sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 02:53:46 +03:00
Code Issues Packages Projects Releases Wiki Activity
Automatic SQL injection and database takeover tool
2,693 Commits 4 Branches 117 Tags 97 MiB
Python 98.2%
C 0.7%
Shell 0.6%
HTML 0.3%
Perl 0.1%
e35f25b2cb
Go to file
Bernardo Damele e35f25b2cb Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: 
* It is stealthier as the shellcode itself does not touch the filesystem, it's an argument passed to shellcodeexec at runtime.
* shellcodeexec is not (yet) recognized as malicious by any (Avast excluded) AV product.
* shellcodeexec binary size is significantly smaller than a Metasploit payload stager (even when packed with UPX).
* UPX now is not needed anymore, so sqlmap package is also way smaller and less likely to be detected itself as malicious by your AV software.
shellcodeexec source code, compilation files and binaries are in extra/shellcodeexec/ folder now - copied over from https://github.com/inquisb/shellcodeexec.
Minor code refactoring.
2011-04-24 23:01:21 +00:00
doc updated doc and minor layout adjustments 2011-04-21 21:53:35 +00:00
extra Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: 2011-04-24 23:01:21 +00:00
lib Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: 2011-04-24 23:01:21 +00:00
plugins Major recode of --os-pwn functionality. Now the Metasploit shellcode can not be run as a Metasploit generated payload stager anymore. Instead it can be run on the target system either via sys_bineval() (as it was before, anti-forensics mode, all the same) or via shellcodeexec executable. Advantages are that: 2011-04-24 23:01:21 +00:00
procs minor cosmetics 2011-04-19 09:55:35 +00:00
shell removed a trailer blank like (cosmetics) 2010-11-24 14:25:16 +00:00
tamper update of copyright string (until year) 2011-04-15 12:33:18 +00:00
txt update of copyright string (until year) 2011-04-15 12:33:18 +00:00
udf MySQL Windows 32-bit DLL recompiled (Visual C++ 2005) and stripped (UPX) - this is the smallest we can get 2011-04-11 22:04:41 +00:00
xml paranoy 2011-04-21 23:41:25 +00:00
sqlmap.conf Refactoring to --technique 2011-04-07 10:00:47 +00:00
sqlmap.py update of copyright string (until year) 2011-04-15 12:33:18 +00:00