SQLMap 0.6.1 released

In: Application Scanner , Configurations checks , Database , SQLmap , Vulnerability Scanner

21 October 2008

SQLmap is an automatic SQL injection tool entirely developed in Python. It is capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities.

Changelog

Major bug fix to blind SQL injection bisection algorithm to handle an exception;
Added a Metasploit Framework 3 auxiliary module to run sqlmap;
Implemented possibility to test for and inject also on LIKE statements;
Implemented —start and —stop options to set the first and the last table entry to dump;
Added non-interactive/batch-mode (—batch) option to make it easy to wrap sqlmap in Metasploit and any other tool;
Minor enhancement to save also the length of query output in the session file when retrieving the query output length for ETA or for resume purposes;
Changed the order sqlmap dump table entries from column by column to row by row. Now it also dumps entries as they are stored in the tables, not forcing the entries’ order alphabetically anymore;
Minor bug fix to correctly handle parameters’ value with % character.

Post scriptum

Download

Compliance Mandates

Application Scanner :
PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2
Vulnerability Scanner :
PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Application Scanner	10 May 2010 : SQLNinja v0.2.5 released! 1 May 2010 : WhatWeb just updated to v0.4.2 29 April 2010 : WhatWeb v0.4.1 - released 28 April 2010 : NSIA (Network System Integrity Analysis) v0.8.99 released 26 April 2010 : Acunetix WVS v6.5 build 20100419 released
Configurations checks	10 May 2010 : WebTest 1.2.1 - Testing Web Application with Python 1 May 2010 : Lansweeper v4.0 released 1 May 2010 : Sysinternal AccessChk v5.0 released 1 May 2010 : Spiceworks v4.7 build 50667 released 25 April 2010 : Testing the systems highload with StressLinux v0.5.111
Database	7 April 2010 : SFX-SQLi v1.1.3.2 available 23 March 2010 : SQLFury SQL Injection for Adobe Air runtime v1.1.6 availabe 15 March 2010 : SQLMap v0.8 released 7 March 2010 : DB Audit v4.2.25 released 27 February 2010 : Pangolin SQL injection tool build 3.2.1.1020 released
SQLmap	19 January 2010 : (Info) SQLmap v0.8 stable soon to be released 10 October 2009 : SQLMap v0.8 release candidate 1 is out 28 July 2009 : SQLmap version 0.7 in the wild 24 April 2009 : SQLMap 0.7rc1 available 6 February 2009 : SQLMap 0.6.4 released
Vulnerability Scanner	12 May 2010 : Complemento v0.7.6 - Collection of Tools 22 April 2010 : OpenSCAP v0.5.9 released 20 April 2010 : Sandcat v4.0 released 15 April 2010 : Nessus v4.2.2 released 9 April 2010 : SARA-7.9.2a the final version released

SQLMap 0.6.1 released

Post scriptum

Compliance Mandates

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU