From d2a55488894558d2187540c3d473ebfee22f40a3 Mon Sep 17 00:00:00 2001 From: stamparm Date: Tue, 30 Apr 2013 14:32:11 +0200 Subject: [PATCH] Some more reordering --- lib/core/optiondict.py | 6 +++--- lib/parse/cmdline.py | 20 ++++++++++---------- sqlmap.conf | 24 ++++++++++++------------ 3 files changed, 25 insertions(+), 25 deletions(-) diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index f393f429d..8189cb577 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -46,11 +46,11 @@ optDict = { "timeout": "float", "retries": "integer", "rParam": "string", - "scope": "string", "safUrl": "string", "saFreq": "integer", "skipUrlEncode": "boolean", "forceSSL": "boolean", + "hpp": "boolean", "evalCode": "string", }, @@ -189,6 +189,8 @@ optDict = { "parseErrors": "boolean", "pivotColumn": "string", "saveCmdline": "boolean", + "scope": "string", + "testFilter": "string", "updateAll": "boolean", }, @@ -202,12 +204,10 @@ optDict = { "dependencies": "boolean", "disableColoring": "boolean", "googlePage": "integer", - "hpp": "boolean", "mobile": "boolean", "pageRank": "boolean", "purgeOutput": "boolean", "smart": "boolean", - "testFilter": "string", "wizard": "boolean", "verbose": "integer", }, diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index 0c2aa4151..8e8902dc8 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -155,9 +155,6 @@ def cmdLineParser(): request.add_option("--randomize", dest="rParam", help="Randomly change value for given parameter(s)") - request.add_option("--scope", dest="scope", - help="Regexp to filter targets from provided proxy log") - request.add_option("--safe-url", dest="safUrl", help="URL address to visit frequently during testing") @@ -172,6 +169,10 @@ def cmdLineParser(): action="store_true", help="Force usage of SSL/HTTPS") + request.add_option("--hpp", dest="hpp", + action="store_true", + help="Use HTTP parameter pollution") + request.add_option("--eval", dest="evalCode", help="Evaluate provided Python code before the request (e.g. \"import hashlib;id2=hashlib.md5(id).hexdigest()\")") @@ -601,6 +602,12 @@ def cmdLineParser(): action="store_true", help="Save options to a configuration INI file") + general.add_option("--scope", dest="scope", + help="Regexp to filter targets from provided proxy log") + + general.add_option("--test-filter", dest="testFilter", + help="Select tests by payloads and/or titles (e.g. ROW)") + general.add_option("--update", dest="updateAll", action="store_true", help="Update sqlmap") @@ -640,10 +647,6 @@ def cmdLineParser(): miscellaneous.add_option("--gpage", dest="googlePage", type="int", help="Use Google dork results from specified page number") - miscellaneous.add_option("--hpp", dest="hpp", - action="store_true", - help="Use HTTP parameter pollution") - miscellaneous.add_option("--identify-waf", dest="identifyWaf", action="store_true", help="Make a through testing for a WAF/IPS/IDS protection") @@ -664,9 +667,6 @@ def cmdLineParser(): action="store_true", help="Conduct through tests only if positive heuristic(s)") - miscellaneous.add_option("--test-filter", dest="testFilter", - help="Select tests by payloads and/or titles (e.g. ROW)") - miscellaneous.add_option("--wizard", dest="wizard", action="store_true", help="Simple wizard interface for beginner users") diff --git a/sqlmap.conf b/sqlmap.conf index 259a834f4..9be769567 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -132,11 +132,6 @@ retries = 3 # Randomly change value for the given parameter. rParam = -# Regular expression for filtering targets from provided Burp. -# or WebScarab proxy log. -# Example: (google|yahoo) -scope = - # URL address to visit frequently during testing. # Example: http://192.168.1.121/index.html safUrl = @@ -154,6 +149,10 @@ skipUrlEncode = False # Valid: True or False forceSSL = False +# Use HTTP parameter pollution. +# Valid: True or False +hpp = False + # Evaluate provided Python code before the request. # Example: import hashlib;id2=hashlib.md5(id).hexdigest() evalCode = @@ -651,6 +650,14 @@ parseErrors = False # Pivot column name. pivotColumn = +# Regular expression for filtering targets from provided Burp. +# or WebScarab proxy log. +# Example: (google|yahoo) +scope = + +# Select tests by payloads and/or titles (e.g. ROW) +testFilter = + # Update sqlmap. # Valid: True or False updateAll = False @@ -696,10 +703,6 @@ disableColoring = False # Default: 1 googlePage = 1 -# Use HTTP parameter pollution. -# Valid: True or False -hpp = False - # Make a through testing for a WAF/IPS/IDS protection. # Valid: True or False identifyWaf = False @@ -716,9 +719,6 @@ pageRank = False # Valid: True or False smart = False -# Select tests by payloads and/or titles (e.g. ROW) -testFilter = - # Simple wizard interface for beginner users. # Valid: True or False wizard = False