sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity
156fdd96ef
sqlmap/lib/parse/cmdline.py

447 lines
20 KiB
Python
Raw Normal View History

After the storm, a restore..
2008-10-15 19:38:22 +04:00
#!/usr/bin/env python
"""
propsets..
2008-10-15 19:56:32 +04:00
$Id$
After the storm, a restore..
2008-10-15 19:38:22 +04:00
This file is part of the sqlmap project, http://sqlmap.sourceforge.net.
Updated copyright
2010-03-03 18:26:27 +03:00
Copyright (c) 2007-2010 Bernardo Damele A. G. <bernardo.damele@gmail.com>
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
Copyright (c) 2006 Daniele Bellucci <daniele.bellucci@gmail.com>
After the storm, a restore..
2008-10-15 19:38:22 +04:00
sqlmap is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation version 2 of the License.
sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
details.
You should have received a copy of the GNU General Public License along
with sqlmap; if not, write to the Free Software Foundation, Inc., 51
Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
"""
Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.
2008-12-12 22:06:31 +03:00
import sys
After the storm, a restore..
2008-10-15 19:38:22 +04:00
from optparse import OptionError
from optparse import OptionGroup
from optparse import OptionParser
from lib.core.data import logger
from lib.core.settings import VERSION_STRING
def cmdLineParser():
"""
This function parses the command line parameters and arguments
"""
Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.
2008-12-12 22:06:31 +03:00
usage = "%s [options]" % sys.argv[0]
After the storm, a restore..
2008-10-15 19:38:22 +04:00
parser = OptionParser(usage=usage, version=VERSION_STRING)
try:
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
parser.add_option("-v", dest="verbose", type="int", default=1,
Major bug fix
2008-12-18 00:35:04 +03:00
help="Verbosity level: 0-5 (default 1)")
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
# Target options
target = OptionGroup(parser, "Target", "At least one of these "
"options has to be specified to set the source "
"to get target urls from.")
target.add_option("-u", "--url", dest="url", help="Target url")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
target.add_option("-l", dest="list", help="Parse targets from Burp "
Minor layout adjustments
2010-01-10 00:08:47 +03:00
"or WebScarab proxy logs")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Minor code refactoring
2010-01-14 23:42:45 +03:00
target.add_option("-r", dest="requestFile",
help="Load HTTP request from a file")
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
target.add_option("-g", dest="googleDork",
help="Process Google dork results as target urls")
Adapted the code to support a list of targets from a text file (Burp log file) or from a directory (WebScarab conversations folder) with command line option -l.
2008-11-20 20:56:09 +03:00
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
target.add_option("-c", dest="configFile",
help="Load options from a configuration INI file")
Minor code refactoring
2010-01-14 23:42:45 +03:00
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
# Request options
request = OptionGroup(parser, "Request", "These options can be used "
"to specify how to connect to the target url.")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
request.add_option("--method", dest="method", default="GET",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="HTTP method, GET or POST (default GET)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
request.add_option("--data", dest="data",
help="Data string to be sent through POST")
request.add_option("--cookie", dest="cookie",
help="HTTP Cookie header")
Minor code refactoring
2010-01-14 23:42:45 +03:00
request.add_option("--cookie-urlencode", dest="cookieUrlencode",
action="store_true",
minor update
2010-03-03 16:49:24 +03:00
help="URL Encode generated cookie injections")
Minor code refactoring
2010-01-14 23:42:45 +03:00
request.add_option("--drop-set-cookie", dest="dropSetCookie",
action="store_true",
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 05:02:12 +03:00
help="Ignore Set-Cookie header from response")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
request.add_option("--user-agent", dest="agent",
help="HTTP User-Agent header")
request.add_option("-a", dest="userAgentsFile",
help="Load a random HTTP User-Agent "
"header from file")
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 05:02:12 +03:00
request.add_option("--referer", dest="referer",
help="HTTP Referer header")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
request.add_option("--headers", dest="headers",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Extra HTTP headers newline separated")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
After the storm, a restore..
2008-10-15 19:38:22 +04:00
request.add_option("--auth-type", dest="aType",
minor update of help text
2010-01-07 16:09:14 +03:00
help="HTTP Authentication type "
"(Basic, Digest or NTLM)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
request.add_option("--auth-cred", dest="aCred",
minor update of help text
2010-01-07 16:09:14 +03:00
help="HTTP Authentication credentials "
"(name:password)")
implementation of Feature #17
2010-01-07 15:59:09 +03:00
request.add_option("--auth-cert", dest="aCert",
minor update of help text
2010-01-07 16:09:14 +03:00
help="HTTPs Authentication certificate ("
implementation of Feature #17
2010-01-07 15:59:09 +03:00
"key_file,cert_file)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
request.add_option("--proxy", dest="proxy",
help="Use a HTTP proxy to connect to the target url")
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
request.add_option("--threads", dest="threads", type="int", default=1,
After the storm, a restore..
2008-10-15 19:38:22 +04:00
help="Maximum number of concurrent HTTP "
"requests (default 1)")
sqlmap 0.6.3-rc1: * Minor enhancement to be able to specify the number of seconds to wait between each HTTP request. * Minor bug fix to handle session.error and session.timeout in HTTP requests. * Updated documentation.
2008-11-09 19:57:47 +03:00
request.add_option("--delay", dest="delay", type="float",
help="Delay in seconds between each HTTP request")
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
request.add_option("--timeout", dest="timeout", type="float", default=30,
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
help="Seconds to wait before timeout connection "
Added preventive check for stacked queries support when executing DDL, DML & co. statements in SQL query and SQL shell. Minor improvements on this new feature. Increased default connection timeout to 30 seconds (needed for vmware machine not correctly synched).
2008-12-19 23:48:33 +03:00
"(default 30)")
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
request.add_option("--retries", dest="retries", type="int", default=3,
help="Retries when the connection timeouts "
"(default 3)")
Minor layout adjustments
2010-01-10 00:08:47 +03:00
added --scope feature regarding Feature #105
2010-01-09 23:44:50 +03:00
request.add_option("--scope", dest="scope",
Minor layout adjustments
2010-01-10 00:08:47 +03:00
help="Regexp to filter targets from provided proxy log")
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
added option --ignore-proxy
2010-02-25 23:55:10 +03:00
request.add_option("--ignore-proxy", dest="ignoreProxy",
action="store_true",
help="Ignore system default HTTP proxy")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
# Injection options
Minor adjustments and minor bug fixes. Documentation almost complete for sqlmap 0.6.3.
2008-12-12 22:06:31 +03:00
injection = OptionGroup(parser, "Injection", "These options can be "
"used to specify which parameters to test "
"for, provide custom injection payloads and "
"how to parse and compare HTTP responses "
"page content when using the blind SQL "
"injection technique.")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
injection.add_option("-p", dest="testParameter",
help="Testable parameter(s)")
Minor enhancemet to support also --regexp, --excl-str and --excl-reg options rather than only --string when comparing HTTP responses page content
2008-12-05 18:34:13 +03:00
injection.add_option("--dbms", dest="dbms",
help="Force back-end DBMS to this value")
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
injection.add_option("--os", dest="os",
help="Force back-end DBMS operating system "
"to this value")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
injection.add_option("--prefix", dest="prefix",
help="Injection payload prefix string")
injection.add_option("--postfix", dest="postfix",
help="Injection payload postfix string")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
injection.add_option("--string", dest="string",
help="String to match in page when the "
"query is valid")
Minor enhancemet to support also --regexp, --excl-str and --excl-reg options rather than only --string when comparing HTTP responses page content
2008-12-05 18:34:13 +03:00
injection.add_option("--regexp", dest="regexp",
help="Regexp to match in page when the "
"query is valid")
injection.add_option("--excl-str", dest="eString",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="String to be excluded before comparing "
"page contents")
Minor enhancemet to support also --regexp, --excl-str and --excl-reg options rather than only --string when comparing HTTP responses page content
2008-12-05 18:34:13 +03:00
injection.add_option("--excl-reg", dest="eRegexp",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Matches to be excluded before "
"comparing page contents")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
# Techniques options
techniques = OptionGroup(parser, "Techniques", "These options can "
"be used to test for specific SQL injection "
"technique or to use one of them to exploit "
"the affected parameter(s) rather than using "
"the default blind SQL injection technique.")
Added support to test for stacked queries support and improved check for time based blind sql injection. Minor bug fix in --save option
2008-12-17 00:30:24 +03:00
techniques.add_option("--stacked-test", dest="stackedTest",
action="store_true",
help="Test for stacked queries (multiple "
"statements) support")
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
techniques.add_option("--time-test", dest="timeTest",
action="store_true",
Minor layout adjustments
2009-01-19 01:36:48 +03:00
help="Test for time based blind SQL injection")
Major bug fix
2008-12-18 00:35:04 +03:00
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
techniques.add_option("--time-sec", dest="timeSec",
type="int", default=5,
help="Seconds to delay the DBMS response "
"(default 5)")
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
techniques.add_option("--union-test", dest="unionTest",
action="store_true",
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
help="Test for UNION query (inband) SQL injection")
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
Minor enhancement to support an option (--union-tech) to specify the technique to use to detect the number of columns used in the web application SELECT statement: NULL bruteforcing (default) or ORDER BY clause.
2008-12-22 00:39:53 +03:00
techniques.add_option("--union-tech", dest="uTech",
help="Technique to test for UNION query SQL injection")
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
techniques.add_option("--union-use", dest="unionUse",
action="store_true",
Completed support to get the list of targets from WebScarab/Burp proxies log file and updated the documentation
2008-11-28 01:33:33 +03:00
help="Use the UNION query (inband) SQL injection "
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
"to retrieve the queries output. No "
"need to go blind")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
# Fingerprint options
fingerprint = OptionGroup(parser, "Fingerprint")
fingerprint.add_option("-f", "--fingerprint", dest="extensiveFp",
action="store_true",
Minor enhancement to fingerprint the back-end DBMS operating system (type, version, release, distribution, codename and service pack) by parsing the DBMS banner value when both -f and -b are provided: adapted the code and added XML files defining regular expressions for matching. Example of the -f -b output now on MySQL 5.0.67 running on latest Ubuntu: --8<-- back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2 comment injection fingerprint: MySQL 5.0.67 banner parsing fingerprint: MySQL 5.0.67 html error message fingerprint: MySQL back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid) --8<--
2008-11-16 02:41:31 +03:00
help="Perform an extensive DBMS version fingerprint")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
# Enumeration options
enumeration = OptionGroup(parser, "Enumeration", "These options can "
"be used to enumerate the back-end database "
"management system information, structure "
"and data contained in the tables. Moreover "
Minor adjustment to UNION query SQL injection detection function. Updated command line help message based upon recent developments. Updated copyright note of lib/contrib/multipartpost.py.
2008-12-21 19:35:03 +03:00
"you can run your own SQL statements.")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("-b", "--banner", dest="getBanner",
action="store_true", help="Retrieve DBMS banner")
enumeration.add_option("--current-user", dest="getCurrentUser",
action="store_true",
help="Retrieve DBMS current user")
enumeration.add_option("--current-db", dest="getCurrentDb",
action="store_true",
help="Retrieve DBMS current database")
Minor enhancement to support an option (--is-dba) to show if the current user is a database management system administrator.
2008-12-18 23:41:11 +03:00
enumeration.add_option("--is-dba", dest="isDba",
action="store_true",
help="Detect if the DBMS current user is DBA")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--users", dest="getUsers", action="store_true",
help="Enumerate DBMS users")
enumeration.add_option("--passwords", dest="getPasswordHashes",
action="store_true",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Enumerate DBMS users password hashes (opt -U)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--privileges", dest="getPrivileges",
action="store_true",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Enumerate DBMS users privileges (opt -U)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--dbs", dest="getDbs", action="store_true",
help="Enumerate DBMS databases")
enumeration.add_option("--tables", dest="getTables", action="store_true",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Enumerate DBMS database tables (opt -D)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--columns", dest="getColumns", action="store_true",
help="Enumerate DBMS database table columns "
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
"(req -T opt -D)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--dump", dest="dumpTable", action="store_true",
help="Dump DBMS database table entries "
Minor layout adjustments
2009-04-25 00:12:52 +04:00
"(req -T, opt -D, -C)")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--dump-all", dest="dumpAll", action="store_true",
help="Dump all DBMS databases tables entries")
enumeration.add_option("-D", dest="db",
help="DBMS database to enumerate")
enumeration.add_option("-T", dest="tbl",
help="DBMS database table to enumerate")
enumeration.add_option("-C", dest="col",
help="DBMS database table column to enumerate")
enumeration.add_option("-U", dest="user",
help="DBMS user to enumerate")
enumeration.add_option("--exclude-sysdbs", dest="excludeSysDbs",
action="store_true",
help="Exclude DBMS system databases when "
"enumerating tables")
enumeration.add_option("--start", dest="limitStart", type="int",
Minor layout adjustments
2009-04-25 00:12:52 +04:00
help="First query output entry to retrieve")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--stop", dest="limitStop", type="int",
Minor layout adjustments
2009-04-25 00:12:52 +04:00
help="Last query output entry to retrieve")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Merged back from personal branch to trunk (svn merge -r846:940 ...) Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.
2009-09-26 03:03:45 +04:00
enumeration.add_option("--first", dest="firstChar", type="int",
help="First query output word character to retrieve")
enumeration.add_option("--last", dest="lastChar", type="int",
help="Last query output word character to retrieve")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--sql-query", dest="query",
Minor adjustment to UNION query SQL injection detection function. Updated command line help message based upon recent developments. Updated copyright note of lib/contrib/multipartpost.py.
2008-12-21 19:35:03 +03:00
help="SQL statement to be executed")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
enumeration.add_option("--sql-shell", dest="sqlShell",
action="store_true",
help="Prompt for an interactive SQL shell")
Merged back from personal branch to trunk (svn merge -r846:940 ...) Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.
2009-09-26 03:03:45 +04:00
# User-defined function options
udf = OptionGroup(parser, "User-defined function injection", "These "
"options can be used to create custom user-defined "
"functions.")
udf.add_option("--udf-inject", dest="udfInject", action="store_true",
help="Inject custom user-defined functions")
udf.add_option("--shared-lib", dest="shLib",
help="Local path of the shared library")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
After the storm, a restore..
2008-10-15 19:38:22 +04:00
# File system options
filesystem = OptionGroup(parser, "File system access", "These options "
"can be used to access the back-end database "
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
"management system underlying file system.")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
filesystem.add_option("--read-file", dest="rFile",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Read a file from the back-end DBMS "
"file system")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
filesystem.add_option("--write-file", dest="wFile",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Write a local file on the back-end "
"DBMS file system")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
filesystem.add_option("--dest-file", dest="dFile",
help="Back-end DBMS absolute filepath to "
"write to")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
After the storm, a restore..
2008-10-15 19:38:22 +04:00
# Takeover options
takeover = OptionGroup(parser, "Operating system access", "This "
"option can be used to access the back-end "
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
"database management system underlying "
"operating system.")
takeover.add_option("--os-cmd", dest="osCmd",
help="Execute an operating system command")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
takeover.add_option("--os-shell", dest="osShell", action="store_true",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Prompt for an interactive operating "
"system shell")
takeover.add_option("--os-pwn", dest="osPwn", action="store_true",
help="Prompt for an out-of-band shell, "
"meterpreter or VNC")
takeover.add_option("--os-smbrelay", dest="osSmb", action="store_true",
help="One click prompt for an OOB shell, "
"meterpreter or VNC")
takeover.add_option("--os-bof", dest="osBof", action="store_true",
help="Stored procedure buffer overflow "
"exploitation")
takeover.add_option("--priv-esc", dest="privEsc", action="store_true",
help="User priv escalation by abusing Windows "
"access tokens")
takeover.add_option("--msf-path", dest="msfPath",
help="Local path where Metasploit Framework 3 "
"is installed")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
takeover.add_option("--tmp-path", dest="tmpPath",
help="Remote absolute path of temporary files "
"directory")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
Merged back from personal branch to trunk (svn merge -r846:940 ...) Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.
2009-09-26 03:03:45 +04:00
# Windows registry options
windows = OptionGroup(parser, "Windows registry access", "This "
"option can be used to access the back-end "
"database management system Windows "
"registry.")
windows.add_option("--reg-read", dest="regRead", action="store_true",
help="Read a Windows registry key value")
windows.add_option("--reg-add", dest="regAdd", action="store_true",
help="Write a Windows registry key value data")
windows.add_option("--reg-del", dest="regDel", action="store_true",
help="Delete a Windows registry key value")
windows.add_option("--reg-key", dest="regKey",
help="Windows registry key")
windows.add_option("--reg-value", dest="regVal",
help="Windows registry key value")
windows.add_option("--reg-data", dest="regData",
help="Windows registry key value data")
windows.add_option("--reg-type", dest="regType",
help="Windows registry key value type")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
# Miscellaneous options
miscellaneous = OptionGroup(parser, "Miscellaneous")
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 05:02:12 +03:00
miscellaneous.add_option("-s", dest="sessionFile",
help="Save and resume all data retrieved "
"on a session file")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
miscellaneous.add_option("--eta", dest="eta", action="store_true",
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
help="Display for each output the "
"estimated time of arrival")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 05:02:12 +03:00
miscellaneous.add_option("--gpage", dest="googlePage", type="int",
Deprecate sqlmap update code, will use pysvn to update from latest development version from subversion repository.
2010-01-13 17:52:23 +03:00
help="Use google dork results from specified page number")
sqlmap 0.8-rc3: Merge from Miroslav Stampar's branch fixing a bug when verbosity > 2, another major bug with urlencoding/urldecoding of POST data and Cookies, adding --drop-set-cookie option, implementing support to automatically decode gzip and deflate HTTP responses, support for Google dork page result (--gpage) and a minor code cleanup.
2010-01-02 05:02:12 +03:00
After the storm, a restore..
2008-10-15 19:38:22 +04:00
miscellaneous.add_option("--update", dest="updateAll", action="store_true",
documentation update
2010-03-03 16:59:29 +03:00
help="Update sqlmap")
After the storm, a restore..
2008-10-15 19:38:22 +04:00
miscellaneous.add_option("--save", dest="saveCmdline", action="store_true",
help="Save options on a configuration INI file")
miscellaneous.add_option("--batch", dest="batch", action="store_true",
help="Never ask for user input, use the default behaviour")
Updated to sqlmap 0.7 release candidate 1
2009-04-22 15:48:07 +04:00
miscellaneous.add_option("--cleanup", dest="cleanup", action="store_true",
help="Clean up the DBMS by sqlmap specific "
"UDF and tables")
sqlmap 0.6.3-rc4: minor enhancement to be able to specify extra HTTP headers by providing option --headers. By default Accept, Accept-Language and Accept-Charset headers are set. Added support to get the injection payload prefix and postfix from user. Minor bug fix to exclude image files when parsing (-l) proxies log files. Minor code adjustments. Updated documentation.
2008-12-09 00:24:24 +03:00
sqlmap 0.6.3-rc4: Minor enhancement to be able to specify the number of seconds before timeout the connection, default is set to 10 seconds. Minor improvement to retry the HTTP request up to three times in case an exception is raised during the connection to the target url. Minor bug fix to correctly catch connection exceptions and notify to the user also if they occur within a thread. Minor code restyling. Updated documentation.
2008-12-04 20:40:03 +03:00
parser.add_option_group(target)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
parser.add_option_group(request)
parser.add_option_group(injection)
Initial implementation of support for stacked queries. Added method to test for Time based blind SQL injection query stacking on the affected parameter a SLEEP() or similar DBMS specific function. Adapted libraries, plugins and XML with the above changes. Minor layout adjustments.
2008-11-12 03:36:50 +03:00
parser.add_option_group(techniques)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
parser.add_option_group(fingerprint)
parser.add_option_group(enumeration)
Merged back from personal branch to trunk (svn merge -r846:940 ...) Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.
2009-09-26 03:03:45 +04:00
parser.add_option_group(udf)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
parser.add_option_group(filesystem)
parser.add_option_group(takeover)
Merged back from personal branch to trunk (svn merge -r846:940 ...) Changes: * Major enhancement to the Microsoft SQL Server stored procedure heap-based buffer overflow exploit (--os-bof) to automatically bypass DEP memory protection. * Added support for MySQL and PostgreSQL to execute Metasploit shellcode via UDF 'sys_bineval' (in-memory, anti-forensics technique) as an option instead of uploading the standalone payload stager executable. * Added options for MySQL, PostgreSQL and Microsoft SQL Server to read/add/delete Windows registry keys. * Added options for MySQL and PostgreSQL to inject custom user-defined functions. * Added support for --first and --last so the user now has even more granularity in what to enumerate in the query output. * Minor enhancement to save the session by default in 'output/hostname/session' file if -s option is not specified. * Minor improvement to automatically remove sqlmap created temporary files from the DBMS underlying file system. * Minor bugs fixed. * Major code refactoring.
2009-09-26 03:03:45 +04:00
parser.add_option_group(windows)
After the storm, a restore..
2008-10-15 19:38:22 +04:00
parser.add_option_group(miscellaneous)
(args, _) = parser.parse_args()
code commit regarding Feature #119
2010-01-12 16:11:26 +03:00
if not args.url and not args.list and not args.googleDork and not args.configFile and not args.requestFile and not args.updateAll:
Updated ChangeLog
2010-02-26 18:37:24 +03:00
errMsg = "missing a mandatory parameter ('-u', '-l', '-r', '-g', '-c' or '--update'), "
After the storm, a restore..
2008-10-15 19:38:22 +04:00
errMsg += "-h for help"
parser.error(errMsg)
return args
except (OptionError, TypeError), e:
parser.error(e)
debugMsg = "parsing command line"
logger.debug(debugMsg)
Reference in New Issue Copy Permalink