update

doc/README.sgml

@@ -1578,7 +1578,16 @@ connection timeouts. By default it retries up to three times.
 
 <p>
 Option: <tt>-</tt><tt>-scope</tt>
-#TODO
+
+<p>
+Rather than using all hosts parsed from provided logs with option 
+<tt>-l</tt>, in combination with this option you can specify valid 
+python regular expression to be used for filtering desired ones.
+
+Example usage:
+
+<tscreen><verb>
+$ python sqlmap.py -l /tmp/webscarab.log/conversations/ --scope="(www)?\.target\.(com|net|org)"
 
 
 <sect1>Injection
@@ -1588,6 +1597,7 @@ These options can be used to specify which parameters to test for, provide
 custom injection payloads and how to parse and compare HTTP responses page
 content when using the blind SQL injection technique.
 
+
 <sect2>Testable parameter(s)
 
 <p>
@@ -5380,7 +5390,42 @@ counts the number of retrieved query output characters.
 
 <p>
 Option: <tt>-</tt><tt>-gpage</tt>
-#TODO
+
+<p>
+Default sqlmap behavior with option <tt>-g</tt> is to do a google
+search and use resulting urls from first (100) result page for further 
+sql injection testing. In combination with this option you can specify
+some other page other than the first one for retrieving target urls.
+
+<p>
+Example of Google dorking with expression <tt>login ext:php</tt> 
+and resulting page set to 3:
+
+<tscreen><verb>
+$ python sqlmap.py -g "login ext:php" --gpage=3 -v 1
+
+[14:11:12] [INFO] first request to Google to get the session cookie
+[14:11:12] [INFO] using search result page #3
+[14:11:12] [INFO] sqlmap got 100 results for your Google dork expression, 5 of them are testable targets
+[14:11:12] [INFO] sqlmap got a total of 5 targets
+url 1:
+GET http://myjobstreet-beta.jobstreet.com/home/login.php?site=in
+do you want to test this url? [Y/n/q]
+> 
+[14:11:14] [INFO] testing url http://myjobstreet-beta.jobstreet.com/home/login.php?site=in
+[14:11:14] [INFO] using '/home/stamparm/Work/sqlmap/sqlmap/output/None/session' as session file
+[14:11:14] [INFO] testing connection to the target url
+[14:11:15] [INFO] testing if the url is stable, wait a few seconds
+[14:11:19] [INFO] url is stable
+[14:11:19] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
+[14:11:21] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
+[14:11:21] [INFO] testing if Cookie parameter 'REFERP' is dynamic
+[14:11:22] [WARNING] Cookie parameter 'REFERP' is not dynamic
+[14:11:22] [INFO] testing if Cookie parameter 'PHPSESSID' is dynamic
+[14:11:24] [INFO] confirming that Cookie parameter 'PHPSESSID' is dynamic
+[14:11:27] [INFO] Cookie parameter 'PHPSESSID' is dynamic
+[...]
+</verb></tscreen>
 
 
 <sect2>Update <tt>sqlmap</tt>

lib/core/option.py

@@ -104,6 +104,9 @@ def __feedTargetsDict(reqFile, addedTargetUrls):
     port   = None
     scheme = None
 
+    if conf.scope:
+        logger.info("using regex: '%s' for filtering targets" % conf.scope)
+
     for request in reqResList:
         if scheme is None:
             schemePort = re.search("\d\d[\:|\.]\d\d[\:|\.]\d\d\s+(http[\w]*)\:\/\/.*?\:([\d]+)", request, re.I)

lib/utils/google.py

@@ -93,6 +93,7 @@ class Google:
         """
 
         gpage = conf.googlePage if conf.googlePage > 1 else 1
+        logger.info("using search result page #%d" % gpage)
         
         if not googleDork:
             return None