sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor layout adjustments in the user's manual

Browse Source
This commit is contained in:
Bernardo Damele 2009-01-13 23:16:34 +00:00
parent fd7cb9101c
commit bc3b4c6936
3 changed files with 30 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
doc/README.html
View File

@ -58,15 +58,16 @@ for the latest version.</EM>
<HR>
<H2><A NAME="s1">1.</A> <A HREF="#toc1">Introduction</A></H2>
<P>sqlmap is an automatic
<A HREF="http://www.google.com/search?q=SQL+injection">SQL injection</A> tool. Its goal is to detect and take advantage of
SQL injection vulnerabilities on web applications. Once it detects one or
more SQL injections on the target host, the user can choose among a
variety of options to perform an extensive back-end database management
system fingerprint, retrieve DBMS session user and database, enumerate
users, password hashes, privileges, databases, dump entire or user's
specific DBMS tables/columns, run his own SQL <CODE>SELECT</CODE> statement,
read specific files on the file system and much more.</P>
<P>sqlmap is an open source command-line automatic
<A HREF="http://www.google.com/search?q=SQL+injection">SQL injection</A>
tool.
Its goal is to detect and take advantage of SQL injection vulnerabilities
in web applications. Once it detects one or more SQL injections on the
target host, the user can choose among a variety of options to perform an
extensive back-end database management system fingerprint, retrieve DBMS
session user and database, enumerate users, password hashes, privileges,
databases, dump entire or user's specific DBMS tables/columns, run his own
SQL statement, read specific files on the file system and more.</P>
<H2><A NAME="ss1.1">1.1</A> <A HREF="#toc1.1">Requirements</A>
@ -232,8 +233,8 @@ and the session user privileges.</LI>
<UL>
<LI>Full support for <B>MySQL</B>, <B>Oracle</B>, <B>PostgreSQL</B>
and <B>Microsoft SQL Server</B> back-end database management systems.
Besides these four database management systems, sqlmap can also identify
Microsoft Access, DB2, Informix, Sybase and Interbase.
Besides these four database management systems software. sqlmap can also
identify Microsoft Access, DB2, Informix, Sybase and Interbase.
</LI>
<LI><B>Extensive back-end database management system fingerprint</B>
based upon
@ -3596,9 +3597,9 @@ SELECT user, host, password FROM mysql.user LIMIT 1, 3 [3]:
</CODE></BLOCKQUOTE>
</P>
<P>The SQL shell option gives you access to run your own SQL <CODE>SELECT</CODE>
statement interactively, like a SQL console logged into the back-end
database management system.
<P>The SQL shell option gives you access to run your own SQL statement
interactively, like a SQL console logged into the back-end database
management system.
This feature has TAB completion and history support.</P>
<P>Example of history support on a <B>PostgreSQL 8.3.5</B> target:</P>

BIN
doc/README.pdf
View File

Binary file not shown.

29
doc/README.sgml
View File

@ -16,15 +16,16 @@ for the latest version.
<sect>Introduction
<p>
sqlmap is an automatic <htmlurl url="http://www.google.com/search?q=SQL+injection"
name="SQL injection"> tool. Its goal is to detect and take advantage of
SQL injection vulnerabilities on web applications. Once it detects one or
more SQL injections on the target host, the user can choose among a
variety of options to perform an extensive back-end database management
system fingerprint, retrieve DBMS session user and database, enumerate
users, password hashes, privileges, databases, dump entire or user's
specific DBMS tables/columns, run his own SQL <tt>SELECT</tt> statement,
read specific files on the file system and much more.
sqlmap is an open source command-line automatic
<htmlurl url="http://www.google.com/search?q=SQL+injection" name="SQL injection">
tool.
Its goal is to detect and take advantage of SQL injection vulnerabilities
in web applications. Once it detects one or more SQL injections on the
target host, the user can choose among a variety of options to perform an
extensive back-end database management system fingerprint, retrieve DBMS
session user and database, enumerate users, password hashes, privileges,
databases, dump entire or user's specific DBMS tables/columns, run his own
SQL statement, read specific files on the file system and more.
<sect1>Requirements
@ -189,8 +190,8 @@ Major features implemented in sqlmap include:
<itemize>
<item>Full support for <bf>MySQL</bf>, <bf>Oracle</bf>, <bf>PostgreSQL</bf>
and <bf>Microsoft SQL Server</bf> back-end database management systems.
Besides these four database management systems, sqlmap can also identify
Microsoft Access, DB2, Informix, Sybase and Interbase.
Besides these four database management systems software. sqlmap can also
identify Microsoft Access, DB2, Informix, Sybase and Interbase.
<item><bf>Extensive back-end database management system fingerprint</bf>
based upon
@ -3497,9 +3498,9 @@ SELECT user, host, password FROM mysql.user LIMIT 1, 3 [3]:
</verb></tscreen>
<p>
The SQL shell option gives you access to run your own SQL <tt>SELECT</tt>
statement interactively, like a SQL console logged into the back-end
database management system.
The SQL shell option gives you access to run your own SQL statement
interactively, like a SQL console logged into the back-end database
management system.
This feature has TAB completion and history support.
<p>