http://redmove.persiangig.com/MyPrograms/Havij 1.08.exe
Version 1.08 2010/02/13
-MySQL Blind Injection added.
-Auto injection type detection added.
-Try different injection syntaxes becase an option.
-Following redirections became an option.
-Admin list, Table list and Column list improved.
Version 1.07 2009/12/08
-finding column count and string column in mssql no error when type was string fixed.
-some bugs in analyze method for mysql fixed.
-manual syntax available for mysql and mssql no error
-Online MD5 cracker added.
Version 1.06 2009/10/09
-finding string column in mysql made better.
-oracle added.
-bug in find admin when file list was huge (oveflow error!) fixed.
-bug in delete/update/insert when database was not default fixed.
-retry bug in find admin fixed.
-'load cookie' added to settings.
Version 1.05 Not Released
-proxy added.
-find admin added.
-filter made available for mssql
-a bug fixed (blind detection when target is not vulnerable and injection type is string)
-MsAccess database added
-finding columns count and string column in mysql made better.
Version 1.04 Not Released
-filter added to get data
-data list changed
-updating data enabled
-delete row added
-insert new row added
-group_concat added.
-bug in guessing columns in mysql fixed.
-bug with null strings when 'avoid using strings' was on fixed.
-bug in getting data in mysql when type is string fixed.
-injection method changed for mysql.
-bug in guessing tables and columns in mysql<5 fixed.
-program displays injection syntax after analyze.
-'user agent' added to settings.
Version 1.03 2009/08/19
-bug in getting info fixed when collate not allowed in mssql
-analyzing method changed for mysql data bases.
-finding db server made better.
-injection with different syntaxes added.
-query added.
-data base server detection is now both automated and user selective.
-injection of string type for double quotation mark added.
-bugs in cmdshell fixed.
-command executation enabled for mssql no error.
-some little bugs fixed.
Version 1.02 2009/08/08
-access privilege detection added when getting data
-string type added.
-an error in getting http response code fixed.
-a bug in finding columns fixed.
-command executation added.
-'do not find column count in mssql with error' added to settings.
-html encode bug in mssql with error fixed.
-another try for finding columns count added.
-logging made better.
-redirect added.
-guessing tables and columns in MySQL<5 added.
-a bug in getting tables fixed.
-some other little changes.
Version 1.01 2009/07/25
-post method added.
-program finds count of tables or columns before getting tables and columns.
-'Replace space with' added to the settings.
-'Additional http headers' added to the settings.
-positive pattern checking algorithm made better.
-stop on erros added.
-a second method added for finding DB server type.
-mssql no error data base added.
-new look (command buttons changed into menus)
-a little problem in getting mysql's tables data was fixed.
-save option added.
-a bug in data base 'mssql with error' when getting tables and columns with 'avoid using strings' option fixed.
-some other little changes.
Version 1.0 beta 2009/07/04
-Initial release
No comments:
Post a Comment