|
2013-01-25 16:38:41 +01:00 |
|
Miroslav Stampar
|
8c84a16cb7
|
Minor style update for an Issue #377
|
2013-01-25 12:52:31 +01:00 |
|
Miroslav Stampar
|
194a9e7b88
|
Implementation for an Issue #377
|
2013-01-25 12:34:57 +01:00 |
|
Bernardo Damele
|
5b3c8d8991
|
first implementation of asynchronous inter-protocol communication between the sqlmap RESTful API and the sqlmap engine with SQLite
|
2013-01-24 12:57:24 +00:00 |
|
Miroslav Stampar
|
232f8d3585
|
Fix for an Issue #368
|
2013-01-23 13:36:17 +01:00 |
|
Bernardo Damele
|
5635776173
|
proper SQLite 2 library
|
2013-01-22 18:56:25 +00:00 |
|
Miroslav Stampar
|
719c7f622b
|
Probable fix for --technique=Q --dbms=Firebird (but also other potential issues with splitting of fields in expressions)
|
2013-01-22 15:51:06 +01:00 |
|
Miroslav Stampar
|
2ec828f1cb
|
Fix for an Issue #367
|
2013-01-22 14:27:17 +01:00 |
|
Miroslav Stampar
|
09c02c6c72
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-22 14:08:31 +01:00 |
|
Miroslav Stampar
|
15b0ab1b44
|
Fix for a 'no parameter found' problem when user says N on 'custom injection mark found in POST...'
|
2013-01-22 14:08:19 +01:00 |
|
Bernardo Damele
|
061aef57ba
|
missing import
|
2013-01-22 11:25:01 +00:00 |
|
Bernardo Damele
|
e558040810
|
minor fix to previous commit
|
2013-01-21 17:10:56 +00:00 |
|
Bernardo Damele
|
d43b04c582
|
better detection if vulnerable of not for regression test
|
2013-01-21 17:09:35 +00:00 |
|
Miroslav Stampar
|
b35a0810ef
|
Fix for an Issue #364
|
2013-01-21 17:01:52 +01:00 |
|
Miroslav Stampar
|
1e3f68c7ff
|
Rewriting some query crafting parts (especially those .find(' FROM '))
|
2013-01-21 16:15:38 +01:00 |
|
Miroslav Stampar
|
832d95984c
|
IFNULL-like mechanism now works on SQLite 2 too
|
2013-01-21 15:04:27 +01:00 |
|
Miroslav Stampar
|
c55a002f95
|
Language fix
|
2013-01-21 13:19:08 +01:00 |
|
Miroslav Stampar
|
80255433b0
|
Trivial style update
|
2013-01-21 13:18:34 +01:00 |
|
Miroslav Stampar
|
0e86175342
|
Adding new common function for further refactoring
|
2013-01-21 11:50:47 +01:00 |
|
Miroslav Stampar
|
3200134b3b
|
Fix for a regression test #30 test case fail (Firebird inline)
|
2013-01-21 10:12:54 +01:00 |
|
Bernardo Damele
|
3373e30808
|
minor fix for a bug introduced with commit 1ad9e26a21
|
2013-01-20 02:40:40 +00:00 |
|
Bernardo Damele
|
115be9d7b5
|
minor fixes
|
2013-01-20 01:26:46 +00:00 |
|
Miroslav Stampar
|
0a4f5d2e51
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-19 19:08:18 +01:00 |
|
Miroslav Stampar
|
e9641e30db
|
This last commit was in haste :)
|
2013-01-19 19:07:38 +01:00 |
|
Miroslav Stampar
|
6a87dd9225
|
Minor update (just for consistency with the rest of code)
|
2013-01-19 19:07:06 +01:00 |
|
Miroslav Stampar
|
979e108c87
|
Minor update (just for consistency with the rest of code)
|
2013-01-19 19:06:51 +01:00 |
|
Bernardo Damele
|
f89b25fdb6
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-19 18:04:38 +00:00 |
|
Bernardo Damele
|
adf97e630f
|
add possibility to provide a list of web server document root possible directories for web shell upload in --os-cmd and --os-shell for MySQL
|
2013-01-19 18:04:33 +00:00 |
|
Miroslav Stampar
|
9ce2395405
|
Minor refactoring
|
2013-01-19 18:40:44 +01:00 |
|
Miroslav Stampar
|
3f4c010370
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-19 18:28:52 +01:00 |
|
Miroslav Stampar
|
efe26ac3f8
|
In case that content-length header was not in a desired case ('Content-length') POST request file would fail badly (repeating original content-length header value)
|
2013-01-19 18:28:37 +01:00 |
|
Bernardo Damele
|
6a62292a3f
|
layout adjustment
|
2013-01-19 17:11:16 +00:00 |
|
Miroslav Stampar
|
bb6b89fe93
|
Patch for an Issue #360
|
2013-01-19 18:06:36 +01:00 |
|
Bernardo Damele
|
dcf2dcd03d
|
all we need to debug failed test cases while regression test run..
|
2013-01-19 17:04:57 +00:00 |
|
Bernardo Damele
|
f22fd396ef
|
write the test case name before it is run so if the test case crashes badly, we can trace back what test case it was at a later stage
|
2013-01-19 16:41:19 +00:00 |
|
Bernardo Damele
|
1923ef691e
|
just in case, add also the test case name inside the temp folder for debug purposes
|
2013-01-19 16:06:46 +00:00 |
|
Bernardo Damele
|
0e78fbef56
|
correctly format SQLi payload for inline query technique
|
2013-01-19 00:28:03 +00:00 |
|
Bernardo Damele
|
6be7eee8d6
|
more fixes
|
2013-01-18 23:35:16 +00:00 |
|
Bernardo Damele
|
56eaa073ce
|
fixed test cases for Firebird - #312
|
2013-01-18 23:32:39 +00:00 |
|
Bernardo Damele
|
1f4c6a8371
|
avoid blank line if password hashes have not been fetched
|
2013-01-18 22:10:36 +00:00 |
|
Bernardo Damele
|
1ad9e26a21
|
bug fix for ORDER BY users provided statements (issue #354)
|
2013-01-18 21:40:50 +00:00 |
|
Miroslav Stampar
|
ac7709204a
|
Better fix for that page/headers/comparison --string candidate problem
|
2013-01-18 17:00:11 +01:00 |
|
Miroslav Stampar
|
8141d17985
|
Revert of previous commit (more care has to be done regarding headers dynamicity)
|
2013-01-18 16:49:35 +01:00 |
|
Miroslav Stampar
|
33094a118c
|
Fix for an Issue where '--string' is being automatically picked not looking properly in headers too
|
2013-01-18 16:35:09 +01:00 |
|
Miroslav Stampar
|
601eb1e49a
|
Unescaping is renamed to escaping
|
2013-01-18 15:40:37 +01:00 |
|
Bernardo Damele
|
a43202f3c0
|
updated copyright
|
2013-01-18 14:07:51 +00:00 |
|
Bernardo Damele
|
1bb061f68c
|
improvements to --live-test
|
2013-01-18 13:02:35 +00:00 |
|
Bernardo Damele
|
738ccb643d
|
minor output adjustment
|
2013-01-18 11:41:09 +00:00 |
|
Miroslav Stampar
|
33ea811c6c
|
Removing some unused stuff (mainly imports)
|
2013-01-18 11:50:02 +01:00 |
|
Miroslav Stampar
|
aa467cb54c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-18 11:31:25 +01:00 |
|
Miroslav Stampar
|
17d36684b5
|
Removing obsolete proxy handling code (Python < 2.6)
|
2013-01-18 11:30:52 +01:00 |
|
Miroslav Stampar
|
4d5bae7131
|
Removing some obsolete functions
|
2013-01-18 11:18:56 +01:00 |
|
Miroslav Stampar
|
bcc907ce09
|
Minor update
|
2013-01-18 11:00:21 +01:00 |
|
Miroslav Stampar
|
d1008b45b5
|
Minor removal of unused function
|
2013-01-18 10:46:06 +01:00 |
|
Miroslav Stampar
|
caae773b2d
|
Minor removal of redundant code
|
2013-01-18 10:44:57 +01:00 |
|
Bernardo Damele
|
d66f7e22b1
|
more fixes to test cases
|
2013-01-18 09:32:05 +00:00 |
|
Miroslav Stampar
|
e941e60b20
|
Minor just in place update for an Issue #348
|
2013-01-17 22:44:55 +01:00 |
|
Bernardo Damele
|
1d6e642d41
|
fixed url
|
2013-01-17 21:29:00 +00:00 |
|
Miroslav Stampar
|
507f185b69
|
Revert of patch for an Issue #347
|
2013-01-17 18:38:37 +01:00 |
|
Miroslav Stampar
|
f7eda07d92
|
Patch for an Issue #347
|
2013-01-17 15:30:14 +01:00 |
|
Miroslav Stampar
|
a38b3e397c
|
Patch for an Issue #286
|
2013-01-17 14:17:39 +01:00 |
|
Miroslav Stampar
|
65273295e3
|
Implementing a check for an Issue #25
|
2013-01-17 13:56:04 +01:00 |
|
Miroslav Stampar
|
9428d1819e
|
Fix for an Issue #346
|
2013-01-17 12:03:02 +01:00 |
|
Miroslav Stampar
|
3ab4a5e36d
|
Fix for an Issue #345
|
2013-01-17 11:50:12 +01:00 |
|
Miroslav Stampar
|
51a77d1fe2
|
Minor update for an Issue #8
|
2013-01-17 11:37:45 +01:00 |
|
Miroslav Stampar
|
14b7e655a9
|
Minor refactoring
|
2013-01-16 16:33:04 +01:00 |
|
Miroslav Stampar
|
053b7d12b4
|
Minor language update
|
2013-01-16 16:07:12 +01:00 |
|
Miroslav Stampar
|
fb7243c237
|
Cleaning a mess where multi-threaded HTTP requests (in log) had sometimes same UIDs
|
2013-01-16 16:04:00 +01:00 |
|
Miroslav Stampar
|
c0a6e1c3a7
|
Finishing first usable prototype for an Issue #8
|
2013-01-16 14:54:37 +01:00 |
|
Miroslav Stampar
|
ff5ec48abd
|
Minor update for an Issue #8
|
2013-01-16 14:16:22 +01:00 |
|
Bernardo Damele
|
3464a70ac2
|
bug fix: without this generic concatenation of strings in concatQuery(), detection of UNION query SQLi only (--technique U) when the page did not disclose any DBMS error message and it was not MySQL (for which there are UNION SQLi specific payloads) was not detected
|
2013-01-16 01:53:33 +00:00 |
|
Bernardo Damele
|
542f6de72e
|
typo fix
|
2013-01-16 01:31:03 +00:00 |
|
Bernardo Damele
|
2a751e075d
|
more work on #342
|
2013-01-15 17:14:44 +00:00 |
|
Bernardo Damele
|
ec076f5f8a
|
write console output to temporary folder in any case the test case fails, even if no traceback is raised
|
2013-01-15 15:51:03 +00:00 |
|
Miroslav Stampar
|
7a1d484115
|
Implementation for an Issue #340
|
2013-01-15 16:05:33 +01:00 |
|
Bernardo Damele
|
c51358953a
|
add more Oracle system dbs
|
2013-01-15 14:51:29 +00:00 |
|
Bernardo Damele
|
3e2c3851f3
|
Make --live-test Metasploit integration cases work, added more test cases for PostgreSQL and code refactoring (issue #312)
|
2013-01-14 13:42:50 +00:00 |
|
Bernardo Damele
|
515c1c6205
|
removed leftover
|
2013-01-14 10:26:22 +00:00 |
|
Bernardo Damele
|
83000de9e1
|
improved handling and storing of exceptions with --live-test (#312)
|
2013-01-14 10:23:40 +00:00 |
|
Bernardo Damele
|
8125fe90a7
|
code refactoring
|
2013-01-14 10:22:38 +00:00 |
|
Bernardo Damele
|
036b612bcb
|
bug fix to be able to write unicode chars to debug file
|
2013-01-14 01:11:42 +00:00 |
|
Miroslav Stampar
|
fc560f2b75
|
Minor revert and proper fix
|
2013-01-14 00:47:29 +01:00 |
|
Bernardo Damele
|
b74cfbf336
|
minor enhancements for debug purposes (issue #312)
|
2013-01-13 23:15:56 +00:00 |
|
Bernardo Damele
|
fdd6075859
|
temporary patch to fix UNION query enumeration
|
2013-01-13 23:08:23 +00:00 |
|
Miroslav Stampar
|
92ea8841f8
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-13 16:23:09 +01:00 |
|
Miroslav Stampar
|
03dd958d96
|
Implementation for an Issue #48
|
2013-01-13 16:22:43 +01:00 |
|
Bernardo Damele
|
675e4a026b
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-11 13:31:49 +00:00 |
|
Bernardo Damele
|
41834e7a5b
|
working on #8 - still not usable though
|
2013-01-11 13:31:44 +00:00 |
|
Miroslav Stampar
|
bc4d8d3e02
|
Implementation for an Issue #332
|
2013-01-11 11:17:41 +01:00 |
|
Miroslav Stampar
|
5571d09354
|
Minor revert
|
2013-01-11 11:13:55 +01:00 |
|
Miroslav Stampar
|
ec4e49d771
|
Minor refactoring
|
2013-01-10 16:09:28 +01:00 |
|
Miroslav Stampar
|
1363f26367
|
Minor refactoring
|
2013-01-10 15:59:02 +01:00 |
|
Miroslav Stampar
|
834be1eddc
|
Restyling redundant 'except Exception' form
|
2013-01-10 15:54:28 +01:00 |
|
Miroslav Stampar
|
acfeeb4f51
|
Restyling old form of urlparse
|
2013-01-10 15:41:07 +01:00 |
|
Miroslav Stampar
|
8686c20fa5
|
Removing one obsolete instantiation line
|
2013-01-10 15:27:35 +01:00 |
|
Miroslav Stampar
|
934d41dac2
|
Minor style update (PEP8)
|
2013-01-10 15:02:28 +01:00 |
|
Miroslav Stampar
|
ca3d35a878
|
Some PEP8 related style cleaning
|
2013-01-10 13:18:44 +01:00 |
|
Miroslav Stampar
|
6cfa9cb0b3
|
Removing unused imports
|
2013-01-10 12:15:12 +01:00 |
|
Miroslav Stampar
|
05705857a9
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-10 12:09:48 +01:00 |
|
Miroslav Stampar
|
ca1c0c2a1d
|
Minor style update
|
2013-01-10 11:54:07 +01:00 |
|
Bernardo Damele
|
ca337159f5
|
added reminder TODO
|
2013-01-10 01:11:22 +00:00 |
|
Bernardo Damele
|
10f1099944
|
remove logging handler that shows logging messages to stdout - issue #297
|
2013-01-10 00:51:56 +00:00 |
|
Bernardo Damele
|
ccc3c3d1a3
|
minor fix to distinguish stdout from stderr
|
2013-01-10 00:51:05 +00:00 |
|
Bernardo Damele
|
2126a5ba12
|
minor index fix
|
2013-01-10 00:00:00 +00:00 |
|
Bernardo Damele
|
794700eb37
|
preparing to handle logging calls by a separate file descriptor when sqlmap is executed by the REST API - issue #297
|
2013-01-09 22:08:50 +00:00 |
|
Bernardo Damele
|
d120dc18d1
|
cleanup
|
2013-01-09 22:06:27 +00:00 |
|
Bernardo Damele
|
58a60562ac
|
avoid exiting with a traceback for missing dependency, handle properly at some point
|
2013-01-09 16:05:55 +00:00 |
|
Bernardo Damele
|
7f4ce4afbb
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 16:04:29 +00:00 |
|
Bernardo Damele
|
510ceb6e19
|
first attempt to have --os-pwn and other takeover switches work across Windows and Linux - issue #28
|
2013-01-09 16:04:23 +00:00 |
|
Miroslav Stampar
|
bf5544903b
|
Minor style update
|
2013-01-09 16:10:26 +01:00 |
|
Miroslav Stampar
|
9bdcb1176d
|
Update for an Issue #169
|
2013-01-09 15:58:13 +01:00 |
|
Miroslav Stampar
|
25f01a419f
|
Minor style update (for the sake of consistency over the code and our PEP8 adaptation)
|
2013-01-09 15:38:41 +01:00 |
|
Miroslav Stampar
|
bdd2592848
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-09 15:22:30 +01:00 |
|
Miroslav Stampar
|
3d4f381ab5
|
Patch for an Issue #169
|
2013-01-09 15:22:21 +01:00 |
|
Bernardo Damele
|
c44a829b9b
|
pass a pickled options object to sqlmap engine when called from API
|
2013-01-09 12:34:45 +00:00 |
|
Bernardo Damele
|
8457cff278
|
added variable to store the live test traceback if any
|
2013-01-09 12:33:18 +00:00 |
|
Bernardo Damele
|
f11747732e
|
added missing command line options
|
2013-01-09 12:30:13 +00:00 |
|
Miroslav Stampar
|
55a552ddc4
|
Update for an Issue #24
|
2013-01-08 10:55:25 +01:00 |
|
Miroslav Stampar
|
ad85c4c964
|
Minor refactoring for an Issue #295
|
2013-01-08 10:23:02 +01:00 |
|
Bernardo Damele
|
1e35b3c8c9
|
proper link
|
2013-01-07 16:59:59 +00:00 |
|
Miroslav Stampar
|
74552bea87
|
Cleaning some garbage (hard coded paths with linux native slashes)
|
2013-01-07 16:51:00 +01:00 |
|
Bernardo Damele
|
7fa75792dd
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2013-01-07 11:10:08 +00:00 |
|
Bernardo Damele
|
a30d7014b9
|
removed unused var
|
2013-01-07 11:05:33 +00:00 |
|
Miroslav Stampar
|
5b77b20e2e
|
Removing trailing whitespaces (PEP8)
|
2013-01-03 23:57:07 +01:00 |
|
Miroslav Stampar
|
82b468211d
|
Minor update
|
2013-01-03 23:38:29 +01:00 |
|
Miroslav Stampar
|
f340ce8b4b
|
Minor style update
|
2013-01-03 23:35:29 +01:00 |
|
Miroslav Stampar
|
1712603dce
|
Replacing deprecated has_key() with operator in (PEP8)
|
2013-01-03 23:28:07 +01:00 |
|
Miroslav Stampar
|
e4a3c015e5
|
Replacing old and deprecated raise Exception style (PEP8)
|
2013-01-03 23:20:55 +01:00 |
|
Miroslav Stampar
|
304e52cb4d
|
Minor language update
|
2013-01-02 22:11:59 +01:00 |
|
Miroslav Stampar
|
09f1cdd8e1
|
Minor style update
|
2013-01-02 21:52:50 +01:00 |
|
Miroslav Stampar
|
0795760255
|
Minor fix
|
2012-12-30 11:22:23 +01:00 |
|
Miroslav Stampar
|
648d91d790
|
Distinguishing invalid unicode from safe encoded characters (for proper potential decoding)
|
2012-12-27 22:43:39 +01:00 |
|
Miroslav Stampar
|
3d01890147
|
Patch for an Issue #56 (full target url is now being written to a output .CSV file in multi target mode)
|
2012-12-27 21:15:44 +01:00 |
|
Miroslav Stampar
|
6ae4590edc
|
Removing problematic per-MySQL LIMIT prefix
|
2012-12-26 19:48:01 +01:00 |
|
Miroslav Stampar
|
77625e5af7
|
Minor revert
|
2012-12-21 19:31:05 +01:00 |
|
Miroslav Stampar
|
00e55828e4
|
Minor style update
|
2012-12-21 15:06:03 +01:00 |
|
Miroslav Stampar
|
8b3e17ed4d
|
Minor update (better approach for those old NOT IN cases in MsSQL - instead of standard pivot dump table)
|
2012-12-21 14:52:47 +01:00 |
|
Miroslav Stampar
|
35728fa443
|
Fix (and some hidden bug fixes/improvements) regarding an Issue #317
|
2012-12-21 10:51:35 +01:00 |
|
Miroslav Stampar
|
b94a5d42d4
|
Removing a leftover
|
2012-12-21 09:49:09 +01:00 |
|
Miroslav Stampar
|
0a122ccce4
|
Related to an Issue #319
|
2012-12-21 09:47:58 +01:00 |
|
Miroslav Stampar
|
1073ebc697
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 20:51:41 +01:00 |
|
Bernardo Damele
|
912323c12d
|
minor bug fix (#297)
|
2012-12-20 17:05:44 +00:00 |
|
Bernardo Damele
|
7adaffa71b
|
fixed options initiation
|
2012-12-20 16:53:43 +00:00 |
|
Miroslav Stampar
|
8efe056671
|
Minor refactoring
|
2012-12-20 15:51:03 +01:00 |
|
Bernardo Damele
|
e9ab33e9dd
|
standalone REST API, code cleanup (#297)
|
2012-12-20 14:35:02 +00:00 |
|
Miroslav Stampar
|
63d9b7a1f8
|
No character shall be left forgotten (no more ? in case that character was not properly being decoded by used charset)
|
2012-12-20 12:23:37 +01:00 |
|
Miroslav Stampar
|
c2c4601d6e
|
Minor restyling
|
2012-12-20 11:06:52 +01:00 |
|
Bernardo Damele
|
076b4063e6
|
these edits got overwritten from last commits
|
2012-12-20 09:42:44 +00:00 |
|
Miroslav Stampar
|
3cbe60b586
|
Proper fix
|
2012-12-20 10:37:20 +01:00 |
|
Miroslav Stampar
|
0d1ea7f05a
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
Conflicts:
lib/core/testing.py
|
2012-12-20 10:37:11 +01:00 |
|
Miroslav Stampar
|
da93e77eb2
|
Proper fix
|
2012-12-20 10:34:51 +01:00 |
|
Bernardo Damele
|
ac77724970
|
attempt to handle standard input from --live-test
|
2012-12-20 09:30:48 +00:00 |
|
Bernardo Damele
|
2b6ee06de0
|
minor bug fix to correctly parse unicode chars
|
2012-12-20 09:30:13 +00:00 |
|
Miroslav Stampar
|
69310e47ce
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-20 09:54:39 +01:00 |
|
Miroslav Stampar
|
06d8213ffd
|
minor fix (reading of unicode xml files)
|
2012-12-20 09:53:08 +01:00 |
|
Bernardo Damele
|
86872956d5
|
minor bug fix (for PostgreSQL)
|
2012-12-19 22:55:31 +00:00 |
|
Bernardo Damele
|
77843f44fb
|
minor bug fix (issue #314)
|
2012-12-19 22:49:02 +00:00 |
|
Bernardo Damele
|
357da43cea
|
slight improvement of live test engine and added misc test cases to xml
|
2012-12-19 17:28:41 +00:00 |
|
Bernardo Damele
|
85fcd27e2d
|
added support for random global variables
|
2012-12-19 15:58:06 +00:00 |
|
Bernardo Damele
|
12d34587cc
|
minor restyling
|
2012-12-19 14:34:34 +00:00 |
|
Bernardo Damele
|
326ff404fc
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:25:35 +00:00 |
|
Bernardo Damele
|
12eed58485
|
pointless restyling
|
2012-12-19 14:25:29 +00:00 |
|
Miroslav Stampar
|
37346fe8a3
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 15:23:57 +01:00 |
|
Miroslav Stampar
|
7ee98c7bff
|
Just for one girl out there waiting for this patch ;)
|
2012-12-19 15:23:38 +01:00 |
|
Bernardo Damele
|
3be90c97aa
|
forgot these
|
2012-12-19 14:12:45 +00:00 |
|
Bernardo Damele
|
cefb03c835
|
fixed bug related to issue #223
|
2012-12-19 14:12:09 +00:00 |
|
Bernardo Damele
|
27a12ae85b
|
restyling
|
2012-12-19 13:47:17 +00:00 |
|
Bernardo Damele
|
4b3b4eb374
|
commented out partial work
|
2012-12-19 13:47:04 +00:00 |
|
Bernardo Damele
|
3655d1f12a
|
revert change of name for now
|
2012-12-19 13:45:52 +00:00 |
|
Bernardo Damele
|
874e2176c6
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 13:43:00 +00:00 |
|
Bernardo Damele
|
4f0f729982
|
be more specific in standard output message as to whether or not the read file is same as remote file
|
2012-12-19 13:42:56 +00:00 |
|
Miroslav Stampar
|
23153e8088
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 14:29:08 +01:00 |
|
Miroslav Stampar
|
244901eda0
|
During --flush-session log file should be cleaned too (especially because of --live-tests)
|
2012-12-19 14:28:54 +01:00 |
|
Bernardo Damele
|
282aeb734f
|
ORDER BY does not play well with UNION query SQLi (related to issue #313)
|
2012-12-19 13:21:16 +00:00 |
|
Bernardo Damele
|
128597ee7e
|
--run-case is now case insensitive
|
2012-12-19 12:45:46 +00:00 |
|
Bernardo Damele
|
b91c829103
|
minor bug fix (issue #310)
|
2012-12-19 12:42:31 +00:00 |
|
Bernardo Damele
|
2bc2c0431c
|
fixed test cases
|
2012-12-19 12:33:37 +00:00 |
|
Bernardo Damele
|
9149d77cc8
|
removed duplicate code - fixes issue #310
|
2012-12-19 12:17:56 +00:00 |
|
Bernardo Damele
|
f5450e9f0e
|
layout adjustment
|
2012-12-19 11:39:38 +00:00 |
|
Miroslav Stampar
|
92e338251a
|
Finally working inference against MySQL/international letters (even chinese)
|
2012-12-19 10:44:02 +01:00 |
|
Miroslav Stampar
|
c9b8b51c9c
|
Update lib/core/common.py
Revert of last commit and try 2
|
2012-12-19 01:48:53 +01:00 |
|
Bernardo Damele
|
318fcee49c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-12-19 00:30:26 +00:00 |
|
Bernardo Damele
|
3c7007097a
|
minor refactoring
|
2012-12-19 00:30:22 +00:00 |
|
Miroslav Stampar
|
50b846b5af
|
Update lib/core/common.py
Fixing wrong assumption in case of MySQL inference international character retrieval
|
2012-12-19 01:26:12 +01:00 |
|
Miroslav Stampar
|
9e2f0131b9
|
Update lib/core/agent.py
|
2012-12-18 20:25:00 +01:00 |
|
Bernardo Damele
|
326ed33f31
|
added support for comma separated list of files for --file-read - fixes issue #223
|
2012-12-18 17:55:21 +00:00 |
|
Bernardo Damele
|
58656bbeb5
|
minor bug fix, union query has to be limited 0, 0
|
2012-12-18 16:36:30 +00:00 |
|
Bernardo Damele
|
61a838bb35
|
added more test cases
|
2012-12-18 15:59:48 +00:00 |
|
Miroslav Stampar
|
88d8494b5a
|
Implementation for an Issue #307
|
2012-12-18 16:03:35 +01:00 |
|
Bernardo Damele
|
3c1b696bd6
|
removed more print statements
|
2012-12-17 13:35:32 +00:00 |
|
Bernardo Damele
|
9f47eb0a59
|
cleaner
|
2012-12-17 13:29:37 +00:00 |
|
Bernardo Damele
|
0500712a03
|
removed unuseful prints
|
2012-12-17 13:29:19 +00:00 |
|
Bernardo Damele
|
ac44cf3ec0
|
minor fix: add also back-end DBMS and web app fingerprint output to log file
|
2012-12-17 13:02:09 +00:00 |
|
Bernardo Damele
|
bbd2adb5fb
|
improvements to --live-test and added --stop-fail switch
|
2012-12-17 11:41:43 +00:00 |
|
Bernardo Damele
|
2926c815bf
|
improved test switch --live-test and minor refactoring
|
2012-12-17 11:29:33 +00:00 |
|
Bernardo Damele
|
0c3da5c7eb
|
code refactoring and first time logger is handled by a separate file descriptor (issue #297)
|
2012-12-15 00:12:22 +00:00 |
|
Bernardo Damele
|
a2a71bb37b
|
cleanup from XML-RPC related stuff
|
2012-12-14 13:37:36 +00:00 |
|
Bernardo Damele
|
6e31e87de1
|
added initial support (hidden from -hh and not yet usable) for REST-JSON API
|
2012-12-14 02:49:25 +00:00 |
|
Miroslav Stampar
|
df0f08bc6a
|
Cleaning some (web upload based) garbage
|
2012-12-13 13:19:47 +01:00 |
|
Miroslav Stampar
|
5150172178
|
Minor update
|
2012-12-13 10:03:21 +01:00 |
|
Miroslav Stampar
|
fc4be0a77c
|
Minor fix
|
2012-12-12 16:45:29 +01:00 |
|
Miroslav Stampar
|
921000bd87
|
Another update for an Issue #287
|
2012-12-12 14:22:24 +01:00 |
|
Miroslav Stampar
|
c3f20a136f
|
Minor update for an Issue #287
|
2012-12-12 14:03:03 +01:00 |
|
Miroslav Stampar
|
a6448e8768
|
Update for an Issue #287
|
2012-12-12 11:54:59 +01:00 |
|
Miroslav Stampar
|
b9f6fc5f4e
|
First commit (and working one) for an Issue #287 (XML-RPC server)
|
2012-12-11 16:02:06 +01:00 |
|
Miroslav Stampar
|
b5884c7eda
|
Minor language update
|
2012-12-11 15:24:02 +01:00 |
|
Miroslav Stampar
|
760519dbe9
|
Removing redundant piece of code
|
2012-12-11 15:21:27 +01:00 |
|
Miroslav Stampar
|
a54c261496
|
Minor update for Issues #292 & #293 (only single alert per target)
|
2012-12-11 14:44:43 +01:00 |
|
Miroslav Stampar
|
5c2451d83c
|
Implementation for an Issue #293
|
2012-12-11 12:48:58 +01:00 |
|
Miroslav Stampar
|
562044577b
|
Implementation for an Issue #292
|
2012-12-11 12:02:06 +01:00 |
|
Miroslav Stampar
|
6433be8b3d
|
Style update
|
2012-12-10 17:20:04 +01:00 |
|
Miroslav Stampar
|
a024884ca7
|
Support for a HTTP parameter pollution (Issue #267)
|
2012-12-10 11:55:31 +01:00 |
|
Miroslav Stampar
|
1f7644a691
|
Minor fix when user doesn't want custom injection char marker to be processed
|
2012-12-08 21:23:30 +01:00 |
|
Miroslav Stampar
|
0cbdaaecfa
|
Revert of 99e9412f74 (because of an Issue #289)
|
2012-12-08 08:53:25 +01:00 |
|
Miroslav Stampar
|
1028afce37
|
Removal of leftovers
|
2012-12-06 14:15:44 +01:00 |
|
Miroslav Stampar
|
974407396e
|
Doing some more style updating (capitalization of exception classes; using _ is enough for private members - __ is used in Python specific methods)
|
2012-12-06 14:14:19 +01:00 |
|
Miroslav Stampar
|
baccbd6f48
|
Implementation for an Issue #283
|
2012-12-06 11:57:57 +01:00 |
|
Miroslav Stampar
|
ab67344448
|
Removed unused imports and variables (pyflake-ing)
|
2012-12-06 11:15:05 +01:00 |
|
Miroslav Stampar
|
b6650add46
|
Introducing 'new style classes' (idea from Pull request #284)
|
2012-12-06 10:42:53 +01:00 |
|
Miroslav Stampar
|
0f191f624c
|
Taking some goodies from Pull request #284
|
2012-12-06 10:21:53 +01:00 |
|
Miroslav Stampar
|
6b39e661a7
|
Fix for an issue #279
|
2012-12-05 12:15:14 +01:00 |
|
Miroslav Stampar
|
775e0df04b
|
Update for an Issue #278
|
2012-12-05 10:45:17 +01:00 |
|
Miroslav Stampar
|
6b007ab188
|
Minor patch for an Issue #274 (just in case to avoid this kind of problems)
|
2012-12-04 16:14:14 +01:00 |
|
Miroslav Stampar
|
e2aa695655
|
Minor update
|
2012-12-03 17:20:18 +01:00 |
|
Miroslav Stampar
|
42a8234c6f
|
Update for an Issue #12
|
2012-12-03 14:27:01 +01:00 |
|
Miroslav Stampar
|
79fca8e9d5
|
Fix for an Issue #268
|
2012-12-03 12:13:59 +01:00 |
|
Miroslav Stampar
|
8410fc5a9d
|
Minor update
|
2012-12-02 08:00:55 +01:00 |
|
redshark1802
|
1675386093
|
fixed typo that created an invalid configuration file with the option '--save'
|
2012-11-30 23:00:03 +01:00 |
|
Miroslav Stampar
|
5b61e9ce12
|
Minor update for an Issue #254
|
2012-11-30 11:43:50 +01:00 |
|
Miroslav Stampar
|
7e2db762d6
|
Minor update
|
2012-11-29 15:45:04 +01:00 |
|
Miroslav Stampar
|
8f10023523
|
Fix for an Issue #266
|
2012-11-29 15:44:14 +01:00 |
|
Miroslav Stampar
|
3b961c2550
|
Update for an Issue #254
|
2012-11-29 15:36:38 +01:00 |
|
Miroslav Stampar
|
a7e1e856d4
|
Fix for an Issue #260
|
2012-11-28 17:00:26 +01:00 |
|
Miroslav Stampar
|
35d1146fd1
|
Minor update for an (Issue #254)
|
2012-11-28 12:53:11 +01:00 |
|
Miroslav Stampar
|
753d0f18bf
|
First CSS style added for a HTML table dump format (Issue #254)
|
2012-11-28 12:46:43 +01:00 |
|
Miroslav Stampar
|
b6ea337937
|
First style-less prototype for an HTML dump output (Issue #254)
|
2012-11-28 12:28:42 +01:00 |
|
Miroslav Stampar
|
e2d8b53e97
|
Minor update for an Issue #264
|
2012-11-28 11:45:33 +01:00 |
|
Miroslav Stampar
|
cff0c59630
|
Implementation for an Issue #264
|
2012-11-28 11:41:39 +01:00 |
|
Miroslav Stampar
|
5bf5b95588
|
More refactoring for an Issue #254
|
2012-11-28 11:16:00 +01:00 |
|
Miroslav Stampar
|
87a92ab330
|
Deprecating --replicate (Issue #254)
|
2012-11-28 11:10:57 +01:00 |
|
Miroslav Stampar
|
f08eb0fd9f
|
Minor style update
|
2012-11-28 10:59:15 +01:00 |
|
Miroslav Stampar
|
d95dd2d16e
|
Preparation for an Issue #254
|
2012-11-28 10:58:18 +01:00 |
|
Miroslav Stampar
|
d490ffb163
|
Fix for an Issue #259
|
2012-11-27 11:45:22 +01:00 |
|
Miroslav Stampar
|
bd33128085
|
Fix for an Issue #262
|
2012-11-27 10:08:22 +01:00 |
|
Miroslav Stampar
|
38c96a366b
|
Patch for an Issue #260
|
2012-11-26 11:16:59 +01:00 |
|
Miroslav Stampar
|
ef2038f1c8
|
Implementation for an Issue #253
|
2012-11-21 10:16:13 +01:00 |
|
Miroslav Stampar
|
93e071fc33
|
Fix for an Issue #251
|
2012-11-20 11:19:23 +01:00 |
|
Miroslav Stampar
|
302348b0cd
|
Minor update
|
2012-11-19 11:59:28 +01:00 |
|
Miroslav Stampar
|
d37be5f97b
|
Fix for an Issue #248
|
2012-11-14 15:54:24 +01:00 |
|
Miroslav Stampar
|
9a54a911a8
|
Patch for an Issue #231
|
2012-11-14 11:30:29 +01:00 |
|
Miroslav Stampar
|
6f7f9dd8eb
|
Patch for an Issue #242
|
2012-11-13 10:41:13 +01:00 |
|
Miroslav Stampar
|
a52dbc575b
|
Patch for an Issue #246
|
2012-11-13 10:21:11 +01:00 |
|
Miroslav Stampar
|
f305dde413
|
Patch for an Issue #235
|
2012-11-10 11:01:29 +01:00 |
|
Miroslav Stampar
|
181c3534f0
|
Patch for an Issue #237
|
2012-11-08 19:16:37 +01:00 |
|
Miroslav Stampar
|
e7e83defaa
|
Minor update
|
2012-11-08 11:09:34 +01:00 |
|
Miroslav Stampar
|
1ee0d9ce5e
|
Fix for an Issue #229
|
2012-11-05 15:58:54 +01:00 |
|
Miroslav Stampar
|
2de52927f3
|
Code refactoring (epecially Google search code)
|
2012-10-30 18:38:10 +01:00 |
|
Miroslav Stampar
|
5cfc066ac4
|
Minor update
|
2012-10-30 10:30:22 +01:00 |
|
Miroslav Stampar
|
7c7aff12c6
|
Update for an Issue #225
|
2012-10-30 01:26:19 +01:00 |
|
Miroslav Stampar
|
b0f5b4f9bc
|
Update for an Issue #225
|
2012-10-30 00:59:31 +01:00 |
|
Miroslav Stampar
|
a9094a35fe
|
Fix for an Issue #227
|
2012-10-30 00:20:49 +01:00 |
|
Miroslav Stampar
|
1d07b93730
|
Bug fix for --os-shell on MySQL (it was not working for a long time because of this)
|
2012-10-29 15:45:30 +01:00 |
|
Miroslav Stampar
|
5358d85d37
|
Important refactoring for web-based functionality
|
2012-10-29 15:09:05 +01:00 |
|
Miroslav Stampar
|
81ccf28785
|
Minor refactoring
|
2012-10-29 14:08:48 +01:00 |
|
Miroslav Stampar
|
359e734954
|
Minor refactoring
|
2012-10-29 10:48:49 +01:00 |
|
Miroslav Stampar
|
c1eb803ef5
|
Bug fix for MsSQL --hex --technique=E (NOT IN based queries were not working properly)
|
2012-10-28 21:16:51 +01:00 |
|
Miroslav Stampar
|
25a5073281
|
Bug fix for --hex/--technique=B (especially MsSQL)
|
2012-10-28 12:22:33 +01:00 |
|
Miroslav Stampar
|
8617fe0d65
|
Bug fix for international letters decoded with --hex on MsSQL
|
2012-10-28 11:50:16 +01:00 |
|
Miroslav Stampar
|
ca427af8b3
|
Minor refactoring/improvement
|
2012-10-28 01:42:08 +02:00 |
|
Miroslav Stampar
|
43ddf39bea
|
Minor refactoring
|
2012-10-28 01:16:02 +02:00 |
|
Miroslav Stampar
|
bcdba7b7bb
|
Dealing with rare cases when getIdentifiedDbms is needed prior to DBMS isfingerprinted and there are multiples of dbmses inside details
|
2012-10-28 01:11:50 +02:00 |
|
Miroslav Stampar
|
c1b8226329
|
Massive renaming (proper naming is inband = union & error techniques! - query naming stays as they are/in code things like forgeInbandQuery are renamed to forgeUnionQuery)
|
2012-10-28 00:36:09 +02:00 |
|
Miroslav Stampar
|
965d7eee17
|
Minor bug fix for a reflection removal mechanism
|
2012-10-26 00:06:15 +02:00 |
|
Miroslav Stampar
|
8a5844a364
|
Implementation for an Issue #222
|
2012-10-25 13:21:32 +02:00 |
|
Miroslav Stampar
|
12fc9442b9
|
Tamper function(s) refactoring (really no need for returning headers as they are passed by reference)
|
2012-10-25 10:10:23 +02:00 |
|
Miroslav Stampar
|
65ec715828
|
Fix for an Issue #218
|
2012-10-25 00:03:00 +02:00 |
|
Miroslav Stampar
|
5477c9f7ba
|
Fix for an Issue #216
|
2012-10-24 22:59:46 +02:00 |
|
Miroslav Stampar
|
056be32ac1
|
Fix for Issue #213
|
2012-10-23 17:06:31 +02:00 |
|
Miroslav Stampar
|
4365c48e83
|
Minor style update
|
2012-10-23 14:38:24 +02:00 |
|
Miroslav Stampar
|
06f226c494
|
Fix for an Issue #211
|
2012-10-23 14:37:45 +02:00 |
|
Miroslav Stampar
|
b82eb3a1ae
|
Fix for an Issue #210
|
2012-10-23 13:58:25 +02:00 |
|
Miroslav Stampar
|
f2bbf1ead9
|
Fix for raw_input raising EOFError and KeyboardInterrupt on Ctrl-C (Windows platform)
|
2012-10-23 11:05:00 +02:00 |
|
Miroslav Stampar
|
5ff2e33c43
|
Minor fix
|
2012-10-23 10:54:26 +02:00 |
|
Miroslav Stampar
|
68d5faa287
|
Minor update
|
2012-10-23 10:46:17 +02:00 |
|
Miroslav Stampar
|
f11a640e99
|
Undo of a previous commit (pdb left inside)
|
2012-10-22 14:39:35 +02:00 |
|
Miroslav Stampar
|
b913e2123d
|
Displaying hex-decoded resulting output in --hex mode
|
2012-10-22 14:39:11 +02:00 |
|
Miroslav Stampar
|
39f565533a
|
In case on --no-cast DUMP_REPLACEMENTS should not be used
|
2012-10-22 14:13:30 +02:00 |
|
Miroslav Stampar
|
d65d9e25cd
|
Implementation for an Issue #2
|
2012-10-19 11:02:14 +02:00 |
|
Miroslav Stampar
|
64b4586883
|
Minor update
|
2012-10-18 11:36:12 +02:00 |
|
Miroslav Stampar
|
ea49fa2db2
|
Fix for an Issue #206
|
2012-10-18 11:11:20 +02:00 |
|
Miroslav Stampar
|
1cb2ca4195
|
Minor update
|
2012-10-18 10:55:27 +02:00 |
|
Miroslav Stampar
|
2cb1b054bb
|
Implementation for an Issue #79
|
2012-10-16 12:32:58 +02:00 |
|
Miroslav Stampar
|
3e64ab214e
|
Minor update
|
2012-10-16 10:28:59 +02:00 |
|
Miroslav Stampar
|
8b57e1fce6
|
Minor update for an Issue #203
|
2012-10-15 23:15:52 +02:00 |
|
Miroslav Stampar
|
048e720f69
|
Minor refactoring for an Issue #203
|
2012-10-15 17:55:57 +02:00 |
|
Miroslav Stampar
|
9aba690a60
|
Patch for an Issue #203
|
2012-10-15 16:23:41 +02:00 |
|
Miroslav Stampar
|
e440b096c5
|
Fix for an Issue #202
|
2012-10-15 12:24:30 +02:00 |
|
Miroslav Stampar
|
56832fe9c4
|
Better adjustTimeDelay() candidate algorithm
|
2012-10-11 14:23:53 +02:00 |
|
Miroslav Stampar
|
e61c4c22c9
|
Implementation for an Issue #200
|
2012-10-09 15:19:47 +02:00 |
|
Miroslav Stampar
|
cd9a47835b
|
Minor consistency update
|
2012-10-09 14:48:26 +02:00 |
|
Miroslav Stampar
|
8c5fb1b064
|
Minor update
|
2012-10-09 14:46:45 +02:00 |
|
Miroslav Stampar
|
ea12ccec77
|
Minor refactoring
|
2012-10-09 11:33:19 +02:00 |
|
Miroslav Stampar
|
10b0fd21dc
|
Fix for an Issue #198
|
2012-10-09 11:27:19 +02:00 |
|
Miroslav Stampar
|
8e7449ccd5
|
Minor update
|
2012-10-07 20:28:24 +02:00 |
|
Miroslav Stampar
|
ebc7088f94
|
Implementation for an Issue #128
|
2012-10-05 10:24:09 +02:00 |
|
Miroslav Stampar
|
098e446ca4
|
Adding support for generic XML POST data
|
2012-10-04 18:44:12 +02:00 |
|
Miroslav Stampar
|
8865fe69d7
|
Minor cleanup
|
2012-10-04 18:26:07 +02:00 |
|
Miroslav Stampar
|
d464678e10
|
Minor update for an Issue #49
|
2012-10-04 18:01:42 +02:00 |
|
Miroslav Stampar
|
84b05e2d18
|
Better treating of numeric values (Issue #49)
|
2012-10-04 16:08:37 +02:00 |
|
Miroslav Stampar
|
31aa9be1c7
|
Minor update
|
2012-10-04 15:40:11 +02:00 |
|
Miroslav Stampar
|
9129dac77b
|
Minor fix for an Issue #134
|
2012-10-04 15:33:26 +02:00 |
|
Miroslav Stampar
|
5d2b534908
|
Minor update (Issue #49)
|
2012-10-04 15:23:01 +02:00 |
|
Miroslav Stampar
|
5b59b6feb4
|
Removing junk part
|
2012-10-04 12:09:09 +02:00 |
|
Miroslav Stampar
|
d570e25b1b
|
Minor workflow update
|
2012-10-04 12:05:59 +02:00 |
|
Miroslav Stampar
|
eddc634ceb
|
Minor improvement (custom injection marks are now processed in order of appearance)
|
2012-10-04 11:52:40 +02:00 |
|
Miroslav Stampar
|
3764d230be
|
Minor fix for Issue #197 and Issue #49
|
2012-10-04 11:43:37 +02:00 |
|
Miroslav Stampar
|
461e5ebc5f
|
Work for Issue #197 and Issue #49
|
2012-10-04 11:25:44 +02:00 |
|
Miroslav Stampar
|
bcbf0571a5
|
Implementation for an Issue #49
|
2012-10-02 14:23:58 +02:00 |
|
Miroslav Stampar
|
763dc98311
|
Minor refactoring
|
2012-10-02 13:36:15 +02:00 |
|
Miroslav Stampar
|
687f3991de
|
Cleaning/refactoring of bunch of stacked/suffix/comment stuff (e.g.
|
2012-09-26 11:27:43 +02:00 |
|
Miroslav Stampar
|
6bc5f44b20
|
Minor just in case update for an Issue #195 (safer behavior on forced charsets)
|
2012-09-25 15:09:07 +02:00 |
|
Miroslav Stampar
|
efe4c13ed1
|
Update regarding suffixQuery (user supplied --suffix should nullify any eventual payload comments)
|
2012-09-25 14:36:15 +02:00 |
|
Miroslav Stampar
|
fccdb824bb
|
Patch for an Issue #193
|
2012-09-25 11:21:39 +02:00 |
|
Miroslav Stampar
|
c9e7e71ea2
|
Implementation for an Issue #195
|
2012-09-25 10:17:25 +02:00 |
|
Miroslav Stampar
|
9ca7b3e20e
|
Implementation for an Issue #194
|
2012-09-25 09:25:35 +02:00 |
|
Miroslav Stampar
|
d175decdfc
|
Fix for an Issue #190
|
2012-09-22 20:59:40 +02:00 |
|
Miroslav Stampar
|
9a1fbb8941
|
Fix for an Issue #185
|
2012-09-13 14:22:26 +02:00 |
|
Miroslav Stampar
|
a64438fb5c
|
Minor language update
|
2012-09-11 19:45:40 +02:00 |
|
Miroslav Stampar
|
05dced5418
|
Minor language update
|
2012-09-11 19:43:03 +02:00 |
|
Miroslav Stampar
|
511c3b8dcc
|
Update and fix for an Issue #182
|
2012-09-11 14:58:52 +02:00 |
|
Miroslav Stampar
|
f26ea04e38
|
Fix for an Issue #175
|
2012-09-07 17:06:38 +02:00 |
|
Miroslav Stampar
|
e4bc471f81
|
Fix for an Issue #173
|
2012-09-07 10:09:19 +02:00 |
|
Miroslav Stampar
|
a3baf94e9b
|
Minor style update
|
2012-09-07 10:09:00 +02:00 |
|
Miroslav Stampar
|
cea5127ffd
|
Update for an Issue #6
|
2012-09-06 15:51:38 +02:00 |
|
Miroslav Stampar
|
c3d191e626
|
Minor update for an Issue #2
|
2012-09-06 14:13:54 +02:00 |
|
Miroslav Stampar
|
1e238b5a5a
|
Minor update
|
2012-09-06 13:36:34 +02:00 |
|
Miroslav Stampar
|
f6716cf7c0
|
Fix for an Issue #170
|
2012-09-01 23:52:00 +02:00 |
|
Miroslav Stampar
|
2170e64ca5
|
Minor bug fix
|
2012-08-31 19:48:45 +02:00 |
|
Miroslav Stampar
|
33980adaef
|
Another update for an Issue #79
|
2012-08-31 12:46:38 +02:00 |
|
Miroslav Stampar
|
7286d89cb6
|
Few fixes for an Issue #79 (problem with case sensitivity of request get_header)
|
2012-08-31 12:15:09 +02:00 |
|
Miroslav Stampar
|
2806185989
|
Minor refactoring
|
2012-08-31 10:43:06 +02:00 |
|
Miroslav Stampar
|
74a5d41272
|
Minor update for an Issue #79
|
2012-08-31 10:24:47 +02:00 |
|
Miroslav Stampar
|
a89d61415a
|
'Patch' for an Issue #167
|
2012-08-29 21:29:27 +02:00 |
|
Miroslav Stampar
|
9674b174ee
|
One more minor update related to last commit
|
2012-08-23 15:37:17 +02:00 |
|
Miroslav Stampar
|
b79247c197
|
Minor update
|
2012-08-23 15:22:14 +02:00 |
|
Miroslav Stampar
|
e9ae44c6fc
|
Implementation for an #162
|
2012-08-22 16:50:01 +02:00 |
|
Miroslav Stampar
|
a62a874d59
|
Update for an Issue #161 (changing default readInput value regarding the conf.multipleTargets)
|
2012-08-22 16:06:09 +02:00 |
|
Miroslav Stampar
|
52351e5d81
|
Update for an Issue #161 (now detecting format error messages too)
|
2012-08-22 15:51:47 +02:00 |
|
Miroslav Stampar
|
a6d743ec4c
|
Minor console output fix (redundant newline has been displayed in case of rawInput)
|
2012-08-22 14:43:57 +02:00 |
|
Miroslav Stampar
|
8a5042b6a4
|
Update for an #161 (preventing further skipping of non-heuristic parameters in ignore casted case)
|
2012-08-22 11:56:30 +02:00 |
|
Miroslav Stampar
|
61151447fe
|
Implementation of an Issue #161
|
2012-08-22 11:27:58 +02:00 |
|
Miroslav Stampar
|
2c66ca39f1
|
Wrong limit number has been used (MySQL LIMIT/OFFSET starts with 0)
|
2012-08-22 09:53:53 +02:00 |
|
Miroslav Stampar
|
ad59abe018
|
Cleaning leftover
|
2012-08-21 14:37:09 +02:00 |
|
Miroslav Stampar
|
1b86fffc6d
|
Fix for an Issue #157
|
2012-08-21 14:36:04 +02:00 |
|
Miroslav Stampar
|
d421f9a618
|
Fix for an Issue #157
|
2012-08-21 14:34:19 +02:00 |
|
Miroslav Stampar
|
1bcf5a6b88
|
Some more dict refactorings
|
2012-08-21 11:30:01 +02:00 |
|
Miroslav Stampar
|
01f481c332
|
Minor refactoring of dictionaries
|
2012-08-21 11:19:15 +02:00 |
|
Miroslav Stampar
|
b7415d36df
|
Minor refactoring
|
2012-08-21 10:28:25 +02:00 |
|
Miroslav Stampar
|
8ee9feafb9
|
Making payloads a bit shorter (removing redundant space after comma character - e.g. in inband queries)
|
2012-08-20 21:57:25 +02:00 |
|
Miroslav Stampar
|
823dde73ab
|
Minor cleanup
|
2012-08-20 11:40:49 +02:00 |
|
Miroslav Stampar
|
e0d9fa8666
|
Minor style update
|
2012-08-20 11:28:41 +02:00 |
|
Miroslav Stampar
|
59078bb1b8
|
Fix for an Issue #154
|
2012-08-20 10:05:13 +02:00 |
|
Miroslav Stampar
|
4649450603
|
Fix for an Issue #137
|
2012-08-16 22:20:24 +02:00 |
|
Miroslav Stampar
|
0d8fca30c9
|
Fix for an Issue #59
|
2012-08-16 11:31:43 +02:00 |
|
Miroslav Stampar
|
1af81c0de4
|
Implementation of an Issue #149
|
2012-08-15 22:31:25 +02:00 |
|
Miroslav Stampar
|
f358ab2e73
|
Implementation of an Issue #147
|
2012-08-15 16:37:18 +02:00 |
|
Miroslav Stampar
|
36b55cf209
|
Proper fix for an Issue #145
|
2012-08-14 22:28:42 +02:00 |
|
Miroslav Stampar
|
ab35ab4e2a
|
Fix for an Issue #145
|
2012-08-14 18:52:45 +02:00 |
|
Miroslav Stampar
|
432b567584
|
Fix for an Issue #141
|
2012-08-08 00:03:58 +02:00 |
|
Miroslav Stampar
|
31ceb0cb6c
|
Fix for an Issue #140
|
2012-08-07 10:57:29 +02:00 |
|
Miroslav Stampar
|
fec8a5cc9d
|
Fix for an Issue #139
|
2012-08-07 00:50:58 +02:00 |
|
Miroslav Stampar
|
f797a6d813
|
Fix for an Issue #125
|
2012-07-31 13:06:45 +02:00 |
|
Miroslav Stampar
|
6f529542e3
|
Making those --string tips (containing escaped characters) decodable by sqlmap
|
2012-07-31 11:32:53 +02:00 |
|
Miroslav Stampar
|
142fc887f1
|
Fix for an Issue #129
|
2012-07-31 11:03:44 +02:00 |
|
Miroslav Stampar
|
bdbe8ff9d9
|
Fix for an Issue #132
|
2012-07-30 22:39:45 +02:00 |
|
Miroslav Stampar
|
b9ac50faef
|
Minor bug fix
|
2012-07-30 12:09:20 +02:00 |
|
Miroslav Stampar
|
a86f9798b2
|
Minor refactoring together with a wider support for html entities
|
2012-07-30 11:21:32 +02:00 |
|
Miroslav Stampar
|
20a66567a3
|
Minor refactoring
|
2012-07-30 10:06:14 +02:00 |
|
Miroslav Stampar
|
1669c6bdb4
|
Another update for an Issue #28
|
2012-07-27 17:05:21 +02:00 |
|
Miroslav Stampar
|
6ffc5665d0
|
Update for Issue #28
|
2012-07-27 16:29:33 +02:00 |
|
Bernardo Damele
|
92c2b3bd4c
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-26 23:11:11 +01:00 |
|
Bernardo Damele
|
d492291744
|
working on issue #12
|
2012-07-26 23:11:07 +01:00 |
|
Miroslav Stampar
|
efa99c4519
|
Implementation for an Issue #4
|
2012-07-26 14:07:05 +02:00 |
|
Miroslav Stampar
|
b3552494c4
|
Minor preparation for an Issue #48
|
2012-07-26 12:26:57 +02:00 |
|
Miroslav Stampar
|
3e9f1fe410
|
Minor style update
|
2012-07-26 12:13:16 +02:00 |
|
Miroslav Stampar
|
30f8d09651
|
Implementation for an Issue #70
|
2012-07-26 12:06:02 +02:00 |
|
Miroslav Stampar
|
231f0f76b5
|
Fix for an Issue #119
|
2012-07-26 00:49:51 +02:00 |
|
Miroslav Stampar
|
cba77410a9
|
Minor style update
|
2012-07-26 00:08:49 +02:00 |
|
Miroslav Stampar
|
18b1d1efd6
|
Fix for an Issue #121
|
2012-07-26 00:02:38 +02:00 |
|
Miroslav Stampar
|
922ea9d1f4
|
Update for Issue #118
|
2012-07-24 15:43:29 +02:00 |
|
Miroslav Stampar
|
f8c9868cb6
|
Implementation for an Issue #118
|
2012-07-24 15:34:50 +02:00 |
|
Miroslav Stampar
|
42f518b2d6
|
Minor update for letting unhandledExceptionMessage() do it's job if kb has not yet been initialized
|
2012-07-24 14:44:44 +02:00 |
|
Miroslav Stampar
|
b820975217
|
Improvement of decodeIntToUnicode()
|
2012-07-23 19:31:06 +02:00 |
|
Miroslav Stampar
|
ab9cb80602
|
Implementing Issue #111
|
2012-07-23 15:14:52 +02:00 |
|
Miroslav Stampar
|
6809449e31
|
Minor style update
|
2012-07-23 15:06:49 +02:00 |
|
Miroslav Stampar
|
a7d1a0c250
|
Implementation for an Issue #117
|
2012-07-23 14:14:22 +02:00 |
|
Miroslav Stampar
|
1b6cb9442f
|
Fix for an Issue #114
|
2012-07-21 23:31:36 +02:00 |
|
Miroslav Stampar
|
95e0d46e3e
|
Fix for an Issue #110
|
2012-07-21 09:15:54 +02:00 |
|
Miroslav Stampar
|
dcf8a27f12
|
Implementation for an Issue #67
|
2012-07-18 14:24:10 +02:00 |
|
Miroslav Stampar
|
4fc462c4d9
|
Minor update for an Issue #105
|
2012-07-18 14:09:04 +02:00 |
|
Miroslav Stampar
|
655dd55a6f
|
Implementation of an Issue #105
|
2012-07-18 13:32:34 +02:00 |
|
Miroslav Stampar
|
08244c7ebf
|
Fix for an Issue #104
|
2012-07-17 15:05:50 +02:00 |
|
Miroslav Stampar
|
e30646a54f
|
Fix for an Issue #103
|
2012-07-17 10:36:22 +02:00 |
|
Miroslav Stampar
|
d6ceb7af5e
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-17 00:19:52 +02:00 |
|
Miroslav Stampar
|
81d15e5051
|
Fix for an Issue #101
|
2012-07-17 00:19:33 +02:00 |
|
Bernardo Damele
|
5f876bdbbe
|
minor adjustments
|
2012-07-16 22:50:29 +01:00 |
|
Miroslav Stampar
|
c96e44b30c
|
Fix for an Issue #100
|
2012-07-16 23:28:01 +02:00 |
|
Miroslav Stampar
|
ffbbb10abb
|
Support for dotted identificator names
|
2012-07-16 23:13:21 +02:00 |
|
Miroslav Stampar
|
0eff977c63
|
Refactoring for Issue #91
|
2012-07-16 12:24:54 +02:00 |
|
Miroslav Stampar
|
4d759984b2
|
Implementation for Issue #91
|
2012-07-16 12:12:52 +02:00 |
|
Miroslav Stampar
|
c1a14257a4
|
Removing --disable... switches and making changes in default choice(s) for respectable sections
|
2012-07-16 11:31:51 +02:00 |
|
Miroslav Stampar
|
07a85874fe
|
Implementation for Issue #92
|
2012-07-16 11:07:47 +02:00 |
|
Miroslav Stampar
|
87ecf205cb
|
More work for Issue #66
|
2012-07-14 17:01:04 +02:00 |
|
Miroslav Stampar
|
38d82771be
|
Minor style update
|
2012-07-14 11:23:22 +02:00 |
|
Miroslav Stampar
|
805120ac52
|
Minor refactoring
|
2012-07-14 11:01:30 +02:00 |
|
Miroslav Stampar
|
9a7fc24ec2
|
Minor style update
|
2012-07-13 15:22:08 +02:00 |
|
Miroslav Stampar
|
32b700f130
|
Minor style update
|
2012-07-13 15:02:11 +02:00 |
|
Miroslav Stampar
|
fbb5db00ba
|
Minor style update
|
2012-07-13 15:00:39 +02:00 |
|
Miroslav Stampar
|
786686da60
|
Minor language update
|
2012-07-13 14:53:42 +02:00 |
|
Miroslav Stampar
|
3c81f74823
|
Minor style update
|
2012-07-13 12:22:37 +02:00 |
|
Miroslav Stampar
|
6ade007aec
|
Minor update of language
|
2012-07-13 12:13:04 +02:00 |
|
Miroslav Stampar
|
c5ecc8b8db
|
Closing work on Issue #83
|
2012-07-13 11:23:21 +02:00 |
|
Miroslav Stampar
|
48f68bd076
|
First commit for Issue #83
|
2012-07-13 10:35:22 +02:00 |
|
Miroslav Stampar
|
d834e8debf
|
Minor update
|
2012-07-13 10:28:03 +02:00 |
|
Miroslav Stampar
|
b11fd8b9f7
|
Fix for an Issue #87
|
2012-07-13 10:11:16 +02:00 |
|
Bernardo Damele
|
162da75a04
|
modified homepage address
|
2012-07-12 18:38:03 +01:00 |
|
Miroslav Stampar
|
a49d685eb8
|
Hidding --beep (Issue #84)
|
2012-07-12 17:03:24 +02:00 |
|
Miroslav Stampar
|
569c9214bf
|
Adding support for boldifying important logging messages
|
2012-07-12 16:30:35 +02:00 |
|
Miroslav Stampar
|
b2fe1c30f8
|
Minority report
|
2012-07-12 16:04:01 +02:00 |
|
Miroslav Stampar
|
8e18514e56
|
Minor refactoring for all that stickyness
|
2012-07-12 15:58:45 +02:00 |
|
Miroslav Stampar
|
fe61bdce75
|
Minor update
|
2012-07-12 15:25:26 +02:00 |
|
Miroslav Stampar
|
dbbca16c69
|
Minor renaming
|
2012-07-12 15:24:40 +02:00 |
|
Miroslav Stampar
|
9bc24cea6b
|
Dealing with kb.currentMessage issue
|
2012-07-12 15:23:35 +02:00 |
|
Miroslav Stampar
|
b320dc118d
|
Minor fix (recognizing if it's colorizing handler or not)
|
2012-07-12 14:55:54 +02:00 |
|
Miroslav Stampar
|
65639cdda6
|
First update for Issue #75 (error-based dumping)
|
2012-07-12 14:31:28 +02:00 |
|
Miroslav Stampar
|
3fd5119f3f
|
Redesigning for Issue #75
|
2012-07-12 13:42:22 +02:00 |
|
Bernardo Damele
|
3d66e2dfb1
|
minor bug fix
|
2012-07-12 10:47:51 +01:00 |
|
Bernardo Damele
|
ee3aeb8dcf
|
actual implementation of issue #75, still some work to do
|
2012-07-12 01:16:00 +01:00 |
|
Bernardo Damele
|
a5924739f6
|
minor code refactoring in preparation of ticket #75
|
2012-07-12 01:12:30 +01:00 |
|
Bernardo Damele
|
53c0336b48
|
added --hostname switch to retrieve DBMS server hostname - closes issue #69
|
2012-07-12 00:01:57 +01:00 |
|
Bernardo Damele
|
4e64c1126d
|
restored bold on questions to users (calls from readInput()) - issue #77
|
2012-07-11 22:56:11 +01:00 |
|
Bernardo Damele
|
247f95e051
|
restored kb.currentMessage - needed in cases where we send to dataToStdout() strings like "." (e.g. "creation in progres ..... done")
|
2012-07-11 22:48:27 +01:00 |
|
Bernardo Damele
|
2b3ea3e3b7
|
fixed colouring for PAYLOAD (-v 3) - issue #77
|
2012-07-11 22:40:52 +01:00 |
|
Miroslav Stampar
|
15ee5310d9
|
Adding traffic in and out to color_map
|
2012-07-11 20:42:18 +02:00 |
|
Miroslav Stampar
|
43cac2212b
|
Fix for a case when ColorizingStreamHandler is not used
|
2012-07-11 20:36:32 +02:00 |
|
Miroslav Stampar
|
72378d4f61
|
Some more refactoring
|
2012-07-11 20:29:48 +02:00 |
|
Miroslav Stampar
|
c6464b44be
|
Some more refactoring
|
2012-07-11 20:13:23 +02:00 |
|
Miroslav Stampar
|
d7926b8aac
|
Minor refactoring
|
2012-07-11 19:54:21 +02:00 |
|
Bernardo Damele
|
53ccd09ca4
|
now also readInput() uses colouring
|
2012-07-11 17:53:32 +01:00 |
|
Bernardo Damele
|
02ec25b4b8
|
code refactoring
|
2012-07-11 17:44:23 +01:00 |
|
Bernardo Damele
|
77b275f1a6
|
conf->kb
|
2012-07-11 17:32:12 +01:00 |
|
Bernardo Damele
|
1d2c87e24e
|
leftover
|
2012-07-11 17:22:01 +01:00 |
|
Bernardo Damele
|
105ac8ea77
|
deleted unnecessary hg file
|
2012-07-11 17:06:56 +01:00 |
|
Bernardo Damele
|
fa2f6f9a39
|
colourize manually crafter "logging" messages
|
2012-07-11 16:48:30 +01:00 |
|
Bernardo Damele
|
f219b39980
|
minor fix in case ctypes is not installed on Windows
|
2012-07-10 13:08:37 +01:00 |
|
Miroslav Stampar
|
8caffac4bc
|
conf.unescape->kb.unescape
|
2012-07-10 10:55:04 +02:00 |
|
Miroslav Stampar
|
e7f78bf04f
|
Fix for an issue where False value was displayed for --is.. switches
|
2012-07-10 10:31:14 +02:00 |
|
Bernardo Damele
|
ea77e7d9d1
|
added missing file - issue #77
|
2012-07-10 03:00:21 +01:00 |
|
Bernardo Damele
|
eb7ffb8f91
|
setup for implementing logging colouring - issue #77
|
2012-07-10 02:54:37 +01:00 |
|
Bernardo Damele
|
0a3899858d
|
missed in previous commit
|
2012-07-10 01:37:53 +01:00 |
|
Bernardo Damele
|
a27f50ed1d
|
added conf.unescape global variable to control whether or not the injected statements should be unescaped
|
2012-07-10 01:37:16 +01:00 |
|
Bernardo Damele
|
f645ac6040
|
dealing with variables in SQL procs - issue #33
|
2012-07-10 01:05:03 +01:00 |
|
Bernardo Damele
|
2527554f8e
|
more work on #33
|
2012-07-10 00:53:07 +01:00 |
|
Bernardo Damele
|
c4af7b9aa0
|
initial work for issue #33
|
2012-07-10 00:27:08 +01:00 |
|
Bernardo Damele
|
d3da3f5c52
|
refactoring for issue #51
|
2012-07-10 00:19:32 +01:00 |
|
Bernardo Damele
|
99c5ea54f7
|
cleanup for #34
|
2012-07-09 12:39:43 +01:00 |
|
Miroslav Stampar
|
3ff28e58b4
|
Update regarding Issue #52
|
2012-07-08 19:24:25 +02:00 |
|
Miroslav Stampar
|
0d539a876d
|
Minor fix (subversion->github)
|
2012-07-07 23:49:34 +02:00 |
|
Miroslav Stampar
|
a525dd4336
|
Fix for Issue #72
|
2012-07-07 19:02:46 +02:00 |
|
Miroslav Stampar
|
f00a776d8d
|
Minor fix for BigArray (now accepting negative indexes)
|
2012-07-07 10:35:29 +02:00 |
|
Miroslav Stampar
|
8c871476ee
|
Some more refactoring
|
2012-07-06 17:34:40 +02:00 |
|
Miroslav Stampar
|
6bc0b34031
|
Some more refactoring
|
2012-07-06 17:28:01 +02:00 |
|
Miroslav Stampar
|
e948e4d45b
|
Some more refactoring
|
2012-07-06 17:18:22 +02:00 |
|
Miroslav Stampar
|
438a636973
|
Fix for issue Issue #60
|
2012-07-06 15:36:32 +02:00 |
|
Miroslav Stampar
|
6a05e3fd79
|
Fix for Issue #61
|
2012-07-06 14:24:44 +02:00 |
|
Miroslav Stampar
|
1ebff35b19
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-06 12:25:21 +02:00 |
|
Miroslav Stampar
|
982fcde1c0
|
Fix for Issue #62
|
2012-07-06 12:24:55 +02:00 |
|
Bernardo Damele
|
4fa6d51d93
|
improved issues link
|
2012-07-05 16:26:50 +01:00 |
|
Miroslav Stampar
|
c3c1b9e957
|
Minor restyling
|
2012-07-04 20:28:18 +02:00 |
|
Miroslav Stampar
|
23fb753759
|
Finishing work on Issue #52
|
2012-07-03 22:13:01 +02:00 |
|
Miroslav Stampar
|
40fc6488bf
|
Fix for Issue #56 (Google has changed few things for retrieving PR)
|
2012-07-03 21:00:18 +02:00 |
|
Miroslav Stampar
|
bbf41f6658
|
Removing debugging leftover
|
2012-07-03 16:50:05 +02:00 |
|
Miroslav Stampar
|
ada627a022
|
Another update for Issue #52
|
2012-07-03 16:49:34 +02:00 |
|
Miroslav Stampar
|
70f754f6c5
|
Making work on Issue #52
|
2012-07-03 16:34:11 +02:00 |
|
Bernardo Damele
|
793fa464e3
|
website url fix
|
2012-07-03 13:14:39 +01:00 |
|
Miroslav Stampar
|
481b46a004
|
Restyling output for Issue #52
|
2012-07-03 13:06:52 +02:00 |
|
Miroslav Stampar
|
3af1532700
|
Implementation for Issue #54
|
2012-07-03 12:09:18 +02:00 |
|
Miroslav Stampar
|
5af6ca58a0
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-07-03 00:50:45 +02:00 |
|
Miroslav Stampar
|
168aeadf76
|
Adding switch --output-dir (Issue #53)
|
2012-07-03 00:50:23 +02:00 |
|
Bernardo Damele
|
04d803c7fd
|
more tweaking for issue #34, it's totally not as trivial as it may look (OPENROWSET has many limitations on MSSQL >= 2005)
|
2012-07-02 15:02:00 +01:00 |
|
Miroslav Stampar
|
8eefe4b71f
|
Getting back revision number - displayed like in GitHub commits (Issue #52)
|
2012-07-02 13:01:20 +02:00 |
|
Bernardo Damele
|
7b4ecd9df0
|
added skeleton code for issue #34, still not usable
|
2012-07-02 00:22:34 +01:00 |
|
Bernardo Damele
|
4736d46677
|
just in case..
|
2012-07-02 00:00:46 +01:00 |
|
Bernardo Damele
|
03d2c9c818
|
placeholder message when --update is provided, remove when the function is updated to pull changes from git
|
2012-07-01 23:59:44 +01:00 |
|
Miroslav Stampar
|
d7cd55fb28
|
Fix for Issue #47
|
2012-07-01 11:05:04 +02:00 |
|
Miroslav Stampar
|
21d9ae0a2c
|
some more refactoring
|
2012-07-01 01:19:54 +02:00 |
|
Miroslav Stampar
|
f6509db31a
|
minor refactoring
|
2012-07-01 00:33:19 +02:00 |
|
Miroslav Stampar
|
e51d3a02f1
|
Update for Issue #43 (renamed --disable-cracking to --disable-hash)
|
2012-06-28 18:53:47 +02:00 |
|
Miroslav Stampar
|
18b596ea75
|
Merge branch 'master' of github.com:sqlmapproject/sqlmap
|
2012-06-28 18:48:18 +02:00 |
|
Miroslav Stampar
|
c8bac658f3
|
Fix for Issue #43
|
2012-06-28 18:47:55 +02:00 |
|
Miroslav Stampar
|
2a72fcce2b
|
Fix for Issue #42
|
2012-06-28 13:55:30 +02:00 |
|
jekil
|
c39e5a85ba
|
Removed $id$ tags
|
2012-06-27 20:56:43 +02:00 |
|
Miroslav Stampar
|
ea5d483c86
|
session file no more
|
2012-06-21 11:19:30 +00:00 |
|
Miroslav Stampar
|
ec44e88db8
|
lots of refactoring regarding removal of already obsolete session file mechanism
|
2012-06-21 10:09:10 +00:00 |
|
Miroslav Stampar
|
1e67b4f0b9
|
minor fix
|
2012-06-20 14:16:26 +00:00 |
|
Miroslav Stampar
|
302d782a0f
|
minor style update
|
2012-06-19 08:33:51 +00:00 |
|
Miroslav Stampar
|
452ef202ae
|
minor fixes
|
2012-06-17 22:48:23 +00:00 |
|
Miroslav Stampar
|
b9f6943a42
|
minor update
|
2012-06-17 21:23:12 +00:00 |
|
Miroslav Stampar
|
06be7bbb18
|
few just in case fixes (unarrayizeValue in dumpTable entries) and and some refactoring (unique is now not done for every union case but only if detected that there are duplicates in union test)
|
2012-06-15 20:41:53 +00:00 |
|
Miroslav Stampar
|
76c873a222
|
minor fix
|
2012-06-15 06:22:44 +00:00 |
|
Miroslav Stampar
|
76584ff0fa
|
unhidding --test-filter
|
2012-06-14 14:36:53 +00:00 |
|
Miroslav Stampar
|
d2dd47fb23
|
some more refactoring
|
2012-06-14 13:52:56 +00:00 |
|
Miroslav Stampar
|
3a90105fbb
|
minor refactoring
|
2012-06-14 13:38:53 +00:00 |
|
Miroslav Stampar
|
1204eb00b2
|
minor fix
|
2012-06-14 12:46:32 +00:00 |
|
Miroslav Stampar
|
19c0efec59
|
just a minor refactoring
|
2012-06-14 09:10:28 +00:00 |
|
Miroslav Stampar
|
a51d8c4c79
|
replacing identifier safe char " with [] enclosing for MsSQL
|
2012-06-13 15:27:42 +00:00 |
|
Miroslav Stampar
|
367de838c1
|
minor update
|
2012-06-13 14:08:32 +00:00 |
|
Miroslav Stampar
|
d7f698fa14
|
minor update
|
2012-06-11 22:01:13 +00:00 |
|
Miroslav Stampar
|
058a9c59a2
|
fix for a bug noticed in a multi target run (log files weren't saved properly - removed buffering as it didn't produce any noticeable results)
|
2012-06-05 22:40:55 +00:00 |
|
Miroslav Stampar
|
f94ebe3107
|
minor fix (credentials were only set for the first target)
|
2012-06-04 22:30:12 +00:00 |
|
Miroslav Stampar
|
7b282b1d6c
|
adding support for newer SSL protocols
|
2012-06-04 19:46:28 +00:00 |
|
Miroslav Stampar
|
10b0639a96
|
making a "--exact" switch on demand (choosing exact identifier names by default instead of LIKE)
|
2012-06-04 09:24:46 +00:00 |
|
Miroslav Stampar
|
b1d82422a0
|
changing conf.dnsDomain to conf.dName just because of long text problems in help listing
|
2012-05-28 14:15:04 +00:00 |
|
Miroslav Stampar
|
76eeba10e2
|
unhiding --dns-domain switch
|
2012-05-27 18:41:06 +00:00 |
|
Miroslav Stampar
|
71ff081fde
|
minor update
|
2012-05-27 09:11:19 +00:00 |
|
Miroslav Stampar
|
d335ec0c34
|
turning back on time auto-adjustment mechanism (if turned off) after a threshold run of valid chars
|
2012-05-26 07:00:26 +00:00 |
|
Miroslav Stampar
|
db526bdbc0
|
minor update (tainted values are not checked any more in multipleTargets mode)
|
2012-05-25 09:52:17 +00:00 |
|
Miroslav Stampar
|
c394610740
|
adding switch --skip-urlencode to skip URL encoding of POST data
|
2012-05-24 23:30:33 +00:00 |
|
Miroslav Stampar
|
86fdad2bfa
|
minor update
|
2012-05-24 22:07:50 +00:00 |
|
Miroslav Stampar
|
eed8d7eb5d
|
finalizing support for IPv6
|
2012-05-24 21:55:57 +00:00 |
|
Miroslav Stampar
|
b6d37d766a
|
minor update regarding IPv6 support
|
2012-05-24 21:49:20 +00:00 |
|
Miroslav Stampar
|
92286104e3
|
minor just in case update
|
2012-05-24 21:39:10 +00:00 |
|
Miroslav Stampar
|
3e9c57d177
|
minor fix
|
2012-05-24 21:36:35 +00:00 |
|
Miroslav Stampar
|
be76928293
|
minor fix
|
2012-05-24 20:53:01 +00:00 |
|
Miroslav Stampar
|
2538e2d5b4
|
fixing an issue with --file-read and ROW() MySQL payload (it's internal caching mechanism prevents error message if FROM part is not unique enough dumping only partial file content); minor refactoring
|
2012-05-22 09:33:22 +00:00 |
|
Miroslav Stampar
|
2c057d5b3d
|
minor style update
|
2012-05-21 22:40:52 +00:00 |
|
Miroslav Stampar
|
bbfa4b6d5d
|
minor update
|
2012-05-14 14:38:16 +00:00 |
|
Miroslav Stampar
|
333f8057a5
|
minor fix (when redirected path has non-ASCII char and conf.url is unicode) and bits along with pieces
|
2012-05-14 14:06:43 +00:00 |
|
Miroslav Stampar
|
595f69fa2c
|
minor language update
|
2012-05-10 18:30:25 +00:00 |
|
Miroslav Stampar
|
35f400b45b
|
minor language upgrade
|
2012-05-10 18:25:12 +00:00 |
|
Miroslav Stampar
|
80aedbe284
|
adding a warning about --tor switch
|
2012-05-10 18:17:32 +00:00 |
|
Miroslav Stampar
|
b81fe42d4b
|
turning off null connection on -o when --tor used (not compatible)
|
2012-05-10 17:50:54 +00:00 |
|
Miroslav Stampar
|
efdd86ddcc
|
minor just in case patch
|
2012-05-10 14:22:34 +00:00 |
|
Miroslav Stampar
|
6367f59b98
|
minor code refactoring
|
2012-05-10 14:15:17 +00:00 |
|
Miroslav Stampar
|
1418ae9767
|
little refactoring of parseUnionPage together with a patch for some special case
|
2012-05-09 18:47:40 +00:00 |
|
Miroslav Stampar
|
37f2709197
|
making a generic solution for all "Generic comment"/MsAccess cases (it's the only DBMS which doesn't accept --, hence replacing generic comment with %00 for it)
|
2012-05-09 09:08:23 +00:00 |
|
Miroslav Stampar
|
64c241fe92
|
limiting original UNION query results to only 1 result (potentially speeding things up in some cases)
|
2012-05-08 13:45:53 +00:00 |
|
Miroslav Stampar
|
a121339395
|
automatically writing uncracked hashes to a file for eventual further processing
|
2012-05-08 10:46:05 +00:00 |
|
Miroslav Stampar
|
96299d3d5d
|
minor refactoring
|
2012-05-03 22:34:18 +00:00 |
|
Miroslav Stampar
|
cc28f6db6b
|
minor update
|
2012-05-01 20:43:16 +00:00 |
|
Miroslav Stampar
|
17efeaae7f
|
causing too much confusion among dummy users
|
2012-05-01 09:04:11 +00:00 |
|
Miroslav Stampar
|
694b14111f
|
skipping suffix if comment is used in agent.suffixQuery (and --suffix not explicitly set)
|
2012-04-27 13:16:51 +00:00 |
|
Miroslav Stampar
|
6f67dc85ee
|
adding --invalid-bignum (Havij like bignum style for invalidating/negating values); renaming --logical-negate to --invalid-logical
|
2012-04-25 20:29:07 +00:00 |
|
Miroslav Stampar
|
cec432f94d
|
minor update
|
2012-04-23 14:43:59 +00:00 |
|
Miroslav Stampar
|
697768c01a
|
adding --purge-output to be one of mandatory switches
|
2012-04-23 14:42:24 +00:00 |
|
Miroslav Stampar
|
d57d5e4b2c
|
minor update
|
2012-04-23 14:33:36 +00:00 |
|
Miroslav Stampar
|
1eecfb3dce
|
adding new file related to the last commit
|
2012-04-23 14:25:16 +00:00 |
|
Miroslav Stampar
|
095b25e1d1
|
adding option '--purge'
|
2012-04-23 14:24:23 +00:00 |
|
Miroslav Stampar
|
be2da77bf8
|
minor update
|
2012-04-23 10:15:04 +00:00 |
|
Miroslav Stampar
|
21c6b52198
|
minor fix
|
2012-04-23 10:11:00 +00:00 |
|
Miroslav Stampar
|
2b1b4c0742
|
minor fix
|
2012-04-18 10:01:04 +00:00 |
|
Miroslav Stampar
|
6ebb621228
|
adding support for (custom) POST injection (marking injection point with '*' in conf.data)
|
2012-04-17 14:23:00 +00:00 |
|
Miroslav Stampar
|
efd27d7ade
|
minor renaming
|
2012-04-17 08:41:19 +00:00 |
|
Miroslav Stampar
|
601d118c68
|
reverting back to UNION ALL scheme (UNION is doing another DISTINCT on data causing problems on some column types)
|
2012-04-15 16:59:03 +00:00 |
|
Miroslav Stampar
|
052d9455fe
|
warning user in cases of "User xyz already has more than 'max_user_connections' active connections"
|
2012-04-12 09:44:54 +00:00 |
|
Miroslav Stampar
|
c7422546e1
|
tiny update
|
2012-04-11 23:01:38 +00:00 |
|
Miroslav Stampar
|
2bad73a981
|
minor update
|
2012-04-11 21:48:44 +00:00 |
|
Miroslav Stampar
|
e195de2093
|
correcting comment on reflective removal function
|
2012-04-11 21:41:48 +00:00 |
|
Miroslav Stampar
|
b45ae10da4
|
minor fixes
|
2012-04-11 21:36:37 +00:00 |
|
Miroslav Stampar
|
627bfc589f
|
some more updates in reflective removal mechanism
|
2012-04-11 21:26:00 +00:00 |
|
Miroslav Stampar
|
8b130f6497
|
minor improvement for reflective values (when missing first part of payload like in error reports)
|
2012-04-11 15:01:28 +00:00 |
|
Miroslav Stampar
|
01bd5d0ab2
|
some more updates for reflective mechanism
|
2012-04-11 10:41:33 +00:00 |
|
Miroslav Stampar
|
2e92d8636e
|
improvement of reflective mechanism
|
2012-04-11 08:58:03 +00:00 |
|
Miroslav Stampar
|
60ca44e0cf
|
minor adjustment
|
2012-04-11 08:35:09 +00:00 |
|
Miroslav Stampar
|
8541222080
|
minor update
|
2012-04-10 22:26:42 +00:00 |
|
Miroslav Stampar
|
9c2f244d47
|
minor fix
|
2012-04-10 22:20:53 +00:00 |
|
Miroslav Stampar
|
119eec3598
|
improving "boolean detection" by automatic recognition of convenient --string candidate
|
2012-04-10 21:48:34 +00:00 |
|
Miroslav Stampar
|
8c6eb4faa9
|
adding support for PgSQL DNS data exfiltration
|
2012-04-07 14:06:11 +00:00 |
|
Miroslav Stampar
|
b2afa87e48
|
reading page responses in chunks, trimming unnecessary content (especially for large table dumps in full inband cases)
|
2012-04-06 08:42:36 +00:00 |
|
Miroslav Stampar
|
2223c884e5
|
minor refactoring
|
2012-04-05 12:55:26 +00:00 |
|
Miroslav Stampar
|
02924eb345
|
minor update
|
2012-04-04 23:47:06 +00:00 |
|
Bernardo Damele
|
d106fb5184
|
layout adjustments
|
2012-04-04 12:27:24 +00:00 |
|
Miroslav Stampar
|
1b2cd44255
|
proper fix
|
2012-04-04 10:35:52 +00:00 |
|
Miroslav Stampar
|
7031ef8e00
|
removing default values for referer and host from higher level/risk options
|
2012-04-04 10:34:27 +00:00 |
|
Miroslav Stampar
|
b0787f193c
|
getting rid of obsolete getCompiledRegex (in newer versions of Python regexes are already cached)
|
2012-04-03 14:34:15 +00:00 |
|
Miroslav Stampar
|
33bb9c5f19
|
much cleaner approach in that "flat" representation of retrieved items in union technique
|
2012-04-03 13:56:11 +00:00 |
|
Miroslav Stampar
|
e05109812f
|
minor improvements regarding data retrieval through DNS channel
|
2012-04-03 09:18:30 +00:00 |
|
Miroslav Stampar
|
2c28423cb8
|
minor update
|
2012-04-02 14:57:15 +00:00 |
|
Miroslav Stampar
|
1cd3c3f7af
|
further update of DNS data retrieval mechanism through SQLi
|
2012-04-02 14:05:30 +00:00 |
|
Miroslav Stampar
|
1e01203562
|
few just in case "patches"
|
2012-04-02 12:58:10 +00:00 |
|
Miroslav Stampar
|
d908d078dd
|
minor fix
|
2012-04-02 12:27:30 +00:00 |
|
Miroslav Stampar
|
abffc39929
|
minor update regarding DNS data retrieval task
|
2012-04-02 12:22:40 +00:00 |
|
Miroslav Stampar
|
f7a664b120
|
enablind DNS server for DNS data exfiltration
|
2012-03-31 12:08:27 +00:00 |
|
Miroslav Stampar
|
8be9cd4ac4
|
bug fix (on Linux machine when os.geteuid() returns an integer value !=0 it was then returned and interpreted as TRUE value)
|
2012-03-31 10:22:50 +00:00 |
|
Miroslav Stampar
|
56638f9e95
|
making --no-cast unhidden and renaming --negative-logic to --logical-negate to prevent confusion with stuff used in OR boolean based injection
|
2012-03-30 10:50:01 +00:00 |
|
Miroslav Stampar
|
79c3d6f2aa
|
minor update
|
2012-03-30 10:37:46 +00:00 |
|
Miroslav Stampar
|
637a8d8273
|
improvement toward proper implementation of OR-based injection by usage of "negative logic" mechanism
|
2012-03-29 14:33:27 +00:00 |
|
Miroslav Stampar
|
772ead8d03
|
fixed support for error-based injection on MySQL 4.1 (help table a needs more than 2 items inside); also, fixed some border issues with reflective values
|
2012-03-29 12:44:20 +00:00 |
|
Miroslav Stampar
|
60146481af
|
bug fix(es) (flags were used in place of count parameter in re.sub() calls)
|
2012-03-28 19:33:00 +00:00 |
|
Miroslav Stampar
|
9433bbe26d
|
memory optimization for reflective removal mechanism (there was no need for \n\r in the first place as there was no re.S flag used - also, one re.sub "flags <-> count" bug fixed)
|
2012-03-28 19:27:12 +00:00 |
|
Miroslav Stampar
|
7fd64df167
|
minor code cleaning
|
2012-03-28 13:31:07 +00:00 |
|
Miroslav Stampar
|
11132ba993
|
fix for a bug in reflection removal mechanism
|
2012-03-19 14:28:18 +00:00 |
|
Miroslav Stampar
|
0fc4288a7c
|
modifying redirection code for only two choices
|
2012-03-18 17:27:08 +00:00 |
|
Miroslav Stampar
|
cbdcbdd786
|
minor minor update
|
2012-03-16 11:18:18 +00:00 |
|
Miroslav Stampar
|
adb5fff6b2
|
one more update related to the redirection mechanism
|
2012-03-15 20:17:40 +00:00 |
|
Miroslav Stampar
|
19beb912fa
|
first step toward negative logic support
|
2012-03-15 15:52:12 +00:00 |
|
Miroslav Stampar
|
3d9b1599d1
|
minor update
|
2012-03-15 11:45:32 +00:00 |
|
Miroslav Stampar
|
a8c9a47092
|
redirect logic rewritten from scratch
|
2012-03-15 11:10:58 +00:00 |
|
Bernardo Damele
|
890bf708bc
|
Minor fixes to make --os-* switch work again against MySQL/Windows/ASP.NET (where stacked queries are supported)
|
2012-03-15 00:19:57 +00:00 |
|
Miroslav Stampar
|
ca0d068575
|
distinguishing NULL from BLANK
|
2012-03-14 13:52:23 +00:00 |
|
Miroslav Stampar
|
61ad3b999a
|
fix for a crash with partial union and --hex
|
2012-03-14 10:31:24 +00:00 |
|
Miroslav Stampar
|
a7fbc55748
|
grammar fix
|
2012-03-13 22:03:23 +00:00 |
|
Miroslav Stampar
|
e827f41cdb
|
using pickle HIGHEST_PROTOCOL just in case
|
2012-03-13 09:35:37 +00:00 |
|
Miroslav Stampar
|
cda8815634
|
introducing safe deprecation mechanism for HashDB versioning
|
2012-03-12 22:55:57 +00:00 |
|
Miroslav Stampar
|
6ed1b04bbe
|
minor update
|
2012-03-12 13:27:07 +00:00 |
|
Bernardo Damele
|
c79807f5fb
|
Minor layout adjustments
|
2012-03-08 15:11:24 +00:00 |
|
Miroslav Stampar
|
775e424bf2
|
bug fix for using --no-cast and --hex switches together
|
2012-03-08 15:04:52 +00:00 |
|
Miroslav Stampar
|
11c7cc5224
|
minor temporary fix
|
2012-03-08 11:08:43 +00:00 |
|
Miroslav Stampar
|
98a3e43f53
|
bug fix for writing raw pickled data into SQLite HashDB
|
2012-03-08 10:57:47 +00:00 |
|
Miroslav Stampar
|
cd28eb6544
|
minor update regarding --load-cookies
|
2012-03-08 10:19:34 +00:00 |
|
Miroslav Stampar
|
2c87d061e9
|
minor update
|
2012-03-08 10:03:59 +00:00 |
|
Miroslav Stampar
|
b4cf8b05b3
|
added switch --load-cookies
|
2012-03-07 14:48:45 +00:00 |
|
Miroslav Stampar
|
4cfea96471
|
minor update
|
2012-03-05 09:56:48 +00:00 |
|
Miroslav Stampar
|
ac5a752b12
|
Oracle's XMLType doesn't like '#' char too
|
2012-03-01 11:59:37 +00:00 |
|
Miroslav Stampar
|
37db27b720
|
turning back on automatic adjusting of delays in time based queries
|
2012-02-29 15:51:23 +00:00 |
|
Miroslav Stampar
|
0205d96d7b
|
minor fix
|
2012-02-29 15:38:01 +00:00 |
|
Miroslav Stampar
|
8b9c5c66cc
|
code refactoring regarding charsetType inside inference/bisection
|
2012-02-29 14:36:23 +00:00 |
|
Miroslav Stampar
|
f6f98f1b41
|
minor improvement
|
2012-02-29 14:19:59 +00:00 |
|
Miroslav Stampar
|
d06182347f
|
fixing few potential problems
|
2012-02-29 13:56:40 +00:00 |
|
Miroslav Stampar
|
f142c0f782
|
minor update
|
2012-02-28 14:04:13 +00:00 |
|
Miroslav Stampar
|
22b3fa0749
|
minor update
|
2012-02-27 15:28:36 +00:00 |
|
Miroslav Stampar
|
a9bf0297f6
|
moving injection data to HashDB
|
2012-02-27 13:44:07 +00:00 |
|
Miroslav Stampar
|
68e08d2749
|
minor fix for not displaying 'None' but None in enumeration when data unavailable
|
2012-02-27 13:15:10 +00:00 |
|
Miroslav Stampar
|
3909658fc2
|
few minor just in case updates
|
2012-02-27 11:15:53 +00:00 |
|
Miroslav Stampar
|
85125018a1
|
minor bug fix
|
2012-02-25 22:54:32 +00:00 |
|
Miroslav Stampar
|
5d307cf886
|
minor update
|
2012-02-25 10:54:39 +00:00 |
|
Miroslav Stampar
|
06ab3fa134
|
minor update
|
2012-02-25 10:53:38 +00:00 |
|
Miroslav Stampar
|
74b19a0386
|
minor update
|
2012-02-25 10:43:10 +00:00 |
|
Miroslav Stampar
|
5b67af3b20
|
minor update
|
2012-02-24 15:03:39 +00:00 |
|
Miroslav Stampar
|
8a203ef79d
|
making session data strictly dependent on url through HashDB helper functions
|
2012-02-24 14:58:24 +00:00 |
|
Miroslav Stampar
|
c36cbbb3ae
|
minor fix
|
2012-02-24 14:54:10 +00:00 |
|
Miroslav Stampar
|
9d6fd2e507
|
bug fix for --schema --technique=BST
|
2012-02-24 14:12:19 +00:00 |
|
Miroslav Stampar
|
f94b91ad87
|
added helper function for HashDB data storing/retrieval
|
2012-02-24 13:07:20 +00:00 |
|
Miroslav Stampar
|
b481c0352f
|
minor update
|
2012-02-24 11:25:56 +00:00 |
|
Miroslav Stampar
|
1f6ce265b9
|
minor fix
|
2012-02-24 11:05:04 +00:00 |
|
Miroslav Stampar
|
5afbd52b61
|
more update related to last commits
|
2012-02-24 10:57:23 +00:00 |
|
Miroslav Stampar
|
570d3a19c2
|
more general fix
|
2012-02-24 10:53:28 +00:00 |
|
Miroslav Stampar
|
e8352e504f
|
fixing problems with chars deletition by logging messages in inference mode
|
2012-02-24 10:48:19 +00:00 |
|
Miroslav Stampar
|
71028a81f5
|
fix for proper retrieval of columns in SQLite
|
2012-02-24 09:55:13 +00:00 |
|
Miroslav Stampar
|
7941504c3a
|
minor update
|
2012-02-23 15:32:36 +00:00 |
|
Miroslav Stampar
|
0478e4166a
|
minor justin case fix
|
2012-02-23 15:19:20 +00:00 |
|
Miroslav Stampar
|
6e54cb171f
|
minor code restyling
|
2012-02-22 15:53:36 +00:00 |
|
Miroslav Stampar
|
61a25418a9
|
minor update
|
2012-02-22 10:45:10 +00:00 |
|
Miroslav Stampar
|
b3bd4144f5
|
removing of unused imports together with some general code refactoring
|
2012-02-22 10:40:11 +00:00 |
|
Miroslav Stampar
|
386e98a0e3
|
using UNION SELECT for where=..NEGATIVE
|
2012-02-22 09:41:58 +00:00 |
|
Miroslav Stampar
|
686eacda9a
|
minor update regarding --hex
|
2012-02-21 13:38:18 +00:00 |
|
Miroslav Stampar
|
bcf3255fe1
|
implementation of switch --hex for 4 major DBMSes
|
2012-02-21 11:44:48 +00:00 |
|
Miroslav Stampar
|
3e4db6d140
|
minor fix for Python v2.6
|
2012-02-20 19:35:57 +00:00 |
|
Miroslav Stampar
|
bc4dd7c0dd
|
fix for -g
|
2012-02-20 10:02:19 +00:00 |
|
Miroslav Stampar
|
aee269cc14
|
gazillion changes, nothing will work, muhahaha
|
2012-02-17 14:22:48 +00:00 |
|
Miroslav Stampar
|
dcf7277a0f
|
some more refactorings
|
2012-02-16 14:42:28 +00:00 |
|
Miroslav Stampar
|
6632aa7308
|
some more refactoring
|
2012-02-16 13:46:01 +00:00 |
|
Miroslav Stampar
|
844fc8addb
|
minor cleanup
|
2012-02-16 10:19:36 +00:00 |
|
Miroslav Stampar
|
0e23521adc
|
some more refactoring
|
2012-02-16 09:54:29 +00:00 |
|
Miroslav Stampar
|
e1f86c97c4
|
minor refactoring
|
2012-02-16 09:46:41 +00:00 |
|
Miroslav Stampar
|
bcf9fc6c6f
|
minor refactoring
|
2012-02-16 09:32:47 +00:00 |
|
Miroslav Stampar
|
8d7912ad34
|
minor update and refactoring
|
2012-02-15 14:05:50 +00:00 |
|
Miroslav Stampar
|
bf923a97df
|
minor update
|
2012-02-15 13:45:10 +00:00 |
|
Miroslav Stampar
|
122db6e164
|
minor update
|
2012-02-15 13:24:02 +00:00 |
|
Miroslav Stampar
|
9059d30312
|
adding first code example for SPL snippets
|
2012-02-15 13:17:01 +00:00 |
|
Miroslav Stampar
|
23cc8b6974
|
minor fix for special cases when parameter value contains html encoded characters
|
2012-02-14 14:08:10 +00:00 |
|
Miroslav Stampar
|
bb5113980b
|
minor update
|
2012-02-14 10:27:56 +00:00 |
|
Miroslav Stampar
|
3f15c52188
|
minor change in workflow for "tainted" parameter values
|
2012-02-14 09:26:52 +00:00 |
|
Miroslav Stampar
|
b140ef4a14
|
minor update (preparing for switching to HashDB from old sessionFile)
|
2012-02-10 10:24:48 +00:00 |
|
Miroslav Stampar
|
980367b7b2
|
minor update
|
2012-02-09 09:48:47 +00:00 |
|
Miroslav Stampar
|
7e9e582eca
|
minor update
|
2012-02-08 14:23:57 +00:00 |
|
Miroslav Stampar
|
2662fe84f7
|
minor update
|
2012-02-08 12:02:50 +00:00 |
|
Miroslav Stampar
|
93d7d6c355
|
minor patch
|
2012-02-08 10:38:58 +00:00 |
|
Miroslav Stampar
|
6bedb80ffa
|
adding --force-ssl switch (most useful in combination with -r)
|
2012-02-08 09:11:57 +00:00 |
|
Miroslav Stampar
|
e50d64546f
|
minor fix
|
2012-02-07 14:57:48 +00:00 |
|
Miroslav Stampar
|
2b05ded9c3
|
just a makeup
|
2012-02-07 12:05:23 +00:00 |
|
Miroslav Stampar
|
b4f4a982e4
|
minor update
|
2012-02-07 11:37:54 +00:00 |
|
Miroslav Stampar
|
11af0b1bbc
|
minor fix
|
2012-02-07 11:16:03 +00:00 |
|
Miroslav Stampar
|
f7bf1fbe94
|
upgrade/fixes for direct DBMS access
|
2012-02-07 10:46:55 +00:00 |
|
Miroslav Stampar
|
8c45ff0d57
|
bug fix
|
2012-02-03 10:38:04 +00:00 |
|
Bernardo Damele
|
c0f4b4632d
|
Minor fix
|
2012-02-02 12:55:39 +00:00 |
|