Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sqlmap: add page #2412

Merged
merged 3 commits into from
Oct 24, 2018
Merged

sqlmap: add page #2412

merged 3 commits into from
Oct 24, 2018

Conversation

hbostan
Copy link
Contributor

@hbostan hbostan commented Oct 6, 2018

  • The page (if new), does not already exist in the repo.

  • The page (if new), has been added to the correct platform folder:
    common/ if it's common to all platforms, linux/ if it's Linux-specific, and so on.

  • The page has 8 or fewer examples.

  • The PR is appropriately titled:
    <command name>: add page for new pages, or <command name>: <description of changes> for pages being edited.

  • The page follows the contributing guidelines.

@hbostan hbostan mentioned this pull request Oct 6, 2018
Closed
@owenvoke owenvoke added the new command Issues requesting creation of a new page. label Oct 7, 2018
@agnivade
Copy link
Member

agnivade commented Oct 8, 2018

@hbostann - In future, you can update the same PR by pushing a new commit. You don't have to close and create a new PR every time. :)

agnivade
agnivade requested changes Oct 8, 2018
View reviewed changes
pages/common/sqlmap.md Outdated

`python sqlmap.py -u {{"http://www.target.com/vuln.php" --data={{"id=1"}}`

- Change default parameter delimiter (&):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Change the parameter delimiter (& is the default):"

agnivade
agnivade approved these changes Oct 8, 2018
View reviewed changes
Copy link
Member

@agnivade agnivade left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hbostann - I removed the default being mentioned twice. Hope that's okay with you.

@hbostan
Copy link
Contributor Author

hbostan commented Oct 8, 2018

@agnivade That's perfectly fine.

@benboeck
Copy link

benboeck commented Oct 8, 2018
edited
Loading

Hello,

you should definitely include -r as it is the easiest way to get sqlmap to work with all kinds of cookies and auth headers.
Proposal:

  • Use raw HTTP request (such as GET/POST) including cookies, authentication and other headers:

sqlmap -r {{raw_request_file}}

For important use cases I would also add:

  • --dbs ("list databases")
  • -D {{database}} -T {{table}} --dump ("dump contents of specific database table")

For advanced stuff (and as a teaser to read the sqlmap usage page ;) --os-shell might be interesting.

Oh, and the injection marker * is also very important.

@stale
Copy link

stale bot commented Oct 23, 2018

Hi all! This thread has not had any recent activity. Are there any updates? Thanks!

@stale stale bot added the waiting Issues/PRs with Pending response by the author. label Oct 23, 2018
@agnivade
Copy link
Member

ping @sbrl @pxgamer @mfrw

@stale stale bot removed the waiting Issues/PRs with Pending response by the author. label Oct 24, 2018
@owenvoke owenvoke merged commit 72038e7 into tldr-pages:master Oct 24, 2018
@fazlearefin fazlearefin mentioned this pull request Feb 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agnivade agnivade agnivade approved these changes

@owenvoke owenvoke owenvoke approved these changes

Assignees
No one assigned
Labels
new command Issues requesting creation of a new page.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@hbostan @agnivade @benboeck @owenvoke