sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-27 00:20:07 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 2ac8debea0 Major code refactoring - moved to one location only (getIdentifiedDBMS() in common.py) the retrieval of identified/fingerprinted DBMS. Minor bug fixes thanks to previous refactoring too. Bernardo Damele 2011-01-13 17:36:54 +0000
  • a1d1f69c3f revert Miroslav Stampar 2011-01-13 15:28:08 +0000
  • d937e27b19 minor fix Miroslav Stampar 2011-01-13 15:19:37 +0000
  • b0fdbdb13b minor update Miroslav Stampar 2011-01-13 15:15:56 +0000
  • 877ea31521 Verbose docstring Bernardo Damele 2011-01-13 12:05:14 +0000
  • ac5b49f555 update Miroslav Stampar 2011-01-13 11:24:03 +0000
  • af4ee81e62 Cosmetics Bernardo Damele 2011-01-13 11:23:07 +0000
  • ece2eb31ca minor update Miroslav Stampar 2011-01-13 11:08:29 +0000
  • ee4727850c Minor bug fix Bernardo Damele 2011-01-13 10:29:47 +0000
  • ca33728fbc Minor fix to avoid query splitting/unpacking when the statement is EXISTS() Bernardo Damele 2011-01-13 10:00:40 +0000
  • be6e2d6a31 Important bug fix. Minor code restyling. Bernardo Damele 2011-01-13 09:41:55 +0000
  • 1b3717c79c Improvement to make time-based blind to work also against login forms Bernardo Damele 2011-01-12 16:20:29 +0000
  • b3a0f38f3f Minor code refactoring and added internal debug prints Bernardo Damele 2011-01-12 12:03:23 +0000
  • af9725214a Properly deal with partial (single entry) UNION injections. Got rid of kb.union*, now it's all stored/used from kb.injection. Minor bug fix with where=2 detection phase. Bernardo Damele 2011-01-12 12:01:32 +0000
  • d7a7993e0d Minor comment fix Bernardo Damele 2011-01-12 11:57:36 +0000
  • 3cff42986f Code cleanup Bernardo Damele 2011-01-12 01:17:04 +0000
  • 8a67aea754 One more step to fully working UNION exploitation after merge into detection phase Bernardo Damele 2011-01-12 01:13:32 +0000
  • b5c6f7556f Minor update Bernardo Damele 2011-01-12 00:53:48 +0000
  • 8bdb7ec58c Ahead with UNION exploitation after UNION test moved to detection phase - a lot to do yet. Bernardo Damele 2011-01-12 00:47:39 +0000
  • 873951ab92 Proper fix to avoid UNION test false positives Bernardo Damele 2011-01-11 23:59:02 +0000
  • c2e994e806 Minor adjustment Bernardo Damele 2011-01-11 23:56:04 +0000
  • 5c7c3c76c3 Fixed previous bug in getErrorParsedDBMSes() call in detection phase. Added minor support to escape quotes in UNION payloads during detection phase. Bernardo Damele 2011-01-11 23:47:32 +0000
  • aa49aa579f Major bug fix Bernardo Damele 2011-01-11 23:09:06 +0000
  • 2f5995a7eb Added generic and mysql UNION tests from 1 to 25 columns. Adapted config file and command line removing now outdated --union-test switch. Minor bug fix. Minor code refactoring. Got rid of some debug messages, standardized logging of UNION tests. Bernardo Damele 2011-01-11 22:56:21 +0000
  • 300128042c First big commit to move UNION query tests to detection phase - there are some improvements and tuning to do yet though. Major refactoring to Agent.payload() method. Minor bug fixes, some code refactoring and a lot of core adjustments here and there. Added more checks for injection in GROUP BY and ORDER BY. Bernardo Damele 2011-01-11 22:18:47 +0000
  • 06230e4d92 Minor code refactoring and cosmetics Bernardo Damele 2011-01-11 21:46:21 +0000
  • e3146464da minor fix for a bug reported by nightman Miroslav Stampar 2011-01-11 12:27:22 +0000
  • 643c464268 minor fix Miroslav Stampar 2011-01-11 12:16:20 +0000
  • 394b6bc029 reverting some changes Miroslav Stampar 2011-01-11 12:11:33 +0000
  • 54e0ba935a minor update Miroslav Stampar 2011-01-11 12:08:36 +0000
  • 690281dce1 didn't know this to be honest Miroslav Stampar 2011-01-11 10:17:22 +0000
  • 0676b38063 revert of one thing for Bernardo and minor update Miroslav Stampar 2011-01-10 10:30:17 +0000
  • 77b51dae57 adding openFile method with an exception block around file opening part Miroslav Stampar 2011-01-08 09:30:10 +0000
  • e3899f7467 fix of a fix Miroslav Stampar 2011-01-07 18:07:18 +0000
  • 8e83a26acf minor fix Miroslav Stampar 2011-01-07 17:53:17 +0000
  • ed2aed972f minor fix Miroslav Stampar 2011-01-07 17:38:28 +0000
  • 27628dca42 cosmetics Bernardo Damele 2011-01-07 17:25:22 +0000
  • 97ae7e330f cosmetics Bernardo Damele 2011-01-07 17:10:58 +0000
  • cc46940159 Minor refactoring Bernardo Damele 2011-01-07 17:10:32 +0000
  • e373dac1f2 Cosmetics Bernardo Damele 2011-01-07 16:50:39 +0000
  • c17714c423 suppress session in case of brute methods Miroslav Stampar 2011-01-07 16:47:46 +0000
  • b313a20a3f some fixes Miroslav Stampar 2011-01-07 16:39:47 +0000
  • 16a06117f7 Mere cosmetics Bernardo Damele 2011-01-07 16:36:32 +0000
  • 1a079c62cb minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones) Miroslav Stampar 2011-01-07 16:08:01 +0000
  • 1c86ec374e Code refactoring and cosmetics Bernardo Damele 2011-01-07 15:41:09 +0000
  • a8d660db54 fixes for bugs reported by pragmatk@gmail.com Miroslav Stampar 2011-01-06 16:59:58 +0000
  • c968b438f2 Ctrl+C added to union dump Miroslav Stampar 2011-01-06 09:48:04 +0000
  • 0616edcc44 adding progress to --union-test Miroslav Stampar 2011-01-06 09:26:01 +0000
  • 8b9a624546 added progress into union based entry retrieval Miroslav Stampar 2011-01-06 09:10:20 +0000
  • cc9ca802bf minor update Miroslav Stampar 2011-01-06 08:54:50 +0000
  • 1297df66da fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) Miroslav Stampar 2011-01-06 08:04:59 +0000
  • 6942c9a001 same thing with mysql as in last commit Miroslav Stampar 2011-01-05 14:41:38 +0000
  • a136915ab6 bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned) Miroslav Stampar 2011-01-05 14:36:41 +0000
  • 694a65f6f1 minor fix/update Miroslav Stampar 2011-01-05 13:32:40 +0000
  • 7411052456 minor update regarding last commit Miroslav Stampar 2011-01-05 12:09:57 +0000
  • 042e3f76ba bug fix for a bug reported by nightman (RuntimeError: maximum recursion depth exceeded) Miroslav Stampar 2011-01-05 11:36:40 +0000
  • 7ae5192070 adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) Miroslav Stampar 2011-01-05 10:25:07 +0000
  • c83e9f6ca5 foundation for filtering binary string values (for example, replacement of non readable chars with #) Miroslav Stampar 2011-01-04 21:56:37 +0000
  • aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) Miroslav Stampar 2011-01-04 15:49:20 +0000
  • 8a48baf789 update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised Miroslav Stampar 2011-01-04 13:23:59 +0000
  • eb11f5b2e0 minor update Miroslav Stampar 2011-01-04 13:07:12 +0000
  • c1dc73d0a1 minor, just in case update related to the previous commit Miroslav Stampar 2011-01-04 12:56:55 +0000
  • 709a7d156b fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...) Miroslav Stampar 2011-01-04 12:51:51 +0000
  • d288c6d6e3 minor update Miroslav Stampar 2011-01-04 08:40:41 +0000
  • fdc463d08b fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range) Miroslav Stampar 2011-01-03 23:36:35 +0000
  • 0eabca9fd4 update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) Miroslav Stampar 2011-01-03 22:31:29 +0000
  • 08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) Miroslav Stampar 2011-01-03 22:02:58 +0000
  • 572f403069 update of one thing that was missing Miroslav Stampar 2011-01-03 21:28:22 +0000
  • 7f97f3ea52 adding user agent strings for opera >= 9.10 and safari >= 4.0 Miroslav Stampar 2011-01-03 15:26:42 +0000
  • 6936ebb9e6 adding new user agent strings for firefox >= 3.0 and MSIE >= 7.0 Miroslav Stampar 2011-01-03 15:17:18 +0000
  • ce48ea75d0 noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links Miroslav Stampar 2011-01-03 14:39:23 +0000
  • 6aa616bd0d minor minor fix Miroslav Stampar 2011-01-03 14:28:20 +0000
  • 92e4cdb241 raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic Miroslav Stampar 2011-01-03 14:21:41 +0000
  • 07129371bf bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests) Miroslav Stampar 2011-01-03 13:04:20 +0000
  • 3629c2737b automatically turn on --text-only in case of heavily-dynamicity instead of critical exit Miroslav Stampar 2011-01-03 11:06:49 +0000
  • adc41181e6 some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one Miroslav Stampar 2011-01-03 10:37:20 +0000
  • 5860b8942f minor update Miroslav Stampar 2011-01-03 09:16:42 +0000
  • d19a8d53e4 minor update Miroslav Stampar 2011-01-03 08:46:20 +0000
  • 8625494ff2 added one new quick check for multiple target(s) mode Miroslav Stampar 2011-01-03 08:32:06 +0000
  • 8e1927fe31 minor fix Miroslav Stampar 2011-01-02 18:12:18 +0000
  • 2efe7928c0 more concise than previously Miroslav Stampar 2011-01-02 17:06:13 +0000
  • 5f9b6b2254 code refactoring Miroslav Stampar 2011-01-02 16:51:21 +0000
  • 252ef7626f removing too old user-agents (some sites just reject those because of possible rendering issues) Miroslav Stampar 2011-01-02 15:57:52 +0000
  • a56934e68b one more MSSQL/ASPX error banner regex Miroslav Stampar 2011-01-02 15:36:57 +0000
  • e6f0c4d857 minor update Miroslav Stampar 2011-01-02 15:32:35 +0000
  • c1d0dde769 added support for .NET banners (http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx) Miroslav Stampar 2011-01-02 14:46:31 +0000
  • f762f32de8 bug fix for proper --parse-errors on .aspx pages Miroslav Stampar 2011-01-02 13:00:04 +0000
  • b763feafd9 bug fix (TypeError: object of type 'NoneType' has no len()) Miroslav Stampar 2011-01-02 12:26:31 +0000
  • f0dad2a1e4 minor bug fix (in multiple item search only last item was shown) Miroslav Stampar 2011-01-02 12:23:36 +0000
  • 7b9d978cf9 minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax") Miroslav Stampar 2011-01-02 11:01:20 +0000
  • dce9a762f1 important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode Miroslav Stampar 2011-01-02 10:37:32 +0000
  • 96341f8f78 minor fix Miroslav Stampar 2011-01-02 09:16:17 +0000
  • 73e8a10527 minor fix Miroslav Stampar 2011-01-02 09:12:20 +0000
  • 93cb75ff65 added Nginx Miroslav Stampar 2011-01-02 08:50:27 +0000
  • 5c6c870db4 removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode Miroslav Stampar 2011-01-02 08:43:38 +0000
  • 6651ba05eb another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) Miroslav Stampar 2011-01-02 08:08:38 +0000
  • e28b9f26fc minor fix Miroslav Stampar 2011-01-02 08:01:01 +0000
  • da138c46c1 added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly) Miroslav Stampar 2011-01-02 07:37:47 +0000
  • ec4440108b minor cosmetics Miroslav Stampar 2011-01-02 07:09:04 +0000
  • 428e817a32 some refactoring Miroslav Stampar 2011-01-01 23:57:27 +0000