mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 01:26:42 +03:00
Update of wiki for new option --binary-fields
parent
f17f0f9545
commit
87b7b9c1c3
21
Usage.md
21
Usage.md
|
@ -151,6 +151,7 @@ Options:
|
||||||
-X EXCLUDECOL DBMS database table column(s) to not enumerate
|
-X EXCLUDECOL DBMS database table column(s) to not enumerate
|
||||||
-U USER DBMS user to enumerate
|
-U USER DBMS user to enumerate
|
||||||
--exclude-sysdbs Exclude DBMS system databases when enumerating tables
|
--exclude-sysdbs Exclude DBMS system databases when enumerating tables
|
||||||
|
--pivot-column=P.. Pivot column name
|
||||||
--where=DUMPWHERE Use WHERE condition while table dumping
|
--where=DUMPWHERE Use WHERE condition while table dumping
|
||||||
--start=LIMITSTART First query output entry to retrieve
|
--start=LIMITSTART First query output entry to retrieve
|
||||||
--stop=LIMITSTOP Last query output entry to retrieve
|
--stop=LIMITSTOP Last query output entry to retrieve
|
||||||
|
@ -211,6 +212,7 @@ Options:
|
||||||
-s SESSIONFILE Load session from a stored (.sqlite) file
|
-s SESSIONFILE Load session from a stored (.sqlite) file
|
||||||
-t TRAFFICFILE Log all HTTP traffic into a textual file
|
-t TRAFFICFILE Log all HTTP traffic into a textual file
|
||||||
--batch Never ask for user input, use the default behaviour
|
--batch Never ask for user input, use the default behaviour
|
||||||
|
--binary-fields=.. Result fields having binary values (e.g. "digest")
|
||||||
--charset=CHARSET Force character encoding used for data retrieval
|
--charset=CHARSET Force character encoding used for data retrieval
|
||||||
--crawl=CRAWLDEPTH Crawl the website starting from the target URL
|
--crawl=CRAWLDEPTH Crawl the website starting from the target URL
|
||||||
--crawl-exclude=.. Regexp to exclude pages from crawling (e.g. "logout")
|
--crawl-exclude=.. Regexp to exclude pages from crawling (e.g. "logout")
|
||||||
|
@ -223,7 +225,6 @@ Options:
|
||||||
--hex Use DBMS hex function(s) for data retrieval
|
--hex Use DBMS hex function(s) for data retrieval
|
||||||
--output-dir=OUT.. Custom output directory path
|
--output-dir=OUT.. Custom output directory path
|
||||||
--parse-errors Parse and display DBMS error messages from responses
|
--parse-errors Parse and display DBMS error messages from responses
|
||||||
--pivot-column=P.. Pivot column name
|
|
||||||
--save=SAVECONFIG Save options to a configuration INI file
|
--save=SAVECONFIG Save options to a configuration INI file
|
||||||
--scope=SCOPE Regexp to filter targets from provided proxy log
|
--scope=SCOPE Regexp to filter targets from provided proxy log
|
||||||
--test-filter=TE.. Select tests by payloads and/or titles (e.g. ROW)
|
--test-filter=TE.. Select tests by payloads and/or titles (e.g. ROW)
|
||||||
|
@ -1279,7 +1280,7 @@ Database: testdb
|
||||||
|
|
||||||
### Dump database table entries
|
### Dump database table entries
|
||||||
|
|
||||||
Switch and options: `--dump`, `-C`, `-T`, `-D`, `--start`, `--stop`, `--first`, `--last` and `--where`
|
Switch and options: `--dump`, `-C`, `-T`, `-D`, `--start`, `--stop`, `--first`, `--last`, `--pivot-column` and `--where`
|
||||||
|
|
||||||
When the session user has read access to a specific database's table it is possible to dump the table entries.
|
When the session user has read access to a specific database's table it is possible to dump the table entries.
|
||||||
|
|
||||||
|
@ -1314,6 +1315,8 @@ If you want to dump only a range of entries, then you can provide options `--sta
|
||||||
|
|
||||||
It is also possible to specify which single character or range of characters to dump with options `--first` and `--last`. For instance, if you want to dump columns' entries from the third to the fifth character, provide `--first 3` `--last 5`. This feature only applies to the blind SQL injection techniques because for error-based and UNION query SQL injection techniques the number of requests is exactly the same, regardless of the length of the column's entry output to dump.
|
It is also possible to specify which single character or range of characters to dump with options `--first` and `--last`. For instance, if you want to dump columns' entries from the third to the fifth character, provide `--first 3` `--last 5`. This feature only applies to the blind SQL injection techniques because for error-based and UNION query SQL injection techniques the number of requests is exactly the same, regardless of the length of the column's entry output to dump.
|
||||||
|
|
||||||
|
Sometimes (e.g. for Microsoft SQL Server, Sybase and SAP MaxDB) it is not possible to dump the table rows straightforward by using `OFFSET m, n` mechanism because of lack of similar. In such cases sqlmap dumps the content by determining the most suitable `pivot` column (the one with most unique values) whose values are used later on for retrieval of other column values. If it is necessary to enforce the usage of particular `pivot` column because the automatically chosen one is not suitable (e.g. because of lack of table dump results) you can use option `--pivot-column` (e.g. `--pivot-column=id`).
|
||||||
|
|
||||||
In case that you want to constraint the dump to specific column values (or ranges) you can use option `--where`. Provided logical operation will be automatically used inside the `WHERE` clause. For example, if you use `--where="id>3"` only table rows having value of column `id` greater than 3 will be retrieved (by appending `WHERE id>3` to used dumping queries).
|
In case that you want to constraint the dump to specific column values (or ranges) you can use option `--where`. Provided logical operation will be automatically used inside the `WHERE` clause. For example, if you use `--where="id>3"` only table rows having value of column `id` greater than 3 will be retrieved (by appending `WHERE id>3` to used dumping queries).
|
||||||
|
|
||||||
As you may have noticed by now, sqlmap is **flexible**: you can leave it to automatically dump the whole database table or you can be very precise in which characters to dump, from which columns and which range of entries.
|
As you may have noticed by now, sqlmap is **flexible**: you can leave it to automatically dump the whole database table or you can be very precise in which characters to dump, from which columns and which range of entries.
|
||||||
|
@ -1786,6 +1789,12 @@ Switch: `--batch`
|
||||||
|
|
||||||
If you want sqlmap to run as a batch tool, without any user's interaction when sqlmap requires it, you can force that by using switch `--batch`. This will leave sqlmap to go with a default behaviour whenever user's input would be required.
|
If you want sqlmap to run as a batch tool, without any user's interaction when sqlmap requires it, you can force that by using switch `--batch`. This will leave sqlmap to go with a default behaviour whenever user's input would be required.
|
||||||
|
|
||||||
|
### Mark result fields containing binary values
|
||||||
|
|
||||||
|
Option `--binary-fields`
|
||||||
|
|
||||||
|
In cases of table content retrieval containing column(s) with binary values (e.g. column `password` with binary stored password hash values) it is possible to use option `--binary-fields` for proper handling. All those fields (i.e. table columns) are then retrieved and represented in their hexadecimal representation, so afterwards they could be properly processed with other tools (e.g. `john`).
|
||||||
|
|
||||||
### Force character encoding used for data retrieval
|
### Force character encoding used for data retrieval
|
||||||
|
|
||||||
Option: `--charset`
|
Option: `--charset`
|
||||||
|
@ -1963,14 +1972,6 @@ ers (0x80040E14)
|
||||||
[...]
|
[...]
|
||||||
```
|
```
|
||||||
|
|
||||||
### Pivot column
|
|
||||||
|
|
||||||
Option: `--pivot-column`
|
|
||||||
|
|
||||||
Sometimes (e.g. for Microsoft SQL Server, Sybase and SAP MaxDB) it is not possible to dump the table rows straightforward by using `OFFSET m, n` mechanism because of lack of similar. In such cases sqlmap dumps the content by determining the most suitable `pivot` column (the one with most unique values) whose values are used later on for retrieval of other column values.
|
|
||||||
|
|
||||||
Sometimes it is necessary to enforce the usage of particular `pivot` column (e.g. `--pivot-column=id`) if the automatically chosen one is not suitable (e.g. because of lack of table dump results).
|
|
||||||
|
|
||||||
### Save options in a configuration INI file
|
### Save options in a configuration INI file
|
||||||
|
|
||||||
Option: `--save`
|
Option: `--save`
|
||||||
|
|
Loading…
Reference in New Issue
Block a user