sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 954417072b Updated Microsoft SQL Server XML versions file Bernardo Damele 2009-02-10 23:00:53 +0000
  • ba00a17205 Minor layout adjustment Bernardo Damele 2009-02-09 10:58:44 +0000
  • 2355885712 Minor adjustment Bernardo Damele 2009-02-09 10:29:07 +0000
  • 207e96e2b2 Major bug fix in the comparison algorithm to correctly handle also the case that the url is stable and the False response changes the page content very little. Bernardo Damele 2009-02-09 10:28:03 +0000
  • c405fb51ab PDF regenerated Bernardo Damele 2009-02-04 16:32:06 +0000
  • b12d955274 Updated packaging scripts, site and finalized the documentation to release version 0.6.4 0.6.4 Bernardo Damele 2009-02-03 15:38:40 +0000
  • 770e000cb4 Fixed another bug on Microsoft SQL Server custom "limited" query reported by Konrads Smelkovs Bernardo Damele 2009-02-02 23:44:19 +0000
  • 9ab174a444 Almost ready with the user's manual for 0.6.4 release Bernardo Damele 2009-02-01 13:44:44 +0000
  • 77d9d22ceb Minor update to the user's manual Bernardo Damele 2009-02-01 00:20:08 +0000
  • dded57f1cd Minor bug fix to correctly unpack user's custom queries on Microsoft SQL Server Bernardo Damele 2009-01-30 23:58:48 +0000
  • ad03684788 Added another PostgreSQL banner signature for Windows (it's specific for PostgreSQL compiled by hand with MinGW/GCC or using the binary MSI file of PostgreSQL version 8.2.x. PostgreSQL 8.3.x is compiled by default using Visual C++) Bernardo Damele 2009-01-30 00:35:05 +0000
  • 6054090191 sqlmap 0.6-rc5: major bug fix to make --sql-shell and --sql-query work properly also with mixed case statements (i.e oRDeR bY). Thanks Konrads Smelkovs to notifying. Bernardo Damele 2009-01-28 14:53:11 +0000
  • a8d57bb031 Avoid DeprecationWarning with Python 2.6+ Bernardo Damele 2009-01-22 23:53:01 +0000
  • 193482a62b Updated user's manual Bernardo Damele 2009-01-22 23:44:44 +0000
  • 981c7a4428 Updated Microsoft SQL Server XML signature db Bernardo Damele 2009-01-22 22:30:45 +0000
  • 793c323b2a Major bug fixes Bernardo Damele 2009-01-22 22:28:27 +0000
  • d54a51a328 Updated the HTML manual for the MySQL UDF and consequently other files. Thanks Roland! Bernardo Damele 2009-01-22 21:28:56 +0000
  • 69204afe1f Updated copyright Bernardo Damele 2009-01-22 00:41:57 +0000
  • 9631dc115e Added PostgreSQL UDF to execute commands on the underlying system: Bernardo Damele 2009-01-22 00:35:17 +0000
  • ae0f1985f3 Updated also the patch file Bernardo Damele 2009-01-21 20:54:14 +0000
  • deeccf9b5e Updated tar.gz package Bernardo Damele 2009-01-21 00:53:10 +0000
  • 1c5925ea2b Minor adjustments Bernardo Damele 2009-01-21 00:52:23 +0000
  • 7adbf5892d Updated user's manual Bernardo Damele 2009-01-19 23:45:54 +0000
  • c25b49e80e Major bugfix to avoid "IFNULL and CAST" on CASE Bernardo Damele 2009-01-19 21:27:51 +0000
  • 96db179ffe Minor adjustment Bernardo Damele 2009-01-19 21:26:02 +0000
  • f91843540f Major bug fix when the CU alias (current user) is given (with -U option) together with --privileges or --password to work properly also on MySQL >= 5.0. Bernardo Damele 2009-01-19 21:25:37 +0000
  • 8f973ce574 Minor layout adjustments Bernardo Damele 2009-01-18 22:36:48 +0000
  • 161590e121 Added MySQL UDF to execute commands on the underlying system: Bernardo Damele 2009-01-17 00:13:16 +0000
  • 6690b4c00a Added svn executable property Bernardo Damele 2009-01-17 00:05:47 +0000
  • bc3b4c6936 Minor layout adjustments in the user's manual Bernardo Damele 2009-01-13 23:16:34 +0000
  • fd7cb9101c Major bug fix to forge SQL injection payload on Oracle Bernardo Damele 2009-01-13 23:15:57 +0000
  • bc448211c5 Minor layout adjustment Bernardo Damele 2009-01-13 23:15:23 +0000
  • 73e713c5ba Minor adjustments Bernardo Damele 2009-01-12 23:59:07 +0000
  • 26cb082fc3 Added a README for dbgtool Bernardo Damele 2009-01-12 23:17:15 +0000
  • de393628d0 Added dbgtool to extras, a port in python of toolcrypt.org dbgtool. Inspired by sqlninja perl script makescr.pl. Bernardo Damele 2009-01-12 23:02:02 +0000
  • 5560f0b68a Updated the copyright Bernardo Damele 2009-01-12 21:35:38 +0000
  • 92645dd264 Minor adjustment Bernardo Damele 2009-01-10 14:51:12 +0000
  • 9b0f11f879 Added an ASP uploader Bernardo Damele 2009-01-10 14:40:04 +0000
  • e10ab5aa0e Major bug fixes Bernardo Damele 2009-01-10 14:39:27 +0000
  • 9c125a2b57 Minor improvement to use Python ConfigParser library when --save if specified. Minor update to the user's manual Bernardo Damele 2009-01-03 22:59:22 +0000
  • 6ff8feb5cf Updated documentation Bernardo Damele 2009-01-03 01:25:43 +0000
  • d0604ef513 Major bug fix to correctly handle custom SQL "limited" queries on Oracle Bernardo Damele 2009-01-03 01:19:04 +0000
  • 2d87a3349f Fixed custom MSSQL "limited" query support also for Partial UNION query technique Bernardo Damele 2009-01-03 00:27:04 +0000
  • 9c42a883be Major bug fix to make it work properly with MSSQL custom limited (SELECT TOP ...) queries with both inferential blind and Full UNION query injection Bernardo Damele 2009-01-02 23:26:45 +0000
  • 2cc3bb2f6a Minor improvement to PostgreSQL signatures file to identify Windows. Minor improvement to Microsoft SQL Server "limit" queries. Bernardo Damele 2009-01-02 23:23:55 +0000
  • 9e0d890171 Fixed MySQL 5.1 extensive fingerprint Bernardo Damele 2009-01-02 23:21:31 +0000
  • c1010c20d8 Minor adjustments Bernardo Damele 2008-12-30 21:24:01 +0000
  • a4d62af2ea Minor layout adjustments to --union-tech Bernardo Damele 2008-12-29 18:48:23 +0000
  • 9340bf59fb Updated Microsoft SQL Server signature XML file. Minor layout adjustments to --update output messages/diff Bernardo Damele 2008-12-29 18:46:43 +0000
  • 0e9873fd4f Preparing documentation for 0.6.4 Bernardo Damele 2008-12-29 18:44:20 +0000
  • c83593c044 Limited custom query now works also on Oracle in inferential blind SQL injection technique Bernardo Damele 2008-12-23 23:34:50 +0000
  • 24ddbdc89d Minor layout adjustment Bernardo Damele 2008-12-22 23:34:22 +0000
  • b0ad102efb Better fingerprint technique for Microsoft SQL Server Bernardo Damele 2008-12-22 23:32:43 +0000
  • 79c8d63b88 Major speed increase in DBMS basic fingerprint Bernardo Damele 2008-12-22 23:26:44 +0000
  • 64bb57d786 Minor bug fix to make the Partial UNION query SQL injection technique work properly also on Oracle and Microsoft SQL Server. Bernardo Damele 2008-12-22 22:48:44 +0000
  • 1f7810e46a Major bug fix to make partial UNION query sql injection work properly also on Microsoft SQL Server Bernardo Damele 2008-12-22 19:36:01 +0000
  • 064029cb2d Addd one more MS Access signature Bernardo Damele 2008-12-22 19:35:13 +0000
  • 04c187c66a Working on a bug (fix for Partial UNION query SQL injection technique both Oracle and Microsoft SQL Server). Bernardo Damele 2008-12-22 00:51:09 +0000
  • 2f406b3e56 Minor adjustments Bernardo Damele 2008-12-22 00:04:28 +0000
  • c05f600e90 Minor fix Bernardo Damele 2008-12-21 21:40:09 +0000
  • 4ae464c80d Minor enhancement to support an option (--union-tech) to specify the technique to use to detect the number of columns used in the web application SELECT statement: NULL bruteforcing (default) or ORDER BY clause. Bernardo Damele 2008-12-21 21:39:53 +0000
  • f92b76a8b0 Minor bug fix Bernardo Damele 2008-12-21 16:39:40 +0000
  • 374b9ba878 Updated documentation based upon recent developments Bernardo Damele 2008-12-21 16:35:45 +0000
  • 35708a0b97 Minor adjustment to UNION query SQL injection detection function. Updated command line help message based upon recent developments. Updated copyright note of lib/contrib/multipartpost.py. Bernardo Damele 2008-12-21 16:35:03 +0000
  • 996a872e51 We are already on sqlmap 0.6.4 release candidate 1.. Bernardo Damele 2008-12-20 13:23:26 +0000
  • c18efe5084 Minor adjustments Bernardo Damele 2008-12-20 13:21:47 +0000
  • 8d06975142 Major enhancement to make the comparison algorithm work properly also on url not stables automatically by using the difflib SequenceMatcher object: this changed a lot into the structure of the code, has to be extensively beta-tested! Please, do report bugs on sqlmap-users mailing list if you scout them. Cheers, Bernardo Bernardo Damele 2008-12-20 01:54:08 +0000
  • 7e8ac16245 Added preventive check for stacked queries support when executing DDL, DML & co. statements in SQL query and SQL shell. Minor improvements on this new feature. Increased default connection timeout to 30 seconds (needed for vmware machine not correctly synched). Bernardo Damele 2008-12-19 20:48:33 +0000
  • ad228e6947 Ahead with the improvements to the comparison algorithm. Added support internally to forge CASE statements, used only by --is-dba query at the moment. Allow DDL, DML (INSERT, UPDATE, etc.) from user in SQL query and SQL shell. Minor code adjustments. Bernardo Damele 2008-12-19 20:09:46 +0000
  • 68354be45a Ahead with enhancements on comparison algorithm: implemented content-length technique 0.6.3 Bernardo Damele 2008-12-18 22:49:35 +0000
  • afbd66f6d9 Added some comments Bernardo Damele 2008-12-18 21:58:05 +0000
  • d0d6632c22 Initial support to automatically work around the dynamic page at each refresh (Major refactor to the comparison algorithm (True/False response)) Bernardo Damele 2008-12-18 20:48:23 +0000
  • 3fe493b63d Minor enhancement to support an option (--is-dba) to show if the current user is a database management system administrator. Bernardo Damele 2008-12-18 20:41:11 +0000
  • c32ef9d751 Major bug fix to avoid tracebacks when multiple targets are specified and one of them is not reachable. Minor bug fix to make the --postfix work even if --prefix is not provided. Bernardo Damele 2008-12-18 20:38:57 +0000
  • 2efb3ae2ba Documentation updated, now ready for 0.6.3 release Bernardo Damele 2008-12-17 23:26:14 +0000
  • 6dec56d616 Major bug fix Bernardo Damele 2008-12-17 21:35:04 +0000
  • bb9079aa9d Minor documentation adjustments Bernardo Damele 2008-12-17 20:58:19 +0000
  • 94c79e3209 Updated documentation Bernardo Damele 2008-12-17 20:17:34 +0000
  • dda62ba463 Minor adjustments and bug fixes Bernardo Damele 2008-12-17 20:11:18 +0000
  • 7b55840b35 cleanup configuration INI file Bernardo Damele 2008-12-17 00:22:27 +0000
  • ec11f502df Site and documentation updated, ready to release 0.6.3 in two days Bernardo Damele 2008-12-17 00:19:01 +0000
  • 36d9ede001 Updated documentation, ready for sqlmap 0.6.3 release Bernardo Damele 2008-12-16 23:52:16 +0000
  • b7f2602b50 A bit more entropy in the sql injection detection Bernardo Damele 2008-12-16 23:51:56 +0000
  • 2b0ec1868d Updated documentation Bernardo Damele 2008-12-16 21:31:15 +0000
  • 4156181367 Minor fix Bernardo Damele 2008-12-16 21:31:01 +0000
  • 05a8c8d3bf Added support to test for stacked queries support and improved check for time based blind sql injection. Minor bug fix in --save option Bernardo Damele 2008-12-16 21:30:24 +0000
  • bf2a857b9a Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3. Bernardo Damele 2008-12-12 19:06:31 +0000
  • 072eb7154c Major enhancement to support Partial UNION query SQL injection technique too. Minor code cleanup. Bernardo Damele 2008-12-10 17:23:07 +0000
  • 9dbad512f1 sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation. Bernardo Damele 2008-12-08 21:24:24 +0000
  • 15542d2772 Minor layout adjustment Bernardo Damele 2008-12-05 16:00:18 +0000
  • 38c9627700 Minor enhancemet to support also --regexp, --excl-str and --excl-reg options rather than only --string when comparing HTTP responses page content Bernardo Damele 2008-12-05 15:34:13 +0000
  • 78e8a83c11 Minor improvement to be able to provide CU as user value (-U) when enumerating users privileges or users passwords. Bernardo Damele 2008-12-05 15:32:59 +0000
  • 7f055924a7 sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation. Bernardo Damele 2008-12-04 17:40:03 +0000
  • 0f07e33e1a Removed REVISION, makes no sense. Import and use python psyco library to speed up if it's installed: it's optional. Bernardo Damele 2008-12-03 17:32:16 +0000
  • e3ddbe751f Minor code refactoring Bernardo Damele 2008-12-02 23:49:38 +0000
  • 4cb161ce4f Minor signatures adjustments Bernardo Damele 2008-12-02 23:48:07 +0000
  • b700485a1b Minor adjustment, still to work on the cookie urlencoding/decoding Bernardo Damele 2008-12-02 21:57:12 +0000
  • 578bcb9140 Initial support for partial UNION query sql injection Bernardo Damele 2008-12-02 21:56:23 +0000
  • f97585c593 Show also SVN revision in error message when a traceback raises. Fix typo. Bernardo Damele 2008-12-01 23:49:14 +0000
  • e75487a26c Reverted last commit, cleaner this way Bernardo Damele 2008-12-01 23:33:15 +0000