sqlmap/doc/FAQ.sgml

<!doctype linuxdoc system>

<article>

<title>sqlmap FAQ
<author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G.">, <htmlurl url="mailto:miroslav.stampar@gmail.com" name="Miroslav Stampar">
<date>May 10, 2010
<abstract>
This document contains frequently asked questions for <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">.
Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage">
for the latest version.
</abstract>

<toc>

<sect>Frequently Asked Questions

<sect1>What is sqlmap?

<p>
sqlmap is an open source penetration testing tool that automates the
process of detecting and exploiting SQL injection flaws and taking over of
back-end database servers.
It comes with a broad range of features lasting from database
fingerprinting, over data fetching from the database, to accessing the
underlying file system and executing commands on the operating system via
out-of-band connections.

<sect1>How to run sqlmap?

<p>
If you are running on a Unix/Linux system type the following command
from a terminal:
<tscreen><verb>
python sqlmap.py -h
</verb></tscreen>

<p>
If you are running on a Windows system type the following command
from a terminal:
<tscreen><verb>
C:\Python26\python.exe sqlmap.py -h
</verb></tscreen>

<sect1>Can I integrate sqlmap with a security tool I am developing?

<p>
Yes. sqlmap is released under the terms of the GPLv2, which means that any
derivative work must be distributed without further restrictions on the
rights granted by the GPL itself. If this constitutes a problem, feel free
to contact us so we can find a solution.

<sect1>Will you support other database management systems?

<p>
Yes. There are plans to support also IBM DB2, Informix and others in the
long term.

<sect1>How can I occasionally contribute?

<p>
All help is greatly appreciated. First of all download the tool, read the
user's manual, have fun with it during your penetration tests. If you find
bugs or have ideas for possible improvements, feel free to get in touch.
Many people <htmlurl url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/doc/THANKS"
name="have contributed"> in different ways to the sqlmap development.
You can be the next!

<sect1>Can I actively contribute in the long-term development?

<p>
Yes, we are looking for security geeks who can write some clean Python
code, are up to do security research, know about web application security,
database assessment and takeover, post-exploitation techniques, software
refactoring and are motivated to join the development team. If you are
interested, feel free to <htmlurl url="http://sqlmap.sourceforge.net/#author"
name="get in touch">.

<sect1>How can I support the development?

<p>
If you think that sqlmap is awesome, it really played well during your
penetration tests, or you simply like it, you, or your boss, can <htmlurl
url="http://sourceforge.net/donate/index.php?group_id=171598" name="donate
some money"> to the developers via PayPal.

<sect1>Can you hack a site for me?

<p>
<bf>No</bf>.

<sect1>How sqlmap decides this and that?

<p>
That's how.

</article>
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00			`<!doctype linuxdoc system>`

			`<article>`

			`<title>sqlmap FAQ`
			`<author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G.">, <htmlurl url="mailto:miroslav.stampar@gmail.com" name="Miroslav Stampar">`
Updated 2010-05-10 18:52:02 +04:00			`<date>May 10, 2010`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00			`<abstract>`
			`This document contains frequently asked questions for <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">.`
			`Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage">`
			`for the latest version.`
			`</abstract>`

			`<toc>`

			`<sect>Frequently Asked Questions`

Updated 2010-05-10 18:52:02 +04:00			`<sect1>What is sqlmap?`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00
			`<p>`
			`sqlmap is an open source penetration testing tool that automates the`
			`process of detecting and exploiting SQL injection flaws and taking over of`
			`back-end database servers.`
			`It comes with a broad range of features lasting from database`
			`fingerprinting, over data fetching from the database, to accessing the`
			`underlying file system and executing commands on the operating system via`
			`out-of-band connections.`

Updated 2010-05-10 18:52:02 +04:00			`<sect1>How to run sqlmap?`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00
Updated 2010-05-10 18:52:02 +04:00			`<p>`
			`If you are running on a Unix/Linux system type the following command`
			`from a terminal:`
			`<tscreen><verb>`
			`python sqlmap.py -h`
			`</verb></tscreen>`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00
			`<p>`
Updated 2010-05-10 18:52:02 +04:00			`If you are running on a Windows system type the following command`
			`from a terminal:`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00			`<tscreen><verb>`
Updated 2010-05-10 18:52:02 +04:00			`C:\Python26\python.exe sqlmap.py -h`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00			`</verb></tscreen>`

Updated 2010-05-10 18:52:02 +04:00			`<sect1>Can I integrate sqlmap with a security tool I am developing?`

			`<p>`
			`Yes. sqlmap is released under the terms of the GPLv2, which means that any`
			`derivative work must be distributed without further restrictions on the`
			`rights granted by the GPL itself. If this constitutes a problem, feel free`
			`to contact us so we can find a solution.`

			`<sect1>Will you support other database management systems?`

			`<p>`
			`Yes. There are plans to support also IBM DB2, Informix and others in the`
			`long term.`

			`<sect1>How can I occasionally contribute?`

			`<p>`
			`All help is greatly appreciated. First of all download the tool, read the`
			`user's manual, have fun with it during your penetration tests. If you find`
			`bugs or have ideas for possible improvements, feel free to get in touch.`
			`Many people <htmlurl url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/doc/THANKS"`
			`name="have contributed"> in different ways to the sqlmap development.`
			`You can be the next!`

			`<sect1>Can I actively contribute in the long-term development?`

			`<p>`
			`Yes, we are looking for security geeks who can write some clean Python`
			`code, are up to do security research, know about web application security,`
			`database assessment and takeover, post-exploitation techniques, software`
			`refactoring and are motivated to join the development team. If you are`
			`interested, feel free to <htmlurl url="http://sqlmap.sourceforge.net/#author"`
			`name="get in touch">.`

			`<sect1>How can I support the development?`

			`<p>`
			`If you think that sqlmap is awesome, it really played well during your`
			`penetration tests, or you simply like it, you, or your boss, can <htmlurl`
			`url="http://sourceforge.net/donate/index.php?group_id=171598" name="donate`
			`some money"> to the developers via PayPal.`

			`<sect1>Can you hack a site for me?`

			`<p>`
			`<bf>No</bf>.`

			`<sect1>How sqlmap decides this and that?`
added basic skeleton for FAQ doc 2010-03-17 15:56:26 +03:00
			`<p>`
			`That's how.`

			`</article>`