Updated Usage (markdown)

2025-07-04 20:03:10 +03:00 · 2012-10-27 10:25:38 -07:00 · 2012-10-27 10:25:38 -07:00 · b02206cb22
commit b02206cb22
parent a159c36d5a
1 changed files with 192 additions and 189 deletions
--- a/Usage.md
+++ b/Usage.md
@ -1,8 +1,8 @@
 # Usage

-    Usage: python sqlmap.py [options]
+Usage: python sqlmap.py [options]

-    Options:
+Options:
  -h, --help            Show basic help message and exit
  -hh                   Show advanced help message and exit
  -v VERBOSE            Verbosity level: 0-6 (default 1)
@ -25,8 +25,7 @@
    --data=DATA         Data string to be sent through POST
    --param-del=PDEL    Character used for splitting parameter values
    --cookie=COOKIE     HTTP Cookie header
-        --load-cookies=LOC  File containing cookies in Netscape/wget format
-        --cookie-urlencode  URL Encode generated cookie injections
+    --load-cookies=L..  File containing cookies in Netscape/wget format
    --drop-set-cookie   Ignore Set-Cookie header from response
    --user-agent=AGENT  HTTP User-Agent header
    --random-agent      Use randomly selected HTTP User-Agent header
@ -83,6 +82,7 @@
    --level=LEVEL       Level of tests to perform (1-5, default 1)
    --risk=RISK         Risk of tests to perform (0-3, default 1)
    --string=STRING     String to match when query is evaluated to True
+    --not-string=NOT..  String to match when query is evaluated to False
    --regexp=REGEXP     Regexp to match when query is evaluated to True
    --code=CODE         HTTP code to match when query is evaluated to True
    --text-only         Compare pages based only on the textual content
@ -96,7 +96,8 @@
    --time-sec=TIMESEC  Seconds to delay the DBMS response (default 5)
    --union-cols=UCOLS  Range of columns to test for UNION query SQL injection
    --union-char=UCHAR  Character to use for bruteforcing number of columns
-        --dns-domain=DNAME  Domain name used for DNS exfiltration attack
+    --dns-domain=DNS..  Domain name used for DNS exfiltration attack
+    --second-order=S..  Resulting page url searched for second-order response

  Fingerprint:
    -f, --fingerprint   Perform an extensive DBMS version fingerprint
@ -106,6 +107,7 @@
    management system information, structure and data contained in the
    tables. Moreover you can run your own SQL statements

+    -a, --all           Retrieve everything
    -b, --banner        Retrieve DBMS banner
    --current-user      Retrieve DBMS current user
    --current-db        Retrieve DBMS current database
@ -190,7 +192,7 @@
    --check-tor         Check to see if Tor is used properly
    --crawl=CRAWLDEPTH  Crawl the website starting from the target url
    --csv-del=CSVDEL    Delimiting character used in CSV output (default ",")
-        --dbms-cred=DCRED   DBMS authentication credentials (user:password)
+    --dbms-cred=DBMS..  DBMS authentication credentials (user:password)
    --eta               Display for each output the estimated time of arrival
    --flush-session     Flush session files for current target
    --forms             Parse and test forms on target url
@ -211,12 +213,13 @@
    --check-waf         Check for existence of WAF/IPS/IDS protection
    --cleanup           Clean up the DBMS by sqlmap specific UDF and tables
    --dependencies      Check for missing sqlmap dependencies
+    --disable-coloring  Disable console output coloring
    --gpage=GOOGLEPAGE  Use Google dork results from specified page number
    --mobile            Imitate smartphone through HTTP User-Agent header
    --page-rank         Display page rank (PR) for Google dork results
    --purge-output      Safely remove all content from output directory
    --smart             Conduct through tests only if positive heuristic(s)
-        --test-filter=TSTF  Select tests by payloads and/or titles (e.g. ROW)
+    --test-filter=TE..  Select tests by payloads and/or titles (e.g. ROW)
    --wizard            Simple wizard interface for beginner users

 ## Output verbosity