sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Preparing documentation for 0.6.4

Browse Source
This commit is contained in:
Bernardo Damele 2008-12-29 18:44:20 +00:00
parent c83593c044
commit 0e9873fd4f
4 changed files with 79 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/ChangeLog
View File

@ -5,17 +5,17 @@ sqlmap (0.6.4-1) stable; urgency=low
object; object;
* Major enhancement to support SQL data definition statements, SQL data * Major enhancement to support SQL data definition statements, SQL data
manipulation statements, etc from user in SQL query and SQL shell if manipulation statements, etc from user in SQL query and SQL shell if
stacked queries are supported by the web application technology in stacked queries are supported by the web application technology;
use;
* Major speed increase in DBMS basic fingerprint; * Major speed increase in DBMS basic fingerprint;
* Minor enhancement to support an option (--is-dba) to show if the * Minor enhancement to support an option (--is-dba) to show if the
current user is a database management system administrator; current user is a database management system administrator;
* Minor enhancement to support an option (--union-tech) to specify the * Minor enhancement to support an option (--union-tech) to specify the
technique to use to detect the number of columns used in the web technique to use to detect the number of columns used in the web
application SELECT statement: NULL bruteforcing (default) or ORDER BY application SELECT statement: NULL bruteforcing (default) or ORDER BY
clause; clause bruteforcing;
* Added support internally to forge CASE statements, used only by * Added internal support to forge CASE statements, used only by --is-dba
--is-dba query at the moment; query at the moment;
* Minor layout adjustment to the --update output;
* Major bug fix to avoid tracebacks when multiple targets are specified * Major bug fix to avoid tracebacks when multiple targets are specified
and one of them is not reachable; and one of them is not reachable;
* Minor bug fix to make the Partial UNION query SQL injection technique * Minor bug fix to make the Partial UNION query SQL injection technique

73
doc/README.html
View File

@ -8,7 +8,7 @@
<H1>sqlmap user's manual</H1> <H1>sqlmap user's manual</H1>
<H2>by <H2>by
<A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A></H2>version 0.6.3, 18th of December 2008 <A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A></H2>version 0.6.4, DDth of MMM 2009
<HR> <HR>
<EM>This document is the user's manual to use <EM>This document is the user's manual to use
<A HREF="http://sqlmap.sourceforge.net">sqlmap</A>. <A HREF="http://sqlmap.sourceforge.net">sqlmap</A>.
@ -88,8 +88,9 @@ for x86, AMD64 and Itanium too.</P>
<A HREF="http://ipython.scipy.org/moin/PyReadline/Intro">PyReadline</A> <A HREF="http://ipython.scipy.org/moin/PyReadline/Intro">PyReadline</A>
library to be able to take advantage of the sqlmap TAB completion and library to be able to take advantage of the sqlmap TAB completion and
history support functionalities in the SQL shell and OS shell. history support functionalities in the SQL shell and OS shell.
Note that these functionalities are available natively by Python official Note that these functionalities are available natively by Python standard
readline library on other operating systems. <A HREF="http://docs.python.org/library/readline.html">readline</A>
library on other operating systems.
You can also choose to install You can also choose to install
<A HREF="http://psyco.sourceforge.net/">Psyco</A> <A HREF="http://psyco.sourceforge.net/">Psyco</A>
library to speed up the sqlmap algorithmic operations.</P> library to speed up the sqlmap algorithmic operations.</P>
@ -347,24 +348,24 @@ It is available in various formats:</P>
<P> <P>
<UL> <UL>
<LI> <LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.gz">Source gzip compressed</A> operating system independent. <A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.tar.gz">Source gzip compressed</A> operating system independent.
</LI> </LI>
<LI> <LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.bz2">Source bzip2 compressed</A> operating system independent. <A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.tar.bz2">Source bzip2 compressed</A> operating system independent.
</LI> </LI>
<LI> <LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.zip">Source zip compressed</A> operating system independent. <A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.zip">Source zip compressed</A> operating system independent.
</LI> </LI>
<LI> <LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.3-1_all.deb">DEB binary package</A> architecture independent for Debian and any <A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.4-1_all.deb">DEB binary package</A> architecture independent for Debian and any
other Debian derivated GNU/Linux distribution. other Debian derivated GNU/Linux distribution.
</LI> </LI>
<LI> <LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any <A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any
other operating system that can install RPM packages. other operating system that can install RPM packages.
</LI> </LI>
<LI> <LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3_exe.zip">Portable executable for Windows</A> that <B>does not require the Python <A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4_exe.zip">Portable executable for Windows</A> that <B>does not require the Python
interpreter</B> to be installed on the operating system.</LI> interpreter</B> to be installed on the operating system.</LI>
</UL> </UL>
</P> </P>
@ -402,7 +403,7 @@ and
<PRE> <PRE>
$ python sqlmap.py -h $ python sqlmap.py -h
sqlmap/0.6.3 coded by Bernardo Damele A. G. &lt;bernardo.damele@gmail.com> sqlmap/0.6.4 coded by Bernardo Damele A. G. &lt;bernardo.damele@gmail.com>
and Daniele Bellucci &lt;daniele.bellucci@gmail.com> and Daniele Bellucci &lt;daniele.bellucci@gmail.com>
Usage: sqlmap.py [options] Usage: sqlmap.py [options]
@ -619,7 +620,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
[hh:mm:55] [INFO] testing MySQL [hh:mm:55] [INFO] testing MySQL
@ -632,7 +633,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</PRE> </PRE>
@ -654,7 +655,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:44] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:44] [TRAFFIC IN] HTTP response (OK - 200):
@ -675,7 +676,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</PRE> </PRE>
@ -697,7 +698,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:17] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:17] [TRAFFIC IN] HTTP response (OK - 200):
@ -725,7 +726,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:18] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:18] [TRAFFIC IN] HTTP response (OK - 200):
@ -1036,7 +1037,7 @@ Host: 192.168.1.125:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
Connection: close Connection: close
@ -1052,7 +1053,7 @@ Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
Cookie: ASPSESSIONIDSABTRCAS=469 Cookie: ASPSESSIONIDSABTRCAS=469
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic [hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
@ -1104,7 +1105,7 @@ Accept-language: en-us,en;q=0.5
Referer: http://www.google.com Referer: http://www.google.com
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</PRE> </PRE>
@ -1121,7 +1122,7 @@ Connection: close
<P> <P>
<BLOCKQUOTE><CODE> <BLOCKQUOTE><CODE>
<PRE> <PRE>
sqlmap/0.6.3 (http://sqlmap.sourceforge.net) sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
</PRE> </PRE>
</CODE></BLOCKQUOTE> </CODE></BLOCKQUOTE>
</P> </P>
@ -1243,7 +1244,7 @@ Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
@ -1264,7 +1265,7 @@ Authorization: Digest username="testuser", realm="Testing digest authentication"
nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d", nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d",
uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747", uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747",
algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a" algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a"
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</PRE> </PRE>
@ -1437,7 +1438,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
<BLOCKQUOTE><CODE> <BLOCKQUOTE><CODE>
<PRE> <PRE>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/ua_str.php" -v 1 \ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/ua_str.php" -v 1 \
-p "user-agent" --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)" -p "user-agent" --user-agent "sqlmap/0.6.4 (http://sqlmap.sourceforge.net)"
[hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
[hh:mm:40] [INFO] testing connection to the target url [hh:mm:40] [INFO] testing connection to the target url
@ -1551,7 +1552,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
[hh:mm:17] [INFO] GET parameter 'id' is custom injectable [hh:mm:17] [INFO] GET parameter 'id' is custom injectable
@ -1628,7 +1629,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
[hh:mm:50] [TRAFFIC OUT] HTTP request: [hh:mm:50] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
Host: 192.168.1.121:80 Host: 192.168.1.121:80
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@ -1650,7 +1651,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request: [hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
Host: 192.168.1.121:80 Host: 192.168.1.121:80
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1672,7 +1673,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request: [hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
Host: 192.168.1.121:80 Host: 192.168.1.121:80
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -2083,7 +2084,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200):
@ -3181,7 +3182,7 @@ Table: users
| 1 | luther | blissett | | 1 | luther | blissett |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull | | 5 | NULL | nameisnull |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
</PRE> </PRE>
@ -3235,7 +3236,7 @@ Table: users
| 1 | luther | blissett | | 1 | luther | blissett |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | | nameisnull | | 5 | | nameisnull |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
@ -3248,7 +3249,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv
"1","luther","blissett" "1","luther","blissett"
"2","fluffy","bunny" "2","fluffy","bunny"
"3","wu","ming" "3","wu","ming"
"4","sqlmap/0.6.3 (http://sqlmap.sourceforge.net)","user agent header" "4","sqlmap/0.6.4 (http://sqlmap.sourceforge.net)","user agent header"
"5","","nameisnull" "5","","nameisnull"
</PRE> </PRE>
</CODE></BLOCKQUOTE> </CODE></BLOCKQUOTE>
@ -3278,7 +3279,7 @@ Table: users
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
</PRE> </PRE>
</CODE></BLOCKQUOTE> </CODE></BLOCKQUOTE>
@ -3309,7 +3310,7 @@ Table: users
| 1 | luther | blissett | | 1 | luther | blissett |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull | | 5 | NULL | nameisnull |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
@ -3399,7 +3400,7 @@ Table: users
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
| id | name | surname | | id | name | surname |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 1 | luther | blisset | | 1 | luther | blisset |
| 3 | wu | ming | | 3 | wu | ming |
@ -3962,7 +3963,7 @@ $ python sqlmap.py --update -v 4
[hh:mm:55] [TRAFFIC OUT] HTTP request: [hh:mm:55] [TRAFFIC OUT] HTTP request:
GET /doc/VERSION HTTP/1.1 GET /doc/VERSION HTTP/1.1
Host: sqlmap.sourceforge.net Host: sqlmap.sourceforge.net
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200):
@ -3981,7 +3982,7 @@ X-Pad: avoid browser bug
[hh:mm:56] [TRAFFIC OUT] HTTP request: [hh:mm:56] [TRAFFIC OUT] HTTP request:
GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1 GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1
Host: www.sqlsecurity.com Host: www.sqlsecurity.com
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0; Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0;
language=en-US language=en-US
Connection: close Connection: close

BIN
doc/README.pdf
View File

Binary file not shown.

73
doc/README.sgml
View File

@ -4,7 +4,7 @@
<title>sqlmap user's manual <title>sqlmap user's manual
<author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G."> <author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G.">
<date>version 0.6.3, 18th of December 2008 <date>version 0.6.4, DDth of MMM 2009
<abstract> <abstract>
This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">. This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">.
Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage"> Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage">
@ -46,8 +46,9 @@ Optionally, if you are running sqlmap on Windows, you may wish to install
<htmlurl url="http://ipython.scipy.org/moin/PyReadline/Intro" name="PyReadline"> <htmlurl url="http://ipython.scipy.org/moin/PyReadline/Intro" name="PyReadline">
library to be able to take advantage of the sqlmap TAB completion and library to be able to take advantage of the sqlmap TAB completion and
history support functionalities in the SQL shell and OS shell. history support functionalities in the SQL shell and OS shell.
Note that these functionalities are available natively by Python official Note that these functionalities are available natively by Python standard
readline library on other operating systems. <htmlurl url="http://docs.python.org/library/readline.html" name="readline">
library on other operating systems.
You can also choose to install <htmlurl url="http://psyco.sourceforge.net/" name="Psyco"> You can also choose to install <htmlurl url="http://psyco.sourceforge.net/" name="Psyco">
library to speed up the sqlmap algorithmic operations. library to speed up the sqlmap algorithmic operations.
@ -304,24 +305,24 @@ name="SourceForge File List page">.
It is available in various formats: It is available in various formats:
<itemize> <itemize>
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.gz" <item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.tar.gz"
name="Source gzip compressed"> operating system independent. name="Source gzip compressed"> operating system independent.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.tar.bz2" <item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.tar.bz2"
name="Source bzip2 compressed"> operating system independent. name="Source bzip2 compressed"> operating system independent.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3.zip" <item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4.zip"
name="Source zip compressed"> operating system independent. name="Source zip compressed"> operating system independent.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.3-1_all.deb" <item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.4-1_all.deb"
name="DEB binary package"> architecture independent for Debian and any name="DEB binary package"> architecture independent for Debian and any
other Debian derivated GNU/Linux distribution. other Debian derivated GNU/Linux distribution.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3-1.noarch.rpm" <item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4-1.noarch.rpm"
name="RPM binary package"> architecture independent for Fedora and any name="RPM binary package"> architecture independent for Fedora and any
other operating system that can install RPM packages. other operating system that can install RPM packages.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.3_exe.zip" <item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.4_exe.zip"
name="Portable executable for Windows"> that <bf>does not require the Python name="Portable executable for Windows"> that <bf>does not require the Python
interpreter</bf> to be installed on the operating system. interpreter</bf> to be installed on the operating system.
</itemize> </itemize>
@ -358,7 +359,7 @@ and <htmlurl url="mailto:daniele.bellucci@gmail.com" name="Daniele Bellucci">.
<tscreen><verb> <tscreen><verb>
$ python sqlmap.py -h $ python sqlmap.py -h
sqlmap/0.6.3 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com> sqlmap/0.6.4 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
and Daniele Bellucci <daniele.bellucci@gmail.com> and Daniele Bellucci <daniele.bellucci@gmail.com>
Usage: sqlmap.py [options] Usage: sqlmap.py [options]
@ -570,7 +571,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
[hh:mm:55] [INFO] testing MySQL [hh:mm:55] [INFO] testing MySQL
@ -583,7 +584,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</verb></tscreen> </verb></tscreen>
@ -603,7 +604,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:44] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:44] [TRAFFIC IN] HTTP response (OK - 200):
@ -624,7 +625,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</verb></tscreen> </verb></tscreen>
@ -644,7 +645,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:17] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:17] [TRAFFIC IN] HTTP response (OK - 200):
@ -672,7 +673,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:18] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:18] [TRAFFIC IN] HTTP response (OK - 200):
@ -982,7 +983,7 @@ Host: 192.168.1.125:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
Connection: close Connection: close
@ -998,7 +999,7 @@ Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
Cookie: ASPSESSIONIDSABTRCAS=469 Cookie: ASPSESSIONIDSABTRCAS=469
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic [hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
@ -1049,7 +1050,7 @@ Accept-language: en-us,en;q=0.5
Referer: http://www.google.com Referer: http://www.google.com
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</verb></tscreen> </verb></tscreen>
@ -1065,7 +1066,7 @@ By default sqlmap perform HTTP requests providing the following HTTP
<tt>User-Agent</tt> header value: <tt>User-Agent</tt> header value:
<tscreen><verb> <tscreen><verb>
sqlmap/0.6.3 (http://sqlmap.sourceforge.net) sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
</verb></tscreen> </verb></tscreen>
<p> <p>
@ -1186,7 +1187,7 @@ Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
@ -1207,7 +1208,7 @@ Authorization: Digest username="testuser", realm="Testing digest authentication"
nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d", nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d",
uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747", uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747",
algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a" algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a"
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
</verb></tscreen> </verb></tscreen>
@ -1380,7 +1381,7 @@ Example on a <bf>MySQL 5.0.67</bf> target:
<tscreen><verb> <tscreen><verb>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/ua_str.php" -v 1 \ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/ua_str.php" -v 1 \
-p "user-agent" --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)" -p "user-agent" --user-agent "sqlmap/0.6.4 (http://sqlmap.sourceforge.net)"
[hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
[hh:mm:40] [INFO] testing connection to the target url [hh:mm:40] [INFO] testing connection to the target url
@ -1496,7 +1497,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[...] [...]
[hh:mm:17] [INFO] GET parameter 'id' is custom injectable [hh:mm:17] [INFO] GET parameter 'id' is custom injectable
@ -1568,7 +1569,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
[hh:mm:50] [TRAFFIC OUT] HTTP request: [hh:mm:50] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
Host: 192.168.1.121:80 Host: 192.168.1.121:80
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@ -1590,7 +1591,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request: [hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
Host: 192.168.1.121:80 Host: 192.168.1.121:80
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1612,7 +1613,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request: [hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1 GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
Host: 192.168.1.121:80 Host: 192.168.1.121:80
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -2015,7 +2016,7 @@ Host: 192.168.1.121:80
Accept-language: en-us,en;q=0.5 Accept-language: en-us,en;q=0.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8, Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
image/png,*/*;q=0.5 image/png,*/*;q=0.5
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200):
@ -3090,7 +3091,7 @@ Table: users
| 1 | luther | blissett | | 1 | luther | blissett |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull | | 5 | NULL | nameisnull |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
</verb></tscreen> </verb></tscreen>
@ -3142,7 +3143,7 @@ Table: users
| 1 | luther | blissett | | 1 | luther | blissett |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | | nameisnull | | 5 | | nameisnull |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
@ -3155,7 +3156,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv
"1","luther","blissett" "1","luther","blissett"
"2","fluffy","bunny" "2","fluffy","bunny"
"3","wu","ming" "3","wu","ming"
"4","sqlmap/0.6.3 (http://sqlmap.sourceforge.net)","user agent header" "4","sqlmap/0.6.4 (http://sqlmap.sourceforge.net)","user agent header"
"5","","nameisnull" "5","","nameisnull"
</verb></tscreen> </verb></tscreen>
@ -3183,7 +3184,7 @@ Table: users
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
</verb></tscreen> </verb></tscreen>
@ -3215,7 +3216,7 @@ Table: users
| 1 | luther | blissett | | 1 | luther | blissett |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 3 | wu | ming | | 3 | wu | ming |
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull | | 5 | NULL | nameisnull |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
@ -3304,7 +3305,7 @@ Table: users
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
| id | name | surname | | id | name | surname |
+----+----------------------------------------------+-------------------+ +----+----------------------------------------------+-------------------+
| 4 | sqlmap/0.6.3 (http://sqlmap.sourceforge.net) | user agent header | | 4 | sqlmap/0.6.4 (http://sqlmap.sourceforge.net) | user agent header |
| 2 | fluffy | bunny | | 2 | fluffy | bunny |
| 1 | luther | blisset | | 1 | luther | blisset |
| 3 | wu | ming | | 3 | wu | ming |
@ -3855,7 +3856,7 @@ $ python sqlmap.py --update -v 4
[hh:mm:55] [TRAFFIC OUT] HTTP request: [hh:mm:55] [TRAFFIC OUT] HTTP request:
GET /doc/VERSION HTTP/1.1 GET /doc/VERSION HTTP/1.1
Host: sqlmap.sourceforge.net Host: sqlmap.sourceforge.net
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Connection: close Connection: close
[hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200): [hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200):
@ -3874,7 +3875,7 @@ X-Pad: avoid browser bug
[hh:mm:56] [TRAFFIC OUT] HTTP request: [hh:mm:56] [TRAFFIC OUT] HTTP request:
GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1 GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1
Host: www.sqlsecurity.com Host: www.sqlsecurity.com
User-agent: sqlmap/0.6.3 (http://sqlmap.sourceforge.net) User-agent: sqlmap/0.6.4 (http://sqlmap.sourceforge.net)
Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0; Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0;
language=en-US language=en-US
Connection: close Connection: close