# SQLMap CLI - Examples ## Installation ```bash # Install dependencies pip install -r requirements.txt ``` ## Basic Usage ### 1. Quick Scan (Default: Level 1, Risk 1) Test a single URL with minimal risk: ```bash python sqlmapcli.py -u "http://example.com/page?id=1" ``` ### 2. Comprehensive Scan Test all combinations of risk (1-3) and levels (1-5) automatically: ```bash python sqlmapcli.py -u "http://example.com/page?id=1" --comprehensive ``` This runs **15 tests total** (5 levels × 3 risks) and provides a complete vulnerability assessment. ### 3. Custom Level and Risk Run a specific test configuration: ```bash # Medium level, medium risk python sqlmapcli.py -u "http://example.com/page?id=1" --level 3 --risk 2 # High level, high risk python sqlmapcli.py -u "http://example.com/page?id=1" --level 5 --risk 3 ``` ### 4. Interactive Mode Get guided prompts for easy testing: ```bash python sqlmapcli.py --interactive ``` This will ask you: - Target URL - Scan type (quick or comprehensive) - Custom level and risk settings ### 5. Custom Comprehensive Scan Limit the comprehensive scan to specific max values: ```bash # Test only up to level 3 and risk 2 python sqlmapcli.py -u "http://example.com/page?id=1" --comprehensive --max-level 3 --max-risk 2 ``` ## Understanding Levels and Risks ### Levels (1-5) - **Level 1**: Default, tests GET and POST parameters - **Level 2**: Adds HTTP Cookie header testing - **Level 3**: Adds HTTP User-Agent/Referer headers testing - **Level 4**: Deeper tests with more payloads - **Level 5**: Maximum depth, most comprehensive ### Risks (1-3) - **Risk 1**: Safe for all databases, minimal intrusion - **Risk 2**: May include time-based tests (slight delay) - **Risk 3**: Aggressive tests (may cause OR attacks on UPDATE/INSERT) ## Output Examples ### Successful Scan (No Vulnerabilities) ``` ╔════════════════════════════════════════════════════ Scan Summary ════════════════════════════════════════════════════╗ ║ Target: http://example.com/page?id=1 ║ ║ Total Tests: 1 ║ ║ Duration: 12.45 seconds ║ ║ Vulnerabilities Found: 0 ║ ╚══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════╝ ✓ No SQL injection vulnerabilities detected. ``` ### Vulnerable Target Found ``` ⚠️ Vulnerabilities Detected ┏━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Parameter ┃ Type ┃ Title ┃ ┣━━━━━━━━━━━╋━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫ ┃ id ┃ boolean-based blind ┃ AND boolean-based blind - WHERE or HAVING clause ┃ ┃ id ┃ time-based blind ┃ MySQL >= 5.0.12 AND time-based blind (query SLEEP) ┃ ┗━━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛ ⚠️ SQL injection vulnerabilities detected! Take immediate action. ``` ## Features Showcase ✨ **Beautiful UI with Rich** - Colored output for easy reading - Progress bars showing scan status - Tables for organized results - Panels for important information ⚡ **One-Line Testing** - Run all risk/level combinations with `--comprehensive` - No need to manually iterate through tests - Automatic result aggregation 📊 **Clear Summaries** - See exactly what was tested - Color-coded findings (red = vulnerable, green = safe) - Detailed vulnerability tables - Duration tracking 🎯 **User-Friendly** - Interactive mode for beginners - Flexible command-line options for experts - Clear help messages ## Tips 1. **Start with quick scan**: Always start with a quick scan to see if the target is vulnerable 2. **Use comprehensive for thorough testing**: If vulnerabilities are found, use comprehensive mode 3. **Adjust timeout if needed**: Some tests may take longer on slow networks 4. **Legal use only**: Only test targets you have explicit permission to test ## Demo To see a demonstration of the UI without running actual tests: ```bash python demo.py ``` This shows example output with simulated results.