sqlmap

sqlmapproject/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-26 07:59:52 +03:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

6e7be5edb0 another fix Miroslav Stampar 2010-04-06 15:51:36 +0000
3fe9f9cac9 another fix Miroslav Stampar 2010-04-06 15:28:34 +0000
a6a2e993cc minor update Miroslav Stampar 2010-04-06 15:24:56 +0000
c303feab17 fix Miroslav Stampar 2010-04-06 15:14:32 +0000
e2810003ae more update Miroslav Stampar 2010-04-06 15:12:52 +0000
c24f1cc07c some update Miroslav Stampar 2010-04-06 14:59:31 +0000
60f04f0a41 new module for interruptable threads Miroslav Stampar 2010-04-06 14:33:57 +0000
bd669dd6fa Updated Bernardo Damele 2010-04-06 10:32:56 +0000
2d55ec19a3 Minor code restyling Bernardo Damele 2010-04-06 10:15:19 +0000
e29e8f82f9 fix for "Problem with --dbms set" reported by David Guimaraes Miroslav Stampar 2010-04-05 23:09:35 +0000
0a363d3f2b fix for not properly clearing cookies when in multiple targets scanning mode spotted by Kasper Fons Miroslav Stampar 2010-04-04 14:38:48 +0000
4129cb22a7 update regarding bug reported by Ole Rasmussen Miroslav Stampar 2010-04-03 19:41:47 +0000
cad8f61d55 Force pymssql to version >= 1.0.2 Bernardo Damele 2010-03-31 15:31:11 +0000
b19de015c5 Minor bugs fixes Bernardo Damele 2010-03-31 13:52:51 +0000
5fdebb5d5b Added support to directly connect also to Microsoft SQL Server database. Fixed direct connection to always use the same query as of UNION query SQL injection (= one query with multiple columns/entries output). Minor fixes to Firebird/Access/SQLite connectors to use connector's execute()/fetchall() as wrapper for third-party libraries' methods. Forced conf.timeout to 10 seconds when directly connecting to database. Slightly improved regular expression to parse -d parameter. Added import check for all connectors' third-party libraries. Code refactoring: * Moved conf.direct request to direct() function in lib/request/direct.py (code reused where needed). * Back-delegated to generic connector close() and other methods. Bernardo Damele 2010-03-31 10:50:47 +0000
d583cc07e7 ms access update Miroslav Stampar 2010-03-30 15:04:55 +0000
1973024ebf added support for reusing connections Miroslav Stampar 2010-03-30 13:52:47 +0000
f0729565a9 fixes for sqlite Miroslav Stampar 2010-03-30 13:36:23 +0000
8702cce760 fix Miroslav Stampar 2010-03-30 13:23:20 +0000
c2a6f21095 refactoring regarding usage of conf.dbmsConnector.connect() Miroslav Stampar 2010-03-30 13:03:19 +0000
88d74a00c1 ms access connector update Miroslav Stampar 2010-03-30 12:48:51 +0000
a02ec29c15 too Miroslav Stampar 2010-03-30 11:52:45 +0000
c9c9c1fb2f replace only first occurrence Miroslav Stampar 2010-03-30 11:52:01 +0000
bfc12e93c5 ms access returns -1 for True Miroslav Stampar 2010-03-30 11:33:51 +0000
ae3455a0c2 more update Miroslav Stampar 2010-03-30 11:28:14 +0000
738c210075 update Miroslav Stampar 2010-03-30 11:21:26 +0000
87d8c6719e updates, fixes and stuff Miroslav Stampar 2010-03-30 11:06:30 +0000
f04449be03 update Miroslav Stampar 2010-03-29 23:48:21 +0000
4dd2cdef47 update Miroslav Stampar 2010-03-27 23:48:12 +0000
a0290a257b Added support to connect directly also to Oracle - see #158 Bernardo Damele 2010-03-27 21:50:19 +0000
1416cd0d86 Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module). Minor layout adjustments. Bernardo Damele 2010-03-26 23:23:25 +0000
4ca1adba2c update Miroslav Stampar 2010-03-26 21:30:36 +0000
1ec5221d82 minor update Miroslav Stampar 2010-03-26 20:51:55 +0000
eaa9dd07bc Minor bug fix for --roles Bernardo Damele 2010-03-26 20:45:22 +0000
0aa8f7309b added copyright notice and keywords Miroslav Stampar 2010-03-26 20:23:08 +0000
2e05e1c54d new module for Feature #61 Miroslav Stampar 2010-03-26 20:19:18 +0000
8bab94de64 added two new functions: isBase64EncodedString and isHexEncodedString for Feature #71 Miroslav Stampar 2010-03-26 17:18:02 +0000
5a6a01f24c added socket timeout exception handling regarding that timeout message from Fahad Al Shunaiber Miroslav Stampar 2010-03-26 11:51:23 +0000
be81c20298 Minor layout adjustment Bernardo Damele 2010-03-25 16:26:50 +0000
2aadc5c939 Added support for --roles (for Oracle ROLE_PRIVS). Enhanced Oracle --privileges to fall-back to USER_SYS_PRIVS if DBA_SYS_PRIVS is not accessible (so session user is not DBA) - Fixes ticket #180. Minor enhancement to Firebird to determine if a DB user is a DBA. Minor code refactoring. Bernardo Damele 2010-03-25 15:46:06 +0000
f4f68218bc Minor layout adjustment for --threads and --eta output Bernardo Damele 2010-03-25 11:47:18 +0000
a63e251b25 Ahead with code refactoring, related to r1502. Fixed svn:keywords propset to all .py files. Bernardo Damele 2010-03-23 21:26:45 +0000
f0f1176396 Updated THANKS Bernardo Damele 2010-03-23 21:24:31 +0000
8e57767c48 Fixes #180 - properly url encode sqlmap payload in POST/Cookie too, like for GET Bernardo Damele 2010-03-23 10:27:39 +0000
09768a7b62 Major code refactoring: moved and split plugins (mysql, pgsql, mssql, oracle) more granularly and organized. Todo for firebird, sqlite, access. Bernardo Damele 2010-03-22 22:57:57 +0000
f9a135e232 Minor bug fix and layout adjustment regarding --threading and standard output Bernardo Damele 2010-03-22 17:38:19 +0000
9e8a108768 Updated Bernardo Damele 2010-03-22 15:43:38 +0000
d13ad8b2d7 fixes #181 - proper save/resume information about single entry UNION SQL injection Bernardo Damele 2010-03-22 15:39:29 +0000
d00e4a458a Code cleanup Bernardo Damele 2010-03-21 00:39:44 +0000
72f3674844 Minor bug fix Bernardo Damele 2010-03-18 17:36:58 +0000
0d559d14df Initial support for SQLite (90% approx). Initial support for Firebird (30% approx). Initial support for Access (10% approx). Shared libraries code/installation scripts ported to 64bit, directory structure adapted. Minor code adjustments. Bernardo Damele 2010-03-18 17:20:54 +0000
f1fde2e443 added basic skeleton for FAQ doc Miroslav Stampar 2010-03-17 12:56:26 +0000
d2f86fb0a5 Fixes #172 - also cookies are parsed from burp/webscarab logs (-l) and request file (-r) now Bernardo Damele 2010-03-16 15:21:42 +0000
466df89c4a Fixes #178 and #179 - proper handling of custom redirects Bernardo Damele 2010-03-16 14:30:57 +0000
3b3353e05b Revert last commit Bernardo Damele 2010-03-16 13:56:36 +0000
1dfe558d3d Fix for Issue #177 Miroslav Stampar 2010-03-16 13:11:44 +0000
323cf2b7f2 Fixes #177 - Don't exit at exception if in "multiple targets" mode (-l or -g) Bernardo Damele 2010-03-16 12:14:02 +0000
6d0ea86414 Fixes #59 - proper customizable redirect (302 and 301) Bernardo Damele 2010-03-15 14:24:43 +0000
417f7fae00 Fix for "bug: -g uses wrong session file" Miroslav Stampar 2010-03-15 12:02:04 +0000
8af7d6c58b minor cosmetic update Miroslav Stampar 2010-03-15 11:55:13 +0000
a0ec447b7d fix for Issue #170 Miroslav Stampar 2010-03-15 11:33:34 +0000
7f5bc5e3fe Increased version to 0.9-dev Bernardo Damele 2010-03-15 11:04:57 +0000
5063401130 Minor bug fix, fixes #170 Bernardo Damele 2010-03-15 11:00:14 +0000
572b6fd920 sqlmap 0.8 stable! 0.8 Bernardo Damele 2010-03-15 01:17:27 +0000
bfbf58b04e Generated new user's manual html and pdf Bernardo Damele 2010-03-13 22:07:08 +0000
ee89709042 Updated manual Bernardo Damele 2010-03-13 21:56:38 +0000
ba6172a381 Added: svn:keywords Miroslav Stampar 2010-03-13 17:30:16 +0000
a6ab42c873 new file with getch() method which we'll use for good samaritan feature Miroslav Stampar 2010-03-13 17:28:23 +0000
4bef12a2b4 doc update Miroslav Stampar 2010-03-13 14:35:56 +0000
5f76d27779 minor typo correction Miroslav Stampar 2010-03-13 10:44:24 +0000
4c6c91a80b another --reg-read fix Miroslav Stampar 2010-03-12 23:12:06 +0000
c42c4982c3 Updated documentation according to r1460 Bernardo Damele 2010-03-12 22:59:03 +0000
7d8cc1a482 Get rid of Churrasco (Token kidnapping technique to --priv-esc). Reasons why: 1. there's kitrap0d (MS10-015) which is far more reliable, just recently fixed 2. works only to priv esc basically on MSSQL when it runs as NETWORK SERVICE and the machine is not patched against MS09-012 which is "rare" (hopefully) nowadays. Now sqlmap relies on kitrap0d and incognito to privilege escalate the database process' user privileges to SYSTEM, both via Meterpreter. Bernardo Damele 2010-03-12 22:43:35 +0000
6b1ae62753 final fix for reading registry keys (now both parse and non-parse reads work fine) Miroslav Stampar 2010-03-12 22:26:06 +0000
0a2fe651ab some fixes regarding registry reading Miroslav Stampar 2010-03-12 22:09:58 +0000
054a4aaee7 Updated documentation, almost ready for 0.8 release! Bernardo Damele 2010-03-12 17:43:38 +0000
25f8a72414 Minor layout adjustment Bernardo Damele 2010-03-12 14:48:33 +0000
17d0b82fee two dots instead of three Miroslav Stampar 2010-03-12 14:31:14 +0000
e8d76994ba Minor bug fix to avoid resuming data filled into the sqlmap support tables Bernardo Damele 2010-03-12 14:30:21 +0000
18d1d09f1c Minor bug fix Bernardo Damele 2010-03-12 13:34:46 +0000
15c638ac52 some beautification Miroslav Stampar 2010-03-12 13:07:07 +0000
7ec04281dd minor adjustments Miroslav Stampar 2010-03-12 12:46:26 +0000
fffda32f76 fix for Bug #167 Miroslav Stampar 2010-03-12 12:38:19 +0000
f6adb431e6 Minor layout adjustment and typo fix Bernardo Damele 2010-03-12 12:23:05 +0000
b50a2288f4 Minor layout adjustments Bernardo Damele 2010-03-11 23:54:07 +0000
506403dd9d Improved PHP backdoor Bernardo Damele 2010-03-11 16:55:38 +0000
ec43419ad1 minor makeup fix Miroslav Stampar 2010-03-11 11:20:52 +0000
2c053d5cfb fix for Bug #166 (Keyboard interrupt in Python threading) Miroslav Stampar 2010-03-11 11:14:20 +0000
b344a70ba1 Updated changelog Bernardo Damele 2010-03-11 01:10:55 +0000
4d53b17320 Updated THANKS Bernardo Damele 2010-03-10 22:08:54 +0000
fdf417f57e Minor adjustment and bug fix Bernardo Damele 2010-03-10 22:08:11 +0000
91dd609e26 fixed threading bug (difflib :) Miroslav Stampar 2010-03-10 14:14:27 +0000
6712b19df2 Updated ChangeLog Bernardo Damele 2010-03-10 01:14:23 +0000
cc611c0010 Minor layout adjustments Bernardo Damele 2010-03-09 22:14:26 +0000
3f3ddd5437 fix for that SELECT DISTINCT(LENGTH(...)) "misbehavior" Miroslav Stampar 2010-03-09 13:14:43 +0000
8593741358 Minor bug fix Bernardo Damele 2010-03-05 15:25:53 +0000
7136c17f19 Minor log adjustments Bernardo Damele 2010-03-05 14:59:33 +0000
d618964ab6 more time adjustments Miroslav Stampar 2010-03-05 14:30:50 +0000
45fc58d267 update Miroslav Stampar 2010-03-05 14:24:54 +0000
071e897f4e minor time adjustments Miroslav Stampar 2010-03-05 14:09:20 +0000