Commit Graph

1894 Commits

Author SHA1 Message Date
Bernardo Damele
f56d135438 Minor code restyling 2011-04-30 13:20:05 +00:00
Miroslav Stampar
983546d6bf proper fix 2011-04-30 07:01:21 +00:00
Bernardo Damele
a5968fff3e Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided 2011-04-30 00:22:22 +00:00
Bernardo Damele
956e75e2b5 Minor adjustment to --mobile.
Bug fix to --random-agent.
2011-04-29 21:50:48 +00:00
Bernardo Damele
a23ca952e4 Actually brute-force switches make more sense just after their "normal" version. Also, getSchema() method is preferably to be called before getColumns(), see next commit for reason 2011-04-29 21:09:07 +00:00
Miroslav Stampar
46f96f3c4c removing Kindle from list as it's not really a smartphone 2011-04-29 19:32:30 +00:00
Miroslav Stampar
11124b21f9 implemented --mobile switch 2011-04-29 19:27:23 +00:00
Miroslav Stampar
b299912de4 fix for a bug reported by ahmed@isecur1ty.org (UnicodeDecodeError: 'ascii' codec can't decode byte 0x84 in position 396: ordinal not in range(128)) for multipartpost 2011-04-29 16:56:02 +00:00
Miroslav Stampar
6bb4dce3aa minor refactoring 2011-04-29 15:22:32 +00:00
Miroslav Stampar
a2bb0d72e8 fix for a bug reported by rdsears@mtu.edu (TypeError: expected string or buffer) 2011-04-29 14:40:28 +00:00
Bernardo Damele
edac0b2558 Added switch --schema to enumerate DBMS schema and now --columns does not require a mandatory table (-T) anymore, instead it will act as an alias for --schema 2011-04-28 23:59:00 +00:00
Bernardo Damele
441c288dd9 cosmeticados 2011-04-25 00:36:09 +00:00
Bernardo Damele
98f9f3e774 Minor bug fix in local shellcodeexec for Windows path 2011-04-25 00:03:12 +00:00
Bernardo Damele
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that:
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
2011-04-24 23:01:21 +00:00
Bernardo Damele
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch 2011-04-23 16:25:09 +00:00
Miroslav Stampar
75142b383d huge speed up (4x times faster) 2011-04-22 21:00:42 +00:00
Miroslav Stampar
f88aa4b165 implemented suppressResumeInfo mechanism (huge slowdown on large tables) 2011-04-22 19:58:10 +00:00
Miroslav Stampar
493b9adf8e speed up of resume values (compiled regexes used) 2011-04-22 19:27:41 +00:00
Miroslav Stampar
7b3b9e6a87 it seems that this was indeed not meant to be here 2011-04-22 15:07:09 +00:00
Miroslav Stampar
304500a2e8 implemented checkFalsePositives method (simple Turing like tests) 2011-04-22 12:24:16 +00:00
Bernardo Damele
f3088079c0 error message adjustment 2011-04-21 22:31:02 +00:00
Bernardo Damele
eabb5a2ba7 More adjustments to the error message when no sql injections are detected 2011-04-21 22:04:20 +00:00
Bernardo Damele
6d07dddf60 updated doc and minor layout adjustments 2011-04-21 21:53:35 +00:00
Bernardo Damele
06a00fe85e For development version, print also the revision number in the banner 2011-04-21 21:34:57 +00:00
Bernardo Damele
770b1523ff More verbose output when no SQL injections are detected 2011-04-21 21:31:16 +00:00
Bernardo Damele
edc2d75702 Cosmetics and major bug fix 2011-04-21 21:15:23 +00:00
Bernardo Damele
d2f102f5a1 cosmetics 2011-04-21 20:21:37 +00:00
Bernardo Damele
b667c50588 store/resume info on xp_cmd available in session file 2011-04-21 14:25:04 +00:00
Miroslav Stampar
930872cf3b fix 2011-04-21 14:20:09 +00:00
Bernardo Damele
a313df4d37 Allow user to force temporary folder with --tmp-path even if it has been saved one in the session file 2011-04-21 14:05:37 +00:00
Bernardo Damele
fbe5ba5394 cosmetics 2011-04-21 10:54:12 +00:00
Miroslav Stampar
e1a8d268d8 fix for UPX linux/macos 2011-04-21 10:52:34 +00:00
Bernardo Damele
8d8fc2bbd8 cosmetics 2011-04-21 10:17:41 +00:00
Bernardo Damele
11ecd16099 cosmetics 2011-04-21 10:08:38 +00:00
Miroslav Stampar
9ccf720c05 removing funny remark 2011-04-21 10:06:13 +00:00
Bernardo Damele
a91e6a8440 layout 2011-04-21 10:03:18 +00:00
Miroslav Stampar
cbfe743bad added a comment 2011-04-21 10:01:58 +00:00
Miroslav Stampar
c84c4d835f minor update 2011-04-21 09:31:35 +00:00
Miroslav Stampar
e4d3190f41 reverting back to NVARCHAR because of error technique 2011-04-20 12:59:23 +00:00
Miroslav Stampar
3607f03a9e fix of a minor typo 2011-04-20 12:42:35 +00:00
Miroslav Stampar
1286cc0913 now showing trimmed output in for of warning message (UNION and ERROR techniques affected) 2011-04-20 12:41:58 +00:00
Miroslav Stampar
7993f3f12d way better for storing bulk of data (like BLOB on mysql) 2011-04-20 11:44:52 +00:00
Miroslav Stampar
04653684cd revert 2011-04-20 10:34:34 +00:00
Miroslav Stampar
4fadcf0615 improvement for UNION/ERROR case 2011-04-20 10:17:42 +00:00
Miroslav Stampar
1c1c20fb64 minor update 2011-04-20 09:34:00 +00:00
Miroslav Stampar
4b6c524d4c one more minor update regarding last commit 2011-04-20 09:26:03 +00:00
Miroslav Stampar
44926757da minor update 2011-04-20 09:23:08 +00:00
Miroslav Stampar
52c98afe93 minor fix 2011-04-20 08:38:46 +00:00
Miroslav Stampar
24435a2c20 implemented "break a tie" request by Andres Riancho 2011-04-20 08:35:47 +00:00
Miroslav Stampar
df0331fe9b some more refactoring 2011-04-19 23:04:10 +00:00