SpoC 007 - SQLMap - Progress Page

Accomplished objectives at 12nd of July 2007

 * Added support to extract database users password hash on MySQL and PostgreSQL - 100%
 * Extended inband SQL injection functionality to all other possible queries - 100%
 * Added Microsoft SQL Server database fingerprint - 100%
 * Added support for query ETA (Estimated Time of Arrival) real time calculation - 100%
 * Improved Google dorking support to take advantage of remote hosts affected by SQL injection to perform other command line argument actions - 100%
 * Improved logging functionality - 100%

TODO objectives at 12nd of July 2007

 * Add support for Oracle database management system - 10%
 * Add support to extract database users password hash on Microsoft SQL Server - 10%
 * Add a fuzzer class with the aim to parse html page looking for standard database error messages consequently improving database fingerprinting - 40%
 * Add support for SQL injection on HTTP Cookie and User-Agent headers - 0%

Links

 * sqlmap homepage
 * sqlmap SVN repository web interface
 * sqlmap SourceForge File List page
 * sqlmap development documentation