sqlmap

sqlmapproject/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-09-21 03:22:27 +03:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#5940

#5944

#5945

#5945

#5952

#5953

#5957

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

6e4b65a822 Minor refactoring Bernardo Damele 2011-01-15 23:28:31 +0000
558f3894f4 Minor improvement Bernardo Damele 2011-01-15 23:20:52 +0000
d3a28124b1 More code cleanup Bernardo Damele 2011-01-15 23:11:36 +0000
4a35f598b8 Minor refactoring Bernardo Damele 2011-01-15 22:09:53 +0000
d2ce647113 one of my stupidest commits (just in case) Miroslav Stampar 2011-01-15 18:17:46 +0000
0f565c941e bug fix and proper warning message Miroslav Stampar 2011-01-15 16:59:53 +0000
e105e1ea32 bug fix (some sites raise 404 during union tests) Miroslav Stampar 2011-01-15 16:42:33 +0000
3873d204bb important update for dictionary attack Miroslav Stampar 2011-01-15 15:56:11 +0000
e17ac5fdca update Miroslav Stampar 2011-01-15 15:14:22 +0000
44504746cf minor update Miroslav Stampar 2011-01-15 13:43:08 +0000
5bdb50c224 code review part 3 Miroslav Stampar 2011-01-15 13:15:10 +0000
1fa8f0cba7 code reviewing part 2 Miroslav Stampar 2011-01-15 12:53:40 +0000
6a0e0cde3c code review of modules in lib/core directory Miroslav Stampar 2011-01-15 12:13:45 +0000
2d9b151883 Minor bug fix Bernardo Damele 2011-01-15 10:14:05 +0000
05b2a338fe cosmetics Miroslav Stampar 2011-01-14 16:12:44 +0000
bff989d348 minor update Miroslav Stampar 2011-01-14 15:43:53 +0000
daf5662eab update Miroslav Stampar 2011-01-14 15:33:49 +0000
1cfd6a6b9d Code cleanup Bernardo Damele 2011-01-14 15:16:34 +0000
08f7e20c51 minor code refactoring Miroslav Stampar 2011-01-14 14:55:59 +0000
fb9d7cdfaa refactoring, code clearing and removal of obsolete switch --longest-common Miroslav Stampar 2011-01-14 14:37:03 +0000
534f51f9fc Minor bug fix Bernardo Damele 2011-01-14 14:20:28 +0000
e4e9b11b79 Minor code refactoring and adjustments - kb.dbms is needed in fingerprint.py, not getIdentifiedDBMS because when checkDbms() method is called, it's within the fingerprint phase and at that stage, getIdentifiedDBMS() would always return kb.misc.fpDbms. Bernardo Damele 2011-01-14 12:47:07 +0000
3c95d71ea5 Minor bug fix - restored of so called kb.misc.testedDbms (now kb.misc.fpDbms) to force the DBMS (only) during the fingerprint phase Bernardo Damele 2011-01-14 11:55:20 +0000
f209b7a65e Updated Bernardo Damele 2011-01-14 09:56:55 +0000
7d9fd5a7b7 Minor bug fix Bernardo Damele 2011-01-14 09:49:14 +0000
b2c7ae77d4 minor update Miroslav Stampar 2011-01-14 09:45:47 +0000
676b95b30a minor code refactoring Miroslav Stampar 2011-01-14 09:44:56 +0000
f8c04ce020 Minor bug fix Bernardo Damele 2011-01-13 20:59:13 +0000
2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. Minor bug fixes thanks to previous refactoring too. Bernardo Damele 2011-01-13 17:36:54 +0000
a1d1f69c3f revert Miroslav Stampar 2011-01-13 15:28:08 +0000
d937e27b19 minor fix Miroslav Stampar 2011-01-13 15:19:37 +0000
b0fdbdb13b minor update Miroslav Stampar 2011-01-13 15:15:56 +0000
877ea31521 Verbose docstring Bernardo Damele 2011-01-13 12:05:14 +0000
ac5b49f555 update Miroslav Stampar 2011-01-13 11:24:03 +0000
af4ee81e62 Cosmetics Bernardo Damele 2011-01-13 11:23:07 +0000
ece2eb31ca minor update Miroslav Stampar 2011-01-13 11:08:29 +0000
ee4727850c Minor bug fix Bernardo Damele 2011-01-13 10:29:47 +0000
ca33728fbc Minor fix to avoid query splitting/unpacking when the statement is EXISTS() Bernardo Damele 2011-01-13 10:00:40 +0000
be6e2d6a31 Important bug fix. Minor code restyling. Bernardo Damele 2011-01-13 09:41:55 +0000
1b3717c79c Improvement to make time-based blind to work also against login forms Bernardo Damele 2011-01-12 16:20:29 +0000
b3a0f38f3f Minor code refactoring and added internal debug prints Bernardo Damele 2011-01-12 12:03:23 +0000
af9725214a Properly deal with partial (single entry) UNION injections. Got rid of kb.union*, now it's all stored/used from kb.injection. Minor bug fix with where=2 detection phase. Bernardo Damele 2011-01-12 12:01:32 +0000
d7a7993e0d Minor comment fix Bernardo Damele 2011-01-12 11:57:36 +0000
3cff42986f Code cleanup Bernardo Damele 2011-01-12 01:17:04 +0000
8a67aea754 One more step to fully working UNION exploitation after merge into detection phase Bernardo Damele 2011-01-12 01:13:32 +0000
b5c6f7556f Minor update Bernardo Damele 2011-01-12 00:53:48 +0000
8bdb7ec58c Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet. Bernardo Damele 2011-01-12 00:47:39 +0000
873951ab92 Proper fix to avoid UNION test false positives Bernardo Damele 2011-01-11 23:59:02 +0000
c2e994e806 Minor adjustment Bernardo Damele 2011-01-11 23:56:04 +0000
5c7c3c76c3 Fixed previous bug in getErrorParsedDBMSes() call in detection phase. Added minor support to escape quotes in UNION payloads during detection phase. Bernardo Damele 2011-01-11 23:47:32 +0000
aa49aa579f Major bug fix Bernardo Damele 2011-01-11 23:09:06 +0000
2f5995a7eb Added generic and mysql UNION tests from 1 to 25 columns. Adapted config file and command line removing now outdated --union-test switch. Minor bug fix. Minor code refactoring. Got rid of some debug messages, standardized logging of UNION tests. Bernardo Damele 2011-01-11 22:56:21 +0000
300128042c First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY. Bernardo Damele 2011-01-11 22:18:47 +0000
06230e4d92 Minor code refactoring and cosmetics Bernardo Damele 2011-01-11 21:46:21 +0000
e3146464da minor fix for a bug reported by nightman Miroslav Stampar 2011-01-11 12:27:22 +0000
643c464268 minor fix Miroslav Stampar 2011-01-11 12:16:20 +0000
394b6bc029 reverting some changes Miroslav Stampar 2011-01-11 12:11:33 +0000
54e0ba935a minor update Miroslav Stampar 2011-01-11 12:08:36 +0000
690281dce1 didn't know this to be honest Miroslav Stampar 2011-01-11 10:17:22 +0000
0676b38063 revert of one thing for Bernardo and minor update Miroslav Stampar 2011-01-10 10:30:17 +0000
77b51dae57 adding openFile method with an exception block around file opening part Miroslav Stampar 2011-01-08 09:30:10 +0000
e3899f7467 fix of a fix Miroslav Stampar 2011-01-07 18:07:18 +0000
8e83a26acf minor fix Miroslav Stampar 2011-01-07 17:53:17 +0000
ed2aed972f minor fix Miroslav Stampar 2011-01-07 17:38:28 +0000
27628dca42 cosmetics Bernardo Damele 2011-01-07 17:25:22 +0000
97ae7e330f cosmetics Bernardo Damele 2011-01-07 17:10:58 +0000
cc46940159 Minor refactoring Bernardo Damele 2011-01-07 17:10:32 +0000
e373dac1f2 Cosmetics Bernardo Damele 2011-01-07 16:50:39 +0000
c17714c423 suppress session in case of brute methods Miroslav Stampar 2011-01-07 16:47:46 +0000
b313a20a3f some fixes Miroslav Stampar 2011-01-07 16:39:47 +0000
16a06117f7 Mere cosmetics Bernardo Damele 2011-01-07 16:36:32 +0000
1a079c62cb minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones) Miroslav Stampar 2011-01-07 16:08:01 +0000
1c86ec374e Code refactoring and cosmetics Bernardo Damele 2011-01-07 15:41:09 +0000
a8d660db54 fixes for bugs reported by pragmatk@gmail.com Miroslav Stampar 2011-01-06 16:59:58 +0000
c968b438f2 Ctrl+C added to union dump Miroslav Stampar 2011-01-06 09:48:04 +0000
0616edcc44 adding progress to --union-test Miroslav Stampar 2011-01-06 09:26:01 +0000
8b9a624546 added progress into union based entry retrieval Miroslav Stampar 2011-01-06 09:10:20 +0000
cc9ca802bf minor update Miroslav Stampar 2011-01-06 08:54:50 +0000
1297df66da fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) Miroslav Stampar 2011-01-06 08:04:59 +0000
6942c9a001 same thing with mysql as in last commit Miroslav Stampar 2011-01-05 14:41:38 +0000
a136915ab6 bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned) Miroslav Stampar 2011-01-05 14:36:41 +0000
694a65f6f1 minor fix/update Miroslav Stampar 2011-01-05 13:32:40 +0000
7411052456 minor update regarding last commit Miroslav Stampar 2011-01-05 12:09:57 +0000
042e3f76ba bug fix for a bug reported by nightman (RuntimeError: maximum recursion depth exceeded) Miroslav Stampar 2011-01-05 11:36:40 +0000
7ae5192070 adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) Miroslav Stampar 2011-01-05 10:25:07 +0000
c83e9f6ca5 foundation for filtering binary string values (for example, replacement of non readable chars with #) Miroslav Stampar 2011-01-04 21:56:37 +0000
aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) Miroslav Stampar 2011-01-04 15:49:20 +0000
8a48baf789 update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised Miroslav Stampar 2011-01-04 13:23:59 +0000
eb11f5b2e0 minor update Miroslav Stampar 2011-01-04 13:07:12 +0000
c1dc73d0a1 minor, just in case update related to the previous commit Miroslav Stampar 2011-01-04 12:56:55 +0000
709a7d156b fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...) Miroslav Stampar 2011-01-04 12:51:51 +0000
d288c6d6e3 minor update Miroslav Stampar 2011-01-04 08:40:41 +0000
fdc463d08b fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range) Miroslav Stampar 2011-01-03 23:36:35 +0000
0eabca9fd4 update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) Miroslav Stampar 2011-01-03 22:31:29 +0000
08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) Miroslav Stampar 2011-01-03 22:02:58 +0000
572f403069 update of one thing that was missing Miroslav Stampar 2011-01-03 21:28:22 +0000
7f97f3ea52 adding user agent strings for opera >= 9.10 and safari >= 4.0 Miroslav Stampar 2011-01-03 15:26:42 +0000
6936ebb9e6 adding new user agent strings for firefox >= 3.0 and MSIE >= 7.0 Miroslav Stampar 2011-01-03 15:17:18 +0000
ce48ea75d0 noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links Miroslav Stampar 2011-01-03 14:39:23 +0000
6aa616bd0d minor minor fix Miroslav Stampar 2011-01-03 14:28:20 +0000