sqlmapproject/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-04-14 19:04:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 6942c9a001 same thing with mysql as in last commit Miroslav Stampar 2011-01-05 14:41:38 +00:00
  • a136915ab6 bug fix for postgre's --os-shell (when there was an error in command executed and/or no output chars, garbled output was returned) Miroslav Stampar 2011-01-05 14:36:41 +00:00
  • 694a65f6f1 minor fix/update Miroslav Stampar 2011-01-05 13:32:40 +00:00
  • 7411052456 minor update regarding last commit Miroslav Stampar 2011-01-05 12:09:57 +00:00
  • 042e3f76ba bug fix for a bug reported by nightman (RuntimeError: maximum recursion depth exceeded) Miroslav Stampar 2011-01-05 11:36:40 +00:00
  • 7ae5192070 adding filtering of strings for control chars in blind inference mode (way to handle either errornous values, or either binary data) Miroslav Stampar 2011-01-05 10:25:07 +00:00
  • c83e9f6ca5 foundation for filtering binary string values (for example, replacement of non readable chars with #) Miroslav Stampar 2011-01-04 21:56:37 +00:00
  • aa81ed4033 implementation of a feature suggested by pan@knownsec.com (usage of charset type from http-equiv attribute in case when charset is not defined in headers) Miroslav Stampar 2011-01-04 15:49:20 +00:00
  • 8a48baf789 update for a "problem" reported by nightman@email.de where he lost all of large dumped table because in the middle of dumping 401 was raised Miroslav Stampar 2011-01-04 13:23:59 +00:00
  • eb11f5b2e0 minor update Miroslav Stampar 2011-01-04 13:07:12 +00:00
  • c1dc73d0a1 minor, just in case update related to the previous commit Miroslav Stampar 2011-01-04 12:56:55 +00:00
  • 709a7d156b fix for a bug reported by shaohua pan (UnicodeDecodeError: 'ascii' codec can't decode...) Miroslav Stampar 2011-01-04 12:51:51 +00:00
  • d288c6d6e3 minor update Miroslav Stampar 2011-01-04 08:40:41 +00:00
  • fdc463d08b fix for a bug reported by deep_freeze@mail.ru (IndexError: list index out of range) Miroslav Stampar 2011-01-03 23:36:35 +00:00
  • 0eabca9fd4 update for a previous update (putting conf.dataEncoding in getUnicode wherever we know that data won't be 'touched' or 'used' in anyway related to the current web page - if not sure, just leave it as it is) Miroslav Stampar 2011-01-03 22:31:29 +00:00
  • 08ccbf2c1e important fix for a bug reported by x <deep_freeze@mail.ru> (along with normal fixes, getUnicode now uses kb.pageEncoding) Miroslav Stampar 2011-01-03 22:02:58 +00:00
  • 572f403069 update of one thing that was missing Miroslav Stampar 2011-01-03 21:28:22 +00:00
  • 7f97f3ea52 adding user agent strings for opera >= 9.10 and safari >= 4.0 Miroslav Stampar 2011-01-03 15:26:42 +00:00
  • 6936ebb9e6 adding new user agent strings for firefox >= 3.0 and MSIE >= 7.0 Miroslav Stampar 2011-01-03 15:17:18 +00:00
  • ce48ea75d0 noticed that google search page sometimes contain double html escaped links - double htmlunescape solves the problem, while dealing no harm to single html escaped links Miroslav Stampar 2011-01-03 14:39:23 +00:00
  • 6aa616bd0d minor minor fix Miroslav Stampar 2011-01-03 14:28:20 +00:00
  • 92e4cdb241 raising critical when google detects strange traffic and also removing obsolete sqlmapSiteTooDynamic Miroslav Stampar 2011-01-03 14:21:41 +00:00
  • 07129371bf bug fix for time based injections with keepalive (keepalive module has timeout argument which screwed tbMsg); also, bug fix for cases when remote hosts forcefully disconnects the user on some tests (instead of retrying and critically going out, continue with further tests) Miroslav Stampar 2011-01-03 13:04:20 +00:00
  • 3629c2737b automatically turn on --text-only in case of heavily-dynamicity instead of critical exit Miroslav Stampar 2011-01-03 11:06:49 +00:00
  • adc41181e6 some DBMSes (MS Access for example) don't play well with a simple query suffix OR 1>2 which should represent NOP one Miroslav Stampar 2011-01-03 10:37:20 +00:00
  • 5860b8942f minor update Miroslav Stampar 2011-01-03 09:16:42 +00:00
  • d19a8d53e4 minor update Miroslav Stampar 2011-01-03 08:46:20 +00:00
  • 8625494ff2 added one new quick check for multiple target(s) mode Miroslav Stampar 2011-01-03 08:32:06 +00:00
  • 8e1927fe31 minor fix Miroslav Stampar 2011-01-02 18:12:18 +00:00
  • 2efe7928c0 more concise than previously Miroslav Stampar 2011-01-02 17:06:13 +00:00
  • 5f9b6b2254 code refactoring Miroslav Stampar 2011-01-02 16:51:21 +00:00
  • 252ef7626f removing too old user-agents (some sites just reject those because of possible rendering issues) Miroslav Stampar 2011-01-02 15:57:52 +00:00
  • a56934e68b one more MSSQL/ASPX error banner regex Miroslav Stampar 2011-01-02 15:36:57 +00:00
  • e6f0c4d857 minor update Miroslav Stampar 2011-01-02 15:32:35 +00:00
  • c1d0dde769 added support for .NET banners (http://msdn.microsoft.com/en-us/library/system.data.sqlclient.aspx) Miroslav Stampar 2011-01-02 14:46:31 +00:00
  • f762f32de8 bug fix for proper --parse-errors on .aspx pages Miroslav Stampar 2011-01-02 13:00:04 +00:00
  • b763feafd9 bug fix (TypeError: object of type 'NoneType' has no len()) Miroslav Stampar 2011-01-02 12:26:31 +00:00
  • f0dad2a1e4 minor bug fix (in multiple item search only last item was shown) Miroslav Stampar 2011-01-02 12:23:36 +00:00
  • 7b9d978cf9 minor fix (database and/or table names with - sign inside needs to be escaped by ` character or will lead to a "SQL syntax") Miroslav Stampar 2011-01-02 11:01:20 +00:00
  • dce9a762f1 important update regarding restoring of potentially changed switch values in multi-target mode and/or missing switch values in resume mode Miroslav Stampar 2011-01-02 10:37:32 +00:00
  • 96341f8f78 minor fix Miroslav Stampar 2011-01-02 09:16:17 +00:00
  • 73e8a10527 minor fix Miroslav Stampar 2011-01-02 09:12:20 +00:00
  • 93cb75ff65 added Nginx Miroslav Stampar 2011-01-02 08:50:27 +00:00
  • 5c6c870db4 removed some problematic user agents (google won't work with them) and added page rank next to tested item in multi target mode Miroslav Stampar 2011-01-02 08:43:38 +00:00
  • 6651ba05eb another fix (OS was set to None at all previous sessions if there was no explicit OS testing done) Miroslav Stampar 2011-01-02 08:08:38 +00:00
  • e28b9f26fc minor fix Miroslav Stampar 2011-01-02 08:01:01 +00:00
  • da138c46c1 added support for displaying HTTP error codes (particularly interesting ones are 403 and 406 which screw up data retrieval and DBMS fingerprinting badly) Miroslav Stampar 2011-01-02 07:37:47 +00:00
  • ec4440108b minor cosmetics Miroslav Stampar 2011-01-02 07:09:04 +00:00
  • 428e817a32 some refactoring Miroslav Stampar 2011-01-01 23:57:27 +00:00
  • 212035e64d user can now choose if he wants to skip non-heuristic based DBMS tests Miroslav Stampar 2011-01-01 23:38:11 +00:00
  • ded9798e3d minor bug fix Miroslav Stampar 2011-01-01 23:07:50 +00:00
  • 8a93cfd975 minor update Miroslav Stampar 2011-01-01 22:43:15 +00:00
  • 52e44df86c minor update Miroslav Stampar 2011-01-01 21:11:29 +00:00
  • 942cbafba6 minor update Miroslav Stampar 2011-01-01 20:19:55 +00:00
  • 26b06bfcfb update (http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html) Miroslav Stampar 2011-01-01 19:38:51 +00:00
  • e4fd8b3f0c (e) finally works as it should Miroslav Stampar 2011-01-01 19:22:44 +00:00
  • 0e815177c8 minor update Miroslav Stampar 2011-01-01 19:07:40 +00:00
  • ef27fd5ea1 there is a huge problem with urllib2 connections that sockets are left opened causing problems with lots of disposable connections used (like in --threads) (http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html, http://mail.python.org/pipermail/python-bugs-list/2007-January/036873.html) Miroslav Stampar 2011-01-01 15:20:29 +00:00
  • 7ea3d060f6 some fixes/updates here and there Miroslav Stampar 2011-01-01 12:41:51 +00:00
  • 15e6911fd8 fix for a bug reported by ragos@joker.ms (AttributeError: 'NoneType' object has no attribute 'write') Miroslav Stampar 2011-01-01 12:23:02 +00:00
  • 91f665aaaa bug fix for Ctrl+C Miroslav Stampar 2010-12-31 15:00:19 +00:00
  • 076560f59f bug fix Miroslav Stampar 2010-12-31 12:58:27 +00:00
  • 5db8ebbfa9 update of mysql comment versions Miroslav Stampar 2010-12-31 12:42:12 +00:00
  • 40e3489099 minor update Miroslav Stampar 2010-12-31 12:27:57 +00:00
  • ce19b0c431 optimization of comment checking in MySQL Miroslav Stampar 2010-12-31 12:21:02 +00:00
  • 281d124fa6 minor bug fix Miroslav Stampar 2010-12-31 12:04:39 +00:00
  • 42e7b1b3a7 bug fix Miroslav Stampar 2010-12-30 22:40:37 +00:00
  • 20e3a6d72f fix/refactor/cosmetics (references: http://www.postgresql.org/docs/6.4/static/release.htm,http://www.postgresql.org/docs/8.2/static/functions-datetime.html#FUNCTIONS-DATETIME-TABLE,http://www.postgresql.org/docs/8.3/static/release-8-3.html) Miroslav Stampar 2010-12-30 21:53:34 +00:00
  • 7f4acaf6f9 now comment injection fingerprint works with all techniques Miroslav Stampar 2010-12-30 21:24:26 +00:00
  • 6f17e84e19 minor fix Miroslav Stampar 2010-12-30 08:29:20 +00:00
  • c3065f6ecc minor fix Miroslav Stampar 2010-12-29 20:38:56 +00:00
  • 2476c1516d minor fix Miroslav Stampar 2010-12-29 20:26:36 +00:00
  • 613242e298 bug fix (dynamic markings were not restored in program rerun which potentially led to no data retrieved) Miroslav Stampar 2010-12-29 19:48:19 +00:00
  • 8f32c740ff code refactoring Miroslav Stampar 2010-12-29 19:39:32 +00:00
  • 6700cabc36 minor optimization Miroslav Stampar 2010-12-29 19:01:29 +00:00
  • d1f5c1d7b7 now when we "decode page" based on a charset, sanitizeAsciiString only brings unneeded filtering Miroslav Stampar 2010-12-29 15:10:42 +00:00
  • 79e97824ef adding user names to the attack dictionary Miroslav Stampar 2010-12-29 00:37:53 +00:00
  • 93838fb155 "patch" for a problem reported by black zero (v = self._sslobj.write(data)...UnicodeError) Miroslav Stampar 2010-12-28 14:40:34 +00:00
  • 96c3ffd3d7 changing risk level to 0 - lots of MySQL databases around have information_schema unreadable, thus disabling first AND based error payload Miroslav Stampar 2010-12-27 19:02:13 +00:00
  • c0423761e8 minor update Miroslav Stampar 2010-12-27 18:27:42 +00:00
  • a77b186aca minor fix Miroslav Stampar 2010-12-27 16:55:27 +00:00
  • 5015f04826 minor update Miroslav Stampar 2010-12-27 16:36:05 +00:00
  • c8f8dbf0a7 minor update Miroslav Stampar 2010-12-27 15:39:27 +00:00
  • 9c1676bdfa minor cosmetics Miroslav Stampar 2010-12-27 14:44:00 +00:00
  • 9fb0e0fc85 resume of brute forced data is now available Miroslav Stampar 2010-12-27 14:17:20 +00:00
  • c7a160bf72 minor update (users want this to see) Miroslav Stampar 2010-12-27 12:00:54 +00:00
  • 3d23f226ae minor update Miroslav Stampar 2010-12-27 11:47:50 +00:00
  • 68462466f2 minor fix for a bug reported by shaohua pan (argument of type 'NoneType' is not iterable) Miroslav Stampar 2010-12-27 11:36:36 +00:00
  • 51a492e17d pretty important commit (now dumped tables are prone to dictionary attack) Miroslav Stampar 2010-12-27 10:56:28 +00:00
  • c8d5a6b980 update Miroslav Stampar 2010-12-27 00:41:16 +00:00
  • 269d6bde24 this one is pretty complicated (authentication handler tries to call keep alive module, while keep alive module tries to call authentication handler, leading to an infinite recursion) Miroslav Stampar 2010-12-27 00:14:29 +00:00
  • 89c2640d23 basic --search now works with MS Access Miroslav Stampar 2010-12-26 23:50:16 +00:00
  • f2373121d0 noticed little DoS behavior and lots of connections in netstat (best way to deal with zombie connections is to explicitly close them if not needed any more) Miroslav Stampar 2010-12-26 14:36:51 +00:00
  • c4d6a367e9 this way order given in -C is preserved Miroslav Stampar 2010-12-26 14:11:42 +00:00
  • c93f2a703d minor update Miroslav Stampar 2010-12-26 14:02:16 +00:00
  • ceeb6374e8 bug fix (TypeError: object of type 'NoneType' has no len()) Miroslav Stampar 2010-12-26 13:27:24 +00:00
  • 569e060aab important improvement Miroslav Stampar 2010-12-26 13:20:52 +00:00
  • fcd01b3018 minor update Miroslav Stampar 2010-12-26 11:24:41 +00:00
  • a555d1ad68 minor improvement Miroslav Stampar 2010-12-26 11:15:02 +00:00
  • 22ce464efc minor update with local names Miroslav Stampar 2010-12-26 10:16:00 +00:00