sqlmap

PenTest/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-12 17:49:02 +00:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#5940

#5944

#5945

#5945

#5952

#5953

#5957

#5959

#5963

#5963

#5965

#5967

#5970

#5973

#5973

#5980

#5984

#5985

#5995

#5999

#6000

#6001

#6004

#6004

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.10

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.10

1.9.11

1.9.12

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

654aecedfe Minor layout adjustments, minor fixes and updated changelog Bernardo Damele 2008-11-17 00:00:54 +00:00
fa0507ab39 Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Bernardo Damele 2008-11-15 23:41:31 +00:00
84cbc60659 Major bug fix to correctly handle httplib.BadStatusLine exception. Minor improvement to set by default in all HTTP requests the standard HTTP headers (Accept, Accept-Encoding, etc.) Updated user's manual. Bernardo Damele 2008-11-15 12:25:19 +00:00
4bf1fcb8ec Minor layout adjustment Bernardo Damele 2008-11-15 01:10:29 +00:00
0bd5b52d95 Minor fixes Bernardo Damele 2008-11-13 00:03:04 +00:00
ecc4a98071 Properly moved and improved inject.goStacked() function and newly implemented Time based blind SQL injection now is a single test file within the lib/techniques/ folder. Renamed lib/techniques/inference to lib/techniques/blind, it is more approriate and adapted the rest of the libraries. Updated ChangeLog file. Bernardo Damele 2008-11-12 23:44:09 +00:00
9329f8c9c4 Minor enhancement to be able to enumerate table columns and dump table entries also if the database name is not provided by using the current database on MySQL and MSSQL, the 'public' scheme on PostgreSQL and the 'USERS' TABLESPACE_NAME on Oracle. Minor bug fix so that when the user provide as SELECT statement to be processed an asterisk, now it also work if in the FROM there is no database name specified. Minor layout adjustments. Bernardo Damele 2008-11-12 22:53:25 +00:00
81ed7c2086 Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments. Bernardo Damele 2008-11-12 00:36:50 +00:00
13f76cfe3b Adjusted unhandled exception error message Bernardo Damele 2008-11-11 14:08:40 +00:00
e1385eb2bf Removed useless W3C reference for CSS/HTML validation Bernardo Damele 2008-11-09 19:00:54 +00:00
0c5d3df546 sqlmap 0.6.3-rc1: * Minor enhancement to be able to specify the number of seconds to wait between each HTTP request. * Minor bug fix to handle session.error and session.timeout in HTTP requests. * Updated documentation. Bernardo Damele 2008-11-09 16:57:47 +00:00
544ced52b5 Name adjustment Bernardo Damele 2008-11-04 19:56:07 +00:00
2a01de3f0b Minor bug fix to correctly dump table entries when the column is provided Bernardo Damele 2008-11-04 19:54:44 +00:00
be599d5a33 Updated documentation and minor fix in update functionality Bernardo Damele 2008-11-04 16:33:13 +00:00
359b28bbaf Updated documentation Bernardo Damele 2008-11-04 16:09:12 +00:00
0f79ec0088 Minor bug fix in MySQL comment injection fingerprint technique Bernardo Damele 2008-11-04 16:05:43 +00:00
278f0aad7c Documentation updated Bernardo Damele 2008-11-03 01:23:55 +00:00
95d2a0fcd1 Updated documentation 0.6.2 Bernardo Damele 2008-11-02 22:25:48 +00:00
04474e3232 Updated ChangeLog Bernardo Damele 2008-11-02 22:20:02 +00:00
8d130f12a0 Major bug fix to correctly update sqlmap to the latest stable release with command line --update Bernardo Damele 2008-11-02 22:16:54 +00:00
bfe1863731 Updated Microsoft SQL Server XML versions file Bernardo Damele 2008-11-02 22:11:35 +00:00
de980ae79f Updated site and doc to 0.6.2 Bernardo Damele 2008-11-02 20:23:06 +00:00
56a5e8d390 Updated sqlmap packaging scripts, site and documentation, almost ready for sqlmap 0.6.2 Bernardo Damele 2008-11-02 20:12:50 +00:00
67e1be07a4 Added a JSP backdoor (GET /.../backdoor.jsp?cmd=<os command>) for long term new features for OS commanding Bernardo Damele 2008-11-02 19:32:04 +00:00
3d81f60962 Updated documentation Bernardo Damele 2008-11-02 19:29:50 +00:00
206191d164 Major bug fix so that when the expected value of a query (count variable) is an integer and for some reason the resumed value from session file is a string or a binary file, the query is executed again and and its new output saved to the session file Bernardo Damele 2008-11-02 19:21:19 +00:00
03b90e0a3f Be more user friendly on messages and minor code layout improvement Bernardo Damele 2008-11-02 18:23:42 +00:00
09ca578ca1 Major bug fix so that the users' privileges enumeration now works properly also on both MySQL < 5.0 and MySQL >= 5.0 also if the user has provided one or more users with -U option; Bernardo Damele 2008-11-02 18:17:12 +00:00
91a47246f8 Minor bug fix to correctly handle --start and --stop Bernardo Damele 2008-11-02 14:39:38 +00:00
e2a0f7a47b Fix typo Bernardo Damele 2008-10-30 23:20:14 +00:00
7ad9639ed0 Updated the database management system fingerprint checks to correctly identify MySQL 5.1.x, MySQL 6.0.x and PostgreSQL 8.3 Bernardo Damele 2008-10-29 15:32:12 +00:00
a19229cbd8 Updated documentation Bernardo Damele 2008-10-29 11:42:04 +00:00
5e47518983 Minor layout fix Bernardo Damele 2008-10-28 00:09:03 +00:00
4eef34c532 Updated documentation Bernardo Damele 2008-10-28 00:08:00 +00:00
9895338630 Major bug fix following the last commit Bernardo Damele 2008-10-27 23:56:02 +00:00
eb6e6f4d03 Major bug fix when the request is POST to also send the GET parameters in the request if they've been provided Bernardo Damele 2008-10-27 15:42:32 +00:00
5d5bfaf3db Updated changelog Bernardo Damele 2008-10-26 20:07:22 +00:00
56383cfaad Updated documentation and removed svn:keyword Bernardo Damele 2008-10-26 19:12:17 +00:00
342a5436f4 Minor enhancement to be able to dump entries also on MySQL < 5.0 when DB name, table name and column(s) are provided Bernardo Damele 2008-10-26 17:07:55 +00:00
2fcbb57e1c Minor code restyling Bernardo Damele 2008-10-26 17:00:07 +00:00
4b02ed45fa Due to last commit.. Bernardo Damele 2008-10-26 16:45:36 +00:00
5216fb6e02 Major bug fix so that the users' privileges enumeration now works properly also on MySQL < 5.0 (fix a traceback) Bernardo Damele 2008-10-26 16:45:14 +00:00
fce61ff950 Minor if condition adjustment Bernardo Damele 2008-10-26 16:25:28 +00:00
8f5fb5657d Major improvement to correctly enumerate tables, columns and dump tables entries on PostgreSQL when the database name is not 'public' or a system database and on Oracle. Minor code restyle. Bernardo Damele 2008-10-26 16:19:15 +00:00
e07e48efb2 Major bug fix to correctly dump tables entries Bernardo Damele 2008-10-26 16:10:28 +00:00
fc28372596 Added a comment Bernardo Damele 2008-10-26 16:06:43 +00:00
fee52bce3e Minor improvements to sqlmap msf3 auxiliary modules based on Efrain Torres' commit on msf3 trunk, http://metasploit.com/dev/trac/changeset/5787 Bernardo Damele 2008-10-25 19:43:13 +00:00
fcc16b2346 Updated site, documentation (dev and user) and packaging scripts for 0.6.1 Bernardo Damele 2008-10-20 13:43:18 +00:00
6ddb5afef9 Adapted to latest enhancements Bernardo Damele 2008-10-20 10:13:03 +00:00
38f13932bc Minor improvements to queries Bernardo Damele 2008-10-20 10:09:37 +00:00
fe6e29fbf6 Minor updates to the user's manual, need still to write on new enhancements Bernardo Damele 2008-10-17 15:50:36 +00:00
016118ce7a Some more fixes and adjustments before 0.6.1 release. Bernardo Damele 2008-10-17 15:26:43 +00:00
1f3ffc8ef7 Minor layout adjustment Bernardo Damele 2008-10-17 13:23:24 +00:00
66136b48c0 Minor fixes.. should work also for Cookie now the % parsing Bernardo Damele 2008-10-17 11:51:12 +00:00
e2fedd3b46 Minor layout adjustment Bernardo Damele 2008-10-16 16:39:24 +00:00
f90a7cce28 Minor fix to urldecode %3d and any other urlencoded values in target url, posted data and cookie Bernardo Damele 2008-10-16 16:31:20 +00:00
41f8acf0fd Updated documentation Bernardo Damele 2008-10-16 15:41:26 +00:00
e5aa557bd4 Minor fix Bernardo Damele 2008-10-16 15:39:25 +00:00
a5b2366033 Implemented a better way to deal with % characters in parameters' value. Minor code restyle. Bernardo Damele 2008-10-16 15:31:02 +00:00
d664f0387e Fixed a bug reported by Bedirhan Urgun <bedirhanurgun@gmail.com> Bernardo Damele 2008-10-16 14:01:14 +00:00
962d63eff5 Improved the message to display in case of unhandled exception Bernardo Damele 2008-10-16 14:00:39 +00:00
892a7b2f8a propsets.. Bernardo Damele 2008-10-15 15:56:32 +00:00
8e3eb45510 After the storm, a restore.. Bernardo Damele 2008-10-15 15:38:22 +00:00

... 104 105 106 107 108 ...