sqlmap icon indicating copy to clipboard operation
sqlmap copied to clipboard

Published 20 hours ago verified publisher icon sqlmapproject

Metadata

Automatic SQL injection and database takeover tool

Results 96 sqlmap issues
Sort by recently updated
recently updated
newest added

Data extraction for multiple entries on a single line

1 comment

- Using XML in MS SQL Server 2005 and 2008 - Using GROUP_CONCAT() on MySQL - Using XML functions on Oracle (10g has sys.stragg())

bdamele avatar bdamele

enhancement
low
enumeration

Filesystem enumeration and fingerprinting

Just a thought I had, I stumbled across the following: http://nuke99.github.com/sqlnuke/ It would be interesting to see this implemented in SQLmap, if load file is available, as an option to...

infodox avatar infodox

enhancement
normal
takeover

Unhandled exception (#b279c31b)

``` Running version: 1.6.9.1#dev Python version: 3.10.7 Operating system: Linux-4.14.272-Dolphin™-NAD-aarch64-with-libc Command line: sqlmap.py -u *************************** --random-agent --batch --crawl 2 Technique: None Back-end DBMS: None ``` ``` Traceback (most recent call...

sqlmapreporter avatar sqlmapreporter

Improved crawler logging

5 comment

When using `--crawl`, some logging of Connection and TLS errors lacks information (i.e., the current URL or host and port) to be useful. This pull request improves the logging with...

Murgeye avatar Murgeye

Does it work as supposed?

**Describe the bug** On vulnerable parameter (confirmed manually in burp -> sleep for 5,10 and 30 seconds) sqlmap returns that the parameter is a false positive after the last payload....

Rce15wtf avatar Rce15wtf

bug report

Hope to provide MSSQL CLR extensions

1 comment

Now sqlmap has user-defined extensions for mysql udf, but I want an option like `--inject-clr` to provide extensions to MSSQL.

HangZhouCat avatar HangZhouCat

feature request

Unhandled exception (#f64253a8)

``` Running version: 1.6.8.2#dev Python version: 3.8.5 Operating system: Windows-10-10.0.19041-SP0 Command line: sqlmap.py -r .\request-adium.txt -p pEstatus --dbms=MSSQL --batch --proxy=*********************** --threads=6 -D ****** --sql-query=SELECT * FROM OPENQUERY(\MXASOADFELECT01\\SQLEXPRESS2K12, 'select @@servername') Technique:...

sqlmapreporter avatar sqlmapreporter

Sqlmap does not extract the data.

**After receiving a vulnerability alert and providing the payloads and the type of database system being used, sqlmap displays errors and stops. I have encountered the same error more than...

yusufalbashar avatar yusufalbashar

feature request

A Payload was detected but an error was reported indicating that the database could not be recognized.

Hello author, I had a problem while testing with the latest version of SQLMAP(1.8#stable). As shown in the following figure, why SQLMAP, after running an injectable Payload, reports an error...

VBPush avatar VBPush

bug report

Unhandled exception (#9d9d31a0)

``` Running version: 1.8#stable Python version: 3.11.0rc1 Operating system: macOS-14.3.1-arm64-arm-64bit Command line: sqlmap.py -u ********************************************** --batch --xp-upload pyload.bin Technique: None Back-end DBMS: Microsoft SQL Server (fingerprinted) ``` ``` Traceback (most...

sqlmapreporter avatar sqlmapreporter

Metadata

30.9k
Stars
5.6k
Forks
Watchers

Owner

verified publisher icon sqlmapproject

Metadata

Automatic SQL injection and database takeover tool

Back