sqlmap

PenTest/sqlmap

Fork 0

mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-13 18:09:03 +00:00

Commit Graph

Select branches

Hide Pull Requests

gh-pages

master

#102

#102

#1029

#1033

#1037

#1053

#1053

#107

#107

#1112

#1186

#1206

#1227

#1227

#1244

#1244

#1246

#1246

#1300

#1300

#1306

#1306

#1323

#1323

#1328

#1330

#1342

#1342

#1351

#1378

#1378

#1402

#1403

#1403

#1414

#1449

#1449

#1469

#1469

#1500

#1535

#1543

#1565

#1565

#1611

#1611

#1614

#1637

#1678

#1681

#1681

#1700

#1700

#1710

#1727

#1727

#1728

#1732

#1733

#1735

#1740

#1762

#1762

#1763

#1763

#1776

#1776

#1795

#1795

#1805

#1805

#1843

#1843

#1856

#1856

#1898

#1922

#1922

#2011

#2086

#2089

#2134

#2138

#2169

#2169

#2170

#2240

#2250

#2289

#2289

#232

#232

#2323

#2347

#2347

#2350

#2350

#2359

#2369

#2369

#2374

#2378

#2389

#2389

#2397

#2397

#2401

#2410

#2411

#2417

#2417

#2418

#2420

#2420

#2439

#2480

#2481

#2481

#2506

#2506

#252

#252

#2537

#2555

#2590

#2597

#2613

#2613

#2616

#2616

#2618

#2620

#2663

#2663

#2666

#2666

#2667

#2667

#269

#269

#2690

#2690

#2692

#2692

#2695

#2728

#2731

#2732

#2732

#2733

#2733

#2734

#2734

#2742

#2742

#2751

#2751

#2752

#2752

#2756

#2756

#2761

#2782

#2791

#2807

#2807

#2817

#2817

#2823

#2823

#284

#284

#2883

#2883

#2903

#2903

#2904

#2904

#2905

#2905

#2906

#2906

#2931

#2933

#2933

#2951

#2967

#2992

#3009

#3009

#3087

#3087

#3116

#3153

#3153

#3174

#3174

#3188

#320

#320

#321

#321

#3231

#3233

#3233

#3236

#3267

#3267

#3274

#3274

#3316

#3322

#3323

#3326

#3349

#3350

#3351

#3352

#3372

#3376

#3383

#3396

#3398

#3407

#3414

#3416

#3418

#3423

#3432

#3437

#3442

#3443

#3445

#3458

#3472

#3479

#3482

#3488

#3527

#3536

#3573

#3574

#3575

#3579

#3590

#3609

#3645

#3684

#375

#375

#3802

#3855

#3856

#3881

#3896

#39

#39

#3917

#3952

#3955

#3958

#3959

#3965

#3966

#3969

#3970

#3992

#3996

#400

#400

#4007

#4022

#4032

#4033

#4034

#4039

#4041

#4058

#4059

#4077

#4092

#4098

#4099

#41

#41

#4121

#413

#413

#4145

#4146

#4184

#4192

#4198

#4205

#4216

#4218

#4219

#4229

#4243

#4266

#4267

#4279

#4291

#4305

#4323

#4326

#4327

#4344

#4347

#4365

#4374

#4378

#4379

#4385

#4387

#4427

#4429

#4431

#4460

#4501

#4506

#4509

#4573

#4586

#4619

#4620

#4632

#4632

#4633

#4635

#4635

#4643

#4644

#4656

#4657

#466

#466

#4663

#4687

#4691

#4692

#47

#47

#4701

#4732

#4740

#475

#475

#4750

#4815

#4832

#4833

#4833

#4852

#4878

#4918

#4937

#4964

#4975

#4983

#4992

#4998

#5006

#5013

#5021

#5032

#5038

#5055

#5059

#506

#506

#507

#507

#5070

#5095

#5109

#5111

#512

#512

#5127

#5128

#5143

#5156

#5172

#5175

#5175

#5176

#5189

#5198

#5206

#5215

#5229

#5235

#5253

#5260

#5266

#5273

#5288

#53

#53

#530

#530

#5300

#5302

#5305

#5311

#5345

#5354

#5354

#5355

#5356

#536

#536

#5361

#5366

#5377

#5384

#539

#539

#5393

#5395

#5410

#5436

#5436

#5439

#5439

#544

#544

#5443

#5443

#5459

#5475

#5478

#5478

#5490

#5497

#5501

#5507

#5551

#5552

#5553

#5554

#5555

#5556

#5569

#5580

#5586

#5588

#5590

#5592

#5597

#5598

#5599

#5603

#5604

#5609

#5617

#5621

#5625

#5649

#5658

#5665

#5667

#5677

#5679

#5685

#5685

#5687

#5688

#5690

#5692

#5693

#5699

#5702

#5706

#5715

#5721

#5736

#5750

#5751

#5760

#5764

#5765

#5777

#578

#5820

#5821

#5824

#5825

#5825

#583

#5840

#5841

#5842

#5842

#5845

#5849

#5849

#5852

#5859

#5860

#5864

#5869

#5871

#5873

#5874

#5877

#5878

#5881

#5883

#5890

#5893

#5910

#5913

#5923

#5923

#5930

#5931

#5932

#5940

#5944

#5945

#5945

#5952

#5953

#5957

#5959

#5963

#5963

#5965

#5967

#5970

#5973

#5973

#5980

#5984

#5985

#5995

#5999

#6000

#6001

#6004

#6004

#63

#672

#672

#682

#682

#684

#686

#701

#713

#713

#714

#73

#73

#74

#74

#744

#749

#756

#766

#766

#779

#803

#835

#848

#848

#855

#855

#86

#86

#952

#973

#977

#977

#98

#98

#99

#99

0.19

0.6.2

0.6.3

0.6.4

0.7

0.7-rc1

0.8

0.8-rc2

0.8-rc3

0.8-rc4

0.9

1.0

1.0.10

1.0.11

1.0.12

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.1

1.1.10

1.1.11

1.1.12

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.1.8

1.1.9

1.10

1.2

1.2.10

1.2.11

1.2.12

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

1.3

1.3.10

1.3.11

1.3.12

1.3.2

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3.8

1.3.9

1.4

1.4.10

1.4.11

1.4.12

1.4.2

1.4.3

1.4.4

1.4.5

1.4.6

1.4.7

1.4.8

1.4.9

1.5

1.5.10

1.5.11

1.5.12

1.5.2

1.5.3

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6

1.6.10

1.6.11

1.6.12

1.6.2

1.6.3

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7

1.7.1

1.7.10

1.7.11

1.7.12

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8

1.8.1

1.8.10

1.8.11

1.8.12

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9

1.9

1.9.10

1.9.11

1.9.12

1.9.2

1.9.3

1.9.4

1.9.5

1.9.6

1.9.7

1.9.8

1.9.9

00449f1402 fix/upgrade/chicken soup Miroslav Stampar 2010-10-20 09:54:17 +00:00
e24bff0497 nice refactoring Miroslav Stampar 2010-10-20 09:46:57 +00:00
5d3cbec457 no more regex. web server independent. Miroslav Stampar 2010-10-20 09:35:46 +00:00
934adb5e8d code refactoring Miroslav Stampar 2010-10-20 09:09:04 +00:00
b032fdbf74 added randInt to error injection vectors Miroslav Stampar 2010-10-20 08:56:58 +00:00
dabbcf9e23 fix for that 'Subquery returns more than 1 row' Miroslav Stampar 2010-10-20 08:50:05 +00:00
82f44989ce update of error based injection and bug fix for --roles on MSSQL server Miroslav Stampar 2010-10-20 06:40:33 +00:00
f2dae98448 fix for MySQL error queries Miroslav Stampar 2010-10-19 23:30:08 +00:00
0817d1b78d Cosmetics Bernardo Damele 2010-10-19 23:09:30 +00:00
8776db872c minor refactoring Miroslav Stampar 2010-10-19 23:05:24 +00:00
1b376c99a6 removed temp dictionary and replaced with kb.misc Miroslav Stampar 2010-10-19 23:00:19 +00:00
813f44da16 Minor bug fix for MSSQL connector --tables option Bernardo Damele 2010-10-19 22:11:17 +00:00
7927e97007 update Miroslav Stampar 2010-10-19 18:34:57 +00:00
415524bd5a remove --error, now it's only --error-test (it needs to return True to be able to use it) Miroslav Stampar 2010-10-19 18:34:14 +00:00
8d9201a3dc minor update Miroslav Stampar 2010-10-19 18:23:21 +00:00
4009ef385e more update regarding error based injection support Miroslav Stampar 2010-10-19 18:17:34 +00:00
b2e0b615f8 fix for that MySQL checking Miroslav Stampar 2010-10-19 17:38:39 +00:00
34d7de1d46 cosmetics Miroslav Stampar 2010-10-19 15:28:54 +00:00
d7622bb9cf major fix for MySQL error based injections Miroslav Stampar 2010-10-19 15:17:16 +00:00
1fce9683f8 now --users work for MSSQL too Miroslav Stampar 2010-10-19 15:05:32 +00:00
80505de15b now --users work on Oracle and Postgre (tested) Miroslav Stampar 2010-10-19 14:56:57 +00:00
4bc541ec3c error based update Miroslav Stampar 2010-10-19 14:47:13 +00:00
d0ebe428da i've left error flag Miroslav Stampar 2010-10-19 14:12:34 +00:00
bf850af2d8 fix for Oracle error based query "space" problem Miroslav Stampar 2010-10-19 14:10:09 +00:00
878135fe40 minor fix Miroslav Stampar 2010-10-19 14:00:27 +00:00
6a8b1046d4 first successfull run of error based sqlmap in history :). tested --banner, --current-user, --current-db on 4 major DBMSes. still hidden from users (turn on flag error in getValue() in inject.py) Miroslav Stampar 2010-10-19 12:02:04 +00:00
0c286d8db2 minor update Miroslav Stampar 2010-10-19 09:17:01 +00:00
ccda92536f added header Miroslav Stampar 2010-10-19 09:13:30 +00:00
264e0a6fda added support for displaying revision number at unhandled exception message Miroslav Stampar 2010-10-19 08:55:14 +00:00
9a7fd29d4f using pushValue and popValue Miroslav Stampar 2010-10-18 22:22:41 +00:00
a97319656c optimization - now if DBMS was detected by error based HTML parser, then it's moved at the first place for testing Miroslav Stampar 2010-10-18 21:47:11 +00:00
729156e91c proper fix Miroslav Stampar 2010-10-18 21:39:46 +00:00
3d5494845c minor bug fix Miroslav Stampar 2010-10-18 21:32:50 +00:00
d123bb741a added error based queries for MySQL, Postgre, MS SQL and Oracle Miroslav Stampar 2010-10-18 21:26:13 +00:00
8b8fff41fe cosmetics (adding html parsed DBMS) regarding heuristic check Miroslav Stampar 2010-10-18 12:11:16 +00:00
955ae5cd2e Fixed svn:keywords Bernardo Damele 2010-10-18 12:09:59 +00:00
351a7f5769 setting property Id Miroslav Stampar 2010-10-18 11:43:00 +00:00
3570b4a705 minor fix Miroslav Stampar 2010-10-18 11:41:17 +00:00
fff7fe83c1 new tamper script Miroslav Stampar 2010-10-18 11:39:28 +00:00
1d74036ee3 Minor cosmetic fixes Bernardo Damele 2010-10-18 11:34:53 +00:00
1a9aabf49d Minor fix Bernardo Damele 2010-10-18 10:40:05 +00:00
c6cd8ae72b Added another tamper script Bernardo Damele 2010-10-18 10:34:38 +00:00
36bc410333 Minor bug fix Bernardo Damele 2010-10-18 09:50:23 +00:00
6b70dadfb2 minor cosmetics Miroslav Stampar 2010-10-18 09:09:22 +00:00
149837ebf5 added the same for proxy authorization header Miroslav Stampar 2010-10-18 09:02:56 +00:00
aaebb4336e fix for Bug #202 Miroslav Stampar 2010-10-18 08:54:08 +00:00
683184cc8f Minor refactoring Bernardo Damele 2010-10-17 21:06:52 +00:00
60a1b48194 Major bug fix for --os-pwn Bernardo Damele 2010-10-17 20:44:16 +00:00
73ececd903 added that "default" "Connection: keep-alive" header Miroslav Stampar 2010-10-17 06:44:54 +00:00
cd0fe8dde0 Updated sample configuration file and cmdline help Bernardo Damele 2010-10-17 00:07:53 +00:00
64b9f94fcf Renamed --common-prediction switch to --predict-output Bernardo Damele 2010-10-16 23:50:13 +00:00
f54c134d22 Minor adjustment Bernardo Damele 2010-10-16 22:43:05 +00:00
6211915da5 Cosmetic fix Bernardo Damele 2010-10-16 22:31:16 +00:00
cfa5655150 Updated changelog Bernardo Damele 2010-10-16 22:23:53 +00:00
7b71262de6 Cosmetic fix Bernardo Damele 2010-10-16 22:07:29 +00:00
a2997a6dce Minor bug fix to --tamper Bernardo Damele 2010-10-16 21:55:34 +00:00
2129935e06 Split character for tamper scripts (--tamper option) is now comma, not semi-colon. Minor enhancement Bernardo Damele 2010-10-16 21:52:16 +00:00
2dae934a2b Minor bug fixes, code refactoring and enhanced --tamper functionality Bernardo Damele 2010-10-16 21:33:15 +00:00
5c3d21065a bug fix (reported by nightman) Miroslav Stampar 2010-10-16 21:29:35 +00:00
2b60304933 update Miroslav Stampar 2010-10-16 21:19:44 +00:00
84ed7f192a Cosmetic fixes Bernardo Damele 2010-10-16 15:10:48 +00:00
1336b97c2c removed --useBetween switch and added new tampering module ./tamper/between.py Miroslav Stampar 2010-10-15 23:48:07 +00:00
1ae4d0fc2a added optimization group Miroslav Stampar 2010-10-15 23:26:48 +00:00
e7c8be1d45 Minor layout adjustments Bernardo Damele 2010-10-15 15:37:15 +00:00
c9f0c75030 removed --space (usage of tampering modules is now a prefered way to do it) Miroslav Stampar 2010-10-15 12:52:33 +00:00
d0514d18ec removed that spaces from URI payloads Miroslav Stampar 2010-10-15 12:49:03 +00:00
bf56f8c63c Cosmetic fix Bernardo Damele 2010-10-15 12:46:41 +00:00
dcb9c2103a just in case update Miroslav Stampar 2010-10-15 11:20:19 +00:00
5f6d88a418 Minor comment Bernardo Damele 2010-10-15 11:17:17 +00:00
2fa8836c01 bug fix Miroslav Stampar 2010-10-15 11:14:59 +00:00
d50684a057 added one more check Miroslav Stampar 2010-10-15 11:05:50 +00:00
2b476e078c minor cosmetics Miroslav Stampar 2010-10-15 10:36:29 +00:00
bd3a791f23 Updated documentation Bernardo Damele 2010-10-15 10:29:53 +00:00
a80f6110cd don't call variables 'file', it's a reserved word :) Bernardo Damele 2010-10-15 10:29:24 +00:00
c5e385f77a More layout adjustments Bernardo Damele 2010-10-15 10:28:34 +00:00
9fcab68700 Minor adjustments Bernardo Damele 2010-10-15 10:28:06 +00:00
0a378c1078 Removed useless code Bernardo Damele 2010-10-15 10:25:43 +00:00
48cc8a308d More verbose messages on successful --null-connection Bernardo Damele 2010-10-15 10:24:54 +00:00
8883918ef9 cosmetics Miroslav Stampar 2010-10-15 10:03:51 +00:00
743e6d2655 cosmetics Miroslav Stampar 2010-10-15 10:02:09 +00:00
0f48dd6f73 fix for skipping non-GET urls Miroslav Stampar 2010-10-15 09:54:29 +00:00
207bef7f19 fix for that SQLite3 vs SQLite2 issue Miroslav Stampar 2010-10-15 09:39:41 +00:00
d0df8cdac9 fix for that duplicates Miroslav Stampar 2010-10-15 00:34:16 +00:00
4f7f20b94f sorry, cosmetics Miroslav Stampar 2010-10-14 23:18:29 +00:00
1674142d82 Minor cosmetic fixes Bernardo Damele 2010-10-14 15:28:54 +00:00
2bbe0c9ba6 bug fix for Ctrl+C Miroslav Stampar 2010-10-14 15:23:42 +00:00
581cc8d29c reverting due to unsuccesfull test results Miroslav Stampar 2010-10-14 15:13:36 +00:00
c14905cd6e only testing Miroslav Stampar 2010-10-14 15:04:42 +00:00
51421ba312 added Id property Miroslav Stampar 2010-10-14 14:53:50 +00:00
8b48833136 large commit with copyright header modifications Miroslav Stampar 2010-10-14 14:41:14 +00:00
a63c2c9f7c just a test Miroslav Stampar 2010-10-14 14:16:45 +00:00
780486306b forgot to put "#!/usr/bin/env python" Miroslav Stampar 2010-10-14 14:05:05 +00:00
d970e260b9 introducing new style for copyright header Miroslav Stampar 2010-10-14 14:02:43 +00:00
f07608ef4d show static words in a sorted manner Miroslav Stampar 2010-10-14 12:38:06 +00:00
255b21f2f4 minor bug fix Miroslav Stampar 2010-10-14 11:12:03 +00:00
162d01abed commit of all sorts (bug fix for heuristics and URI injections, fine tunning of tampering modules with SQL keywords,...) Miroslav Stampar 2010-10-14 11:06:28 +00:00
cf73d9c799 minor update Miroslav Stampar 2010-10-14 06:40:56 +00:00
058e1aecb4 minor update Miroslav Stampar 2010-10-14 06:20:32 +00:00
7e1f784eaa cosmetic update Miroslav Stampar 2010-10-14 06:00:10 +00:00
dc50543ea4 major bug fix for --keep-alive option in multithreading mode (that 'shitty' _headers = {} made a one shared object for all connection objects) Miroslav Stampar 2010-10-13 23:01:23 +00:00

... 94 95 96 97 98 ...