Miroslav Stampar
d1f5c1d7b7
now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering
2010-12-29 15:10:42 +00:00
Miroslav Stampar
79e97824ef
adding user names to the attack dictionary
2010-12-29 00:37:53 +00:00
Miroslav Stampar
93838fb155
"patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError)
2010-12-28 14:40:34 +00:00
Miroslav Stampar
c0423761e8
minor update
2010-12-27 18:27:42 +00:00
Miroslav Stampar
c8f8dbf0a7
minor update
2010-12-27 15:39:27 +00:00
Miroslav Stampar
9fb0e0fc85
resume of brute forced data is now available
2010-12-27 14:17:20 +00:00
Miroslav Stampar
c7a160bf72
minor update (users want this to see)
2010-12-27 12:00:54 +00:00
Miroslav Stampar
51a492e17d
pretty important commit (now dumped tables are prone to dictionary attack)
2010-12-27 10:56:28 +00:00
Miroslav Stampar
269d6bde24
this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion)
2010-12-27 00:14:29 +00:00
Miroslav Stampar
89c2640d23
basic --search now works with MS Access
2010-12-26 23:50:16 +00:00
Miroslav Stampar
f2373121d0
noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more)
2010-12-26 14:36:51 +00:00
Miroslav Stampar
ceeb6374e8
bug fix (TypeError: object of type 'NoneType' has no len())
2010-12-26 13:27:24 +00:00
Miroslav Stampar
569e060aab
important improvement
2010-12-26 13:20:52 +00:00
Miroslav Stampar
a555d1ad68
minor improvement
2010-12-26 11:15:02 +00:00
Miroslav Stampar
320a6f9efb
minor minor update
2010-12-26 09:55:33 +00:00
Miroslav Stampar
17d74fc83c
cosmeticado
2010-12-26 09:53:40 +00:00
Miroslav Stampar
cd337d9f39
minor fix
2010-12-26 09:46:09 +00:00
Miroslav Stampar
eaf4b93856
minor update
2010-12-26 09:40:40 +00:00
Miroslav Stampar
562a6440d1
fix for a bug reported by nightman (same as http://bugs.python.org/issue8797 )
2010-12-26 09:33:04 +00:00
Miroslav Stampar
6c72e41972
minor fix/update
2010-12-26 02:19:10 +00:00
Miroslav Stampar
c5c4aae3d5
minor update (to prevent adding too much items)
2010-12-25 10:42:36 +00:00
Miroslav Stampar
b472b96f92
bug fix, refactoring and improved extractErrorMessage capabilities
2010-12-25 10:16:20 +00:00
Miroslav Stampar
ea7ba19f6b
minor update
2010-12-25 09:43:14 +00:00
Miroslav Stampar
272476773f
getPageTextWordsSet on tableExists is pretty powerful stuff
2010-12-25 09:37:33 +00:00
Miroslav Stampar
6845d402fa
well, here and there, merry Christmas to all :)
2010-12-24 20:17:53 +00:00
Miroslav Stampar
2d115e0350
one more fix
2010-12-24 18:44:13 +00:00
Miroslav Stampar
edcf1a0872
few bug fixes
2010-12-24 18:40:48 +00:00
Miroslav Stampar
96a06351a1
minor fix (in testing phase raise404 should be set to False)
2010-12-24 12:36:00 +00:00
Miroslav Stampar
2c23a59ba5
fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside)
2010-12-24 12:13:48 +00:00
Miroslav Stampar
aab14fa2d3
minor refactoring/cosmetics
2010-12-24 11:06:57 +00:00
Miroslav Stampar
23dc408901
prioritization of tests based on DBMS error messages and some comments in common.py
2010-12-24 10:55:41 +00:00
Miroslav Stampar
a09716a701
minor update
2010-12-24 10:07:56 +00:00
Miroslav Stampar
d9f08e4aa3
randomization of user agents
2010-12-24 10:04:27 +00:00
Miroslav Stampar
d5eebb1cbf
fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6
2010-12-24 09:49:19 +00:00
Miroslav Stampar
cb17e61f35
bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959)
2010-12-24 02:54:26 +00:00
Miroslav Stampar
8470de7b76
bug fix for boolean proxy when using time based payloads
2010-12-23 23:46:08 +00:00
Miroslav Stampar
7f7fb93155
cosmetics
2010-12-23 18:44:18 +00:00
Miroslav Stampar
017ea9e686
update
2010-12-23 14:06:22 +00:00
Miroslav Stampar
73f33c1999
bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped)
2010-12-23 11:28:13 +00:00
Miroslav Stampar
8fc60215ed
lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called.
2010-12-22 19:12:46 +00:00
Miroslav Stampar
7c06dbffc3
bug fix (AttributeError: 'unicode' object has no attribute 'sort')
2010-12-22 18:55:50 +00:00
Bernardo Damele
c1f2534e9a
More bug fixes to properly distinguish between full inband and single-entry inband sql injections
2010-12-22 15:47:52 +00:00
Bernardo Damele
250608660d
Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not)
2010-12-22 13:41:36 +00:00
Bernardo Damele
5228f336da
Minor fix for ctrl+c during detection phase
2010-12-22 13:15:44 +00:00
Miroslav Stampar
08c88495d0
removed that ugly hack
2010-12-22 13:09:04 +00:00
Miroslav Stampar
8212b7b745
bug fix
2010-12-22 12:16:04 +00:00
Miroslav Stampar
5be9c04e44
update regarding Sybase syntax
2010-12-22 10:39:56 +00:00
Miroslav Stampar
d974a966b8
minor fix for end phase (Ctrl+C)
2010-12-21 23:55:55 +00:00
Miroslav Stampar
fb75d0636b
minor update
2010-12-21 23:42:59 +00:00
Miroslav Stampar
39a13077c4
minor bug fix
2010-12-21 23:09:41 +00:00
Miroslav Stampar
09479c85dc
minor bug fix
2010-12-21 22:35:44 +00:00
Miroslav Stampar
7a525f28d4
cosmetics
2010-12-21 15:26:23 +00:00
Miroslav Stampar
b2e7f9484d
minor tuning (2 techniques MAX per value used)
2010-12-21 15:24:14 +00:00
Miroslav Stampar
6c1133c4d4
some code refactoring
2010-12-21 15:13:13 +00:00
Miroslav Stampar
466d61ee85
minor fix
2010-12-21 14:29:47 +00:00
Miroslav Stampar
385e208f38
code refactoring regarding standard output suppression and some threading issues
2010-12-21 14:21:24 +00:00
Miroslav Stampar
0e68248f60
minor update of heuristic check
2010-12-21 12:56:18 +00:00
Miroslav Stampar
16f1f4e13e
when doing dynamic checks there are cases when 404 can be raised (perfectly normal)
2010-12-21 11:04:49 +00:00
Bernardo Damele
aca074b769
Removed unused outdated code
2010-12-21 10:49:52 +00:00
Bernardo Damele
ad6b528b33
Bit more verbose comment
2010-12-21 10:47:39 +00:00
Miroslav Stampar
6b37ddada4
removed some blank trailing spaces (with extra/shutils/blanks.sh)
2010-12-21 10:31:56 +00:00
Bernardo Damele
1a3f57e5fe
Cosmetics
2010-12-21 09:23:00 +00:00
Miroslav Stampar
d554460aec
minor fix
2010-12-21 01:09:39 +00:00
Miroslav Stampar
116c141dfa
another fix
2010-12-21 00:47:07 +00:00
Miroslav Stampar
416755c0b7
minor adjustments
2010-12-21 00:25:03 +00:00
Miroslav Stampar
8067365b93
fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident')
2010-12-20 23:47:53 +00:00
Miroslav Stampar
e10670d9ac
added end detection phase choice into Ctrl+C list
2010-12-20 23:34:00 +00:00
Miroslav Stampar
29001a4fce
minor update
2010-12-20 23:21:01 +00:00
Miroslav Stampar
b34fe5c334
no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout)
2010-12-20 22:49:48 +00:00
Miroslav Stampar
8fd3e7ba1f
thread based data added
2010-12-20 22:45:01 +00:00
Miroslav Stampar
c9e8aae8a2
we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads)
2010-12-20 19:34:41 +00:00
Miroslav Stampar
e09bc2406c
minor refactoring
2010-12-20 19:24:20 +00:00
Miroslav Stampar
5852bad963
some refactoring
2010-12-20 18:56:06 +00:00
Miroslav Stampar
19d8733e9a
this is strictly for educational purposes
2010-12-20 17:30:47 +00:00
Miroslav Stampar
c948bced61
should solve the problem with timeout problems in time-based payloads
2010-12-20 16:45:41 +00:00
Miroslav Stampar
eaf8929085
more minor updates
2010-12-20 10:48:53 +00:00
Miroslav Stampar
fd00ff7a82
minor bug fix
2010-12-20 10:37:03 +00:00
Miroslav Stampar
e9f1ecb9e7
minor update
2010-12-20 10:32:58 +00:00
Miroslav Stampar
10a7a2dfb2
kids, don't use this at home
2010-12-20 10:13:14 +00:00
Miroslav Stampar
13d5b2c0ff
code refactoring
2010-12-20 09:44:21 +00:00
Miroslav Stampar
4cb83654dc
minor update
2010-12-18 16:28:21 +00:00
Miroslav Stampar
36862e2efa
update
2010-12-18 15:57:47 +00:00
Miroslav Stampar
21d083272e
minor minor fix
2010-12-18 14:31:41 +00:00
Miroslav Stampar
4f73feec2f
now dictionary attack on multiple hash formats is supported (like mysql_passwd and mysql_old_passwd in one database)
2010-12-18 14:11:49 +00:00
Miroslav Stampar
05c6d661e8
cosmetics
2010-12-18 10:49:49 +00:00
Miroslav Stampar
03220d34ba
added Ctrl+C check in detection phase
2010-12-18 10:42:09 +00:00
Miroslav Stampar
e355f92f22
bug fix
2010-12-18 10:02:01 +00:00
Miroslav Stampar
fe67d3827c
code refactoring and some fixes
2010-12-18 09:51:34 +00:00
Miroslav Stampar
108a96c6b4
some fixes
2010-12-17 21:45:20 +00:00
Miroslav Stampar
a19cb2c13a
code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown")
2010-12-17 21:29:09 +00:00
Miroslav Stampar
b4450c6ddd
added one more level of MSSQL version check (if first fails for some reason)
2010-12-17 21:01:14 +00:00
Miroslav Stampar
07609bfb53
minor fix
2010-12-17 19:33:20 +00:00
Miroslav Stampar
323af45ce4
added one more time request payload to confirm test results
2010-12-17 07:53:58 +00:00
Miroslav Stampar
e3fa3b0e8e
fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint')
2010-12-17 07:48:32 +00:00
Miroslav Stampar
95b2c0803b
minor fix
2010-12-15 20:51:29 +00:00
Miroslav Stampar
de54219571
code refactoring
2010-12-15 12:50:56 +00:00
Miroslav Stampar
cda00c7501
code refactoring
2010-12-15 12:43:56 +00:00
Miroslav Stampar
3f34b06a24
minor cosmetics
2010-12-15 12:34:14 +00:00
Miroslav Stampar
445cc3bf3c
minor cosmetics
2010-12-15 12:15:43 +00:00
Miroslav Stampar
c1c525aaea
quick fix of a fix
2010-12-15 12:10:33 +00:00
Miroslav Stampar
7cfeb5447b
minor update
2010-12-15 11:46:28 +00:00
Miroslav Stampar
4dec24d056
quick fix for a bug reported by Andreas Constantinides (KeyError: 5)
2010-12-15 11:30:29 +00:00
Miroslav Stampar
f8a01ddaf8
minor update
2010-12-15 11:21:47 +00:00
Miroslav Stampar
63f5c35c23
bug fix
2010-12-15 10:02:58 +00:00
Miroslav Stampar
c3d0295d21
minor update (checking for --time-sec value)
2010-12-14 12:37:21 +00:00
Miroslav Stampar
b75d7fa348
minor cache based optimization
2010-12-14 12:22:17 +00:00
Miroslav Stampar
270ae0f080
just in case as maybe there will be some boolean expression to check where we won't expect None, but explicitly True/False
2010-12-14 09:05:00 +00:00
Bernardo Damele
04caef6de0
Tuning
2010-12-13 23:04:26 +00:00
Bernardo Damele
cfcee6439e
Cosmetics
2010-12-13 21:55:30 +00:00
Bernardo Damele
86690682c7
Minor bug fix to respect -v value in --common-tables and --common-columns
2010-12-13 21:37:12 +00:00
Bernardo Damele
4b79227b5a
Minor bug fix to properly merge options from .conf file (-c) with command line switches
2010-12-13 21:36:23 +00:00
Bernardo Damele
db844c1785
No point in showing the error-based inject payload, it's same as the one showed in -v3
2010-12-13 21:35:20 +00:00
Bernardo Damele
698f30e65e
Cosmetics
2010-12-13 21:34:35 +00:00
Bernardo Damele
a02dd6b55b
Minor enhancement to speedup active dbms fingerprint (-f).
...
Code cleanup and refactoring.
2010-12-13 21:33:42 +00:00
Miroslav Stampar
d56f47d530
fix for a bug reported by black zero (ValueError: invalid literal for int() with base 10: '1-20')
2010-12-12 23:59:55 +00:00
Miroslav Stampar
6a3c4485e6
minor update (removing extra ())
2010-12-12 14:44:39 +00:00
Miroslav Stampar
e98d9c08e1
dumping table is now possible on Firebird too
2010-12-12 14:38:07 +00:00
Miroslav Stampar
c93634b6c7
blind dumping of tables in sqlite implemented
2010-12-11 22:13:19 +00:00
Miroslav Stampar
b1babeefe5
update regarding dumping of tables with blind on Sqlite
2010-12-11 22:00:16 +00:00
Miroslav Stampar
f7344a5fc3
update
2010-12-11 21:28:11 +00:00
Miroslav Stampar
6a24048aa6
urllib2 doesn't play well with '\n' when non unescaped chars used
2010-12-11 21:17:54 +00:00
Miroslav Stampar
e6c66fa37c
update regarding expectingNone in fingerprinting mode to cancel drop down to other techniques available
2010-12-11 17:55:28 +00:00
Miroslav Stampar
e32fa9df43
further update regarding bugtrace's report
2010-12-11 17:32:15 +00:00
Miroslav Stampar
5d18c98ec2
quick fix for a bug reported by bugtrace (not using __goBooleanProxy because we don't have a proper vector this moment)
2010-12-11 17:20:39 +00:00
Miroslav Stampar
03447acc1d
avoiding some trashy match ratios
2010-12-11 17:12:19 +00:00
Miroslav Stampar
d2a3e8f44f
first time firebird error-based query success
2010-12-11 11:17:24 +00:00
Miroslav Stampar
f021548bd0
added inference failsafe (like in for instance Firebirds SUBSTR always returns a string value, no matter which starting index you use)
2010-12-11 10:52:04 +00:00
Miroslav Stampar
c17f444aab
minor fix
2010-12-11 10:22:18 +00:00
Miroslav Stampar
3dc0a51d34
major bug fix with boolean expressions
2010-12-11 08:46:19 +00:00
Miroslav Stampar
ac9080c07b
update
2010-12-11 08:24:29 +00:00
Miroslav Stampar
66db80804d
fix
2010-12-10 16:03:32 +00:00
Miroslav Stampar
435f48b8cc
polite cosmetics
2010-12-10 15:28:56 +00:00
Miroslav Stampar
977988c0ab
cosmetics
2010-12-10 15:24:25 +00:00
Miroslav Stampar
fa8d378e80
another update
2010-12-10 15:18:15 +00:00
Miroslav Stampar
1ef44cfe60
fix
2010-12-10 15:06:53 +00:00
Miroslav Stampar
fe186cde55
proper fix
2010-12-10 13:26:31 +00:00
Miroslav Stampar
9957881040
you won't believe commit
2010-12-10 13:20:59 +00:00
Miroslav Stampar
1fc9ed10a8
minor refactoring
2010-12-10 12:30:36 +00:00
Miroslav Stampar
4d8628e8fb
fix for booleans
2010-12-10 12:26:01 +00:00
Miroslav Stampar
fe2039f5ba
coollyy little commits
2010-12-10 11:32:46 +00:00
Miroslav Stampar
d5e7a8d305
update
2010-12-10 10:54:17 +00:00
Bernardo Damele
b6dcbcef5b
Minor fix
2010-12-10 10:52:55 +00:00
Miroslav Stampar
471d9ccd65
another fix of my lala
2010-12-10 10:11:25 +00:00
Miroslav Stampar
029a6abba2
quick fix
2010-12-10 09:54:25 +00:00
Miroslav Stampar
441fc8dbd9
update regarding boolean based expressions
2010-12-09 21:15:18 +00:00
Miroslav Stampar
d5fb921154
removed debug print
2010-12-09 20:08:59 +00:00
Miroslav Stampar
1492823de0
it wasn't pretty, now it's pretty
2010-12-09 20:06:20 +00:00
Miroslav Stampar
bbffea2cbc
bug fix
2010-12-09 17:10:22 +00:00
Miroslav Stampar
0eb2c408a9
code refactoring
2010-12-09 16:49:02 +00:00
Bernardo Damele
df5f6bc1b7
Little precaution
2010-12-09 14:06:43 +00:00
Bernardo Damele
9230877d98
cosmetics
2010-12-09 13:57:38 +00:00
Bernardo Damele
5fb04515d3
Added hidden (for the moment) switch --technique
2010-12-09 13:47:17 +00:00
Miroslav Stampar
cdff29ada7
update
2010-12-09 11:23:44 +00:00
Miroslav Stampar
196131bbca
minor cosmetics
2010-12-09 10:42:00 +00:00
Miroslav Stampar
ec5c08ca7a
cosmetics
2010-12-09 09:24:20 +00:00
Miroslav Stampar
3fd1c37d53
update
2010-12-09 07:49:18 +00:00
Miroslav Stampar
db39dc32fc
minor update
2010-12-09 00:59:39 +00:00
Bernardo Damele
0c01be0eeb
Ugly work-around to avoid unescaping WAITFOR DELAY time between single quotes (unescaped CHAR(..) value does not work).
2010-12-09 00:34:02 +00:00
Bernardo Damele
9c61adb21d
Cosmetics
2010-12-09 00:26:06 +00:00
Bernardo Damele
b5c6527c72
Minor fix
2010-12-09 00:25:48 +00:00
Bernardo Damele
f5ce739bdf
Added support for time-based blind SQL injection via stacked queries too. Need to add vectors for some DBMS yet.
2010-12-08 23:52:31 +00:00
Bernardo Damele
10ef2b5de8
Minor bug fix
2010-12-08 23:09:42 +00:00
Miroslav Stampar
54f6673609
update
2010-12-08 22:38:26 +00:00
Miroslav Stampar
d6077273e0
update
2010-12-08 22:14:42 +00:00
Miroslav Stampar
258e9fb50e
fix for a "bug" reported by Spencer J. McIntyre (os.makedirs(conf.outputPath, 0755) -> permission denied)
2010-12-08 21:16:18 +00:00
Miroslav Stampar
81c16926c1
code refactoring some more
2010-12-08 14:46:07 +00:00
Miroslav Stampar
40fadf2f35
minor update
2010-12-08 14:33:10 +00:00
Miroslav Stampar
95b48746a6
cosmetics
2010-12-08 14:29:09 +00:00
Miroslav Stampar
ed09c53ee4
minor minor update
2010-12-08 14:27:37 +00:00
Miroslav Stampar
01cf1394a4
code refactoring
2010-12-08 14:26:40 +00:00
Miroslav Stampar
af22679605
minor update
2010-12-08 13:09:27 +00:00
Miroslav Stampar
6223f25dd9
code beautification
2010-12-08 13:04:48 +00:00
Miroslav Stampar
64cc2588f1
now resume is available for time-based blinds too
2010-12-08 12:49:26 +00:00
Miroslav Stampar
537b619165
removing junk
2010-12-08 12:30:25 +00:00
Miroslav Stampar
b5e45939e3
sqlmap premiere of blind time based query/bisection
2010-12-08 12:28:54 +00:00
Miroslav Stampar
47bb31fb47
code refactoring
2010-12-08 11:30:25 +00:00
Miroslav Stampar
1ae2fa7f1a
update regarding time based payloads
2010-12-08 11:26:54 +00:00
Miroslav Stampar
bdff4aba6a
switching to quick_ratio
2010-12-07 23:57:43 +00:00
Miroslav Stampar
c1b82cf09c
ratio() gives a considerable lag on real life cases, as real_quick_ratio() gives almost as good results
2010-12-07 23:53:44 +00:00
Miroslav Stampar
a4a63f5b1e
minor update
2010-12-07 23:49:00 +00:00
Miroslav Stampar
293ce18fed
two major bug fixes regarding time calculation (previously comparison was also a part of "delta", which screwed results in cases with large pages; other was a standard distribution based one)
2010-12-07 23:32:33 +00:00
Miroslav Stampar
b21eb88905
minor update
2010-12-07 22:45:38 +00:00
Miroslav Stampar
575e50673b
minor update
2010-12-07 19:27:01 +00:00
Miroslav Stampar
398b82644a
little explanation
2010-12-07 19:25:26 +00:00
Miroslav Stampar
dc651d59ec
little mathematics here and there (used "Rules for normally distributed data")
2010-12-07 19:19:12 +00:00
Bernardo Damele
ee72838231
Removed debug print
2010-12-07 17:19:29 +00:00
Bernardo Damele
5f97312f29
Minor fix
2010-12-07 17:17:38 +00:00
Bernardo Damele
81e7465ed2
Cosmetics
2010-12-07 17:16:21 +00:00
Miroslav Stampar
ecd4a5a532
added standard deviation check in time based tests
2010-12-07 16:39:31 +00:00
Miroslav Stampar
294119d2ec
more advanced time technique(s)
2010-12-07 16:04:53 +00:00
Miroslav Stampar
4959da3ce6
it's a must to double check time based payloads
2010-12-07 14:59:11 +00:00
Miroslav Stampar
e53fef546e
update regarding session page templates
2010-12-07 14:35:31 +00:00
Miroslav Stampar
add6235b16
removed pageTemplate from injection(s), it's not longer stored in session, and it's reloaded when resuming from session
2010-12-07 14:06:54 +00:00
Miroslav Stampar
0dc630203f
code refactoring
2010-12-07 13:34:06 +00:00
Bernardo Damele
8e78057ac8
Added counter of total HTTP(s) requests done during detection phase
2010-12-07 12:33:47 +00:00
Bernardo Damele
effd2ca0e3
Cosmetics
2010-12-07 12:32:58 +00:00
Miroslav Stampar
2af8835a94
fix for a bug reported by ToR (origValue = paramDict[kb.injection.parameter] -> KeyError in resume with missing injection parameter)
2010-12-07 10:57:32 +00:00
Miroslav Stampar
3d87489de5
minor update
2010-12-07 08:05:03 +00:00
Miroslav Stampar
0da1ebde7d
introducing PostgreSQL time based blind
2010-12-07 00:51:14 +00:00
Miroslav Stampar
61f82fd274
introducing [DELAYED] for heavy query time based payloads when response time is non-deterministic
2010-12-07 00:27:26 +00:00
Miroslav Stampar
2735848ab6
removed ERROR_SPACE
2010-12-06 22:40:07 +00:00
Miroslav Stampar
9ccc8f90a3
minor cosmetic update ("heuristics shows" is not grammatically correct)
2010-12-06 18:47:22 +00:00
Miroslav Stampar
d336f1df23
minor update
2010-12-06 18:44:42 +00:00
Miroslav Stampar
d77ddbee47
OR based inference works for the first time in history and fingerprint of 4 major DBMSes is now injection based (instead of AND)
2010-12-06 18:20:57 +00:00
Miroslav Stampar
27ee9a5ccf
minor refactoring
2010-12-06 15:50:19 +00:00
Miroslav Stampar
e8be14e00a
minor refactoring
2010-12-06 07:48:14 +00:00
Miroslav Stampar
a43d252ae9
minor update
2010-12-06 00:14:08 +00:00
Miroslav Stampar
5189f138d7
increasing socket timeout in case of time based checks
2010-12-05 23:18:16 +00:00
Bernardo Damele
17449754fe
Got rid of UNION false cond
2010-12-05 16:16:15 +00:00
Bernardo Damele
da3fd17fc3
Adjustment to make it work also in OR based injection
2010-12-05 12:24:23 +00:00
Bernardo Damele
41e1b95c6c
Minor code refactoring and finally make exploitation work also on OR boolean-based injections
2010-12-05 11:25:44 +00:00
Miroslav Stampar
7a5cd3b35f
minor comment update
2010-12-05 11:15:09 +00:00
Bernardo Damele
618b3b0211
Cosmetics
2010-12-05 11:05:57 +00:00
Miroslav Stampar
9e5f933ace
some updates
2010-12-04 15:47:02 +00:00
Miroslav Stampar
3f9450b9dc
minor fix
2010-12-04 14:43:35 +00:00
Miroslav Stampar
1f795622b3
some fine tuning of dynamicity removing engine
2010-12-04 13:39:35 +00:00
Miroslav Stampar
eeb199375b
usage of compiled regexes in case of dynamic markings and other refactoring
2010-12-04 13:23:28 +00:00
Miroslav Stampar
0fc7a8f9e8
code refactoring
2010-12-04 10:13:18 +00:00
Miroslav Stampar
04714374f9
now you can use kb.pageTemplate to set a page which will be used as a template in comparison process (at least in '-[RANDNUM] OR' cases we'll need to use different template(s))
2010-12-04 10:05:18 +00:00
Miroslav Stampar
b3a094b9d6
fix for a bug reported by ToR (when resuming: queries[kb.dbms] -> KeyError: u'mysql')
2010-12-03 22:44:29 +00:00
Miroslav Stampar
5764816891
minor cosmetics
2010-12-03 22:28:09 +00:00
Bernardo Damele
5d37df6104
Ugly code to set the cookies when got them from a 302 redirect too
2010-12-03 17:41:10 +00:00
Bernardo Damele
9d55c4da87
Done with support for injection in ORDER BY and GROUP BY (hopefully)
2010-12-03 16:12:47 +00:00
Bernardo Damele
91c3cf8fd0
Minor improvement
2010-12-03 16:11:57 +00:00
Bernardo Damele
0e6359ab6e
Minor layout adjustment
2010-12-03 16:11:35 +00:00
Bernardo Damele
6e73adec47
Get rid of one useless attribute
2010-12-03 16:11:13 +00:00
Bernardo Damele
126a1479d8
Bug fix for --union-test
2010-12-03 14:57:30 +00:00
Bernardo Damele
11058667e4
Better naming
2010-12-03 14:45:13 +00:00
Bernardo Damele
b824826a89
Minor enhancement to prefix payload in ORDER BY and GROUP BY clauses
2010-12-03 14:39:51 +00:00
Bernardo Damele
bb40ab9fb0
Major bug fix for default boolean-based vector still work and minor adjustments
2010-12-03 14:31:11 +00:00
Miroslav Stampar
612ee08a0b
added response time kb attribute
2010-12-03 13:19:34 +00:00
Bernardo Damele
4dec049c22
Major bug fix for test on ORDER BY and GROUP BY clauses.
...
Minor bug fix to skip following tests if they do not match any of the clause previously identified (injection.clause value).
2010-12-03 12:00:03 +00:00
Bernardo Damele
827a0aea05
Minor bug fix
2010-12-03 11:15:11 +00:00
Bernardo Damele
7690aa85ce
Added a comment needed to understand this hack when looking at the code in a month or so ;)
2010-12-03 11:00:41 +00:00
Bernardo Damele
a9d4b37987
Code cleanup and minor refactoring
2010-12-03 10:51:27 +00:00
Bernardo Damele
22de82634a
Important update to parse correctly the <where> tag during exploitation phase.
...
Minor code cleanup.
2010-12-03 10:44:16 +00:00
Bernardo Damele
7d6f51f758
Avoid blank space between prefix and test's payload if it's a stacked queries test
2010-12-03 10:42:46 +00:00
Bernardo Damele
b0928e02c6
Proper comment
2010-12-03 10:39:36 +00:00
Miroslav Stampar
2cc167a42e
fix for a bug reported by ToR: "AttributeError: 'NoneType' object has no attribute 'isdigit'"
2010-12-02 18:57:43 +00:00
Bernardo Damele
283a04e29a
On my way to properly parse test's <where> tag in exploitation phase
2010-12-01 23:32:58 +00:00
Bernardo Damele
09b265a1ea
Got rid of conf.logic for the moment, haven't decided yet what to do with parenthesis check
2010-12-01 23:32:02 +00:00
Bernardo Damele
47f2d22181
Minor bug fix
2010-12-01 17:18:31 +00:00
Bernardo Damele
089c16a1b8
Added tag <epayload> to the payloads.xml's <test> tag to define which payload to use when exploiting the test type.
...
Removed some useless tests.
Moved <error> from queries.xml to payloads.xml as it makes more sense.
Beeps at sql inj found only if --beep is provided.
Minor fix in order to be able to pickle advancedDict() objects.
Minor code refactoring.
Removed useless folders.
2010-12-01 17:09:52 +00:00
Bernardo Damele
c00ea7f5e5
Store and resume also UNION char to session file (--union-char)
2010-12-01 10:59:58 +00:00
Bernardo Damele
025361c970
Higher precedence to union query sql inj than error-based
2010-12-01 10:57:17 +00:00
Bernardo Damele
56d2b2f322
Avoid storing to session file also payload delimiters
2010-12-01 10:55:59 +00:00
Bernardo Damele
2708aad504
Unified start and stop delimiters accross errror-based (detection engine) and union query (--union-test) tests.
2010-12-01 10:31:50 +00:00
Bernardo Damele
8d84dcc5dc
More sense
2010-12-01 09:17:17 +00:00
Bernardo Damele
c8f943f5e4
Now, if the back-end dbms type has been identified by the detection engine, skips the fingerprint phase.
...
Major code refactoring and commenting to detection engine.
Ask user whether or not to proceed to test remaining parameters after an injection point has been identified.
Restore beep at SQL injection find.
Avoid reuse of same variable in DBMS handler code.
Minor adjustment of payloads XML file.
2010-11-30 22:40:25 +00:00
Miroslav Stampar
fcdebbd55f
cosmeticados
2010-11-30 14:48:13 +00:00
Miroslav Stampar
47a7708950
minor improvement of dynamic content detection/removal part
2010-11-30 12:45:42 +00:00
Bernardo Damele
8b9706656e
Got rid of unreliable 'ORDER BY' technique to detect UNION query SQL injection, consequently switch --union-tech has gone now.
...
Minor code refactoring too.
2010-11-29 17:18:38 +00:00
Bernardo Damele
e9291932e5
Apply --level also to User-Agent (level >= 4) and Cookie (level >= 3).
...
GET and POST parameters are always tested.
2010-11-29 16:33:20 +00:00
Miroslav Stampar
e735f2960a
minor update
2010-11-29 15:25:45 +00:00
Bernardo Damele
c76d740a25
just a precaution
2010-11-29 15:21:56 +00:00
Miroslav Stampar
70e87d959e
update of dynamicity engine
2010-11-29 15:14:49 +00:00
Bernardo Damele
ee4e04ebca
Minor adjustment
2010-11-29 15:09:40 +00:00
Bernardo Damele
2efb3b78ea
Consider also --dbms value during the detection phase
2010-11-29 14:48:07 +00:00
Miroslav Stampar
be6df7abd9
improvement of dynamicity engine
2010-11-29 14:30:57 +00:00
Bernardo Damele
76ce9cc888
Minor bug fix for --forms
2010-11-29 12:46:18 +00:00
Bernardo Damele
6525e08d6b
Minor adjustment to detect the proper parameter type based upon --prefix and --suffix values
2010-11-29 12:13:42 +00:00
Bernardo Damele
c22338ce90
Removed --error-test, --stacked-test and --time-test switches and adapted the code accordingly. This is due to the fact that the new XML based detection engine already supports all of those tests (and more).
2010-11-29 11:47:58 +00:00
Bernardo Damele
e8c6c01e27
precaution
2010-11-29 09:54:30 +00:00
Bernardo Damele
9d7087e2ff
Proper saving and resuming when more than a parameter are injectable.
...
Minor bug fix to --stacked-test
Minor code refactoring.
2010-11-29 01:04:42 +00:00
Bernardo Damele
75f7df75b6
Minor fix
2010-11-28 23:33:51 +00:00
Bernardo Damele
472f4465a6
Prioritize DBMS fingerprint based on DBMS (<dbms>) identified during the detection phase.
...
Minor bug fix to properly handle the case that no injections are found.
Nicer display of injection vulnerabilities detected.
Minor code refactoring.
2010-11-28 21:27:47 +00:00
Bernardo Damele
7e3b24afe6
Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.
...
All (hopefully) functionalities should still be working.
Added two switches, --level and --risk to specify which injection tests and boundaries to use.
The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2010-11-28 18:10:54 +00:00
Miroslav Stampar
6712f4da55
some refactoring and one less request for aspx maintanance during --os-shell
2010-11-24 14:20:43 +00:00
Bernardo Damele
253eafb643
paranoid cosmetics
2010-11-24 12:03:01 +00:00
Miroslav Stampar
b2b521fc8a
gready regex bastard :)
2010-11-24 12:01:36 +00:00
Miroslav Stampar
9579a97039
now ASPX works too for --os-shell
2010-11-24 11:38:27 +00:00
Miroslav Stampar
c54c9ee5d1
minor update
2010-11-23 22:33:00 +00:00
Miroslav Stampar
57ad59206b
cosmetics as it's best
2010-11-23 22:09:10 +00:00
Miroslav Stampar
7a147041c4
cosmetics
2010-11-23 21:44:58 +00:00
Miroslav Stampar
f4f0bc9db3
minor fix
2010-11-23 21:17:01 +00:00
Miroslav Stampar
f9f076ba97
code refactoring
2010-11-23 21:00:42 +00:00
Miroslav Stampar
7877a931d5
more cosmetics regarding dictionary attack
2010-11-23 20:54:40 +00:00
Miroslav Stampar
e3b3e05748
minor update
2010-11-23 19:21:30 +00:00
Miroslav Stampar
0d24a15182
more cosmetics
2010-11-23 19:10:34 +00:00
Miroslav Stampar
836a1c214a
los cosmeticados (of hash dictionary attack)
2010-11-23 18:57:00 +00:00
Miroslav Stampar
c4414df594
minor update
2010-11-23 15:33:13 +00:00
Miroslav Stampar
78024eafe0
little precaution
2010-11-23 15:31:23 +00:00
Miroslav Stampar
4af000e699
minor language update (in testing phase "used" is more preferable than "provided")
2010-11-23 15:11:15 +00:00
Miroslav Stampar
b41ee8d0d0
minor refactoring
2010-11-23 14:57:36 +00:00
Miroslav Stampar
aa5d038f18
more code refactoring
2010-11-23 14:50:47 +00:00
Miroslav Stampar
3cae76627c
code refactoring regarding dictionary attack
2010-11-23 13:58:01 +00:00
Miroslav Stampar
ba4ea32603
first working version of dictionary attack
2010-11-23 13:24:02 +00:00
Miroslav Stampar
c471b815cc
fix for a bug reported by BugTrace (IndexError: list index out of range)
2010-11-22 10:58:08 +00:00
Miroslav Stampar
bfc9378542
sorry, even more proper naming should be like this (passwd is a standard naming for this kind of function(s))
2010-11-20 13:22:59 +00:00
Miroslav Stampar
db59faedb9
more proper naming
2010-11-20 13:20:28 +00:00
Miroslav Stampar
1f8a9fe033
foundations for dictionary attack support combined with the sqlmap's password/hash retrieval functionality (--password switch)
2010-11-20 13:14:13 +00:00
Miroslav Stampar
71107e4e9e
quick fix for google searches
2010-11-19 21:38:20 +00:00
Bernardo Damele
99a23e23cf
Extra check on --union-cols value
2010-11-19 16:39:26 +00:00
Bernardo Damele
c23126547e
Improved --union-cols to accept a range to test for union SQL injection. By default it is 1-20.
2010-11-19 15:48:24 +00:00
Bernardo Damele
ad17e9ed2a
Added new switch --union-char to be able to provide the character used in union-test and exploit (default is still NULL, but can be any)
2010-11-19 14:56:20 +00:00
Miroslav Stampar
df88280681
minor update of google regex (that * was a junky one)
2010-11-19 10:04:29 +00:00
Miroslav Stampar
e8bef28337
updating google parsing regex (for the better, of course)
2010-11-19 10:00:29 +00:00
Miroslav Stampar
d97e97d884
minor update :)
2010-11-19 09:02:44 +00:00
Bernardo Damele
4a9bd3a240
Finally a proper union query SQL injection test engine for --union-test. It does much more requests, but for god sake now it works well!
2010-11-18 17:55:43 +00:00
Bernardo Damele
544327379f
Little precaution
2010-11-18 14:32:52 +00:00
Bernardo Damele
f6a17cb1a8
Revert wrong fix
2010-11-18 10:41:06 +00:00
Bernardo Damele
17486e472a
Proper english (--postfix is now --suffix) and --string/--regexp does not necessarily need to match into the original response body, it might well be in the injected True condition only!
2010-11-17 22:00:09 +00:00
Miroslav Stampar
ca5125bbe0
minor update related to r2401
2010-11-17 20:50:31 +00:00
Bernardo Damele
360aff7a4d
sqlite3 library is not part of Gentoo (perhaps others) Python packages or installation bundle
2010-11-17 17:20:32 +00:00
Miroslav Stampar
a0df36beda
when in multi target mode this should be done (another bug was reported by ToR for using "old" data - kb was not properly cleared)
2010-11-17 15:33:07 +00:00
Miroslav Stampar
17f0609263
minor bug fix
2010-11-17 13:29:57 +00:00
Miroslav Stampar
3d25071d06
another minor improvement regarding logging of http traffic
2010-11-17 12:16:48 +00:00
Miroslav Stampar
3e569a1693
minor update
2010-11-17 12:04:33 +00:00
Miroslav Stampar
2802923dbe
some improvements regarding --os-shell web server application choice
2010-11-17 11:45:52 +00:00
Miroslav Stampar
5abbea4a9f
fix for a bug reported by nightman (unknown charset 'null')
2010-11-17 09:57:32 +00:00
Miroslav Stampar
d757e4ae1c
bug fix (when user manually sets web root, that same directory should be used as one of potentionaly default dirs)
2010-11-17 09:46:04 +00:00
Miroslav Stampar
bec152609a
minor cosmetics and bug fix for Windows machines ('\\' is interpreted as \ and inside the script it can screw things up as it's a marker for a special character - thus '\\\\' is interpreted as \\ which represents special character \)
2010-11-17 09:33:05 +00:00
Miroslav Stampar
76c3f5768b
cosmetics
2010-11-17 09:12:48 +00:00
Miroslav Stampar
2a8e270bef
proper handling of carriage return character from Windows target machines
2010-11-16 15:11:03 +00:00
Miroslav Stampar
ab33651f96
minor bug fix for displaying text from windows machines (\r was interfering with normal dataToStdout behavior)
2010-11-16 15:02:22 +00:00
Miroslav Stampar
3487429eac
minor cosmetics
2010-11-16 14:41:46 +00:00
Miroslav Stampar
3640dbf745
fix for --parse-errors (on IIS HTTP error is raised which need to be processed)
2010-11-16 14:33:30 +00:00
Miroslav Stampar
cccb565859
cosmetics
2010-11-16 14:11:32 +00:00
Miroslav Stampar
b9d9f18939
added General cmdline group
2010-11-16 14:09:09 +00:00
Miroslav Stampar
e7a66371f8
update regarding os shell-ing regarding JSP and ASPX
2010-11-16 13:46:46 +00:00
Miroslav Stampar
6232397129
minor update
2010-11-16 10:52:49 +00:00
Miroslav Stampar
6ef3846400
update regarding error parsing (and reporting)
2010-11-16 10:42:42 +00:00
Bernardo Damele
71cb982039
Another bug fix to --union-test
2010-11-15 21:42:56 +00:00
Miroslav Stampar
b3ad63b71e
major bug fix (haven't applied dynamic content removal to the original comparison (conf.seqMatcher.a) page)
2010-11-15 14:59:37 +00:00
Miroslav Stampar
ff310475c8
some reporting update for --forms
2010-11-15 14:17:51 +00:00
Miroslav Stampar
20d6b9a5c1
minor fix
2010-11-15 12:24:32 +00:00
Miroslav Stampar
39c6c9f386
minor update
2010-11-15 12:19:22 +00:00
Miroslav Stampar
819085155e
minor update/fix
2010-11-15 12:07:13 +00:00
Miroslav Stampar
c25c017c08
cosmetics regarding --forms
2010-11-15 11:50:33 +00:00
Miroslav Stampar
36c544f440
update (--forms acts now more like -g switch)
2010-11-15 11:34:57 +00:00
Bernardo Damele
5f46a549ba
Cosmetics for --forms
2010-11-14 21:59:35 +00:00
Bernardo Damele
0bfc1b411a
Another bug fix for --union-test
2010-11-14 15:39:57 +00:00
Miroslav Stampar
a0fb96816f
fix for a bug reported by ToR (value += actVer)
2010-11-14 08:31:29 +00:00
Bernardo Damele
8d07272c82
Added --union-cols switch to specify the max number of columns to test for UNION query sql injection.
...
Now stores/resumes also the exact UNION payload to session file.
2010-11-13 23:24:41 +00:00
Bernardo Damele
df5dc10111
Major enhancement to --union-test check
2010-11-13 22:47:37 +00:00
Miroslav Stampar
84849316b3
improvement of heuristic check (now original value is included too)
2010-11-12 23:06:01 +00:00
Miroslav Stampar
06a872fc99
update/fix for an issue reported by nightman (IncompleteRead: IncompleteRead(1284 bytes read))
2010-11-12 22:57:33 +00:00
Miroslav Stampar
27735b14df
update (--string and --regex should be done regardless of wasLastRequestError)
2010-11-12 22:44:15 +00:00
Miroslav Stampar
0d66f101da
fix for a bug reported by Bugtrace (--string "pengcheng_cui" and "Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource" on False pages)
2010-11-12 22:29:33 +00:00
Bernardo Damele
a777d59870
Minor bug fix
2010-11-12 15:17:12 +00:00
Bernardo Damele
0a83a830d9
Properly handle both HTTPS and HTTP requests through proxy
2010-11-12 14:21:46 +00:00
Bernardo Damele
e1ef27f592
work-around to be able to pass in the -r request file the Host header, the ending string ":443" and so sqlmap will go over https
2010-11-12 12:25:02 +00:00
Bernardo Damele
9f53048ff4
Put a space always between the user's provided prefix and sqlmap payload
2010-11-12 11:48:26 +00:00
Miroslav Stampar
697b32554c
fix for a bug "ordinal not in range(128)" reported by bugtrace
2010-11-12 11:48:25 +00:00
Bernardo Damele
f83dd2251b
Properly save error-based enumerated data in session file, able to be resumed like with other techniques
2010-11-12 11:40:37 +00:00
Bernardo Damele
a34c1b287c
Bug fix related to properly identify and parse the version from the banner (used for --stacked-test and other matters on MySQL/PgSQL)
2010-11-12 11:33:11 +00:00
Bernardo Damele
8cec75656c
Bug fix to properly save the match ratio only if numeric (to avoid also tracebacks when match is based on --string or --regexp)
2010-11-12 10:31:42 +00:00
Bernardo Damele
a14e4d9668
Referer does not have to be static, it's already a switch (--referer) so that user can specify it manually.
2010-11-12 10:16:39 +00:00
Bernardo Damele
66c82d72e4
Typo fix
2010-11-12 10:02:02 +00:00
Miroslav Stampar
42272ca78c
minor update
2010-11-11 22:26:36 +00:00
Miroslav Stampar
8aefd0bbf7
improvement of --common-tables and --common-columns
2010-11-11 20:37:25 +00:00
Miroslav Stampar
2d872f850a
quick fix
2010-11-11 19:54:54 +00:00
Miroslav Stampar
24238ccd0b
re-renaming of brute force switches. this way is better.
2010-11-11 07:57:44 +00:00
Miroslav Stampar
96d88877ba
bug fix (reported by ToR)
2010-11-10 19:44:51 +00:00
Miroslav Stampar
19c1bfa368
just a precaution (now i really need to go for a sleep)
2010-11-09 23:38:29 +00:00
Miroslav Stampar
88c00e61d3
another update
2010-11-09 23:35:37 +00:00
Miroslav Stampar
47720a43dd
minor fix (while we've calculated conf.matchRation for stable pages, we've put a constant value (0.900) for dynamic ones - so putting (ratio - conf.matchRatio) > DIFF_TOLERANCE for dynamic pages too would just effectively increase it's value to 0.900 + DIFF_TOLERANCE (in our case to 0.950) which is too narrow space for True result)
2010-11-09 23:21:21 +00:00
Miroslav Stampar
5ebd5d935c
another name change
2010-11-09 22:49:31 +00:00
Miroslav Stampar
06f00cf8c1
name change
2010-11-09 22:48:22 +00:00
Miroslav Stampar
6807fb04cc
minor update
2010-11-09 22:44:23 +00:00
Miroslav Stampar
fef60d5cb7
some fixes :)
2010-11-09 22:32:05 +00:00
Bernardo Damele
1cc99e2247
Possible quick fix for missing of True/False comparison of stable-but-not-really pages
2010-11-09 21:39:58 +00:00
Bernardo Damele
2205099a5e
Python stylish
2010-11-09 21:39:05 +00:00
Miroslav Stampar
cee888b613
tuning detection engine (None results from queryPage/comparison should not be treated as False in checkSqlInjection routine - None is returned when error is detected)
2010-11-09 19:14:55 +00:00
Miroslav Stampar
726825ca70
minor update
2010-11-09 16:59:36 +00:00
Miroslav Stampar
b43334165d
update regarding brute forcing
2010-11-09 16:53:33 +00:00
Miroslav Stampar
a7fa8d4975
update regarding brute force retrieval of table names and table column names
2010-11-09 16:15:55 +00:00
Miroslav Stampar
7752b5efe9
minor update
2010-11-09 09:51:54 +00:00
Miroslav Stampar
4be0631161
refactoring of brute force techniques
2010-11-09 09:42:43 +00:00
Miroslav Stampar
221f976fbd
minor update
2010-11-09 01:23:54 +00:00
Bernardo Damele
45ec8c169a
Consistency between --*-test switches/output
2010-11-08 16:46:25 +00:00
Miroslav Stampar
fda8752dca
revert of some HTTP headers handling
2010-11-08 13:26:45 +00:00
Bernardo Damele
78d7b17483
More replacements for refactoring.
...
Minor layout adjustments.
Alignment of conffile/optiondict/cmdline parameters.
2010-11-08 12:36:48 +00:00
Miroslav Stampar
eb999de0f1
added Range handler (dealing with 206 HTTP messages)
2010-11-08 12:26:13 +00:00
Miroslav Stampar
875781bf97
another minor fix
2010-11-08 11:55:56 +00:00
Miroslav Stampar
4a4a3051e5
fix
2010-11-08 11:39:07 +00:00
Miroslav Stampar
a3de10e3a2
new option -t
2010-11-08 11:22:47 +00:00
Miroslav Stampar
4e6d1b5118
added "Detection" part in help listing
2010-11-08 10:11:43 +00:00
Miroslav Stampar
0d0e2a2228
minor update
2010-11-08 09:49:57 +00:00
Miroslav Stampar
d551423379
further enum refactoring
2010-11-08 09:44:32 +00:00
Miroslav Stampar
862395ced1
further refactoring (all enumerations are now put into enums.py)
2010-11-08 09:20:02 +00:00
Miroslav Stampar
8e44aa605a
refactoring regarding injection place (more left)
2010-11-08 08:02:36 +00:00
Miroslav Stampar
0482e02c37
minor optimization
2010-11-07 23:37:15 +00:00
Miroslav Stampar
4f346eab33
fix for resume from session
2010-11-07 23:25:53 +00:00
Bernardo Damele
ea1b0d31be
Avoid displaying single retrieved character when --verbose > 2
2010-11-07 22:42:56 +00:00
Bernardo Damele
b6da946883
Added one new verbose level, -v 3 now shows the full injected payload.
...
Fixed also -d verbose output.
2010-11-07 22:34:29 +00:00
Bernardo Damele
a96467b3e2
Refactoring
2010-11-07 21:55:24 +00:00
Miroslav Stampar
7a6c086a27
setting direct query info output to same level as payload info (logger.DEBUG)
2010-11-07 21:42:36 +00:00
Miroslav Stampar
d3e7e89e60
major improvement with display of payloads (all payloads are displayed now) and removal of "pesky" spaces
2010-11-07 21:18:09 +00:00
Miroslav Stampar
620fa1c8fb
trust me, i know what i am doing :)
2010-11-07 20:33:33 +00:00
Bernardo Damele
73e85bfc75
Minor bug fix: the --tamper scripts have to be provided from the highest to the lowest priority, if not, sqlmap will reverse-sort them automatically as per user's choice. Tested, works now
2010-11-07 16:24:44 +00:00
Bernardo Damele
4d81da6bc8
Cosmetics
2010-11-07 16:23:03 +00:00
Bernardo Damele
6716315a76
Minor bug fix to properly set the ratio just before the check for injection, not before the check for dynamicity
2010-11-07 15:45:26 +00:00
Bernardo Damele
9669dbdae1
Minor cosmetics and adjustments
2010-11-07 15:34:52 +00:00
Miroslav Stampar
afba26a53f
tiny winy update
2010-11-07 09:00:45 +00:00
Miroslav Stampar
2b8c942b4a
more update
2010-11-07 08:58:24 +00:00
Miroslav Stampar
00dfd55830
added powerful switch --longest-common for dealing with heavy dynamicity
2010-11-07 08:52:09 +00:00
Miroslav Stampar
16f52ab7ba
cosmetic fix
2010-11-07 08:13:20 +00:00
Miroslav Stampar
8d93bdfa4b
minor update (optimization) regarding -a switch
2010-11-07 08:11:56 +00:00
Miroslav Stampar
508b9cc763
dynamicity engine update
2010-11-07 00:12:00 +00:00
Miroslav Stampar
3619fc5127
minor update
2010-11-06 08:31:11 +00:00
Miroslav Stampar
06760182f1
cosmetics
2010-11-05 16:08:42 +00:00
Miroslav Stampar
9bc9302e58
minor fix
2010-11-05 16:03:12 +00:00
Miroslav Stampar
44435adc4a
added some fancy Ctrl+C when having multiple targets
2010-11-05 15:59:25 +00:00
Miroslav Stampar
0e895fa512
update of dynamicity testing and few misc fixes
2010-11-05 13:14:12 +00:00
Miroslav Stampar
ef1809464d
bug fix for that BadStatusLine ( http://bugs.python.org/issue8450 )
2010-11-05 11:58:20 +00:00
Miroslav Stampar
6295a59a30
minor update/fix
2010-11-05 11:39:35 +00:00
Miroslav Stampar
f3e3420677
fix for a bug reported by Marcos Mateos Garcia (ValueError)
2010-11-05 11:34:09 +00:00
Miroslav Stampar
5f7f4bf15b
minor debug update (probably temporary)
2010-11-05 11:04:00 +00:00
Miroslav Stampar
3f0a443b83
some updates
2010-11-04 23:08:59 +00:00
Miroslav Stampar
29b7c5366c
cosmetics
2010-11-04 17:22:33 +00:00
Miroslav Stampar
ad6b2e9c21
minor fix
2010-11-04 16:47:18 +00:00
Miroslav Stampar
e1cec8c02b
fix for all that stable, dynamic mambo jambo :)
2010-11-04 16:44:34 +00:00
Miroslav Stampar
f1f7e0bfe0
fix for "unknown charset 'en_us'" (reported by ToR)
2010-11-04 13:56:01 +00:00
Miroslav Stampar
3aba0b1bec
minor update
2010-11-04 12:51:04 +00:00
Miroslav Stampar
63af5444fd
fix (NameError: global name 'DBMS' is not defined)
2010-11-04 12:47:34 +00:00
Bernardo Damele
91a3a582e8
Minor bug fix to avoid crash when running sqlmap behind a proxy server
2010-11-04 12:22:04 +00:00
Bernardo Damele
0e9515c540
Cosmetics
2010-11-04 12:21:06 +00:00
Miroslav Stampar
18aea251b3
added concept of tamper script priority
2010-11-04 10:29:40 +00:00
Miroslav Stampar
303359e8b1
refix
2010-11-04 09:34:04 +00:00
Miroslav Stampar
efe75aa8a3
added some debug messages
2010-11-04 09:18:32 +00:00
Bernardo Damele
b152b1a04d
Cosmetics
2010-11-03 22:07:13 +00:00
Miroslav Stampar
71d0b1bcd7
several bug fixes
2010-11-03 21:51:36 +00:00
Miroslav Stampar
44678fa320
fix for a bug reported by ToR (TypeError: unsupported operand type(s) for *: 'float' and 'NoneType')
2010-11-03 12:40:11 +00:00
Miroslav Stampar
6adee3792a
removed all trailing spaces from blank lines
2010-11-03 10:08:27 +00:00
Miroslav Stampar
cd0d4135ac
implemented --banner for MaxDB and some minor fixes
2010-11-02 20:51:55 +00:00
Miroslav Stampar
861706fb31
fix for bug reported by ToR (unknown charset 'utf-8, text/html')
2010-11-02 18:01:10 +00:00
Bernardo Damele
c7c84c3089
Closes #111 (DECLARE/CHAR encode xp_cmdshell parameter in MSSQL).
2010-11-02 15:31:51 +00:00
Miroslav Stampar
70f6eab715
minor update
2010-11-02 12:08:28 +00:00
Miroslav Stampar
685a8e7d2c
refactoring of hard coded dbms names
2010-11-02 11:59:24 +00:00
Miroslav Stampar
5269cb8c08
some code refactoring and beautification
2010-11-02 09:06:38 +00:00
Miroslav Stampar
13e93f564a
one bug fix in dynamic content engine and some code refactoring
2010-11-02 07:32:08 +00:00
Miroslav Stampar
73b33ed765
fix for a bug reported by Ulisses Castro (Too many open files) - also, added an important caching mechanism with thread safe logic
2010-11-01 20:56:13 +00:00
Bernardo Damele
486a113560
Consolidate logger messages for --*-test switches
2010-10-31 16:58:38 +00:00
Bernardo Damele
46be570463
Proper HTTP version display
2010-10-31 15:41:28 +00:00
Bernardo Damele
f3cc41601c
Added check on --first and --last values
2010-10-31 14:42:13 +00:00
Bernardo Damele
0ffffef088
Implemented --tamper for direct connection too (-d)
2010-10-31 14:22:32 +00:00
Bernardo Damele
65a0a8d285
Delegate urlencoding to agent.py only
2010-10-31 13:28:05 +00:00
Bernardo Damele
c7b374534b
Minor cosmetics
2010-10-31 12:29:00 +00:00
Bernardo Damele
617edf7fc2
Minor bug fix
2010-10-31 12:24:19 +00:00
Bernardo Damele
fcada4df0f
Removed debug print
2010-10-31 12:21:22 +00:00
Bernardo Damele
2a2f949275
Minor bug fix
2010-10-31 12:20:38 +00:00
Bernardo Damele
264247d318
revert of a stupid commit
2010-10-31 12:09:55 +00:00
Bernardo Damele
2fb059a644
Bug fix
2010-10-31 12:02:20 +00:00
Bernardo Damele
9d08cb3a6f
Revert r2209 and minor code refactoring
2010-10-31 11:51:45 +00:00
Bernardo Damele
3eda4510e2
Properly encode the cookie
2010-10-31 11:26:33 +00:00
Bernardo Damele
3869ccebe8
Minor code refactoring
2010-10-31 11:17:51 +00:00
Bernardo Damele
6afc9bffaa
Minor bug fix: there will always be only one pair of delimiters as we add it for each place
2010-10-31 11:09:29 +00:00
Bernardo Damele
3a48bee9b0
Minor code refactoring
2010-10-31 11:03:59 +00:00
Bernardo Damele
8cf0ebde1e
Cosmetics
2010-10-29 23:00:48 +00:00
Miroslav Stampar
0125198210
minor fix
2010-10-29 21:19:28 +00:00
Miroslav Stampar
cbf38436f2
minor update
2010-10-29 16:15:23 +00:00
Miroslav Stampar
5a38ac7ea9
important update regarding (Bug #209 ) - probably more will be needed
2010-10-29 16:11:50 +00:00
Bernardo Damele
a0df231aa4
Avoid waiting 30 seconds when cleaning up the dbms and file system from sqlmap data
2010-10-29 13:09:53 +00:00
Miroslav Stampar
f7d42af046
some fixes regarding --check-payload
2010-10-29 11:00:23 +00:00
Bernardo Damele
b3b2c3864a
Minor code refactoring
2010-10-29 10:51:09 +00:00
Miroslav Stampar
d75578c81f
some update regarding common tables
2010-10-29 09:00:51 +00:00
Miroslav Stampar
895efd28a6
one more update regarding Bug #205
2010-10-28 23:22:13 +00:00
Miroslav Stampar
788eb8fb50
update regarding Bug #205
2010-10-28 22:59:51 +00:00
Bernardo Damele
4f8e9da1b6
Minor bug fix to properly delete sqlmap temporary files on the database server file system at shutdown.
...
Minor improvements at ICMPsh tunnel to cleanup properly the dbms at shutdown and avoid checking/writing sys_bineval() UDF as it's a PE and needs to be called by sys_exec() only.
Got rid of useless doubleslash param in delRemoteFile() method.
Major code refactoring to xp_cmdshell.py methods and parent calls.
2010-10-28 00:19:40 +00:00
Bernardo Damele
56c16cb471
Minor bug fixes and enhancements to ICMPsh tunnel
2010-10-27 23:01:17 +00:00
Bernardo Damele
a391be833b
Implemented ICMP tunneling for out-of-band takeover (--os-pwn) as an alternative to TCP tunneling (Metasploit). It relies on icmpsh, the back-end dbms server has to be Windows as the icmpsh slave runs on Windows only for the moment. sqlmap needs to be executed as root to work.
2010-10-27 21:02:22 +00:00
Bernardo Damele
43de8247ac
Code refactoring
2010-10-27 20:39:50 +00:00
Bernardo Damele
d554ffc0ae
yes, I am quite paranoid with cosmetics
2010-10-27 10:37:54 +00:00
Miroslav Stampar
5cc1bd8a12
major fix for heuristic check
2010-10-27 08:27:31 +00:00
Miroslav Stampar
4d70f2c210
reverting back to 100
2010-10-26 15:42:54 +00:00
Miroslav Stampar
8211e6a2bd
possible
2010-10-26 11:29:09 +00:00
Bernardo Damele
9b127e58d2
Adjusted for MySQL weirdness
2010-10-26 09:33:18 +00:00
Miroslav Stampar
8803096343
some update regarding beep()
2010-10-26 08:32:58 +00:00
Miroslav Stampar
b9ff91b6e9
update of beep
2010-10-26 06:30:27 +00:00
Miroslav Stampar
9ec9d223e1
minor
2010-10-26 06:08:40 +00:00
Bernardo Damele
f5904d0bc0
Major bug fix to --union-test
2010-10-25 23:39:55 +00:00
Bernardo Damele
7effd0c301
Cosmetics
2010-10-25 22:54:56 +00:00
Miroslav Stampar
73eea81b3a
minor cosmetics
2010-10-25 19:45:53 +00:00
Miroslav Stampar
d7bf94d4d6
fix for --beep
2010-10-25 19:16:42 +00:00
Miroslav Stampar
228ac0cde5
refactoring regarding --check-payload
2010-10-25 18:38:54 +00:00
Bernardo Damele
7c343c2d67
Forgot
2010-10-25 16:34:43 +00:00
Bernardo Damele
debaf2215f
Consistency between cmdline.py, optiondict.py and sqlmap.conf and got rid of --union-use switch
2010-10-25 15:54:45 +00:00
Miroslav Stampar
378653a1ec
added IDS payload testing
2010-10-25 15:37:43 +00:00
Bernardo Damele
bdb9c37a7e
Cosmetics
2010-10-25 15:17:59 +00:00
Bernardo Damele
215175e3b7
Minor code adjustments
2010-10-25 14:11:47 +00:00
Miroslav Stampar
24c5d7b313
code refactoring
2010-10-25 14:06:56 +00:00
Miroslav Stampar
9c94a233a1
conf.md5hash thrown out
2010-10-25 13:52:21 +00:00
Miroslav Stampar
9a3879feba
keeping things neat and tidy
2010-10-25 12:33:49 +00:00
Miroslav Stampar
32728d14b7
fix for --union-use with --error-test
2010-10-25 12:25:29 +00:00
Miroslav Stampar
71543092b7
update regarding comparison engine
2010-10-25 12:00:59 +00:00
Miroslav Stampar
8df7c88174
implementation of a new dynamic content removal engine
2010-10-25 10:41:37 +00:00
Miroslav Stampar
db260c44d3
minor update
2010-10-24 22:25:05 +00:00
Miroslav Stampar
aa931efd4d
several MySQL fixes/enhancements pointed out by Anton Mogilin
2010-10-24 22:05:14 +00:00
Miroslav Stampar
52f910f752
added --beep (tested on Windows and Linux; for now turned off) switch
2010-10-23 09:38:46 +00:00
Miroslav Stampar
98f5586b87
minor update
2010-10-23 08:05:24 +00:00
Miroslav Stampar
f1e2c1867f
Cosmetics
2010-10-22 21:13:12 +00:00
Miroslav Stampar
2194d47782
setting conf.threads when -o switch is used
2010-10-22 19:10:45 +00:00
Miroslav Stampar
e6e48c5556
fix for Bug #204
2010-10-22 18:23:46 +00:00
Bernardo Damele
1288def3b7
Cosmetics
2010-10-22 14:23:14 +00:00
Miroslav Stampar
dec4d858b3
fix for Bug #207
2010-10-22 14:01:48 +00:00
Miroslav Stampar
1b2ec826bf
misc fixes regarding new query retrieval format
2010-10-21 23:17:06 +00:00
Miroslav Stampar
a9b50a1e82
minor fix
2010-10-21 23:09:57 +00:00
Miroslav Stampar
bc79eec702
removed queriesfile.py, implemented XMLObject approach (still shell.py and udf.py TODO)
2010-10-21 13:13:12 +00:00
Miroslav Stampar
be443c6947
refactoring regarding __START__,...
2010-10-21 09:51:07 +00:00
Miroslav Stampar
2668c95ef4
added default HTTP version used by httplib and urllib2
2010-10-21 09:10:07 +00:00
Bernardo Damele
7f1aa3b94f
Removed unused imports
2010-10-20 22:48:51 +00:00
Bernardo Damele
c60edf7c17
Minor cosmetics
2010-10-20 22:43:02 +00:00
Bernardo Damele
d8bfa76dca
Minor possible bug fix
2010-10-20 22:12:53 +00:00
Bernardo Damele
e73e06069b
Minor code refactoring
2010-10-20 22:09:03 +00:00
Bernardo Damele
862cc9ac53
Minor cosmetic fixes
2010-10-20 21:58:33 +00:00
Bernardo Damele
3b5c5cc457
Minor possible bug fix
2010-10-20 21:49:05 +00:00
Bernardo Damele
f95098693f
Removed unused functions
2010-10-20 21:16:28 +00:00
Bernardo Damele
430bb7478f
Minor bug fix
2010-10-20 21:15:06 +00:00
Miroslav Stampar
34f70657ee
fix for NULL values
2010-10-20 10:29:18 +00:00
Miroslav Stampar
00449f1402
fix/upgrade/chicken soup
2010-10-20 09:54:17 +00:00
Miroslav Stampar
e24bff0497
nice refactoring
2010-10-20 09:46:57 +00:00
Miroslav Stampar
5d3cbec457
no more regex. web server independent.
2010-10-20 09:35:46 +00:00
Miroslav Stampar
934adb5e8d
code refactoring
2010-10-20 09:09:04 +00:00
Miroslav Stampar
b032fdbf74
added randInt to error injection vectors
2010-10-20 08:56:58 +00:00
Miroslav Stampar
dabbcf9e23
fix for that 'Subquery returns more than 1 row'
2010-10-20 08:50:05 +00:00
Miroslav Stampar
82f44989ce
update of error based injection and bug fix for --roles on MSSQL server
2010-10-20 06:40:33 +00:00
Bernardo Damele
0817d1b78d
Cosmetics
2010-10-19 23:09:30 +00:00
Miroslav Stampar
8776db872c
minor refactoring
2010-10-19 23:05:24 +00:00
Miroslav Stampar
1b376c99a6
removed temp dictionary and replaced with kb.misc
2010-10-19 23:00:19 +00:00
Bernardo Damele
813f44da16
Minor bug fix for MSSQL connector --tables option
2010-10-19 22:11:17 +00:00
Miroslav Stampar
7927e97007
update
2010-10-19 18:34:57 +00:00
Miroslav Stampar
415524bd5a
remove --error, now it's only --error-test (it needs to return True to be able to use it)
2010-10-19 18:34:14 +00:00
Miroslav Stampar
8d9201a3dc
minor update
2010-10-19 18:23:21 +00:00
Miroslav Stampar
4009ef385e
more update regarding error based injection support
2010-10-19 18:17:34 +00:00
Miroslav Stampar
b2e0b615f8
fix for that MySQL checking
2010-10-19 17:38:39 +00:00
Miroslav Stampar
34d7de1d46
cosmetics
2010-10-19 15:28:54 +00:00
Miroslav Stampar
d7622bb9cf
major fix for MySQL error based injections
2010-10-19 15:17:16 +00:00
Miroslav Stampar
80505de15b
now --users work on Oracle and Postgre (tested)
2010-10-19 14:56:57 +00:00
Miroslav Stampar
4bc541ec3c
error based update
2010-10-19 14:47:13 +00:00
Miroslav Stampar
d0ebe428da
i've left error flag
2010-10-19 14:12:34 +00:00
Miroslav Stampar
bf850af2d8
fix for Oracle error based query "space" problem
2010-10-19 14:10:09 +00:00
Miroslav Stampar
6a8b1046d4
first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py)
2010-10-19 12:02:04 +00:00
Miroslav Stampar
ccda92536f
added header
2010-10-19 09:13:30 +00:00
Miroslav Stampar
264e0a6fda
added support for displaying revision number at unhandled exception message
2010-10-19 08:55:14 +00:00
Miroslav Stampar
9a7fd29d4f
using pushValue and popValue
2010-10-18 22:22:41 +00:00
Miroslav Stampar
a97319656c
optimization - now if DBMS was detected by error based HTML parser, then it's moved at the first place for testing
2010-10-18 21:47:11 +00:00
Miroslav Stampar
729156e91c
proper fix
2010-10-18 21:39:46 +00:00
Miroslav Stampar
3d5494845c
minor bug fix
2010-10-18 21:32:50 +00:00
Miroslav Stampar
8b8fff41fe
cosmetics (adding html parsed DBMS) regarding heuristic check
2010-10-18 12:11:16 +00:00
Bernardo Damele
1d74036ee3
Minor cosmetic fixes
2010-10-18 11:34:53 +00:00
Bernardo Damele
36bc410333
Minor bug fix
2010-10-18 09:50:23 +00:00
Miroslav Stampar
6b70dadfb2
minor cosmetics
2010-10-18 09:09:22 +00:00
Miroslav Stampar
149837ebf5
added the same for proxy authorization header
2010-10-18 09:02:56 +00:00
Miroslav Stampar
aaebb4336e
fix for Bug #202
2010-10-18 08:54:08 +00:00
Bernardo Damele
683184cc8f
Minor refactoring
2010-10-17 21:06:52 +00:00
Bernardo Damele
cd0fe8dde0
Updated sample configuration file and cmdline help
2010-10-17 00:07:53 +00:00
Bernardo Damele
64b9f94fcf
Renamed --common-prediction switch to --predict-output
2010-10-16 23:50:13 +00:00
Bernardo Damele
f54c134d22
Minor adjustment
2010-10-16 22:43:05 +00:00
Bernardo Damele
6211915da5
Cosmetic fix
2010-10-16 22:31:16 +00:00
Bernardo Damele
7b71262de6
Cosmetic fix
2010-10-16 22:07:29 +00:00
Bernardo Damele
a2997a6dce
Minor bug fix to --tamper
2010-10-16 21:55:34 +00:00
Bernardo Damele
2129935e06
Split character for tamper scripts (--tamper option) is now comma, not semi-colon.
...
Minor enhancement
2010-10-16 21:52:16 +00:00
Bernardo Damele
2dae934a2b
Minor bug fixes, code refactoring and enhanced --tamper functionality
2010-10-16 21:33:15 +00:00
Bernardo Damele
84ed7f192a
Cosmetic fixes
2010-10-16 15:10:48 +00:00
Miroslav Stampar
1336b97c2c
removed --useBetween switch and added new tampering module ./tamper/between.py
2010-10-15 23:48:07 +00:00
Miroslav Stampar
1ae4d0fc2a
added optimization group
2010-10-15 23:26:48 +00:00
Bernardo Damele
e7c8be1d45
Minor layout adjustments
2010-10-15 15:37:15 +00:00
Miroslav Stampar
c9f0c75030
removed --space (usage of tampering modules is now a prefered way to do it)
2010-10-15 12:52:33 +00:00
Miroslav Stampar
d0514d18ec
removed that spaces from URI payloads
2010-10-15 12:49:03 +00:00
Bernardo Damele
bf56f8c63c
Cosmetic fix
2010-10-15 12:46:41 +00:00
Miroslav Stampar
dcb9c2103a
just in case update
2010-10-15 11:20:19 +00:00
Bernardo Damele
5f6d88a418
Minor comment
2010-10-15 11:17:17 +00:00
Miroslav Stampar
2fa8836c01
bug fix
2010-10-15 11:14:59 +00:00
Miroslav Stampar
d50684a057
added one more check
2010-10-15 11:05:50 +00:00
Miroslav Stampar
2b476e078c
minor cosmetics
2010-10-15 10:36:29 +00:00
Bernardo Damele
a80f6110cd
don't call variables 'file', it's a reserved word :)
2010-10-15 10:29:24 +00:00
Bernardo Damele
c5e385f77a
More layout adjustments
2010-10-15 10:28:34 +00:00
Bernardo Damele
9fcab68700
Minor adjustments
2010-10-15 10:28:06 +00:00
Bernardo Damele
48cc8a308d
More verbose messages on successful --null-connection
2010-10-15 10:24:54 +00:00
Miroslav Stampar
0f48dd6f73
fix for skipping non-GET urls
2010-10-15 09:54:29 +00:00
Miroslav Stampar
207bef7f19
fix for that SQLite3 vs SQLite2 issue
2010-10-15 09:39:41 +00:00
Miroslav Stampar
d0df8cdac9
fix for that duplicates
2010-10-15 00:34:16 +00:00
Miroslav Stampar
4f7f20b94f
sorry, cosmetics
2010-10-14 23:18:29 +00:00
Bernardo Damele
1674142d82
Minor cosmetic fixes
2010-10-14 15:28:54 +00:00
Miroslav Stampar
2bbe0c9ba6
bug fix for Ctrl+C
2010-10-14 15:23:42 +00:00
Miroslav Stampar
8b48833136
large commit with copyright header modifications
2010-10-14 14:41:14 +00:00
Miroslav Stampar
f07608ef4d
show static words in a sorted manner
2010-10-14 12:38:06 +00:00
Miroslav Stampar
162d01abed
commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...)
2010-10-14 11:06:28 +00:00
Miroslav Stampar
7e1f784eaa
cosmetic update
2010-10-14 06:00:10 +00:00
Miroslav Stampar
dc50543ea4
major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects)
2010-10-13 23:01:23 +00:00
Miroslav Stampar
36ef8ca575
bug fix
2010-10-13 22:42:48 +00:00
Miroslav Stampar
02a14d4c45
added Referer (part of Feature #37 )
2010-10-13 22:08:09 +00:00
Miroslav Stampar
43a3ac2c3a
some bug fixes
2010-10-13 20:54:18 +00:00
Miroslav Stampar
f700692c74
added missing files for Sybase
2010-10-13 18:55:17 +00:00
Miroslav Stampar
562df9c107
temporary fix (files left at home)
2010-10-13 07:39:48 +00:00
Miroslav Stampar
34580f56fc
added --tamper option
2010-10-12 22:45:25 +00:00
Miroslav Stampar
9a08f7feb8
minor update
2010-10-12 20:01:59 +00:00
Miroslav Stampar
d2ec132469
added --text-only switch
2010-10-12 19:41:29 +00:00
Miroslav Stampar
f9f79ffbaf
basic stuff for sybase
2010-10-12 19:05:12 +00:00
Miroslav Stampar
9ffa928783
added some user interaction when page is dynamic
2010-10-12 15:49:04 +00:00
Miroslav Stampar
b748e6ea44
minor update
2010-10-12 12:52:06 +00:00
Miroslav Stampar
73b77255e3
minor cosmetic update
2010-10-12 12:32:02 +00:00
Miroslav Stampar
6dcd05c39c
minor update
2010-10-11 14:38:04 +00:00
Miroslav Stampar
e2bbfbe650
bug fix
2010-10-11 14:32:02 +00:00
Miroslav Stampar
1369529103
minor cosmetic update
2010-10-11 13:52:32 +00:00
Miroslav Stampar
43892cddbb
some updates
2010-10-11 12:26:35 +00:00
Miroslav Stampar
8b0a132fa9
minor update
2010-10-11 11:47:07 +00:00
Miroslav Stampar
2198a60684
bug fix (reported by james@ev6.net)
2010-10-10 20:51:11 +00:00
Miroslav Stampar
7a5bb2b0d6
update
2010-10-10 19:50:10 +00:00
Miroslav Stampar
8fcad29bbf
new feature --forms (still unfinished)
2010-10-10 18:56:43 +00:00
Miroslav Stampar
18d27cabc5
more changes
2010-10-07 15:34:17 +00:00
Miroslav Stampar
440ff639bb
more refactoring
2010-10-07 14:05:34 +00:00
Miroslav Stampar
e80a66acc5
minor update
2010-10-07 12:21:59 +00:00
Miroslav Stampar
1e9ae40397
major refactoring
2010-10-07 12:12:26 +00:00
Miroslav Stampar
1bf8939e2f
further updates
2010-10-06 22:43:04 +00:00
Miroslav Stampar
de6fa1247b
moved injections to xml format
2010-10-06 22:29:52 +00:00
Miroslav Stampar
adf2231edb
minor update
2010-10-06 13:38:03 +00:00
Miroslav Stampar
56dbf0038f
minor update (for future implementation of more advanced error page logic)
2010-10-06 12:10:00 +00:00
Miroslav Stampar
cbe7c902c1
just a development start of an error based injection support
2010-10-04 13:05:51 +00:00
Miroslav Stampar
0ad8090ad8
fix for a google bug reported by Brandon E.
2010-10-01 08:03:39 +00:00
Miroslav Stampar
49915f3c33
minor update
2010-09-30 19:49:14 +00:00
Miroslav Stampar
8abcdae1b5
some update
2010-09-30 19:45:23 +00:00
Miroslav Stampar
87abec16bd
probable fix for a bug reported by Prashant Jadhav
2010-09-30 18:52:33 +00:00
Miroslav Stampar
cf8e92699c
changes regarding EXISTS feature
2010-09-30 12:35:45 +00:00
Miroslav Stampar
c6bf0e43af
minor update
2010-09-27 13:41:18 +00:00
Miroslav Stampar
cf17debf79
changed connection message priority to critical (when verbose=0 it's displayed too)
2010-09-27 13:34:52 +00:00
Miroslav Stampar
3cd15960a0
more updates
2010-09-27 13:26:46 +00:00
Miroslav Stampar
1da672e3c5
added default="False" to "store_true" parameters as it's a prefered way by http://docs.python.org/library/optparse.html
2010-09-27 13:23:29 +00:00
Miroslav Stampar
3b9fe3e1c8
everything is ready for testing (smoke and live)
2010-09-27 11:20:48 +00:00
Miroslav Stampar
dc11ae0d65
update
2010-09-26 14:56:55 +00:00
Miroslav Stampar
35f35605df
changes regarding Feature #160
2010-09-26 14:02:13 +00:00
Miroslav Stampar
99d9f9e624
update for smoke testing
2010-09-26 10:47:04 +00:00
Miroslav Stampar
2e5f269650
update regarding --space option
2010-09-24 22:35:32 +00:00
Miroslav Stampar
9cd5d3bde7
added new option --space
2010-09-24 21:59:03 +00:00
Miroslav Stampar
327bfcbe97
update regarding Feature #61
2010-09-24 14:34:05 +00:00
Miroslav Stampar
b6ff03690f
update regarding Feature #61
2010-09-24 13:34:46 +00:00
Miroslav Stampar
abe1289016
minor update
2010-09-24 13:20:51 +00:00
Miroslav Stampar
48e0261e68
update for Feature #61
2010-09-24 13:19:35 +00:00
Miroslav Stampar
ff419f7384
more changes regarding path (URI) injection
2010-09-24 09:19:14 +00:00
Miroslav Stampar
e4925eb3dd
update
2010-09-23 21:57:11 +00:00
Miroslav Stampar
13bb3a6212
minor update
2010-09-23 14:07:23 +00:00
Miroslav Stampar
927ad7bf13
update
2010-09-22 12:21:21 +00:00
Miroslav Stampar
da8ae5578b
first commit regarding Feature #144
2010-09-22 11:56:35 +00:00
Miroslav Stampar
540a9b391f
stripped some trailing spaces
2010-09-16 13:19:13 +00:00
Miroslav Stampar
8cf1aa6abe
added keepAlive under -o switch too
2010-09-16 10:41:52 +00:00
Miroslav Stampar
4fd7db52dd
minor update
2010-09-16 10:23:51 +00:00
Miroslav Stampar
6259114c02
added optimization switch (-o)
2010-09-16 10:12:53 +00:00
Miroslav Stampar
bfffd5e333
added --null-connection as an experimental option
2010-09-16 10:01:33 +00:00
Miroslav Stampar
975b96ae28
minor refactoring
2010-09-16 09:47:33 +00:00
Miroslav Stampar
1741801ade
implementation of HEAD/Range methods
2010-09-16 09:32:09 +00:00
Miroslav Stampar
b745331974
added null connection check
2010-09-16 08:43:10 +00:00
Miroslav Stampar
ecd6b573f7
added method parameter to the queryPage function
2010-09-15 14:17:17 +00:00
Miroslav Stampar
9a72a25704
again minor update
2010-09-15 13:59:55 +00:00
Miroslav Stampar
76233ff5a3
added skeleton for live testing
2010-09-15 13:55:28 +00:00
Miroslav Stampar
53800ef65f
more refactoring
2010-09-15 13:32:42 +00:00
Miroslav Stampar
abc12bc361
more refactoring
2010-09-15 13:28:56 +00:00
Miroslav Stampar
682872689a
some more refactoring
2010-09-15 12:59:51 +00:00
Miroslav Stampar
91a0b5df3c
minor update
2010-09-15 12:52:28 +00:00
Miroslav Stampar
b699f98cbb
minor refactoring
2010-09-15 12:51:02 +00:00
Miroslav Stampar
34a8cd75e3
added support for setting HTTP method manualy
2010-09-15 12:45:41 +00:00
Miroslav Stampar
798ab4989b
fix for a Bug #200
2010-09-14 10:35:01 +00:00
Miroslav Stampar
77a53228c5
changes regarding dynamic content recognition
2010-09-13 21:01:46 +00:00
Miroslav Stampar
c886659f82
fix
2010-09-13 15:24:56 +00:00
Miroslav Stampar
827cd1d56b
minor fix
2010-09-13 15:22:29 +00:00
Miroslav Stampar
2350a3c74d
minor change
2010-09-13 15:20:13 +00:00
Miroslav Stampar
cdc6bdcbe8
changes
2010-09-13 15:19:47 +00:00
Miroslav Stampar
19fb2e3dcf
fix for Bug #165
2010-09-13 13:31:01 +00:00
Miroslav Stampar
61120b0bac
minor comment added
2010-09-09 14:08:53 +00:00
Miroslav Stampar
53289c6a42
fix for bug reported by Marek Sarvas (unicode)
2010-09-09 14:03:45 +00:00
Miroslav Stampar
1b3d287a09
fix for a bug reported by shaohua pan (and one other bug)
2010-09-07 10:21:42 +00:00
Miroslav Stampar
27d76847fe
fix for bug reported by Truong Duc Luong
2010-09-01 08:46:21 +00:00
Miroslav Stampar
e810fe7b0b
no need for obsolete (and hard to find) sqlite module when sqlite3 handles both database versions
2010-08-31 13:37:53 +00:00
Miroslav Stampar
f5953bacc0
fix for direct connection parsing (now on windows machines python sqlmap.py -d access://C:\testdb.mdb is valid, while before it wasn't)
2010-08-30 16:35:28 +00:00
Miroslav Stampar
48cc87f6a9
added support for fingerprinting SAP MaxDB (Issue 143)
2010-08-30 13:29:19 +00:00
Miroslav Stampar
436b7d82fb
fixed a bug reported by Marek Sarvas
2010-08-22 08:52:15 +00:00
Miroslav Stampar
2cd8f31003
some doc test samples included
2010-08-20 21:27:47 +00:00
Miroslav Stampar
4edf6ebe00
update for smoke tests
2010-08-20 21:01:51 +00:00
Miroslav Stampar
8aa12db425
added option --proxy-cred for setting proxy credentials (Feature #195 )
2010-08-18 22:45:00 +00:00
Miroslav Stampar
70197affa0
little update (--ratio has a bigger priority then resumed value)
2010-08-10 19:57:59 +00:00
Miroslav Stampar
057ec8a6b2
added --ratio option for direct manipulation of conf.matchRatio parameter
2010-08-10 19:53:29 +00:00
Miroslav Stampar
02523dbfb5
fix of fix
2010-08-09 22:13:56 +00:00
Miroslav Stampar
6eab7997d1
fix for bug reported by dragoun dash (TypeError: sequence item 0: expected string, NoneType found)
2010-08-08 22:25:33 +00:00
Miroslav Stampar
e0fe5d1504
bug fix for error reported by Marek Sarvas (error data)
2010-08-08 21:48:22 +00:00
Miroslav Stampar
0cab4a5355
fix for bug reported by m4l1c3 (UnicodeEncodeError)
2010-08-08 21:22:37 +00:00
Miroslav Stampar
8cb95583e3
some more adjustments
2010-07-30 12:59:44 +00:00
Miroslav Stampar
7dcc2031ac
smoke test adjustments
2010-07-30 12:57:58 +00:00
Miroslav Stampar
092829c189
implemented basic smoke testing mechanism
2010-07-30 12:49:25 +00:00
Miroslav Stampar
28d9115373
fix for Feature #187 (Skip duplicates parameters in -g)
2010-07-29 20:01:04 +00:00
Miroslav Stampar
6a6ff09c9a
fix for a bug reported by Marek Sarvas
2010-07-26 08:11:28 +00:00
Miroslav Stampar
c39d819dd2
fix for a resume bug reported by Augusto Urbieta
2010-07-20 08:13:02 +00:00
Miroslav Stampar
d2f88b6ebe
detecting infinite redirect loops (Feature #192 )
2010-07-19 12:38:30 +00:00
Miroslav Stampar
b37dca1c2c
minor adjustment
2010-07-19 09:06:19 +00:00
Miroslav Stampar
9edd468caf
multithreading save to session on abort
2010-07-19 08:37:45 +00:00
Miroslav Stampar
48a67d6d51
fix for "unknown charset 'windows-874'" reported by Phat R.
2010-07-15 08:44:42 +00:00
Bernardo Damele
49af0c43a5
Forgot
2010-07-01 15:26:18 +00:00
Bernardo Damele
7349f3a70f
Closes #197
2010-07-01 15:25:57 +00:00
Miroslav Stampar
bb9401ba52
minor minor fixup
2010-07-01 14:14:43 +00:00
Miroslav Stampar
9d28ae23ca
fixup for situations with unexpected LENGTHs in multithreaded mode (e.g. UTF8 data retrieval)
2010-07-01 14:11:45 +00:00
Bernardo Damele
8dfe08a353
Minor bug fix to -d
2010-07-01 10:44:31 +00:00
Miroslav Stampar
0d08903bc3
some charset fix up
2010-06-30 12:09:33 +00:00
Bernardo Damele
24428c1a1b
Added warning message if both --proxy and --keep-alive are provided
2010-06-30 11:41:42 +00:00
Bernardo Damele
d40a238335
Make --keep-alive public
2010-06-30 11:29:35 +00:00
Bernardo Damele
8625763c07
Minor code refactoring
2010-06-30 11:22:25 +00:00
Bernardo Damele
c33f3ef844
Minor adjustment to HTTP headers handling
2010-06-29 23:51:44 +00:00
Bernardo Damele
fb9f669544
More verbose comments
2010-06-29 21:10:33 +00:00
Bernardo Damele
8576817a2b
Added support for SOAP requests: fixed, extended and tested a user's patch - closes #196 .
2010-06-29 21:07:23 +00:00
Bernardo Damele
ea45d75f2d
Major bug fix to parse and store all HTTP headers from the request file (-r)
2010-06-29 21:06:03 +00:00
Bernardo Damele
7cad3cbda6
Minor code refactoring
2010-06-28 13:47:20 +00:00
Bernardo Damele
9ea72f9640
Minor bug fixes to -d
2010-06-25 13:24:43 +00:00