mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 20:43:49 +03:00
Minor regrouping
This commit is contained in:
parent
412301bb18
commit
bfe8785ed5
|
@ -31,6 +31,7 @@ optDict = {
|
|||
"loadCookies": "string",
|
||||
"dropSetCookie": "boolean",
|
||||
"agent": "string",
|
||||
"mobile": "boolean",
|
||||
"randomAgent": "boolean",
|
||||
"host": "string",
|
||||
"referer": "string",
|
||||
|
@ -100,6 +101,7 @@ optDict = {
|
|||
"notString": "string",
|
||||
"regexp": "string",
|
||||
"code": "integer",
|
||||
"smart": "boolean",
|
||||
"textOnly": "boolean",
|
||||
"titles": "boolean",
|
||||
},
|
||||
|
@ -197,10 +199,12 @@ optDict = {
|
|||
|
||||
"General": {
|
||||
"trafficFile": "string",
|
||||
"answers": "string",
|
||||
"batch": "boolean",
|
||||
"binaryFields": "string",
|
||||
"charset": "string",
|
||||
"checkInternet": "boolean",
|
||||
"cleanup": "boolean",
|
||||
"crawlDepth": "integer",
|
||||
"crawlExclude": "string",
|
||||
"csvDel": "string",
|
||||
|
@ -210,6 +214,7 @@ optDict = {
|
|||
"flushSession": "boolean",
|
||||
"forms": "boolean",
|
||||
"freshQueries": "boolean",
|
||||
"googlePage": "integer",
|
||||
"harFile": "string",
|
||||
"hexConvert": "boolean",
|
||||
"outputDir": "string",
|
||||
|
@ -218,28 +223,23 @@ optDict = {
|
|||
"repair": "boolean",
|
||||
"saveConfig": "string",
|
||||
"scope": "string",
|
||||
"skipWaf": "boolean",
|
||||
"testFilter": "string",
|
||||
"testSkip": "string",
|
||||
"updateAll": "boolean",
|
||||
"webRoot": "string",
|
||||
},
|
||||
|
||||
"Miscellaneous": {
|
||||
"alert": "string",
|
||||
"answers": "string",
|
||||
"beep": "boolean",
|
||||
"cleanup": "boolean",
|
||||
"dependencies": "boolean",
|
||||
"disableColoring": "boolean",
|
||||
"googlePage": "integer",
|
||||
"listTampers": "boolean",
|
||||
"mobile": "boolean",
|
||||
"offline": "boolean",
|
||||
"purge": "boolean",
|
||||
"skipWaf": "boolean",
|
||||
"smart": "boolean",
|
||||
"tmpDir": "string",
|
||||
"webRoot": "string",
|
||||
"wizard": "boolean",
|
||||
"updateAll": "boolean",
|
||||
"verbose": "integer",
|
||||
},
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import OS
|
|||
from thirdparty.six import unichr as _unichr
|
||||
|
||||
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
|
||||
VERSION = "1.3.8.9"
|
||||
VERSION = "1.3.8.10"
|
||||
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
|
||||
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
|
||||
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
|
||||
|
|
|
@ -152,6 +152,9 @@ def cmdLineParser(argv=None):
|
|||
request.add_argument("--user-agent", dest="agent",
|
||||
help="HTTP User-Agent header value")
|
||||
|
||||
request.add_argument("--mobile", dest="mobile", action="store_true",
|
||||
help="Imitate smartphone through HTTP User-Agent header")
|
||||
|
||||
request.add_argument("--random-agent", dest="randomAgent", action="store_true",
|
||||
help="Use randomly selected HTTP User-Agent header value")
|
||||
|
||||
|
@ -344,6 +347,9 @@ def cmdLineParser(argv=None):
|
|||
detection.add_argument("--code", dest="code", type=int,
|
||||
help="HTTP code to match when query is evaluated to True")
|
||||
|
||||
detection.add_argument("--smart", dest="smart", action="store_true",
|
||||
help="Perform thorough tests only if positive heuristic(s)")
|
||||
|
||||
detection.add_argument("--text-only", dest="textOnly", action="store_true",
|
||||
help="Compare pages based only on the textual content")
|
||||
|
||||
|
@ -585,6 +591,9 @@ def cmdLineParser(argv=None):
|
|||
general.add_argument("-t", dest="trafficFile",
|
||||
help="Log all HTTP traffic into a textual file")
|
||||
|
||||
general.add_argument("--answers", dest="answers",
|
||||
help="Set predefined answers (e.g. \"quit=N,follow=N\")")
|
||||
|
||||
general.add_argument("--batch", dest="batch", action="store_true",
|
||||
help="Never ask for user input, use the default behavior")
|
||||
|
||||
|
@ -594,6 +603,9 @@ def cmdLineParser(argv=None):
|
|||
general.add_argument("--check-internet", dest="checkInternet", action="store_true",
|
||||
help="Check Internet connection before assessing the target")
|
||||
|
||||
general.add_argument("--cleanup", dest="cleanup", action="store_true",
|
||||
help="Clean up the DBMS from sqlmap specific UDF and tables")
|
||||
|
||||
general.add_argument("--crawl", dest="crawlDepth", type=int,
|
||||
help="Crawl the website starting from the target URL")
|
||||
|
||||
|
@ -624,6 +636,9 @@ def cmdLineParser(argv=None):
|
|||
general.add_argument("--fresh-queries", dest="freshQueries", action="store_true",
|
||||
help="Ignore query results stored in session file")
|
||||
|
||||
general.add_argument("--gpage", dest="googlePage", type=int,
|
||||
help="Use Google dork results from specified page number")
|
||||
|
||||
general.add_argument("--har", dest="harFile",
|
||||
help="Log all HTTP traffic into a HAR file")
|
||||
|
||||
|
@ -648,17 +663,20 @@ def cmdLineParser(argv=None):
|
|||
general.add_argument("--scope", dest="scope",
|
||||
help="Regexp to filter targets from provided proxy log")
|
||||
|
||||
general.add_argument("--skip-waf", dest="skipWaf", action="store_true",
|
||||
help="Skip heuristic detection of WAF/IPS protection")
|
||||
|
||||
general.add_argument("--test-filter", dest="testFilter",
|
||||
help="Select tests by payloads and/or titles (e.g. ROW)")
|
||||
|
||||
general.add_argument("--test-skip", dest="testSkip",
|
||||
help="Skip tests by payloads and/or titles (e.g. BENCHMARK)")
|
||||
|
||||
general.add_argument("--update", dest="updateAll", action="store_true",
|
||||
help="Update sqlmap")
|
||||
general.add_argument("--web-root", dest="webRoot",
|
||||
help="Web server document root directory (e.g. \"/var/www\")")
|
||||
|
||||
# Miscellaneous options
|
||||
miscellaneous = parser.add_argument_group("Miscellaneous")
|
||||
miscellaneous = parser.add_argument_group("Miscellaneous", "These options do not fit into any other category")
|
||||
|
||||
miscellaneous.add_argument("-z", dest="mnemonics",
|
||||
help="Use short mnemonics (e.g. \"flu,bat,ban,tec=EU\")")
|
||||
|
@ -666,50 +684,32 @@ def cmdLineParser(argv=None):
|
|||
miscellaneous.add_argument("--alert", dest="alert",
|
||||
help="Run host OS command(s) when SQL injection is found")
|
||||
|
||||
miscellaneous.add_argument("--answers", dest="answers",
|
||||
help="Set predefined answers (e.g. \"quit=N,follow=N\")")
|
||||
|
||||
miscellaneous.add_argument("--beep", dest="beep", action="store_true",
|
||||
help="Beep on question and/or when SQL injection is found")
|
||||
|
||||
miscellaneous.add_argument("--cleanup", dest="cleanup", action="store_true",
|
||||
help="Clean up the DBMS from sqlmap specific UDF and tables")
|
||||
|
||||
miscellaneous.add_argument("--dependencies", dest="dependencies", action="store_true",
|
||||
help="Check for missing (optional) sqlmap dependencies")
|
||||
|
||||
miscellaneous.add_argument("--disable-coloring", dest="disableColoring", action="store_true",
|
||||
help="Disable console output coloring")
|
||||
|
||||
miscellaneous.add_argument("--gpage", dest="googlePage", type=int,
|
||||
help="Use Google dork results from specified page number")
|
||||
|
||||
miscellaneous.add_argument("--list-tampers", dest="listTampers", action="store_true",
|
||||
help="Display list of available tamper scripts")
|
||||
|
||||
miscellaneous.add_argument("--mobile", dest="mobile", action="store_true",
|
||||
help="Imitate smartphone through HTTP User-Agent header")
|
||||
|
||||
miscellaneous.add_argument("--offline", dest="offline", action="store_true",
|
||||
help="Work in offline mode (only use session data)")
|
||||
|
||||
miscellaneous.add_argument("--purge", dest="purge", action="store_true",
|
||||
help="Safely remove all content from sqlmap data directory")
|
||||
|
||||
miscellaneous.add_argument("--skip-waf", dest="skipWaf", action="store_true",
|
||||
help="Skip heuristic detection of WAF/IPS protection")
|
||||
|
||||
miscellaneous.add_argument("--smart", dest="smart", action="store_true",
|
||||
help="Conduct thorough tests only if positive heuristic(s)")
|
||||
|
||||
miscellaneous.add_argument("--sqlmap-shell", dest="sqlmapShell", action="store_true",
|
||||
help="Prompt for an interactive sqlmap shell")
|
||||
|
||||
miscellaneous.add_argument("--tmp-dir", dest="tmpDir",
|
||||
help="Local directory for storing temporary files")
|
||||
|
||||
miscellaneous.add_argument("--web-root", dest="webRoot",
|
||||
help="Web server document root directory (e.g. \"/var/www\")")
|
||||
miscellaneous.add_argument("--update", dest="updateAll", action="store_true",
|
||||
help="Update sqlmap")
|
||||
|
||||
miscellaneous.add_argument("--wizard", dest="wizard", action="store_true",
|
||||
help="Simple wizard interface for beginner users")
|
||||
|
|
60
sqlmap.conf
60
sqlmap.conf
|
@ -67,6 +67,10 @@ dropSetCookie = False
|
|||
# sqlmap will also test for SQL injection on the HTTP User-Agent value.
|
||||
agent =
|
||||
|
||||
# Imitate smartphone through HTTP User-Agent header.
|
||||
# Valid: True or False
|
||||
mobile = False
|
||||
|
||||
# Use randomly selected HTTP User-Agent header value.
|
||||
# Valid: True or False
|
||||
randomAgent = False
|
||||
|
@ -343,6 +347,10 @@ regexp =
|
|||
# code)
|
||||
# code =
|
||||
|
||||
# Conduct thorough tests only if positive heuristic(s).
|
||||
# Valid: True or False
|
||||
smart = False
|
||||
|
||||
# Compare pages based only on the textual content.
|
||||
# Valid: True or False
|
||||
textOnly = False
|
||||
|
@ -683,6 +691,9 @@ sessionFile =
|
|||
# Log all HTTP traffic into a textual file.
|
||||
trafficFile =
|
||||
|
||||
# Set predefined answers (e.g. "quit=N,follow=N").
|
||||
answers =
|
||||
|
||||
# Never ask for user input, use the default behaviour.
|
||||
# Valid: True or False
|
||||
batch = False
|
||||
|
@ -693,6 +704,10 @@ binaryFields =
|
|||
# Check Internet connection before assessing the target.
|
||||
checkInternet = False
|
||||
|
||||
# Clean up the DBMS from sqlmap specific UDF and tables.
|
||||
# Valid: True or False
|
||||
cleanup = False
|
||||
|
||||
# Crawl the website starting from the target URL.
|
||||
# Valid: integer
|
||||
# Default: 0
|
||||
|
@ -729,6 +744,11 @@ forms = False
|
|||
# Valid: True or False
|
||||
freshQueries = False
|
||||
|
||||
# Use Google dork results from specified page number.
|
||||
# Valid: integer
|
||||
# Default: 1
|
||||
googlePage = 1
|
||||
|
||||
# Use hex conversion during data retrieval.
|
||||
# Valid: True or False
|
||||
hexConvert = False
|
||||
|
@ -752,15 +772,18 @@ repair = False
|
|||
# Example: (google|yahoo)
|
||||
scope =
|
||||
|
||||
# Skip heuristic detection of WAF/IPS protection.
|
||||
# Valid: True or False
|
||||
skipWaf = False
|
||||
|
||||
# Select tests by payloads and/or titles (e.g. ROW)
|
||||
testFilter =
|
||||
|
||||
# Skip tests by payloads and/or titles (e.g. BENCHMARK)
|
||||
testSkip =
|
||||
|
||||
# Update sqlmap.
|
||||
# Valid: True or False
|
||||
updateAll = False
|
||||
# Web server document root directory (e.g. "/var/www").
|
||||
webRoot =
|
||||
|
||||
|
||||
[Miscellaneous]
|
||||
|
@ -768,9 +791,6 @@ updateAll = False
|
|||
# Run host OS command(s) when SQL injection is found.
|
||||
alert =
|
||||
|
||||
# Set predefined answers (e.g. "quit=N,follow=N").
|
||||
answers =
|
||||
|
||||
# Beep on question and/or when SQL injection is found.
|
||||
# Valid: True or False
|
||||
beep = False
|
||||
|
@ -779,10 +799,6 @@ beep = False
|
|||
# Valid: True or False
|
||||
checkPayload = False
|
||||
|
||||
# Clean up the DBMS from sqlmap specific UDF and tables.
|
||||
# Valid: True or False
|
||||
cleanup = False
|
||||
|
||||
# Check for missing (optional) sqlmap dependencies.
|
||||
# Valid: True or False
|
||||
dependencies = False
|
||||
|
@ -791,41 +807,25 @@ dependencies = False
|
|||
# Valid: True or False
|
||||
disableColoring = False
|
||||
|
||||
# Use Google dork results from specified page number.
|
||||
# Valid: integer
|
||||
# Default: 1
|
||||
googlePage = 1
|
||||
|
||||
# Display list of available tamper scripts
|
||||
# Valid: True or False
|
||||
listTampers = False
|
||||
|
||||
# Imitate smartphone through HTTP User-Agent header.
|
||||
# Valid: True or False
|
||||
mobile = False
|
||||
|
||||
# Work in offline mode (only use session data)
|
||||
# Valid: True or False
|
||||
offline = False
|
||||
|
||||
# Skip heuristic detection of WAF/IPS protection.
|
||||
# Valid: True or False
|
||||
skipWaf = False
|
||||
|
||||
# Conduct thorough tests only if positive heuristic(s).
|
||||
# Valid: True or False
|
||||
smart = False
|
||||
|
||||
# Local directory for storing temporary files.
|
||||
tmpDir =
|
||||
|
||||
# Web server document root directory (e.g. "/var/www").
|
||||
webRoot =
|
||||
|
||||
# Simple wizard interface for beginner users.
|
||||
# Valid: True or False
|
||||
wizard = False
|
||||
|
||||
# Update sqlmap.
|
||||
# Valid: True or False
|
||||
updateAll = False
|
||||
|
||||
# Verbosity level.
|
||||
# Valid: integer between 0 and 6
|
||||
# 0: Show only error and critical messages
|
||||
|
|
Loading…
Reference in New Issue
Block a user