sqlmapproject
diff --git a/‎doc/ChangeLog‎
Lines changed: 7 additions & 2 deletions b/‎doc/ChangeLog‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎doc/README.html‎
Lines changed: 21 additions & 14 deletions b/‎doc/README.html‎
Lines changed: 21 additions & 14 deletions
diff --git a/‎doc/README.pdf‎
398 Bytes b/‎doc/README.pdf‎
398 Bytes
diff --git a/‎doc/README.sgml‎
Lines changed: 23 additions & 14 deletions b/‎doc/README.sgml‎
Lines changed: 23 additions & 14 deletions
diff --git a/‎doc/THANKS‎
Lines changed: 8 additions & 1 deletion b/‎doc/THANKS‎
Lines changed: 8 additions & 1 deletion
@@ -3,6 +3,10 @@ sqlmap (0.6.3-1) stable; urgency=low
   * Major enhancement to support stacked queries when the web application
     supports it which will be used in the long run by takeover
     functionality;
+  * Major enhancement to get list of targets to test from Burp proxy
+    (http://portswigger.net/suite/) requests log file path or WebScarab
+    proxy (http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project)
+    'conversations/' folder path;
   * Minor enhancement to test if the injectable parameter is affected by
     a time based blind SQL injection technique;
   * Minor enhancement to fingerprint the web server operating system and
@@ -28,6 +32,7 @@ sqlmap (0.6.3-1) stable; urgency=low
   * Minor bug fix to correctly enumerate columns on Microsoft SQL Server;
   * Minor bug fix to correctly dump table entries when the column is
     provided;
+  * Updated documentation.
 
  -- Bernardo Damele A. G. <[email protected]>  Day,  X YYY 2008 10:00:00 +0000
 
@@ -218,14 +223,14 @@ sqlmap (0.4-1) stable; urgency=low
     the remote DBMS;
   * Major improvements in union.UnionCheck() and union.UnionUse()
     functions to make it possible to exploit inband SQL injection also
-    with database comment characters ('--' and '#') in UNION SELECT
+    with database comment characters ('--' and '#') in UNION query
     statements;
   * Added the possibility to save the output into a file while performing
     the queries (-o OUTPUTFILE) so it is possible to stop and resume the
     same query output retrieving in a second time (--resume);
   * Added support to specify the database table column to enumerate
     (-C COL);
-  * Added inband SQL injection (UNION SELECT) support (--union-use);
+  * Added inband SQL injection (UNION query) support (--union-use);
   * Complete code refactoring, a lot of minor and some major fixes in
     libraries, many minor improvements;
   * Reviewed the directory tree structure;
 
@@ -8,7 +8,7 @@
 <H1>sqlmap user's manual</H1>
 
 <H2>by 
-<A HREF="mailto:[email protected]">Bernardo Damele A. G.</A></H2>version 0.6.3, DDth of November 2008
+<A HREF="mailto:[email protected]">Bernardo Damele A. G.</A></H2>version 0.6.3, DDth of December 2008
 <HR>
 <EM>This document is the user's manual to use 
 <A HREF="http://sqlmap.sourceforge.net">sqlmap</A>.
@@ -349,7 +349,7 @@ <H2><A NAME="s5">5.</A> <A HREF="#toc5">Usage</A></H2>
     sqlmap/0.6.3 coded by Bernardo Damele A. G. &lt;[email protected]>
                         and Daniele Bellucci &lt;[email protected]>
 
-Usage: sqlmap.py [options] {-u &lt;URL> | -g &lt;google dork> | -c &lt;config file>}
+Usage: sqlmap.py [options] {-u "&lt;URL>" | -g "&lt;google dork>" | -c "&lt;config file>"}
 
 Options:
   --version             show program's version number and exit
@@ -384,8 +384,8 @@ <H2><A NAME="s5">5.</A> <A HREF="#toc5">Usage</A></H2>
     using the default blind SQL injection technique.
 
     --time-test         Test for Time based blind SQL injection
-    --union-test        Test for UNION SELECT (inband) SQL injection
-    --union-use         Use the UNION SELECT (inband) SQL injection to
+    --union-test        Test for UNION query (inband) SQL injection
+    --union-use         Use the UNION query (inband) SQL injection to
                         retrieve the queries output. No need to go blind
 
   Fingerprint:
@@ -487,7 +487,7 @@ <H3>Target URL and verbosity</H3>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 1
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1
 
 [hh:mm:01] [INFO] testing connection to the target url
 [hh:mm:01] [INFO] testing if the url is stable, wait a few seconds
@@ -525,7 +525,7 @@ <H3>Target URL and verbosity</H3>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 2
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 2
 
 [hh:mm:34] [DEBUG] initializing the configuration
 [hh:mm:34] [DEBUG] initializing the knowledge base
@@ -548,7 +548,7 @@ <H3>Target URL and verbosity</H3>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 3
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 3
 
 [...]
 [hh:mm:28] [INFO] testing connection to the target url
@@ -575,7 +575,7 @@ <H3>Target URL and verbosity</H3>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 4
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 4
 
 [...]
 [hh:mm:32] [INFO] testing connection to the target url
@@ -620,7 +620,7 @@ <H3>Target URL and verbosity</H3>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 5
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 5
 
 [...]
 [hh:mm:23] [INFO] testing connection to the target url
@@ -675,6 +675,13 @@ <H3>Target URL and verbosity</H3>
 </P>
 
 
+<H3>List of targets</H3>
+
+<P>Option: <CODE>-l</CODE></P>
+
+<P>TODO</P>
+
+
 <H3>Process Google dork results as target urls</H3>
 
 <P>Option: <CODE>-g</CODE></P>
@@ -733,7 +740,7 @@ <H3>Testable parameter(s)</H3>
 <BLOCKQUOTE><CODE>
 <PRE>
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p id
+  -p "id"
 
 [hh:mm:48] [INFO] testing connection to the target url
 [hh:mm:48] [INFO] testing if the url is stable, wait a few seconds
@@ -769,7 +776,7 @@ <H3>Testable parameter(s)</H3>
 <BLOCKQUOTE><CODE>
 <PRE>
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p user-agent --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
+  -p "user-agent" --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
 
 [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
 [hh:mm:40] [INFO] testing connection to the target url
@@ -816,7 +823,7 @@ <H3>HTTP method: <CODE>GET</CODE> or <CODE>POST</CODE></H3>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/oracle/post_int.php --method POST \
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/oracle/post_int.php" --method POST \
   --data "id=1&amp;cat=2"
 
 [hh:mm:53] [INFO] testing connection to the target url
@@ -1216,7 +1223,7 @@ <H3>Test for Time Based Blind SQL injection</H3>
 <P>TODO</P>
 
 
-<H3>Test for UNION SELECT query SQL injection</H3>
+<H3>Test for UNION query SQL injection</H3>
 
 <P>Option: <CODE>--union-test</CODE></P>
 
@@ -1266,7 +1273,7 @@ <H3>Test for UNION SELECT query SQL injection</H3>
 In case this vulnerability is exploitable it is strongly recommended to
 use it.</P>
 
-<H3>Use the UNION SELECT query SQL injection</H3>
+<H3>Use the UNION query SQL injection</H3>
 
 <P>Option: <CODE>--union-use</CODE></P>
 
 
@@ -4,7 +4,7 @@
 
 <title>sqlmap user's manual
 <author>by <htmlurl url="mailto:[email protected]" name="Bernardo Damele A. G.">
-<date>version 0.6.3, DDth of November 2008
+<date>version 0.6.3, DDth of December 2008
 <abstract>
 This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforge.net" name="sqlmap">.
 Check the project <htmlurl url="http://sqlmap.sourceforge.net" name="homepage">
@@ -309,7 +309,7 @@ $ python sqlmap.py -h
     sqlmap/0.6.3 coded by Bernardo Damele A. G. <[email protected]>
                         and Daniele Bellucci <[email protected]>
 
-Usage: sqlmap.py [options] {-u <URL> | -g <google dork> | -c <config file>}
+Usage: sqlmap.py [options] {-u "<URL>" | -g "<google dork>" | -c "<config file>"}
 
 Options:
   --version             show program's version number and exit
@@ -344,8 +344,8 @@ Options:
     using the default blind SQL injection technique.
 
     --time-test         Test for Time based blind SQL injection
-    --union-test        Test for UNION SELECT (inband) SQL injection
-    --union-use         Use the UNION SELECT (inband) SQL injection to
+    --union-test        Test for UNION query (inband) SQL injection
+    --union-use         Use the UNION query (inband) SQL injection to
                         retrieve the queries output. No need to go blind
 
   Fingerprint:
@@ -446,7 +446,7 @@ headers and level 5 show also HTTP responses page content.
 Example on a <bf>MySQL 5.0.51</bf> target (verbosity level <bf>1</bf>):
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 1
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1
 
 [hh:mm:01] [INFO] testing connection to the target url
 [hh:mm:01] [INFO] testing if the url is stable, wait a few seconds
@@ -482,7 +482,7 @@ back-end DBMS:    MySQL >= 5.0.0
 Example on a <bf>MySQL 5.0.51</bf> target (verbosity level <bf>2</bf>):
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 2
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 2
 
 [hh:mm:34] [DEBUG] initializing the configuration
 [hh:mm:34] [DEBUG] initializing the knowledge base
@@ -503,7 +503,7 @@ $ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat
 Example on a <bf>MySQL 5.0.51</bf> target (verbosity level <bf>3</bf>):
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 3
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 3
 
 [...]
 [hh:mm:28] [INFO] testing connection to the target url
@@ -528,7 +528,7 @@ Connection: close
 Example on a <bf>MySQL 5.0.51</bf> target (verbosity level <bf>4</bf>):
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 4
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 4
 
 [...]
 [hh:mm:32] [INFO] testing connection to the target url
@@ -571,7 +571,7 @@ Content-Type: text/html
 Example on a <bf>MySQL 5.0.51</bf> target (verbosity level <bf>5</bf>):
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2 -v 5
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 5
 
 [...]
 [hh:mm:23] [INFO] testing connection to the target url
@@ -624,6 +624,15 @@ Content-Type: text/html
 </verb></tscreen>
 
 
+<sect2>List of targets
+
+<p>
+Option: <tt>-l</tt>
+
+<p>
+TODO
+
+
 <sect2>Process Google dork results as target urls
 
 <p>
@@ -685,7 +694,7 @@ Example on a <bf>PostgreSQL 8.2.7</bf> target:
 
 <tscreen><verb>
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/pgsql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p id
+  -p "id"
 
 [hh:mm:48] [INFO] testing connection to the target url
 [hh:mm:48] [INFO] testing if the url is stable, wait a few seconds
@@ -718,7 +727,7 @@ Example on a <bf>MySQL 5.0.51</bf> target:
 
 <tscreen><verb>
 $ python sqlmap.py -u "http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p user-agent --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
+  -p "user-agent" --user-agent "sqlmap/0.6.3 (http://sqlmap.sourceforge.net)"
 
 [hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
 [hh:mm:40] [INFO] testing connection to the target url
@@ -765,7 +774,7 @@ tested for SQL injection like the <tt>GET</tt> parameters.
 Example on an <bf>Oracle XE 10.2.0.1</bf> target:
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.1.121/sqlmap/oracle/post_int.php --method POST \
+$ python sqlmap.py -u "http://192.168.1.121/sqlmap/oracle/post_int.php" --method POST \
   --data "id=1&amp;cat=2"
 
 [hh:mm:53] [INFO] testing connection to the target url
@@ -1158,7 +1167,7 @@ Option: <tt>--time-test</tt>
 TODO
 
 
-<sect2>Test for UNION SELECT query SQL injection
+<sect2>Test for UNION query SQL injection
 
 <p>
 Option: <tt>--union-test</tt>
@@ -1207,7 +1216,7 @@ affected by an inband SQL injection.
 In case this vulnerability is exploitable it is strongly recommended to
 use it.
 
-<sect2>Use the UNION SELECT query SQL injection
+<sect2>Use the UNION query SQL injection
 
 <p>
 Option: <tt>--union-use</tt>
 
@@ -51,8 +51,11 @@ Will Holcomb <[email protected]>
 Luke Jahnke <[email protected]>
     for reporting a bug when running against MySQL < 5.0
 
+Anant Kochhar <[email protected]>
+    for providing me with feedback on the user's manual
+
 Nico Leidecker <[email protected]>
-    for providing with feedback on a few features
+    for providing me with feedback on a few features
 
 Pavol Luptak <[email protected]>
     for reporting a bug when injecting on a POST data parameter
@@ -62,6 +65,10 @@ Michael Majchrowicz <[email protected]>
     for providing really appreciated feedback
     for suggesting a lot of ideas and features
 
+Ferruh Mavituna <[email protected]>
+    for providing me with ideas on the implementation on a couple of
+    new features
+
 Enrico Milanese <[email protected]>
     for reporting a bugs when using (-a) a single line User-Agent file
     for providing me with some ideas for the PHP backdoor