mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-29 04:53:48 +03:00
Minor improvement to use Python ConfigParser library when --save if specified.
Minor update to the user's manual
This commit is contained in:
parent
6ff8feb5cf
commit
9c125a2b57
|
@ -215,19 +215,14 @@ This SQL injection technique is an alternative to the first one.</LI>
|
||||||
statements support</B>: sqlmap tests if the web application supports
|
statements support</B>: sqlmap tests if the web application supports
|
||||||
stacked queries then, in case it does support, it appends to the affected
|
stacked queries then, in case it does support, it appends to the affected
|
||||||
parameter in the HTTP request, a semi-colon (<CODE>;</CODE>) followed by the
|
parameter in the HTTP request, a semi-colon (<CODE>;</CODE>) followed by the
|
||||||
SQL statement to be executed. This technique is useful if to run SQL
|
SQL statement to be executed. This technique is useful to run SQL
|
||||||
statements other than <CODE>SELECT</CODE> like, for instance, <EM>data
|
statements other than <CODE>SELECT</CODE> like, for instance, <EM>data
|
||||||
definition</EM> or <EM>data manipulation</EM> statements possibly leading
|
definition</EM> or <EM>data manipulation</EM> statements possibly leading
|
||||||
to file system read and write access and operating system command
|
to file system read and write access and operating system command
|
||||||
execution depending on the underlying back-end database management system.</LI>
|
execution depending on the underlying back-end database management system
|
||||||
|
and the session user privileges.</LI>
|
||||||
</UL>
|
</UL>
|
||||||
</P>
|
</P>
|
||||||
<P>It is strongly recommended to run at least once sqlmap with the
|
|
||||||
<CODE>--union-test</CODE> option to test if the affected parameter is used
|
|
||||||
within a <CODE>for</CODE> cycle, or similar, and in case use
|
|
||||||
<CODE>--union-use</CODE> option to exploit this vulnerability because it
|
|
||||||
saves a lot of time and it does not weight down the web server log file
|
|
||||||
with hundreds of HTTP requests.</P>
|
|
||||||
|
|
||||||
|
|
||||||
<H2><A NAME="s2">2.</A> <A HREF="#toc2">Features</A></H2>
|
<H2><A NAME="s2">2.</A> <A HREF="#toc2">Features</A></H2>
|
||||||
|
@ -2008,6 +2003,13 @@ affected by an inband SQL injection.
|
||||||
In case this vulnerability is exploitable it is strongly recommended to
|
In case this vulnerability is exploitable it is strongly recommended to
|
||||||
use this technique which saves a lot of time.</P>
|
use this technique which saves a lot of time.</P>
|
||||||
|
|
||||||
|
<P>It is strongly recommended to run at least once sqlmap with the
|
||||||
|
<CODE>--union-test</CODE> option to test if the affected parameter is used
|
||||||
|
within a <CODE>for</CODE> cycle, or similar, and in case use
|
||||||
|
<CODE>--union-use</CODE> option to exploit this vulnerability because it
|
||||||
|
saves a lot of time and it does not weight down the web server log file
|
||||||
|
with hundreds of HTTP requests.</P>
|
||||||
|
|
||||||
|
|
||||||
<H3>Use the UNION query SQL injection</H3>
|
<H3>Use the UNION query SQL injection</H3>
|
||||||
|
|
||||||
|
|
BIN
doc/README.pdf
BIN
doc/README.pdf
Binary file not shown.
|
@ -172,20 +172,14 @@ This SQL injection technique is an alternative to the first one.
|
||||||
statements support</bf>: sqlmap tests if the web application supports
|
statements support</bf>: sqlmap tests if the web application supports
|
||||||
stacked queries then, in case it does support, it appends to the affected
|
stacked queries then, in case it does support, it appends to the affected
|
||||||
parameter in the HTTP request, a semi-colon (<tt>;</tt>) followed by the
|
parameter in the HTTP request, a semi-colon (<tt>;</tt>) followed by the
|
||||||
SQL statement to be executed. This technique is useful if to run SQL
|
SQL statement to be executed. This technique is useful to run SQL
|
||||||
statements other than <tt>SELECT</tt> like, for instance, <em>data
|
statements other than <tt>SELECT</tt> like, for instance, <em>data
|
||||||
definition</em> or <em>data manipulation</em> statements possibly leading
|
definition</em> or <em>data manipulation</em> statements possibly leading
|
||||||
to file system read and write access and operating system command
|
to file system read and write access and operating system command
|
||||||
execution depending on the underlying back-end database management system.
|
execution depending on the underlying back-end database management system
|
||||||
|
and the session user privileges.
|
||||||
</itemize>
|
</itemize>
|
||||||
|
|
||||||
It is strongly recommended to run at least once sqlmap with the
|
|
||||||
<tt>--union-test</tt> option to test if the affected parameter is used
|
|
||||||
within a <tt>for</tt> cycle, or similar, and in case use
|
|
||||||
<tt>--union-use</tt> option to exploit this vulnerability because it
|
|
||||||
saves a lot of time and it does not weight down the web server log file
|
|
||||||
with hundreds of HTTP requests.
|
|
||||||
|
|
||||||
|
|
||||||
<sect>Features
|
<sect>Features
|
||||||
|
|
||||||
|
@ -1939,6 +1933,14 @@ affected by an inband SQL injection.
|
||||||
In case this vulnerability is exploitable it is strongly recommended to
|
In case this vulnerability is exploitable it is strongly recommended to
|
||||||
use this technique which saves a lot of time.
|
use this technique which saves a lot of time.
|
||||||
|
|
||||||
|
<p>
|
||||||
|
It is strongly recommended to run at least once sqlmap with the
|
||||||
|
<tt>--union-test</tt> option to test if the affected parameter is used
|
||||||
|
within a <tt>for</tt> cycle, or similar, and in case use
|
||||||
|
<tt>--union-use</tt> option to exploit this vulnerability because it
|
||||||
|
saves a lot of time and it does not weight down the web server log file
|
||||||
|
with hundreds of HTTP requests.
|
||||||
|
|
||||||
|
|
||||||
<sect2>Use the UNION query SQL injection
|
<sect2>Use the UNION query SQL injection
|
||||||
|
|
||||||
|
|
|
@ -34,6 +34,8 @@ import time
|
||||||
import urllib2
|
import urllib2
|
||||||
import urlparse
|
import urlparse
|
||||||
|
|
||||||
|
from ConfigParser import ConfigParser
|
||||||
|
|
||||||
from lib.core.common import parseTargetUrl
|
from lib.core.common import parseTargetUrl
|
||||||
from lib.core.common import paths
|
from lib.core.common import paths
|
||||||
from lib.core.common import randomRange
|
from lib.core.common import randomRange
|
||||||
|
@ -657,6 +659,7 @@ def __saveCmdline():
|
||||||
debugMsg = "saving command line options on a sqlmap configuration INI file"
|
debugMsg = "saving command line options on a sqlmap configuration INI file"
|
||||||
logger.debug(debugMsg)
|
logger.debug(debugMsg)
|
||||||
|
|
||||||
|
config = ConfigParser()
|
||||||
userOpts = {}
|
userOpts = {}
|
||||||
|
|
||||||
for family in optDict.keys():
|
for family in optDict.keys():
|
||||||
|
@ -667,10 +670,8 @@ def __saveCmdline():
|
||||||
if option in optionData:
|
if option in optionData:
|
||||||
userOpts[family].append((option, value, optionData[option]))
|
userOpts[family].append((option, value, optionData[option]))
|
||||||
|
|
||||||
confFP = open(paths.SQLMAP_CONFIG, "w")
|
|
||||||
|
|
||||||
for family, optionData in userOpts.items():
|
for family, optionData in userOpts.items():
|
||||||
confFP.write("[%s]\n" % family)
|
config.add_section(family)
|
||||||
|
|
||||||
optionData.sort()
|
optionData.sort()
|
||||||
|
|
||||||
|
@ -691,12 +692,10 @@ def __saveCmdline():
|
||||||
if isinstance(value, str):
|
if isinstance(value, str):
|
||||||
value = value.replace("\n", "\n ")
|
value = value.replace("\n", "\n ")
|
||||||
|
|
||||||
confFP.write("%s = %s\n" % (option, value))
|
config.set(family, option, value)
|
||||||
|
|
||||||
confFP.write("\n")
|
confFP = open(paths.SQLMAP_CONFIG, "wb")
|
||||||
|
config.write(confFP)
|
||||||
confFP.flush()
|
|
||||||
confFP.close()
|
|
||||||
|
|
||||||
infoMsg = "saved command line options on '%s' configuration file" % paths.SQLMAP_CONFIG
|
infoMsg = "saved command line options on '%s' configuration file" % paths.SQLMAP_CONFIG
|
||||||
logger.info(infoMsg)
|
logger.info(infoMsg)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user