After the storm, a restore..

doc/AUTHORS

@@ -0,0 +1,7 @@
+Bernardo Damele A. G. (inquis) - project leader, core developer
+<bernardo.damele@gmail.com>
+PGP Key ID: 0x05F5A30F
+
+Daniele Bellucci (belch) - project founder, initial developer
+<daniele.bellucci@gmail.com>
+PGP Key ID: 0x9A0E8190

doc/COPYING

@@ -0,0 +1,340 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.

doc/ChangeLog

@@ -0,0 +1,229 @@
+sqlmap (0.6.1-1) stable; urgency=low
+
+  * Major bug fix to blind SQL injection bisection algorithm to handle an
+    exception;
+  * Written a Metasploit 3 auxiliary module to run sqlmap;
+  * Implemented possibility to test for and inject also on LIKE
+    statements;
+  * Implemented --start and --stop options to set the first and the last
+    table entry to dump;
+  * Added non-interactive/batch-mode (--batch) option to make it easy to
+    wrap sqlmap in Metasploit and any other tool;
+  * Minor enhancement to save also the length of query output in the
+    session file when retrieving the query output length for ETA or for
+    resume purposes. TODO: fix for ETA
+
+ -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Fri,  10 Oct 2008 10:00:00 +0100
+
+
+sqlmap (0.6-1) stable; urgency=low
+
+  * Complete code refactor and many bugs fixed;
+  * Added multithreading support to set the maximum number of concurrent
+    HTTP requests;
+  * Implemented SQL shell (--sql-shell) functionality and fixed SQL query
+    (--sql-query, before called -e) to be able to run whatever SELECT
+    statement and get its output in both inband and blind SQL injection
+    attack;
+  * Added an option (--privileges) to retrieve DBMS users privileges, it
+    also notifies if the user is a DBMS administrator;
+  * Added support (-c) to read options from configuration file, an example
+    of valid INI file is sqlmap.conf and support (--save) to save command
+    line options on a configuration file;
+  * Created a function that updates the whole sqlmap to the latest stable
+    version available by running sqlmap with --update option;
+  * Created sqlmap .deb (Debian, Ubuntu, etc.) and .rpm (Fedora, etc.)
+    installation binary packages;
+  * Created sqlmap .exe (Windows) portable executable;
+  * Save a lot of more information to the session file, useful when
+    resuming injection on the same target to not loose time on identifying
+    injection, UNION fields and back-end DBMS twice or more times;
+  * Improved automatic check for parenthesis when testing and forging SQL
+    query vector;
+  * Now it checks for SQL injection on all GET/POST/Cookie parameters then
+    it lets the user select which parameter to perform the injection on in
+    case that more than one is injectable;
+  * Implemented support for HTTPS requests over HTTP(S) proxy;
+  * Added a check to handle NULL or not available queries output;
+  * More entropy (randomStr() and randomInt() functions in
+    lib/core/common.py) in inband SQL injection concatenated query and in
+    AND condition checks;
+  * Improved XML files structure;
+  * Implemented the possibility to change the HTTP Referer header;
+  * Added support to resume from session file also when running with
+    inband SQL injection attack;
+  * Added an option (--os-shell) to execute operating system commands if
+    the back-end DBMS is MySQL, the web server has the PHP engine active
+    and permits write access on a directory within the document root;
+  * Added a check to assure that the provided string to match (--string)
+    is within the page content;
+  * Fixed various queries in XML file;
+  * Added LIMIT, ORDER BY and COUNT queries to the XML file and adapted
+    the library to parse it;
+  * Fixed password fetching function, mainly for Microsoft SQL Server and
+    reviewed the password hashes parsing function;
+  * Major bug fixed to avoid tracebacks when the testable parameter(s) is
+    dynamic, but not injectable;
+  * Enhanced logging system: added three more levels of verbosity to show
+    also HTTP sent and received traffic;
+  * Enhancement to handle Set-Cookie from target url and automatically
+    re-establish the Session when it expires;
+  * Added support to inject also on Set-Cookie parameters;
+  * Implemented TAB completion and command history on both --sql-shell and
+    --os-shell;
+  * Renamed some command line options;
+  * Added a conversion library;
+  * Added code schema and reminders for future developments;
+  * Added Copyright comment and $Id$ svn property to all Python files;
+  * Updated the command line layout and help messages;
+  * Updated some docstrings;
+  * Updated documentation files.
+
+ -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Mon,  1 Sep 2008 10:00:00 +0100
+
+
+sqlmap (0.5-1) stable; urgency=low
+
+  * Added support for Oracle database management system
+  * Extended inband SQL injection functionality (--union-use) to all
+    other possible queries since it only worked with -e and --file on
+    all DMBS plugins;
+  * Added support to extract database users password hash on Microsoft
+    SQL Server;
+  * Added a fuzzer function with the aim to parse HTML page looking
+    for standard database error messages consequently improving
+    database fingerprinting;
+  * Added support for SQL injection on HTTP Cookie and User-Agent headers;
+  * Reviewed HTTP request library (lib/request.py) to support the
+    extended inband SQL injection functionality. Splitted getValue()
+    into getInband() and getBlind();
+  * Major enhancements in common library and added checkForBrackets()
+    method to check if the bracket(s) are needed to perform a UNION query
+    SQL injection attack;
+  * Implemented --dump-all functionality to dump entire DBMS data from
+    all databases tables;
+  * Added support to exclude DBMS system databases' when enumeration
+    tables and dumping their entries (--exclude-sysdbs);
+  * Implemented in Dump.dbTableValues() method the CSV file dumped data
+    automatic saving in csv/ folder by default;
+  * Added DB2, Informix and Sybase DBMS error messages and minor
+    improvements in xml/errors.xml;
+  * Major improvement in all three DBMS plugins so now sqlmap does not
+    get entire databases' tables structure when all of database/table/
+    column are specified to be dumped;
+  * Important fixes in lib/option.py to make sqlmap properly work also
+    with python 2.5 and handle the CSV dump files creation work also
+    under Windows operating system, function __setCSVDir() and fixed
+    also in lib/dump.py;
+  * Minor enhancement in lib/injection.py to randomize the number
+    requested to test the presence of a SQL injection affected parameter
+    and implemented the possibilities to break (q) the for cycle when
+    using the google dork option (-g);
+  * Minor fix in lib/request.py to properly encode the url to request
+    in case the "fixed" part of the url has blank spaces;
+  * More minor layout enhancements in some libraries;
+  * Renamed DMBS plugins;
+  * Complete code refactoring, a lot of minor and some major fixes in
+    libraries, many minor improvements;
+  * Updated all documentation files.
+
+ -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Sun,  4 Nov 2007 20:00:00 +0100
+
+
+sqlmap (0.4-1) stable; urgency=low
+
+  * Added DBMS fingerprint based also upon HTML error messages parsing
+    defined in lib/parser.py which reads an XML file defining default
+    error messages for each supported DBMS;
+  * Added Microsoft SQL Server extensive DBMS fingerprint checks based
+    upon accurate '@@version' parsing matching on an XML file to get also
+    the exact patching level of the DBMS;
+  * Added support for query ETA (Estimated Time of Arrival) real time
+    calculation (--eta);
+  * Added support to extract database management system users password
+    hash on MySQL and PostgreSQL (--passwords);
+  * Added docstrings to all functions, classes and methods, consequently
+    released the sqlmap development documentation
+    <http://sqlmap.sourceforge.net/dev/>;
+  * Implemented Google dorking feature (-g) to take advantage of Google
+    results affected by SQL injection to perform other command line
+    argument on their DBMS;
+  * Improved logging functionality: passed from banal 'print' to Python
+    native logging library;
+  * Added support for more than one parameter in '-p' command line
+    option;
+  * Added support for HTTP Basic and Digest authentication methods
+    (--basic-auth and --digest-auth);
+  * Added the command line option '--remote-dbms' to manually specify
+    the remote DBMS;
+  * Major improvements in union.UnionCheck() and union.UnionUse()
+    functions to make it possible to exploit inband SQL injection also
+    with database comment characters ('--' and '#') in UNION SELECT
+    statements;
+  * Added the possibility to save the output into a file while performing
+    the queries (-o OUTPUTFILE) so it is possible to stop and resume the
+    same query output retrieving in a second time (--resume);
+  * Added support to specify the database table column to enumerate
+    (-C COL);
+  * Added inband SQL injection (UNION SELECT) support (--union-use);
+  * Complete code refactoring, a lot of minor and some major fixes in
+    libraries, many minor improvements;
+  * Reviewed the directory tree structure;
+  * Splitted lib/common.py: inband injection functionalities now are
+    moved to lib/union.py;
+  * Updated documentation files.
+
+ -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Fri, 15 Jun 2007 20:00:00 +0100
+
+
+sqlmap (0.3-1) stable; urgency=low
+
+  * Added module for MS SQL Server;
+  * Strongly improved MySQL dbms active fingerprint and added MySQL
+    comment injection check;
+  * Added PostgreSQL dbms active fingerprint;
+  * Added support for string match (--string);
+  * Added support for UNION check (--union-check);
+  * Removed duplicated code, delegated most of features to the engine
+    in common.py and option.py;
+  * Added support for --data command line argument to pass the string
+    for POST requests;
+  * Added encodeParams() method to encode url parameters before making
+    http request;
+  * Many bug fixes;
+  * Rewritten documentation files;
+  * Complete code restyling.
+
+ -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Sat, 20 Jan 2007 20:00:00 +0100
+
+
+sqlmap (0.2-1) stable; urgency=low
+
+  * complete refactor of entire program;
+  * added TODO and THANKS files;
+  * added some papers references in README file;
+  * moved headers to user-agents.txt, now -f parameter specifies a file
+    (user-agents.txt) and randomize the selection of User-Agent header;
+  * strongly improved program plugins (mysqlmap.py and postgres.py),
+    major enhancements:
+    * improved active mysql fingerprint check_dbms();
+    * improved enumeration functions for both databases;
+    * minor changes in the unescape() functions;
+  * replaced old inference algorithm with a new bisection algorithm.
+  * reviewed command line parameters, now with -p it's possible to
+    specify the parameter you know it's vulnerable to sql injection,
+    this way the script won't perform the sql injection checks itself;
+    removed the TOKEN parameter;
+  * improved Common class, adding support for http proxy and http post
+    method in hash_page;
+  * added OptionCheck class in option.py which performs all needed checks
+    on command line parameters and values;
+  * added InjectionCheck class in injection.py which performs check on
+    url stability, dynamics of parameters and injection on dynamic url
+    parameters;
+  * improved output methods in dump.py;
+  * layout enhancement on main program file (sqlmap.py), adapted to call
+    new option/injection classes and improvements on catching of
+    exceptions.
+
+ -- Bernardo Damele A. G. <bernardo.damele@gmail.com>  Wed,  13 Dec 2006 20:00:00 +0100

doc/THANKS

@@ -0,0 +1,117 @@
+== Individuals ==
+
+Chip Andrews <chip@sqlsecurity.com>
+    for his excellent work maintaining the SQL Server versions database
+    at SQLSecurity.com and permission to implement the update feature
+    taking data from his site
+
+Karl Chen <quarl@cs.berkeley.edu>
+    for providing with the multithreading patch for the inference
+    algorithm
+
+Stefano Di Paola <stefano.dipaola@wisec.it>
+    for suggesting good features
+
+Adam Faheem <faheem.adam@is.co.za>
+    for reporting a few bugs
+
+Rong-En Fan <rafan@freebsd.org>
+    for commiting the sqlmap 0.5 port to the official FreeBSD project
+    repository
+
+Giorgio Fedon <giorgio.fedon@gmail.com>
+    for suggesting a speed improvement for bisection algorithm
+    for reporting a bug when running against Microsoft SQL Server 2005
+
+Ivan Giacomelli <truemilk@insiberia.net>
+    for reporting a bug
+    for suggesting a minor enhancement
+
+Davide Guerri <d.guerri@caspur.it>
+    for suggesting an enhancement
+
+Kristian Erik Hermansen <kristian.hermansen@gmail.com>
+    for reporting a bug
+    for donating to sqlmap development
+
+Jorge Hoya <aquinadie@gmail.com>
+    for suggesting a minor enhancement
+
+Will Holcomb <wholcomb@gmail.com>
+    for his MultipartPostHandler class to handle multipart POST forms and
+    permission to include it within sqlmap source code
+
+Michael Majchrowicz <mmajchrowicz@gmail.com>
+    for extensively beta-testing sqlmap on various MySQL DBMS
+    for providing really appreciated feedback
+    for suggesting a lot of ideas and features
+
+Enrico Milanese <enricomilanese@gmail.com>
+    for reporting a bugs when using (-a) a single line User-Agent file
+    for providing me with some ideas for the PHP backdoor
+
+Roberto Nemirovsky <roberto.paes@gmail.com>
+    for pointing me out some enhancements
+
+Antonio Parata <s4tan@ictsc.it>
+    for providing me with some ideas for the PHP backdoor
+
+Chris Patten <cpatten@sunera.com>
+    for reporting a bug in the blind SQL injection bisection algorithm
+
+Adam Pridgen <adam.pridgen@gmail.com>
+    for suggesting some features
+
+Alberto Revelli <r00t@northernfortress.net>
+    for inspiring me to write sqlmap user's manual in SGML
+    for his great Microsoft SQL Server take over tool, sqlninja,
+    http://sqlninja.sourceforge.net
+
+Andres Riancho <andres.riancho@gmail.com>
+    for beta-testing sqlmap
+    for reporting a bug and suggesting some features
+    for including sqlmap in his great web application audit and attack
+    framework, w3af, http://w3af.sourceforge.net
+
+Antonio Riva <antonio.riva@gmail.com>
+    for reporting a bug when running with python 2.5
+
+Richard Safran <allapplyhere@yahoo.com>
+    for donating the sqlmap.org domain control
+
+Tomoyuki Sakurai <cherry@trombik.org>
+    for submitting to the FreeBSD project the sqlmap 0.5 port
+
+M Simkin <mlsimkin@cox.net>
+    for suggesting a feature
+
+Alessandro Tanasi <alessandro@tanasi.it>
+    for extensively beta-testing sqlmap
+    for suggesting many features and reporting some minor bugs
+
+Efrain Torres <et@metasploit.com>
+    for helping me out to improve the Metasploit Framework 3 sqlmap
+    auxiliary module and the integration with Metasploit WMAP framework
+    for his great Metasploit WMAP framework
+
+Sandro Tosi <matrixhasu@gmail.com>
+    for helping to create sqlmap Debian package correctly
+
+Bedirhan Urgun <bedirhanurgun@gmail.com>
+    for extensively beta-testing sqlmap
+    for suggesting some features and improvements
+    for benchmarking sqlmap in the context of his SQL injection
+    benchmark project, OWASP SQLiBench, http://code.google.com/p/sqlibench
+
+fufuh <fufuh@users.sourceforge.net>
+    for reporting a bug when running on Windows
+
+Sylphid <sylphid.su@sti.com.tw>
+    for suggesting some features
+
+
+== Organizations ==
+
+OWASP Board <http://www.owasp.org>
+    for sponsoring part of the sqlmap development in the context of OWASP
+    Spring of Code 2007