sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-04 11:53:07 +03:00
Code Issues Packages Projects Releases Wiki Activity

cleaning up a bit for a configuration mess

Browse Source
This commit is contained in:
Miroslav Stampar 2011-06-16 11:42:13 +00:00
parent f515c9c9e0
commit 6f681b45ad
4 changed files with 100 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/core/common.py
View File

@ -91,7 +91,6 @@ from lib.core.settings import MIN_TIME_RESPONSES
from lib.core.settings import PAYLOAD_DELIMITER from lib.core.settings import PAYLOAD_DELIMITER
from lib.core.settings import REFLECTED_NON_ALPHA_NUM_REGEX from lib.core.settings import REFLECTED_NON_ALPHA_NUM_REGEX
from lib.core.settings import REFLECTED_VALUE_MARKER from lib.core.settings import REFLECTED_VALUE_MARKER
from lib.core.settings import TIME_DEFAULT_DELAY
from lib.core.settings import TIME_STDEV_COEFF from lib.core.settings import TIME_STDEV_COEFF
from lib.core.settings import DYNAMICITY_MARK_LENGTH from lib.core.settings import DYNAMICITY_MARK_LENGTH
from lib.core.settings import REFLECTIVE_MISS_THRESHOLD from lib.core.settings import REFLECTIVE_MISS_THRESHOLD

21
lib/core/option.py
View File

@ -58,6 +58,7 @@ from lib.core.data import paths
from lib.core.data import queries from lib.core.data import queries
from lib.core.datatype import advancedDict from lib.core.datatype import advancedDict
from lib.core.datatype import injectionDict from lib.core.datatype import injectionDict
from lib.core.defaults import defaults
from lib.core.enums import DBMS from lib.core.enums import DBMS
from lib.core.enums import HTTPHEADER from lib.core.enums import HTTPHEADER
from lib.core.enums import HTTPMETHOD from lib.core.enums import HTTPMETHOD
@ -99,7 +100,6 @@ from lib.core.settings import SYBASE_ALIASES
from lib.core.settings import BURP_SPLITTER from lib.core.settings import BURP_SPLITTER
from lib.core.settings import LOCALHOST from lib.core.settings import LOCALHOST
from lib.core.settings import MAX_NUMBER_OF_THREADS from lib.core.settings import MAX_NUMBER_OF_THREADS
from lib.core.settings import TIME_DEFAULT_DELAY
from lib.core.settings import TIME_DELAY_CANDIDATES from lib.core.settings import TIME_DELAY_CANDIDATES
from lib.core.settings import UNKNOWN_DBMS_VERSION from lib.core.settings import UNKNOWN_DBMS_VERSION
from lib.core.settings import WEBSCARAB_SPLITTER from lib.core.settings import WEBSCARAB_SPLITTER
@ -1287,10 +1287,9 @@ def __cleanupOptions():
debugMsg = "turning off --null-connection switch used indirectly by switch -o" debugMsg = "turning off --null-connection switch used indirectly by switch -o"
logger.debug(debugMsg) logger.debug(debugMsg)
# to distinguish explicit usage of --time-sec if conf.timeSec not in kb.explicitSettings:
if conf.timeSec is None:
if conf.tor: if conf.tor:
conf.timeSec = 2 * TIME_DEFAULT_DELAY conf.timeSec = 2 * conf.timeSec
kb.adjustTimeDelay = False kb.adjustTimeDelay = False
warnMsg = "increasing default value for " warnMsg = "increasing default value for "
@ -1298,7 +1297,6 @@ def __cleanupOptions():
warnMsg += "--tor switch was provided" warnMsg += "--tor switch was provided"
logger.warn(warnMsg) logger.warn(warnMsg)
else: else:
conf.timeSec = TIME_DEFAULT_DELAY
kb.adjustTimeDelay = True kb.adjustTimeDelay = True
else: else:
kb.adjustTimeDelay = False kb.adjustTimeDelay = False
@ -1374,6 +1372,7 @@ def __setKnowledgeBaseAttributes(flushAll=True):
kb.dynamicParameters = False kb.dynamicParameters = False
kb.endDetection = False kb.endDetection = False
kb.httpErrorCodes = {} kb.httpErrorCodes = {}
kb.explicitSettings = set()
kb.errorIsNone = True kb.errorIsNone = True
kb.formNames = [] kb.formNames = []
kb.headersCount = 0 kb.headersCount = 0
@ -1593,7 +1592,7 @@ def __setVerbosity():
def __mergeOptions(inputOptions, overrideOptions): def __mergeOptions(inputOptions, overrideOptions):
""" """
Merge command line options with configuration file options. Merge command line options with configuration file and default options.
@param inputOptions: optparse object with command line options. @param inputOptions: optparse object with command line options.
@type inputOptions: C{instance} @type inputOptions: C{instance}
@ -1608,7 +1607,15 @@ def __mergeOptions(inputOptions, overrideOptions):
inputOptionsItems = inputOptions.__dict__.items() inputOptionsItems = inputOptions.__dict__.items()
for key, value in inputOptionsItems: for key, value in inputOptionsItems:
if key not in conf or (not conf[key] and value) or overrideOptions: if key not in conf or value not in (None, False) or overrideOptions:
conf[key] = value
for key, value in conf.items():
if value:
kb.explicitSettings.add(key)
for key, value in defaults.items():
if not conf[key]:
conf[key] = value conf[key] = value
def __setTrafficOutputFP(): def __setTrafficOutputFP():

3
lib/core/settings.py
View File

@ -78,9 +78,6 @@ UNION_STDEV_COEFF = 7
# length of queue for candidates for time delay adjustment # length of queue for candidates for time delay adjustment
TIME_DELAY_CANDIDATES = 3 TIME_DELAY_CANDIDATES = 3
# default time delay in seconds
TIME_DEFAULT_DELAY = 5
# HTTP timeout in silent mode # HTTP timeout in silent mode
HTTP_SILENT_TIMEOUT = 3 HTTP_SILENT_TIMEOUT = 3

172
lib/parse/cmdline.py
View File

@ -17,8 +17,8 @@ from optparse import SUPPRESS_HELP
from lib.core.common import expandMnemonics from lib.core.common import expandMnemonics
from lib.core.common import getUnicode from lib.core.common import getUnicode
from lib.core.data import logger from lib.core.data import logger
from lib.core.defaults import defaults
from lib.core.settings import IS_WIN from lib.core.settings import IS_WIN
from lib.core.settings import TIME_DEFAULT_DELAY
from lib.core.settings import VERSION_STRING from lib.core.settings import VERSION_STRING
from lib.core.settings import UNICODE_ENCODING from lib.core.settings import UNICODE_ENCODING
@ -33,8 +33,8 @@ def cmdLineParser():
parser = OptionParser(usage=usage, version=VERSION_STRING) parser = OptionParser(usage=usage, version=VERSION_STRING)
try: try:
parser.add_option("-v", dest="verbose", type="int", default=1, parser.add_option("-v", dest="verbose", type="int",
help="Verbosity level: 0-6 (default 1)") help="Verbosity level: 0-6 (default %d)" % defaults.verbose)
# Target options # Target options
target = OptionGroup(parser, "Target", "At least one of these " target = OptionGroup(parser, "Target", "At least one of these "
@ -71,22 +71,22 @@ def cmdLineParser():
request.add_option("--cookie", dest="cookie", request.add_option("--cookie", dest="cookie",
help="HTTP Cookie header") help="HTTP Cookie header")
request.add_option("--cookie-del", dest="cDel", default=";", request.add_option("--cookie-del", dest="cDel",
help="Delimiter character used for splitting cookie values") help="Delimiter character used for splitting cookie values")
request.add_option("--cookie-urlencode", dest="cookieUrlencode", request.add_option("--cookie-urlencode", dest="cookieUrlencode",
action="store_true", default=False, action="store_true",
help="URL Encode generated cookie injections") help="URL Encode generated cookie injections")
request.add_option("--drop-set-cookie", dest="dropSetCookie", request.add_option("--drop-set-cookie", dest="dropSetCookie",
action="store_true", default=False, action="store_true",
help="Ignore Set-Cookie header from response") help="Ignore Set-Cookie header from response")
request.add_option("--user-agent", dest="agent", request.add_option("--user-agent", dest="agent",
help="HTTP User-Agent header") help="HTTP User-Agent header")
request.add_option("--random-agent", dest="randomAgent", request.add_option("--random-agent", dest="randomAgent",
action="store_true", default=False, action="store_true",
help="Use randomly selected HTTP User-Agent header") help="Use randomly selected HTTP User-Agent header")
request.add_option("--referer", dest="referer", request.add_option("--referer", dest="referer",
@ -115,18 +115,18 @@ def cmdLineParser():
"(name:password)") "(name:password)")
request.add_option("--ignore-proxy", dest="ignoreProxy", action="store_true", request.add_option("--ignore-proxy", dest="ignoreProxy", action="store_true",
default=False, help="Ignore system default HTTP proxy") help="Ignore system default HTTP proxy")
request.add_option("--delay", dest="delay", type="float", default=0, request.add_option("--delay", dest="delay", type="float",
help="Delay in seconds between each HTTP request") help="Delay in seconds between each HTTP request")
request.add_option("--timeout", dest="timeout", type="float", default=30, request.add_option("--timeout", dest="timeout", type="float",
help="Seconds to wait before timeout connection " help="Seconds to wait before timeout connection "
"(default 30)") "(default %d)" % defaults.timeout)
request.add_option("--retries", dest="retries", type="int", default=3, request.add_option("--retries", dest="retries", type="int",
help="Retries when the connection timeouts " help="Retries when the connection timeouts "
"(default 3)") "(default %d)" % defaults.retries)
request.add_option("--scope", dest="scope", request.add_option("--scope", dest="scope",
help="Regexp to filter targets from provided proxy log") help="Regexp to filter targets from provided proxy log")
@ -134,7 +134,7 @@ def cmdLineParser():
request.add_option("--safe-url", dest="safUrl", request.add_option("--safe-url", dest="safUrl",
help="Url address to visit frequently during testing") help="Url address to visit frequently during testing")
request.add_option("--safe-freq", dest="saFreq", type="int", default=0, request.add_option("--safe-freq", dest="saFreq", type="int",
help="Test requests between two visits to a given safe url") help="Test requests between two visits to a given safe url")
# Optimization options # Optimization options
@ -143,21 +143,21 @@ def cmdLineParser():
"performance of sqlmap.") "performance of sqlmap.")
optimization.add_option("-o", dest="optimize", optimization.add_option("-o", dest="optimize",
action="store_true", default=False, action="store_true",
help="Turn on all optimization switches") help="Turn on all optimization switches")
optimization.add_option("--predict-output", dest="predictOutput", action="store_true", optimization.add_option("--predict-output", dest="predictOutput", action="store_true",
default=False, help="Predict common queries output") help="Predict common queries output")
optimization.add_option("--keep-alive", dest="keepAlive", action="store_true", optimization.add_option("--keep-alive", dest="keepAlive", action="store_true",
default=False, help="Use persistent HTTP(s) connections") help="Use persistent HTTP(s) connections")
optimization.add_option("--null-connection", dest="nullConnection", action="store_true", optimization.add_option("--null-connection", dest="nullConnection", action="store_true",
default=False, help="Retrieve page length without actual HTTP response body") help="Retrieve page length without actual HTTP response body")
optimization.add_option("--threads", dest="threads", type="int", default=1, optimization.add_option("--threads", dest="threads", type="int",
help="Max number of concurrent HTTP(s) " help="Max number of concurrent HTTP(s) "
"requests (default 1)") "requests (default %d)" % defaults.threads)
# Injection options # Injection options
injection = OptionGroup(parser, "Injection", "These options can be " injection = OptionGroup(parser, "Injection", "These options can be "
@ -191,13 +191,13 @@ def cmdLineParser():
"HTTP responses when using blind SQL " "HTTP responses when using blind SQL "
"injection technique.") "injection technique.")
detection.add_option("--level", dest="level", default=1, type="int", detection.add_option("--level", dest="level", type="int",
help="Level of tests to perform (1-5, " help="Level of tests to perform (1-5, "
"default 1)") "default %d)" % defaults.level)
detection.add_option("--risk", dest="risk", default=1, type="int", detection.add_option("--risk", dest="risk", type="int",
help="Risk of tests to perform (0-3, " help="Risk of tests to perform (0-3, "
"default 1)") "default %d)" % defaults.level)
detection.add_option("--string", dest="string", detection.add_option("--string", dest="string",
help="String to match in page when the " help="String to match in page when the "
@ -208,11 +208,11 @@ def cmdLineParser():
"query is valid") "query is valid")
detection.add_option("--text-only", dest="textOnly", detection.add_option("--text-only", dest="textOnly",
action="store_true", default=False, action="store_true",
help="Compare pages based only on the textual content") help="Compare pages based only on the textual content")
detection.add_option("--titles", dest="titles", detection.add_option("--titles", dest="titles",
action="store_true", default=False, action="store_true",
help="Compare pages based only on their titles") help="Compare pages based only on their titles")
# Techniques options # Techniques options
@ -220,14 +220,14 @@ def cmdLineParser():
"used to tweak testing of specific SQL " "used to tweak testing of specific SQL "
"injection techniques.") "injection techniques.")
techniques.add_option("--technique", dest="tech", default="BEUST", techniques.add_option("--technique", dest="tech",
help="SQL injection techniques to test for " help="SQL injection techniques to test for "
"(default BEUST)") "(default %s)" % defaults.tech)
techniques.add_option("--time-sec", dest="timeSec", techniques.add_option("--time-sec", dest="timeSec",
type="int", default=None, type="int",
help="Seconds to delay the DBMS response " help="Seconds to delay the DBMS response "
"(default %s)" % TIME_DEFAULT_DELAY) "(default %s)" % defaults.timeSec)
techniques.add_option("--union-cols", dest="uCols", techniques.add_option("--union-cols", dest="uCols",
help="Range of columns to test for UNION query SQL injection") help="Range of columns to test for UNION query SQL injection")
@ -239,7 +239,7 @@ def cmdLineParser():
fingerprint = OptionGroup(parser, "Fingerprint") fingerprint = OptionGroup(parser, "Fingerprint")
fingerprint.add_option("-f", "--fingerprint", dest="extensiveFp", fingerprint.add_option("-f", "--fingerprint", dest="extensiveFp",
action="store_true", default=False, action="store_true",
help="Perform an extensive DBMS version fingerprint") help="Perform an extensive DBMS version fingerprint")
# Enumeration options # Enumeration options
@ -250,58 +250,58 @@ def cmdLineParser():
"you can run your own SQL statements.") "you can run your own SQL statements.")
enumeration.add_option("-b", "--banner", dest="getBanner", enumeration.add_option("-b", "--banner", dest="getBanner",
action="store_true", default=False, help="Retrieve DBMS banner") action="store_true", help="Retrieve DBMS banner")
enumeration.add_option("--current-user", dest="getCurrentUser", enumeration.add_option("--current-user", dest="getCurrentUser",
action="store_true", default=False, action="store_true",
help="Retrieve DBMS current user") help="Retrieve DBMS current user")
enumeration.add_option("--current-db", dest="getCurrentDb", enumeration.add_option("--current-db", dest="getCurrentDb",
action="store_true", default=False, action="store_true",
help="Retrieve DBMS current database") help="Retrieve DBMS current database")
enumeration.add_option("--is-dba", dest="isDba", enumeration.add_option("--is-dba", dest="isDba",
action="store_true", default=False, action="store_true",
help="Detect if the DBMS current user is DBA") help="Detect if the DBMS current user is DBA")
enumeration.add_option("--users", dest="getUsers", action="store_true", enumeration.add_option("--users", dest="getUsers", action="store_true",
default=False, help="Enumerate DBMS users") help="Enumerate DBMS users")
enumeration.add_option("--passwords", dest="getPasswordHashes", enumeration.add_option("--passwords", dest="getPasswordHashes",
action="store_true", default=False, action="store_true",
help="Enumerate DBMS users password hashes") help="Enumerate DBMS users password hashes")
enumeration.add_option("--privileges", dest="getPrivileges", enumeration.add_option("--privileges", dest="getPrivileges",
action="store_true", default=False, action="store_true",
help="Enumerate DBMS users privileges") help="Enumerate DBMS users privileges")
enumeration.add_option("--roles", dest="getRoles", enumeration.add_option("--roles", dest="getRoles",
action="store_true", default=False, action="store_true",
help="Enumerate DBMS users roles") help="Enumerate DBMS users roles")
enumeration.add_option("--dbs", dest="getDbs", action="store_true", enumeration.add_option("--dbs", dest="getDbs", action="store_true",
default=False, help="Enumerate DBMS databases") help="Enumerate DBMS databases")
enumeration.add_option("--tables", dest="getTables", action="store_true", enumeration.add_option("--tables", dest="getTables", action="store_true",
default=False, help="Enumerate DBMS database tables") help="Enumerate DBMS database tables")
enumeration.add_option("--columns", dest="getColumns", action="store_true", enumeration.add_option("--columns", dest="getColumns", action="store_true",
default=False, help="Enumerate DBMS database table columns") help="Enumerate DBMS database table columns")
enumeration.add_option("--schema", dest="getSchema", action="store_true", enumeration.add_option("--schema", dest="getSchema", action="store_true",
default=False, help="Enumerate DBMS schema") help="Enumerate DBMS schema")
enumeration.add_option("--count", dest="getCount", action="store_true", enumeration.add_option("--count", dest="getCount", action="store_true",
default=False, help="Retrieve number of entries for table(s)") help="Retrieve number of entries for table(s)")
enumeration.add_option("--dump", dest="dumpTable", action="store_true", enumeration.add_option("--dump", dest="dumpTable", action="store_true",
default=False, help="Dump DBMS database table entries") help="Dump DBMS database table entries")
enumeration.add_option("--dump-all", dest="dumpAll", action="store_true", enumeration.add_option("--dump-all", dest="dumpAll", action="store_true",
default=False, help="Dump all DBMS databases tables entries") help="Dump all DBMS databases tables entries")
enumeration.add_option("--search", dest="search", action="store_true", enumeration.add_option("--search", dest="search", action="store_true",
default=False, help="Search column(s), table(s) and/or database name(s)") help="Search column(s), table(s) and/or database name(s)")
enumeration.add_option("-D", dest="db", enumeration.add_option("-D", dest="db",
help="DBMS database to enumerate") help="DBMS database to enumerate")
@ -316,7 +316,7 @@ def cmdLineParser():
help="DBMS user to enumerate") help="DBMS user to enumerate")
enumeration.add_option("--exclude-sysdbs", dest="excludeSysDbs", enumeration.add_option("--exclude-sysdbs", dest="excludeSysDbs",
action="store_true", default=False, action="store_true",
help="Exclude DBMS system databases when " help="Exclude DBMS system databases when "
"enumerating tables") "enumerating tables")
@ -336,7 +336,7 @@ def cmdLineParser():
help="SQL statement to be executed") help="SQL statement to be executed")
enumeration.add_option("--sql-shell", dest="sqlShell", enumeration.add_option("--sql-shell", dest="sqlShell",
action="store_true", default=False, action="store_true",
help="Prompt for an interactive SQL shell") help="Prompt for an interactive SQL shell")
# User-defined function options # User-defined function options
@ -345,10 +345,10 @@ def cmdLineParser():
"checks.") "checks.")
brute.add_option("--common-tables", dest="commonTables", action="store_true", brute.add_option("--common-tables", dest="commonTables", action="store_true",
default=False, help="Check existence of common tables") help="Check existence of common tables")
brute.add_option("--common-columns", dest="commonColumns", action="store_true", brute.add_option("--common-columns", dest="commonColumns", action="store_true",
default=False, help="Check existence of common columns") help="Check existence of common columns")
# User-defined function options # User-defined function options
udf = OptionGroup(parser, "User-defined function injection", "These " udf = OptionGroup(parser, "User-defined function injection", "These "
@ -356,7 +356,7 @@ def cmdLineParser():
"functions.") "functions.")
udf.add_option("--udf-inject", dest="udfInject", action="store_true", udf.add_option("--udf-inject", dest="udfInject", action="store_true",
default=False, help="Inject custom user-defined functions") help="Inject custom user-defined functions")
udf.add_option("--shared-lib", dest="shLib", udf.add_option("--shared-lib", dest="shLib",
help="Local path of the shared library") help="Local path of the shared library")
@ -388,27 +388,27 @@ def cmdLineParser():
help="Execute an operating system command") help="Execute an operating system command")
takeover.add_option("--os-shell", dest="osShell", takeover.add_option("--os-shell", dest="osShell",
action="store_true", default=False, action="store_true",
help="Prompt for an interactive operating " help="Prompt for an interactive operating "
"system shell") "system shell")
takeover.add_option("--os-pwn", dest="osPwn", takeover.add_option("--os-pwn", dest="osPwn",
action="store_true", default=False, action="store_true",
help="Prompt for an out-of-band shell, " help="Prompt for an out-of-band shell, "
"meterpreter or VNC") "meterpreter or VNC")
takeover.add_option("--os-smbrelay", dest="osSmb", takeover.add_option("--os-smbrelay", dest="osSmb",
action="store_true", default=False, action="store_true",
help="One click prompt for an OOB shell, " help="One click prompt for an OOB shell, "
"meterpreter or VNC") "meterpreter or VNC")
takeover.add_option("--os-bof", dest="osBof", takeover.add_option("--os-bof", dest="osBof",
action="store_true", default=False, action="store_true",
help="Stored procedure buffer overflow " help="Stored procedure buffer overflow "
"exploitation") "exploitation")
takeover.add_option("--priv-esc", dest="privEsc", takeover.add_option("--priv-esc", dest="privEsc",
action="store_true", default=False, action="store_true",
help="Database process' user privilege escalation") help="Database process' user privilege escalation")
takeover.add_option("--msf-path", dest="msfPath", takeover.add_option("--msf-path", dest="msfPath",
@ -426,15 +426,15 @@ def cmdLineParser():
"registry.") "registry.")
windows.add_option("--reg-read", dest="regRead", windows.add_option("--reg-read", dest="regRead",
action="store_true", default=False, action="store_true",
help="Read a Windows registry key value") help="Read a Windows registry key value")
windows.add_option("--reg-add", dest="regAdd", windows.add_option("--reg-add", dest="regAdd",
action="store_true", default=False, action="store_true",
help="Write a Windows registry key value data") help="Write a Windows registry key value data")
windows.add_option("--reg-del", dest="regDel", windows.add_option("--reg-del", dest="regDel",
action="store_true", default=False, action="store_true",
help="Delete a Windows registry key value") help="Delete a Windows registry key value")
windows.add_option("--reg-key", dest="regKey", windows.add_option("--reg-key", dest="regKey",
@ -465,31 +465,31 @@ def cmdLineParser():
"textual file") "textual file")
general.add_option("--batch", dest="batch", general.add_option("--batch", dest="batch",
action="store_true", default=False, action="store_true",
help="Never ask for user input, use the default behaviour") help="Never ask for user input, use the default behaviour")
general.add_option("--charset", dest="charset", general.add_option("--charset", dest="charset",
help="Force character encoding used for data retrieval") help="Force character encoding used for data retrieval")
general.add_option("--eta", dest="eta", general.add_option("--eta", dest="eta",
action="store_true", default=False, action="store_true",
help="Display for each output the " help="Display for each output the "
"estimated time of arrival") "estimated time of arrival")
general.add_option("--flush-session", dest="flushSession", general.add_option("--flush-session", dest="flushSession",
action="store_true", default=False, action="store_true",
help="Flush session file for current target") help="Flush session file for current target")
general.add_option("--fresh-queries", dest="freshQueries", general.add_option("--fresh-queries", dest="freshQueries",
action="store_true", default=False, action="store_true",
help="Ignores query results stored in session file") help="Ignores query results stored in session file")
general.add_option("--save", dest="saveCmdline", general.add_option("--save", dest="saveCmdline",
action="store_true", default=False, action="store_true",
help="Save options on a configuration INI file") help="Save options on a configuration INI file")
general.add_option("--update", dest="updateAll", general.add_option("--update", dest="updateAll",
action="store_true", default=False, action="store_true",
help="Update sqlmap") help="Update sqlmap")
# Miscellaneous options # Miscellaneous options
@ -499,77 +499,77 @@ def cmdLineParser():
help="Use mnemonics for shorter parameter setup") help="Use mnemonics for shorter parameter setup")
miscellaneous.add_option("--beep", dest="beep", miscellaneous.add_option("--beep", dest="beep",
action="store_true", default=False, action="store_true",
help="Alert when sql injection found") help="Alert when sql injection found")
miscellaneous.add_option("--check-payload", dest="checkPayload", miscellaneous.add_option("--check-payload", dest="checkPayload",
action="store_true", default=False, action="store_true",
help="IDS detection testing of injection payloads") help="IDS detection testing of injection payloads")
miscellaneous.add_option("--cleanup", dest="cleanup", miscellaneous.add_option("--cleanup", dest="cleanup",
action="store_true", default=False, action="store_true",
help="Clean up the DBMS by sqlmap specific " help="Clean up the DBMS by sqlmap specific "
"UDF and tables") "UDF and tables")
miscellaneous.add_option("--forms", dest="forms", miscellaneous.add_option("--forms", dest="forms",
action="store_true", default=False, action="store_true",
help="Parse and test forms on target url") help="Parse and test forms on target url")
miscellaneous.add_option("--gpage", dest="googlePage", default=1, type="int", miscellaneous.add_option("--gpage", dest="googlePage", type="int",
help="Use Google dork results from specified page number") help="Use Google dork results from specified page number")
miscellaneous.add_option("--mobile", dest="mobile", miscellaneous.add_option("--mobile", dest="mobile",
action="store_true", default=False, action="store_true",
help="Imitate smartphone through HTTP User-Agent header") help="Imitate smartphone through HTTP User-Agent header")
miscellaneous.add_option("--page-rank", dest="pageRank", miscellaneous.add_option("--page-rank", dest="pageRank",
action="store_true", default=False, action="store_true",
help="Display page rank (PR) for Google dork results") help="Display page rank (PR) for Google dork results")
miscellaneous.add_option("--parse-errors", dest="parseErrors", miscellaneous.add_option("--parse-errors", dest="parseErrors",
action="store_true", default=False, action="store_true",
help="Parse and display DBMS error messages from responses") help="Parse and display DBMS error messages from responses")
miscellaneous.add_option("--replicate", dest="replicate", miscellaneous.add_option("--replicate", dest="replicate",
action="store_true", default=False, action="store_true",
help="Replicate dumped data into a sqlite3 database") help="Replicate dumped data into a sqlite3 database")
miscellaneous.add_option("--tor", dest="tor", miscellaneous.add_option("--tor", dest="tor",
action="store_true", default=False, action="store_true",
help="Use default Tor (Vidalia/Privoxy/Polipo) proxy address") help="Use default Tor (Vidalia/Privoxy/Polipo) proxy address")
miscellaneous.add_option("--wizard", dest="wizard", miscellaneous.add_option("--wizard", dest="wizard",
action="store_true", default=False, action="store_true",
help="Simple wizard interface for beginner users") help="Simple wizard interface for beginner users")
miscellaneous.add_option("--dependencies", dest="dependencies", miscellaneous.add_option("--dependencies", dest="dependencies",
action="store_true", default=False, action="store_true",
help="Check for missing sqlmap dependencies") help="Check for missing sqlmap dependencies")
# Hidden and/or experimental options # Hidden and/or experimental options
parser.add_option("--profile", dest="profile", action="store_true", parser.add_option("--profile", dest="profile", action="store_true",
default=False, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--cpu-throttle", dest="cpuThrottle", type="int", default=10, parser.add_option("--cpu-throttle", dest="cpuThrottle", type="int",
help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--smoke-test", dest="smokeTest", action="store_true", parser.add_option("--smoke-test", dest="smokeTest", action="store_true",
default=False, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--live-test", dest="liveTest", action="store_true", parser.add_option("--live-test", dest="liveTest", action="store_true",
default=False, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--real-test", dest="realTest", action="store_true", parser.add_option("--real-test", dest="realTest", action="store_true",
default=False, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--run-case", dest="runCase", type="int", parser.add_option("--run-case", dest="runCase", type="int",
default=None, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--group-concat", dest="groupConcat", action="store_true", parser.add_option("--group-concat", dest="groupConcat", action="store_true",
default=False, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option("--no-cast", dest="noCast", action="store_true", parser.add_option("--no-cast", dest="noCast", action="store_true",
default=False, help=SUPPRESS_HELP) help=SUPPRESS_HELP)
parser.add_option_group(target) parser.add_option_group(target)
parser.add_option_group(request) parser.add_option_group(request)