sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor improvement to use Python ConfigParser library when --save if specified.

Browse Source 
Minor update to the user's manual
This commit is contained in:
Bernardo Damele 2009-01-03 22:59:22 +00:00
parent 6ff8feb5cf
commit 9c125a2b57
4 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/README.html
View File

@ -215,19 +215,14 @@ This SQL injection technique is an alternative to the first one.</LI>
statements support</B>: sqlmap tests if the web application supports statements support</B>: sqlmap tests if the web application supports
stacked queries then, in case it does support, it appends to the affected stacked queries then, in case it does support, it appends to the affected
parameter in the HTTP request, a semi-colon (<CODE>;</CODE>) followed by the parameter in the HTTP request, a semi-colon (<CODE>;</CODE>) followed by the
SQL statement to be executed. This technique is useful if to run SQL SQL statement to be executed. This technique is useful to run SQL
statements other than <CODE>SELECT</CODE> like, for instance, <EM>data statements other than <CODE>SELECT</CODE> like, for instance, <EM>data
definition</EM> or <EM>data manipulation</EM> statements possibly leading definition</EM> or <EM>data manipulation</EM> statements possibly leading
to file system read and write access and operating system command to file system read and write access and operating system command
execution depending on the underlying back-end database management system.</LI> execution depending on the underlying back-end database management system
and the session user privileges.</LI>
</UL> </UL>
</P> </P>
<P>It is strongly recommended to run at least once sqlmap with the
<CODE>--union-test</CODE> option to test if the affected parameter is used
within a <CODE>for</CODE> cycle, or similar, and in case use
<CODE>--union-use</CODE> option to exploit this vulnerability because it
saves a lot of time and it does not weight down the web server log file
with hundreds of HTTP requests.</P>
<H2><A NAME="s2">2.</A> <A HREF="#toc2">Features</A></H2> <H2><A NAME="s2">2.</A> <A HREF="#toc2">Features</A></H2>
@ -2008,6 +2003,13 @@ affected by an inband SQL injection.
In case this vulnerability is exploitable it is strongly recommended to In case this vulnerability is exploitable it is strongly recommended to
use this technique which saves a lot of time.</P> use this technique which saves a lot of time.</P>
<P>It is strongly recommended to run at least once sqlmap with the
<CODE>--union-test</CODE> option to test if the affected parameter is used
within a <CODE>for</CODE> cycle, or similar, and in case use
<CODE>--union-use</CODE> option to exploit this vulnerability because it
saves a lot of time and it does not weight down the web server log file
with hundreds of HTTP requests.</P>
<H3>Use the UNION query SQL injection</H3> <H3>Use the UNION query SQL injection</H3>

BIN
doc/README.pdf
View File

Binary file not shown.

20
doc/README.sgml
View File

@ -172,20 +172,14 @@ This SQL injection technique is an alternative to the first one.
statements support</bf>: sqlmap tests if the web application supports statements support</bf>: sqlmap tests if the web application supports
stacked queries then, in case it does support, it appends to the affected stacked queries then, in case it does support, it appends to the affected
parameter in the HTTP request, a semi-colon (<tt>;</tt>) followed by the parameter in the HTTP request, a semi-colon (<tt>;</tt>) followed by the
SQL statement to be executed. This technique is useful if to run SQL SQL statement to be executed. This technique is useful to run SQL
statements other than <tt>SELECT</tt> like, for instance, <em>data statements other than <tt>SELECT</tt> like, for instance, <em>data
definition</em> or <em>data manipulation</em> statements possibly leading definition</em> or <em>data manipulation</em> statements possibly leading
to file system read and write access and operating system command to file system read and write access and operating system command
execution depending on the underlying back-end database management system. execution depending on the underlying back-end database management system
and the session user privileges.
</itemize> </itemize>
It is strongly recommended to run at least once sqlmap with the
<tt>--union-test</tt> option to test if the affected parameter is used
within a <tt>for</tt> cycle, or similar, and in case use
<tt>--union-use</tt> option to exploit this vulnerability because it
saves a lot of time and it does not weight down the web server log file
with hundreds of HTTP requests.
<sect>Features <sect>Features
@ -1939,6 +1933,14 @@ affected by an inband SQL injection.
In case this vulnerability is exploitable it is strongly recommended to In case this vulnerability is exploitable it is strongly recommended to
use this technique which saves a lot of time. use this technique which saves a lot of time.
<p>
It is strongly recommended to run at least once sqlmap with the
<tt>--union-test</tt> option to test if the affected parameter is used
within a <tt>for</tt> cycle, or similar, and in case use
<tt>--union-use</tt> option to exploit this vulnerability because it
saves a lot of time and it does not weight down the web server log file
with hundreds of HTTP requests.
<sect2>Use the UNION query SQL injection <sect2>Use the UNION query SQL injection

15
lib/core/option.py
View File

@ -34,6 +34,8 @@ import time
import urllib2 import urllib2
import urlparse import urlparse
from ConfigParser import ConfigParser
from lib.core.common import parseTargetUrl from lib.core.common import parseTargetUrl
from lib.core.common import paths from lib.core.common import paths
from lib.core.common import randomRange from lib.core.common import randomRange
@ -657,6 +659,7 @@ def __saveCmdline():
debugMsg = "saving command line options on a sqlmap configuration INI file" debugMsg = "saving command line options on a sqlmap configuration INI file"
logger.debug(debugMsg) logger.debug(debugMsg)
config = ConfigParser()
userOpts = {} userOpts = {}
for family in optDict.keys(): for family in optDict.keys():
@ -667,10 +670,8 @@ def __saveCmdline():
if option in optionData: if option in optionData:
userOpts[family].append((option, value, optionData[option])) userOpts[family].append((option, value, optionData[option]))
confFP = open(paths.SQLMAP_CONFIG, "w")
for family, optionData in userOpts.items(): for family, optionData in userOpts.items():
confFP.write("[%s]\n" % family) config.add_section(family)
optionData.sort() optionData.sort()
@ -691,12 +692,10 @@ def __saveCmdline():
if isinstance(value, str): if isinstance(value, str):
value = value.replace("\n", "\n ") value = value.replace("\n", "\n ")
confFP.write("%s = %s\n" % (option, value)) config.set(family, option, value)
confFP.write("\n") confFP = open(paths.SQLMAP_CONFIG, "wb")
config.write(confFP)
confFP.flush()
confFP.close()
infoMsg = "saved command line options on '%s' configuration file" % paths.SQLMAP_CONFIG infoMsg = "saved command line options on '%s' configuration file" % paths.SQLMAP_CONFIG
logger.info(infoMsg) logger.info(infoMsg)