PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-14 18:39:05 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 0676b38063 revert of one thing for Bernardo and minor update Miroslav Stampar 2011-01-10 10:30:17 +00:00
  • 77b51dae57 adding openFile method with an exception block around file opening part Miroslav Stampar 2011-01-08 09:30:10 +00:00
  • e3899f7467 fix of a fix Miroslav Stampar 2011-01-07 18:07:18 +00:00
  • 8e83a26acf minor fix Miroslav Stampar 2011-01-07 17:53:17 +00:00
  • ed2aed972f minor fix Miroslav Stampar 2011-01-07 17:38:28 +00:00
  • 27628dca42 cosmetics Bernardo Damele 2011-01-07 17:25:22 +00:00
  • 97ae7e330f cosmetics Bernardo Damele 2011-01-07 17:10:58 +00:00
  • cc46940159 Minor refactoring Bernardo Damele 2011-01-07 17:10:32 +00:00
  • e373dac1f2 Cosmetics Bernardo Damele 2011-01-07 16:50:39 +00:00
  • c17714c423 suppress session in case of brute methods Miroslav Stampar 2011-01-07 16:47:46 +00:00
  • b313a20a3f some fixes Miroslav Stampar 2011-01-07 16:39:47 +00:00
  • 16a06117f7 Mere cosmetics Bernardo Damele 2011-01-07 16:36:32 +00:00
  • 1a079c62cb minor update (generic tests now have bigger priority in test queue than parsed DBMS related ones) Miroslav Stampar 2011-01-07 16:08:01 +00:00
  • 1c86ec374e Code refactoring and cosmetics Bernardo Damele 2011-01-07 15:41:09 +00:00
  • a8d660db54 fixes for bugs reported by pragmatk@gmail.com Miroslav Stampar 2011-01-06 16:59:58 +00:00
  • c968b438f2 Ctrl+C added to union dump Miroslav Stampar 2011-01-06 09:48:04 +00:00
  • 0616edcc44 adding progress to --union-test Miroslav Stampar 2011-01-06 09:26:01 +00:00
  • 8b9a624546 added progress into union based entry retrieval Miroslav Stampar 2011-01-06 09:10:20 +00:00
  • cc9ca802bf minor update Miroslav Stampar 2011-01-06 08:54:50 +00:00
  • 1297df66da fix for a bug reported by abc abc <biedimc@gmx.net> (HierarchyRequestErr: two document elements disallowed) Miroslav Stampar 2011-01-06 08:04:59 +00:00
  • 6942c9a001 same thing with mysql as in last commit Miroslav Stampar 2011-01-05 14:41:38 +00:00
  • a136915ab6 bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned) Miroslav Stampar 2011-01-05 14:36:41 +00:00
  • 694a65f6f1 minor fix/update Miroslav Stampar 2011-01-05 13:32:40 +00:00
  • 7411052456 minor update regarding last commit Miroslav Stampar 2011-01-05 12:09:57 +00:00
  • 042e3f76ba bug fix for a bug reported by nightman (RuntimeError: maximum recursion depth exceeded) Miroslav Stampar 2011-01-05 11:36:40 +00:00
  • 7ae5192070 adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) Miroslav Stampar 2011-01-05 10:25:07 +00:00
  • c83e9f6ca5 foundation for filtering binary string values (for example, replacement of non readable chars with #) Miroslav Stampar 2011-01-04 21:56:37 +00:00
  • aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) Miroslav Stampar 2011-01-04 15:49:20 +00:00
  • 8a48baf789 update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised Miroslav Stampar 2011-01-04 13:23:59 +00:00
  • eb11f5b2e0 minor update Miroslav Stampar 2011-01-04 13:07:12 +00:00
  • c1dc73d0a1 minor, just in case update related to the previous commit Miroslav Stampar 2011-01-04 12:56:55 +00:00
  • 709a7d156b fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...) Miroslav Stampar 2011-01-04 12:51:51 +00:00
  • d288c6d6e3 minor update Miroslav Stampar 2011-01-04 08:40:41 +00:00
  • fdc463d08b fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range) Miroslav Stampar 2011-01-03 23:36:35 +00:00
  • 0eabca9fd4 update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) Miroslav Stampar 2011-01-03 22:31:29 +00:00
  • 08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) Miroslav Stampar 2011-01-03 22:02:58 +00:00
  • 572f403069 update of one thing that was missing Miroslav Stampar 2011-01-03 21:28:22 +00:00
  • 7f97f3ea52 adding user agent strings for opera >= 9.10 and safari >= 4.0 Miroslav Stampar 2011-01-03 15:26:42 +00:00
  • 6936ebb9e6 adding new user agent strings for firefox >= 3.0 and MSIE >= 7.0 Miroslav Stampar 2011-01-03 15:17:18 +00:00
  • ce48ea75d0 noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links Miroslav Stampar 2011-01-03 14:39:23 +00:00
  • 6aa616bd0d minor minor fix Miroslav Stampar 2011-01-03 14:28:20 +00:00
  • 92e4cdb241 raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic Miroslav Stampar 2011-01-03 14:21:41 +00:00
  • 07129371bf bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests) Miroslav Stampar 2011-01-03 13:04:20 +00:00
  • 3629c2737b automatically turn on --text-only in case of heavily-dynamicity instead of critical exit Miroslav Stampar 2011-01-03 11:06:49 +00:00
  • adc41181e6 some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one Miroslav Stampar 2011-01-03 10:37:20 +00:00
  • 5860b8942f minor update Miroslav Stampar 2011-01-03 09:16:42 +00:00
  • d19a8d53e4 minor update Miroslav Stampar 2011-01-03 08:46:20 +00:00
  • 8625494ff2 added one new quick check for multiple target(s) mode Miroslav Stampar 2011-01-03 08:32:06 +00:00
  • 8e1927fe31 minor fix Miroslav Stampar 2011-01-02 18:12:18 +00:00
  • 2efe7928c0 more concise than previously Miroslav Stampar 2011-01-02 17:06:13 +00:00
  • 5f9b6b2254 code refactoring Miroslav Stampar 2011-01-02 16:51:21 +00:00
  • 252ef7626f removing too old user-agents (some sites just reject those because of possible rendering issues) Miroslav Stampar 2011-01-02 15:57:52 +00:00
  • a56934e68b one more MSSQL/ASPX error banner regex Miroslav Stampar 2011-01-02 15:36:57 +00:00
  • e6f0c4d857 minor update Miroslav Stampar 2011-01-02 15:32:35 +00:00
  • c1d0dde769 added support for .NET banners (http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx) Miroslav Stampar 2011-01-02 14:46:31 +00:00
  • f762f32de8 bug fix for proper --parse-errors on .aspx pages Miroslav Stampar 2011-01-02 13:00:04 +00:00
  • b763feafd9 bug fix (TypeError: object of type 'NoneType' has no len()) Miroslav Stampar 2011-01-02 12:26:31 +00:00
  • f0dad2a1e4 minor bug fix (in multiple item search only last item was shown) Miroslav Stampar 2011-01-02 12:23:36 +00:00
  • 7b9d978cf9 minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax") Miroslav Stampar 2011-01-02 11:01:20 +00:00
  • dce9a762f1 important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode Miroslav Stampar 2011-01-02 10:37:32 +00:00
  • 96341f8f78 minor fix Miroslav Stampar 2011-01-02 09:16:17 +00:00
  • 73e8a10527 minor fix Miroslav Stampar 2011-01-02 09:12:20 +00:00
  • 93cb75ff65 added Nginx Miroslav Stampar 2011-01-02 08:50:27 +00:00
  • 5c6c870db4 removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode Miroslav Stampar 2011-01-02 08:43:38 +00:00
  • 6651ba05eb another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) Miroslav Stampar 2011-01-02 08:08:38 +00:00
  • e28b9f26fc minor fix Miroslav Stampar 2011-01-02 08:01:01 +00:00
  • da138c46c1 added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly) Miroslav Stampar 2011-01-02 07:37:47 +00:00
  • ec4440108b minor cosmetics Miroslav Stampar 2011-01-02 07:09:04 +00:00
  • 428e817a32 some refactoring Miroslav Stampar 2011-01-01 23:57:27 +00:00
  • 212035e64d user can now choose if he wants to skip non-heuristic based DBMS tests Miroslav Stampar 2011-01-01 23:38:11 +00:00
  • ded9798e3d minor bug fix Miroslav Stampar 2011-01-01 23:07:50 +00:00
  • 8a93cfd975 minor update Miroslav Stampar 2011-01-01 22:43:15 +00:00
  • 52e44df86c minor update Miroslav Stampar 2011-01-01 21:11:29 +00:00
  • 942cbafba6 minor update Miroslav Stampar 2011-01-01 20:19:55 +00:00
  • 26b06bfcfb update (http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html) Miroslav Stampar 2011-01-01 19:38:51 +00:00
  • e4fd8b3f0c (e) finally works as it should Miroslav Stampar 2011-01-01 19:22:44 +00:00
  • 0e815177c8 minor update Miroslav Stampar 2011-01-01 19:07:40 +00:00
  • ef27fd5ea1 there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html) Miroslav Stampar 2011-01-01 15:20:29 +00:00
  • 7ea3d060f6 some fixes/updates here and there Miroslav Stampar 2011-01-01 12:41:51 +00:00
  • 15e6911fd8 fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write') Miroslav Stampar 2011-01-01 12:23:02 +00:00
  • 91f665aaaa bug fix for Ctrl+C Miroslav Stampar 2010-12-31 15:00:19 +00:00
  • 076560f59f bug fix Miroslav Stampar 2010-12-31 12:58:27 +00:00
  • 5db8ebbfa9 update of mysql comment versions Miroslav Stampar 2010-12-31 12:42:12 +00:00
  • 40e3489099 minor update Miroslav Stampar 2010-12-31 12:27:57 +00:00
  • ce19b0c431 optimization of comment checking in MySQL Miroslav Stampar 2010-12-31 12:21:02 +00:00
  • 281d124fa6 minor bug fix Miroslav Stampar 2010-12-31 12:04:39 +00:00
  • 42e7b1b3a7 bug fix Miroslav Stampar 2010-12-30 22:40:37 +00:00
  • 20e3a6d72f fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html) Miroslav Stampar 2010-12-30 21:53:34 +00:00
  • 7f4acaf6f9 now comment injection fingerprint works with all techniques Miroslav Stampar 2010-12-30 21:24:26 +00:00
  • 6f17e84e19 minor fix Miroslav Stampar 2010-12-30 08:29:20 +00:00
  • c3065f6ecc minor fix Miroslav Stampar 2010-12-29 20:38:56 +00:00
  • 2476c1516d minor fix Miroslav Stampar 2010-12-29 20:26:36 +00:00
  • 613242e298 bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) Miroslav Stampar 2010-12-29 19:48:19 +00:00
  • 8f32c740ff code refactoring Miroslav Stampar 2010-12-29 19:39:32 +00:00
  • 6700cabc36 minor optimization Miroslav Stampar 2010-12-29 19:01:29 +00:00
  • d1f5c1d7b7 now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering Miroslav Stampar 2010-12-29 15:10:42 +00:00
  • 79e97824ef adding user names to the attack dictionary Miroslav Stampar 2010-12-29 00:37:53 +00:00
  • 93838fb155 "patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError) Miroslav Stampar 2010-12-28 14:40:34 +00:00
  • 96c3ffd3d7 changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload Miroslav Stampar 2010-12-27 19:02:13 +00:00
  • c0423761e8 minor update Miroslav Stampar 2010-12-27 18:27:42 +00:00