mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-12-08 21:51:29 +00:00
Merged back from personal branch to trunk (svn merge -r846:940 ...)
Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.
This commit is contained in:
Bernardo Damele
@@ -29,7 +29,7 @@ optDict = {
|
||||
"Target": {
|
||||
"url": "string",
|
||||
"list": "string",
|
||||
"googleDork": "string",
|
||||
"googleDork": "string"
|
||||
},
|
||||
|
||||
"Request": {
|
||||
@@ -45,7 +45,7 @@ optDict = {
|
||||
"proxy": "string",
|
||||
"threads": "integer",
|
||||
"delay": "float",
|
||||
"timeout": "float",
|
||||
"timeout": "float"
|
||||
},
|
||||
|
||||
"Injection": {
|
||||
@@ -57,7 +57,7 @@ optDict = {
|
||||
"string": "string",
|
||||
"regexp": "string",
|
||||
"eString": "string",
|
||||
"eRegexp": "string",
|
||||
"eRegexp": "string"
|
||||
},
|
||||
|
||||
"Techniques": {
|
||||
@@ -65,11 +65,11 @@ optDict = {
|
||||
"timeTest": "boolean",
|
||||
"unionTest": "boolean",
|
||||
"uTech": "string",
|
||||
"unionUse": "boolean",
|
||||
"unionUse": "boolean"
|
||||
},
|
||||
|
||||
"Fingerprint": {
|
||||
"extensiveFp": "boolean",
|
||||
"extensiveFp": "boolean"
|
||||
},
|
||||
|
||||
"Enumeration": {
|
||||
@@ -92,14 +92,21 @@ optDict = {
|
||||
"excludeSysDbs": "boolean",
|
||||
"limitStart": "integer",
|
||||
"limitStop": "integer",
|
||||
"firstChar": "integer",
|
||||
"lastChar": "integer",
|
||||
"query": "string",
|
||||
"sqlShell": "boolean",
|
||||
"sqlShell": "boolean"
|
||||
},
|
||||
|
||||
"User-defined function": {
|
||||
"udfInject": "boolean",
|
||||
"shLib": "string"
|
||||
},
|
||||
|
||||
"File system": {
|
||||
"rFile": "string",
|
||||
"wFile": "string",
|
||||
"dFile": "string",
|
||||
"dFile": "string"
|
||||
},
|
||||
|
||||
"Takeover": {
|
||||
@@ -110,7 +117,17 @@ optDict = {
|
||||
"osBof": "boolean",
|
||||
"privEsc": "boolean",
|
||||
"msfPath": "string",
|
||||
"tmpPath": "string",
|
||||
"tmpPath": "string"
|
||||
},
|
||||
|
||||
"Windows": {
|
||||
"regRead": "boolean",
|
||||
"regAdd": "boolean",
|
||||
"regDel": "boolean",
|
||||
"regKey": "string",
|
||||
"regVal": "string",
|
||||
"regData": "string",
|
||||
"regType": "string"
|
||||
},
|
||||
|
||||
"Miscellaneous": {
|
||||
@@ -119,6 +136,6 @@ optDict = {
|
||||
"updateAll": "boolean",
|
||||
"sessionFile": "string",
|
||||
"batch": "boolean",
|
||||
"cleanup": "boolean",
|
||||
"cleanup": "boolean"
|
||||
},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user