[Tool] sqlmap 0.6.1 released
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [Tool] sqlmap 0.6.1 released
- From: "Bernardo Damele A. G." <bernardo.damele@xxxxxxxxx>
- Date: Mon, 20 Oct 2008 15:45:16 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=Xgvl2XeRtThV7iL4YktzXDUf1rnz8WFrjWMfhekgIS4=; b=cM60iOlbgaFNXX69QYkpiiT8itSy+1pdF8DTTo5W1h4bDCq8KGrDfTAyf4o6Wc3vpX Zvrx+JzOxA+MfL7HYrinCjHE1XBbndIQ5QBZU0Vebmj5T0bNwTTxJS68kP/JYv0Wf4Ix omX5/Go9PaK+iHgoiPa0JryAW+b5dv2VDiQ9I=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=RemVj1lNE1Wl0B/30ikS9o3qennsTFOmok/NvhxIAAtq0h+XrmEvHhCCL7OuPtlNV5 3I+njmAEwy7Yg5fXDNamOYxnFPo4DJ7SQiT8DwGQd2bQyR1ACAguuGu6pvEyLqZKUQO1 o8Vz0CERijACW2e/XvnHReeAH5pXMZut+VN+I=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Hi,
I am glad to release sqlmap version 0.6.1.
Introduction
============
sqlmap is an automatic SQL injection tool developed in Python. Its
goal is to detect and take advantage of SQL injection vulnerabilities
on web applications. Once it detects one or more SQL injections on the
target host, the user can choose among a variety of options to perform
an extensive back-end database management system fingerprint, retrieve
DBMS session user and database, enumerate users, password hashes,
privileges, databases, dump entire or user's specific DBMS
tables/columns, run his own SQL SELECT statement, read specific files
on the file system and much more.
Changes
=======
Some of the new features include:
* Added a Metasploit Framework 3 auxiliary module to run sqlmap;
* Implemented possibility to test for and inject also on LIKE statements;
* Implemented --start and --stop options to set the first and the last
table entry to dump;
* Added non-interactive/batch-mode (--batch) option to make it easy to
wrap sqlmap in Metasploit and any other tool.
Complete list of changes at http://sqlmap.sourceforge.net/doc/ChangeLog.
Download
========
You can download it in various formats:
* Source gzip compressed,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.tar.gz
* Source bzip2 compressed,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.tar.bz2
* Source zip compressed,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.zip
* DEB binary package,
http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.1-1_all.deb
* RPM binary package,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1-1.noarch.rpm
* Portable executable for Windows that does not require the Python
interpreter to be installed on the operating system,
http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1_exe.zip
Documentation
=============
* sqlmap user's manual: http://sqlmap.sourceforge.net/doc/README.pdf
* sqlmap developer's documentation: http://sqlmap.sourceforge.net/dev/
Happy hacking!
--
Bernardo Damele A. G.
E-mail / Jabber: bernardo.damele (at) gmail.com
Mobiles: +39-3493821385 (IT), +44-(0)7788962949 (UK)
PGP Key ID: 0x05F5A30F