Minor layout adjustments

doc/README.sgml

@@ -623,7 +623,7 @@ Options:
     --dest-file=DFILE   Back-end DBMS absolute filepath to write to
 
   Operating system access:
-    This option can be used to access the back-end database management
+    These options can be used to access the back-end database management
     system underlying operating system.
 
     --os-cmd=OSCMD      Execute an operating system command
@@ -636,7 +636,7 @@ Options:
     --tmp-path=TMPPATH  Remote absolute path of temporary files directory
 
   Windows registry access:
-    This option can be used to access the back-end database management
+    These options can be used to access the back-end database management
     system Windows registry.
 
     --reg-read          Read a Windows registry key value

lib/parse/cmdline.py

@@ -327,8 +327,8 @@ def cmdLineParser():
                                    "write to")
 
         # Takeover options
-        takeover = OptionGroup(parser, "Operating system access", "This "
-                               "option can be used to access the back-end "
+        takeover = OptionGroup(parser, "Operating system access", "These "
+                               "options can be used to access the back-end "
                                "database management system underlying "
                                "operating system.")
 
@@ -364,8 +364,8 @@ def cmdLineParser():
                                  "directory")
 
         # Windows registry options
-        windows = OptionGroup(parser, "Windows registry access", "This "
-                               "option can be used to access the back-end "
+        windows = OptionGroup(parser, "Windows registry access", "These "
+                               "options can be used to access the back-end "
                                "database management system Windows "
                                "registry.")
 

lib/takeover/registry.py

@@ -42,7 +42,7 @@ class Registry:
 
         self.__randStr       = randomStr(lowercase=True)
         self.__batPathRemote = "%s/tmpr%s.bat" % (conf.tmpPath, self.__randStr)
-        self.__batPathLocal  = os.path.join(conf.outputPath, "tmpr%s%s.bat" % (self.__operation, self.__randStr))
+        self.__batPathLocal  = os.path.join(conf.outputPath, "tmpr%s.bat" % self.__randStr)
 
         if parse:
             readParse = "FOR /F \"tokens=2* delims==\" %%A IN ('REG QUERY \"" + self.__regKey + "\" /v \"" + self.__regValue + "\"') DO SET value=%%A\r\nECHO %value%\r\n"

sqlmap.conf

@@ -1,3 +1,5 @@
+# At least one of these options has to be specified to set the source to
+# get target urls from.
 [Target]
 
 # Target URL.
@@ -21,6 +23,8 @@ requestFile =
 # Example: +ext:php +inurl:"&id=" +intext:"powered by "
 googleDork = 
 
+
+# These options can be used to specify how to connect to the target url.
 [Request]
 
 # HTTP method to perform HTTP requests.
@@ -111,6 +115,10 @@ retries = 3
 # Example: (google|yahoo)
 scope = 
 
+
+# These options can be used to specify which parameters to test for,
+# provide custom injection payloads and how to parse and compare HTTP
+# responses page content when using the blind SQL injection technique.
 [Injection]
 
 # Testable parameter(s) comma separated. By default all GET/POST/Cookie
@@ -163,6 +171,10 @@ eString =
 # (http://www.python.org/doc/2.5.2/lib/re-syntax.html)
 eRegexp = 
 
+
+# These options can be used to test for specific SQL injection technique
+# or to use one of them to exploit the affected parameter(s) rather than
+# using the default blind SQL injection technique.
 [Techniques]
 
 # Test for stacked queries (multiple statements) support.
@@ -203,6 +215,9 @@ unionUse = False
 extensiveFp = False
 
 
+# These options can be used to enumerate the back-end database
+# management system information, structure and data contained in the
+# tables. Moreover you can run your own SQL statements.
 [Enumeration]
 
 # Retrieve back-end database management system banner.
@@ -249,7 +264,8 @@ getTables = False
 getColumns = False
 
 # Dump back-end database management system database table entries.
-# Optional: db, tbl and col
+# Requires: tbl and/or col
+# Optional: db
 # Valid: True or False
 dumpTable = False
 
@@ -306,6 +322,7 @@ query =
 sqlShell = False
 
 
+# These options can be used to create custom user-defined functions.
 [User-defined function]
 
 # Inject custom user-defined functions
@@ -316,6 +333,8 @@ udfInject = False
 shLib = 
 
 
+# These options can be used to access the back-end database management
+# system underlying file system.
 [File system]
 
 # Read a specific file from the back-end DBMS underlying file system.
@@ -331,6 +350,8 @@ wFile =
 dFile = 
 
 
+# These options can be used to access the back-end database management
+# system underlying operating system.
 [Takeover]
 
 # Execute an operating system command.
@@ -369,6 +390,8 @@ msfPath =
 tmpPath = 
 
 
+# These options can be used to access the back-end database management
+# system Windows registry.
 [Windows]
 
 # Read a Windows registry key value