同步操作将从 yeqingchen1/sqlmap 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
# At least one of these options has to be specified to set the source to# get target URLs from.[Target]# Direct connection to the database.# Examples:# mysql://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_NAME# oracle://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_SIDdirect =# Target URL.# Example: http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&cat=2url =# Parse targets from Burp or WebScarab logs# Valid: Burp proxy (http://portswigger.net/suite/) requests log file path# or WebScarab proxy (http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project)# 'conversations/' folder pathlogFile =# Scan multiple targets enlisted in a given textual filebulkFile =# Load HTTP request from a file# Example (file content): POST /login.jsp HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/4.0\n\nuserid=joe&password=guessmerequestFile =# Rather than providing a target URL, let Google return target# hosts as result of your Google dork expression. For a list of Google# dorks see Johnny Long Google Hacking Database at# http://johnny.ihackstuff.com/ghdb.php.# Example: +ext:php +inurl:"&id=" +intext:"powered by "googleDork =# Parse target(s) from remote sitemap(.xml) file.# Example: http://192.168.1.121/sitemap.xmlsitemapUrl =# These options can be used to specify how to connect to the target URL.[Request]# Force usage of given HTTP method (e.g. PUT).method =# Data string to be sent through POST (e.g. "id=1").data =# Character used for splitting parameter values (e.g. &).paramDel =# HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..").cookie =# Character used for splitting cookie values (e.g. ;).cookieDel =# File containing cookies in Netscape/wget format.loadCookies =# Ignore Set-Cookie header from response.# Valid: True or FalsedropSetCookie = False# HTTP User-Agent header value. Useful to fake the HTTP User-Agent header value# at each HTTP request.# sqlmap will also test for SQL injection on the HTTP User-Agent value.agent =# Imitate smartphone through HTTP User-Agent header.# Valid: True or Falsemobile = False# Use randomly selected HTTP User-Agent header value.# Valid: True or FalserandomAgent = False# HTTP Host header value.host =# HTTP Referer header. Useful to fake the HTTP Referer header value at# each HTTP request.referer =# Extra HTTP headersheaders = Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5Accept-Language: en-us,en;q=0.5Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7# HTTP Authentication type. Useful only if the target URL requires# HTTP Basic, Digest or NTLM authentication and you have such data.# Valid: Basic, Digest, NTLM or PKIauthType =# HTTP authentication credentials. Useful only if the target URL requires# HTTP Basic, Digest or NTLM authentication and you have such data.# Syntax: username:passwordauthCred =# HTTP Authentication PEM private/cert key file. Useful only if the target URL requires# PKI authentication and you have such data.# Syntax: key_fileauthFile =# Ignore (problematic) HTTP error code (e.g. 401).# Valid: integerignoreCode =# Ignore system default proxy settings.# Valid: True or FalseignoreProxy = False# Ignore redirection attempts.# Valid: True or FalseignoreRedirects = False# Ignore connection timeouts.# Valid: True or FalseignoreTimeouts = False# Use a proxy to connect to the target URL.# Syntax: (http|https|socks4|socks5)://address:portproxy =# Proxy authentication credentials. Useful only if the proxy requires# Basic or Digest authentication and you have such data.# Syntax: username:passwordproxyCred =# Load proxy list from a fileproxyFile =# Use Tor anonymity network.# Valid: True or Falsetor = False# Set Tor proxy port other than default.# Valid: integer# torPort =# Set Tor proxy type.# Valid: HTTP, SOCKS4, SOCKS5torType = SOCKS5# Check to see if Tor is used properly.# Valid: True or FalsecheckTor = False# Delay in seconds between each HTTP request.# Valid: float# Default: 0delay = 0# Seconds to wait before timeout connection.# Valid: float# Default: 30timeout = 30# Maximum number of retries when the HTTP connection timeouts.# Valid: integer# Default: 3retries = 3# Randomly change value for the given parameter.rParam =# URL address to visit frequently during testing.# Example: http://192.168.1.121/index.htmlsafeUrl =# POST data to send to a safe URL.# Example: username=admin&password=passw0rd!safePost =# Load safe HTTP request from a file.safeReqFile =# Test requests between two visits to a given safe URL (default 0).# Valid: integer# Default: 0safeFreq = 0# Skip URL encoding of payload data# Valid: True or FalseskipUrlEncode = False# Parameter used to hold anti-CSRF tokencsrfToken =# URL address to visit to extract anti-CSRF tokencsrfUrl =# Force usage of SSL/HTTPS# Valid: True or FalseforceSSL = False# Use HTTP chunked transfer encoded requests.# Valid: True or Falsechunked = False# Use HTTP parameter pollution.# Valid: True or Falsehpp = False# Evaluate provided Python code before the request.# Example: import hashlib;id2=hashlib.md5(id).hexdigest()evalCode =# These options can be used to optimize the performance of sqlmap.[Optimization]# Use all optimization options.# Valid: True or Falseoptimize = False# Predict common queries output.# Valid: True or FalsepredictOutput = False# Use persistent HTTP(s) connections.keepAlive = False# Retrieve page length without actual HTTP response body.# Valid: True or FalsenullConnection = False# Maximum number of concurrent HTTP(s) requests (handled with Python threads)# to be used in the inference SQL injection attack.# Valid: integer# Default: 1threads = 1# These options can be used to specify which parameters to test for,# provide custom injection payloads and optional tampering scripts.[Injection]# Testable parameter(s) comma separated. By default all GET/POST/Cookie# parameters and HTTP User-Agent are tested by sqlmap.testParameter =# Skip testing for given parameter(s).skip =# Skip testing parameters that not appear to be dynamic.# Valid: True or FalseskipStatic = False# Regexp to exclude parameters from testing (e.g. "ses").paramExclude =# Select testable parameter(s) by place (e.g. "POST").paramFilter =# Force back-end DBMS to provided value. If this option is set, the back-end# DBMS identification process will be minimized as needed.# If not set, sqlmap will detect back-end DBMS automatically by default.# Valid: mssql, mysql, mysql 4, mysql 5, oracle, pgsql, sqlite, sqlite3,# access, firebird, maxdb, sybasedbms =# DBMS authentication credentials (user:password). Useful if you want to# run SQL statements as another user, the back-end database management# system is PostgreSQL or Microsoft SQL Server and the parameter is# vulnerable by stacked queries SQL injection or you are connecting directly# to the DBMS (-d switch).# Syntax: username:passworddbmsCred =# Force back-end DBMS operating system to provided value. If this option is# set, the back-end DBMS identification process will be minimized as# needed.# If not set, sqlmap will detect back-end DBMS operating system# automatically by default.# Valid: linux, windowsos =# Use big numbers for invalidating values.# Valid: True or FalseinvalidBignum = False# Use logical operations for invalidating values.# Valid: True or FalseinvalidLogical = False# Use random strings for invalidating values.# Valid: True or FalseinvalidString = False# Turn off payload casting mechanism# Valid: True or FalsenoCast = False# Turn off string escaping mechanism# Valid: True or FalsenoEscape = False# Injection payload prefix string.prefix =# Injection payload suffix string.suffix =# Use given script(s) for tampering injection data.tamper =# These options can be used to specify how to parse and compare page# content from HTTP responses when using blind SQL injection technique.[Detection]# Level of tests to perform.# The higher the value is, the higher the number of HTTP(s) requests are# as well as the better chances to detect a tricky SQL injection.# Valid: Integer between 1 and 5# Default: 1level = 1# Risk of tests to perform.# Note: boolean-based blind SQL injection tests with AND are considered# risk 1, with OR are considered risk 3.# Valid: Integer between 1 and 3# Default: 1risk = 1# String to match within the raw response when the query is evaluated to# True, only needed if the page content dynamically changes at each refresh.# Refer to the user's manual for further details.string =# String to match within the raw response when the query is evaluated to# False, only needed if the page content dynamically changes at each refresh.# Refer to the user's manual for further details.notString =# Regular expression to match within the raw response when the query is# evaluated to True, only needed if the needed if the page content# dynamically changes at each refresh.# Refer to the user's manual for further details.# Valid: regular expression with Python syntax# (http://www.python.org/doc/2.5.2/lib/re-syntax.html)regexp =# HTTP response code to match when the query is True.# Valid: Integer# Example: 200 (assuming any False statement returns a different response# code)# code =# Conduct thorough tests only if positive heuristic(s).# Valid: True or Falsesmart = False# Compare pages based only on the textual content.# Valid: True or FalsetextOnly = False# Compare pages based only on their titles.# Valid: True or Falsetitles = False# These options can be used to tweak testing of specific SQL injection# techniques.[Techniques]# SQL injection techniques to use.# Valid: a string composed by B, E, U, S, T and Q where:# B: Boolean-based blind SQL injection# E: Error-based SQL injection# U: UNION query SQL injection# S: Stacked queries SQL injection# T: Time-based blind SQL injection# Q: Inline SQL injection# Example: ES (means test for error-based and stacked queries SQL# injection types only)# Default: BEUSTQ (means test for all SQL injection types - recommended)technique = BEUSTQ# Seconds to delay the response from the DBMS.# Valid: integer# Default: 5timeSec = 5# Range of columns to test for.# Valid: range of integers# Example: 1-10uCols =# Character to use for bruteforcing number of columns.# Valid: string# Example: NULLuChar =# Table to use in FROM part of UNION query SQL injection.# Valid: string# Example: INFORMATION_SCHEMA.COLLATIONSuFrom =# Domain name used for DNS exfiltration attack.# Valid: stringdnsDomain =# Resulting page URL searched for second-order response.# Valid: stringsecondUrl =# Load second-order HTTP request from file.# Valid: stringsecondReq =[Fingerprint]# Perform an extensive back-end database management system fingerprint# based on various techniques.# Valid: True or FalseextensiveFp = False# These options can be used to enumerate the back-end database# management system information, structure and data contained in the# tables. Moreover you can run your own SQL statements.[Enumeration]# Retrieve everything# Valid: True or FalsegetAll = False# Retrieve back-end database management system banner.# Valid: True or FalsegetBanner = False# Retrieve back-end database management system current user.# Valid: True or FalsegetCurrentUser = False# Retrieve back-end database management system current database.# Valid: True or FalsegetCurrentDb = False# Retrieve back-end database management system server hostname.# Valid: True or FalsegetHostname = False# Detect if the DBMS current user is DBA.# Valid: True or FalseisDba = False# Enumerate back-end database management system users.# Valid: True or FalsegetUsers = False# Enumerate back-end database management system users password hashes.# Valid: True or FalsegetPasswordHashes = False# Enumerate back-end database management system users privileges.# Valid: True or FalsegetPrivileges = False# Enumerate back-end database management system users roles.# Valid: True or FalsegetRoles = False# Enumerate back-end database management system databases.# Valid: True or FalsegetDbs = False# Enumerate back-end database management system database tables.# Optional: db# Valid: True or FalsegetTables = False# Enumerate back-end database management system database table columns.# Optional: db, tbl, col# Valid: True or FalsegetColumns = False# Enumerate back-end database management system schema.# Valid: True or FalsegetSchema = False# Retrieve number of entries for table(s).# Valid: True or FalsegetCount = False# Dump back-end database management system database table entries.# Requires: tbl and/or col# Optional: db# Valid: True or FalsedumpTable = False# Dump all back-end database management system databases tables entries.# Valid: True or FalsedumpAll = False# Search column(s), table(s) and/or database name(s).# Requires: db, tbl or col# Valid: True or Falsesearch = False# Check for database management system database comments during enumeration.# Valid: True or FalsegetComments = False# Retrieve SQL statements being run on database management system.# Valid: True or FalsegetStatements = False# Back-end database management system database to enumerate.db =# Back-end database management system database table(s) to enumerate.tbl =# Back-end database management system database table column(s) to enumerate.col =# Back-end database management system identifiers (database(s), table(s) and column(s)) to not enumerate.exclude =# Pivot column name.pivotColumn =# Use WHERE condition while table dumping (e.g. "id=1").dumpWhere =# Back-end database management system database user to enumerate.user =# Exclude DBMS system databases when enumerating tables.# Valid: True or FalseexcludeSysDbs = False# First query output entry to retrieve# Valid: integer# Default: 0 (sqlmap will start to retrieve the table dump entries from# first one)limitStart = 0# Last query output entry to retrieve# Valid: integer# Default: 0 (sqlmap will detect the number of table dump entries and# retrieve them until the last)limitStop = 0# First query output word character to retrieve# Valid: integer# Default: 0 (sqlmap will enumerate the query output from the first# character)firstChar = 0# Last query output word character to retrieve# Valid: integer# Default: 0 (sqlmap will enumerate the query output until the last# character)lastChar = 0# SQL statement to be executed.# Example: SELECT 'foo', 'bar'sqlQuery =# Prompt for an interactive SQL shell.# Valid: True or FalsesqlShell = False# Execute SQL statements from given file(s).sqlFile =# These options can be used to run brute force checks.[Brute force]# Check existence of common tables.# Valid: True or FalsecommonTables = False# Check existence of common columns.# Valid: True or FalsecommonColumns = False# Check existence of common files.# Valid: True or FalsecommonFiles = False# These options can be used to create custom user-defined functions.[User-defined function]# Inject custom user-defined functions# Valid: True or FalseudfInject = False# Local path of the shared libraryshLib =# These options can be used to access the back-end database management# system underlying file system.[File system]# Read a specific file from the back-end DBMS underlying file system.# Examples: /etc/passwd or C:\boot.inifileRead =# Write a local file to a specific path on the back-end DBMS underlying# file system.# Example: /tmp/sqlmap.txt or C:\WINNT\Temp\sqlmap.txtfileWrite =# Back-end DBMS absolute filepath to write the file to.fileDest =# These options can be used to access the back-end database management# system underlying operating system.[Takeover]# Execute an operating system command.# Valid: operating system commandosCmd =# Prompt for an interactive operating system shell.# Valid: True or FalseosShell = False# Prompt for an out-of-band shell, Meterpreter or VNC.# Valid: True or FalseosPwn = False# One click prompt for an out-of-band shell, Meterpreter or VNC.# Valid: True or FalseosSmb = False# Microsoft SQL Server 2000 and 2005 'sp_replwritetovarbin' stored# procedure heap-based buffer overflow (MS09-004) exploitation.# Valid: True or FalseosBof = False# Database process' user privilege escalation.# Note: Use in conjunction with osPwn, osSmb or osBof. It will force the# payload to be Meterpreter.privEsc = False# Local path where Metasploit Framework is installed.# Valid: file system pathmsfPath =# Remote absolute path of temporary files directory.# Valid: absolute file system pathtmpPath =# These options can be used to access the back-end database management# system Windows registry.[Windows]# Read a Windows registry key value.# Valid: True or FalseregRead = False# Write a Windows registry key value data.# Valid: True or FalseregAdd = False# Delete a Windows registry key value.# Valid: True or FalseregDel = False# Windows registry key.regKey =# Windows registry key value.regVal =# Windows registry key value data.regData =# Windows registry key value type.regType =# These options can be used to set some general working parameters.[General]# Load session from a stored (.sqlite) file# Example: output/www.target.com/session.sqlitesessionFile =# Log all HTTP traffic into a textual file.trafficFile =# Set predefined answers (e.g. "quit=N,follow=N").answers =# Never ask for user input, use the default behaviour.# Valid: True or Falsebatch = False# Result fields having binary values (e.g. "digest").binaryFields =# Check Internet connection before assessing the target.checkInternet = False# Clean up the DBMS from sqlmap specific UDF and tables.# Valid: True or Falsecleanup = False# Crawl the website starting from the target URL.# Valid: integer# Default: 0crawlDepth = 0# Regexp to exclude pages from crawling (e.g. "logout").crawlExclude =# Delimiting character used in CSV output.# Default: ,csvDel = ,# Format of dumped data# Valid: CSV, HTML or SQLITEdumpFormat = CSV# Force character encoding used for data retrieval.encoding =# Retrieve each query output length and calculate the estimated time of# arrival in real time.# Valid: True or Falseeta = False# Flush session files for current target.# Valid: True or FalseflushSession = False# Parse and test forms on target URL.# Valid: True or Falseforms = False# Ignore query results stored in session file.# Valid: True or FalsefreshQueries = False# Use Google dork results from specified page number.# Valid: integer# Default: 1googlePage = 1# Use hex conversion during data retrieval.# Valid: True or FalsehexConvert = False# Custom output directory path.outputDir =# Parse and display DBMS error messages from responses.# Valid: True or FalseparseErrors = False# Use given script(s) for preprocessing of response data.preprocess =# Redump entries having unknown character marker (?).# Valid: True or Falserepair = False# Regular expression for filtering targets from provided Burp.# or WebScarab proxy log.# Example: (google|yahoo)scope =# Skip heuristic detection of WAF/IPS protection.# Valid: True or FalseskipWaf = False# Prefix used for temporary tables.# Default: sqlmaptablePrefix = sqlmap# Select tests by payloads and/or titles (e.g. ROW)testFilter =# Skip tests by payloads and/or titles (e.g. BENCHMARK)testSkip =# Web server document root directory (e.g. "/var/www").webRoot =[Miscellaneous]# Run host OS command(s) when SQL injection is found.alert =# Beep on question and/or when SQL injection is found.# Valid: True or Falsebeep = False# Offline WAF/IPS payload detection testing.# Valid: True or FalsecheckPayload = False# Check for missing (optional) sqlmap dependencies.# Valid: True or Falsedependencies = False# Disable console output coloring.# Valid: True or FalsedisableColoring = False# Display list of available tamper scripts# Valid: True or FalselistTampers = False# Work in offline mode (only use session data)# Valid: True or Falseoffline = False# Local directory for storing temporary files.tmpDir =# Simple wizard interface for beginner users.# Valid: True or Falsewizard = False# Update sqlmap.# Valid: True or FalseupdateAll = False# Verbosity level.# Valid: integer between 0 and 6# 0: Show only error and critical messages# 1: Show also warning and info messages# 2: Show also debug messages# 3: Show also payloads injected# 4: Show also HTTP requests# 5: Show also HTTP responses' headers# 6: Show also HTTP responses' page content# Default: 1verbose = 1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。