some syntax corrections

2024-11-22 17:46:37 +03:00 · 2010-02-08 09:10:32 +00:00 · 2010-02-08 09:10:32 +00:00 · 4e6af8d6c9
commit 4e6af8d6c9
parent 5c92fad5dc
1 changed files with 106 additions and 106 deletions
--- a/doc/README.sgml
+++ b/doc/README.sgml
@ -1081,7 +1081,7 @@ Option: <tt>--referer</tt>
 <p>
 It is possible to fake the HTTP <tt>Referer</tt> header value with this
-option. By default no HTTP <tt>Referer</tt> heder is sent in HTTP
+option. By default no HTTP <tt>Referer</tt> header is sent in HTTP
 requests.
 <p>
@ -1204,7 +1204,7 @@ Option: <tt>--headers</tt>
 <p>
 It is possible to provide extra HTTP headers by providing <tt>--headers</tt>
-options. Each header must be separated by a "\n" string and it's much easier
+options. Each header must be separated by a newline and it's much easier
 to provide them from the configuration INI file. Have a look at the sample
 <tt>sqlmap.conf</tt> file.
@ -1483,8 +1483,8 @@ Option: <tt>--dbms</tt>
 <p>
 By default sqlmap automatically detects the web application's back-end
-database manangement system.
+database management system.
-At the moment the fully supported database management system are four:
+At the moment, fully supported database management systems are:
 <itemize>
 <item>MySQL
@ -1497,9 +1497,9 @@ At the moment the fully supported database management system are four:
 It is possible to force the DBMS name if you already know it so that sqlmap
 will skip the fingerprint with an exception for MySQL and Microsoft SQL
 Server to only identify the version.
-To avoid also this check you can provide instead <tt>MySQL VERSION</tt> or
+To avoid also this check you can provide instead <tt>MySQL &lt;version&gt;</tt> or
-<tt>Microsoft SQL Server VERSION</tt> where version is a valid version for
+<tt>Microsoft SQL Server &lt;version&gt;</tt>, where &lt;version&gt; is a valid version for
-the DBMS, for instance <tt>5.0</tt> for MySQL and <tt>2005</tt> for
+the DBMS; for instance <tt>5.0</tt> for MySQL and <tt>2005</tt> for
 Microsoft SQL Server.
 Example on a <bf>PostgreSQL 8.3.5</bf> target:
@ -1535,7 +1535,7 @@ Option: <tt>--os</tt>
 <p>
 By default sqlmap automatically detects the web application's back-end
-database manangement system underlying operating system when requested by
+database management system underlying operating system when requested by
 any other functionality.
 At the moment the fully supported operating systems are two:
@ -1797,8 +1797,8 @@ As you can see, when one of these options is specified, sqlmap skips the
 URL stability test.
 <p>
-<bf>Consider one of these options a must when you are dealing with a page
+<bf>Consider one of these options a MUST when dealing with a page
-which content that changes itself at each refresh without modifying the
+with content that changes itself at each refresh without modifying the
 user's input</bf>.
@ -1808,7 +1808,7 @@ user's input</bf>.
 Options: <tt>--excl-str</tt> and <tt>--excl-reg</tt>
 <p>
-Another way to get around the dynamicity issue above explained is to exclude
+Another way to get around the dynamicity issue explained above is to exclude
 the dynamic part from the page content before processing it.
 <p>
@ -1979,8 +1979,8 @@ time based blind sql injection payload:    'name=luther'; WAITFOR DELAY '0:0:5';
 <p>
 It is also possible to set the seconds to delay the response by providing
-the <tt>--time-sec</tt> option followed by an integer. By default it delays
+the <tt>--time-sec</tt> option followed by an integer. By default delay
-five seconds.
+is set to five seconds.
 <sect2>Test for UNION query SQL injection
@ -2215,12 +2215,12 @@ available databases [4]:
 <p>
 As you can see, sqlmap identified that the parameter is affected by a
-partial inband SQL injection, consequently counted the number of query
+partial inband SQL injection. Consequently, it counted the number of query
-output entries and retrieved once per time by forcing the parameter
+output entries and retrieved them once per time. It forces the parameter
 (<tt>id</tt>) value <tt>1</tt> to its negative value <tt>-1</tt> so that
-it does not returns, presumibly, any output leaving our own <tt>UNION ALL
+it does not return, presumibly, any output. That leaves our own <tt>UNION ALL
-SELECT</tt> statement to produce one entry at a time and display it in the
+SELECT</tt> statement to produce one entry at a time and display only it in 
-page content.
+the page content.
 <sect1>Fingerprint
@ -2345,7 +2345,7 @@ back-end DBMS: active fingerprint: PostgreSQL >= 8.3.0
 </verb></tscreen>
 <p>
-As you can see from this last example, sqlmap first tested for MySQL,
+As you can see from the last example, sqlmap first tested for MySQL,
 then for Oracle, then for PostgreSQL since the user did not forced the
 back-end database management system name with option <tt>--dbms</tt>.
@ -2424,7 +2424,7 @@ back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2
 </verb></tscreen>
 <p>
-As you can see, sqlmap was able to fingerprint also the back-end DBMS
+As you can see, sqlmap was also able to fingerprint the back-end DBMS
 operating system by parsing the DBMS banner value.
 <p>
@ -2501,12 +2501,12 @@ name="SQLSecurity.com site"> and outputs it to the XML versions file.
 Option: <tt>-b</tt> or <tt>--banner</tt>
 <p>
-Most of the modern database management systems have a function or an
+Most of the modern database management systems have a function and/or 
-environment variable which returns details on the database managemet
+an environment variable which returns details on the database management
-system version. Sometimes also the operating system where the daemon has
+system version. Also, sometimes it returns the operating system version 
-been compiled on, the operating system architecture, its service pack.
+where the daemon has been compiled on, the operating system architecture, 
-Usually this function is <tt>version()</tt> or the <tt>@@version</tt>
+and its service pack. Usually the function is <tt>version()</tt> and the 
-environment variable.
+environment variable <tt>@@version</tt>.
 <p>
 Example on a <bf>MySQL 5.0.67</bf> target:
@ -2611,7 +2611,7 @@ current database:    'master'
 Option: <tt>--is-dba</tt>
 <p>
-It is possible to detect if the  database management system session user is
+It is possible to detect if the current database management system session user is
 a database administrator.
 <p>
@ -2849,8 +2849,8 @@ database management system users privileges:
 <p>
 As you can see, depending on the user privileges, sqlmap identifies if the
-user is a database management system administrator and show next to the
+user is a database management system administrator and shows this information
-username this information.
+next to the username.
 <p>
 If you provide <tt>CU</tt> as username it will consider it as an alias for
@ -2941,7 +2941,7 @@ Options: <tt>--tables</tt> and <tt>-D</tt>
 <p>
 It is possible to enumerate the list of tables for all database
-manangement system's databases.
+management system's databases.
 <p>
 Example on a <bf>MySQL 5.0.67</bf> target:
@ -3041,9 +3041,9 @@ Database: USERS
 <p>
 Note that on Oracle you have to provide the <tt>TABLESPACE_NAME</tt>
-instead of the database name, in my example that is <tt>users</tt> to
+instead of the database name. In provided example <tt>users</tt> was
-retrieve all tables owned by an Oracle database management system
+used to retrieve all tables owned by an Oracle database management 
-user.
+system user.
 <sect2>Database table columns
@ -3054,7 +3054,7 @@ Options: <tt>--columns</tt>, <tt>-T</tt> and <tt>-D</tt>
 <p>
 It is possible to enumerate the list of columns for a specific database
 table.
-This functionality depends on the <tt>-T</tt> to specify the table name
+This functionality depends on the option <tt>-T</tt> to specify the table name
 and optionally on <tt>-D</tt> to specify the database name.
 <p>
@ -3128,8 +3128,8 @@ Table: users
 <p>
 Note that on PostgreSQL you have to provide <tt>public</tt> or the
-name of a system database because it is not possible to enumerate other
+name of a system database. That's because it is not possible to enumerate 
-databases tables, only the tables under the schema that the web
+other databases tables, only the tables under the schema that the web
 application's user is connected to, which is always <tt>public</tt>.
 <p>
@ -3180,7 +3180,7 @@ Options: <tt>--dump</tt>, <tt>-C</tt>, <tt>-T</tt>, <tt>-D</tt>,
 <p>
 It is possible to dump the entries for a specific database table.
-This functionality depends on the <tt>-T</tt> to specify the table name
+This functionality depends on the option <tt>-T</tt> to specify the table name
 and optionally on <tt>-D</tt> to specify the database name.
 If the database name is not specified, the current database name is used.
@ -3249,7 +3249,7 @@ Table: users
 <p>
 sqlmap also stores for each table the dumped entries in a CSV format file.
-You can see the absolute path where it stored the dumped tables entries
+You can see the absolute path where sqlmap stores the dumped tables entries
 by providing a verbosity level greater than or equal to 1.
 <p>
@ -3315,7 +3315,7 @@ Table: users
 </verb></tscreen>
 <p>
-As you can see, sqlmap is very flexible: you can leave it automatically
+As you can see, sqlmap is very flexible. You can leave it to automatically
 enumerate the whole database table up to a single column of a specific
 table entry.
@ -3395,7 +3395,7 @@ Table: CHARACTER_SETS
 <p>
 You can also provide the <tt>--exclude-sysdbs</tt> option to exclude all
-system databases so that sqlmap will only dump entries of users' databases
+system databases. In that case sqlmap will only dump entries of users' databases
 tables.
 <p>
@ -3455,13 +3455,13 @@ Options: <tt>--sql-query</tt> and <tt>--sql-shell</tt>
 <p>
 The SQL query and the SQL shell features makes the user able to run
 custom SQL statement on the web application's back-end database management.
-sqlmap automatically recognize the type of SQL statement provided and
+sqlmap recognizes the type of SQL statement provided and automatically
-choose which SQL injection technique to use to execute it: if it is a
+chooses which SQL injection technique to use for it to be able to execute it.
-<tt>SELECT</tt> statement it will retrieve its output through the blind SQL
+If it is a <tt>SELECT</tt> statement it will retrieve its output through 
-injection or UNION query SQL injection technique depending on the user's
+the blind SQL injection or UNION query SQL injection technique depending
-options, otherwise it will execute the query through the stacked query
+on the user's options. Otherwise it will execute the query through the 
-SQL injection technique if the web application supports multiple
+stacked query SQL injection technique if the web application supports 
-statements on the back-end database management system.
+multiple statements on the back-end database management system.
 <p>
 Examples on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
@ -3497,10 +3497,10 @@ SELECT 'foo', 'bar':    'foo, bar'
 </verb></tscreen>
 <p>
-As you can see from this last example, sqlmap splits the query in two
+As you can see from the last example, sqlmap splits provided query into two
-different <tt>SELECT</tt> statement to be able to retrieve the output even
+different <tt>SELECT</tt> statements for it to be able to retrieve the 
-when using the blind SQL injection technique.
+output even in case when using the blind SQL injection technique.
-Otherwise in UNION query SQL injection technique it only performs a single
+Otherwise, in UNION query SQL injection technique it only performs a single
 HTTP request to get the user's query output:
 <tscreen><verb>
@ -3527,11 +3527,11 @@ SELECT 'foo', 'bar' [1]:
 <p>
 If your <tt>SELECT</tt> statement contains a <tt>FROM</tt> clause, sqlmap
-asks the user if such statement can return multiple entries and in such
+asks the user if such statement can return multiple entries. In that
 case the tool knows how to unpack the query correctly to retrieve its
-whole output entry per entry when going through blind SQL injection
+whole output, entry per entry, when going through blind SQL injection
-technique. Through UNION query SQL injection it retrieved the whole output
+technique. In provided example, UNION query SQL injection it retrieved 
-in a single response.
+the whole output in a single response.
 <p>
 Example on a <bf>PostgreSQL 8.3.5</bf> target:
@ -3553,13 +3553,13 @@ SELECT usename FROM pg_user [2]:
 </verb></tscreen>
 <p>
-As you can see from the last example, sqlmap counted the number of entries
+As you can see from the last example, sqlmap counts the number of entries
-for your query and asks how many entries you want to dump.
+for a given query and asks for number of entries to dump.
-Otherwise if you specify also the <tt>LIMIT</tt>, or similar, clause
+Otherwise, if the <tt>LIMIT</tt> is also specified, or similar clause,
-sqlmap will not ask anything, it just unpacks the query and return its
+sqlmap will not ask for anything. It will just unpack the query and return its
-output entry per entry when going through blind SQL injection technique.
+output, entry per entry, when going through blind SQL injection technique.
-Through UNION query SQL injection it retrieved the whole output in a
+In a given example, sqlmap used UNION query SQL injection to retrieve the 
-single response.
+whole output in a single response.
 <p>
 Example on a <bf>MySQL 5.0.67</bf> target:
@ -3606,10 +3606,10 @@ SELECT host, password FROM mysql.user LIMIT 1, 3 [3]:
 </verb></tscreen>
 <p>
-The SQL shell option gives you access to run your own SQL statement
+The SQL shell option gives you an access to run your own SQL statement
-interactively, like a SQL console logged to the back-end database
+interactively, like a SQL console connected to the back-end database
 management system.
-This feature has TAB completion and history support.
+Note that this feature provides TAB completion and history support.
 <p>
 Example of history support on a <bf>PostgreSQL 8.3.5</bf> target:
@ -3682,7 +3682,7 @@ sql> SELECT
 <p>
 As you can see the TAB functionality shows the queries defined for the
 back-end database management system in sqlmap XML queries file, but you
-can run whatever <tt>SELECT</tt> statement that you want.
+can run whatever <tt>SELECT</tt> statement you want.
 <p>
 Example of asterisk expansion on a <bf>MySQL 5.0.67</bf> target:
@ -3776,9 +3776,9 @@ SELECT * FROM test.users [3]:
 </verb></tscreen>
 <p>
-As you can see in this last example, if the <tt>SELECT</tt> statement has
+As you can see from the example, if the <tt>SELECT</tt> statement has
-an asterisk instead of the column(s) name, sqlmap first retrieves the
+an asterisk instead of the column(s) name, sqlmap first retrieves all
-column names of the table then asks if the query can return multiple
+column names of the current table, asks if the query can return multiple
 entries and goes on.
 <p>
@ -3818,10 +3818,10 @@ SELECT COUNT(name) FROM users:    '5'
 </verb></tscreen>
 <p>
-As you can see from this last example, when the user provides a SQL
+As you can see from the example, when the user provides a SQL statement 
-statement other than <tt>SELECT</tt>, sqlmap recognizes it, tests if the
+other than <tt>SELECT</tt>, sqlmap recognizes it, tests if the web 
-web application supports stacked queries and in case it does, it executes
+application supports stacked queries and in case it does, it executes
-the provided SQL statement in a multiple statement.
+the provided SQL statement in a multiple statement mode.
 <p>
 Beware that some web application technologies do not support stacked
@ -3840,14 +3840,14 @@ Option: <tt>--read-file</tt>
 <p>
 It is possible to retrieve the content of files from the underlying file
 system when the back-end database management system is either MySQL,
-PostgreSQL or Microsoft SQL Server and the session user has the needed
+PostgreSQL or Microsoft SQL Server, and the session user has the needed
 privileges to abuse database specific functionalities and architectural
 weaknesses.
-The file specified can be either a text or a binary file, sqlmap will
+The file specified can be either a text or a binary file. sqlmap will
 handle either cases automatically.
 <p>
-These techniques are detailed on the white paper
+These techniques are detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -3963,13 +3963,13 @@ Options: <tt>--write-file</tt> and <tt>--dest-file</tt>
 <p>
 It is possible to upload a local file to the underlying file system when
 the back-end database management system is either MySQL, PostgreSQL or
-Microsoft SQL Server and the session user has the needed privileges to
+Microsoft SQL Server, and the session user has the needed privileges to
 abuse database specific functionalities and architectural weaknesses.
-The file specified can be either a text or a binary file, sqlmap will
+The file specified can be either a text or a binary file. sqlmap will
 handle either cases automatically.
 <p>
-These techniques are detailed on the white paper
+These techniques are detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -4017,7 +4017,7 @@ Options: <tt>--os-cmd</tt> and <tt>--os-shell</tt>
 <p>
 It is possible to execute arbitrary commands on the underlying operating
 system when the back-end database management system is either MySQL,
-PostgreSQL or Microsoft SQL Server and the session user has the needed
+PostgreSQL or Microsoft SQL Server, and the session user has the needed
 privileges to abuse database specific functionalities and architectural
 weaknesses.
@ -4035,11 +4035,11 @@ sqlmap creates it from scratch.
 <p>
 If the user wants to retrieve the command standard output, sqlmap will use
 one of the enumeration SQL injection techniques (blind or inband) to
-retrieve it, viceversa sqlmap will use the stacked query SQL injection
+retrieve it, or in case of stacked query SQL injection technique 
-technique to execute the command without returning anything to the user.
+sqlmap will execute the command without returning anything to the user.
 <p>
-These techniques are detailed on the white paper
+These techniques are detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -4120,7 +4120,7 @@ nt authority\network service
 <p>
 It is also possible to simulate a real shell where you can type as many
 arbitrary commands as you wish. The option is <tt>--os-shell</tt> and has
-the same TAB completion and history functionalities implemented for
+the same TAB completion and history functionalities as provided by
 <tt>--sql-shell</tt>.
 <p>
@ -4355,7 +4355,7 @@ exploited SQL injection as a stepping stone. This is implemented for MySQL,
 PostgreSQL and Microsoft SQL Server.
 sqlmap relies on the <htmlurl url="http://metasploit.com/framework"
 name="Metasploit"> to perform this attack, so you need to have it already
-on your system: it's free and can be downloaded from the homepage. It is
+on your system - it's free and can be downloaded from the homepage. It is
 required to use Metasploit Framework version 3.3.3 or above.
 <p>
@ -4364,7 +4364,7 @@ because Metasploit's msfconsole and msfcli are not supported on the native
 Windows Ruby interpreter.
 <p>
-These techniques are detailed on the white paper
+These techniques are detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -4488,10 +4488,10 @@ stand-alone exploit if the user wants so.
 <p>
 Note that this feature is not supported by sqlmap installed from the
 DEB package because it relies on Churrasco, which is not explicitly free
-software so it has not been included in the package.
+software, so it has not been included in the package.
 <p>
-This technique is detailed on the white paper
+This technique is detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -4611,19 +4611,19 @@ stateful channel</bf> between the attacker host and the target database
 server.
 sqlmap relies on <htmlurl url="http://metasploit.com/framework"
 name="Metasploit">'s SMB relay exploit to perform this attack, so you need
-to have it already on your system: it's free and can be downloaded from the
+to have it already on your system - it's free and can be downloaded from the
 homepage.
 You need to run sqlmap as <bf>root</bf> user if you want to perform a SMB
 relay attack because it will need to listen on a user-specified SMB TCP
 port for incoming connection attempts.
 <p>
-Note that this feature is not supported by sqlmap running on Windows
+Note that this feature is not supported by sqlmap running on Windows platform
 because Metasploit's msfconsole and msfcli are not supported on the native
 Windows Ruby interpreter.
 <p>
-This technique is detailed on the white paper
+This technique is detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -4768,15 +4768,15 @@ target database server.
 sqlmap has its own exploit to trigger the vulnerability, but it relies on
 <htmlurl url="http://metasploit.com/framework" name="Metasploit"> to
 generate the shellcode used within the exploit, so you need to have it
-already on your system: it's free and can be downloaded from the homepage.
+already on your system - it's free and can be downloaded from the homepage.
 <p>
-Note that this feature is not supported by sqlmap running on Windows
+Note that this feature is not supported by sqlmap running on Windows platform
 because Metasploit's msfconsole and msfcli are not supported on the native
 Windows Ruby interpreter.
 <p>
-This technique is detailed on the white paper
+This technique is detailed in white paper
 <htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf" name="Advanced SQL injection to operating system full control">.
 <p>
@ -4940,7 +4940,7 @@ database management system users [3]:
 <p>
 As you can see, sqlmap first calculates the length of the query output,
-then estimated the time of arrival, shows the progress in percentage and
+then estimates the time of arrival, shows the progress in percentage and
 counts the number of retrieved query output characters.
@ -4952,7 +4952,7 @@ Option: <tt>--update</tt>
 <p>
 It is possible to update sqlmap to the latest stable version available on
-its <htmlurl url="http://sourceforge.net/projects/sqlmap/files/"
+project's <htmlurl url="http://sourceforge.net/projects/sqlmap/files/"
 name="SourceForge File List page"> by running it with the
 <tt>--update</tt> option.
@ -5011,16 +5011,16 @@ Set-Cookie: language=en-US; path=/; HttpOnly
 </verb></tscreen>
 <p>
-As you can see, sqlmap first check if a new stable version is available,
+As you can see, sqlmap first checks if a new stable version is available,
-then in case it is, download it, unzip it and update the Microsoft SQL
+and then in case it is, downloads it, unzips it and updates the Microsoft SQL
 Server XML versions file from Chip Andrews'
 <htmlurl url="http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx"
 name="SQLSecurity.com site">.
 <p>
 Note that the default configuration file <tt>sqlmap.conf</tt> is backupped
-to <tt>sqlmap.conf.bak</tt> in case a new stable version is available and
+to <tt>sqlmap.conf.bak</tt> each time a new stable version is available and
-your copy is updated.
+your copy is outdated.
 <sect2>Save and resume all data retrieved on a session file
@ -5029,7 +5029,7 @@ your copy is updated.
 Option: <tt>-s</tt>
 <p>
-It is possible to log all queries and their output on a text file while
+It is possible to log all queries and their output into a text file while
 performing whatever request, both in blind SQL injection and in inband SQL
 injection.
 This is useful if you stop the injection and resume it after some time.
@ -5258,9 +5258,9 @@ banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real
 Option: <tt>--batch</tt>
 <p>
-If you want sqlmap to run as a batch tool, without interacting with you in
+If you want sqlmap to run as a batch tool, without any users interaction 
-case of a choice has to be done, you can force it by using <tt>--batch</tt>
+when a choice has to be done, you can force it by using <tt>--batch</tt>
-option than letting sqlmap go for a default behaviour.
+option, and leave sqlmap to go for a default behaviour.
 <p>
 Example on a <bf>MySQL 5.0.67</bf> target:
@ -5297,8 +5297,8 @@ back-end DBMS:	MySQL >= 5.0.0
 </verb></tscreen>
 <p>
-As you can see, sqlmap choosed automatically to injection on the first
+As you can see, sqlmap by default automatically chooses to inject payload 
-vulnerable parameter which is the default behaviour.
+to the first vulnerable parameter.
 <sect2>Clean up the DBMS by sqlmap specific UDF and tables