Miroslav Stampar
ebc04a3d5f
minor fix
2011-12-16 11:44:33 +00:00
Miroslav Stampar
7d2fce16dc
minor fix
2011-12-16 11:40:23 +00:00
Miroslav Stampar
cff21814bb
minor patch for MSSQL 2008
2011-12-16 11:23:41 +00:00
Miroslav Stampar
8793fbc9f5
minor update
2011-12-14 12:59:25 +00:00
Miroslav Stampar
39b406c5c1
fix for --search on Oracle
2011-12-02 18:13:27 +00:00
Miroslav Stampar
0ce885e6e6
adding base64encode tampering script
2011-11-21 12:47:23 +00:00
Miroslav Stampar
440b7efe55
minor optimization
2011-11-20 20:14:47 +00:00
Miroslav Stampar
f574760c12
minor update
2011-10-28 13:16:22 +00:00
Miroslav Stampar
bd7da45546
minor update
2011-10-28 13:07:23 +00:00
Miroslav Stampar
f7be0ca4e2
minor fix
2011-10-28 12:49:35 +00:00
Miroslav Stampar
77e630d89e
replaced longer CHAR form of escaped MySQL strings with more compact hex form
2011-10-23 20:19:42 +00:00
Miroslav Stampar
25f0ec3597
some minor range to xrange conversion (where safe to do)
2011-10-21 22:34:27 +00:00
Miroslav Stampar
af94ac7f02
minor fix
2011-09-20 22:16:56 +00:00
Miroslav Stampar
41ae9bc7ff
minor bug fix
2011-08-09 14:20:25 +00:00
Miroslav Stampar
a6ade08c28
just in case commit to prevent join string iteration over 'None' values
2011-07-30 13:01:37 +00:00
Miroslav Stampar
4ce93221d1
minor update
2011-07-28 09:24:37 +00:00
Bernardo Damele
aedcf8c8d7
Changed homepage address
2011-07-07 20:10:03 +00:00
Miroslav Stampar
d063ae91eb
propset update
2011-06-30 07:55:07 +00:00
Bernardo Damele
d3b44a5f58
Added copyright
2011-06-28 10:59:20 +00:00
Bernardo Damele
fe686feefa
Added support for direct connection (-d switch) to IBM DB2
2011-06-28 10:52:07 +00:00
Bernardo Damele
36c96ef796
Added DB2 support - patch provided by Sebastian Bittig
2011-06-25 09:44:24 +00:00
Bernardo Damele
f7196007ca
--search on Oracle is now consistent with other plugins
2011-06-24 14:33:30 +00:00
Bernardo Damele
1cb12ea659
replaced third-party library python-mysql with python pymysql, http://code.google.com/p/pymysql/ (MIT license)
2011-06-22 13:31:07 +00:00
Bernardo Damele
f8c32cf6b9
Moved folder
2011-06-18 12:34:41 +00:00
Miroslav Stampar
ca6f9acf30
minor fix for resuming in multi threading mode
2011-06-18 12:23:18 +00:00
Miroslav Stampar
d27afaed7e
some fixes
2011-06-16 14:27:44 +00:00
Miroslav Stampar
0eeb48f8f5
some fixes
2011-06-16 13:41:02 +00:00
Miroslav Stampar
4188df0501
fixes for Sybase
2011-06-15 18:49:35 +00:00
Miroslav Stampar
60ecf95383
fix for a bug reported by seyi.akin@gmail.com
2011-06-14 08:40:25 +00:00
Miroslav Stampar
4a9640160e
more concise
2011-06-08 14:35:23 +00:00
Miroslav Stampar
26062ec71e
minor update
2011-06-07 15:13:51 +00:00
Miroslav Stampar
0b875b160f
cosmetics
2011-05-31 20:57:29 +00:00
Miroslav Stampar
a397baa89a
fix for a bug reported by viniciusmaxdaloop@gmail.com and few related patches
2011-05-26 08:17:21 +00:00
Miroslav Stampar
2ea613b170
type correction and adding global flag kb.ignoreTimeout which could be useful
2011-05-22 08:24:13 +00:00
Miroslav Stampar
126cdf9e19
minor info update
2011-05-19 23:28:27 +00:00
Miroslav Stampar
a034462c31
fixing annoying timeouts for basic DBMS check (reference: http://dev.mysql.com/doc/refman/5.0/en/date-and-time-functions.html#function_timestampadd )
2011-05-19 23:03:00 +00:00
Miroslav Stampar
b713b18fd2
minor fix for a bug spotted on Sybase
2011-05-09 16:09:18 +00:00
Bernardo Damele
6e784e766b
Minor bug fix
2011-05-07 21:20:47 +00:00
Bernardo Damele
aae140080e
SVN roll back, DB2 patch will be recommitted after testing:
...
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
2011-05-06 10:27:43 +00:00
Miroslav Stampar
42bca80968
removing blank lines and adding newline at the end of files
2011-05-06 09:35:53 +00:00
Miroslav Stampar
6e392b6054
applying contributed patch for DB2
2011-05-06 09:30:39 +00:00
Bernardo Damele
dac59a55bc
leftover
2011-05-03 14:14:39 +00:00
Bernardo Damele
c58dc4a6d8
isDbmsWithin() must stay like this, no getIdentifiedDbms() in there
2011-05-03 14:13:45 +00:00
Miroslav Stampar
eceb5eca7b
fix for --file-read on MSSQL for error technique (again that unpacking was causing problems); also reverting that check for file paths as one user mentioned that network paths are also possible for usage on Windows machines (e.g. \\bla\bla)
2011-05-02 21:55:06 +00:00
Bernardo Damele
d5eeb91b35
Aligned Sybase and MaxDB to recent enhancements to --dbs, --tables and --columns
2011-04-30 22:11:36 +00:00
Bernardo Damele
284c69a686
Improved --tables for MSSQL too, like r3798
2011-04-30 22:05:02 +00:00
Bernardo Damele
aeb149db22
Proper ordering of enumeration methods, consistent with the others enumeration classes
2011-04-30 22:04:08 +00:00
Bernardo Damele
955dbc85e7
Minor variable rename
2011-04-30 15:29:59 +00:00
Bernardo Damele
f56d135438
Minor code restyling
2011-04-30 13:20:05 +00:00
Bernardo Damele
9927f5a7db
Let --schema work also for Sybase and MaxDB
2011-04-29 00:02:28 +00:00
Bernardo Damele
e35f25b2cb
Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
...
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec .
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Bernardo Damele
d0dff82ce0
Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch
2011-04-23 16:25:09 +00:00
Miroslav Stampar
148fb26301
quick fix
2011-04-21 17:34:26 +00:00
Miroslav Stampar
e181d5412e
fix for a bug reported by aboynes@gmail.com (@@datadir not available on MySQL 4)
2011-04-21 17:33:07 +00:00
Miroslav Stampar
f909ecb369
bug fix for mssqlserver escape
2011-04-20 13:41:01 +00:00
Miroslav Stampar
0387654166
update of copyright string (until year)
2011-04-15 12:33:18 +00:00
Bernardo Damele
1c51e11c5c
Minor adjustments to PgSQL fingerprint
2011-04-12 10:35:33 +00:00
Miroslav Stampar
7324d53997
reference ( http://www.enterprisedb.com/docs/en/9.0/pg/release-9-0.html )
2011-04-12 10:30:33 +00:00
Miroslav Stampar
bc4c2f320c
cosmetics
2011-04-12 10:24:09 +00:00
Miroslav Stampar
2f1786e65f
added active fingerprint for pgsql >= 9.0.3 (reference: http://www.postgresql.org/docs/9.0/static/release-9-0.html )
2011-04-12 10:22:54 +00:00
Bernardo Damele
fdbd8bfe37
initial support for PostgreSQL 9.0 - #223
2011-04-11 22:02:00 +00:00
Bernardo Damele
ea3ebafba1
Removed outdated sentence
2011-04-10 23:59:49 +00:00
Bernardo Damele
572708f184
More version adjustment
2011-04-10 23:28:24 +00:00
Bernardo Damele
6d165861c8
Minor version increase
2011-04-10 13:30:27 +00:00
Bernardo Damele
d5fb1378cc
Gone unnoticed for way too long
2011-04-08 11:15:19 +00:00
Miroslav Stampar
b6af80bab3
refactoring, cleanup and improvement
2011-03-29 21:54:15 +00:00
Miroslav Stampar
73e5d20ade
bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries)
2011-03-28 11:01:55 +00:00
Miroslav Stampar
4889764114
minor update regarding last commit
2011-03-21 11:40:27 +00:00
Miroslav Stampar
5291fe35c9
proper implementation of --dbs on Oracle (we are using now schema names as a counterpart to dbs in other DBMSes)
2011-03-21 11:29:43 +00:00
Miroslav Stampar
68c7247ee4
bug fix (pgsql drop function requires input arguments - at cleanup() in plugins/generic/misc.py it's already fixed before)
2011-03-08 10:46:23 +00:00
Miroslav Stampar
68a95fd1b1
minor update
2011-02-20 22:45:23 +00:00
Miroslav Stampar
aac817935a
further improvement of MaxDB support
2011-02-20 22:41:42 +00:00
Miroslav Stampar
a3ba8b6928
--dump now works on MaxDB too
2011-02-20 22:07:12 +00:00
Miroslav Stampar
0e512d3c09
minor update for MaxDB
2011-02-20 21:17:16 +00:00
Miroslav Stampar
67ec691eb1
more updates regarding Sybase
2011-02-20 16:28:48 +00:00
Miroslav Stampar
f30dea74f3
more Sybase updates
2011-02-19 18:36:26 +00:00
Miroslav Stampar
b71bb321dd
some more Sybase updates
2011-02-19 18:04:27 +00:00
Bernardo Damele
7253362114
Minor bug fix so that --file-write on MySQL via UNION query now works again
2011-02-11 23:35:45 +00:00
Bernardo Damele
c078de894f
Added support for --privileges on MSSQL to test wheter or not the DBMS users are DBA
2011-02-10 14:24:04 +00:00
Bernardo Damele
a2c20acf94
Minor fixes once more
2011-02-10 11:34:16 +00:00
Bernardo Damele
d0ddaee3c8
Minor bug fix
2011-02-10 11:28:24 +00:00
Bernardo Damele
db77f8b055
Code cleanup
2011-02-06 22:33:08 +00:00
Miroslav Stampar
ecaf5729fd
revert
2011-02-06 22:14:18 +00:00
Miroslav Stampar
caaac72029
minor update regarding last commit
2011-02-06 20:15:03 +00:00
Bernardo Damele
8980227d30
Minor bug fix
2011-02-06 15:32:16 +00:00
Bernardo Damele
a37f5e05b9
Refactoring
2011-02-01 22:27:36 +00:00
Miroslav Stampar
ddf23ba7cc
refactoring
2011-01-30 11:36:03 +00:00
Miroslav Stampar
367d0639f0
refactoring (class names should always be Capital cased)
2011-01-28 16:36:09 +00:00
Miroslav Stampar
50969d238b
minor update
2011-01-24 17:51:56 +00:00
Miroslav Stampar
0eea5665b2
minor update
2011-01-24 17:41:36 +00:00
Miroslav Stampar
a3e3387113
fix for proper Firebird resume of version
2011-01-24 11:04:32 +00:00
Miroslav Stampar
eb33612736
fix
2011-01-24 10:20:17 +00:00
Bernardo Damele
b1d6040a48
Minor bug fix so that --search also works when the technique is error-based (which always return a list with lists inside)
2011-01-20 21:46:56 +00:00
Bernardo Damele
50c02fbb37
Done with previous refactoring
2011-01-20 00:01:06 +00:00
Bernardo Damele
bade0e3124
Major code refactoring - centralized all kb.dbms* info for both retrieval and set.
2011-01-19 23:06:15 +00:00
Bernardo Damele
daebb0010b
Major bug fix to properly process custom queries (--sql-query/--sql-shell) when technique in use is error-based.
...
Alignment of SQL statement payload packing/unpacking between all of the techniques.
Minor bug fix to use the proper charset (2, numbers) when dealing with COUNT() in custom queries too.
Minor code cleanup.
2011-01-18 23:02:11 +00:00
Bernardo Damele
02b333e30b
Minor improvement
2011-01-15 23:54:03 +00:00
Miroslav Stampar
1fa8f0cba7
code reviewing part 2
2011-01-15 12:53:40 +00:00
Bernardo Damele
2d9b151883
Minor bug fix
2011-01-15 10:14:05 +00:00
Bernardo Damele
e4e9b11b79
Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms.
2011-01-14 12:47:07 +00:00
Bernardo Damele
3c95d71ea5
Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase
2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0
Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
...
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Bernardo Damele
8a67aea754
One more step to fully working UNION exploitation after merge into detection phase
2011-01-12 01:13:32 +00:00
Miroslav Stampar
0eabca9fd4
update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is)
2011-01-03 22:31:29 +00:00
Miroslav Stampar
8e1927fe31
minor fix
2011-01-02 18:12:18 +00:00
Miroslav Stampar
5f9b6b2254
code refactoring
2011-01-02 16:51:21 +00:00
Miroslav Stampar
73e8a10527
minor fix
2011-01-02 09:12:20 +00:00
Miroslav Stampar
26b06bfcfb
update ( http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html )
2011-01-01 19:38:51 +00:00
Miroslav Stampar
076560f59f
bug fix
2010-12-31 12:58:27 +00:00
Miroslav Stampar
5db8ebbfa9
update of mysql comment versions
2010-12-31 12:42:12 +00:00
Miroslav Stampar
40e3489099
minor update
2010-12-31 12:27:57 +00:00
Miroslav Stampar
ce19b0c431
optimization of comment checking in MySQL
2010-12-31 12:21:02 +00:00
Miroslav Stampar
42e7b1b3a7
bug fix
2010-12-30 22:40:37 +00:00
Miroslav Stampar
20e3a6d72f
fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html )
2010-12-30 21:53:34 +00:00
Miroslav Stampar
7f4acaf6f9
now comment injection fingerprint works with all techniques
2010-12-30 21:24:26 +00:00
Miroslav Stampar
9853c1ec7f
fix for a bug reported by alessio.dallapiazza@gmail.com (AttributeError: users)
2010-12-25 09:13:57 +00:00
Miroslav Stampar
2c23a59ba5
fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)
2010-12-24 12:13:48 +00:00
Miroslav Stampar
7c06dbffc3
bug fix (AttributeError: 'unicode' object has no attribute 'sort')
2010-12-22 18:55:50 +00:00
Miroslav Stampar
5d25da5135
better way to handle this one
2010-12-22 00:51:20 +00:00
Miroslav Stampar
306501363c
fuck, sorry, 0 was OK (STRCMP() returns 0 if the strings are the same)
2010-12-22 00:41:38 +00:00
Miroslav Stampar
d6e6afd6f2
minor fix ("To clarify a bit: STRCMP() is case-insensitive as of MySQL 4.0." - http://bugs.mysql.com/bug.php?id=2102 )
2010-12-22 00:38:54 +00:00
Miroslav Stampar
6f2ce15478
minor refactoring
2010-12-22 00:27:21 +00:00
Miroslav Stampar
cb61401c18
bug fix ( http://dev.mysql.com/doc/refman/5.0/es/news-5-0-11.html - "Added support of where clause for queries with FROM DUAL")
2010-12-22 00:20:56 +00:00
Miroslav Stampar
f905adb7c1
way better as there is no official release version for FOUND_ROWS() (it appears somewhere in alphas/betas of 4.0.x - i've stumbled upon one site with 4.0.22 and it didn't recognized FOUND_ROWS).
2010-12-21 22:18:27 +00:00
Bernardo Damele
1a3f57e5fe
Cosmetics
2010-12-21 09:23:00 +00:00
Miroslav Stampar
03b275ce33
update
2010-12-20 23:27:04 +00:00
Miroslav Stampar
518b3e094c
bug fix ( http://dev.mysql.com/doc/refman/5.0/en/information-functions.html#function_found-rows )
2010-12-20 23:00:03 +00:00
Miroslav Stampar
8fd3e7ba1f
thread based data added
2010-12-20 22:45:01 +00:00
Miroslav Stampar
364bc8e7d4
minor update
2010-12-20 11:25:18 +00:00
Miroslav Stampar
28da1141cf
some fixes (for MySQL < 4.0)
2010-12-20 11:23:57 +00:00
Miroslav Stampar
76024c455f
minor fix (using older commands for basic MySQL check)
2010-12-20 11:15:43 +00:00
Miroslav Stampar
36862e2efa
update
2010-12-18 15:57:47 +00:00
Miroslav Stampar
71cf0bd2a5
minor update
2010-12-18 13:08:37 +00:00
Miroslav Stampar
108a96c6b4
some fixes
2010-12-17 21:45:20 +00:00
Miroslav Stampar
a19cb2c13a
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")
2010-12-17 21:29:09 +00:00
Miroslav Stampar
b4450c6ddd
added one more level of MSSQL version check (if first fails for some reason)
2010-12-17 21:01:14 +00:00
Miroslav Stampar
3ee44584d4
i've found a way! thank you hesus! fyea (ASC(MID) was just crashing when MID returned 'empty string')
2010-12-14 12:57:59 +00:00
Miroslav Stampar
4c6e902471
removed obsolete comment
2010-12-14 07:49:30 +00:00
Bernardo Damele
a02dd6b55b
Minor enhancement to speedup active dbms fingerprint (-f).
...
Code cleanup and refactoring.
2010-12-13 21:33:42 +00:00
Miroslav Stampar
e98d9c08e1
dumping table is now possible on Firebird too
2010-12-12 14:38:07 +00:00
Miroslav Stampar
f9bc6fc78f
minor fix
2010-12-11 22:14:35 +00:00
Miroslav Stampar
c93634b6c7
blind dumping of tables in sqlite implemented
2010-12-11 22:13:19 +00:00
Miroslav Stampar
e6c66fa37c
update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available
2010-12-11 17:55:28 +00:00
Miroslav Stampar
1beb1dd2cc
minor update
2010-12-11 09:30:38 +00:00
Miroslav Stampar
435f48b8cc
polite cosmetics
2010-12-10 15:28:56 +00:00
Bernardo Damele
7c87ad4065
Minor speedup in -f mysql
2010-12-10 13:05:46 +00:00
Miroslav Stampar
b02bd55edc
minor refactoring
2010-12-10 13:04:36 +00:00
Bernardo Damele
d71e51e765
Minor improvement
2010-12-10 11:31:27 +00:00
Bernardo Damele
4741874e9e
Enhancement to speedup MySQL fingerprint
2010-12-10 11:27:36 +00:00
Miroslav Stampar
e98b81fe32
another update
2010-12-10 10:56:55 +00:00
Miroslav Stampar
d5e7a8d305
update
2010-12-10 10:54:17 +00:00
Miroslav Stampar
bbffea2cbc
bug fix
2010-12-09 17:10:22 +00:00
Miroslav Stampar
0eb2c408a9
code refactoring
2010-12-09 16:49:02 +00:00
Miroslav Stampar
cdff29ada7
update
2010-12-09 11:23:44 +00:00
Miroslav Stampar
81c16926c1
code refactoring some more
2010-12-08 14:46:07 +00:00
Miroslav Stampar
d77ddbee47
OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND)
2010-12-06 18:20:57 +00:00
Bernardo Damele
17449754fe
Got rid of UNION false cond
2010-12-05 16:16:15 +00:00
Miroslav Stampar
5764816891
minor cosmetics
2010-12-03 22:28:09 +00:00
Miroslav Stampar
bf09b8a6d9
added Firebird error based (WHERE) attack vector
2010-12-02 15:09:21 +00:00
Bernardo Damele
c8f943f5e4
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.
...
Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file.
2010-11-30 22:40:25 +00:00
Bernardo Damele
7e3b24afe6
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.
...
All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 18:10:54 +00:00
Bernardo Damele
17486e472a
Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!
2010-11-17 22:00:09 +00:00
Bernardo Damele
360aff7a4d
sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle
2010-11-17 17:20:32 +00:00
Miroslav Stampar
6ef3846400
update regarding error parsing (and reporting)
2010-11-16 10:42:42 +00:00
Bernardo Damele
64b5de44a0
Converted to new XML object format
2010-11-12 10:11:13 +00:00
Bernardo Damele
66c82d72e4
Typo fix
2010-11-12 10:02:02 +00:00
Miroslav Stampar
42272ca78c
minor update
2010-11-11 22:26:36 +00:00
Miroslav Stampar
be992b4471
update regarding common columns existance check
2010-11-11 17:09:31 +00:00
Bernardo Damele
0c8918bf07
Minor bug fix, thanks Alex
2010-11-08 12:45:23 +00:00
Miroslav Stampar
d551423379
further enum refactoring
2010-11-08 09:44:32 +00:00
Miroslav Stampar
862395ced1
further refactoring (all enumerations are now put into enums.py)
2010-11-08 09:20:02 +00:00
Miroslav Stampar
8e44aa605a
refactoring regarding injection place (more left)
2010-11-08 08:02:36 +00:00
Bernardo Damele
27ce4b0cf0
Set proper verbose level for dbms direct error messages
2010-11-07 22:14:06 +00:00
Miroslav Stampar
d3e7e89e60
major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces
2010-11-07 21:18:09 +00:00
Miroslav Stampar
3f0a443b83
some updates
2010-11-04 23:08:59 +00:00
Miroslav Stampar
d7dbf814a0
fix/update for Access
2010-11-04 21:47:21 +00:00
Miroslav Stampar
6adee3792a
removed all trailing spaces from blank lines
2010-11-03 10:08:27 +00:00
Miroslav Stampar
cd0d4135ac
implemented --banner for MaxDB and some minor fixes
2010-11-02 20:51:55 +00:00
Miroslav Stampar
70f6eab715
minor update
2010-11-02 12:08:28 +00:00
Miroslav Stampar
685a8e7d2c
refactoring of hard coded dbms names
2010-11-02 11:59:24 +00:00
Miroslav Stampar
6ad8bbfc8e
one more ms access update
2010-11-02 10:50:57 +00:00
Miroslav Stampar
c98d8fed83
minor ms access update
2010-11-02 10:13:36 +00:00
Bernardo Damele
65a0a8d285
Delegate urlencoding to agent.py only
2010-10-31 13:28:05 +00:00
Bernardo Damele
4f8e9da1b6
Minor bug fix to properly delete sqlmap temporary files on the database server file system at shutdown.
...
Minor improvements at ICMPsh tunnel to cleanup properly the dbms at shutdown and avoid checking/writing sys_bineval() UDF as it's a PE and needs to be called by sys_exec() only.
Got rid of useless doubleslash param in delRemoteFile() method.
Major code refactoring to xp_cmdshell.py methods and parent calls.
2010-10-28 00:19:40 +00:00
Bernardo Damele
d554ffc0ae
yes, I am quite paranoid with cosmetics
2010-10-27 10:37:54 +00:00
Bernardo Damele
f5904d0bc0
Major bug fix to --union-test
2010-10-25 23:39:55 +00:00
Miroslav Stampar
8a9a57c709
update for Sybase and major bug fix for --passwords on MSSQL
2010-10-25 22:11:38 +00:00
Bernardo Damele
215175e3b7
Minor code adjustments
2010-10-25 14:11:47 +00:00
Miroslav Stampar
32728d14b7
fix for --union-use with --error-test
2010-10-25 12:25:29 +00:00
Miroslav Stampar
1b2ec826bf
misc fixes regarding new query retrieval format
2010-10-21 23:17:06 +00:00
Miroslav Stampar
24e4429bf6
or better yet, there is no need for _ or *args on getPrivileges (tried with SQLite and MSSql which crashed)
2010-10-21 13:31:06 +00:00
Miroslav Stampar
fe3967bdec
fix for --privileges (on MSSql --privileges returned exception)
2010-10-21 13:28:29 +00:00
Miroslav Stampar
bc79eec702
removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)
2010-10-21 13:13:12 +00:00
Bernardo Damele
526694c80c
Minor fix
2010-10-20 22:24:06 +00:00
Miroslav Stampar
82f44989ce
update of error based injection and bug fix for --roles on MSSQL server
2010-10-20 06:40:33 +00:00
Bernardo Damele
60a1b48194
Major bug fix for --os-pwn
2010-10-17 20:44:16 +00:00
Miroslav Stampar
8883918ef9
cosmetics
2010-10-15 10:03:51 +00:00
Miroslav Stampar
743e6d2655
cosmetics
2010-10-15 10:02:09 +00:00
Miroslav Stampar
207bef7f19
fix for that SQLite3 vs SQLite2 issue
2010-10-15 09:39:41 +00:00
Miroslav Stampar
4f7f20b94f
sorry, cosmetics
2010-10-14 23:18:29 +00:00
Miroslav Stampar
8b48833136
large commit with copyright header modifications
2010-10-14 14:41:14 +00:00
Miroslav Stampar
a63c2c9f7c
just a test
2010-10-14 14:16:45 +00:00
Miroslav Stampar
f700692c74
added missing files for Sybase
2010-10-13 18:55:17 +00:00
Miroslav Stampar
47022071cb
removed pdb
2010-10-12 19:17:48 +00:00
Miroslav Stampar
b4685aa77c
quick fix
2010-10-12 19:16:58 +00:00
Miroslav Stampar
f9f79ffbaf
basic stuff for sybase
2010-10-12 19:05:12 +00:00
Miroslav Stampar
1369529103
minor cosmetic update
2010-10-11 13:52:32 +00:00
Miroslav Stampar
78ba5da4f7
fix
2010-09-23 22:07:33 +00:00
Miroslav Stampar
c4040ab297
fix for Feature #136
2010-08-31 14:25:37 +00:00
Miroslav Stampar
e810fe7b0b
no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions
2010-08-31 13:37:53 +00:00
Miroslav Stampar
54f9828e06
implemented active fingerprinting for MaxDB
2010-08-30 14:16:23 +00:00
Miroslav Stampar
48cc87f6a9
added support for fingerprinting SAP MaxDB (Issue 143)
2010-08-30 13:29:19 +00:00
Bernardo Damele
26d1a07a1d
Minor code refactoring and bug fix in the *rare case* that MySQL on Linux runs as root or the plugin dir (/usr/lib/.*?/plugin is world-writable
2010-07-01 10:39:04 +00:00
Bernardo Damele
9ea72f9640
Minor bug fixes to -d
2010-06-25 13:24:43 +00:00
Miroslav Stampar
660bf0b077
fix for that struct pack error
2010-06-10 12:14:24 +00:00
Miroslav Stampar
ac55e1b75f
fix for localhost firebird direct db access
2010-06-10 12:02:48 +00:00
Miroslav Stampar
12a5ec9f3d
more unicode refactoring
2010-06-02 12:45:40 +00:00
Bernardo Damele
b380d34d3c
Added unicode support also to SQLite (2 and 3) connector - see #184 .
2010-05-29 15:35:38 +00:00
Bernardo Damele
0362f4408d
Added unicode support also to MSSQL connector - see #184 .
2010-05-29 15:29:21 +00:00
Bernardo Damele
4ba22b5098
Added unicode support also to Oracle connector - see #184 .
2010-05-29 12:14:51 +00:00
Bernardo Damele
e98b049e7f
Added unicode support also to PostgreSQL connector - see #184 .
2010-05-29 11:46:41 +00:00
Bernardo Damele
89c721a451
More replacements from open() to codecs.open(). conf.dataEncoding has to be used only for non-binary files.
2010-05-29 10:10:28 +00:00
Miroslav Stampar
a3db3c03c1
str() -> unicode()
2010-05-28 13:05:02 +00:00
Miroslav Stampar
f24187f251
few fixes here and there
2010-05-28 12:47:03 +00:00
Miroslav Stampar
dc83f794ea
fix regarding proper string isinstance checking (including unicode)
2010-05-25 10:09:35 +00:00
Bernardo Damele
f8cdde2d51
Layout adjustment
2010-05-17 16:23:44 +00:00
Bernardo Damele
e0e2349529
Refactor to --search -C and minor bug fix - See #190 .
2010-05-17 16:16:49 +00:00
Bernardo Damele
c9ee11e0e4
Added support to search for tables (--search with -T). See #190 .
2010-05-16 20:46:17 +00:00
Miroslav Stampar
2323d858a9
modification of temporary directory from C:/Windows/Temp to %TEMP%
2010-05-13 09:32:27 +00:00
Bernardo Damele
65a05452f7
Added option --search to work in conjunction with -D (done), -T (soon) or -C (replaces --dump -C) - See #190 :
...
* --search -D foobar: searches all database names like the ones provided
* --search -T foobar: searches all databases' table names like the ones provided (soon)
* --search -C foobar: replaces --dump -C
2010-05-07 13:40:57 +00:00
Bernardo Damele
a1b1f960cc
Finally fixed and adapted all code around to the new isWindowsDriveLetterPath() function
2010-04-23 16:34:20 +00:00
Bernardo Damele
d034bf29ce
Add new "hinted" feature to MSSQL's getTables()
2010-04-15 12:09:26 +00:00
Bernardo Damele
1ab78ce60e
Added support to directly connect also to SQLite 2 db file
2010-04-13 22:43:38 +00:00
Miroslav Stampar
4f299f22bf
removed timeout keyword which is not supported on linux build
2010-04-13 10:11:14 +00:00
Miroslav Stampar
6762f592c1
direct connection supported only on Windows machines
2010-04-13 08:57:47 +00:00
Miroslav Stampar
939fa5d2c4
some fixes
2010-04-13 08:29:15 +00:00
Bernardo Damele
9e29120603
Minor fix to make MS Access direct access to work also from Linux
2010-04-12 15:52:40 +00:00
Bernardo Damele
eecee3b274
Added resume functionality to -d and fixed logging with -d
2010-04-12 09:35:20 +00:00
Bernardo Damele
758a858785
Minor adjustments
2010-04-06 20:40:14 +00:00
Miroslav Stampar
5556db80db
fix for that sqlite thread nagging with undocumented argument check_same_thread
2010-04-06 16:01:37 +00:00
Miroslav Stampar
e2810003ae
more update
2010-04-06 15:12:52 +00:00
Miroslav Stampar
c24f1cc07c
some update
2010-04-06 14:59:31 +00:00
Bernardo Damele
cad8f61d55
Force pymssql to version >= 1.0.2
2010-03-31 15:31:11 +00:00
Bernardo Damele
b19de015c5
Minor bugs fixes
2010-03-31 13:52:51 +00:00
Bernardo Damele
5fdebb5d5b
Added support to directly connect also to Microsoft SQL Server database.
...
Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output).
Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods.
Forced conf.timeout to 10 seconds when directly connecting to database.
Slightly improved regular expression to parse -d parameter.
Added import check for all connectors' third-party libraries.
Code refactoring:
* Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed).
* Back-delegated to generic connector close() and other methods.
2010-03-31 10:50:47 +00:00
Miroslav Stampar
d583cc07e7
ms access update
2010-03-30 15:04:55 +00:00
Miroslav Stampar
1973024ebf
added support for reusing connections
2010-03-30 13:52:47 +00:00
Miroslav Stampar
f0729565a9
fixes for sqlite
2010-03-30 13:36:23 +00:00
Miroslav Stampar
c2a6f21095
refactoring regarding usage of conf.dbmsConnector.connect()
2010-03-30 13:03:19 +00:00
Miroslav Stampar
88d74a00c1
ms access connector update
2010-03-30 12:48:51 +00:00