PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-15 10:59:02 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 305115a68b important improvement of data handling (POST data and header values) Miroslav Stampar 2011-04-03 15:02:52 +00:00
  • bbd4c128b0 minor update related to the last commit Miroslav Stampar 2011-04-01 22:19:42 +00:00
  • cd7e4f5afc improvement for lots of multiple-selection forms (now by default the first one is selected - till now it was left unchecked which lead to blank get/post data for the whole form) Miroslav Stampar 2011-04-01 22:12:24 +00:00
  • c3b54cc222 Cosmetics Bernardo Damele 2011-04-01 16:40:28 +00:00
  • e27afef6be minor update regarding --current-db on Oracle Miroslav Stampar 2011-04-01 15:56:11 +00:00
  • eb99f68a7a Minor improvement to --wizard. This does not mean I like the kiddie feature though ;) Bernardo Damele 2011-04-01 14:55:39 +00:00
  • de4e0c7346 minor update related to the problem with request files reported by jorge_a_santos@hotmail.com Miroslav Stampar 2011-04-01 12:09:11 +00:00
  • 60102209f6 quick fix for a bug reported by Kirill (AttributeError: 'NoneType' object has no attribute 'split') Miroslav Stampar 2011-04-01 11:14:24 +00:00
  • ee15988878 another minor update related to previous commit Miroslav Stampar 2011-03-31 17:34:07 +00:00
  • 156d24203f speed optimization Miroslav Stampar 2011-03-31 17:16:26 +00:00
  • 220366b6e8 minor update (ip addresses will not be confused any more for crypt_generic hashes) Miroslav Stampar 2011-03-31 16:56:26 +00:00
  • 557ed7d665 minor fix for a invalid charset reported by Kirill Miroslav Stampar 2011-03-31 14:39:01 +00:00
  • fed57282fc Added one more warning message to show what's going on with ctrl+c Bernardo Damele 2011-03-31 14:26:14 +00:00
  • 3948cd9e77 Minor layout adjustments Bernardo Damele 2011-03-31 14:13:53 +00:00
  • 60afd80460 Change of release date to unknown Bernardo Damele 2011-03-31 13:06:30 +00:00
  • c5de903eab minor improvement ("quick defense against substr fields") Miroslav Stampar 2011-03-31 09:35:09 +00:00
  • ce51326bff quick fix Miroslav Stampar 2011-03-31 08:43:17 +00:00
  • 0916117447 improvement of error-based testing (no more sqlmap aborting on error-based payloads which happens very often on MySQL servers); also, minor improvement on brute forcing of column names Miroslav Stampar 2011-03-30 18:32:10 +00:00
  • dd01d66f13 proper update regarding last commit Miroslav Stampar 2011-03-29 22:10:08 +00:00
  • 850328df6c minor cosmetics Miroslav Stampar 2011-03-29 22:03:48 +00:00
  • b6af80bab3 refactoring, cleanup and improvement Miroslav Stampar 2011-03-29 21:54:15 +00:00
  • adfbfef8c1 minor refactoring Miroslav Stampar 2011-03-29 21:01:47 +00:00
  • 12f3024c8a removing that boring message "reflective value found and filtered out" for headers case (we always include Uri header) Miroslav Stampar 2011-03-29 20:45:21 +00:00
  • 9f707febf5 minor update Miroslav Stampar 2011-03-29 15:43:17 +00:00
  • d0861a00e2 minor improvement Miroslav Stampar 2011-03-29 15:37:57 +00:00
  • d28ca5809b adding support for meta HTML header 'refresh' - popular one amongst login pages (stumbled when tested blind injections on Mutillidae login page) Miroslav Stampar 2011-03-29 14:16:28 +00:00
  • 7cf4ba83dc minor refactoring and comment update Miroslav Stampar 2011-03-29 12:08:07 +00:00
  • 1821a008af Ctrl+C in dictionary attack phase will now not abort the whole enumeration; also, question for common suffixes will now be asked only once Miroslav Stampar 2011-03-29 12:00:29 +00:00
  • 5560196648 minor fix Miroslav Stampar 2011-03-29 11:50:12 +00:00
  • e20d460809 Bernardo will kill me (added --wizard for total beginners) Miroslav Stampar 2011-03-29 11:42:55 +00:00
  • 4d78eac938 revert of that thingy as requested by Bernardo Miroslav Stampar 2011-03-29 10:06:35 +00:00
  • a9f5d828c6 minor fix avoiding problems with hashing strange characters in usernames Miroslav Stampar 2011-03-29 07:50:07 +00:00
  • b7813f9e68 incrementing level for MySQL stacked payloads Miroslav Stampar 2011-03-29 07:31:56 +00:00
  • e8debbe724 minor cosmetics and one minor fix (|= is a nono with None) Miroslav Stampar 2011-03-29 06:38:19 +00:00
  • 86f93713d3 fix for a bug reported by m4l1c3 (object of type 'NoneType' has no len()) and minor update Miroslav Stampar 2011-03-29 06:25:17 +00:00
  • a2d5358b08 minor fix Miroslav Stampar 2011-03-28 23:40:46 +00:00
  • 9e900ccbac minor comment update Miroslav Stampar 2011-03-28 23:12:04 +00:00
  • a61e287d23 making updates for dummy Windows users Miroslav Stampar 2011-03-28 23:09:19 +00:00
  • bf0e3c4662 improvement for --forms with empty fields Miroslav Stampar 2011-03-28 22:48:00 +00:00
  • 1823c116bb minor update for special cases of union testing results Miroslav Stampar 2011-03-28 21:45:38 +00:00
  • ae53ad4c30 making an update for special case of timed out response Miroslav Stampar 2011-03-28 21:05:04 +00:00
  • 1e22ff45de minor update regarding testing of GET parameters if --data and/or --forms is used Miroslav Stampar 2011-03-28 16:14:08 +00:00
  • 625f124263 little info message Miroslav Stampar 2011-03-28 12:13:17 +00:00
  • 4312a42b5d another minor fix Miroslav Stampar 2011-03-28 12:04:39 +00:00
  • 3173adbf6b minor update Miroslav Stampar 2011-03-28 12:02:31 +00:00
  • 73e5d20ade bulk commit for safe/unsafe identificator naming (done and tested for all 4 major DBMSes) and one bug fix for --search-column on MSSQL (inside queries) Miroslav Stampar 2011-03-28 11:01:55 +00:00
  • 19a6f86954 Minor update Bernardo Damele 2011-03-27 16:37:57 +00:00
  • 08d052d9b8 minor update of THANKS file Miroslav Stampar 2011-03-27 13:45:19 +00:00
  • 47924fb92e fix for a bug reported by malice.anon@gmail.co​m (AttributeError: 'unicode' object has no attribute 'geturl') Miroslav Stampar 2011-03-27 13:41:54 +00:00
  • 76b7e3517d minor update Miroslav Stampar 2011-03-27 07:58:15 +00:00
  • dba32306b0 minor update Miroslav Stampar 2011-03-26 22:03:46 +00:00
  • d2eb4c6a39 update of THANKS file Miroslav Stampar 2011-03-26 21:48:36 +00:00
  • d8f7c4bc4c minor update regarding support for crypt(3) Miroslav Stampar 2011-03-26 21:41:37 +00:00
  • 4f00b9fa4b minor fix Miroslav Stampar 2011-03-26 21:10:31 +00:00
  • afe2be6a9f implementation of Standard DES hashing (crypt) Miroslav Stampar 2011-03-26 20:46:25 +00:00
  • 04c4578df7 minor fix Miroslav Stampar 2011-03-26 05:55:49 +00:00
  • 58f8703ecd minor update before bedtime Miroslav Stampar 2011-03-25 22:59:18 +00:00
  • ae12dee990 minor update Miroslav Stampar 2011-03-25 22:08:54 +00:00
  • c9baa0094b going global for protection of non-standard identificator naming Miroslav Stampar 2011-03-25 22:02:28 +00:00
  • 5a1f733a43 minor update (_ is part of normal identificator naming) Miroslav Stampar 2011-03-25 21:49:20 +00:00
  • 1a98095a93 minor improvement for that MySQL identification naming Miroslav Stampar 2011-03-25 21:46:49 +00:00
  • 1119a85f39 it's a must after all - partial union is specific and as there is no output for fetched value, we have to display something to the user. also, there is a bug fix (removed the leftover parseUnionPage) Miroslav Stampar 2011-03-25 21:31:26 +00:00
  • 48c4460e2c bug fixed (there was a huge problem with space containing identifiers - fixed and tested for MySQL) Miroslav Stampar 2011-03-25 21:22:06 +00:00
  • 6c6133e8aa revert of the last commit (i was doing some testing against a test case with lots of None(s) which drove me to the conclusion that we need that progress - in normal cases it's fine as it is) Miroslav Stampar 2011-03-25 20:46:37 +00:00
  • 737b4abf13 this is a must for partial union. there are lots of cases with dumping of huge tables and user doesn't know a squirt if sqlmap is running or not (compromise is that this is only displayed if the verbose level is not touched by the user) Miroslav Stampar 2011-03-25 20:30:15 +00:00
  • af39a441fa minor improvement when --dbs returns no database names (like in many cases with MySQL 4) Miroslav Stampar 2011-03-25 19:50:06 +00:00
  • 5eb7787fc9 adding partial union cases to the live tests Miroslav Stampar 2011-03-25 15:56:15 +00:00
  • 670aa7f99b update for live tests (added dumping of columns and table values) Miroslav Stampar 2011-03-25 15:37:11 +00:00
  • 422967fbcd just an minor update related to the last commit Miroslav Stampar 2011-03-25 12:21:53 +00:00
  • c5b6d377fb fix for a bug reported by Kirill Morozov (we haven't expected mixed case/copied results in partial union pages) Miroslav Stampar 2011-03-25 12:14:19 +00:00
  • af5342c495 fix for partial inband queries on MSSQL Miroslav Stampar 2011-03-25 11:19:15 +00:00
  • e80c9e08d8 minor update regarding --live-test Miroslav Stampar 2011-03-25 09:03:08 +00:00
  • ea52d7acad minor revisit of inference Miroslav Stampar 2011-03-24 20:10:40 +00:00
  • 1f1c4c0e61 better update related to the last commit Miroslav Stampar 2011-03-24 20:04:20 +00:00
  • c0cc5d1dad minor update Miroslav Stampar 2011-03-24 17:18:03 +00:00
  • f3858a5fcf another fix related to the bug reported by Alone Shell Miroslav Stampar 2011-03-24 17:08:14 +00:00
  • 82ab4c8dc2 minor fix (ORDER BY 1 screws things up in blind mode) Miroslav Stampar 2011-03-24 14:19:32 +00:00
  • 06a5c39efe fix related to the bug reported by Alone Shell Miroslav Stampar 2011-03-24 14:03:40 +00:00
  • cef2c0879d adding live test cases for --technique=1 too Miroslav Stampar 2011-03-24 12:19:40 +00:00
  • e42cdfd138 adding possibility to run only one live test (e.g. --run-case=8) Miroslav Stampar 2011-03-24 12:07:47 +00:00
  • 33c01726dd adding basic live tests for MSSQL too Miroslav Stampar 2011-03-24 12:01:53 +00:00
  • 2b15ad57c2 basic live tests against 3 major DBMSes Miroslav Stampar 2011-03-24 11:47:01 +00:00
  • ecbbfeba6e introduction of --fresh-queries Miroslav Stampar 2011-03-24 10:08:47 +00:00
  • 762397854e fix for a bug reported by Kirill (unknown charset '8859-1') Miroslav Stampar 2011-03-24 09:27:19 +00:00
  • d79fae724c minor refactoring Miroslav Stampar 2011-03-24 09:16:21 +00:00
  • 0bb08d09d2 fix for a bug reported by Kirill (value is None in attack table phase) and minor fix for loading request file Miroslav Stampar 2011-03-24 08:43:40 +00:00
  • bd75fd26e9 implementing a --page-rank switch as requested by l0rda@l0rda.biz Miroslav Stampar 2011-03-23 11:57:57 +00:00
  • 02379c01a2 minor update (will do "schema update" for sybase some other time; that COUNT(*) blew my mind) Miroslav Stampar 2011-03-23 11:42:36 +00:00
  • 0f7bce5c66 fixing a huge mess going on because of counting on error and union techniques Miroslav Stampar 2011-03-23 11:36:40 +00:00
  • 7ea45e9032 minor update for Sybase regarding last commit Miroslav Stampar 2011-03-23 11:04:15 +00:00
  • b72cdfe9e6 fix for mssql regarding usage of schema names reported by jabra@spl0it.org Miroslav Stampar 2011-03-23 10:40:34 +00:00
  • 5a1aaecf16 minor fix so concatenated queries could be run in Oracle --sql-shell (e.g. select NAME||chr(58)||OWNER FROM ALL_SOURCE WHERE TYPE='FUNCTION') Miroslav Stampar 2011-03-22 13:07:37 +00:00
  • 7613134515 it was a real pain in the ass to have SELECT COUNT(*) for all rows (it was processed by a limit logic) Miroslav Stampar 2011-03-22 12:37:05 +00:00
  • 9479a68eb5 minor fix regarding last commit Miroslav Stampar 2011-03-22 12:21:56 +00:00
  • c24ed6e622 minor fix related to a bug reported by warninggp@gmail.com Miroslav Stampar 2011-03-22 09:22:48 +00:00
  • cbfb10cbd1 fix of a minor bug reported by syssecurity7@googlemail.com (missing iso-8858...) Miroslav Stampar 2011-03-21 16:43:46 +00:00
  • 0d3f6edcc4 typo Bernardo Damele 2011-03-21 16:27:13 +00:00
  • 7b1021d100 minor update of THANKS file Miroslav Stampar 2011-03-21 13:18:00 +00:00
  • b5c9ccb755 Oracle XML based error payload has problems with char $ as with space Miroslav Stampar 2011-03-21 13:13:12 +00:00
  • 1abcd507b8 hidding --group-concat switch Miroslav Stampar 2011-03-21 12:13:21 +00:00