sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-04-25 11:23:44 +03:00
Code Issues Packages Projects Releases Wiki Activity

Minor update

stamparm 2013-04-30 13:58:37 +02:00
parent d0f3caa466
commit 465c7ffe9c
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Usage.md

@ -47,6 +47,7 @@
--safe-url=SAFURL URL address to visit frequently during testing --safe-url=SAFURL URL address to visit frequently during testing
--safe-freq=SAFREQ Test requests between two visits to a given safe URL --safe-freq=SAFREQ Test requests between two visits to a given safe URL
--skip-urlencode Skip URL encoding of payload data --skip-urlencode Skip URL encoding of payload data
--force-ssl Force usage of SSL/HTTPS
--eval=EVALCODE Evaluate provided Python code before the request (e.g. --eval=EVALCODE Evaluate provided Python code before the request (e.g.
"import hashlib;id2=hashlib.md5(id).hexdigest()") "import hashlib;id2=hashlib.md5(id).hexdigest()")
@ -198,7 +199,6 @@
--dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE) --dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE)
--eta Display for each output the estimated time of arrival --eta Display for each output the estimated time of arrival
--flush-session Flush session files for current target --flush-session Flush session files for current target
--force-ssl Force usage of SSL/HTTPS requests
--forms Parse and test forms on target URL --forms Parse and test forms on target URL
--fresh-queries Ignore query results stored in session file --fresh-queries Ignore query results stored in session file
--hex Use DBMS hex function(s) for data retrieval --hex Use DBMS hex function(s) for data retrieval
@ -526,6 +526,12 @@ Switch: `--skip-urlencode`
Depending on parameter placement (e.g. GET) its value could be URL encoded by default. In some cases, back-end web servers do not follow RFC standards and require values to be send in their raw non-encoded form. Use `--skip-urlencode` in those kind of cases. Depending on parameter placement (e.g. GET) its value could be URL encoded by default. In some cases, back-end web servers do not follow RFC standards and require values to be send in their raw non-encoded form. Use `--skip-urlencode` in those kind of cases.
### Force usage of SSL/HTTPS
Switch: `--force-ssl`
In case that user wants to force usage of SSL/HTTPS requests toward the target, he can use this switch. This can be useful in cases when urls are being collected by using option `--crawl` or when Burp log is being provided with option `-l`.
### Evaluate custom python code during each request ### Evaluate custom python code during each request
Option: `--eval` Option: `--eval`
@ -1687,12 +1693,6 @@ Option: `--flush-session`
As you are already familiar with the concept of a session file from the description above, it is good to know that you can flush the content of that file using option `--flush-session`. This way you can avoid the caching mechanisms implemented by default in sqlmap. Other possible way is to manually remove the session file(s). As you are already familiar with the concept of a session file from the description above, it is good to know that you can flush the content of that file using option `--flush-session`. This way you can avoid the caching mechanisms implemented by default in sqlmap. Other possible way is to manually remove the session file(s).
### Force usage of SSL/HTTPS requests
Switch: `--force-ssl`
In case that user wants to force usage of SSL/HTTPS requests toward the target, he can use this switch. This can be useful in cases when urls are being collected by using option `--crawl` or when Burp log is being provided with option `-l`.
### Parse and test forms' input fields ### Parse and test forms' input fields
Switch: `--forms` Switch: `--forms`