sqlmap/sqlmap.conf

261 lines
6.7 KiB
Plaintext

[Request]
# Target URL.
# Example: http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&cat=2
# PHP and MySQL (local)
url = http://127.0.0.1/sqlmap/mysql/get_int.php?id=1
# PHP and Oracle (local)
#url = http://127.0.0.1/sqlmap/oracle/get_int.php?id=1
# PHP and PostgreSQL (local)
#url = http://127.0.0.1/sqlmap/pgsql/get_int.php?id=1
# PHP and Microsoft SQL Server (remote)
#url = http://127.0.0.1/sqlmap/mssql/get_int.php?id=1
# PHP and MySQL (remote on Windows)
#url = http://127.0.0.1/sqlmap/mysql/win_get_int.php?id=1
# ASP and Microsoft SQL Server (local)
#url = http://192.168.192.10/sqlmap/get_str.asp?name=luther
# ASP and MySQL (local)
#url = http://192.168.192.10/sqlmap/get_int.asp?id=1
# ASP.NET and MySQL (local)
#url = http://192.168.192.10/sqlmap/get_int.aspx?id=1
#url =
# List of targets
list =
# Rather than providing a target url, let Google return target
# hosts as result of your Google dork expression. For a list of Google
# dorks see Johnny Long Google Hacking Database at
# http://johnny.ihackstuff.com/ghdb.php.
# Example: +ext:php +inurl:"&id=" +intext:"powered by "
googleDork =
# Testable parameter(s) comma separated. By default all GET/POST/Cookie
# parameters and HTTP User-Agent are tested by sqlmap.
testParameter =
# HTTP method to perform HTTP requests.
# Valid: GET or POST
# Default: GET
method = GET
# Data string to be sent through POST. It is mandatory only when
# HTTP method is set to POST.
data =
# HTTP Cookie header.
cookie =
# HTTP Referer header. Useful to fake the HTTP Referer header value at
# each HTTP request.
referer =
# HTTP User-Agent header. Useful to fake the HTTP User-Agent header value
# at each HTTP request
# sqlmap will also test for SQL injection on the HTTP User-Agent value.
agent =
# Load a random HTTP User-Agent header from file
# Example: ./txt/user-agents.txt
userAgentsFile =
# HTTP Authentication type. Useful only if the target url requires
# HTTP Basic or Digest authentication and you have such data.
# Valid: Basic or Digest
aType =
# HTTP Authentication credentials. Useful only if the target url requires
# HTTP Basic or Digest authentication and you have such data.
# Syntax: username:password
aCred =
# Use a HTTP proxy to connect to the target url.
# Syntax: http://url:port
proxy =
# Maximum number of concurrent HTTP requests (handled with Python threads)
# to be used in the inference SQL injection attack.
# Valid: integer
# Default: 1
threads = 1
# Delay in seconds between each HTTP request.
# Valid: float
# Default: 0
delay = 0
[Injection]
# String to match in page when the query is valid, only needed if the
# page content dynamically changes at each refresh, consequently changing
# the MD5 of the page which is the method used by default to determine
# if a query was valid or not. Read the documentation for further
# details.
string =
# Force back-end DBMS to this value. If this option is set, the back-end
# DBMS identification process will be minimized as needed.
# If not set, sqlmap will detect back-end DBMS automatically by default.
# Valid: mssql, mysql, oracle, pgsql
dbms =
[Techniques]
# Test for Time based blind SQL injection.
# Valid: True or False
timeTest = False
# Test for UNION SELECT (inband) SQL injection.
# Valid: True or False
unionTest = False
# Use the UNION SELECT (inband) SQL injection to retrieve the queries
# output. No need to go blind.
# Valid: True or False
unionUse = False
[Fingerprint]
# Perform an extensive back-end database management system fingerprint
# based on various techniques.
# Valid: True or False
extensiveFp = False
[Enumeration]
# Retrieve back-end database management system banner.
# Valid: True or False
getBanner = False
# Retrieve back-end database management system current user.
# Valid: True or False
getCurrentUser = False
# Retrieve back-end database management system current database.
# Valid: True or False
getCurrentDb = False
# Enumerate back-end database management system users.
# Valid: True or False
getUsers = False
# Enumerate back-end database management system users password hashes.
# Valid: True or False
getPasswordHashes = False
# Enumerate back-end database management system users privileges.
# Valid: True or False
getPrivileges = False
# Enumerate back-end database management system databases.
# Valid: True or False
getDbs = False
# Enumerate back-end database management system database tables.
# Optional: db
# Valid: True or False
getTables = False
# Enumerate back-end database management system database table columns.
# Requires: db and tbl
# Valid: True or False
getColumns = False
# Dump back-end database management system database table entries.
# Requires: db and tbl
# Optional: col
# Valid: True or False
dumpTable = False
# Dump all back-end database management system databases tables entries.
# Valid: True or False
dumpAll = False
# Back-end database management system database to enumerate.
db =
# Back-end database management system database table to enumerate.
tbl =
# Back-end database management system database table column to enumerate.
col =
# Back-end database management system database user to enumerate.
user =
# Exclude DBMS system databases when enumerating tables.
# Valid: True or False
excludeSysDbs = False
# First table entry to dump (cursor start)
# Valid: integer
# Default: 0 (sqlmap will start to dump the table entries from the first)
limitStart = 0
# Last table entry to dump (cursor stop)
# Valid: integer
# Default: 0 (sqlmap will detect the number of table entries and dump
# until the last)
limitStop = 0
# SQL SELECT query to be executed.
# Example: SELECT 'foo', 'bar'
query =
# Prompt for an interactive SQL shell.
# Valid: True or False
sqlShell = False
[File system]
# Read a specific OS file content (only on MySQL).
# Examples: /etc/passwd or C:\boot.ini
rFile =
# Write to a specific OS file (not yet available).
# Example: /tmp/sqlmap.txt or C:\WINNT\Temp\sqlmap.txt
wFile =
[Takeover]
# Prompt for an interactive OS shell (only on PHP/MySQL environment with a
# writable directory within the web server document root for the moment).
# Valid: True or False
osShell = False
[Miscellaneous]
# Retrieve each query output length and calculate the estimated time of
# arrival in real time.
# Valid: True or False
eta = False
# Verbosity level.
# Valid: integer between 0 and 5
# 0: Silent
# 1: Show info messages
# 2: Show also debug messages
# 3: Show also HTTP requests
# 4: Show also HTTP responses headers
# 5: Show also HTTP responses page content
# Default: 0
verbose = 0
# Update sqlmap to the latest stable version.
# Valid: True or False
updateAll = False
# Save and resume all data retrieved on a session file.
sessionFile =
# Never ask for user input, use the default behaviour.
# Valid: True or False
batch = False