Hello, Bernardo! Great news! It's one of my favorite hacker's tools :)
Тарас Иващенко (Taras Ivashchenko) -- "Software is like sex: it's better when it's free.", - Linus Torvalds. 2008/12/18 Bernardo Damele A. G. <[email protected]> > Hi, > > I am glad to release sqlmap version 0.6.3. > > Introduction > ============ > > sqlmap is an automatic SQL injection tool developed in Python. Its goal > is to detect and take advantage of SQL injection vulnerabilities on web > applications. Once it detects one or more SQL injections on the target > host, the user can choose among a variety of options to perform an > extensive back end database management system fingerprint, retrieve DBMS > session user and database, enumerate users, password hashes, privileges, > databases, dump entire or user's specific DBMS tables/columns, run his > own SQL SELECT statement, read specific files on the file system and > much more. > > > Changes > ======= > > Some of the new features include: > > * Major enhancement to get list of targets to test from Burp proxy > (http://portswigger.net/suite/) requests log file path or WebScarab > proxy (http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project) > 'conversations/' folder path by providing option -l <filepath>; > * Major enhancement to support Partial UNION query SQL injection > technique too; > * Major enhancement to test if the web application technology supports > stacked queries (multiple statements) by providing option --stacked-test > which will be then used someday also by takeover functionality; > * Major enhancement to test if the injectable parameter is affected by a > time based blind SQL injection technique by providing option --time-test; > * Major bug fix to correctly enumerate columns on Microsoft SQL Server; > * Major bug fix so that when the user provide a SELECT statement to be > processed with an asterisk as columns, now it also work if in the FROM > there is no database name specified; > > > Complete list of changes at http://sqlmap.sourceforge.net/doc/ChangeLog. > > > Download > ======== > > You can download it in various formats: > > * Source gzip compressed, > http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.gz > > * Source bzip2 compressed, > http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.bz2 > > * Source zip compressed, > http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.zip > > * DEB binary package, > http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.3-1_all.deb > > * RPM binary package, > http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3-1.noarch.rpm > > * Portable executable for Windows that does not require the Python > interpreter to be installed on the operating system, > http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3_exe.zip > > > Documentation > ============= > > * sqlmap user's manual: http://sqlmap.sourceforge.net/doc/README.pdf > > * sqlmap developer's documentation: http://sqlmap.sourceforge.net/dev/ > > > Happy hacking! > > -- > Bernardo Damele A. G. > > E-mail / Jabber: bernardo.damele (at) gmail.com > Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK) > PGP Key ID: 0x05F5A30F > > ------------------------------------------------------------------------ > This list is sponsored by: Cenzic > > Security Trends Report from Cenzic > Stay Ahead of the Hacker Curve! > Get the latest Q2 2008 Trends Report now > > www.cenzic.com/landing/trends-report > ------------------------------------------------------------------------ > >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
