sqlmap

sqlmapproject/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-09-21 19:42:26 +03:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#5940

#5944

#5945

#5945

#5952

#5953

#5957

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

845618934d update of doc/THANKS Miroslav Stampar 2011-05-02 18:20:37 +0000
5e9620198c fix for a privately reported bug ("AttributeError: item is disabled") Miroslav Stampar 2011-05-02 18:18:04 +0000
93dee30895 better fix for the previous commit Miroslav Stampar 2011-05-02 13:34:55 +0000
20ad1c1f2f minor update to not confuse users when using -o Miroslav Stampar 2011-05-02 13:24:35 +0000
f8c3086d15 minor minor update Miroslav Stampar 2011-05-02 12:37:54 +0000
098f53d57a patch for a problem reported by m.martin2311@yahoo.com (unknown charset 'is0-8859-1') Miroslav Stampar 2011-05-02 12:34:35 +0000
ac2550535c Proper fix for --technique=U bug Bernardo Damele 2011-05-01 23:42:41 +0000
8e8886cd20 minor improvement for --sql-shell/--sql-query (when non-SELECT default is N for retrieve data output which automatically does STACKED injection) Miroslav Stampar 2011-05-01 21:41:14 +0000
900ee0ff93 fix for a major bug reported by k1971@live.co.uk (1..9 99..) Miroslav Stampar 2011-05-01 15:47:00 +0000
494503b334 proper way to deal with generic cases Miroslav Stampar 2011-05-01 08:04:08 +0000
fcd69ba9c7 fix for a --technique=U Miroslav Stampar 2011-05-01 07:37:22 +0000
ebe631ea57 doc update Bernardo Damele 2011-05-01 00:43:42 +0000
64bb480414 Do not raise otherwise it won't work with --schema Bernardo Damele 2011-04-30 23:20:16 +0000
41fc9f9d54 fix for an issue reported by andrew.gecse@upcmail.hu (unknown web page charset 'hungarian-iso-8859-2') Miroslav Stampar 2011-04-30 22:41:54 +0000
d5eeb91b35 Aligned Sybase and MaxDB to recent enhancements to --dbs, --tables and --columns Bernardo Damele 2011-04-30 22:11:36 +0000
b31b861d7b Major rewrote of --columns: now it accepts -D only (enumerate all tables' columns of a specific database), -D and -T (enumerate all columns of a specific database's table), -T (enumerate all columns of a current database's table), etc. Bernardo Damele 2011-04-30 22:10:27 +0000
284c69a686 Improved --tables for MSSQL too, like r3798 Bernardo Damele 2011-04-30 22:05:02 +0000
aeb149db22 Proper ordering of enumeration methods, consistent with the others enumeration classes Bernardo Damele 2011-04-30 22:04:08 +0000
955dbc85e7 Minor variable rename Bernardo Damele 2011-04-30 15:29:59 +0000
cb9b9c4204 Code refactoring and improvements to --dbs and --tables: now --tables accepts also -D CD as an alias for Current Database and as usual multiple database comma-separated are supported too Bernardo Damele 2011-04-30 15:29:19 +0000
b3a0424269 More Backend class method usage refactoring Bernardo Damele 2011-04-30 15:24:15 +0000
00f14bec5f layout adjustment Bernardo Damele 2011-04-30 15:22:33 +0000
9a4ae7d9e2 More code refactoring of Backend class methods used Bernardo Damele 2011-04-30 14:54:29 +0000
2f2758b033 Long form contributor name Bernardo Damele 2011-04-30 14:51:06 +0000
36a9ddaacc Minor bug fixes and code restyling for --privileges and --passwords Bernardo Damele 2011-04-30 14:50:27 +0000
f56d135438 Minor code restyling Bernardo Damele 2011-04-30 13:20:05 +0000
983546d6bf proper fix Miroslav Stampar 2011-04-30 07:01:21 +0000
1a052245a6 duplicate code Bernardo Damele 2011-04-30 00:25:15 +0000
a5968fff3e Added --count switch to count the number of entries for a specific table (when -T is provided), all database's tables (when only -D is provided) or all databases' tables when neither -D nor -T are provided Bernardo Damele 2011-04-30 00:22:22 +0000
529595fd85 Moved method below Bernardo Damele 2011-04-29 22:37:43 +0000
956e75e2b5 Minor adjustment to --mobile. Bug fix to --random-agent. Bernardo Damele 2011-04-29 21:50:48 +0000
14bf6abb7e Minor layout adjustment Bernardo Damele 2011-04-29 21:40:48 +0000
f449688f93 Proper resume of --schema data when calling with --columns switch, minor fixes too Bernardo Damele 2011-04-29 21:17:59 +0000
a23ca952e4 Actually brute-force switches make more sense just after their "normal" version. Also, getSchema() method is preferably to be called before getColumns(), see next commit for reason Bernardo Damele 2011-04-29 21:09:07 +0000
46f96f3c4c removing Kindle from list as it's not really a smartphone Miroslav Stampar 2011-04-29 19:32:30 +0000
11124b21f9 implemented --mobile switch Miroslav Stampar 2011-04-29 19:27:23 +0000
b299912de4 fix for a bug reported by ahmed@isecur1ty.org (UnicodeDecodeError: 'ascii' codec can't decode byte 0x84 in position 396: ordinal not in range(128)) for multipartpost Miroslav Stampar 2011-04-29 16:56:02 +0000
6bb4dce3aa minor refactoring Miroslav Stampar 2011-04-29 15:22:32 +0000
a2bb0d72e8 fix for a bug reported by rdsears@mtu.edu (TypeError: expected string or buffer) Miroslav Stampar 2011-04-29 14:40:28 +0000
a6015b59df fix for a bug reported by jaccovantuijl@gmail.com (entries = zip(*[entries[colName] for colName in colList])) Miroslav Stampar 2011-04-29 14:33:47 +0000
9927f5a7db Let --schema work also for Sybase and MaxDB Bernardo Damele 2011-04-29 00:02:28 +0000
edac0b2558 Added switch --schema to enumerate DBMS schema and now --columns does not require a mandatory table (-T) anymore, instead it will act as an alias for --schema Bernardo Damele 2011-04-28 23:59:00 +0000
d3ed3268c3 minor adjustments Bernardo Damele 2011-04-28 21:17:06 +0000
8e63e1b70d more people to thanks Bernardo Damele 2011-04-28 21:15:15 +0000
3e66dae103 as we don't use UPX anymore.. Bernardo Damele 2011-04-28 20:54:21 +0000
441c288dd9 cosmeticados Bernardo Damele 2011-04-25 00:36:09 +0000
98f9f3e774 Minor bug fix in local shellcodeexec for Windows path Bernardo Damele 2011-04-25 00:03:12 +0000
e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: * It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime. * shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product. * shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX). * UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software. shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec. Minor code refactoring. Bernardo Damele 2011-04-24 23:01:21 +0000
d0a534dee5 Do not even prompt for ICMP tunnel if the target OS is not Windows Bernardo Damele 2011-04-23 21:57:07 +0000
d0dff82ce0 Minor code refactoring relating set/get back-end DBMS operating system and minor bug fix to properly enforce OS value with --os switch Bernardo Damele 2011-04-23 16:25:09 +0000
75142b383d huge speed up (4x times faster) Miroslav Stampar 2011-04-22 21:00:42 +0000
f88aa4b165 implemented suppressResumeInfo mechanism (huge slowdown on large tables) Miroslav Stampar 2011-04-22 19:58:10 +0000
493b9adf8e speed up of resume values (compiled regexes used) Miroslav Stampar 2011-04-22 19:27:41 +0000
7b3b9e6a87 it seems that this was indeed not meant to be here Miroslav Stampar 2011-04-22 15:07:09 +0000
304500a2e8 implemented checkFalsePositives method (simple Turing like tests) Miroslav Stampar 2011-04-22 12:24:16 +0000
7df954dd9f paranoy Bernardo Damele 2011-04-21 23:41:25 +0000
0764c4c752 parenthesis were missing; banning OR NOT from payloads Miroslav Stampar 2011-04-21 23:32:53 +0000
41924a6ead fix for a bug reported by saccurso@skygear.com.ar (UnicodeDecodeError: 'ascii' codec can't decode byte 0xe9 in position 0: ordinal not in range(128)) Miroslav Stampar 2011-04-21 23:17:16 +0000
1d61611145 leftover Bernardo Damele 2011-04-21 22:46:43 +0000
f3088079c0 error message adjustment Bernardo Damele 2011-04-21 22:31:02 +0000
eabb5a2ba7 More adjustments to the error message when no sql injections are detected Bernardo Damele 2011-04-21 22:04:20 +0000
6d07dddf60 updated doc and minor layout adjustments Bernardo Damele 2011-04-21 21:53:35 +0000
06a00fe85e For development version, print also the revision number in the banner Bernardo Damele 2011-04-21 21:34:57 +0000
770b1523ff More verbose output when no SQL injections are detected Bernardo Damele 2011-04-21 21:31:16 +0000
edc2d75702 Cosmetics and major bug fix Bernardo Damele 2011-04-21 21:15:23 +0000
870f773d70 In some old versions of MySQL (perhaps others DBMS too) the NOT clause is not supported, hence we need also OR tests without NOT - tested and works like this Bernardo Damele 2011-04-21 20:36:50 +0000
d2f102f5a1 cosmetics Bernardo Damele 2011-04-21 20:21:37 +0000
148fb26301 quick fix Miroslav Stampar 2011-04-21 17:34:26 +0000
e181d5412e fix for a bug reported by aboynes@gmail.com (@@datadir not available on MySQL 4) Miroslav Stampar 2011-04-21 17:33:07 +0000
bd4fbb3251 fix for a bug reported by l0rda@l0rda.biz (TypeError: cannot concatenate 'str' and 'NoneType' objects) Miroslav Stampar 2011-04-21 14:53:02 +0000
b667c50588 store/resume info on xp_cmd available in session file Bernardo Damele 2011-04-21 14:25:04 +0000
930872cf3b fix Miroslav Stampar 2011-04-21 14:20:09 +0000
a313df4d37 Allow user to force temporary folder with --tmp-path even if it has been saved one in the session file Bernardo Damele 2011-04-21 14:05:37 +0000
fbe5ba5394 cosmetics Bernardo Damele 2011-04-21 10:54:12 +0000
e1a8d268d8 fix for UPX linux/macos Miroslav Stampar 2011-04-21 10:52:34 +0000
8d8fc2bbd8 cosmetics Bernardo Damele 2011-04-21 10:17:41 +0000
11ecd16099 cosmetics Bernardo Damele 2011-04-21 10:08:38 +0000
9ccf720c05 removing funny remark Miroslav Stampar 2011-04-21 10:06:13 +0000
a91e6a8440 layout Bernardo Damele 2011-04-21 10:03:18 +0000
cbfe743bad added a comment Miroslav Stampar 2011-04-21 10:01:58 +0000
c84c4d835f minor update Miroslav Stampar 2011-04-21 09:31:35 +0000
8e2e06a7a3 layout adjustment Bernardo Damele 2011-04-21 09:25:42 +0000
5052013ffa minor update Miroslav Stampar 2011-04-20 14:48:23 +0000
f909ecb369 bug fix for mssqlserver escape Miroslav Stampar 2011-04-20 13:41:01 +0000
e4d3190f41 reverting back to NVARCHAR because of error technique Miroslav Stampar 2011-04-20 12:59:23 +0000
3607f03a9e fix of a minor typo Miroslav Stampar 2011-04-20 12:42:35 +0000
1286cc0913 now showing trimmed output in for of warning message (UNION and ERROR techniques affected) Miroslav Stampar 2011-04-20 12:41:58 +0000
7993f3f12d way better for storing bulk of data (like BLOB on mysql) Miroslav Stampar 2011-04-20 11:44:52 +0000
04653684cd revert Miroslav Stampar 2011-04-20 10:34:34 +0000
4fadcf0615 improvement for UNION/ERROR case Miroslav Stampar 2011-04-20 10:17:42 +0000
1c1c20fb64 minor update Miroslav Stampar 2011-04-20 09:34:00 +0000
4b6c524d4c one more minor update regarding last commit Miroslav Stampar 2011-04-20 09:26:03 +0000
44926757da minor update Miroslav Stampar 2011-04-20 09:23:08 +0000
52c98afe93 minor fix Miroslav Stampar 2011-04-20 08:38:46 +0000
24435a2c20 implemented "break a tie" request by Andres Riancho Miroslav Stampar 2011-04-20 08:35:47 +0000
df0331fe9b some more refactoring Miroslav Stampar 2011-04-19 23:04:10 +0000
3b133303bf refactoring Miroslav Stampar 2011-04-19 22:54:13 +0000
de2479b864 dealing with http://bugs.python.org/issue1602 Miroslav Stampar 2011-04-19 22:33:03 +0000
9a9838f1e6 cleaning a mess with UPX and virus scanners Miroslav Stampar 2011-04-19 21:57:04 +0000
44bbef42f8 minor cosmetics Miroslav Stampar 2011-04-19 20:23:08 +0000