DawnMagnet/tldr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sqlmap: add page (#2412)

Browse Source
This commit is contained in:
Hakan
2018-10-24 08:18:16 +03:00
committed by Owen Voke
parent 26c0f8eefd
commit 72038e7744
1 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
pages/common/sqlmap.md Normal file
View File

@@ -0,0 +1,23 @@
# sqlmap
> Detect and exploit SQL injection flaws.
- Run sqlmap against a single target URL:
`python sqlmap.py -u {{"http://www.target.com/vuln.php?id=1"}}`
- Send data in a POST request (`--data` implies POST request):
`python sqlmap.py -u {{"http://www.target.com/vuln.php" --data={{"id=1"}}`
- Change the parameter delimiter (& is the default):
`python sqlmap.py -u {{"http://www.target.com/vuln.php"}} --data={{"query=foobar;id=1"}} --param-del={{";"}}`
- Select a random `User-Agent` from `./txt/user-agents.txt` and use it:
`python sqlmap.py -u {{"http://www.target.com/vuln.php"}} --random-agent`
- Provide user credentials for HTTP protocol authentication:
`python sqlmap.py -u {{"http://www.target.com/vuln.php"}} --auth-type {{Basic}} --auth-cred {{"testuser:testpass"}}`