sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-06-08 07:03:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Section explanation change to reflect recent enhancements

Browse Source
This commit is contained in:
Bernardo Damele 2011-02-19 21:06:24 +00:00
parent 60b05ff49f
commit 023a80c31c
2 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lib/parse/cmdline.py
View File

@ -177,7 +177,6 @@ def cmdLineParser():
injection.add_option("--tamper", dest="tamper", injection.add_option("--tamper", dest="tamper",
help="Use given script(s) for tampering injection data") help="Use given script(s) for tampering injection data")
# Detection options # Detection options
detection = OptionGroup(parser, "Detection", "These options can be " detection = OptionGroup(parser, "Detection", "These options can be "
"used to specify how to parse " "used to specify how to parse "
@ -205,13 +204,10 @@ def cmdLineParser():
action="store_true", default=False, action="store_true", default=False,
help="Compare pages based only on their textual content") help="Compare pages based only on their textual content")
# Techniques options # Techniques options
techniques = OptionGroup(parser, "Techniques", "These options can " techniques = OptionGroup(parser, "Techniques", "These options can "
"be used to test for specific SQL injection " "be used to tweak how specific SQL injection "
"technique or to use one of them to exploit " "techniques are tested.")
"the affected parameter(s) rather than using "
"the default blind SQL injection technique.")
techniques.add_option("--time-sec", dest="timeSec", techniques.add_option("--time-sec", dest="timeSec",
type="int", default=TIME_DEFAULT_DELAY, type="int", default=TIME_DEFAULT_DELAY,
@ -538,15 +534,17 @@ def cmdLineParser():
parser.add_option_group(miscellaneous) parser.add_option_group(miscellaneous)
args = [] args = []
for arg in sys.argv: for arg in sys.argv:
try: try:
args.append(getUnicode(arg, sys.getfilesystemencoding() or sys.stdin.encoding)) args.append(getUnicode(arg, sys.getfilesystemencoding() or sys.stdin.encoding))
except: except:
args.append(getUnicode(arg, UNICODE_ENCODING)) args.append(getUnicode(arg, UNICODE_ENCODING))
(args, _) = parser.parse_args(args) (args, _) = parser.parse_args(args)
if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile\ if not args.direct and not args.url and not args.list and not args.googleDork and not args.configFile \
and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest\ and not args.requestFile and not args.updateAll and not args.smokeTest and not args.liveTest \
and not args.realTest: and not args.realTest:
errMsg = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), " errMsg = "missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c' or '--update'), "
errMsg += "-h for help" errMsg += "-h for help"

5
sqlmap.conf
View File

@ -223,9 +223,8 @@ regexp =
textOnly = False textOnly = False
# These options can be used to test for specific SQL injection technique # These options can be used to tweak how specific SQL injection
# or to use one of them to exploit the affected parameter(s) rather than # techniques are tested.
# using the default blind SQL injection technique.
[Techniques] [Techniques]
# Seconds to delay the response from the DBMS. # Seconds to delay the response from the DBMS.