adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

67 Commits

Author SHA1 Message Date
h00die d64ed33cdf code spell for a bunch of modules 2023-09-24 17:42:00 -04:00
Grant Willcox 08f07eccb6 Fix initial incorrect parameters in YARD documentation 2023-03-05 20:15:14 -06:00
Grant Willcox b10386ba08 Land #16650, Add #read_from_file for MSSQL and PostgreSQL, fix the MySQL implementation 2022-06-17 14:58:22 -05:00
Redouane NIBOUCHA d47d1bc259 Remove newlines from base64 output on MySQL also 2022-06-17 00:51:52 +02:00
Redouane NIBOUCHA 88036a7f1f Check for nil before using the decoder in test_vulnerable 2022-06-08 22:00:03 +02:00
Redouane NIBOUCHA 5331c343a0 Use the encoder in all the #test_vulnerable methods from the common class 2022-06-06 23:13:26 +02:00
Redouane NIBOUCHA 6d9c789f4d Add method #read_from_file for MSSQL and PostgreSQL, and update the MySQL #read_from_file method 2022-06-06 23:07:25 +02:00
Redouane NIBOUCHA 90937e6daa Address feedback from space-r7 2022-05-06 00:31:20 +02:00
Redouane NIBOUCHA 87a21bd117 Add the MSSQL injection library 2022-04-22 06:19:36 +02:00
Redouane NIBOUCHA 51814a4a8b Refactor the code, using if(CONDITION,sleep(...),0) only 2022-01-30 23:49:07 +00:00
Redouane NIBOUCHA e329d78a46 Use = instead of <> for blind queries (fixes some wordpress plugin SQLis) 2022-01-30 23:01:08 +00:00
Jeffrey Martin 43ecfe5138 Land #14602, Fix length detection & enhance hex 2021-02-14 12:37:48 -06:00
Jeffrey Martin dbce3982fd Land #14067, [GSoC] Module for CVE-2019-13375, and PostgreSQL support for the library 2021-02-14 12:11:09 -06:00
dwelch-r7 b6eb940e46 Fix usage of Failure:: constant 2021-02-12 14:33:05 +00:00
Niboucha Redouane 82874a5cf5 fix hex_encode_strings, encode empty strings before others (""||"a" would otherwise encode "||" before getting to empty strings) 2021-01-09 14:15:05 +01:00
Niboucha Redouane e63dd77b52 Handle empty strings when hex_encode_strings is true 2021-01-09 14:01:32 +01:00
Niboucha Redouane b9d9a8af5b Fix MySQLi timebasedblind output length detection 2021-01-09 14:00:25 +01:00
dwelch-r7 1617b3ec9b Use zeitwerk for lib/msf/core folder 2020-12-07 10:31:45 +00:00
Niboucha Redouane 17c7c4fdbe Fix issues 2020-10-27 00:55:06 +01:00
Niboucha Redouane 97d134fe07 Refactor PostgreSQL version of the SQLi library to use utils 2020-08-28 20:29:32 +02:00
Niboucha Redouane 6bb9f9d629 Fix postgreSQL documentation 2020-08-28 20:10:19 +02:00
Niboucha Redouane b23b72fa19 Add documentation for dlink_central_wifimanager_sqli, and add write_to_file to PostgreSQLi 2020-08-28 20:10:19 +02:00
Niboucha Redouane e4364ed6e7 Fix safe mode 2020-08-28 20:10:19 +02:00
Niboucha Redouane 99449f46ef Add initial version of PostgreSQL injection support 2020-08-28 20:10:19 +02:00
Niboucha Redouane 1d4d6c384b Merge support for PostgreSQL injection with the branch having support for SQLite and MySQL/MariaDB 2020-08-28 20:09:45 +02:00
Niboucha Redouane 8d64cb9b6b Rename the common utilities from utils to common 2020-08-27 22:54:42 +02:00
Niboucha Redouane d66bb4058e Fix documentation, remove unused instance variable in SQLite TimeBasedBlind class (sleepdelay) 2020-08-27 19:08:27 +02:00
Niboucha Redouane 4e302dc42b Move get_bitmask to the SQLi::Utils module 2020-08-27 16:28:38 +02:00
Niboucha Redouane 2bb2b73dc2 Refactor to avoid repetitive code on Blind SQLi implementations 2020-08-27 16:28:38 +02:00
Niboucha Redouane 080e25ee6a Various fixes and enhacements to the comments, and addition of write_to_file method 2020-08-27 16:28:38 +02:00
Niboucha Redouane e0c59ede5c Comment the SQLite methods 2020-08-27 16:28:38 +02:00
Niboucha Redouane 1c69dfd5df Add safe mode for SQLi, and support limiting the number of rows to be returned 2020-08-27 16:28:38 +02:00
Niboucha Redouane a42ae5280b Update SQLite support to work with the new factory redesign 2020-08-27 16:28:38 +02:00
Niboucha Redouane 4374edd37a add truncated SQLi in SQLite, and update test module to add it as an option 2020-08-27 16:28:38 +02:00
Niboucha Redouane 8f9a849591 fix test module, and fix logging 2020-08-27 16:28:38 +02:00
Niboucha Redouane 477f7313a2 Avoid repertitive code in blind injections 2020-08-27 16:28:38 +02:00
Niboucha Redouane 26e5fc99de add SQLite injection library, and test module (against sqlite_lab) 2020-08-27 16:28:38 +02:00
Jeffrey Martin d3c04b13dc Land #13968, Add a method for SQL injections where query output is not needed, and read_from_file support for MySQLi 2020-08-14 15:44:53 -05:00
Niboucha Redouane 812a0b78e2 Fix write_to_file, and add read_from_file support for MySQL 2020-08-09 19:23:22 +02:00
Jeffrey Martin f6d21abb51 require instead of autoload for exploit mixin 2020-07-10 22:15:12 -05:00
Niboucha Redouane 4c229c0a24 Add method for writing to files using SQL injection 2020-07-06 16:53:46 +02:00
Niboucha Redouane 4950c2dacf Fix minor bugs, in safe mode, and in the name of the attribute passed to attr_accessor 2020-07-01 23:00:23 +02:00
Niboucha Redouane f9ade608b5 minor change: add default value to some arguments 2020-07-01 02:56:01 +02:00
Niboucha Redouane 0680113288 get rid of database parameter in MySQLi methods 2020-06-30 18:49:13 +02:00
Niboucha Redouane b230adebba Add check for positional arguments on class constructor (SQLi::Common) 2020-06-30 16:16:35 +02:00
Niboucha Redouane 440294ff07 make some attributes writable, and specify its the SQLi library in any verbose message 2020-06-27 18:28:12 +02:00
Jeffrey Martin aa6c037dbd refactor mixin as factory for sqli classes 2020-06-26 15:09:01 -05:00
Niboucha Redouane 34e8eae471 move hex_encode_strings to MySQLi::Common, as it is specific to MySQL 2020-06-26 16:04:51 +02:00
Niboucha Redouane 7291a77807 minor fix to verbose logging / some comments 2020-06-25 12:46:05 +02:00
Niboucha Redouane f89f80be47 add default value for options of SQLi constructors, and fix eyesofnetwork module 2020-06-24 00:38:13 +02:00