sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor documentation adjustments

Browse Source
This commit is contained in:
Bernardo Damele 2008-12-17 20:58:19 +00:00
parent 94c79e3209
commit bb9079aa9d
4 changed files with 103 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
doc/README.html
View File

@ -37,15 +37,16 @@ for the latest version.</EM>
<H2><A NAME="toc5">5.</A> <A HREF="README.html#s5">Usage</A></H2> <H2><A NAME="toc5">5.</A> <A HREF="README.html#s5">Usage</A></H2>
<UL> <UL>
<LI><A NAME="toc5.1">5.1</A> <A HREF="README.html#ss5.1">Target</A> <LI><A NAME="toc5.1">5.1</A> <A HREF="README.html#ss5.1">Output verbosity</A>
<LI><A NAME="toc5.2">5.2</A> <A HREF="README.html#ss5.2">Request</A> <LI><A NAME="toc5.2">5.2</A> <A HREF="README.html#ss5.2">Target</A>
<LI><A NAME="toc5.3">5.3</A> <A HREF="README.html#ss5.3">Injection</A> <LI><A NAME="toc5.3">5.3</A> <A HREF="README.html#ss5.3">Request</A>
<LI><A NAME="toc5.4">5.4</A> <A HREF="README.html#ss5.4">Techniques</A> <LI><A NAME="toc5.4">5.4</A> <A HREF="README.html#ss5.4">Injection</A>
<LI><A NAME="toc5.5">5.5</A> <A HREF="README.html#ss5.5">Fingerprint</A> <LI><A NAME="toc5.5">5.5</A> <A HREF="README.html#ss5.5">Techniques</A>
<LI><A NAME="toc5.6">5.6</A> <A HREF="README.html#ss5.6">Enumeration</A> <LI><A NAME="toc5.6">5.6</A> <A HREF="README.html#ss5.6">Fingerprint</A>
<LI><A NAME="toc5.7">5.7</A> <A HREF="README.html#ss5.7">File system access</A> <LI><A NAME="toc5.7">5.7</A> <A HREF="README.html#ss5.7">Enumeration</A>
<LI><A NAME="toc5.8">5.8</A> <A HREF="README.html#ss5.8">Operating system access</A> <LI><A NAME="toc5.8">5.8</A> <A HREF="README.html#ss5.8">File system access</A>
<LI><A NAME="toc5.9">5.9</A> <A HREF="README.html#ss5.9">Miscellaneous</A> <LI><A NAME="toc5.9">5.9</A> <A HREF="README.html#ss5.9">Operating system access</A>
<LI><A NAME="toc5.10">5.10</A> <A HREF="README.html#ss5.10">Miscellaneous</A>
</UL> </UL>
<P> <P>
<H2><A NAME="toc6">6.</A> <A HREF="README.html#s6">Disclaimer</A></H2> <H2><A NAME="toc6">6.</A> <A HREF="README.html#s6">Disclaimer</A></H2>
@ -399,6 +400,7 @@ Usage: sqlmap.py [options]
Options: Options:
--version show program's version number and exit --version show program's version number and exit
-h, --help show this help message and exit -h, --help show this help message and exit
-v VERBOSE Verbosity level: 0-5 (default 1)
Target: Target:
At least one of these options has to be specified to set the source to At least one of these options has to be specified to set the source to
@ -502,7 +504,6 @@ Options:
Miscellaneous: Miscellaneous:
--eta Retrieve each query output length and calculate the --eta Retrieve each query output length and calculate the
estimated time of arrival in real time estimated time of arrival in real time
-v VERBOSE Verbosity level: 0-5 (default 1)
--update Update sqlmap to the latest stable version --update Update sqlmap to the latest stable version
-s SESSIONFILE Save and resume all data retrieved on a session file -s SESSIONFILE Save and resume all data retrieved on a session file
--save Save options on a configuration INI file --save Save options on a configuration INI file
@ -512,35 +513,9 @@ Options:
</P> </P>
<H2><A NAME="ss5.1">5.1</A> <A HREF="#toc5.1">Target</A> <H2><A NAME="ss5.1">5.1</A> <A HREF="#toc5.1">Output verbosity</A>
</H2> </H2>
<P>At least one of these options has to be specified to set the source to get
target urls from.</P>
<H3>Target URL</H3>
<P>Option: <CODE>-u</CODE> or <CODE>--url</CODE></P>
<P>To run sqlmap on a single target URL.</P>
<P>Example on a <B>MySQL 5.0.67</B> target:</P>
<P>
<BLOCKQUOTE><CODE>
<PRE>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1"
[...]
web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: MySQL >= 5.0.0
</PRE>
</CODE></BLOCKQUOTE>
</P>
<H3>Target URL and verbosity</H3>
<P>Option: <CODE>-v</CODE></P> <P>Option: <CODE>-v</CODE></P>
<P>Verbose options can be used to set the verbosity level of output messages. <P>Verbose options can be used to set the verbosity level of output messages.
@ -762,6 +737,33 @@ Content-Type: text/html
</P> </P>
<H2><A NAME="ss5.2">5.2</A> <A HREF="#toc5.2">Target</A>
</H2>
<P>At least one of these options has to be specified to set the source to get
target urls from.</P>
<H3>Target URL</H3>
<P>Option: <CODE>-u</CODE> or <CODE>--url</CODE></P>
<P>To run sqlmap on a single target URL.</P>
<P>Example on a <B>MySQL 5.0.67</B> target:</P>
<P>
<BLOCKQUOTE><CODE>
<PRE>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1"
[...]
web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: MySQL >= 5.0.0
</PRE>
</CODE></BLOCKQUOTE>
</P>
<H3>Parse targets from Burp or WebScarab logs</H3> <H3>Parse targets from Burp or WebScarab logs</H3>
<P>Option: <CODE>-l</CODE></P> <P>Option: <CODE>-l</CODE></P>
@ -903,7 +905,7 @@ evaluated when running sqlmap and overwrite the same options, if set, in
the provided configuration file.</P> the provided configuration file.</P>
<H2><A NAME="ss5.2">5.2</A> <A HREF="#toc5.2">Request</A> <H2><A NAME="ss5.3">5.3</A> <A HREF="#toc5.3">Request</A>
</H2> </H2>
<P>These options can be used to specify how to connect to the target url.</P> <P>These options can be used to specify how to connect to the target url.</P>
@ -1367,7 +1369,7 @@ the HTTP request timed out. The valid value is a float, for instance
10.5 means ten seconds and a half.</P> 10.5 means ten seconds and a half.</P>
<H2><A NAME="ss5.3">5.3</A> <A HREF="#toc5.3">Injection</A> <H2><A NAME="ss5.4">5.4</A> <A HREF="#toc5.4">Injection</A>
</H2> </H2>
<P>These options can be used to specify which parameters to test for, provide <P>These options can be used to specify which parameters to test for, provide
@ -1573,9 +1575,9 @@ SELECT * FROM users WHERE id=('1') AND 7433=7433 AND ('test'='test') LIMIT 0, 1
</CODE></BLOCKQUOTE> </CODE></BLOCKQUOTE>
</P> </P>
<P>In this simple example sqlmap could detect the SQL injection and exploit it <P>In this simple example, sqlmap could detect the SQL injection and exploit
without need to provide a custom injection payload, but sometimes on real it without need to provide a custom injection payload, but sometimes in
world application it is necessary to provide a custom injection payload.</P> the real world application it is necessary to provide it.</P>
<H3>Page comparison</H3> <H3>Page comparison</H3>
@ -1799,7 +1801,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
stability test.</P> stability test.</P>
<H2><A NAME="ss5.4">5.4</A> <A HREF="#toc5.4">Techniques</A> <H2><A NAME="ss5.5">5.5</A> <A HREF="#toc5.5">Techniques</A>
</H2> </H2>
<H3>Test for stacked queries (multiple statements) support</H3> <H3>Test for stacked queries (multiple statements) support</H3>
@ -1928,11 +1930,16 @@ $ python sqlmap.py -u "http://192.168.123.36/sqlmap/get_str.asp?name=luther" \
[...] [...]
back-end DBMS: Microsoft SQL Server 2005 back-end DBMS: Microsoft SQL Server 2005
[15:32:59] [INFO] testing time based blind sql injection on parameter 'name' with AND condition syntax [hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with AND
[15:32:59] [WARNING] the parameter 'name' is not affected by a time based blind sql injection with AND condition syntax condition syntax
[15:32:59] [INFO] testing time based blind sql injection on parameter 'name' with stacked query syntax [hh:mm:59] [WARNING] the parameter 'name' is not affected by a time based blind sql
[15:33:13] [INFO] the parameter 'name' is affected by a time based blind sql injection with stacked query syntax injection with AND condition syntax
time based blind sql injection payload: 'name=luther'; WAITFOR DELAY '0:0:5';-- AND 'PmrXn'='PmrXn' [hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with stacked
query syntax
[hh:mm:13] [INFO] the parameter 'name' is affected by a time based blind sql injection with
stacked query syntax
time based blind sql injection payload: 'name=luther'; WAITFOR DELAY '0:0:5';-- AND
'PmrXn'='PmrXn'
</PRE> </PRE>
</CODE></BLOCKQUOTE> </CODE></BLOCKQUOTE>
</P> </P>
@ -2159,7 +2166,7 @@ SELECT</CODE> statement to produce one entry at a time and display it in the
page content.</P> page content.</P>
<H2><A NAME="ss5.5">5.5</A> <A HREF="#toc5.5">Fingerprint</A> <H2><A NAME="ss5.6">5.6</A> <A HREF="#toc5.6">Fingerprint</A>
</H2> </H2>
<H3>Extensive database management system fingerprint</H3> <H3>Extensive database management system fingerprint</H3>
@ -2472,7 +2479,7 @@ parsing library that fetches data from Chip Andrews'
<A HREF="http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx">SQLSecurity.com site</A> and outputs it to the XML versions file.</P> <A HREF="http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx">SQLSecurity.com site</A> and outputs it to the XML versions file.</P>
<H2><A NAME="ss5.6">5.6</A> <A HREF="#toc5.6">Enumeration</A> <H2><A NAME="ss5.7">5.7</A> <A HREF="#toc5.7">Enumeration</A>
</H2> </H2>
<H3>Banner</H3> <H3>Banner</H3>
@ -3749,7 +3756,7 @@ column names of the table then asks if the query can return multiple
entries and goes on.</P> entries and goes on.</P>
<H2><A NAME="ss5.7">5.7</A> <A HREF="#toc5.7">File system access</A> <H2><A NAME="ss5.8">5.8</A> <A HREF="#toc5.8">File system access</A>
</H2> </H2>
<H3>Read a specific file content</H3> <H3>Read a specific file content</H3>
@ -3793,7 +3800,7 @@ inquis:x:1000:100:Bernardo Damele A. G.,,,:/home/inquis:/bin/bash
</P> </P>
<H2><A NAME="ss5.8">5.8</A> <A HREF="#toc5.8">Operating system access</A> <H2><A NAME="ss5.9">5.9</A> <A HREF="#toc5.9">Operating system access</A>
</H2> </H2>
<H3>Prompt for an interactive operating system shell</H3> <H3>Prompt for an interactive operating system shell</H3>
@ -3831,7 +3838,7 @@ $ exit
functionalities of SQL shell in terms of TAB completion and history support.</P> functionalities of SQL shell in terms of TAB completion and history support.</P>
<H2><A NAME="ss5.9">5.9</A> <A HREF="#toc5.9">Miscellaneous</A> <H2><A NAME="ss5.10">5.10</A> <A HREF="#toc5.10">Miscellaneous</A>
</H2> </H2>
<H3>Estimated time of arrival</H3> <H3>Estimated time of arrival</H3>

BIN
doc/README.pdf
View File

Binary file not shown.

79
doc/README.sgml
View File

@ -356,6 +356,7 @@ Usage: sqlmap.py [options]
Options: Options:
--version show program's version number and exit --version show program's version number and exit
-h, --help show this help message and exit -h, --help show this help message and exit
-v VERBOSE Verbosity level: 0-5 (default 1)
Target: Target:
At least one of these options has to be specified to set the source to At least one of these options has to be specified to set the source to
@ -459,7 +460,6 @@ Options:
Miscellaneous: Miscellaneous:
--eta Retrieve each query output length and calculate the --eta Retrieve each query output length and calculate the
estimated time of arrival in real time estimated time of arrival in real time
-v VERBOSE Verbosity level: 0-5 (default 1)
--update Update sqlmap to the latest stable version --update Update sqlmap to the latest stable version
-s SESSIONFILE Save and resume all data retrieved on a session file -s SESSIONFILE Save and resume all data retrieved on a session file
--save Save options on a configuration INI file --save Save options on a configuration INI file
@ -467,34 +467,7 @@ Options:
</verb></tscreen> </verb></tscreen>
<sect1>Target <sect1>Output verbosity
<p>
At least one of these options has to be specified to set the source to get
target urls from.
<sect2>Target URL
<p>
Option: <tt>-u</tt> or <tt>--url</tt>
<p>
To run sqlmap on a single target URL.
<p>
Example on a <bf>MySQL 5.0.67</bf> target:
<tscreen><verb>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1"
[...]
web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: MySQL >= 5.0.0
</verb></tscreen>
<sect2>Target URL and verbosity
<p> <p>
Option: <tt>-v</tt> Option: <tt>-v</tt>
@ -709,6 +682,33 @@ Content-Type: text/html
</verb></tscreen> </verb></tscreen>
<sect1>Target
<p>
At least one of these options has to be specified to set the source to get
target urls from.
<sect2>Target URL
<p>
Option: <tt>-u</tt> or <tt>--url</tt>
<p>
To run sqlmap on a single target URL.
<p>
Example on a <bf>MySQL 5.0.67</bf> target:
<tscreen><verb>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1"
[...]
web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: MySQL >= 5.0.0
</verb></tscreen>
<sect2>Parse targets from Burp or WebScarab logs <sect2>Parse targets from Burp or WebScarab logs
<p> <p>
@ -1513,9 +1513,9 @@ SELECT * FROM users WHERE id=('1') AND 7433=7433 AND ('test'='test') LIMIT 0, 1
</verb></tscreen> </verb></tscreen>
<p> <p>
In this simple example sqlmap could detect the SQL injection and exploit it In this simple example, sqlmap could detect the SQL injection and exploit
without need to provide a custom injection payload, but sometimes on real it without need to provide a custom injection payload, but sometimes in
world application it is necessary to provide a custom injection payload. the real world application it is necessary to provide it.
<sect2>Page comparison <sect2>Page comparison
@ -1864,11 +1864,16 @@ $ python sqlmap.py -u "http://192.168.123.36/sqlmap/get_str.asp?name=luther" \
[...] [...]
back-end DBMS: Microsoft SQL Server 2005 back-end DBMS: Microsoft SQL Server 2005
[15:32:59] [INFO] testing time based blind sql injection on parameter 'name' with AND condition syntax [hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with AND
[15:32:59] [WARNING] the parameter 'name' is not affected by a time based blind sql injection with AND condition syntax condition syntax
[15:32:59] [INFO] testing time based blind sql injection on parameter 'name' with stacked query syntax [hh:mm:59] [WARNING] the parameter 'name' is not affected by a time based blind sql
[15:33:13] [INFO] the parameter 'name' is affected by a time based blind sql injection with stacked query syntax injection with AND condition syntax
time based blind sql injection payload: 'name=luther'; WAITFOR DELAY '0:0:5';-- AND 'PmrXn'='PmrXn' [hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with stacked
query syntax
[hh:mm:13] [INFO] the parameter 'name' is affected by a time based blind sql injection with
stacked query syntax
time based blind sql injection payload: 'name=luther'; WAITFOR DELAY '0:0:5';-- AND
'PmrXn'='PmrXn'
</verb></tscreen> </verb></tscreen>

1
doc/THANKS
View File

@ -36,6 +36,7 @@ Giorgio Fedon <giorgio.fedon@gmail.com>
Ivan Giacomelli <truemilk@insiberia.net> Ivan Giacomelli <truemilk@insiberia.net>
for reporting a bug for reporting a bug
for suggesting a minor enhancement for suggesting a minor enhancement
for reviewing the documentation
Davide Guerri <d.guerri@caspur.it> Davide Guerri <d.guerri@caspur.it>
for suggesting an enhancement for suggesting an enhancement