PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-15 02:49:03 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • a77b186aca minor fix Miroslav Stampar 2010-12-27 16:55:27 +00:00
  • 5015f04826 minor update Miroslav Stampar 2010-12-27 16:36:05 +00:00
  • c8f8dbf0a7 minor update Miroslav Stampar 2010-12-27 15:39:27 +00:00
  • 9c1676bdfa minor cosmetics Miroslav Stampar 2010-12-27 14:44:00 +00:00
  • 9fb0e0fc85 resume of brute forced data is now available Miroslav Stampar 2010-12-27 14:17:20 +00:00
  • c7a160bf72 minor update (users want this to see) Miroslav Stampar 2010-12-27 12:00:54 +00:00
  • 3d23f226ae minor update Miroslav Stampar 2010-12-27 11:47:50 +00:00
  • 68462466f2 minor fix for a bug reported by shaohua pan (argument of type 'NoneType' is not iterable) Miroslav Stampar 2010-12-27 11:36:36 +00:00
  • 51a492e17d pretty important commit (now dumped tables are prone to dictionary attack) Miroslav Stampar 2010-12-27 10:56:28 +00:00
  • c8d5a6b980 update Miroslav Stampar 2010-12-27 00:41:16 +00:00
  • 269d6bde24 this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion) Miroslav Stampar 2010-12-27 00:14:29 +00:00
  • 89c2640d23 basic --search now works with MS Access Miroslav Stampar 2010-12-26 23:50:16 +00:00
  • f2373121d0 noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more) Miroslav Stampar 2010-12-26 14:36:51 +00:00
  • c4d6a367e9 this way order given in -C is preserved Miroslav Stampar 2010-12-26 14:11:42 +00:00
  • c93f2a703d minor update Miroslav Stampar 2010-12-26 14:02:16 +00:00
  • ceeb6374e8 bug fix (TypeError: object of type 'NoneType' has no len()) Miroslav Stampar 2010-12-26 13:27:24 +00:00
  • 569e060aab important improvement Miroslav Stampar 2010-12-26 13:20:52 +00:00
  • fcd01b3018 minor update Miroslav Stampar 2010-12-26 11:24:41 +00:00
  • a555d1ad68 minor improvement Miroslav Stampar 2010-12-26 11:15:02 +00:00
  • 22ce464efc minor update with local names Miroslav Stampar 2010-12-26 10:16:00 +00:00
  • 320a6f9efb minor minor update Miroslav Stampar 2010-12-26 09:55:33 +00:00
  • 17d74fc83c cosmeticado Miroslav Stampar 2010-12-26 09:53:40 +00:00
  • cd337d9f39 minor fix Miroslav Stampar 2010-12-26 09:46:09 +00:00
  • eaf4b93856 minor update Miroslav Stampar 2010-12-26 09:40:40 +00:00
  • 562a6440d1 fix for a bug reported by nightman (same as http://bugs.python.org/issue8797) Miroslav Stampar 2010-12-26 09:33:04 +00:00
  • 6c72e41972 minor fix/update Miroslav Stampar 2010-12-26 02:19:10 +00:00
  • e41acb6fc2 further ms access improvements Miroslav Stampar 2010-12-26 02:13:56 +00:00
  • 2c8115eed9 further improvement for ms access table dumping Miroslav Stampar 2010-12-26 01:04:30 +00:00
  • 64523212a4 added site:cn Miroslav Stampar 2010-12-26 00:06:47 +00:00
  • 5249762794 update Miroslav Stampar 2010-12-25 16:46:33 +00:00
  • f85bb96221 columns updated with localized items Miroslav Stampar 2010-12-25 16:26:05 +00:00
  • 561121b536 major update adding new table names (based on site:? localization) Miroslav Stampar 2010-12-25 15:15:03 +00:00
  • fb099615e2 minor update Miroslav Stampar 2010-12-25 11:16:35 +00:00
  • c5c4aae3d5 minor update (to prevent adding too much items) Miroslav Stampar 2010-12-25 10:42:36 +00:00
  • b472b96f92 bug fix, refactoring and improved extractErrorMessage capabilities Miroslav Stampar 2010-12-25 10:16:20 +00:00
  • ea7ba19f6b minor update Miroslav Stampar 2010-12-25 09:43:14 +00:00
  • 272476773f getPageTextWordsSet on tableExists is pretty powerful stuff Miroslav Stampar 2010-12-25 09:37:33 +00:00
  • 9853c1ec7f fix for a bug reported by alessio.dallapiazza@gmail.com (AttributeError: users) Miroslav Stampar 2010-12-25 09:13:57 +00:00
  • 6845d402fa well, here and there, merry Christmas to all :) Miroslav Stampar 2010-12-24 20:17:53 +00:00
  • 706d8e0b88 development update (basic ms access dumping implemented) Miroslav Stampar 2010-12-24 19:53:11 +00:00
  • 2d115e0350 one more fix Miroslav Stampar 2010-12-24 18:44:13 +00:00
  • edcf1a0872 few bug fixes Miroslav Stampar 2010-12-24 18:40:48 +00:00
  • 96a06351a1 minor fix (in testing phase raise404 should be set to False) Miroslav Stampar 2010-12-24 12:36:00 +00:00
  • 2c23a59ba5 fix for one of those more complex bugs (comparison was returning None while original page and/or page template were already had already DBMS error inside) Miroslav Stampar 2010-12-24 12:13:48 +00:00
  • aab14fa2d3 minor refactoring/cosmetics Miroslav Stampar 2010-12-24 11:06:57 +00:00
  • 23dc408901 prioritization of tests based on DBMS error messages and some comments in common.py Miroslav Stampar 2010-12-24 10:55:41 +00:00
  • a09716a701 minor update Miroslav Stampar 2010-12-24 10:07:56 +00:00
  • d9f08e4aa3 randomization of user agents Miroslav Stampar 2010-12-24 10:04:27 +00:00
  • d5eebb1cbf fix for a fundamentally bad presumtion (ratio should be > 0.6 in stable pages), especially today when we have stuff like where=2; also, just imagine 500s which could just say something like FALSE, while on ratio level it would be far below 0.6 Miroslav Stampar 2010-12-24 09:49:19 +00:00
  • cb17e61f35 bug fix (UnicodeDecodeError: 'ascii' codec can't decode byte 0xa9 in position 959) Miroslav Stampar 2010-12-24 02:54:26 +00:00
  • 3043ed095a bug fix (those two regexes where too generic making false MS ACCESS positives here and there) Miroslav Stampar 2010-12-24 00:11:10 +00:00
  • 8470de7b76 bug fix for boolean proxy when using time based payloads Miroslav Stampar 2010-12-23 23:46:08 +00:00
  • 7f7fb93155 cosmetics Miroslav Stampar 2010-12-23 18:44:18 +00:00
  • 017ea9e686 update Miroslav Stampar 2010-12-23 14:06:22 +00:00
  • 73f33c1999 bug fix of re-introduced bug (in multiple target mode sites with similar URI weren't skipped) Miroslav Stampar 2010-12-23 11:28:13 +00:00
  • 5a0aef0f33 fix for a case: Microsoft OLE DB Provider for ODBC Drivers error '80040e14' [MySQL][ODBC 3.51 Driver][mysqld-5.1.31-community] - it was wrongly error message recognized as MS SQL Server Miroslav Stampar 2010-12-23 09:53:13 +00:00
  • 8fc60215ed lol. this was a pesky bug. heuristic wasn't working on one mssql test site and i couldn't find why. at end the problem was that when the HTTP code was raised (like 500) no parseResponse was called. Miroslav Stampar 2010-12-22 19:12:46 +00:00
  • 7c06dbffc3 bug fix (AttributeError: 'unicode' object has no attribute 'sort') Miroslav Stampar 2010-12-22 18:55:50 +00:00
  • c1f2534e9a More bug fixes to properly distinguish between full inband and single-entry inband sql injections Bernardo Damele 2010-12-22 15:47:52 +00:00
  • b3da473840 Minor bug fix when --dbs has only one DB name Bernardo Damele 2010-12-22 14:29:57 +00:00
  • c9ab8ae60e Bug fix to properly identify if current user is DBA (--is-dba) on MySQL Bernardo Damele 2010-12-22 14:06:01 +00:00
  • 250608660d Minor bug fix to always show HTTP request and response when verbose is set accordingly to 4, 5 or 6 regardless of the HTTP response code (error or not) Bernardo Damele 2010-12-22 13:41:36 +00:00
  • 5228f336da Minor fix for ctrl+c during detection phase Bernardo Damele 2010-12-22 13:15:44 +00:00
  • 08c88495d0 removed that ugly hack Miroslav Stampar 2010-12-22 13:09:04 +00:00
  • 8212b7b745 bug fix Miroslav Stampar 2010-12-22 12:16:04 +00:00
  • c89021f0bb some fixes Miroslav Stampar 2010-12-22 11:46:18 +00:00
  • 5be9c04e44 update regarding Sybase syntax Miroslav Stampar 2010-12-22 10:39:56 +00:00
  • 5d25da5135 better way to handle this one Miroslav Stampar 2010-12-22 00:51:20 +00:00
  • 306501363c fuck, sorry, 0 was OK (STRCMP() returns 0 if the strings are the same) Miroslav Stampar 2010-12-22 00:41:38 +00:00
  • d6e6afd6f2 minor fix ("To clarify a bit: STRCMP() is case-insensitive as of MySQL 4.0." - http://bugs.mysql.com/bug.php?id=2102) Miroslav Stampar 2010-12-22 00:38:54 +00:00
  • 6f2ce15478 minor refactoring Miroslav Stampar 2010-12-22 00:27:21 +00:00
  • cb61401c18 bug fix (http://dev.mysql.com/doc/refman/5.0/es/news-5-0-11.html - "Added support of where clause for queries with FROM DUAL") Miroslav Stampar 2010-12-22 00:20:56 +00:00
  • d974a966b8 minor fix for end phase (Ctrl+C) Miroslav Stampar 2010-12-21 23:55:55 +00:00
  • fb75d0636b minor update Miroslav Stampar 2010-12-21 23:42:59 +00:00
  • 39a13077c4 minor bug fix Miroslav Stampar 2010-12-21 23:09:41 +00:00
  • 09479c85dc minor bug fix Miroslav Stampar 2010-12-21 22:35:44 +00:00
  • f905adb7c1 way better as there is no official release version for FOUND_ROWS() (it appears somewhere in alphas/betas of 4.0.x - i've stumbled upon one site with 4.0.22 and it didn't recognized FOUND_ROWS). Miroslav Stampar 2010-12-21 22:18:27 +00:00
  • 7a525f28d4 cosmetics Miroslav Stampar 2010-12-21 15:26:23 +00:00
  • b2e7f9484d minor tuning (2 techniques MAX per value used) Miroslav Stampar 2010-12-21 15:24:14 +00:00
  • 6c1133c4d4 some code refactoring Miroslav Stampar 2010-12-21 15:13:13 +00:00
  • 466d61ee85 minor fix Miroslav Stampar 2010-12-21 14:29:47 +00:00
  • 385e208f38 code refactoring regarding standard output suppression and some threading issues Miroslav Stampar 2010-12-21 14:21:24 +00:00
  • 0e68248f60 minor update of heuristic check Miroslav Stampar 2010-12-21 12:56:18 +00:00
  • 16f1f4e13e when doing dynamic checks there are cases when 404 can be raised (perfectly normal) Miroslav Stampar 2010-12-21 11:04:49 +00:00
  • aca074b769 Removed unused outdated code Bernardo Damele 2010-12-21 10:49:52 +00:00
  • ad6b528b33 Bit more verbose comment Bernardo Damele 2010-12-21 10:47:39 +00:00
  • 6b37ddada4 removed some blank trailing spaces (with extra/shutils/blanks.sh) Miroslav Stampar 2010-12-21 10:31:56 +00:00
  • 1a3f57e5fe Cosmetics Bernardo Damele 2010-12-21 09:23:00 +00:00
  • d554460aec minor fix Miroslav Stampar 2010-12-21 01:09:39 +00:00
  • 116c141dfa another fix Miroslav Stampar 2010-12-21 00:47:07 +00:00
  • 416755c0b7 minor adjustments Miroslav Stampar 2010-12-21 00:25:03 +00:00
  • a876fcedfb minor update Miroslav Stampar 2010-12-21 00:13:50 +00:00
  • 8067365b93 fix for a bug reported by m4l1c3 (AttributeError: '_MainThread' object has no attribute 'ident') Miroslav Stampar 2010-12-20 23:47:53 +00:00
  • e10670d9ac added end detection phase choice into Ctrl+C list Miroslav Stampar 2010-12-20 23:34:00 +00:00
  • 03b275ce33 update Miroslav Stampar 2010-12-20 23:27:04 +00:00
  • 29001a4fce minor update Miroslav Stampar 2010-12-20 23:21:01 +00:00
  • 518b3e094c bug fix (http://dev.mysql.com/doc/refman/5.0/en/information-functions.html#function_found-rows) Miroslav Stampar 2010-12-20 23:00:03 +00:00
  • b34fe5c334 no more need for such a huge timeout because any timeout exceptions will now be considered as a successful time-based attack (previously we wanted to get back to the program, hence there was such a huge timeout) Miroslav Stampar 2010-12-20 22:49:48 +00:00
  • 8fd3e7ba1f thread based data added Miroslav Stampar 2010-12-20 22:45:01 +00:00
  • c9e8aae8a2 we'll need to do some cleanup around threading data model we use (some of the data we currently use we'll need to spread via copies around used threads) Miroslav Stampar 2010-12-20 19:34:41 +00:00