sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-19 23:04:22 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add POST data/body prompt to interactive mode

Browse Source 
Co-authored-by: GilbertKrantz <90319182+GilbertKrantz@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2026-01-05 18:47:22 +00:00
parent ef6622c6c5
commit 3a975b79c1
3 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
EXAMPLES.md
View File

@ -45,6 +45,8 @@ python sqlmapcli.py --interactive
This will ask you: This will ask you:
- Target URL - Target URL
- Whether the request requires POST data/body
- POST data/body (if needed) - supports JSON or form data
- Scan type (quick or comprehensive) - Scan type (quick or comprehensive)
- Custom level and risk settings - Custom level and risk settings

3
README.md
View File

@ -57,13 +57,14 @@ python sqlmapcli.py -u "https://demo.owasp-juice.shop/rest/products/search?q=tes
```bash ```bash
python sqlmapcli.py --interactive python sqlmapcli.py --interactive
``` ```
*Interactive mode now prompts for POST data/body, supporting both JSON and form data.*
#### Features #### Features
**Beautiful output** with Rich library - panels, tables, progress bars **Beautiful output** with Rich library - panels, tables, progress bars
**One-line comprehensive testing** - test all risk/level combinations automatically **One-line comprehensive testing** - test all risk/level combinations automatically
📊 **Clear result summaries** - vulnerability tables with color-coded findings 📊 **Clear result summaries** - vulnerability tables with color-coded findings
🎯 **Interactive mode** - guided prompts for easy testing 🎯 **Interactive mode** - guided prompts for easy testing, including POST data support
⏱️ **Progress tracking** - see exactly what's being tested in real-time ⏱️ **Progress tracking** - see exactly what's being tested in real-time
#### CLI Options #### CLI Options

16
sqlmapcli.py
View File

@ -329,8 +329,18 @@ class SQLMapCLI:
url = Prompt.ask("\n[cyan]Enter target URL[/cyan]") url = Prompt.ask("\n[cyan]Enter target URL[/cyan]")
# Ask if this is a POST request
has_data = Confirm.ask("[cyan]Does this request require POST data/body?[/cyan]", default=False)
data = None
if has_data:
self.console.print("\n[dim]Examples:[/dim]")
self.console.print("[dim] JSON: {\"email\":\"test@example.com\",\"password\":\"pass123\"}[/dim]")
self.console.print("[dim] Form: username=admin&password=secret[/dim]")
data = Prompt.ask("\n[cyan]Enter POST data/body[/cyan]")
scan_type = Prompt.ask( scan_type = Prompt.ask(
"[cyan]Select scan type[/cyan]", "\n[cyan]Select scan type[/cyan]",
choices=["quick", "comprehensive"], choices=["quick", "comprehensive"],
default="quick" default="quick"
) )
@ -338,11 +348,11 @@ class SQLMapCLI:
if scan_type == "quick": if scan_type == "quick":
level = int(Prompt.ask("[cyan]Test level (1-5)[/cyan]", default="1")) level = int(Prompt.ask("[cyan]Test level (1-5)[/cyan]", default="1"))
risk = int(Prompt.ask("[cyan]Test risk (1-3)[/cyan]", default="1")) risk = int(Prompt.ask("[cyan]Test risk (1-3)[/cyan]", default="1"))
self.quick_scan(url, level, risk) self.quick_scan(url, level, risk, data=data)
else: else:
max_level = int(Prompt.ask("[cyan]Maximum test level (1-5)[/cyan]", default="5")) max_level = int(Prompt.ask("[cyan]Maximum test level (1-5)[/cyan]", default="5"))
max_risk = int(Prompt.ask("[cyan]Maximum test risk (1-3)[/cyan]", default="3")) max_risk = int(Prompt.ask("[cyan]Maximum test risk (1-3)[/cyan]", default="3"))
self.comprehensive_scan(url, max_level, max_risk) self.comprehensive_scan(url, max_level, max_risk, data=data)
def main(): def main():