ChangeLog

==================
sqlninja changelog
==================
Version 0.2.999
+ Fixed keep-alive bug

+ Added support for powershell

Version 0.2.999-alpha1
+ Added data extraction module

+ Added vbscript-based upload

+ Split big ugly script into modules

+ Lots of refactoring

Version 0.2.6-r1
+ Fixed fingerprinting bug

Version 0.2.6
+ Added ICMP shell

+ Added support for CVE-2010-0232 (KiTrap0d)

+ Added header-based injection

+ Removed conf file autogen (unsuited to new way to configure injection)

+ Bug fixes

Version 0.2.5
+ Added HTTP proxy support

+ Upload mode supports multiple script lines per request

+ Upload mode supports files larger than 64k

+ SSL is enabled by default for 443, disabled for 80

+ SSL is now disabled by default (unless port is 80 of course)

+ Added switch for HTTP/1.0 and HTTP/1.1

+ Support for token kidnapping via churrasco.exe

+ Incorporated makescr.pl into the main program

+ DEP checking/disabling is now optional

+ Added support for msfencode

+ Added fingerprint of user running SQL Server

Version 0.2.3-r1
+ Added unobfuscated SQL in debug output

+ Fixed a bug in the Metasploit module

+ Fixed a few minor bugs

Version 0.2.3
+ Added metasploit module

+ Added makescr.pl

+ Dirshell module now allows to specify an alternate host

Version 0.2.2
+ Added evasion techniques

+ Added single command mode

+ Added diagnostics to upload mode

+ Upload mode handles scripts generated by (hopefully) all tools

+ Automatic URL-encoding now performed only on the injected query

+ Minor optimizations and fixes

Version 0.2.1
+ Added fingerprint of authentication mode

Version: 0.2.0
+ Added incremental bruteforce mode

+ Escalation is automatically performed at the end of the bruteforce

+ In escalation mode, '-u' is not needed anymore

+ Documentation now in HTML format (and WYSIWYG editors really suck)

+ A few minor fixes

Version: 0.1.3
+ Optimized bruteforce mode

+ Exploit strings now accepts spaces

+ Comment ("--") is appended at user's discretion

+ Default domain name set to 250, to cope with crappy DNS servers that do not follow the RFCs

+ Doubled the 'check sa' queries to avoid false positives

+ Minor bugfixes

Version: 0.1.2
+ Added test mode

+ Added debug option

+ Upload to directory %TEMP%

+ Added interactive generation of conf file

+ Simplified parameters: now same params for GET and POST

+ Sqlninja automatically appends '--' at the end of the query

+ Use of equal signs minimized (sometimes they get filtered...)

+ Print warning message when error detected in the response

+ Minor bugfixes

Version: 0.1.1

+ Added fingerprint mode

+ Added bruteforce mode

+ Added escalation mode

+ Added resurrectxp mode

+ Changed command syntax

+ Fixed post request syntax

+ Added URL-Encoding

+ DNS Server bind on 0.0.0.0

- Removed ssql mode 

+ A whole bunch of other minor fixes

Version: 0.1.0alpha

+ Added dnstunnel mode (a good reason for the huge versioning leap)

+ ssql mode is now mode 6

+ Number of lines to upload at each request has been fixed to 40. This should
be allright for most situations

+ nc.scr compressed with upx (http://upx.sourceforge.net)

+ Other fixes to upload function

+ Fixes to the config file parsing function

+ A few other minor changes

Version: 0.0.3

+ Used "\r\n" in HTTP requests instead of "\n", as IIS6 seems to be picky
about it

Version: 0.0.2

+ Added birthday function

+ Added friendly messages when missing modules

+ No more "vhost" parameter. The virtual host header is simply included in the
other headers, if needed

+ Increased CheckSSL() socket timeout

+ Added Net::RawIP module to use linkoffset function and make sqlninja usable
on every datalink type (and NetPacket::Ethernet isn't needed anymore)

+ Randomized UNIX socket name

+ Added EUID checks

+ Fixed a bug on the UDP reverse shell function

+ Minor bugfixes