lilith/tldr
1
0
Fork 0
mirror of https://github.com/tldr-pages/tldr.git synced 2025-06-08 01:26:00 +02:00
Code Activity
tldr/pages/common/sqlmap.md
Nelson Figueroa 6e91528dc0
sqlmap: remove extra spaces in english page, add option placeholders in korean page (#16453) 
sqlmap: remove extra spaces, add option placeholders for ko page
2025-05-11 21:02:45 +03:00

902 B
Raw Blame History

sqlmap

Detect and exploit SQL injection flaws. More information: https://sqlmap.org.

  • Run sqlmap against a single target URL:

python sqlmap.py {{[-u|--url]}} "{{http://www.example.com/vuln.php?id=1}}"

  • Send data in a POST request (--data implies POST request):

python sqlmap.py {{[-u|--url]}} "{{http://www.example.com/vuln.php}}" --data="{{id=1}}"

  • Change the parameter delimiter (& is the default):

python sqlmap.py {{[-u|--url]}} "{{http://www.example.com/vuln.php}}" --data="{{query=foobar;id=1}}" --param-del="{{;}}"

  • Select a random User-Agent from ./txt/user-agents.txt and use it:

python sqlmap.py {{[-u|--url]}} "{{http://www.example.com/vuln.php}}" --random-agent

  • Provide user credentials for HTTP protocol authentication:

python sqlmap.py {{[-u|--url]}} "{{http://www.example.com/vuln.php}}" --auth-type {{Basic}} --auth-cred "{{testuser:testpass}}"