==================
sqlninja changelog
==================

Version 0.2.3
+ Added metasploit module

+ Added makescr.pl

+ Dirshell module now allows to specify an alternate host

Version 0.2.2
+ Added evasion techniques

+ Added single command mode

+ Added diagnostics to upload mode

+ Upload mode handles scripts generated by (hopefully) all tools

+ Automatic URL-encoding now performed only on the injected query

+ Minor optimizations and fixes

Version 0.2.1
+ Added fingerprint of authentication mode

Version: 0.2.0
+ Added incremental bruteforce mode

+ Escalation is automatically performed at the end of the bruteforce

+ In escalation mode, '-u' is not needed anymore

+ Documentation now in HTML format (and WYSIWYG editors really suck)

+ A few minor fixes

Version: 0.1.3
+ Optimized bruteforce mode

+ Exploit strings now accepts spaces

+ Comment ("--") is appended at user's discretion

+ Default domain name set to 250, to cope with crappy DNS servers that do not follow the RFCs

+ Doubled the 'check sa' queries to avoid false positives

+ Minor bugfixes

Version: 0.1.2
+ Added test mode

+ Added debug option

+ Upload to directory %TEMP%

+ Added interactive generation of conf file

+ Simplified parameters: now same params for GET and POST

+ Sqlninja automatically appends '--' at the end of the query

+ Use of equal signs minimized (sometimes they get filtered...)

+ Print warning message when error detected in the response

+ Minor bugfixes

Version: 0.1.1

+ Added fingerprint mode

+ Added bruteforce mode

+ Added escalation mode

+ Added resurrectxp mode

+ Changed command syntax

+ Fixed post request syntax

+ Added URL-Encoding

+ DNS Server bind on 0.0.0.0

- Removed ssql mode 

+ A whole bunch of other minor fixes

Version: 0.1.0alpha

+ Added dnstunnel mode (a good reason for the huge versioning leap)

+ ssql mode is now mode 6

+ Number of lines to upload at each request has been fixed to 40. This should
be allright for most situations

+ nc.scr compressed with upx (http://upx.sourceforge.net)

+ Other fixes to upload function

+ Fixes to the config file parsing function

+ A few other minor changes

Version: 0.0.3

+ Used "\r\n" in HTTP requests instead of "\n", as IIS6 seems to be picky
about it

Version: 0.0.2

+ Added birthday function

+ Added friendly messages when missing modules

+ No more "vhost" parameter. The virtual host header is simply included in the
other headers, if needed

+ Increased CheckSSL() socket timeout

+ Added Net::RawIP module to use linkoffset function and make sqlninja usable
on every datalink type (and NetPacket::Ethernet isn't needed anymore)

+ Randomized UNIX socket name

+ Added EUID checks

+ Fixed a bug on the UDP reverse shell function

+ Minor bugfixes