SQLmap version 0.7 in the wild
SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.
Changelog for this release :
- Adapted Metasploit wrapping functions to work with latest 3.3
development version too. - Adjusted code to make sqlmap 0.7 to work again on Mac OSX too.
- Reset takeover OOB features (if any of —os-pwn, —os-smbrelay or
— os-bof is selected) when running under Windows because msfconsole
and msfcli are not supported on the native Windows Ruby interpreter.
This make sqlmap 0.7 to work again on Windows too. - Minor improvement so that sqlmap tests also all parameters with no
value (eg. par=). - HTTPS requests over HTTP proxy now work on either Python 2.4, 2.5 and 2.6+.
Thanks to Maximiliano Soler for the notification
Post scriptum
Compliance Mandates
|