sqlmap

sqlmapproject/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-09-21 03:22:27 +03:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#5940

#5944

#5945

#5945

#5952

#5953

#5957

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

edcf1a0872 few bug fixes Miroslav Stampar 2010-12-24 18:40:48 +0000
96a06351a1 minor fix (in testing phase raise404 should be set to False) Miroslav Stampar 2010-12-24 12:36:00 +0000
2c23a59ba5 fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside) Miroslav Stampar 2010-12-24 12:13:48 +0000
aab14fa2d3 minor refactoring/cosmetics Miroslav Stampar 2010-12-24 11:06:57 +0000
23dc408901 prioritization of tests based on DBMS error messages and some comments in common.py Miroslav Stampar 2010-12-24 10:55:41 +0000
a09716a701 minor update Miroslav Stampar 2010-12-24 10:07:56 +0000
d9f08e4aa3 randomization of user agents Miroslav Stampar 2010-12-24 10:04:27 +0000
d5eebb1cbf fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6 Miroslav Stampar 2010-12-24 09:49:19 +0000
cb17e61f35 bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959) Miroslav Stampar 2010-12-24 02:54:26 +0000
3043ed095a bug fix (those two regexes where too generic making false MS ACCESS positives here and there) Miroslav Stampar 2010-12-24 00:11:10 +0000
8470de7b76 bug fix for boolean proxy when using time based payloads Miroslav Stampar 2010-12-23 23:46:08 +0000
7f7fb93155 cosmetics Miroslav Stampar 2010-12-23 18:44:18 +0000
017ea9e686 update Miroslav Stampar 2010-12-23 14:06:22 +0000
73f33c1999 bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped) Miroslav Stampar 2010-12-23 11:28:13 +0000
5a0aef0f33 fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server Miroslav Stampar 2010-12-23 09:53:13 +0000
8fc60215ed lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called. Miroslav Stampar 2010-12-22 19:12:46 +0000
7c06dbffc3 bug fix (AttributeError: 'unicode' object has no attribute 'sort') Miroslav Stampar 2010-12-22 18:55:50 +0000
c1f2534e9a More bug fixes to properly distinguish between full inband and single-entry inband sql injections Bernardo Damele 2010-12-22 15:47:52 +0000
b3da473840 Minor bug fix when --dbs has only one DB name Bernardo Damele 2010-12-22 14:29:57 +0000
c9ab8ae60e Bug fix to properly identify if current user is DBA (--is-dba) on MySQL Bernardo Damele 2010-12-22 14:06:01 +0000
250608660d Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not) Bernardo Damele 2010-12-22 13:41:36 +0000
5228f336da Minor fix for ctrl+c during detection phase Bernardo Damele 2010-12-22 13:15:44 +0000
08c88495d0 removed that ugly hack Miroslav Stampar 2010-12-22 13:09:04 +0000
8212b7b745 bug fix Miroslav Stampar 2010-12-22 12:16:04 +0000
c89021f0bb some fixes Miroslav Stampar 2010-12-22 11:46:18 +0000
5be9c04e44 update regarding Sybase syntax Miroslav Stampar 2010-12-22 10:39:56 +0000
5d25da5135 better way to handle this one Miroslav Stampar 2010-12-22 00:51:20 +0000
306501363c fuck, sorry, 0 was OK (STRCMP() returns 0 if the strings are the same) Miroslav Stampar 2010-12-22 00:41:38 +0000
d6e6afd6f2 minor fix ("To clarify a bit: STRCMP() is case-insensitive as of MySQL 4.0." - http://bugs.mysql.com/bug.php?id=2102) Miroslav Stampar 2010-12-22 00:38:54 +0000
6f2ce15478 minor refactoring Miroslav Stampar 2010-12-22 00:27:21 +0000
cb61401c18 bug fix (http://dev.mysql.com/doc/refman/5.0/es/news-5-0-11.html - "Added support of where clause for queries with FROM DUAL") Miroslav Stampar 2010-12-22 00:20:56 +0000
d974a966b8 minor fix for end phase (Ctrl+C) Miroslav Stampar 2010-12-21 23:55:55 +0000
fb75d0636b minor update Miroslav Stampar 2010-12-21 23:42:59 +0000
39a13077c4 minor bug fix Miroslav Stampar 2010-12-21 23:09:41 +0000
09479c85dc minor bug fix Miroslav Stampar 2010-12-21 22:35:44 +0000
f905adb7c1 way better as there is no official release version for FOUND_ROWS() (it appears somewhere in alphas/betas of 4.0.x - i've stumbled upon one site with 4.0.22 and it didn't recognized FOUND_ROWS). Miroslav Stampar 2010-12-21 22:18:27 +0000
7a525f28d4 cosmetics Miroslav Stampar 2010-12-21 15:26:23 +0000
b2e7f9484d minor tuning (2 techniques MAX per value used) Miroslav Stampar 2010-12-21 15:24:14 +0000
6c1133c4d4 some code refactoring Miroslav Stampar 2010-12-21 15:13:13 +0000
466d61ee85 minor fix Miroslav Stampar 2010-12-21 14:29:47 +0000
385e208f38 code refactoring regarding standard output suppression and some threading issues Miroslav Stampar 2010-12-21 14:21:24 +0000
0e68248f60 minor update of heuristic check Miroslav Stampar 2010-12-21 12:56:18 +0000
16f1f4e13e when doing dynamic checks there are cases when 404 can be raised (perfectly normal) Miroslav Stampar 2010-12-21 11:04:49 +0000
aca074b769 Removed unused outdated code Bernardo Damele 2010-12-21 10:49:52 +0000
ad6b528b33 Bit more verbose comment Bernardo Damele 2010-12-21 10:47:39 +0000
6b37ddada4 removed some blank trailing spaces (with extra/shutils/blanks.sh) Miroslav Stampar 2010-12-21 10:31:56 +0000
1a3f57e5fe Cosmetics Bernardo Damele 2010-12-21 09:23:00 +0000
d554460aec minor fix Miroslav Stampar 2010-12-21 01:09:39 +0000
116c141dfa another fix Miroslav Stampar 2010-12-21 00:47:07 +0000
416755c0b7 minor adjustments Miroslav Stampar 2010-12-21 00:25:03 +0000
a876fcedfb minor update Miroslav Stampar 2010-12-21 00:13:50 +0000
8067365b93 fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident') Miroslav Stampar 2010-12-20 23:47:53 +0000
e10670d9ac added end detection phase choice into Ctrl+C list Miroslav Stampar 2010-12-20 23:34:00 +0000
03b275ce33 update Miroslav Stampar 2010-12-20 23:27:04 +0000
29001a4fce minor update Miroslav Stampar 2010-12-20 23:21:01 +0000
518b3e094c bug fix (http://dev.mysql.com/doc/refman/5.0/en/information-functions.html#function_found-rows) Miroslav Stampar 2010-12-20 23:00:03 +0000
b34fe5c334 no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout) Miroslav Stampar 2010-12-20 22:49:48 +0000
8fd3e7ba1f thread based data added Miroslav Stampar 2010-12-20 22:45:01 +0000
c9e8aae8a2 we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads) Miroslav Stampar 2010-12-20 19:34:41 +0000
e09bc2406c minor refactoring Miroslav Stampar 2010-12-20 19:24:20 +0000
5852bad963 some refactoring Miroslav Stampar 2010-12-20 18:56:06 +0000
36999a07c4 some filtering Miroslav Stampar 2010-12-20 17:41:41 +0000
19d8733e9a this is strictly for educational purposes Miroslav Stampar 2010-12-20 17:30:47 +0000
c948bced61 should solve the problem with timeout problems in time-based payloads Miroslav Stampar 2010-12-20 16:45:41 +0000
364bc8e7d4 minor update Miroslav Stampar 2010-12-20 11:25:18 +0000
28da1141cf some fixes (for MySQL < 4.0) Miroslav Stampar 2010-12-20 11:23:57 +0000
76024c455f minor fix (using older commands for basic MySQL check) Miroslav Stampar 2010-12-20 11:15:43 +0000
eaf8929085 more minor updates Miroslav Stampar 2010-12-20 10:48:53 +0000
fd00ff7a82 minor bug fix Miroslav Stampar 2010-12-20 10:37:03 +0000
e791f8f2b7 Minor fix Bernardo Damele 2010-12-20 10:33:24 +0000
e9f1ecb9e7 minor update Miroslav Stampar 2010-12-20 10:32:58 +0000
10a7a2dfb2 kids, don't use this at home Miroslav Stampar 2010-12-20 10:13:14 +0000
13d5b2c0ff code refactoring Miroslav Stampar 2010-12-20 09:44:21 +0000
4cb83654dc minor update Miroslav Stampar 2010-12-18 16:28:21 +0000
36862e2efa update Miroslav Stampar 2010-12-18 15:57:47 +0000
21d083272e minor minor fix Miroslav Stampar 2010-12-18 14:31:41 +0000
4f73feec2f now dictionary attack on multiple hash formats is supported (like mysql_passwd and mysql_old_passwd in one database) Miroslav Stampar 2010-12-18 14:11:49 +0000
71cf0bd2a5 minor update Miroslav Stampar 2010-12-18 13:08:37 +0000
05c6d661e8 cosmetics Miroslav Stampar 2010-12-18 10:49:49 +0000
03220d34ba added Ctrl+C check in detection phase Miroslav Stampar 2010-12-18 10:42:09 +0000
e355f92f22 bug fix Miroslav Stampar 2010-12-18 10:02:01 +0000
fe67d3827c code refactoring and some fixes Miroslav Stampar 2010-12-18 09:51:34 +0000
a067e805fa minor update Miroslav Stampar 2010-12-17 22:23:01 +0000
108a96c6b4 some fixes Miroslav Stampar 2010-12-17 21:45:20 +0000
a19cb2c13a code refactoring (added UNKNOWN_DBMS_VERSION instead of "Unknown") Miroslav Stampar 2010-12-17 21:29:09 +0000
b4450c6ddd added one more level of MSSQL version check (if first fails for some reason) Miroslav Stampar 2010-12-17 21:01:14 +0000
07609bfb53 minor fix Miroslav Stampar 2010-12-17 19:33:20 +0000
bfdc4fa000 new error vector for MS SQL (from David Guimaraes' mail) Miroslav Stampar 2010-12-17 19:00:20 +0000
323af45ce4 added one more time request payload to confirm test results Miroslav Stampar 2010-12-17 07:53:58 +0000
e3fa3b0e8e fix for a minor bug reported by nightman (AttributeError: 'NoneType' object has no attribute 'getFingerprint') Miroslav Stampar 2010-12-17 07:48:32 +0000
95b2c0803b minor fix Miroslav Stampar 2010-12-15 20:51:29 +0000
de54219571 code refactoring Miroslav Stampar 2010-12-15 12:50:56 +0000
cda00c7501 code refactoring Miroslav Stampar 2010-12-15 12:43:56 +0000
3f34b06a24 minor cosmetics Miroslav Stampar 2010-12-15 12:34:14 +0000
445cc3bf3c minor cosmetics Miroslav Stampar 2010-12-15 12:15:43 +0000
c1c525aaea quick fix of a fix Miroslav Stampar 2010-12-15 12:10:33 +0000
7cfeb5447b minor update Miroslav Stampar 2010-12-15 11:46:28 +0000
4dec24d056 quick fix for a bug reported by Andreas Constantinides (KeyError: 5) Miroslav Stampar 2010-12-15 11:30:29 +0000
f8a01ddaf8 minor update Miroslav Stampar 2010-12-15 11:21:47 +0000
63f5c35c23 bug fix Miroslav Stampar 2010-12-15 10:02:58 +0000