Commit Graph

489 Commits

Author SHA1 Message Date
Miroslav Stampar
9331abb96f minor update 2011-06-11 08:33:36 +00:00
Miroslav Stampar
9202fedf7b minor fix 2011-06-09 08:14:54 +00:00
Bernardo Damele
0d8d6a4ace Cosmetics 2011-06-08 16:08:20 +00:00
Miroslav Stampar
4eeeb3655e asking and skipping to the next google result page if no usable links found 2011-06-07 23:24:17 +00:00
Miroslav Stampar
7a3cc38e3c refactoring and stabilization of multithreading 2011-06-07 09:50:00 +00:00
Miroslav Stampar
8aa5625cd0 proper fix related to the last commit 2011-06-01 23:00:18 +00:00
Miroslav Stampar
20988e58ed warp 5 mr spock :) 2011-05-30 09:46:32 +00:00
Miroslav Stampar
86455ceb9c implementation of multithreading for UNION and ERROR techniques 2011-05-29 23:17:50 +00:00
Miroslav Stampar
c11ea35d53 adding some user input for "refreshing" cases (like redirect ones) 2011-05-27 22:42:23 +00:00
Miroslav Stampar
4f46a5ab63 minor usability enhancement regarding warning for --text-only switch 2011-05-26 20:48:18 +00:00
Miroslav Stampar
ff030e4d24 minor cleanup of the leftover 2011-05-26 17:37:24 +00:00
Miroslav Stampar
b6fe5b12a4 adding --schema to the wizard/Basic as it looks like a cool thingy to put there 2011-05-26 14:30:05 +00:00
Miroslav Stampar
2f456bee75 minor beautification 2011-05-25 08:14:39 +00:00
Miroslav Stampar
8b7a3c5a6b making it easier for totally dummy users 2011-05-24 17:24:01 +00:00
Miroslav Stampar
bec2c04671 helping dummy users 2011-05-24 17:15:25 +00:00
Miroslav Stampar
f774d8fea0 proper Tor settings (reverted r3915 and implemented it the right way) 2011-05-24 11:06:58 +00:00
Miroslav Stampar
a536bf210f improved redirection mechanism 2011-05-23 23:20:03 +00:00
Miroslav Stampar
2ea613b170 type correction and adding global flag kb.ignoreTimeout which could be useful 2011-05-22 08:24:13 +00:00
Miroslav Stampar
25fff8c135 changes in handling --tor (using SOCKS instead of HTTP for handling Tor - more standard way; doesn't require proxy bundle; fixes problems with default proxy ports on Win/Linux) 2011-05-21 11:46:57 +00:00
Miroslav Stampar
9832fc42d4 minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase) 2011-05-18 21:47:40 +00:00
Miroslav Stampar
3048e9f710 minor refactoring 2011-05-17 23:03:31 +00:00
Miroslav Stampar
cc07e5dc97 added --charset option to force charset encoding of the retrieved data (e.g. when the backend collation is different than the current web page charset) as requested by devon.mitchell1988@y​ahoo.com 2011-05-17 22:55:22 +00:00
Miroslav Stampar
faa74cd2bc introducing results file for multiple target mode 2011-05-15 22:21:38 +00:00
Miroslav Stampar
a7d7be5ce0 bug fix ('Host' header was being set to the conf.hostname for all getPages causing problems in some cases when retrieved page was not coming from that same Host) 2011-05-13 01:01:53 +00:00
Miroslav Stampar
0b2da2f9f5 minor beautification for --tor switch 2011-05-12 05:46:17 +00:00
Miroslav Stampar
e05a9c0554 i was probably very tired or very stupid to do this 2011-05-11 13:13:46 +00:00
Miroslav Stampar
53065ee1fb adding ordered set for kb.targetUrls (now the order of appereance in multiple targets mode will be respected) 2011-05-11 08:55:48 +00:00
Miroslav Stampar
5ee07b90b9 added -m switch for bulk loading multiple targets 2011-05-11 08:46:40 +00:00
Miroslav Stampar
192c685bc8 changing conf attribute to a more proper name 2011-05-10 20:48:34 +00:00
Miroslav Stampar
deae534ee7 minor refactoring 2011-05-10 20:44:36 +00:00
Bernardo Damele
97bc816aeb layout 2011-05-10 16:24:09 +00:00
Bernardo Damele
3a8309c4b0 Major bug fix to detect UNION query technique and various improvements to parsing and using of --union-char and --union-cols switches 2011-05-10 15:34:54 +00:00
Miroslav Stampar
707edc7b1a fix for a bug (previously --dbms="mysql 4" was ignored and abruptly terminated while the mechanism was here all along) 2011-05-10 13:28:07 +00:00
Miroslav Stampar
a64407d9db minor bug fix for multithreading and lots of connection retries 2011-05-10 12:40:01 +00:00
Bernardo Damele
6653907700 forgot in last commit 2011-05-07 21:13:56 +00:00
Bernardo Damele
aae140080e SVN roll back, DB2 patch will be recommitted after testing:
$ svn merge https://svn.sqlmap.org/sqlmap/trunk/sqlmap@HEAD https://svn.sqlmap.org/sqlmap/trunk/sqlmap@3847 .
2011-05-06 10:27:43 +00:00
Miroslav Stampar
6e392b6054 applying contributed patch for DB2 2011-05-06 09:30:39 +00:00
Miroslav Stampar
5e9620198c fix for a privately reported bug ("AttributeError: item is disabled") 2011-05-02 18:18:04 +00:00
Miroslav Stampar
93dee30895 better fix for the previous commit 2011-05-02 13:34:55 +00:00
Miroslav Stampar
20ad1c1f2f minor update to not confuse users when using -o 2011-05-02 13:24:35 +00:00
Bernardo Damele
955dbc85e7 Minor variable rename 2011-04-30 15:29:59 +00:00
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Miroslav Stampar
983546d6bf proper fix 2011-04-30 07:01:21 +00:00
Bernardo Damele
956e75e2b5 Minor adjustment to --mobile.
Bug fix to --random-agent.
2011-04-29 21:50:48 +00:00
Miroslav Stampar
11124b21f9 implemented --mobile switch 2011-04-29 19:27:23 +00:00
Bernardo Damele
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Bernardo Damele
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00
Miroslav Stampar
f88aa4b165 implemented suppressResumeInfo mechanism (huge slowdown on large tables) 2011-04-22 19:58:10 +00:00
Bernardo Damele
b667c50588 store/resume info on xp_cmd available in session file 2011-04-21 14:25:04 +00:00
Bernardo Damele
11ecd16099 cosmetics 2011-04-21 10:08:38 +00:00
Miroslav Stampar
3b133303bf refactoring 2011-04-19 22:54:13 +00:00
Miroslav Stampar
44bbef42f8 minor cosmetics 2011-04-19 20:23:08 +00:00
Miroslav Stampar
a7c26366b4 doing that auto default value for --time-sec only for --tor 2011-04-19 08:43:29 +00:00
Miroslav Stampar
4d48ac54dc automatically increasing default --time-sec value when --tor/--proxy used (not touching anything if explicit --time-sec set) 2011-04-19 08:34:21 +00:00
Miroslav Stampar
b79d4f70f3 cleaner solution for the problem solved with last commit 2011-04-18 14:51:48 +00:00
Miroslav Stampar
f5cff067c6 little hack for --time-sec 2011-04-18 14:46:18 +00:00
Miroslav Stampar
354a2ce249 'chardet' heuristic engine added to the project 2011-04-18 13:38:46 +00:00
Miroslav Stampar
76d1f09b0a minor cosmetics 2011-04-17 22:25:25 +00:00
Miroslav Stampar
c7ff5dcbeb minor update 2011-04-17 08:48:13 +00:00
Miroslav Stampar
ee88ccf0ac well, this could be important :) 2011-04-17 08:33:46 +00:00
Miroslav Stampar
0387654166 update of copyright string (until year) 2011-04-15 12:33:18 +00:00
Miroslav Stampar
8c6f7c7d5f explicit usage of --time-sec will implicitly turn off auto-adjustment of time delay 2011-04-15 08:52:53 +00:00
Miroslav Stampar
8426d48e2e minor refactoring 2011-04-14 10:14:46 +00:00
Miroslav Stampar
930262f573 minor update related to the last commit 2011-04-14 10:12:07 +00:00
Miroslav Stampar
1c5427baf8 minor fix 2011-04-14 09:54:29 +00:00
Miroslav Stampar
940c225d7c few fixes 2011-04-10 20:53:27 +00:00
Bernardo Damele
d324704844 Removed unused code 2011-04-10 20:39:15 +00:00
Miroslav Stampar
c4c40308c6 no more annoying "no metasploit found" for case when msfpath provided with root directory of Metasploit (not the bin one) 2011-04-08 22:42:07 +00:00
Miroslav Stampar
228cc68747 fix for those ugly DEBUG messages in brute mode 2011-04-08 11:02:21 +00:00
Miroslav Stampar
b288e5ef57 implemented DNS caching mechanism 2011-04-07 21:39:18 +00:00
Miroslav Stampar
ae4ea0af45 fix for a bug reported by m4l1c3 (AttributeError: 'NoneType' object has no attribute 'replace') 2011-04-07 13:57:07 +00:00
Miroslav Stampar
6a8a5db9aa minor code restyling 2011-04-07 13:27:29 +00:00
Bernardo Damele
9e8c933333 cosmetics 2011-04-07 10:40:58 +00:00
Miroslav Stampar
68828d68a5 removed integers from --technique 2011-04-07 10:37:48 +00:00
Miroslav Stampar
fced81b6be minor update 2011-04-07 10:32:39 +00:00
Miroslav Stampar
845533e92f minor refactoring 2011-04-07 10:27:22 +00:00
Bernardo Damele
1880f18367 Minor layout adjustments 2011-04-07 10:07:52 +00:00
Bernardo Damele
17844eb87c Refactoring to --technique 2011-04-07 10:00:47 +00:00
Bernardo Damele
05d12790f1 closes #219 - unhidden switch --technique and adapted code accordingly (renamed conf.technique to conf.tech to fit properly in the -h help message) 2011-04-06 14:41:44 +00:00
Miroslav Stampar
a379463213 cosmeticado 2011-04-06 08:40:06 +00:00
Miroslav Stampar
b327bbcd9b minor fix (it was quite ... to have this check at the later stage) 2011-04-06 08:39:24 +00:00
Bernardo Damele
81034140c0 Reduced number of threads to 3 when -o is provided 2011-04-06 08:15:20 +00:00
Miroslav Stampar
2c01fc56e6 minor update regarding misusage of --proxy and --ignore-proxy switches 2011-04-04 09:19:43 +00:00
Miroslav Stampar
bbd4c128b0 minor update related to the last commit 2011-04-01 22:19:42 +00:00
Miroslav Stampar
cd7e4f5afc improvement for lots of multiple-selection forms (now by default the first one is selected - till now it was left unchecked which lead to blank get/post data for the whole form) 2011-04-01 22:12:24 +00:00
Bernardo Damele
eb99f68a7a Minor improvement to --wizard. This does not mean I like the kiddie feature though ;) 2011-04-01 14:55:39 +00:00
Miroslav Stampar
de4e0c7346 minor update related to the problem with request files reported by jorge_a_santos@hotmail.com 2011-04-01 12:09:11 +00:00
Miroslav Stampar
b6af80bab3 refactoring, cleanup and improvement 2011-03-29 21:54:15 +00:00
Miroslav Stampar
adfbfef8c1 minor refactoring 2011-03-29 21:01:47 +00:00
Miroslav Stampar
d0861a00e2 minor improvement 2011-03-29 15:37:57 +00:00
Miroslav Stampar
5560196648 minor fix 2011-03-29 11:50:12 +00:00
Miroslav Stampar
e20d460809 Bernardo will kill me (added --wizard for total beginners) 2011-03-29 11:42:55 +00:00
Miroslav Stampar
47924fb92e fix for a bug reported by malice.anon@gmail.co​m (AttributeError: 'unicode' object has no attribute 'geturl') 2011-03-27 13:41:54 +00:00
Miroslav Stampar
76b7e3517d minor update 2011-03-27 07:58:15 +00:00
Miroslav Stampar
c5b6d377fb fix for a bug reported by Kirill Morozov (we haven't expected mixed case/copied results in partial union pages) 2011-03-25 12:14:19 +00:00
Miroslav Stampar
2b15ad57c2 basic live tests against 3 major DBMSes 2011-03-24 11:47:01 +00:00
Miroslav Stampar
0bb08d09d2 fix for a bug reported by Kirill (value is None in attack table phase) and minor fix for loading request file 2011-03-24 08:43:40 +00:00
Miroslav Stampar
b5c9ccb755 Oracle XML based error payload has problems with char $ as with space 2011-03-21 13:13:12 +00:00
Miroslav Stampar
2cc91b8470 minor fix 2011-03-19 17:44:34 +00:00
Miroslav Stampar
7c2b3afafb minor fix (-r required Content-Length which is a part of Burp log and as we share the parsing logic this was a headache for -r) 2011-03-19 17:37:26 +00:00
Miroslav Stampar
139448eeb9 little stabilization regarding POST url(de/en)coding 2011-03-19 16:53:14 +00:00
Miroslav Stampar
00b9d85ffc fix regarding bug report from andyroyalbattle@yahoo.it 2011-03-18 16:26:39 +00:00
Miroslav Stampar
75c0e09f43 little refactoring 2011-03-18 13:46:51 +00:00
Miroslav Stampar
c301b245a9 adding default value for referer in case --referer was not defined and --level>=3 used (so it could be tested with default value) 2011-03-18 13:39:51 +00:00
Bernardo Damele
f00aff5303 -v 0 shows both error, critical and raw_input messages 2011-03-11 22:02:38 +00:00
Miroslav Stampar
8edc3b3302 further update regarding last commit 2011-03-03 10:39:04 +00:00
Miroslav Stampar
bc50387a17 possible fix for a bug reported by Black Zero (UnicodeDecodeError for --forms) 2011-03-03 09:42:50 +00:00
Miroslav Stampar
38dc82e13e If no Accept header field is present, then it is assumed that the client accepts all media types. 2011-02-22 22:26:22 +00:00
Miroslav Stampar
d05bd75068 adding experimental for --group-concat 2011-02-22 14:35:38 +00:00
Bernardo Damele
8e60acae5d Added support for --scope also in WebScarab logs (-l) 2011-02-19 21:03:55 +00:00
Miroslav Stampar
df58bcaf95 minor improvement 2011-02-18 14:27:02 +00:00
Miroslav Stampar
22cd49a217 --technique can now be something like 123 which includes both techniques 1, 2 and 3 2011-02-17 21:39:16 +00:00
Miroslav Stampar
199f14df46 implementation of MySQL GROUP_CONCAT technique 2011-02-15 00:28:27 +00:00
Miroslav Stampar
9f7d666451 removing --method per request of buawig 2011-02-12 19:50:27 +00:00
Miroslav Stampar
4295a78c5f minor update 2011-02-10 19:51:34 +00:00
Miroslav Stampar
b56a77e573 removing obsolete switches (--threshold, --excl-reg, --excl-str) 2011-02-03 15:55:19 +00:00
Miroslav Stampar
5f49e20cc8 adding --random-agent and removing -a 2011-02-02 14:51:12 +00:00
Miroslav Stampar
e73a147fb5 minor update 2011-02-02 11:49:59 +00:00
Miroslav Stampar
99aa38b58f minor refactoring 2011-02-02 10:10:28 +00:00
Miroslav Stampar
23c95107ed we must do this because people tend to use ignorantly huge number threads resulting in lots of CRITICAL (timeout) connection messages (also, avoiding DoS) 2011-02-02 09:24:37 +00:00
Bernardo Damele
ec9ebb3479 Set threads to 4 when optimization switch is provided, -o 2011-01-31 21:21:13 +00:00
Miroslav Stampar
ddf23ba7cc refactoring 2011-01-30 11:36:03 +00:00
Miroslav Stampar
367d0639f0 refactoring (class names should always be Capital cased) 2011-01-28 16:36:09 +00:00
Bernardo Damele
e1db2700f0 Minor bug fix to properly deal --prefix and --suffix and parameter replace payloads 2011-01-24 12:25:45 +00:00
Miroslav Stampar
4441e11f68 fix for case -r with no params and cookie available 2011-01-24 11:26:51 +00:00
Bernardo Damele
4128b2c87f Enforce that when --prefix is provided, --suffix is too and viceversa. 2011-01-20 21:57:54 +00:00
Miroslav Stampar
ad12242151 LoL (removing those checks because we use same "logic" for parsing Burp log files and request files) 2011-01-20 16:27:59 +00:00
Miroslav Stampar
e8c037de1a minor update 2011-01-20 16:17:38 +00:00
Miroslav Stampar
4e5f0da1ae minor update 2011-01-20 16:07:08 +00:00
Miroslav Stampar
2fa066f892 added support for WebScarab logs 2011-01-20 15:55:50 +00:00
Miroslav Stampar
f6f4b5e9dd bug fix for charset used in inference for pages retrieved with --null-connection 2011-01-20 11:01:01 +00:00
Bernardo Damele
bade0e3124 Major code refactoring - centralized all kb.dbms* info for both retrieval and set. 2011-01-19 23:06:15 +00:00
Miroslav Stampar
c106dc829a more proper way to deal with this because without it warn message is just fast scrolled while leaving users confused (why it doesn't run) 2011-01-19 22:08:56 +00:00
Bernardo Damele
47565f9459 Minor code refactoring 2011-01-17 21:13:59 +00:00
Miroslav Stampar
30d6791968 update regarding time based data retrieval 2011-01-16 17:52:42 +00:00
Miroslav Stampar
71391874eb slightly faster and thread safer inference 2011-01-16 10:52:42 +00:00
Miroslav Stampar
fb9d7cdfaa refactoring, code clearing and removal of obsolete switch --longest-common 2011-01-14 14:37:03 +00:00
Bernardo Damele
3c95d71ea5 Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase 2011-01-14 11:55:20 +00:00
Bernardo Damele
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS.
Minor bug fixes thanks to previous refactoring too.
2011-01-13 17:36:54 +00:00
Bernardo Damele
af9725214a Properly deal with partial (single entry) UNION injections.
Got rid of kb.union*, now it's all stored/used from kb.injection.
Minor bug fix with where=2 detection phase.
2011-01-12 12:01:32 +00:00
Bernardo Damele
8a67aea754 One more step to fully working UNION exploitation after merge into detection phase 2011-01-12 01:13:32 +00:00
Bernardo Damele
5c7c3c76c3 Fixed previous bug in getErrorParsedDBMSes() call in detection phase.
Added minor support to escape quotes in UNION payloads during detection phase.
2011-01-11 23:47:32 +00:00
Bernardo Damele
06230e4d92 Minor code refactoring and cosmetics 2011-01-11 21:46:21 +00:00
Miroslav Stampar
394b6bc029 reverting some changes 2011-01-11 12:11:33 +00:00
Miroslav Stampar
690281dce1 didn't know this to be honest 2011-01-11 10:17:22 +00:00
Miroslav Stampar
77b51dae57 adding openFile method with an exception block around file opening part 2011-01-08 09:30:10 +00:00
Miroslav Stampar
c17714c423 suppress session in case of brute methods 2011-01-07 16:47:46 +00:00
Miroslav Stampar
b313a20a3f some fixes 2011-01-07 16:39:47 +00:00
Miroslav Stampar
a8d660db54 fixes for bugs reported by pragmatk@gmail.com 2011-01-06 16:59:58 +00:00
Miroslav Stampar
0eabca9fd4 update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) 2011-01-03 22:31:29 +00:00