sqlmap

Detect and exploit SQL injection flaws. More information: https://sqlmap.org. Run…

sqlmap

Detect and exploit SQL injection flaws. More information: https://sqlmap.org.

Run sqlmap against a single target URL:

python sqlmap.py -u "{{http://www.target.com/vuln.php?id=1}}"

Send data in a POST request (--data implies POST request):

python sqlmap.py -u "{{http://www.target.com/vuln.php}}" --data="{{id=1}}"

Change the parameter delimiter (& is the default):

python sqlmap.py -u "{{http://www.target.com/vuln.php}}" --data="{{query=foobar;id=1}}" --param-del="{{;}}"

Select a random User-Agent from ./txt/user-agents.txt and use it:

python sqlmap.py -u "{{http://www.target.com/vuln.php}}" --random-agent

Provide user credentials for HTTP protocol authentication:

python sqlmap.py -u "{{http://www.target.com/vuln.php}}" --auth-type {{Basic}} --auth-cred "{{testuser:testpass}}"

Также может быть вам интересно:

Код • Трюки Bash • Настройки • Терминал/Консоль

← sqlite-utils sqsc →