Releases: ron190/jsql-injection
Releases · ron190/jsql-injection
jSQL Injection v0.110
- Expose exploit queries to SQL Engine (readonly)
- Add postgres RCE
and RCEProgram
- Add postgres RCE
for tcl/r/lua - Add sqlite read file via extension
- Add h2, hsqldb RCE web shell w/ pjbs bridge
- Add h2, hsqldb fingerprint and read file
- Add derby exploit, fingerprint and file read
- Reduce oracle string aggregate size
- Display partial content on file read failure
- Improve request and header expanded params
- Simplify exploit selection
- Restore focus on address bar at startup
- Improve i18n translation: es
- Remove oracle RCE not exploitable
- Fixes #96020: OutOfBoundsException on getItem()
jSQL Injection v0.109
jSQL Injection v0.108
- Add exploit web shell and upload for sqlite
- Add Blob and Clob oracle Error strategies
- Add postgres file read out of data folder
- Improve shell result on union multi index
- Improve shell compatibility with stack query
- Improve button Decode location in logs
- Fix SqlEngine tabs Error on theme switch
- Fix #95709: Illegal escape % in header
jSQL Injection v0.106
Add exploit RCE system shell for oracle (credit: @selectfromblackhydra)
- Add oracle Time strategy (credit: @selectfromblackhydra)
- Disambiguate mysql fingerprint from sqlite v3.48
- Add checkbox to auto decode logs
jSQL Injection v0.105
- Cloak UDF libraries (credit: @xcypher78)
- Fix GUI event for UDF command results
- Add password field for SQL exploit credentials
- Fix wrong SQL credential warning
jSQL Injection v0.104
- Merge tabs Upload/Web/Sql shell into new tab Exploit
- Add UDF to tab Exploit (credit to @mrdragonblack)
- Add exploit extensions: mysql, pdo
- Add exploit transfert: netshare, temp table
- Fix exploit sql when wrong credentials
- Paste into terminal with right click
- Reduce/expand consoles by middle click
- Restore maximized window at startup
- Multiple conversion fixes in tab Coder
- Improve i18n for menu, dialog and tooltip
jSQL Injection v0.103
- Add multiple dark/light themes
- Optimize GUI components in line with themes
- Persist theme and language settings
- Persist random user agent preference
- Reduce jar size to half of current size
- Fix #95845: undefined user agents
jSQL Injection v0.101
- Add database vendor blind fingerprinting
- Optimize concurrency, shutdown and non-progress threads
- Improve vuln report
- Warn about missing strategies implementation
- Remove Time from Sqlite
- Remove Memsql and CockroachDB as clones
- Improve clones fingerprinting
- Improve Vertica schema query and fix field casting
- Fix Vertica/Postgres fingerprint collision
- Improve falsy/truthy lists on Oracle
- Improve failsafe on Oracle
- Improve modes test order on Blind/Time
- Improve characters insertion test order
- Add TryHackMe and Burp labs to Scan list
jSQL Injection v0.100
- Add vulnerability report (contribution by @DelvinBa)
- Handle incorrect domain authority
- I18n improvement and cleaning
- Upgrade dependencies version
jSQL Injection v0.99
- Fix issue with non ASCII domain names (punycode compatibility)
- Allow restricted headers: connection, content-length, expect, host, upgrade
- Handle incorrect URI and header, empty csrf token, out of memory error, concurrent modification
- Use default encoding instead of system encoding
- Upgrade version dependencies
- Validate jdk21 compatibility