sqlmap

PenTest/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-17 03:49:02 +00:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#5940

#5944

#5945

#5945

#5952

#5953

#5957

#5959

#5963

#5963

#5965

#5967

#5970

#5973

#5973

#5980

#5984

#5985

#5995

#5999

#6000

#6001

#6004

#6004

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.10

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.10

1.9.11

1.9.12

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

9a1ac96756 bug fix Miroslav Stampar 2011-09-11 17:22:27 +00:00
1bdde51d0e minor just in case update Miroslav Stampar 2011-09-11 16:41:07 +00:00
02f993583b minor bug fix Miroslav Stampar 2011-09-09 11:36:09 +00:00
2f4e34f5a0 minor improvement for URI injections Miroslav Stampar 2011-09-08 11:13:12 +00:00
d434047482 minor bug fix Miroslav Stampar 2011-09-05 09:28:40 +00:00
382db1b67a degrading Microsoft Access UNION tests for one level down (it really does take toooooo long to scan a site with no vulnerable parameters and normal level) Miroslav Stampar 2011-08-31 20:35:57 +00:00
793f1d7774 new tampering script Miroslav Stampar 2011-08-29 15:42:01 +00:00
08e0eb9b61 minor lower/upper case fix Miroslav Stampar 2011-08-29 13:47:32 +00:00
9be89422da implemented parameter --skip Miroslav Stampar 2011-08-29 13:29:42 +00:00
e0f521cf9d minor update regarding --randomize Miroslav Stampar 2011-08-29 13:08:25 +00:00
ac00014c4a implemented --randomize switch by request Miroslav Stampar 2011-08-29 12:50:52 +00:00
d283e3eb3c adding support for pre-WHERE injections Miroslav Stampar 2011-08-24 09:04:18 +00:00
8fe069b495 minor fix Miroslav Stampar 2011-08-23 21:48:39 +00:00
01014eca17 by request Miroslav Stampar 2011-08-23 21:45:01 +00:00
606debe55c better language Miroslav Stampar 2011-08-23 21:42:34 +00:00
699cb89711 minor corrections to the definition and minor typos Miroslav Stampar 2011-08-23 16:56:13 +00:00
cfc1f2b70b minor update Miroslav Stampar 2011-08-22 22:43:14 +00:00
f4127a80d7 improvement of UNION based injection detection (with non-NULL kb.uChar values searching of the content inside -1 UNION.. pages is used) Miroslav Stampar 2011-08-22 21:43:46 +00:00
dafc4d93bd typo Miroslav Stampar 2011-08-22 15:05:54 +00:00
8a174248dc fix for a bug reported by blueBoy Miroslav Stampar 2011-08-20 20:08:11 +00:00
fb6a84b10b minor update (when columns are missing from information_schema too) Miroslav Stampar 2011-08-18 07:03:53 +00:00
cb32d46f2a minor minor update Miroslav Stampar 2011-08-18 06:09:12 +00:00
54bcc35ba7 important bug fix (connection exception was causing losing of already retrieved data) Miroslav Stampar 2011-08-17 22:31:33 +00:00
9d31322f3d update regarding special case when conf.uChar appears only in testable pages Miroslav Stampar 2011-08-17 21:40:42 +00:00
75ec146224 minor beautification Miroslav Stampar 2011-08-17 21:17:02 +00:00
f46baac70b bug fix (when comment is None this was errornous) Miroslav Stampar 2011-08-17 10:58:29 +00:00
9361e633f4 Minor bug fix - some applications do really set cookies like param="value" with double-quotes Bernardo Damele 2011-08-16 09:21:01 +00:00
e1dbb4443b minor update related to the last commit Miroslav Stampar 2011-08-16 07:01:14 +00:00
7cc5743c5d minor adjustment of a time based char retrievals (no more infinite increasing of timeSec value for problematic characters) Miroslav Stampar 2011-08-16 06:50:20 +00:00
600ef3eace minor patch Miroslav Stampar 2011-08-16 06:22:04 +00:00
262996fc5b bug fix Miroslav Stampar 2011-08-16 06:14:40 +00:00
df4abf1af1 lowering constant value from 10 to 7 for da peace in da houz Miroslav Stampar 2011-08-12 17:19:19 +00:00
702ed73a65 Added --code switch to match in boolean-based tests against the HTTP response code Bernardo Damele 2011-08-12 16:48:11 +00:00
e34787db99 update Bernardo Damele 2011-08-12 16:06:41 +00:00
fff4c34e33 Search for --string and --regexp matches also in HTTP response headers Bernardo Damele 2011-08-12 15:33:37 +00:00
6d22d09a61 doc updated Bernardo Damele 2011-08-12 15:03:39 +00:00
5e5133b8e7 Should be fixed now Bernardo Damele 2011-08-12 15:00:11 +00:00
1505cb2a80 typo Bernardo Damele 2011-08-12 14:51:39 +00:00
702ca22d54 Minor bug fix for URI injections Bernardo Damele 2011-08-12 14:48:44 +00:00
28bba9f5e6 More verbose warning message Bernardo Damele 2011-08-12 13:47:38 +00:00
10bdd90e60 minor speed optimizations (as a result of profiling) Miroslav Stampar 2011-08-12 13:40:37 +00:00
36280b33fa Ask the user wheather or not to adjust the time delay - there have been a case where the forcing of conf.timeSec screwed the result in an extremely lagged and unreliable site Bernardo Damele 2011-08-12 13:06:40 +00:00
997c9ba1e8 Minor adjustments to user's manual Bernardo Damele 2011-08-12 12:56:55 +00:00
41ae9bc7ff minor bug fix Miroslav Stampar 2011-08-09 14:20:25 +00:00
2ad267132a minor update for empty normal responses (like AJAX requests) Miroslav Stampar 2011-08-05 10:55:21 +00:00
e849b71027 minor typo Miroslav Stampar 2011-08-03 14:31:42 +00:00
538b49bcc5 removing word "dramatically". i was too excited at the moment :). it is cool and all but we shouldn't put "highly subjective" attribs in reports Miroslav Stampar 2011-08-03 13:26:38 +00:00
f7562da754 from now on proper union column count should be displayed in injection info output Miroslav Stampar 2011-08-03 10:34:50 +00:00
13eb20cea1 minor beautification Miroslav Stampar 2011-08-03 10:12:06 +00:00
2e20eb1a88 Minor fix Bernardo Damele 2011-08-03 10:08:59 +00:00
a3a649ed03 minor update Miroslav Stampar 2011-08-03 09:11:50 +00:00
9423d15fb3 ORDER BY technique used for finding proper UNION col count (dramatical improvement of speed and capabilities) and one minor bug fix Miroslav Stampar 2011-08-03 09:08:16 +00:00
07afcd5440 fix for a bug reported by Ahmed Shawky (when user uses --suffix intermixing test default comments with the provided suffix is a big no no) Miroslav Stampar 2011-08-02 18:20:21 +00:00
07c3d4fb18 minor adjustment Miroslav Stampar 2011-08-02 17:35:43 +00:00
edab7d01a5 minor fix Miroslav Stampar 2011-08-02 17:31:13 +00:00
c15439ab7f Minor improvement to --passwords output Bernardo Damele 2011-08-02 09:04:34 +00:00
cb0981d858 proper way of handling 0 length results (as in __goInferenceProxy) Miroslav Stampar 2011-08-02 08:39:32 +00:00
0643ced651 minor update Miroslav Stampar 2011-08-02 08:12:43 +00:00
457f501bbd proper fix Miroslav Stampar 2011-08-01 23:48:38 +00:00
ad4584da70 Minor bug fix when dumping tables with UNION query technique on Access, Firebird and MaxDB Bernardo Damele 2011-08-01 23:44:14 +00:00
4ca81dd345 quick fix Miroslav Stampar 2011-08-01 23:25:58 +00:00
cbd0ea0866 Possible fix for a minor bug Bernardo Damele 2011-08-01 23:24:39 +00:00
b9438c3e14 doc/THANKS update Miroslav Stampar 2011-08-01 10:18:00 +00:00
e0fda9f985 minor fix Miroslav Stampar 2011-08-01 10:13:25 +00:00
79b4e26e23 bug fix Miroslav Stampar 2011-08-01 00:17:26 +00:00
018d7ed646 improvement for limited queries (more stable to have TOP/LIMIT/OFFSET mechanisms as part of a subquery) Miroslav Stampar 2011-07-31 23:40:09 +00:00
0627bb02cb minor beautification Miroslav Stampar 2011-07-31 10:21:47 +00:00
93ae1dfa2b minor bug fix Miroslav Stampar 2011-07-31 08:52:48 +00:00
1f06d7d7de update of THANKS file Miroslav Stampar 2011-07-30 21:51:37 +00:00
4d923ec375 change in invalid logic regarding --sql-shell (retrieving output for non-query commands did nothing at all) Miroslav Stampar 2011-07-30 21:46:59 +00:00
a6ade08c28 just in case commit to prevent join string iteration over 'None' values Miroslav Stampar 2011-07-30 13:01:37 +00:00
68ae8ea5b2 minor refactoring Miroslav Stampar 2011-07-29 10:54:25 +00:00
e522263640 fix for a neverending data retrieval in large full inband cases Miroslav Stampar 2011-07-29 10:45:09 +00:00
4ce93221d1 minor update Miroslav Stampar 2011-07-28 09:24:37 +00:00
684ddc43e6 minor patch Miroslav Stampar 2011-07-28 08:53:09 +00:00
3fc603843e minor fix Miroslav Stampar 2011-07-27 23:26:36 +00:00
107089c00b bug fix Miroslav Stampar 2011-07-27 08:25:51 +00:00
f7eaffcec5 i believe that this could be ok Miroslav Stampar 2011-07-26 21:28:48 +00:00
37de709df2 leftover Bernardo Damele 2011-07-26 11:20:07 +00:00
a2483b3bc4 Aligned OS takeover functionalities to recent Metasploit improvements Bernardo Damele 2011-07-26 10:29:14 +00:00
ea00c94648 Minor bug fix Bernardo Damele 2011-07-26 10:10:05 +00:00
938716e361 Proper fix for --start and --stop consistency amongst different techniques Bernardo Damele 2011-07-26 10:06:28 +00:00
e71f96afe7 Reverted dumb "fix" Bernardo Damele 2011-07-26 09:42:09 +00:00
6bbb8139a0 update (smaller memory footprint in postprocessing phase because of safecharencode part) Miroslav Stampar 2011-07-25 20:40:31 +00:00
5770c08784 minor optimization and refactoring Miroslav Stampar 2011-07-25 20:17:44 +00:00
0a7a648694 Minor bug fix for --start, now all techniques return the same result (before blind techniques returned from one entry behind) Bernardo Damele 2011-07-25 11:15:18 +00:00
6cbb927012 Partial fix for -o not resumed at following runs if missing from command line Bernardo Damele 2011-07-25 11:05:49 +00:00
50f4c4af52 Minor bug fix to parse also MSSQL 2008 R2 signatures Bernardo Damele 2011-07-24 23:43:01 +00:00
b8e2d60bfa Added MSSQL 2008 R2 signatures Bernardo Damele 2011-07-24 23:42:32 +00:00
48f580fb10 Minor adjustments to MSSQL fingerprint Bernardo Damele 2011-07-24 23:30:23 +00:00
4550fa9e40 update Bernardo Damele 2011-07-24 22:43:22 +00:00
99a0b62d0d Minor adjustments Bernardo Damele 2011-07-24 22:26:11 +00:00
ca83305b58 added MySQL updatexml error-based payload Miroslav Stampar 2011-07-24 21:08:32 +00:00
2033a28ae7 minor update regarding last commit (cleaner code) Miroslav Stampar 2011-07-24 20:44:17 +00:00
3a3561fdaa doing proper big table support for partial union too Miroslav Stampar 2011-07-24 20:36:44 +00:00
ec1bc0219c hello big tables, this is sqlmap, sqlmap this is big tables Miroslav Stampar 2011-07-24 09:19:33 +00:00
82e1e61554 minor speedup Miroslav Stampar 2011-07-23 19:51:19 +00:00
094dc91e2d minor update (prior to some changes regarding large content retrieval) Miroslav Stampar 2011-07-23 19:04:59 +00:00
a89140e1ce revisit of Oracle error-based payloads (added replace for '@' as a problematic char for XMLType function) Miroslav Stampar 2011-07-23 06:07:00 +00:00
8a00ca83af refactoring. nothing special changed Miroslav Stampar 2011-07-21 10:18:11 +00:00

... 72 73 74 75 76 ...