sqlmap

sqlmapproject/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-27 16:39:54 +03:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

bac53eeef1 Allow --dump-all to accept -D switch in order to dump all tables' entries for only one (or more, comma-separated) specified database(s) Bernardo Damele 2011-04-07 22:08:10 +0000
b288e5ef57 implemented DNS caching mechanism Miroslav Stampar 2011-04-07 21:39:18 +0000
ae4ea0af45 fix for a bug reported by m4l1c3 (AttributeError: 'NoneType' object has no attribute 'replace') Miroslav Stampar 2011-04-07 13:57:07 +0000
02eeeccd33 Added UNION query SQL injection tests also with a random number for columns (not only NULL) Bernardo Damele 2011-04-07 13:39:36 +0000
6a8a5db9aa minor code restyling Miroslav Stampar 2011-04-07 13:27:29 +0000
e33a48d40f minor refactoring Miroslav Stampar 2011-04-07 12:54:30 +0000
c6b9d89d31 Accept [RANDNUM] as <char> in payloads.xml and handle it accordingly Bernardo Damele 2011-04-07 11:10:35 +0000
ca009e9fe2 minor update Miroslav Stampar 2011-04-07 10:43:19 +0000
672abc27fd minor adjustment of livetests for new flavor of --technique Miroslav Stampar 2011-04-07 10:41:12 +0000
9e8c933333 cosmetics Bernardo Damele 2011-04-07 10:40:58 +0000
68828d68a5 removed integers from --technique Miroslav Stampar 2011-04-07 10:37:48 +0000
fced81b6be minor update Miroslav Stampar 2011-04-07 10:32:39 +0000
845533e92f minor refactoring Miroslav Stampar 2011-04-07 10:27:22 +0000
1880f18367 Minor layout adjustments Bernardo Damele 2011-04-07 10:07:52 +0000
17844eb87c Refactoring to --technique Bernardo Damele 2011-04-07 10:00:47 +0000
287f74dbd2 update Bernardo Damele 2011-04-06 14:59:51 +0000
05d12790f1 closes #219 - unhidden switch --technique and adapted code accordingly (renamed conf.technique to conf.tech to fit properly in the -h help message) Bernardo Damele 2011-04-06 14:41:44 +0000
8b14a9eaa7 Minor code adjustments Bernardo Damele 2011-04-06 14:40:45 +0000
a379463213 cosmeticado Miroslav Stampar 2011-04-06 08:40:06 +0000
b327bbcd9b minor fix (it was quite ... to have this check at the later stage) Miroslav Stampar 2011-04-06 08:39:24 +0000
fdef6726cf minor update Miroslav Stampar 2011-04-06 08:30:50 +0000
72555f3b28 user's manual updated.. we are getting close to 0.9 stable, stay tuned! Bernardo Damele 2011-04-06 08:21:13 +0000
d436ba2da5 Minor "fix" when reading hashes from a local sqlite3 (result of --replicate) and there is an int as value Bernardo Damele 2011-04-06 08:19:56 +0000
81034140c0 Reduced number of threads to 3 when -o is provided Bernardo Damele 2011-04-06 08:15:20 +0000
265fa52600 minor code cosmetics Miroslav Stampar 2011-04-04 18:24:16 +0000
018b6b9430 fix for a charset encoding reported by Kirill Miroslav Stampar 2011-04-04 18:20:09 +0000
a1bde071d8 Minor adjustments Bernardo Damele 2011-04-04 09:26:20 +0000
2c01fc56e6 minor update regarding misusage of --proxy and --ignore-proxy switches Miroslav Stampar 2011-04-04 09:19:43 +0000
3253882071 minor cosmetics on tamper scripts Miroslav Stampar 2011-04-04 08:18:26 +0000
33d987805d minor revisit of encoding tampering scripts Miroslav Stampar 2011-04-04 08:11:11 +0000
e957c4400c minor revisit of tampering script(s) functionality (urlencode one is removed as it's currently obsolete regarding the whole process of automatic urlencoding) Miroslav Stampar 2011-04-04 08:04:47 +0000
305115a68b important improvement of data handling (POST data and header values) Miroslav Stampar 2011-04-03 15:02:52 +0000
bbd4c128b0 minor update related to the last commit Miroslav Stampar 2011-04-01 22:19:42 +0000
cd7e4f5afc improvement for lots of multiple-selection forms (now by default the first one is selected - till now it was left unchecked which lead to blank get/post data for the whole form) Miroslav Stampar 2011-04-01 22:12:24 +0000
c3b54cc222 Cosmetics Bernardo Damele 2011-04-01 16:40:28 +0000
e27afef6be minor update regarding --current-db on Oracle Miroslav Stampar 2011-04-01 15:56:11 +0000
eb99f68a7a Minor improvement to --wizard. This does not mean I like the kiddie feature though ;) Bernardo Damele 2011-04-01 14:55:39 +0000
de4e0c7346 minor update related to the problem with request files reported by jorge_a_santos@hotmail.com Miroslav Stampar 2011-04-01 12:09:11 +0000
60102209f6 quick fix for a bug reported by Kirill (AttributeError: 'NoneType' object has no attribute 'split') Miroslav Stampar 2011-04-01 11:14:24 +0000
ee15988878 another minor update related to previous commit Miroslav Stampar 2011-03-31 17:34:07 +0000
156d24203f speed optimization Miroslav Stampar 2011-03-31 17:16:26 +0000
220366b6e8 minor update (ip addresses will not be confused any more for crypt_generic hashes) Miroslav Stampar 2011-03-31 16:56:26 +0000
557ed7d665 minor fix for a invalid charset reported by Kirill Miroslav Stampar 2011-03-31 14:39:01 +0000
fed57282fc Added one more warning message to show what's going on with ctrl+c Bernardo Damele 2011-03-31 14:26:14 +0000
3948cd9e77 Minor layout adjustments Bernardo Damele 2011-03-31 14:13:53 +0000
60afd80460 Change of release date to unknown Bernardo Damele 2011-03-31 13:06:30 +0000
c5de903eab minor improvement ("quick defense against substr fields") Miroslav Stampar 2011-03-31 09:35:09 +0000
ce51326bff quick fix Miroslav Stampar 2011-03-31 08:43:17 +0000
0916117447 improvement of error-based testing (no more sqlmap aborting on error-based payloads which happens very often on MySQL servers); also, minor improvement on brute forcing of column names Miroslav Stampar 2011-03-30 18:32:10 +0000
dd01d66f13 proper update regarding last commit Miroslav Stampar 2011-03-29 22:10:08 +0000
850328df6c minor cosmetics Miroslav Stampar 2011-03-29 22:03:48 +0000
b6af80bab3 refactoring, cleanup and improvement Miroslav Stampar 2011-03-29 21:54:15 +0000
adfbfef8c1 minor refactoring Miroslav Stampar 2011-03-29 21:01:47 +0000
12f3024c8a removing that boring message "reflective value found and filtered out" for headers case (we always include Uri header) Miroslav Stampar 2011-03-29 20:45:21 +0000
9f707febf5 minor update Miroslav Stampar 2011-03-29 15:43:17 +0000
d0861a00e2 minor improvement Miroslav Stampar 2011-03-29 15:37:57 +0000
d28ca5809b adding support for meta HTML header 'refresh' - popular one amongst login pages (stumbled when tested blind injections on Mutillidae login page) Miroslav Stampar 2011-03-29 14:16:28 +0000
7cf4ba83dc minor refactoring and comment update Miroslav Stampar 2011-03-29 12:08:07 +0000
1821a008af Ctrl+C in dictionary attack phase will now not abort the whole enumeration; also, question for common suffixes will now be asked only once Miroslav Stampar 2011-03-29 12:00:29 +0000
5560196648 minor fix Miroslav Stampar 2011-03-29 11:50:12 +0000
e20d460809 Bernardo will kill me (added --wizard for total beginners) Miroslav Stampar 2011-03-29 11:42:55 +0000
4d78eac938 revert of that thingy as requested by Bernardo Miroslav Stampar 2011-03-29 10:06:35 +0000
a9f5d828c6 minor fix avoiding problems with hashing strange characters in usernames Miroslav Stampar 2011-03-29 07:50:07 +0000
b7813f9e68 incrementing level for MySQL stacked payloads Miroslav Stampar 2011-03-29 07:31:56 +0000
e8debbe724 minor cosmetics and one minor fix (|= is a nono with None) Miroslav Stampar 2011-03-29 06:38:19 +0000
86f93713d3 fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update Miroslav Stampar 2011-03-29 06:25:17 +0000
a2d5358b08 minor fix Miroslav Stampar 2011-03-28 23:40:46 +0000
9e900ccbac minor comment update Miroslav Stampar 2011-03-28 23:12:04 +0000
a61e287d23 making updates for dummy Windows users Miroslav Stampar 2011-03-28 23:09:19 +0000
bf0e3c4662 improvement for --forms with empty fields Miroslav Stampar 2011-03-28 22:48:00 +0000
1823c116bb minor update for special cases of union testing results Miroslav Stampar 2011-03-28 21:45:38 +0000
ae53ad4c30 making an update for special case of timed out response Miroslav Stampar 2011-03-28 21:05:04 +0000
1e22ff45de minor update regarding testing of GET parameters if --data and/or --forms is used Miroslav Stampar 2011-03-28 16:14:08 +0000
625f124263 little info message Miroslav Stampar 2011-03-28 12:13:17 +0000
4312a42b5d another minor fix Miroslav Stampar 2011-03-28 12:04:39 +0000
3173adbf6b minor update Miroslav Stampar 2011-03-28 12:02:31 +0000
73e5d20ade bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries) Miroslav Stampar 2011-03-28 11:01:55 +0000
19a6f86954 Minor update Bernardo Damele 2011-03-27 16:37:57 +0000
08d052d9b8 minor update of THANKS file Miroslav Stampar 2011-03-27 13:45:19 +0000
47924fb92e fix for a bug reported by malice.anon@gmail.com (AttributeError: 'unicode' object has no attribute 'geturl') Miroslav Stampar 2011-03-27 13:41:54 +0000
76b7e3517d minor update Miroslav Stampar 2011-03-27 07:58:15 +0000
dba32306b0 minor update Miroslav Stampar 2011-03-26 22:03:46 +0000
d2eb4c6a39 update of THANKS file Miroslav Stampar 2011-03-26 21:48:36 +0000
d8f7c4bc4c minor update regarding support for crypt(3) Miroslav Stampar 2011-03-26 21:41:37 +0000
4f00b9fa4b minor fix Miroslav Stampar 2011-03-26 21:10:31 +0000
afe2be6a9f implementation of Standard DES hashing (crypt) Miroslav Stampar 2011-03-26 20:46:25 +0000
04c4578df7 minor fix Miroslav Stampar 2011-03-26 05:55:49 +0000
58f8703ecd minor update before bedtime Miroslav Stampar 2011-03-25 22:59:18 +0000
ae12dee990 minor update Miroslav Stampar 2011-03-25 22:08:54 +0000
c9baa0094b going global for protection of non-standard identificator naming Miroslav Stampar 2011-03-25 22:02:28 +0000
5a1f733a43 minor update (_ is part of normal identificator naming) Miroslav Stampar 2011-03-25 21:49:20 +0000
1a98095a93 minor improvement for that MySQL identification naming Miroslav Stampar 2011-03-25 21:46:49 +0000
1119a85f39 it's a must after all - partial union is specific and as there is no output for fetched value, we have to display something to the user. also, there is a bug fix (removed the leftover parseUnionPage) Miroslav Stampar 2011-03-25 21:31:26 +0000
48c4460e2c bug fixed (there was a huge problem with space containing identifiers - fixed and tested for MySQL) Miroslav Stampar 2011-03-25 21:22:06 +0000
6c6133e8aa revert of the last commit (i was doing some testing against a test case with lots of None(s) which drove me to the conclusion that we need that progress - in normal cases it's fine as it is) Miroslav Stampar 2011-03-25 20:46:37 +0000
737b4abf13 this is a must for partial union. there are lots of cases with dumping of huge tables and user doesn't know a squirt if sqlmap is running or not (compromise is that this is only displayed if the verbose level is not touched by the user) Miroslav Stampar 2011-03-25 20:30:15 +0000
af39a441fa minor improvement when --dbs returns no database names (like in many cases with MySQL 4) Miroslav Stampar 2011-03-25 19:50:06 +0000
5eb7787fc9 adding partial union cases to the live tests Miroslav Stampar 2011-03-25 15:56:15 +0000
670aa7f99b update for live tests (added dumping of columns and table values) Miroslav Stampar 2011-03-25 15:37:11 +0000
422967fbcd just an minor update related to the last commit Miroslav Stampar 2011-03-25 12:21:53 +0000