Bernardo Damele
1d7de719b9
Almost done with web backdoor functionality
2009-04-28 11:05:07 +00:00
Bernardo Damele
16b4530bbe
Minor bug fixes to --os-shell (altought web backdoor functionality still to be reviewed).
...
Minor common library code refactoring.
Code cleanup.
Set back the default User-Agent to sqlmap for comparison algorithm reasons.
Updated THANKS.
2009-04-27 23:05:11 +00:00
Bernardo Damele
5121a4dcba
Send IE7.0 as default User-Agent
2009-04-24 20:13:21 +00:00
Bernardo Damele
406d5df195
Minor layout adjustments
2009-04-24 20:12:52 +00:00
Bernardo Damele
546a6c32e3
Avoid deprecation warning on sha and md5 libraries on Python >= 2.6
2009-04-24 20:10:30 +00:00
Bernardo Damele
6f4035938b
Let the user choose also the local address in reverse OOB connection
2009-04-24 10:27:52 +00:00
Bernardo Damele
06e8546177
Finally fixed MSSQL 2000 fingerprint
2009-04-24 10:26:01 +00:00
Bernardo Damele
eeb34eb028
Again, minor fix to MSSQL 2000 fingerprint
2009-04-23 21:13:34 +00:00
Bernardo Damele
4ce74764b7
More verbose when reporting failure to create shellcode/payload stager (via Metasploit)
2009-04-23 20:39:32 +00:00
Bernardo Damele
aec2419410
Fixed character escaping in SQL shell/query functionalities.
2009-04-23 15:37:12 +00:00
Bernardo Damele
1af6898618
Fixed POST parsing when -l option is provided (burp/webscarab log file)
2009-04-23 15:04:28 +00:00
Bernardo Damele
69259c5984
Updated THANKS
2009-04-23 08:42:57 +00:00
Bernardo Damele
8e88b32274
Minor fix in MSSQL 2000 fingerprint
2009-04-23 08:36:39 +00:00
Bernardo Damele
aefa7ef988
Avoid libmagic traceback on Windows.
...
WARNING: this release is a candidate, it only works on Linux/Unices for the moment!
2009-04-22 12:44:16 +00:00
Bernardo Damele
8c0ac767f4
Updated to sqlmap 0.7 release candidate 1
2009-04-22 11:48:07 +00:00
Bernardo Damele
b997df740a
Minor bug fix
2009-02-25 20:11:14 +00:00
Bernardo Damele
0c1a6b3edf
Minor typo fix
2009-02-19 00:38:54 +00:00
Bernardo Damele
2efee058ea
Major enhancement in comparison algorithm
2009-02-12 00:17:44 +00:00
Bernardo Damele
954417072b
Updated Microsoft SQL Server XML versions file
2009-02-10 23:00:53 +00:00
Bernardo Damele
ba00a17205
Minor layout adjustment
2009-02-09 10:58:44 +00:00
Bernardo Damele
2355885712
Minor adjustment
2009-02-09 10:29:07 +00:00
Bernardo Damele
207e96e2b2
Major bug fix in the comparison algorithm to correctly handle also the
...
case that the url is stable and the False response changes the page
content very little.
2009-02-09 10:28:03 +00:00
Bernardo Damele
c405fb51ab
PDF regenerated
2009-02-04 16:32:06 +00:00
Bernardo Damele
b12d955274
Updated packaging scripts, site and finalized the documentation to release version 0.6.4
2009-02-03 15:38:40 +00:00
Bernardo Damele
770e000cb4
Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs
2009-02-02 23:44:19 +00:00
Bernardo Damele
9ab174a444
Almost ready with the user's manual for 0.6.4 release
2009-02-01 13:44:44 +00:00
Bernardo Damele
77d9d22ceb
Minor update to the user's manual
2009-02-01 00:20:08 +00:00
Bernardo Damele
dded57f1cd
Minor bug fix to correctly unpack user's custom queries on Microsoft SQL Server
2009-01-30 23:58:48 +00:00
Bernardo Damele
ad03684788
Added another PostgreSQL banner signature for Windows (it's specific
...
for PostgreSQL compiled by hand with MinGW/GCC or using the binary MSI
file of PostgreSQL version 8.2.x. PostgreSQL 8.3.x is compiled by
default using Visual C++)
2009-01-30 00:35:05 +00:00
Bernardo Damele
6054090191
sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying.
2009-01-28 14:53:11 +00:00
Bernardo Damele
a8d57bb031
Avoid DeprecationWarning with Python 2.6+
2009-01-22 23:53:01 +00:00
Bernardo Damele
193482a62b
Updated user's manual
2009-01-22 23:44:44 +00:00
Bernardo Damele
981c7a4428
Updated Microsoft SQL Server XML signature db
2009-01-22 22:30:45 +00:00
Bernardo Damele
793c323b2a
Major bug fixes
2009-01-22 22:28:27 +00:00
Bernardo Damele
d54a51a328
Updated the HTML manual for the MySQL UDF and consequently other files. Thanks Roland!
2009-01-22 21:28:56 +00:00
Bernardo Damele
69204afe1f
Updated copyright
2009-01-22 00:41:57 +00:00
Bernardo Damele
9631dc115e
Added PostgreSQL UDF to execute commands on the underlying system:
...
* sys_eval() to return the standard output
* sys_exec() to return the exit status
Inspired by lib_mysqludf_sys 0.0.3 (https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/mysqludfsys/ )
2009-01-22 00:35:17 +00:00
Bernardo Damele
ae0f1985f3
Updated also the patch file
2009-01-21 20:54:14 +00:00
Bernardo Damele
deeccf9b5e
Updated tar.gz package
2009-01-21 00:53:10 +00:00
Bernardo Damele
1c5925ea2b
Minor adjustments
2009-01-21 00:52:23 +00:00
Bernardo Damele
7adbf5892d
Updated user's manual
2009-01-19 23:45:54 +00:00
Bernardo Damele
c25b49e80e
Major bugfix to avoid "IFNULL and CAST" on CASE
2009-01-19 21:27:51 +00:00
Bernardo Damele
96db179ffe
Minor adjustment
2009-01-19 21:26:02 +00:00
Bernardo Damele
f91843540f
Major bug fix when the CU alias (current user) is given (with -U option)
...
together with --privileges or --password to work properly also on
MySQL >= 5.0.
2009-01-19 21:25:37 +00:00
Bernardo Damele
8f973ce574
Minor layout adjustments
2009-01-18 22:36:48 +00:00
Bernardo Damele
161590e121
Added MySQL UDF to execute commands on the underlying system:
...
* sys_eval() to return the standard output
* sys_exec() to return the exit status
It's a patched version of http://mysqludf.org/lib_mysqludf_sys/index.php
2009-01-17 00:13:16 +00:00
Bernardo Damele
6690b4c00a
Added svn executable property
2009-01-17 00:05:47 +00:00
Bernardo Damele
bc3b4c6936
Minor layout adjustments in the user's manual
2009-01-13 23:16:34 +00:00
Bernardo Damele
fd7cb9101c
Major bug fix to forge SQL injection payload on Oracle
2009-01-13 23:15:57 +00:00
Bernardo Damele
bc448211c5
Minor layout adjustment
2009-01-13 23:15:23 +00:00