PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-15 10:59:02 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 4889764114 minor update regarding last commit Miroslav Stampar 2011-03-21 11:40:27 +00:00
  • 5291fe35c9 proper implementation of --dbs on Oracle (we are using now schema names as a counterpart to dbs in other DBMSes) Miroslav Stampar 2011-03-21 11:29:43 +00:00
  • f8a2cf0497 minor THANKS update Miroslav Stampar 2011-03-21 09:53:34 +00:00
  • 19e2ed9803 Layout fix Bernardo Damele 2011-03-21 00:40:25 +00:00
  • f7c1b7dc5f Updated Bernardo Damele 2011-03-21 00:39:54 +00:00
  • 3ca5cddca7 massive BUG FIX (if NULL is one of dumping values it will screw everything in corner cases because "SELECT 1 WHERE NULL IN (NULL)" and "SELECT 1 WHERE NULL NOT IN (NULL)" will always return nothing/nadda/zero/not even NULL) Miroslav Stampar 2011-03-20 23:54:56 +00:00
  • 9b1f2d82d0 minor update (that .strip() was a leftover) Miroslav Stampar 2011-03-20 23:20:47 +00:00
  • db992a0a86 mssql likes to htmlescape error reports Miroslav Stampar 2011-03-20 23:16:34 +00:00
  • 088c815567 minor update (exposing --tor switch) Miroslav Stampar 2011-03-19 18:28:51 +00:00
  • 2cc91b8470 minor fix Miroslav Stampar 2011-03-19 17:44:34 +00:00
  • 7c2b3afafb minor fix (-r required Content-Length which is a part of Burp log and as we share the parsing logic this was a headache for -r) Miroslav Stampar 2011-03-19 17:37:26 +00:00
  • 139448eeb9 little stabilization regarding POST url(de/en)coding Miroslav Stampar 2011-03-19 16:53:14 +00:00
  • 0fcd999e51 fix for a bug reported by malice Miroslav Stampar 2011-03-18 16:52:46 +00:00
  • 58e9a074d3 masking some more command line arguments Miroslav Stampar 2011-03-18 16:47:18 +00:00
  • 36233fac42 update regarding a feature request from andyroyalbattle@yahoo.it Miroslav Stampar 2011-03-18 16:35:30 +00:00
  • 00b9d85ffc fix regarding bug report from andyroyalbattle@yahoo.it Miroslav Stampar 2011-03-18 16:26:39 +00:00
  • 4e300baaf2 minor cosmetics Miroslav Stampar 2011-03-18 14:09:18 +00:00
  • 3628887110 los cosmeticados Miroslav Stampar 2011-03-18 14:08:36 +00:00
  • 75c0e09f43 little refactoring Miroslav Stampar 2011-03-18 13:46:51 +00:00
  • c301b245a9 adding default value for referer in case --referer was not defined and --level>=3 used (so it could be tested with default value) Miroslav Stampar 2011-03-18 13:39:51 +00:00
  • b53c9a2599 minor fix and some refactoring Miroslav Stampar 2011-03-18 00:24:02 +00:00
  • 3edb30968b Pff.. just layout Bernardo Damele 2011-03-17 12:37:50 +00:00
  • 9526f0c4c2 Minor layout adjustments Bernardo Damele 2011-03-17 12:35:40 +00:00
  • 03fac62592 Minor code restyle Bernardo Damele 2011-03-17 12:34:29 +00:00
  • cbdd9e921e minor cosmetics Miroslav Stampar 2011-03-17 12:23:56 +00:00
  • 6607a240cf added logging to redirecthandler Miroslav Stampar 2011-03-17 12:21:27 +00:00
  • 9a513198dd minor fix regarding last couple of commits Miroslav Stampar 2011-03-17 11:25:37 +00:00
  • 970cde5a8a minor update regarding last commit Miroslav Stampar 2011-03-17 09:23:46 +00:00
  • beba69faa9 implementation of request from Santiago (look for error based responses in redirects) Miroslav Stampar 2011-03-17 09:12:28 +00:00
  • 847ce863e3 refactoring Miroslav Stampar 2011-03-17 08:54:20 +00:00
  • fbd0cfda29 minor update toward the implementation of request from Santiago Miroslav Stampar 2011-03-17 06:39:05 +00:00
  • 0535225fe7 throwing out obsolete ORDER BY 1 from inband queries Miroslav Stampar 2011-03-16 14:18:12 +00:00
  • f00aff5303 -v 0 shows both error, critical and raw_input messages Bernardo Damele 2011-03-11 22:02:38 +00:00
  • d7d47b6257 Minor bug fix (revert) Bernardo Damele 2011-03-11 21:56:45 +00:00
  • e64f225e65 minor refactoring Miroslav Stampar 2011-03-11 20:16:34 +00:00
  • 2fd3f0d7b2 minor update (added comment) Miroslav Stampar 2011-03-11 20:07:52 +00:00
  • 6cc745f789 removal of deprecated piece of code (replaced later with that getCurrentThreadData().disableStdOut) Miroslav Stampar 2011-03-11 20:04:15 +00:00
  • 5eae525010 this was bothering me for some time (POST and/or GET payloads needs to be urlencoded throughly) Miroslav Stampar 2011-03-11 19:57:44 +00:00
  • d8a76ebe34 Minor bug fix for counting of entries for error-based and partial UNION query SQL injection techs Bernardo Damele 2011-03-11 16:03:19 +00:00
  • 3cb0ca4b63 Minor bug fix for --privileges on PgSQL with error-based SQL inj technique Bernardo Damele 2011-03-11 15:24:25 +00:00
  • 5af7410cb1 Another bug fix for --privileges on PgSQL with UNION query technique Bernardo Damele 2011-03-11 15:13:09 +00:00
  • 74ef1e53c7 Minor bug fixes to --privileges for PostgreSQL query (corner case) Bernardo Damele 2011-03-11 14:54:41 +00:00
  • 1879a49506 fix for a bug reported by andreoaz@gmail.com Miroslav Stampar 2011-03-10 20:40:12 +00:00
  • eb1cda7065 minor refactoring (more consistent) Miroslav Stampar 2011-03-09 12:06:32 +00:00
  • 62e3510387 minor refactoring Miroslav Stampar 2011-03-09 11:37:37 +00:00
  • 5c97f9a496 improvement of url encoding technique (implemented failsafe routine for shortening too long GET queries) Miroslav Stampar 2011-03-09 09:36:56 +00:00
  • 9b2962ff1c now when we don't urlencode whole URI using : and \ as safe chars is not a good idea Miroslav Stampar 2011-03-09 08:56:29 +00:00
  • eedd6a990d removing space after , for our payloads Miroslav Stampar 2011-03-08 14:29:22 +00:00
  • 3dc31f6273 removing spaces after , in our queries Miroslav Stampar 2011-03-08 14:07:26 +00:00
  • 30619c599b minor update regarding encoding (adding few safe chars for e.g. CHR(50)|...) Miroslav Stampar 2011-03-08 11:53:59 +00:00
  • 68c7247ee4 bug fix (pgsql drop function requires input arguments - at cleanup() in plugins/generic/misc.py it's already fixed before) Miroslav Stampar 2011-03-08 10:46:23 +00:00
  • 99adbbeaa3 los cosmeticados Miroslav Stampar 2011-03-07 22:04:17 +00:00
  • cc0306044c adding SVN revision number support for non SVN client platforms Miroslav Stampar 2011-03-07 21:54:30 +00:00
  • 8e7c3b4666 update of THANKS file Miroslav Stampar 2011-03-07 21:29:06 +00:00
  • 154d947c62 minor update Miroslav Stampar 2011-03-07 10:15:41 +00:00
  • 16b286982d fix for a bug reported by nightman (AttributeError: 'list' object has no attribute 'split') Miroslav Stampar 2011-03-07 09:50:43 +00:00
  • 7524a0c0cf Proper error message Bernardo Damele 2011-03-04 11:59:09 +00:00
  • 8edc3b3302 further update regarding last commit Miroslav Stampar 2011-03-03 10:39:04 +00:00
  • bc50387a17 possible fix for a bug reported by Black Zero (UnicodeDecodeError for --forms) Miroslav Stampar 2011-03-03 09:42:50 +00:00
  • 3a1f5744be minor update to make counting variable totally independent of the urllib2's self.retried Miroslav Stampar 2011-03-02 10:42:17 +00:00
  • a010386a23 finally a proper fix for that annoying recursive bug Miroslav Stampar 2011-03-02 10:29:38 +00:00
  • f27f05308a minor update for masking sensitive data in error report (added aCred too) Miroslav Stampar 2011-03-02 10:09:17 +00:00
  • ad2e4002ea minor improvement Miroslav Stampar 2011-03-01 10:38:27 +00:00
  • 0f3cc153a3 fix for --technique Miroslav Stampar 2011-03-01 09:54:06 +00:00
  • 9856cb71de redo of the last commit with comments added Miroslav Stampar 2011-02-28 18:58:05 +00:00
  • ade31b2cb0 removal of obsolete item Miroslav Stampar 2011-02-28 18:49:25 +00:00
  • da6a87af43 update Bernardo Damele 2011-02-28 16:59:39 +00:00
  • 50ba0fa955 More adjustments Bernardo Damele 2011-02-28 16:14:09 +00:00
  • 021fce5601 Should be done with the ChangeLog - ready for 0.9. Minor adjustments to user's manual too. Bernardo Damele 2011-02-28 15:23:05 +00:00
  • 2bf212ffa9 minor minor update Miroslav Stampar 2011-02-27 20:43:38 +00:00
  • 7036190e8e minor improvement of regular expression Miroslav Stampar 2011-02-27 17:58:01 +00:00
  • 21041f8b90 further reflective value handling improvement Miroslav Stampar 2011-02-27 17:43:41 +00:00
  • b47d3e1da3 Huge update to user's manual. A lot to be done yet. Bernardo Damele 2011-02-27 12:19:32 +00:00
  • 6e8ebd35f4 Hide switch -x (XML output format) as it is incomplete and bugged and won't make it for 0.9 stable Bernardo Damele 2011-02-27 12:17:41 +00:00
  • 60605b6e7c Major bug fix to make --first and --last apply only to --dump's entries dump phase (in either of the blind SQL injection techs only) Bernardo Damele 2011-02-27 12:14:13 +00:00
  • 88faedc0fe fix for a bug reported by -insane- Miroslav Stampar 2011-02-26 17:48:19 +00:00
  • 11996ce12e bug fix for international encoded letters Miroslav Stampar 2011-02-25 22:43:01 +00:00
  • 63b8156c00 some update (if header key is non-unicode comformant) Miroslav Stampar 2011-02-25 09:43:04 +00:00
  • 2bbbc9a41e few updates Miroslav Stampar 2011-02-25 09:35:24 +00:00
  • aa88361ab1 incorporation of method for neutralization of reflective values Miroslav Stampar 2011-02-25 09:22:44 +00:00
  • 708ddf5608 added protection mechanism against reflected values Miroslav Stampar 2011-02-24 16:52:46 +00:00
  • 38dc82e13e If no Accept header field is present, then it is assumed that the client accepts all media types. Miroslav Stampar 2011-02-22 22:26:22 +00:00
  • 13f0d5ce00 minor bug fix Miroslav Stampar 2011-02-22 14:51:42 +00:00
  • d05bd75068 adding experimental for --group-concat Miroslav Stampar 2011-02-22 14:35:38 +00:00
  • 640ba5d744 minor refactoring Miroslav Stampar 2011-02-22 14:19:39 +00:00
  • 12ede1e5de minor JIC (just-in-case) update Miroslav Stampar 2011-02-22 13:18:47 +00:00
  • 3f8eadf4fe minor refactoring Miroslav Stampar 2011-02-22 13:00:58 +00:00
  • dcad5410fe minor refactoring Miroslav Stampar 2011-02-22 12:54:22 +00:00
  • 17c39fe231 fix for that non-HTML stuff Miroslav Stampar 2011-02-22 11:32:55 +00:00
  • ff9080de48 MaxDB always precalculates values for both TRUE and FALSE, hence we can't trick him to run any "faulty" command (e.g. 1/0). This payload is fairly ok because in case of FALSE --> something=NULL is always NULL Miroslav Stampar 2011-02-21 20:59:34 +00:00
  • 08697e60a9 added some Microsoft Access payloads Miroslav Stampar 2011-02-21 20:04:50 +00:00
  • 3e8c204121 Major bug fix to properly prepare UNION technique statement for --os-pwn and --is-dba Bernardo Damele 2011-02-21 16:00:56 +00:00
  • 90582ed7dc minor change Miroslav Stampar 2011-02-21 11:35:21 +00:00
  • 68a95fd1b1 minor update Miroslav Stampar 2011-02-20 22:45:23 +00:00
  • aac817935a further improvement of MaxDB support Miroslav Stampar 2011-02-20 22:41:42 +00:00
  • a3ba8b6928 --dump now works on MaxDB too Miroslav Stampar 2011-02-20 22:07:12 +00:00
  • 70449eb01b minor bug fix Miroslav Stampar 2011-02-20 21:35:28 +00:00
  • 345df5968d minor update Miroslav Stampar 2011-02-20 21:27:38 +00:00
  • 0e512d3c09 minor update for MaxDB Miroslav Stampar 2011-02-20 21:17:16 +00:00
  • 59e666d16e --is-dba (related) update for Sybase Miroslav Stampar 2011-02-20 17:28:06 +00:00