This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
SpoC 007 - SQLMap - Progress Page
From OWASP
Accomplished objectives at 12nd of July 2007
- Added support to extract database users password hash on MySQL and PostgreSQL - 100%
- Extended inband SQL injection functionality to all other possible queries - 100%
- Added Microsoft SQL Server database fingerprint - 100%
- Added support for query ETA (Estimated Time of Arrival) real time calculation - 100%
- Improved Google dorking support to take advantage of remote hosts affected by SQL injection to perform other command line argument actions - 100%
- Improved logging functionality - 100%
TODO objectives at 12nd of July 2007
- Add support for Oracle database management system - 10%
- Add support to extract database users password hash on Microsoft SQL Server - 10%
- Add a fuzzer class with the aim to parse html page looking for standard database error messages consequently improving database fingerprinting - 40%
- Add support for SQL injection on HTTP Cookie and User-Agent headers - 0%