mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2026-01-12 03:31:12 +03:00
5.4 KiB
5.4 KiB
SQLMap CLI - Examples
Installation
# Install dependencies
pip install -r requirements.txt
Basic Usage
1. Quick Scan (Default: Level 1, Risk 1)
Test a single URL with minimal risk:
python sqlmapcli.py -u "http://example.com/page?id=1"
2. Comprehensive Scan
Test all combinations of risk (1-3) and levels (1-5) automatically:
python sqlmapcli.py -u "http://example.com/page?id=1" --comprehensive
This runs 15 tests total (5 levels × 3 risks) and provides a complete vulnerability assessment.
3. Custom Level and Risk
Run a specific test configuration:
# Medium level, medium risk
python sqlmapcli.py -u "http://example.com/page?id=1" --level 3 --risk 2
# High level, high risk
python sqlmapcli.py -u "http://example.com/page?id=1" --level 5 --risk 3
4. Interactive Mode
Get guided prompts for easy testing:
python sqlmapcli.py --interactive
This will ask you:
- Target URL
- Scan type (quick or comprehensive)
- Custom level and risk settings
5. Custom Comprehensive Scan
Limit the comprehensive scan to specific max values:
# Test only up to level 3 and risk 2
python sqlmapcli.py -u "http://example.com/page?id=1" --comprehensive --max-level 3 --max-risk 2
Understanding Levels and Risks
Levels (1-5)
- Level 1: Default, tests GET and POST parameters
- Level 2: Adds HTTP Cookie header testing
- Level 3: Adds HTTP User-Agent/Referer headers testing
- Level 4: Deeper tests with more payloads
- Level 5: Maximum depth, most comprehensive
Risks (1-3)
- Risk 1: Safe for all databases, minimal intrusion
- Risk 2: May include time-based tests (slight delay)
- Risk 3: Aggressive tests (may cause OR attacks on UPDATE/INSERT)
Output Examples
Successful Scan (No Vulnerabilities)
╔════════════════════════════════════════════════════ Scan Summary ════════════════════════════════════════════════════╗
║ Target: http://example.com/page?id=1 ║
║ Total Tests: 1 ║
║ Duration: 12.45 seconds ║
║ Vulnerabilities Found: 0 ║
╚══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════╝
✓ No SQL injection vulnerabilities detected.
Vulnerable Target Found
⚠️ Vulnerabilities Detected
┏━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Parameter ┃ Type ┃ Title ┃
┣━━━━━━━━━━━╋━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫
┃ id ┃ boolean-based blind ┃ AND boolean-based blind - WHERE or HAVING clause ┃
┃ id ┃ time-based blind ┃ MySQL >= 5.0.12 AND time-based blind (query SLEEP) ┃
┗━━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
⚠️ SQL injection vulnerabilities detected! Take immediate action.
Features Showcase
✨ Beautiful UI with Rich
- Colored output for easy reading
- Progress bars showing scan status
- Tables for organized results
- Panels for important information
⚡ One-Line Testing
- Run all risk/level combinations with
--comprehensive - No need to manually iterate through tests
- Automatic result aggregation
📊 Clear Summaries
- See exactly what was tested
- Color-coded findings (red = vulnerable, green = safe)
- Detailed vulnerability tables
- Duration tracking
🎯 User-Friendly
- Interactive mode for beginners
- Flexible command-line options for experts
- Clear help messages
Tips
- Start with quick scan: Always start with a quick scan to see if the target is vulnerable
- Use comprehensive for thorough testing: If vulnerabilities are found, use comprehensive mode
- Adjust timeout if needed: Some tests may take longer on slow networks
- Legal use only: Only test targets you have explicit permission to test
Demo
To see a demonstration of the UI without running actual tests:
python demo.py
This shows example output with simulated results.