|
83 | 83 | * Added option `--sql-file` for setting file(s) holding SQL statements to be executed (in case of stacked SQLi). |
84 | 84 | * Added switch `--sqlmap-shell` to turn on interactive sqlmap shell prompt. |
85 | 85 | * Added option `--test-filter` for test filtration by payloads and/or titles (e.g. `ROW`). |
86 | | -* Added option `--test-skip` for skiping tests by payloads and/or titles (e.g. `BENCHMARK`). |
| 86 | +* Added option `--test-skip` for skipping tests by payloads and/or titles (e.g. `BENCHMARK`). |
87 | 87 | * Added switch `--titles` to turn on comparison of pages based only on their titles. |
88 | 88 | * Added option `--tor-port` to explicitly set Tor proxy port. |
89 | 89 | * Added option `--tor-type` to set Tor proxy type (`HTTP` (default), `SOCKS4` or `SOCKS5`). |
|
149 | 149 | * Major bugs fixed. |
150 | 150 | * Cleanup of UDF source code repository, https://svn.sqlmap.org/sqlmap/trunk/sqlmap/extra/udfhack. |
151 | 151 | * Major code cleanup. |
152 | | -* Added simple file encryption/compression utility, extra/cloak/cloak.py, used by sqlmap to decrypt on the fly Churrasco, UPX executable and web shells consequently reducing drastically the number of anti-virus softwares that mistakenly mark sqlmap as a malware. |
| 152 | +* Added simple file encryption/compression utility, extra/cloak/cloak.py, used by sqlmap to decrypt on the fly Churrasco, UPX executable and web shells consequently reducing drastically the number of anti-virus software that mistakenly mark sqlmap as a malware. |
153 | 153 | * Updated user's manual. |
154 | 154 | * Created several demo videos, hosted on YouTube (http://www.youtube.com/user/inquisb) and linked from http://sqlmap.org/demo.html. |
155 | 155 |
|
|
302 | 302 | * Added support to extract database users password hash on Microsoft SQL Server; |
303 | 303 | * Added a fuzzer function with the aim to parse HTML page looking for standard database error messages consequently improving database fingerprinting; |
304 | 304 | * Added support for SQL injection on HTTP Cookie and User-Agent headers; |
305 | | -* Reviewed HTTP request library (lib/request.py) to support the extended inband SQL injection functionality. Splitted getValue() into getInband() and getBlind(); |
| 305 | +* Reviewed HTTP request library (lib/request.py) to support the extended inband SQL injection functionality. Split getValue() into getInband() and getBlind(); |
306 | 306 | * Major enhancements in common library and added checkForBrackets() method to check if the bracket(s) are needed to perform a UNION query SQL injection attack; |
307 | 307 | * Implemented `--dump-all` functionality to dump entire DBMS data from all databases tables; |
308 | 308 | * Added support to exclude DBMS system databases' when enumeration tables and dumping their entries (`--exclude-sysdbs`); |
|
335 | 335 | * Added inband SQL injection (UNION query) support (`--union-use`); |
336 | 336 | * Complete code refactoring, a lot of minor and some major fixes in libraries, many minor improvements; |
337 | 337 | * Reviewed the directory tree structure; |
338 | | -* Splitted lib/common.py: inband injection functionalities now are moved to lib/union.py; |
| 338 | +* Split lib/common.py: inband injection functionalities now are moved to lib/union.py; |
339 | 339 | * Updated documentation files. |
340 | 340 |
|
341 | 341 | # Version 0.3 (2007-01-20) |
|
0 commit comments