2019-05-08 13:47:52 +03:00
#!/usr/bin/env python
2008-10-15 19:38:22 +04:00
"""
2019-01-05 23:38:52 +03:00
Copyright ( c ) 2006 - 2019 sqlmap developers ( http : / / sqlmap . org / )
2017-10-11 15:50:46 +03:00
See the file ' LICENSE ' for copying permission
2008-10-15 19:38:22 +04:00
"""
2019-01-22 03:20:27 +03:00
from __future__ import print_function
2013-09-11 16:57:38 +04:00
import os
2014-12-21 07:15:42 +03:00
import re
2014-09-16 16:12:43 +04:00
import shlex
2008-12-12 22:06:31 +03:00
import sys
2008-10-15 19:38:22 +04:00
from optparse import OptionError
from optparse import OptionGroup
from optparse import OptionParser
2010-05-21 13:35:36 +04:00
from optparse import SUPPRESS_HELP
2008-10-15 19:38:22 +04:00
2019-05-24 15:18:18 +03:00
from lib . core . common import checkOldOptions
2013-08-27 15:55:38 +04:00
from lib . core . common import checkSystemEncoding
2016-06-10 19:41:41 +03:00
from lib . core . common import dataToStdout
2011-06-15 15:58:50 +04:00
from lib . core . common import expandMnemonics
2019-05-03 01:48:46 +03:00
from lib . core . common import getSafeExString
2019-03-28 18:04:38 +03:00
from lib . core . compat import xrange
2019-05-06 01:54:21 +03:00
from lib . core . convert import getUnicode
2014-09-16 16:12:43 +04:00
from lib . core . data import cmdLineOptions
from lib . core . data import conf
2008-10-15 19:38:22 +04:00
from lib . core . data import logger
2011-06-16 15:42:13 +04:00
from lib . core . defaults import defaults
2014-09-16 16:12:43 +04:00
from lib . core . enums import AUTOCOMPLETE_TYPE
from lib . core . exception import SqlmapShellQuitException
2014-12-15 11:11:40 +03:00
from lib . core . exception import SqlmapSyntaxException
2012-07-03 14:09:18 +04:00
from lib . core . settings import BASIC_HELP_ITEMS
2013-02-28 23:20:08 +04:00
from lib . core . settings import DUMMY_URL
2019-02-19 02:21:37 +03:00
from lib . core . settings import INFERENCE_UNKNOWN_CHAR
2011-03-29 03:09:19 +04:00
from lib . core . settings import IS_WIN
2012-07-24 17:43:29 +04:00
from lib . core . settings import MAX_HELP_OPTION_LENGTH
2013-03-20 14:44:09 +04:00
from lib . core . settings import VERSION_STRING
2014-09-16 16:12:43 +04:00
from lib . core . shell import autoCompletion
from lib . core . shell import clearHistory
from lib . core . shell import loadHistory
from lib . core . shell import saveHistory
2019-05-02 01:45:44 +03:00
from thirdparty . six . moves import input as _input
2008-10-15 19:38:22 +04:00
2015-09-10 16:01:30 +03:00
def cmdLineParser ( argv = None ) :
2008-10-15 19:38:22 +04:00
"""
This function parses the command line parameters and arguments
"""
2015-09-10 16:01:30 +03:00
if not argv :
argv = sys . argv
2013-08-27 15:55:38 +04:00
checkSystemEncoding ( )
2017-06-29 16:33:34 +03:00
# Reference: https://stackoverflow.com/a/4012683 (Note: previously used "...sys.getfilesystemencoding() or UNICODE_ENCODING")
_ = getUnicode ( os . path . basename ( argv [ 0 ] ) , encoding = sys . stdin . encoding )
2013-09-11 16:57:38 +04:00
2019-05-02 01:45:44 +03:00
usage = " %s %s [options] " % ( " %s " % os . path . basename ( sys . executable ) if not IS_WIN else " " , " \" %s \" " % _ if " " in _ else _ )
2012-07-03 15:11:09 +04:00
parser = OptionParser ( usage = usage )
2008-10-15 19:38:22 +04:00
try :
2012-07-03 14:09:18 +04:00
parser . add_option ( " --hh " , dest = " advancedHelp " ,
action = " store_true " ,
2012-07-03 14:49:35 +04:00
help = " Show advanced help message and exit " )
2012-07-03 14:09:18 +04:00
2013-03-20 14:44:09 +04:00
parser . add_option ( " --version " , dest = " showVersion " ,
action = " store_true " ,
2013-04-08 13:25:31 +04:00
help = " Show program ' s version number and exit " )
2013-03-20 14:44:09 +04:00
2012-02-22 14:40:11 +04:00
parser . add_option ( " -v " , dest = " verbose " , type = " int " ,
2011-06-16 15:42:13 +04:00
help = " Verbosity level: 0-6 (default %d ) " % defaults . verbose )
2008-12-18 00:35:04 +03:00
2008-12-04 20:40:03 +03:00
# Target options
target = OptionGroup ( parser , " Target " , " At least one of these "
2014-04-01 18:38:50 +04:00
" options has to be provided to define the target(s) " )
2008-12-04 20:40:03 +03:00
2014-04-01 18:38:50 +04:00
target . add_option ( " -d " , dest = " direct " , help = " Connection string "
" for direct database connection " )
2010-03-27 02:23:25 +03:00
2014-04-01 18:38:50 +04:00
target . add_option ( " -u " , " --url " , dest = " url " , help = " Target URL (e.g. \" http://www.site.com/vuln.php?id=1 \" ) " )
2008-10-15 19:38:22 +04:00
2014-04-01 18:38:50 +04:00
target . add_option ( " -l " , dest = " logFile " , help = " Parse target(s) from Burp "
" or WebScarab proxy log file " )
2008-10-15 19:38:22 +04:00
2014-07-03 00:31:18 +04:00
target . add_option ( " -x " , dest = " sitemapUrl " , help = " Parse target(s) from remote sitemap(.xml) file " )
2014-04-01 18:38:50 +04:00
target . add_option ( " -m " , dest = " bulkFile " , help = " Scan multiple targets given "
" in a textual file " )
2011-05-11 12:46:40 +04:00
2010-01-14 23:42:45 +03:00
target . add_option ( " -r " , dest = " requestFile " ,
help = " Load HTTP request from a file " )
2008-12-04 20:40:03 +03:00
target . add_option ( " -g " , dest = " googleDork " ,
2013-03-15 20:00:01 +04:00
help = " Process Google dork results as target URLs " )
2008-11-20 20:56:09 +03:00
2008-12-04 20:40:03 +03:00
target . add_option ( " -c " , dest = " configFile " ,
help = " Load options from a configuration INI file " )
2010-01-14 23:42:45 +03:00
2008-12-04 20:40:03 +03:00
# Request options
request = OptionGroup ( parser , " Request " , " These options can be used "
2013-03-15 20:00:01 +04:00
" to specify how to connect to the target URL " )
2008-10-15 19:38:22 +04:00
2014-11-21 11:41:39 +03:00
request . add_option ( " --method " , dest = " method " ,
help = " Force usage of given HTTP method (e.g. PUT) " )
2008-10-15 19:38:22 +04:00
request . add_option ( " --data " , dest = " data " ,
2018-10-15 03:15:05 +03:00
help = " Data string to be sent through POST (e.g. \" id=1 \" ) " )
2008-10-15 19:38:22 +04:00
2014-04-06 18:48:46 +04:00
request . add_option ( " --param-del " , dest = " paramDel " ,
2018-10-15 03:15:05 +03:00
help = " Character used for splitting parameter values (e.g. &) " )
2011-10-07 02:03:33 +04:00
2008-10-15 19:38:22 +04:00
request . add_option ( " --cookie " , dest = " cookie " ,
2018-10-15 03:15:05 +03:00
help = " HTTP Cookie header value (e.g. \" PHPSESSID=a8d127e.. \" ) " )
2008-10-15 19:38:22 +04:00
2014-04-06 18:50:58 +04:00
request . add_option ( " --cookie-del " , dest = " cookieDel " ,
2018-10-15 03:15:05 +03:00
help = " Character used for splitting cookie values (e.g. ;) " )
2013-07-31 22:41:19 +04:00
2012-07-24 17:34:50 +04:00
request . add_option ( " --load-cookies " , dest = " loadCookies " ,
2012-03-07 18:48:45 +04:00
help = " File containing cookies in Netscape/wget format " )
2018-03-13 15:45:42 +03:00
request . add_option ( " --drop-set-cookie " , dest = " dropSetCookie " , action = " store_true " ,
2010-01-02 05:02:12 +03:00
help = " Ignore Set-Cookie header from response " )
2008-10-15 19:38:22 +04:00
2015-07-07 10:24:16 +03:00
request . add_option ( " --user-agent " , dest = " agent " ,
2014-04-01 18:38:50 +04:00
help = " HTTP User-Agent header value " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
request . add_option ( " --random-agent " , dest = " randomAgent " , action = " store_true " ,
2014-04-01 18:38:50 +04:00
help = " Use randomly selected HTTP User-Agent header value " )
2008-10-15 19:38:22 +04:00
2011-12-20 16:52:41 +04:00
request . add_option ( " --host " , dest = " host " ,
2014-04-01 18:38:50 +04:00
help = " HTTP Host header value " )
2011-12-20 16:52:41 +04:00
2010-01-02 05:02:12 +03:00
request . add_option ( " --referer " , dest = " referer " ,
2014-04-01 18:38:50 +04:00
help = " HTTP Referer header value " )
2010-01-02 05:02:12 +03:00
2015-07-07 10:24:16 +03:00
request . add_option ( " -H " , " --header " , dest = " header " ,
help = " Extra header (e.g. \" X-Forwarded-For: 127.0.0.1 \" ) " )
2008-12-09 00:24:24 +03:00
request . add_option ( " --headers " , dest = " headers " ,
2012-01-07 19:26:54 +04:00
help = " Extra headers (e.g. \" Accept-Language: fr \\ nETag: 123 \" ) " )
2008-12-09 00:24:24 +03:00
2013-08-09 16:13:48 +04:00
request . add_option ( " --auth-type " , dest = " authType " ,
2018-03-13 15:45:42 +03:00
help = " HTTP authentication type (Basic, Digest, NTLM or PKI) " )
2008-10-15 19:38:22 +04:00
2013-08-09 16:13:48 +04:00
request . add_option ( " --auth-cred " , dest = " authCred " ,
2018-03-13 15:45:42 +03:00
help = " HTTP authentication credentials (name:password) " )
2010-07-30 16:49:25 +04:00
2015-09-27 16:59:17 +03:00
request . add_option ( " --auth-file " , dest = " authFile " ,
help = " HTTP authentication PEM cert/private key file " )
2008-10-15 19:38:22 +04:00
2017-08-23 14:17:37 +03:00
request . add_option ( " --ignore-code " , dest = " ignoreCode " , type = " int " ,
2018-10-15 03:15:05 +03:00
help = " Ignore (problematic) HTTP error code (e.g. 401) " )
2014-10-13 11:19:25 +04:00
2016-10-14 00:17:54 +03:00
request . add_option ( " --ignore-proxy " , dest = " ignoreProxy " , action = " store_true " ,
help = " Ignore system default proxy settings " )
2016-11-25 15:32:28 +03:00
request . add_option ( " --ignore-redirects " , dest = " ignoreRedirects " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Ignore redirection attempts " )
2016-11-25 15:32:28 +03:00
2016-10-14 00:17:54 +03:00
request . add_option ( " --ignore-timeouts " , dest = " ignoreTimeouts " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Ignore connection timeouts " )
2016-10-14 00:17:54 +03:00
2008-10-15 19:38:22 +04:00
request . add_option ( " --proxy " , dest = " proxy " ,
2013-08-09 15:58:42 +04:00
help = " Use a proxy to connect to the target URL " )
2008-10-15 19:38:22 +04:00
2013-08-09 16:13:48 +04:00
request . add_option ( " --proxy-cred " , dest = " proxyCred " ,
2018-03-13 15:45:42 +03:00
help = " Proxy authentication credentials (name:password) " )
2010-09-27 17:23:29 +04:00
2013-08-09 16:13:48 +04:00
request . add_option ( " --proxy-file " , dest = " proxyFile " ,
help = " Load proxy list from a file " )
2018-03-13 15:45:42 +03:00
request . add_option ( " --tor " , dest = " tor " , action = " store_true " ,
help = " Use Tor anonymity network " )
2013-04-30 16:11:56 +04:00
request . add_option ( " --tor-port " , dest = " torPort " ,
2018-03-13 15:45:42 +03:00
help = " Set Tor proxy port other than default " )
2013-04-30 16:11:56 +04:00
request . add_option ( " --tor-type " , dest = " torType " ,
2018-03-13 15:45:42 +03:00
help = " Set Tor proxy type (HTTP, SOCKS4 or SOCKS5 (default)) " )
2013-04-30 16:11:56 +04:00
2018-03-13 15:45:42 +03:00
request . add_option ( " --check-tor " , dest = " checkTor " , action = " store_true " ,
help = " Check to see if Tor is used properly " )
2013-04-30 16:11:56 +04:00
2011-06-16 15:42:13 +04:00
request . add_option ( " --delay " , dest = " delay " , type = " float " ,
2008-11-09 19:57:47 +03:00
help = " Delay in seconds between each HTTP request " )
2011-06-16 15:42:13 +04:00
request . add_option ( " --timeout " , dest = " timeout " , type = " float " ,
2018-03-13 15:45:42 +03:00
help = " Seconds to wait before timeout connection (default %d ) " % defaults . timeout )
2008-12-04 20:40:03 +03:00
2011-06-16 15:42:13 +04:00
request . add_option ( " --retries " , dest = " retries " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " Retries when the connection timeouts (default %d ) " % defaults . retries )
2010-01-10 00:08:47 +03:00
2013-04-02 19:34:56 +04:00
request . add_option ( " --randomize " , dest = " rParam " ,
help = " Randomly change value for given parameter(s) " )
2015-04-21 01:02:47 +03:00
request . add_option ( " --safe-url " , dest = " safeUrl " ,
2013-03-15 20:00:01 +04:00
help = " URL address to visit frequently during testing " )
2010-04-16 16:44:47 +04:00
2015-04-21 01:02:47 +03:00
request . add_option ( " --safe-post " , dest = " safePost " ,
2015-04-21 00:55:59 +03:00
help = " POST data to send to a safe URL " )
2015-04-22 17:28:54 +03:00
request . add_option ( " --safe-req " , dest = " safeReqFile " ,
help = " Load safe HTTP request from a file " )
2015-04-21 01:02:47 +03:00
request . add_option ( " --safe-freq " , dest = " safeFreq " , type = " int " ,
2013-03-15 20:00:01 +04:00
help = " Test requests between two visits to a given safe URL " )
2010-04-16 16:44:47 +04:00
2018-03-13 15:45:42 +03:00
request . add_option ( " --skip-urlencode " , dest = " skipUrlEncode " , action = " store_true " ,
2012-09-26 17:25:01 +04:00
help = " Skip URL encoding of payload data " )
2012-05-25 03:30:33 +04:00
2014-10-23 13:23:53 +04:00
request . add_option ( " --csrf-token " , dest = " csrfToken " ,
2014-11-17 13:50:05 +03:00
help = " Parameter used to hold anti-CSRF token " )
2014-10-23 13:23:53 +04:00
request . add_option ( " --csrf-url " , dest = " csrfUrl " ,
2018-09-18 23:05:52 +03:00
help = " URL address to visit for extraction of anti-CSRF token " )
2014-10-23 13:23:53 +04:00
2018-03-13 15:45:42 +03:00
request . add_option ( " --force-ssl " , dest = " forceSSL " , action = " store_true " ,
2013-04-30 15:56:38 +04:00
help = " Force usage of SSL/HTTPS " )
2019-03-19 16:07:39 +03:00
request . add_option ( " --chunked " , dest = " chunked " , action = " store_true " ,
2019-03-19 16:48:12 +03:00
help = " Use HTTP chunked transfer encoded (POST) requests " )
2019-03-19 16:07:39 +03:00
2018-03-13 15:45:42 +03:00
request . add_option ( " --hpp " , dest = " hpp " , action = " store_true " ,
help = " Use HTTP parameter pollution method " )
2013-04-30 16:32:11 +04:00
2013-04-30 15:59:44 +04:00
request . add_option ( " --eval " , dest = " evalCode " ,
help = " Evaluate provided Python code before the request (e.g. \" import hashlib;id2=hashlib.md5(id).hexdigest() \" ) " )
2019-04-19 14:54:48 +03:00
2010-10-17 01:52:16 +04:00
# Optimization options
2018-03-13 15:45:42 +03:00
optimization = OptionGroup ( parser , " Optimization " , " These options can be used to optimize the performance of sqlmap " )
2010-10-17 01:52:16 +04:00
2018-03-13 15:45:42 +03:00
optimization . add_option ( " -o " , dest = " optimize " , action = " store_true " ,
help = " Turn on all optimization switches " )
2010-10-17 01:52:16 +04:00
2010-10-17 03:50:13 +04:00
optimization . add_option ( " --predict-output " , dest = " predictOutput " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Predict common queries output " )
2010-10-17 01:52:16 +04:00
optimization . add_option ( " --keep-alive " , dest = " keepAlive " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Use persistent HTTP(s) connections " )
2010-10-17 01:52:16 +04:00
optimization . add_option ( " --null-connection " , dest = " nullConnection " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Retrieve page length without actual HTTP response body " )
2010-10-17 01:52:16 +04:00
2011-06-16 15:42:13 +04:00
optimization . add_option ( " --threads " , dest = " threads " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " Max number of concurrent HTTP(s) "
2011-06-16 15:42:13 +04:00
" requests (default %d ) " % defaults . threads )
2010-10-17 01:52:16 +04:00
2008-10-15 19:38:22 +04:00
# Injection options
2018-03-13 15:45:42 +03:00
injection = OptionGroup ( parser , " Injection " , " These options can be used to specify which parameters to test for, provide custom injection payloads and optional tampering scripts " )
2008-10-15 19:38:22 +04:00
2008-12-04 20:40:03 +03:00
injection . add_option ( " -p " , dest = " testParameter " ,
help = " Testable parameter(s) " )
2013-04-04 16:21:57 +04:00
injection . add_option ( " --skip " , dest = " skip " ,
help = " Skip testing for given parameter(s) " )
2015-05-18 21:57:15 +03:00
injection . add_option ( " --skip-static " , dest = " skipStatic " , action = " store_true " ,
2016-10-26 22:41:57 +03:00
help = " Skip testing parameters that not appear to be dynamic " )
2015-05-18 21:57:15 +03:00
2016-12-26 01:16:44 +03:00
injection . add_option ( " --param-exclude " , dest = " paramExclude " ,
2018-03-13 15:45:42 +03:00
help = " Regexp to exclude parameters from testing (e.g. \" ses \" ) " )
2016-12-26 01:16:44 +03:00
2019-05-17 12:00:51 +03:00
injection . add_option ( " --param-filter " , dest = " paramFilter " ,
help = " Select testable parameter(s) by place (e.g. \" POST \" ) " )
2008-12-05 18:34:13 +03:00
injection . add_option ( " --dbms " , dest = " dbms " ,
2018-06-07 01:24:29 +03:00
help = " Force back-end DBMS to provided value " )
2008-12-05 18:34:13 +03:00
2013-04-30 16:05:50 +04:00
injection . add_option ( " --dbms-cred " , dest = " dbmsCred " ,
2018-03-13 15:45:42 +03:00
help = " DBMS authentication credentials (user:password) " )
2013-04-30 16:05:50 +04:00
2009-04-22 15:48:07 +04:00
injection . add_option ( " --os " , dest = " os " ,
2018-06-07 01:24:29 +03:00
help = " Force back-end DBMS operating system to provided value " )
2009-04-22 15:48:07 +04:00
2018-03-13 15:45:42 +03:00
injection . add_option ( " --invalid-bignum " , dest = " invalidBignum " , action = " store_true " ,
2012-04-26 00:29:07 +04:00
help = " Use big numbers for invalidating values " )
2008-12-09 00:24:24 +03:00
2018-03-13 15:45:42 +03:00
injection . add_option ( " --invalid-logical " , dest = " invalidLogical " , action = " store_true " ,
2012-04-26 00:29:07 +04:00
help = " Use logical operations for invalidating values " )
2012-03-30 14:50:01 +04:00
2018-03-13 15:45:42 +03:00
injection . add_option ( " --invalid-string " , dest = " invalidString " , action = " store_true " ,
2014-01-24 00:56:06 +04:00
help = " Use random strings for invalidating values " )
2018-03-13 15:45:42 +03:00
injection . add_option ( " --no-cast " , dest = " noCast " , action = " store_true " ,
2012-03-30 14:50:01 +04:00
help = " Turn off payload casting mechanism " )
2011-10-24 04:40:06 +04:00
2018-03-13 15:45:42 +03:00
injection . add_option ( " --no-escape " , dest = " noEscape " , action = " store_true " ,
2013-01-18 18:40:37 +04:00
help = " Turn off string escaping mechanism " )
2012-07-16 13:07:47 +04:00
2012-04-26 00:29:07 +04:00
injection . add_option ( " --prefix " , dest = " prefix " ,
help = " Injection payload prefix string " )
injection . add_option ( " --suffix " , dest = " suffix " ,
help = " Injection payload suffix string " )
2010-11-08 13:11:43 +03:00
injection . add_option ( " --tamper " , dest = " tamper " ,
help = " Use given script(s) for tampering injection data " )
# Detection options
2018-03-13 15:45:42 +03:00
detection = OptionGroup ( parser , " Detection " , " These options can be used to customize the detection phase " )
2010-11-08 13:11:43 +03:00
2011-06-16 15:42:13 +04:00
detection . add_option ( " --level " , dest = " level " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " Level of tests to perform (1-5, default %d ) " % defaults . level )
2010-11-28 21:10:54 +03:00
2011-06-16 15:42:13 +04:00
detection . add_option ( " --risk " , dest = " risk " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " Risk of tests to perform (1-3, default %d ) " % defaults . risk )
2010-11-28 21:10:54 +03:00
2010-11-08 13:11:43 +03:00
detection . add_option ( " --string " , dest = " string " ,
2018-03-13 15:45:42 +03:00
help = " String to match when query is evaluated to True " )
2008-10-15 19:38:22 +04:00
2012-07-26 14:06:02 +04:00
detection . add_option ( " --not-string " , dest = " notString " ,
2018-03-13 15:45:42 +03:00
help = " String to match when query is evaluated to False " )
2012-07-26 14:06:02 +04:00
2010-11-08 13:11:43 +03:00
detection . add_option ( " --regexp " , dest = " regexp " ,
2018-03-13 15:45:42 +03:00
help = " Regexp to match when query is evaluated to True " )
2008-12-05 18:34:13 +03:00
2011-08-12 20:48:11 +04:00
detection . add_option ( " --code " , dest = " code " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " HTTP code to match when query is evaluated to True " )
2011-08-12 20:48:11 +04:00
2018-03-13 15:45:42 +03:00
detection . add_option ( " --text-only " , dest = " textOnly " , action = " store_true " ,
2011-03-08 01:04:17 +03:00
help = " Compare pages based only on the textual content " )
2010-10-12 23:41:29 +04:00
2018-03-13 15:45:42 +03:00
detection . add_option ( " --titles " , dest = " titles " , action = " store_true " ,
2011-06-11 03:18:43 +04:00
help = " Compare pages based only on their titles " )
2008-11-12 03:36:50 +03:00
# Techniques options
2018-03-13 15:45:42 +03:00
techniques = OptionGroup ( parser , " Techniques " , " These options can be used to tweak testing of specific SQL injection techniques " )
2008-11-12 03:36:50 +03:00
2011-06-16 15:42:13 +04:00
techniques . add_option ( " --technique " , dest = " tech " ,
2018-03-13 15:45:42 +03:00
help = " SQL injection techniques to use (default \" %s \" ) " % defaults . tech )
2011-04-06 18:41:44 +04:00
2018-03-13 15:45:42 +03:00
techniques . add_option ( " --time-sec " , dest = " timeSec " , type = " int " ,
help = " Seconds to delay the DBMS response (default %d ) " % defaults . timeSec )
2009-04-22 15:48:07 +04:00
2011-01-12 01:18:47 +03:00
techniques . add_option ( " --union-cols " , dest = " uCols " ,
2010-11-19 18:48:24 +03:00
help = " Range of columns to test for UNION query SQL injection " )
2010-11-14 02:24:41 +03:00
2011-01-12 01:56:21 +03:00
techniques . add_option ( " --union-char " , dest = " uChar " ,
2011-03-08 01:04:17 +03:00
help = " Character to use for bruteforcing number of columns " )
2010-11-19 17:56:20 +03:00
2013-03-21 14:28:44 +04:00
techniques . add_option ( " --union-from " , dest = " uFrom " ,
help = " Table to use in FROM part of UNION query SQL injection " )
2016-10-22 22:52:18 +03:00
techniques . add_option ( " --dns-domain " , dest = " dnsDomain " ,
2012-05-27 22:41:06 +04:00
help = " Domain name used for DNS exfiltration attack " )
2018-06-19 17:11:49 +03:00
techniques . add_option ( " --second-url " , dest = " secondUrl " ,
2018-03-13 15:45:42 +03:00
help = " Resulting page URL searched for second-order response " )
2012-07-26 16:07:05 +04:00
2018-06-19 17:23:17 +03:00
techniques . add_option ( " --second-req " , dest = " secondReq " ,
help = " Load second-order HTTP request from file " )
2008-10-15 19:38:22 +04:00
# Fingerprint options
fingerprint = OptionGroup ( parser , " Fingerprint " )
2018-03-13 15:45:42 +03:00
fingerprint . add_option ( " -f " , " --fingerprint " , dest = " extensiveFp " , action = " store_true " ,
2008-11-16 02:41:31 +03:00
help = " Perform an extensive DBMS version fingerprint " )
2008-10-15 19:38:22 +04:00
# Enumeration options
2018-03-13 15:45:42 +03:00
enumeration = OptionGroup ( parser , " Enumeration " , " These options can be used to enumerate the back-end database management system information, structure and data contained in the tables. Moreover you can run your own SQL statements " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " -a " , " --all " , dest = " getAll " , action = " store_true " ,
help = " Retrieve everything " )
2012-10-05 12:24:09 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " -b " , " --banner " , dest = " getBanner " , action = " store_true " ,
help = " Retrieve DBMS banner " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --current-user " , dest = " getCurrentUser " , action = " store_true " ,
2008-10-15 19:38:22 +04:00
help = " Retrieve DBMS current user " )
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --current-db " , dest = " getCurrentDb " , action = " store_true " ,
2008-10-15 19:38:22 +04:00
help = " Retrieve DBMS current database " )
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --hostname " , dest = " getHostname " , action = " store_true " ,
2012-07-12 03:01:57 +04:00
help = " Retrieve DBMS server hostname " )
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --is-dba " , dest = " isDba " , action = " store_true " ,
2008-12-18 23:41:11 +03:00
help = " Detect if the DBMS current user is DBA " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --users " , dest = " getUsers " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Enumerate DBMS users " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --passwords " , dest = " getPasswordHashes " , action = " store_true " ,
2010-03-03 21:57:09 +03:00
help = " Enumerate DBMS users password hashes " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --privileges " , dest = " getPrivileges " , action = " store_true " ,
2010-03-03 21:57:09 +03:00
help = " Enumerate DBMS users privileges " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --roles " , dest = " getRoles " , action = " store_true " ,
2010-03-25 18:46:06 +03:00
help = " Enumerate DBMS users roles " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --dbs " , dest = " getDbs " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Enumerate DBMS databases " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --tables " , dest = " getTables " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Enumerate DBMS database tables " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --columns " , dest = " getColumns " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Enumerate DBMS database table columns " )
2008-10-15 19:38:22 +04:00
2011-04-29 03:59:00 +04:00
enumeration . add_option ( " --schema " , dest = " getSchema " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Enumerate DBMS schema " )
2011-04-29 03:59:00 +04:00
2011-04-30 04:22:22 +04:00
enumeration . add_option ( " --count " , dest = " getCount " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Retrieve number of entries for table(s) " )
2011-04-30 04:22:22 +04:00
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --dump " , dest = " dumpTable " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Dump DBMS database table entries " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --dump-all " , dest = " dumpAll " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Dump all DBMS databases tables entries " )
2008-10-15 19:38:22 +04:00
2010-05-07 17:40:57 +04:00
enumeration . add_option ( " --search " , dest = " search " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Search column(s), table(s) and/or database name(s) " )
2010-05-07 17:40:57 +04:00
2013-07-29 20:25:27 +04:00
enumeration . add_option ( " --comments " , dest = " getComments " , action = " store_true " ,
2018-06-07 01:46:54 +03:00
help = " Check for DBMS comments during enumeration " )
2013-07-29 20:25:27 +04:00
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " -D " , dest = " db " ,
help = " DBMS database to enumerate " )
enumeration . add_option ( " -T " , dest = " tbl " ,
2014-01-13 13:05:49 +04:00
help = " DBMS database table(s) to enumerate " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " -C " , dest = " col " ,
2014-01-13 13:05:49 +04:00
help = " DBMS database table column(s) to enumerate " )
2018-02-13 17:53:50 +03:00
enumeration . add_option ( " -X " , dest = " exclude " ,
help = " DBMS database identifier(s) to not enumerate " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " -U " , dest = " user " ,
help = " DBMS user to enumerate " )
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --exclude-sysdbs " , dest = " excludeSysDbs " , action = " store_true " ,
help = " Exclude DBMS system databases when enumerating tables " )
2008-10-15 19:38:22 +04:00
2016-05-03 13:37:10 +03:00
enumeration . add_option ( " --pivot-column " , dest = " pivotColumn " ,
help = " Pivot column name " )
2014-02-11 19:20:45 +04:00
enumeration . add_option ( " --where " , dest = " dumpWhere " ,
help = " Use WHERE condition while table dumping " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --start " , dest = " limitStart " , type = " int " ,
2017-03-01 13:09:55 +03:00
help = " First dump table entry to retrieve " )
2008-10-15 19:38:22 +04:00
enumeration . add_option ( " --stop " , dest = " limitStop " , type = " int " ,
2017-03-01 13:09:55 +03:00
help = " Last dump table entry to retrieve " )
2008-10-15 19:38:22 +04:00
2009-09-26 03:03:45 +04:00
enumeration . add_option ( " --first " , dest = " firstChar " , type = " int " ,
help = " First query output word character to retrieve " )
enumeration . add_option ( " --last " , dest = " lastChar " , type = " int " ,
help = " Last query output word character to retrieve " )
2019-04-30 15:04:39 +03:00
enumeration . add_option ( " --sql-query " , dest = " sqlQuery " ,
2008-12-21 19:35:03 +03:00
help = " SQL statement to be executed " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
enumeration . add_option ( " --sql-shell " , dest = " sqlShell " , action = " store_true " ,
2008-10-15 19:38:22 +04:00
help = " Prompt for an interactive SQL shell " )
2012-07-10 03:27:08 +04:00
enumeration . add_option ( " --sql-file " , dest = " sqlFile " ,
help = " Execute SQL statements from given file(s) " )
2014-12-15 15:07:38 +03:00
# Brute force options
2018-03-13 15:45:42 +03:00
brute = OptionGroup ( parser , " Brute force " , " These options can be used to run brute force checks " )
2010-11-09 19:15:55 +03:00
2010-11-11 10:57:44 +03:00
brute . add_option ( " --common-tables " , dest = " commonTables " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Check existence of common tables " )
2010-09-30 16:35:45 +04:00
2010-11-11 10:57:44 +03:00
brute . add_option ( " --common-columns " , dest = " commonColumns " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Check existence of common columns " )
2010-09-30 16:35:45 +04:00
2009-09-26 03:03:45 +04:00
# User-defined function options
2018-03-13 15:45:42 +03:00
udf = OptionGroup ( parser , " User-defined function injection " , " These options can be used to create custom user-defined functions " )
2009-09-26 03:03:45 +04:00
udf . add_option ( " --udf-inject " , dest = " udfInject " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = " Inject custom user-defined functions " )
2009-09-26 03:03:45 +04:00
udf . add_option ( " --shared-lib " , dest = " shLib " ,
help = " Local path of the shared library " )
2008-12-09 00:24:24 +03:00
2008-10-15 19:38:22 +04:00
# File system options
2018-03-13 15:45:42 +03:00
filesystem = OptionGroup ( parser , " File system access " , " These options can be used to access the back-end database management system underlying file system " )
2008-10-15 19:38:22 +04:00
2018-08-28 15:31:20 +03:00
filesystem . add_option ( " --file-read " , dest = " fileRead " ,
2018-03-13 15:45:42 +03:00
help = " Read a file from the back-end DBMS file system " )
2008-10-15 19:38:22 +04:00
2018-08-28 15:31:20 +03:00
filesystem . add_option ( " --file-write " , dest = " fileWrite " ,
2018-03-13 15:45:42 +03:00
help = " Write a local file on the back-end DBMS file system " )
2008-10-15 19:38:22 +04:00
2018-08-28 15:31:20 +03:00
filesystem . add_option ( " --file-dest " , dest = " fileDest " ,
2018-03-13 15:45:42 +03:00
help = " Back-end DBMS absolute filepath to write to " )
2008-12-09 00:24:24 +03:00
2008-10-15 19:38:22 +04:00
# Takeover options
2018-03-13 15:45:42 +03:00
takeover = OptionGroup ( parser , " Operating system access " , " These options can be used to access the back-end database management system underlying operating system " )
2009-04-22 15:48:07 +04:00
takeover . add_option ( " --os-cmd " , dest = " osCmd " ,
help = " Execute an operating system command " )
2008-10-15 19:38:22 +04:00
2018-03-13 15:45:42 +03:00
takeover . add_option ( " --os-shell " , dest = " osShell " , action = " store_true " ,
help = " Prompt for an interactive operating system shell " )
2009-04-22 15:48:07 +04:00
2018-03-13 15:45:42 +03:00
takeover . add_option ( " --os-pwn " , dest = " osPwn " , action = " store_true " ,
help = " Prompt for an OOB shell, Meterpreter or VNC " )
2009-04-22 15:48:07 +04:00
2018-03-13 15:45:42 +03:00
takeover . add_option ( " --os-smbrelay " , dest = " osSmb " , action = " store_true " ,
help = " One click prompt for an OOB shell, Meterpreter or VNC " )
2009-04-22 15:48:07 +04:00
2018-03-13 15:45:42 +03:00
takeover . add_option ( " --os-bof " , dest = " osBof " , action = " store_true " ,
2009-04-22 15:48:07 +04:00
help = " Stored procedure buffer overflow "
" exploitation " )
2018-03-13 15:45:42 +03:00
takeover . add_option ( " --priv-esc " , dest = " privEsc " , action = " store_true " ,
2013-05-21 00:18:12 +04:00
help = " Database process user privilege escalation " )
2009-04-22 15:48:07 +04:00
takeover . add_option ( " --msf-path " , dest = " msfPath " ,
2018-03-13 15:45:42 +03:00
help = " Local path where Metasploit Framework is installed " )
2008-10-15 19:38:22 +04:00
2009-04-22 15:48:07 +04:00
takeover . add_option ( " --tmp-path " , dest = " tmpPath " ,
2018-03-13 15:45:42 +03:00
help = " Remote absolute path of temporary files directory " )
2008-12-09 00:24:24 +03:00
2009-09-26 03:03:45 +04:00
# Windows registry options
2018-03-13 15:45:42 +03:00
windows = OptionGroup ( parser , " Windows registry access " , " These options can be used to access the back-end database management system Windows registry " )
2009-09-26 03:03:45 +04:00
2018-03-13 15:45:42 +03:00
windows . add_option ( " --reg-read " , dest = " regRead " , action = " store_true " ,
help = " Read a Windows registry key value " )
2009-09-26 03:03:45 +04:00
2018-03-13 15:45:42 +03:00
windows . add_option ( " --reg-add " , dest = " regAdd " , action = " store_true " ,
help = " Write a Windows registry key value data " )
2009-09-26 03:03:45 +04:00
2018-03-13 15:45:42 +03:00
windows . add_option ( " --reg-del " , dest = " regDel " , action = " store_true " ,
help = " Delete a Windows registry key value " )
2009-09-26 03:03:45 +04:00
windows . add_option ( " --reg-key " , dest = " regKey " ,
2018-03-13 15:45:42 +03:00
help = " Windows registry key " )
2009-09-26 03:03:45 +04:00
windows . add_option ( " --reg-value " , dest = " regVal " ,
2018-03-13 15:45:42 +03:00
help = " Windows registry key value " )
2009-09-26 03:03:45 +04:00
windows . add_option ( " --reg-data " , dest = " regData " ,
2018-03-13 15:45:42 +03:00
help = " Windows registry key value data " )
2009-09-26 03:03:45 +04:00
windows . add_option ( " --reg-type " , dest = " regType " ,
2018-03-13 15:45:42 +03:00
help = " Windows registry key value type " )
2009-09-26 03:03:45 +04:00
2010-11-16 17:11:32 +03:00
# General options
2018-03-13 15:45:42 +03:00
general = OptionGroup ( parser , " General " , " These options can be used to set some general working parameters " )
2010-11-16 17:11:32 +03:00
2013-03-15 20:22:33 +04:00
general . add_option ( " -s " , dest = " sessionFile " ,
2018-03-13 15:45:42 +03:00
help = " Load session from a stored (.sqlite) file " )
2013-03-15 20:22:33 +04:00
2011-05-18 02:55:22 +04:00
general . add_option ( " -t " , dest = " trafficFile " ,
2018-03-13 15:45:42 +03:00
help = " Log all HTTP traffic into a textual file " )
2010-11-16 17:11:32 +03:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --batch " , dest = " batch " , action = " store_true " ,
help = " Never ask for user input, use the default behavior " )
2011-05-18 02:55:22 +04:00
2016-05-03 13:52:46 +03:00
general . add_option ( " --binary-fields " , dest = " binaryFields " ,
2018-03-13 15:45:42 +03:00
help = " Result fields having binary values (e.g. \" digest \" ) " )
2016-05-03 13:52:46 +03:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --check-internet " , dest = " checkInternet " , action = " store_true " ,
help = " Check Internet connection before assessing the target " )
2017-05-08 00:12:42 +03:00
2011-07-06 09:44:47 +04:00
general . add_option ( " --crawl " , dest = " crawlDepth " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " Crawl the website starting from the target URL " )
2015-04-06 23:07:22 +03:00
general . add_option ( " --crawl-exclude " , dest = " crawlExclude " ,
help = " Regexp to exclude pages from crawling (e.g. \" logout \" ) " )
2011-07-06 09:44:47 +04:00
2011-11-30 21:39:41 +04:00
general . add_option ( " --csv-del " , dest = " csvDel " ,
2018-03-13 15:45:42 +03:00
help = " Delimiting character used in CSV output (default \" %s \" ) " % defaults . csvDel )
2011-11-30 21:39:41 +04:00
2017-09-21 15:35:24 +03:00
general . add_option ( " --charset " , dest = " charset " ,
help = " Blind SQL injection charset (e.g. \" 0123456789abcdef \" ) " )
2012-11-28 13:58:18 +04:00
general . add_option ( " --dump-format " , dest = " dumpFormat " ,
2018-03-13 15:45:42 +03:00
help = " Format of dumped data (CSV (default), HTML or SQLITE) " )
2012-11-28 13:58:18 +04:00
2017-09-21 15:35:24 +03:00
general . add_option ( " --encoding " , dest = " encoding " ,
2018-03-13 15:45:42 +03:00
help = " Character encoding used for data retrieval (e.g. GBK) " )
2017-09-21 15:35:24 +03:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --eta " , dest = " eta " , action = " store_true " ,
help = " Display for each output the estimated time of arrival " )
2010-11-16 17:11:32 +03:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --flush-session " , dest = " flushSession " , action = " store_true " ,
help = " Flush session files for current target " )
2011-05-18 02:55:22 +04:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --forms " , dest = " forms " , action = " store_true " ,
help = " Parse and test forms on target URL " )
2011-07-06 09:44:47 +04:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --fresh-queries " , dest = " freshQueries " , action = " store_true " ,
help = " Ignore query results stored in session file " )
2010-11-16 17:11:32 +03:00
2017-07-03 17:55:24 +03:00
general . add_option ( " --har " , dest = " harFile " ,
help = " Log all HTTP traffic into a HAR file " )
2018-03-13 15:45:42 +03:00
general . add_option ( " --hex " , dest = " hexConvert " , action = " store_true " ,
2018-06-07 01:46:54 +03:00
help = " Use hex conversion during data retrieval " )
2012-02-21 15:44:48 +04:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --output-dir " , dest = " outputDir " , action = " store " ,
help = " Custom output directory path " )
2012-07-03 02:50:23 +04:00
2018-03-13 15:45:42 +03:00
general . add_option ( " --parse-errors " , dest = " parseErrors " , action = " store_true " ,
help = " Parse and display DBMS error messages from responses " )
2011-07-06 09:44:47 +04:00
2019-03-04 17:24:12 +03:00
general . add_option ( " --preprocess " , dest = " preprocess " ,
2019-04-19 14:54:48 +03:00
help = " Use given script(s) for preprocessing of response data " )
2019-03-04 17:24:12 +03:00
2019-02-19 02:21:37 +03:00
general . add_option ( " --repair " , dest = " repair " , action = " store_true " ,
help = " Redump entries having unknown character marker ( %s ) " % INFERENCE_UNKNOWN_CHAR )
2015-08-14 23:49:32 +03:00
general . add_option ( " --save " , dest = " saveConfig " ,
2018-03-13 15:45:42 +03:00
help = " Save options to a configuration INI file " )
2010-11-16 17:11:32 +03:00
2013-04-30 16:32:11 +04:00
general . add_option ( " --scope " , dest = " scope " ,
help = " Regexp to filter targets from provided proxy log " )
general . add_option ( " --test-filter " , dest = " testFilter " ,
help = " Select tests by payloads and/or titles (e.g. ROW) " )
2015-10-01 12:57:33 +03:00
general . add_option ( " --test-skip " , dest = " testSkip " ,
help = " Skip tests by payloads and/or titles (e.g. BENCHMARK) " )
2018-03-13 15:45:42 +03:00
general . add_option ( " --update " , dest = " updateAll " , action = " store_true " ,
help = " Update sqlmap " )
2010-11-16 17:11:32 +03:00
2010-10-16 03:26:48 +04:00
# Miscellaneous options
miscellaneous = OptionGroup ( parser , " Miscellaneous " )
2010-09-16 14:23:51 +04:00
2011-06-15 15:58:50 +04:00
miscellaneous . add_option ( " -z " , dest = " mnemonics " ,
2018-03-13 15:45:42 +03:00
help = " Use short mnemonics (e.g. \" flu,bat,ban,tec=EU \" ) " )
2011-06-15 15:58:50 +04:00
2012-12-11 15:48:58 +04:00
miscellaneous . add_option ( " --alert " , dest = " alert " ,
2018-03-13 15:45:42 +03:00
help = " Run host OS command(s) when SQL injection is found " )
2012-12-11 15:48:58 +04:00
2012-11-21 13:16:13 +04:00
miscellaneous . add_option ( " --answers " , dest = " answers " ,
2018-10-15 03:15:05 +03:00
help = " Set predefined answers (e.g. \" quit=N,follow=N \" ) " )
2012-11-21 13:16:13 +04:00
2012-12-11 15:02:06 +04:00
miscellaneous . add_option ( " --beep " , dest = " beep " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Beep on question and/or when SQL injection is found " )
2012-12-11 15:02:06 +04:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --cleanup " , dest = " cleanup " , action = " store_true " ,
help = " Clean up the DBMS from sqlmap specific UDF and tables " )
2010-05-21 13:35:36 +04:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --dependencies " , dest = " dependencies " , action = " store_true " ,
2018-10-15 01:56:23 +03:00
help = " Check for missing (optional) sqlmap dependencies " )
2011-06-27 12:21:33 +04:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --disable-coloring " , dest = " disableColoring " , action = " store_true " ,
help = " Disable console output coloring " )
2012-08-16 00:31:25 +04:00
2011-06-16 15:42:13 +04:00
miscellaneous . add_option ( " --gpage " , dest = " googlePage " , type = " int " ,
2018-03-13 15:45:42 +03:00
help = " Use Google dork results from specified page number " )
2011-03-23 14:57:57 +03:00
2018-07-31 03:18:33 +03:00
miscellaneous . add_option ( " --list-tampers " , dest = " listTampers " , action = " store_true " ,
help = " Display list of available tamper scripts " )
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --mobile " , dest = " mobile " , action = " store_true " ,
help = " Imitate smartphone through HTTP User-Agent header " )
2011-04-29 23:27:23 +04:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --offline " , dest = " offline " , action = " store_true " ,
help = " Work in offline mode (only use session data) " )
2015-07-10 17:10:24 +03:00
2018-06-21 00:52:08 +03:00
miscellaneous . add_option ( " --purge " , dest = " purge " , action = " store_true " ,
help = " Safely remove all content from sqlmap data directory " )
2012-04-23 18:24:23 +04:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --skip-waf " , dest = " skipWaf " , action = " store_true " ,
2018-09-14 11:01:31 +03:00
help = " Skip heuristic detection of WAF/IPS protection " )
2016-05-31 15:55:56 +03:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --smart " , dest = " smart " , action = " store_true " ,
help = " Conduct thorough tests only if positive heuristic(s) " )
2011-07-10 19:16:58 +04:00
2014-09-16 16:12:43 +04:00
miscellaneous . add_option ( " --sqlmap-shell " , dest = " sqlmapShell " , action = " store_true " ,
2018-03-13 15:45:42 +03:00
help = " Prompt for an interactive sqlmap shell " )
2016-05-31 15:55:56 +03:00
miscellaneous . add_option ( " --tmp-dir " , dest = " tmpDir " ,
2018-03-13 15:45:42 +03:00
help = " Local directory for storing temporary files " )
2014-09-16 16:12:43 +04:00
2017-03-01 12:07:26 +03:00
miscellaneous . add_option ( " --web-root " , dest = " webRoot " ,
2018-03-13 15:45:42 +03:00
help = " Web server document root directory (e.g. \" /var/www \" ) " )
2017-03-01 12:07:26 +03:00
2018-03-13 15:45:42 +03:00
miscellaneous . add_option ( " --wizard " , dest = " wizard " , action = " store_true " ,
help = " Simple wizard interface for beginner users " )
2011-03-29 15:42:55 +04:00
2010-05-21 13:35:36 +04:00
# Hidden and/or experimental options
2019-04-17 15:22:36 +03:00
parser . add_option ( " --base64 " , dest = " base64Parameter " ,
help = SUPPRESS_HELP )
# help="Parameter(s) containing Base64 encoded values")
2018-12-17 19:38:47 +03:00
parser . add_option ( " --crack " , dest = " hashFile " ,
help = SUPPRESS_HELP )
2018-12-17 19:48:22 +03:00
# help="Load and crack hashes from a file (standalone)")
2018-12-17 19:38:47 +03:00
2013-02-28 23:20:08 +04:00
parser . add_option ( " --dummy " , dest = " dummy " , action = " store_true " ,
help = SUPPRESS_HELP )
2016-09-27 15:03:59 +03:00
parser . add_option ( " --murphy-rate " , dest = " murphyRate " , type = " int " ,
help = SUPPRESS_HELP )
2019-05-08 13:28:50 +03:00
parser . add_option ( " --debug " , dest = " debug " , action = " store_true " ,
help = SUPPRESS_HELP )
2015-12-02 14:05:40 +03:00
parser . add_option ( " --disable-precon " , dest = " disablePrecon " , action = " store_true " ,
help = SUPPRESS_HELP )
2017-02-14 15:14:35 +03:00
parser . add_option ( " --disable-stats " , dest = " disableStats " , action = " store_true " ,
help = SUPPRESS_HELP )
2010-05-21 13:35:36 +04:00
parser . add_option ( " --profile " , dest = " profile " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = SUPPRESS_HELP )
2010-05-21 13:35:36 +04:00
2017-08-28 13:30:42 +03:00
parser . add_option ( " --force-dbms " , dest = " forceDbms " ,
help = SUPPRESS_HELP )
2012-07-30 23:50:46 +04:00
parser . add_option ( " --force-dns " , dest = " forceDns " , action = " store_true " ,
help = SUPPRESS_HELP )
2010-05-21 13:35:36 +04:00
2018-04-17 18:08:57 +03:00
parser . add_option ( " --force-pivoting " , dest = " forcePivoting " , action = " store_true " ,
help = SUPPRESS_HELP )
2015-09-26 01:09:17 +03:00
parser . add_option ( " --force-threads " , dest = " forceThreads " , action = " store_true " ,
help = SUPPRESS_HELP )
2010-07-30 16:49:25 +04:00
parser . add_option ( " --smoke-test " , dest = " smokeTest " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = SUPPRESS_HELP )
2010-07-30 16:49:25 +04:00
2010-09-15 17:59:55 +04:00
parser . add_option ( " --live-test " , dest = " liveTest " , action = " store_true " ,
2011-06-16 15:42:13 +04:00
help = SUPPRESS_HELP )
2010-09-15 17:59:55 +04:00
2019-04-19 14:28:11 +03:00
parser . add_option ( " --vuln-test " , dest = " vulnTest " , action = " store_true " ,
help = SUPPRESS_HELP )
2012-12-17 15:41:43 +04:00
parser . add_option ( " --stop-fail " , dest = " stopFail " , action = " store_true " ,
help = SUPPRESS_HELP )
2012-12-17 15:29:33 +04:00
parser . add_option ( " --run-case " , dest = " runCase " , help = SUPPRESS_HELP )
2011-03-24 15:07:47 +03:00
2017-04-10 15:50:17 +03:00
# API options
parser . add_option ( " --api " , dest = " api " , action = " store_true " ,
help = SUPPRESS_HELP )
parser . add_option ( " --taskid " , dest = " taskid " , help = SUPPRESS_HELP )
parser . add_option ( " --database " , dest = " database " , help = SUPPRESS_HELP )
2008-12-04 20:40:03 +03:00
parser . add_option_group ( target )
2008-10-15 19:38:22 +04:00
parser . add_option_group ( request )
2010-10-17 01:52:16 +04:00
parser . add_option_group ( optimization )
2008-10-15 19:38:22 +04:00
parser . add_option_group ( injection )
2010-11-08 13:11:43 +03:00
parser . add_option_group ( detection )
2008-11-12 03:36:50 +03:00
parser . add_option_group ( techniques )
2008-10-15 19:38:22 +04:00
parser . add_option_group ( fingerprint )
parser . add_option_group ( enumeration )
2010-11-09 19:15:55 +03:00
parser . add_option_group ( brute )
2009-09-26 03:03:45 +04:00
parser . add_option_group ( udf )
2008-10-15 19:38:22 +04:00
parser . add_option_group ( filesystem )
parser . add_option_group ( takeover )
2009-09-26 03:03:45 +04:00
parser . add_option_group ( windows )
2010-11-16 17:11:32 +03:00
parser . add_option_group ( general )
2008-10-15 19:38:22 +04:00
parser . add_option_group ( miscellaneous )
2012-07-24 17:34:50 +04:00
# Dirty hack to display longer options without breaking into two lines
def _ ( self , * args ) :
2015-12-29 16:32:13 +03:00
retVal = parser . formatter . _format_option_strings ( * args )
if len ( retVal ) > MAX_HELP_OPTION_LENGTH :
retVal = ( " %% . %d s.. " % ( MAX_HELP_OPTION_LENGTH - parser . formatter . indent_increment ) ) % retVal
return retVal
2012-07-24 17:34:50 +04:00
parser . formatter . _format_option_strings = parser . formatter . format_option_strings
2019-04-30 14:20:31 +03:00
parser . formatter . format_option_strings = type ( parser . formatter . format_option_strings ) ( _ , parser )
2012-07-24 17:34:50 +04:00
2016-05-24 16:18:19 +03:00
# Dirty hack for making a short option '-hh'
2012-07-03 14:29:42 +04:00
option = parser . get_option ( " --hh " )
option . _short_opts = [ " -hh " ]
option . _long_opts = [ ]
2012-07-03 14:09:18 +04:00
2016-05-24 16:18:19 +03:00
# Dirty hack for inherent help message of switch '-h'
2012-07-03 15:11:09 +04:00
option = parser . get_option ( " -h " )
option . help = option . help . capitalize ( ) . replace ( " this help " , " basic help " )
2012-07-03 14:49:35 +04:00
2015-09-10 16:01:30 +03:00
_ = [ ]
2014-09-16 16:12:43 +04:00
prompt = False
2012-07-03 14:29:42 +04:00
advancedHelp = True
2015-07-07 10:24:16 +03:00
extraHeaders = [ ]
2018-09-24 15:00:58 +03:00
tamperIndex = None
2011-02-20 00:06:24 +03:00
2017-06-29 16:33:34 +03:00
# Reference: https://stackoverflow.com/a/4012683 (Note: previously used "...sys.getfilesystemencoding() or UNICODE_ENCODING")
2015-09-10 16:01:30 +03:00
for arg in argv :
2017-06-29 16:33:34 +03:00
_ . append ( getUnicode ( arg , encoding = sys . stdin . encoding ) )
2011-02-20 00:06:24 +03:00
2015-09-10 16:01:30 +03:00
argv = _
2019-05-24 15:18:18 +03:00
checkOldOptions ( argv )
2012-11-28 14:10:57 +04:00
2014-09-16 18:18:13 +04:00
prompt = " --sqlmap-shell " in argv
2012-07-03 14:09:18 +04:00
2014-09-16 16:12:43 +04:00
if prompt :
2014-09-16 18:21:29 +04:00
parser . usage = " "
2014-09-16 16:12:43 +04:00
cmdLineOptions . sqlmapShell = True
_ = [ " x " , " q " , " exit " , " quit " , " clear " ]
2014-09-16 18:18:13 +04:00
for option in parser . option_list :
_ . extend ( option . _long_opts )
_ . extend ( option . _short_opts )
2014-09-16 16:12:43 +04:00
for group in parser . option_groups :
for option in group . option_list :
_ . extend ( option . _long_opts )
_ . extend ( option . _short_opts )
autoCompletion ( AUTOCOMPLETE_TYPE . SQLMAP , commands = _ )
while True :
command = None
try :
2019-05-14 17:08:12 +03:00
# Note: in Python2 command should not be converted to Unicode before passing to shlex (Reference: https://bugs.python.org/issue1170)
2019-05-02 01:45:44 +03:00
command = _input ( " sqlmap-shell> " ) . strip ( )
2014-09-16 16:12:43 +04:00
except ( KeyboardInterrupt , EOFError ) :
2019-01-22 03:28:24 +03:00
print ( )
2014-09-16 16:12:43 +04:00
raise SqlmapShellQuitException
if not command :
continue
elif command . lower ( ) == " clear " :
2016-02-23 11:57:06 +03:00
clearHistory ( )
2016-06-10 19:41:41 +03:00
dataToStdout ( " [i] history cleared \n " )
2014-09-16 17:17:50 +04:00
saveHistory ( AUTOCOMPLETE_TYPE . SQLMAP )
2014-09-16 16:12:43 +04:00
elif command . lower ( ) in ( " x " , " q " , " exit " , " quit " ) :
raise SqlmapShellQuitException
elif command [ 0 ] != ' - ' :
2016-06-10 19:41:41 +03:00
dataToStdout ( " [!] invalid option(s) provided \n " )
dataToStdout ( " [i] proper example: ' -u http://www.site.com/vuln.php?id=1 --banner ' \n " )
2014-09-16 16:12:43 +04:00
else :
2014-09-16 17:17:50 +04:00
saveHistory ( AUTOCOMPLETE_TYPE . SQLMAP )
loadHistory ( AUTOCOMPLETE_TYPE . SQLMAP )
2014-09-16 16:12:43 +04:00
break
2014-12-15 11:11:40 +03:00
try :
for arg in shlex . split ( command ) :
argv . append ( getUnicode ( arg , encoding = sys . stdin . encoding ) )
2019-01-22 02:40:48 +03:00
except ValueError as ex :
2019-05-03 01:48:46 +03:00
raise SqlmapSyntaxException ( " something went wrong during command line parsing ( ' %s ' ) " % getSafeExString ( ex ) )
2014-09-16 16:12:43 +04:00
2014-09-16 18:18:13 +04:00
for i in xrange ( len ( argv ) ) :
if argv [ i ] == " -hh " :
argv [ i ] = " -h "
2016-11-18 00:34:10 +03:00
elif len ( argv [ i ] ) > 1 and all ( ord ( _ ) in xrange ( 0x2018 , 0x2020 ) for _ in ( ( argv [ i ] . split ( ' = ' , 1 ) [ - 1 ] . strip ( ) or ' ' ) [ 0 ] , argv [ i ] [ - 1 ] ) ) :
2016-10-14 00:07:11 +03:00
dataToStdout ( " [!] copy-pasting illegal (non-console) quote characters from Internet is, well, illegal ( %s ) \n " % argv [ i ] )
raise SystemExit
2017-01-16 15:53:46 +03:00
elif len ( argv [ i ] ) > 1 and u " \uff0c " in argv [ i ] . split ( ' = ' , 1 ) [ - 1 ] :
dataToStdout ( " [!] copy-pasting illegal (non-console) comma characters from Internet is, well, illegal ( %s ) \n " % argv [ i ] )
raise SystemExit
2015-08-19 22:00:16 +03:00
elif re . search ( r " \ A- \ w=.+ " , argv [ i ] ) :
2016-06-10 19:41:41 +03:00
dataToStdout ( " [!] potentially miswritten (illegal ' = ' ) short option detected ( ' %s ' ) \n " % argv [ i ] )
raise SystemExit
2018-09-24 15:00:58 +03:00
elif argv [ i ] . startswith ( " --tamper " ) :
if tamperIndex is None :
tamperIndex = i if ' = ' in argv [ i ] else ( i + 1 if i + 1 < len ( argv ) and not argv [ i + 1 ] . startswith ( ' - ' ) else None )
else :
argv [ tamperIndex ] = " %s , %s " % ( argv [ tamperIndex ] , argv [ i ] . split ( ' = ' ) [ 1 ] if ' = ' in argv [ i ] else ( argv [ i + 1 ] if i + 1 < len ( argv ) and not argv [ i + 1 ] . startswith ( ' - ' ) else " " ) )
argv [ i ] = " "
2015-07-07 10:24:16 +03:00
elif argv [ i ] == " -H " :
if i + 1 < len ( argv ) :
extraHeaders . append ( argv [ i + 1 ] )
2019-04-18 12:18:00 +03:00
elif argv [ i ] == " -r " :
for j in xrange ( i + 2 , len ( argv ) ) :
value = argv [ j ]
if os . path . isfile ( value ) :
argv [ i + 1 ] + = " , %s " % value
argv [ j ] = ' '
else :
break
2014-12-21 07:15:42 +03:00
elif re . match ( r " \ A \ d+! \ Z " , argv [ i ] ) and argv [ max ( 0 , i - 1 ) ] == " --threads " or re . match ( r " \ A--threads.+ \ d+! \ Z " , argv [ i ] ) :
argv [ i ] = argv [ i ] [ : - 1 ]
conf . skipThreadCheck = True
2014-09-16 18:18:13 +04:00
elif argv [ i ] == " --version " :
2019-01-22 03:20:27 +03:00
print ( VERSION_STRING . split ( ' / ' ) [ - 1 ] )
2014-09-16 18:18:13 +04:00
raise SystemExit
2016-10-05 18:01:58 +03:00
elif argv [ i ] in ( " -h " , " --help " ) :
2014-09-16 18:18:13 +04:00
advancedHelp = False
for group in parser . option_groups [ : ] :
found = False
for option in group . option_list :
if option . dest not in BASIC_HELP_ITEMS :
option . help = SUPPRESS_HELP
else :
found = True
if not found :
parser . option_groups . remove ( group )
2016-09-29 12:19:25 +03:00
for verbosity in ( _ for _ in argv if re . search ( r " \ A \ -v+ \ Z " , _ ) ) :
try :
if argv . index ( verbosity ) == len ( argv ) - 1 or not argv [ argv . index ( verbosity ) + 1 ] . isdigit ( ) :
conf . verbose = verbosity . count ( ' v ' ) + 1
del argv [ argv . index ( verbosity ) ]
except ( IndexError , ValueError ) :
pass
2012-07-03 14:21:40 +04:00
try :
2014-09-16 16:12:43 +04:00
( args , _ ) = parser . parse_args ( argv )
2019-01-22 02:40:48 +03:00
except UnicodeEncodeError as ex :
2019-05-15 01:12:00 +03:00
dataToStdout ( " \n [!] %s \n " % getUnicode ( ex . object . encode ( " unicode-escape " ) ) )
2014-10-31 03:01:35 +03:00
raise SystemExit
2012-07-03 14:21:40 +04:00
except SystemExit :
2014-09-16 18:18:13 +04:00
if " -h " in argv and not advancedHelp :
2016-06-10 19:41:41 +03:00
dataToStdout ( " \n [!] to see full list of options run with ' -hh ' \n " )
2012-07-03 14:21:40 +04:00
raise
2008-10-15 19:38:22 +04:00
2015-07-07 10:24:16 +03:00
if extraHeaders :
if not args . headers :
args . headers = " "
delimiter = " \\ n " if " \\ n " in args . headers else " \n "
args . headers + = delimiter + delimiter . join ( extraHeaders )
2012-07-03 14:09:18 +04:00
# Expand given mnemonic options (e.g. -z "ign,flu,bat")
2014-09-16 16:12:43 +04:00
for i in xrange ( len ( argv ) - 1 ) :
if argv [ i ] == " -z " :
expandMnemonics ( argv [ i + 1 ] , parser , args )
2011-06-15 15:58:50 +04:00
2013-02-28 23:20:08 +04:00
if args . dummy :
args . url = args . url or DUMMY_URL
2019-04-19 14:28:11 +03:00
if not any ( ( args . direct , args . url , args . logFile , args . bulkFile , args . googleDork , args . configFile , args . requestFile , args . updateAll , args . smokeTest , args . vulnTest , args . liveTest , args . wizard , args . dependencies , args . purge , args . sitemapUrl , args . listTampers , args . hashFile ) ) :
2018-07-31 03:18:33 +03:00
errMsg = " missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --list-tampers, --wizard, --update, --purge or --dependencies). "
errMsg + = " Use -h for basic and -hh for advanced help \n "
2008-10-15 19:38:22 +04:00
parser . error ( errMsg )
return args
2011-03-29 03:09:19 +04:00
2019-01-22 04:08:02 +03:00
except ( OptionError , TypeError ) as ex :
parser . error ( ex )
2008-10-15 19:38:22 +04:00
2012-02-22 14:40:11 +04:00
except SystemExit :
2011-03-29 03:12:04 +04:00
# Protection against Windows dummy double clicking
2011-03-29 03:09:19 +04:00
if IS_WIN :
2016-06-10 19:41:41 +03:00
dataToStdout ( " \n Press Enter to continue... " )
2019-05-02 01:45:44 +03:00
_input ( )
2011-03-29 03:09:19 +04:00
raise
2008-10-15 19:38:22 +04:00
debugMsg = " parsing command line "
logger . debug ( debugMsg )