SQLMAP command Detailed

Others 2019-05-30 04:43:13 views: null

Options (Options):
-version displays the version number of the program and exit
-h, -help display this help message and exit
-v VERBOSE level of detail: 0-6 (default is 1)
Target (target):
at least one of which needs to be set options, set the target URL.
-d DIRECT directly connected to the database.
-u URL, -url = URL target URL.
-l LIST resolve the destination or from WebScarab Burp proxy log.
-r REQUESTFILE loading a file from the HTTP request.
-g GOOGLEDORK processing results Google dork as the target URL.
-c CONFIGFILE Load option from the INI configuration file.
Request (request) ::
These options can be used to specify how to connect to the target URL.
-Data = DATA data string sent by the POST
-cookie = COOKIE the HTTP header cookies
-cookie-urlencode URL encoded cookie generated injection
-drop-set-cookie negligible response Set - Cookie header

–user-agent=AGENT 指定 HTTP User – Agent 头

-Random-agent selected random HTTP User - Agent header
-referer = REFERER the Referer HTTP header specified
separately -headers = HEADERS wrap, other HTTP header added
-auth-type = ATYPE HTTP authentication type (Basic, Digest, or NTLM ) (Basic, Digest or NTLM)
-auth-cred = ACRED HTTP authentication credentials (username: password)
-auth ACERT = HTTP-CERT certification (key_file, cert_file)
-proxy = pROXY use HTTP proxy to connect to target the URL of
- proxy-cred = PCRED HTTP proxy authentication credentials (username: password)
-ignore ignoring the system-default HTTP proxy agent
-delay = dELAY time delay between each HTTP request, in seconds to
-timeout = TIMEOUT waiting for a connection timeout (default 30 seconds)
-retries = time after reconnection RETRIES connection timeout (default. 3)
-scope agent from the SCOPE = log filter provided in the target regular expression
-safe-url = SAFURL test url addresses frequently accessed during
-safe-freq = SAFREQ test request between two accesses, security given the uRL
optimization (optimization):
These options can be used to optimize the performance of SqlMap.
Open all switches -o optimization
-Predict-output common prediction query output
-keep-alive using persistent HTTP (S) is connected
-null-connection body length from the search page without actual HTTP response
-threads = THREADS maximum HTTP (S) requests concurrency value ( the default is 1)
injection (injection):
these options can be used to specify which test parameters, providing tamper with injection payloads and optional custom scripts.
parameter (S) -p TESTPARAMETER testable
-dbms = DBMS backend DBMS forced value for this
-os = OS operating system, DBMS backend forced to this value
-prefix = PREFIX injection payload string prefix
-suffix = SUFFIX injection payload characters suffix string
-tamper = tAMPER given script (S) data tampering injection
detection (detect):
these options can be used to specify how to parse the contents of a page and the HTTP response comparison in SQL blinds.
-Level = LEVEL execution level tested (1-5, default is 1)
-risk = risk of executing tests RISK (0-3, default is 1)
-string = valid page when STRING string matching the query
-regexp = REGEXP query is valid in the page match the regular expression
-text-only text-based content only in comparison page
techniques (skills):
These options can be used to adjust the specific SQL injection test.
-Technique = TECH SQL injection technical tests (default Beust)
-time-sec = TIMESEC the DBMS response time delay (default 5 seconds)
-UNION cols = UCOLS-range for a given column test UNION queries injection
-union-char = UCHAR character for violence guess the number of columns
fingerprint (fingerprint):
-f, -fingerprint perform extensive checks DBMS version fingerprint
enumeration (enumeration):

These options can include information used to back-end database management system, data structures and tables. In addition, you can also run your own
SQL statements.
-b, -banner retrieval database management system identification
-current-user database management system to retrieve the current user
in the current database -current-db retrieval database management system
-is-dba DBMS detecting the current user is the DBA
-users enumerate a database management system users
- passwords enumerate database management system user password hashes
rights -privileges enumerate database management system users
-roles enumerate database management system user's role
-dbs enumerate database management system database
tables DBMS database -tables enumerated in
-columns enumeration DBMS database table column
entry -dump dump database in a database management system
-dump-all DBMS database dump all entries in the table
-search search column (S), sheet (S) and / or the database name (S)
-D DB name of the database to be enumerated
-T TBL database table to be enumerated
-C COL to database columns enumerated
-U uSER user database used for enumeration
-exclude-sysdbs enumeration Troubleshooting system database table
-start = LIMITSTART first output entry search query
-stop = LIMITSTOP final Inquiry into the retrieval output
The character search -first = FIRSTCHAR first query output word
-last = output word LASTCHAR last character search query
-sql-query = SQL QUERY statement to be executed
-sql-shell prompt of the interactive SQL shell
Brute Force (brute force ):
these options can be used to run brute force checks.
-Common-tables to check the existence of common table
-common-columns check the existence of a common column
User-defined function injection (user-defined function injection):
a custom function These options can be used to create the user.
-Udf-inject injection UDF
-shared-lib = Local Path SHLIB shared library
File system access (access to the file system):
These options can be used to access the underlying file system back-end database management system.
-File-read = RFILE read from the back-end database management system, file system
-file-write = WFILE rear end of the edit files on a local file system, database management system
-file-dest = DFILE back-end database management system written to the file absolute path
operating system access (operating system access):
these options can be used to access the back-end database management system of the underlying operating system.
-Os-cmd = OSCMD execute an operating system command
shell interactive operating system -os-shell
-Os-pwn get a OOB shell, meterpreter or VNC
-os-SMBRelay a key to get a OOB shell, meterpreter or VNC
-os-bof stored procedures buffer overflow exploits
-priv-esc database processes elevated user rights
-msf-path = MSFPATH Metasploit Framework local installation path
absolute path -tmp-path = tMPPATH remote temporary file directory

Windows Registry Access:
These options can be used to access back-end database management system Windows registry.
-Reg-read read a Windows registry key value
-reg-add write a Windows registry key value data
-reg-del delete Windows registry keys
-reg-key = REGKEY Windows registry keys
-reg-value = REGVAL Windows registry entry
-reg-data = REGDATA Windows registry key data
-reg-type = rEGTYPE Windows registry key value type
general (general):

These options can be used to set some general operating parameters.
-t TRAFFICFILE log all HTTP traffic to a text file
-s SESSIONFILE retrieve the session file to save and restore all data
-flush-session refresh the current target session file
-fresh-queries ignored stored in the session file query results
-eta display each output estimated time of arrival
-update update Setting up the SqlMap
-save file option to save the configuration INI file
-batch never ask the user to enter, with all the default configuration.
Miscellaneous (Miscellaneous):
-beep discovered SQL injection alerts when
-check-payload IDS injected payloads detection test
-cleanup SqlMap specific cleaning table UDF and the DBMS
-forms form of analytical and testing target URL
-gpage = GOOGLEPAGE from the specified page using Google dork result
-page-rank Google dork results show page rank (PR)
-parse-page response errors parsing database management system error messages from the
data -replicate copy the dump to a sqlite3 database
-tor default Tor ( Vidalia / Privoxy / Polipo) proxy address
-wizard to the primary user's simple wizard interface

Ok. . . Where is wrong, please correct me, thank you

Original in my personal blog: http: //qtbk.xyz/ p = 263?

Guess you like

Origin www.cnblogs.com/QTBK/p/10947309.html
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com