PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-17 03:49:02 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 963f54e6d2 minor fix for parameters containing '=' inside values itself (remark: no parameter name will have '=' nor '%3d' inside; tested and it does a good job) Miroslav Stampar 2011-07-21 10:06:52 +00:00
  • 7881ded60d quick fix (this other library was doing problems) Miroslav Stampar 2011-07-20 22:20:16 +00:00
  • d6b52242c7 Meterpreter's sniffer extension freezes 64-bit systems Meterpreter's priv extension is loaded by default since Metasploit 3.5 or so. There is no shellcodeexec 64-bit yet, anyway as the Metasploit payload is encoded with a 32-bit encoded (alphanumeric), it's all fine. Bernardo Damele 2011-07-20 13:50:02 +00:00
  • 5a1c9a42a3 Minor bug fix Bernardo Damele 2011-07-20 13:45:34 +00:00
  • 29b5115906 Minor bug fix Bernardo Damele 2011-07-20 13:28:10 +00:00
  • 9d996c07fb another quick fix Miroslav Stampar 2011-07-20 13:00:34 +00:00
  • fad77dd078 fix for a ImportError bug reported by g@brindi.si Miroslav Stampar 2011-07-20 12:18:36 +00:00
  • 9cf33ec997 now status is no longer represented in percentage (impossible in cases where we need to support too small and too large dictionaries - technical issues regarding counting) but by the rotating char Miroslav Stampar 2011-07-15 13:24:13 +00:00
  • ff8fc90ac7 bug fix Miroslav Stampar 2011-07-13 06:44:15 +00:00
  • 9c694ce3ec bug fix (--tables --columns) Miroslav Stampar 2011-07-12 23:27:47 +00:00
  • 5c162efbd8 more optimization Miroslav Stampar 2011-07-12 23:21:15 +00:00
  • 9933edc718 optimization of reflective removal mechanism Miroslav Stampar 2011-07-12 22:28:19 +00:00
  • 4cb9988243 quick fix Miroslav Stampar 2011-07-12 21:09:33 +00:00
  • cda25cda2f Cosmetics Bernardo Damele 2011-07-12 20:49:27 +00:00
  • 3583d6dd1b quick fixes, more work to do Miroslav Stampar 2011-07-12 20:32:19 +00:00
  • 0126b8eb0e minor revert (it's illegal to use append for updating one array with another array) Miroslav Stampar 2011-07-12 19:34:54 +00:00
  • 48b7245a33 Minor bug fix Bernardo Damele 2011-07-12 15:47:04 +00:00
  • 0b8c6e4c81 Minor bug fix Bernardo Damele 2011-07-12 15:30:40 +00:00
  • eeb4436471 renamed Bernardo Damele 2011-07-12 12:48:15 +00:00
  • 42c5bab013 renamed Bernardo Damele 2011-07-11 23:37:10 +00:00
  • a46b5230f5 minor "patch" Miroslav Stampar 2011-07-11 20:33:16 +00:00
  • 1f826684f6 disabling multiprocessing (maybe permanently) support for Windows as of complications with sharing dictionary iterator Miroslav Stampar 2011-07-11 13:16:59 +00:00
  • 7bc6280d53 possible fix for a multi-processing "problem" reported by christopher.oakley@gmail.com Miroslav Stampar 2011-07-11 11:40:27 +00:00
  • 4ae71fd5f4 Updated docstring Bernardo Damele 2011-07-11 10:39:30 +00:00
  • 86d28947aa updated Bernardo Damele 2011-07-11 10:07:36 +00:00
  • 2b6b80d7f8 Updated docstring Bernardo Damele 2011-07-11 10:04:19 +00:00
  • c9e6fc7695 Added new tamper script, tamper/space2mssqlblank.py from RS Bernardo Damele 2011-07-11 09:49:58 +00:00
  • e47f873fa4 Renamed space2extrarandomblank.py to space2mysqlblank.py Bernardo Damele 2011-07-11 09:49:03 +00:00
  • c9ba58acb6 Moved MS Access UNION query tests after generic as generic test must identify MSSQL Bernardo Damele 2011-07-11 09:47:52 +00:00
  • 1e1f429668 Minor minor fix Bernardo Damele 2011-07-11 09:22:47 +00:00
  • 5014475637 minor update (changing form of payload[i+1] with payload[i+1:i+2] which is much safer for not crashing the script with invalid char index) Miroslav Stampar 2011-07-11 09:22:29 +00:00
  • 7a6bddf811 minor fixes pointed by RS Miroslav Stampar 2011-07-11 09:08:24 +00:00
  • f5e45bf113 quick fix for a bug reported by jovon.itwaru@gmail.com Miroslav Stampar 2011-07-11 08:54:39 +00:00
  • 98958f8808 minor minor update Miroslav Stampar 2011-07-10 15:41:45 +00:00
  • 0d6afca7db adding new switch '--smart' by request Miroslav Stampar 2011-07-10 15:16:58 +00:00
  • 5d31eb5ef7 cosmetics and also tested against testing env - works perfectly Miroslav Stampar 2011-07-10 09:07:07 +00:00
  • b3acaf85d8 minor update Miroslav Stampar 2011-07-10 08:58:55 +00:00
  • eb42cedf2a adding extractvalue MySQL >= 5.1 error payload (http://www.notsosecure.com/folder2/2010/06/29/mysql-exploitation-with-error-messages/) - untested (lack of particular ver for testing) and prone to level/risk adjustment Miroslav Stampar 2011-07-10 08:54:22 +00:00
  • b7433011f8 new tamper script by request Miroslav Stampar 2011-07-08 22:48:03 +00:00
  • 1e182e6c72 quick fix Miroslav Stampar 2011-07-08 22:34:44 +00:00
  • 05cb65b106 Added one more tamper script from Roberto Salgado and minor adjustment to others Bernardo Damele 2011-07-08 13:43:34 +00:00
  • 3985a81cb9 Update email addresses Bernardo Damele 2011-07-08 13:39:47 +00:00
  • 651349e229 More verbose critical message Bernardo Damele 2011-07-08 13:12:53 +00:00
  • 062c156fc0 Added another tamper script from Roberto Salgado Bernardo Damele 2011-07-08 11:03:14 +00:00
  • 93219b9e13 i've accidentally left table_schema removed while doing some tests. now it should be ok Miroslav Stampar 2011-07-08 10:24:46 +00:00
  • b5dd4d4a63 Minor bug fix for Microsoft Access case expressions (like --common-tables) in UNION query SQL injection Bernardo Damele 2011-07-08 10:19:01 +00:00
  • 02bfd05b20 more general approach Miroslav Stampar 2011-07-08 10:03:14 +00:00
  • 5443e06430 cosmetics (in debug mode [0] is used) Miroslav Stampar 2011-07-08 09:43:52 +00:00
  • c463c411b9 minor update Miroslav Stampar 2011-07-08 09:32:58 +00:00
  • ba2c06c9dc quick fix Miroslav Stampar 2011-07-08 09:01:32 +00:00
  • c517e97a44 few fixes and minor cosmetics Miroslav Stampar 2011-07-08 06:02:31 +00:00
  • aedcf8c8d7 Changed homepage address Bernardo Damele 2011-07-07 20:10:03 +00:00
  • 736327c893 Added two tamper scripts contributed by Roberto Salgado Bernardo Damele 2011-07-07 18:45:07 +00:00
  • 067354b97f Revert of last commit and proper fix to detect UNION query SQL injection against Microsoft Access Bernardo Damele 2011-07-07 13:20:40 +00:00
  • c6a0b84242 Some more common tables and columns Bernardo Damele 2011-07-07 00:23:54 +00:00
  • 9e1a6beb7a Major bug fix in UNION detection, it was a leftover Bernardo Damele 2011-07-07 00:06:20 +00:00
  • fcd4e94c04 Higher chances to detect UNION query SQL injection against Microsoft Access Bernardo Damele 2011-07-06 23:52:44 +00:00
  • 9d2aadd4a6 missing docstring details Bernardo Damele 2011-07-06 22:53:22 +00:00
  • 23b4efdcaf Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too. Bernardo Damele 2011-07-06 21:04:45 +00:00
  • 0d28c1e9e7 cosmetics Bernardo Damele 2011-07-06 20:41:13 +00:00
  • 6f6038b534 Quick fix (revert..) Bernardo Damele 2011-07-06 11:32:12 +00:00
  • 93b296e02c few bug fixes (NTLM credential parsing was wrong), some switch reordering (few Misc to General), implemented --check-waf switch (irony is that this will also be called highly experimental/unstable while other things will be called "major/turbo/super bug fix/implementation") Miroslav Stampar 2011-07-06 05:44:47 +00:00
  • b8ffcf9495 few fixes here and there and multi-core processing for dictionary based hash attack Miroslav Stampar 2011-07-04 19:58:41 +00:00
  • da049110df Minor revert Bernardo Damele 2011-07-04 15:23:05 +00:00
  • a1fe9d07ca minor revert Miroslav Stampar 2011-07-02 23:00:22 +00:00
  • 34d9a91af1 bulk of fixes Miroslav Stampar 2011-07-02 22:48:56 +00:00
  • 861cdb1b14 cosmetics Bernardo Damele 2011-07-01 10:04:34 +00:00
  • 4513ef409e massive (like really massive) dictionary support Miroslav Stampar 2011-06-30 23:44:49 +00:00
  • 43db6b03a7 update with a feature request (file with list of wordlist files) Miroslav Stampar 2011-06-30 08:42:43 +00:00
  • 366c2d279d minor update Miroslav Stampar 2011-06-30 08:02:52 +00:00
  • d063ae91eb propset update Miroslav Stampar 2011-06-30 07:55:07 +00:00
  • b361f60644 minor changes Miroslav Stampar 2011-06-30 07:52:13 +00:00
  • f3013e4a29 minor update Miroslav Stampar 2011-06-30 06:39:32 +00:00
  • caf22b58bc new tamper script Miroslav Stampar 2011-06-30 06:34:24 +00:00
  • 8a36f7fc03 fix for a bug reported by aboynes@gmail.com (UnboundLocalError: local variable 'infoMsg' referenced before assignment) Miroslav Stampar 2011-06-29 18:04:58 +00:00
  • 9e453e8709 fix for a bug reported by nightman@email.de Miroslav Stampar 2011-06-29 17:49:59 +00:00
  • be9b8bca78 bug fix Miroslav Stampar 2011-06-29 17:39:58 +00:00
  • 6d606d417b Preparing for PostgreSQL 9.0 DLL (--os-pwn) compilation on Windows 64-bit Bernardo Damele 2011-06-28 13:41:15 +00:00
  • ddb6ba6d47 Added PostgreSQL 9.0 shared object for Linux 32-bit Bernardo Damele 2011-06-28 13:14:32 +00:00
  • 1698630bc0 Added PostgreSQL 9.0 shared object for Linux 64-bit Bernardo Damele 2011-06-28 13:12:18 +00:00
  • d3b44a5f58 Added copyright Bernardo Damele 2011-06-28 10:59:20 +00:00
  • fe686feefa Added support for direct connection (-d switch) to IBM DB2 Bernardo Damele 2011-06-28 10:52:07 +00:00
  • 9eb683531d Minor improvement at blind SQL inj technique for DB2 Bernardo Damele 2011-06-27 22:28:12 +00:00
  • 75524c283d minor update Miroslav Stampar 2011-06-27 21:59:31 +00:00
  • 4be55c811f minor update Miroslav Stampar 2011-06-27 21:48:26 +00:00
  • 831f083223 minor update Miroslav Stampar 2011-06-27 21:38:12 +00:00
  • 5b4eaf48d9 minor fix (for those blank suffixes out of nowhere at the end of payload - not related to "-- ") Miroslav Stampar 2011-06-27 21:34:49 +00:00
  • 8a8b94883b minor update (that default quit in --batch was bothering me - my original idea and it was bad :) Miroslav Stampar 2011-06-27 14:14:49 +00:00
  • ed4cfbb6d2 Minor fix Bernardo Damele 2011-06-27 08:58:59 +00:00
  • d72db1bf91 minor update (all misc options are alphabetically ordered) Miroslav Stampar 2011-06-27 08:21:33 +00:00
  • bedf16b88b adding payloads for time-based injection on SAP MaxDB (heavy query) Miroslav Stampar 2011-06-26 23:46:09 +00:00
  • d0490cc4e7 adding payloads for time-based injection on DB2 (heavy query) Miroslav Stampar 2011-06-26 16:38:22 +00:00
  • 36c96ef796 Added DB2 support - patch provided by Sebastian Bittig Bernardo Damele 2011-06-25 09:44:24 +00:00
  • e00cf81f7e minor update Miroslav Stampar 2011-06-24 19:50:13 +00:00
  • e9286ddd5b fix for a bug reported by g@brindi.si (UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position 47: ordinal not in range(128)) Miroslav Stampar 2011-06-24 19:24:11 +00:00
  • f434c3b29e update of THANKS file Miroslav Stampar 2011-06-24 19:06:08 +00:00
  • c4cb367e65 looks nicer (though --tor is implicitly converted into --proxy) Miroslav Stampar 2011-06-24 19:00:53 +00:00
  • aa83fe5c66 minor update Miroslav Stampar 2011-06-24 18:19:33 +00:00
  • 21010f702c minor beautification Miroslav Stampar 2011-06-24 17:46:54 +00:00
  • 2de88bd90b minor update Miroslav Stampar 2011-06-24 17:19:24 +00:00