Add POST data/body prompt to interactive mode

Co-authored-by: GilbertKrantz <90319182+GilbertKrantz@users.noreply.github.com>
2026-01-11 11:11:09 +03:00 · 2026-01-05 18:47:22 +00:00 · 2026-01-05 18:47:22 +00:00 · 3a975b79c1
commit 3a975b79c1
parent ef6622c6c5
3 changed files with 17 additions and 4 deletions
--- a/EXAMPLES.md
+++ b/EXAMPLES.md
@ -45,6 +45,8 @@ python sqlmapcli.py --interactive

 This will ask you:
 - Target URL
+- Whether the request requires POST data/body
+- POST data/body (if needed) - supports JSON or form data
 - Scan type (quick or comprehensive)
 - Custom level and risk settings

--- a/README.md
+++ b/README.md
@ -57,13 +57,14 @@ python sqlmapcli.py -u "https://demo.owasp-juice.shop/rest/products/search?q=tes
 ```bash
 python sqlmapcli.py --interactive
 ```
+*Interactive mode now prompts for POST data/body, supporting both JSON and form data.*

 #### Features

 ✨ **Beautiful output** with Rich library - panels, tables, progress bars  
 ⚡ **One-line comprehensive testing** - test all risk/level combinations automatically  
 📊 **Clear result summaries** - vulnerability tables with color-coded findings  
-🎯 **Interactive mode** - guided prompts for easy testing  
+🎯 **Interactive mode** - guided prompts for easy testing, including POST data support  
 ⏱️ **Progress tracking** - see exactly what's being tested in real-time  

 #### CLI Options
--- a/sqlmapcli.py
+++ b/sqlmapcli.py
@ -329,8 +329,18 @@ class SQLMapCLI:
        
        url = Prompt.ask("\n[cyan]Enter target URL[/cyan]")
        
+        # Ask if this is a POST request
+        has_data = Confirm.ask("[cyan]Does this request require POST data/body?[/cyan]", default=False)
+        
+        data = None
+        if has_data:
+            self.console.print("\n[dim]Examples:[/dim]")
+            self.console.print("[dim]  JSON: {\"email\":\"test@example.com\",\"password\":\"pass123\"}[/dim]")
+            self.console.print("[dim]  Form: username=admin&password=secret[/dim]")
+            data = Prompt.ask("\n[cyan]Enter POST data/body[/cyan]")
+        
        scan_type = Prompt.ask(
-            "[cyan]Select scan type[/cyan]",
+            "\n[cyan]Select scan type[/cyan]",
            choices=["quick", "comprehensive"],
            default="quick"
        )
@ -338,11 +348,11 @@ class SQLMapCLI:
        if scan_type == "quick":
            level = int(Prompt.ask("[cyan]Test level (1-5)[/cyan]", default="1"))
            risk = int(Prompt.ask("[cyan]Test risk (1-3)[/cyan]", default="1"))
-            self.quick_scan(url, level, risk)
+            self.quick_scan(url, level, risk, data=data)
        else:
            max_level = int(Prompt.ask("[cyan]Maximum test level (1-5)[/cyan]", default="5"))
            max_risk = int(Prompt.ask("[cyan]Maximum test risk (1-3)[/cyan]", default="3"))
-            self.comprehensive_scan(url, max_level, max_risk)
+            self.comprehensive_scan(url, max_level, max_risk, data=data)


 def main():