Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8fe8bea

Browse files
stamparmstamparm
committed
Merge branch 'master' of github.com:sqlmapproject/sqlmap
2 parents ef2038f + 735cfee commit 8fe8bea

1 file changed

Lines changed: 178 additions & 0 deletions

File tree

extra/shutils/_sqlmap.py

Lines changed: 178 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,178 @@
1+
#compdef sqlmap.py
2+
3+
# sqlmap completion commands. written by kost
4+
# put this file in your zsh completion dir and restart your shell. Zsh completion dir is usually
5+
# located somewhere in /usr/share/zsh/ or /usr/local/share/zsh
6+
7+
local curcontext="$curcontext" state line
8+
9+
_arguments -C -s \
10+
'(- *)'{--help,-h}'[Show basic help message and exit]' \
11+
'(- *)'-hh'[Show advanced help message and exit]' \
12+
'(-v)'-v+'[Verbosity level: 0-6 (default 1)]:Verbosity level (0-6) - default 1' \
13+
'(-d)'-d+'[Direct connection to the database]' \
14+
'(-u,--url)'{-u+,--url=-}'[Target url]' \
15+
'(-g)'-g+'[Process Google dork results as target urls]' \
16+
'(--data)'--data=-'[Data string to be sent through POST]' \
17+
'(-l)'-l+'[Parse targets from Burp or WebScarab proxy logs]:LOGFILE:_files' \
18+
'(-m)'-m+'[Scan multiple targets enlisted in a given textual file]:BULKFILE:_files' \
19+
'(-r)'-r+'[Load HTTP request from a file]:REQUESTFILE:_files' \
20+
'(-s)'-s+'[Load session from a stored (.sqlite) file]:SESSIONFILE:_files' \
21+
'(-c)'-c+'[Load options from a configuration INI file]:CONFIGFILE:_files' \
22+
'(--param-del)'--param-del=-'[Character used for splitting parameter values]:PDEL' \
23+
'(--cookie)'--cookie=-'[HTTP Cookie header]:COOKIE' \
24+
'(--load-cookies)'--load-cookies=-'[File containing cookies in Netscape/wget format]:COOKIEFILE:_files' \
25+
'(--drop-set-cookie)'--drop-set-cookie'[Ignore Set-Cookie header from response]' \
26+
'(--user-agent)'--user-agent=-'[HTTP User-Agent header]:HTTP User Agent' \
27+
'(--random-agent)'--random-agent'[Use randomly selected HTTP User-Agent header]' \
28+
'(--randomize)'--randomize=-'[Randomly change value for given parameter(s)]:RPARAM' \
29+
'(--force-ssl)'--force-ssl'[Force usage of SSL/HTTPS requests]' \
30+
'(--host)'--host=-'[HTTP Host header]:Host Header' \
31+
'(--referer)'--referer=-'[HTTP Referer header]:REFERER' \
32+
'(--headers)'--headers=-'[Extra headers (e.g. Accept-Language: fr\nETag: 123)]:HEADERS' \
33+
'(--auth-type)'--auth-type=-'[HTTP authentication type (Basic, Digest or NTLM)]:ATYPE' \
34+
'(--auth-cred)'--auth-cred=-'[HTTP authentication credentials (name:password)]:ACRED' \
35+
'(--auth-cert)'--auth-cert=-'[HTTP authentication certificate (key_file,cert_file)]:ACERT:_files' \
36+
'(--proxy)'--proxy=-'[Use a HTTP proxy to connect to the target url]:PROXY' \
37+
'(--proxy-cred)'--proxy-cred=-'[HTTP proxy authentication credentials (name:password)]:PCRED' \
38+
'(--ignore-proxy)'--ignore-proxy'[Ignore system default HTTP proxy]' \
39+
'(--delay)'--delay=-'[Delay in seconds between each HTTP request]:DELAY' \
40+
'(--timeout)'--timeout=-'[Seconds to wait before timeout connection (default 30)]:TIMEOUT' \
41+
'(--retries)'--retries=-'[Retries when the connection timeouts (default 3)]:RETRIES' \
42+
'(--scope)'--scope=-'[Regexp to filter targets from provided proxy log]:SCOPE' \
43+
'(--safe-url)'--safe-url=-'[Url address to visit frequently during testing]:SAFURL' \
44+
'(--safe-freq)'--safe-freq=-'[Test requests between two visits to a given safe url]:SAFREQ' \
45+
'(--skip-urlencode)'--skip-urlencode'[Skip URL encoding of payload data]' \
46+
'(--eval)'--eval=-'[Evaluate provided Python code before the request (e.g.]:EVALCODE' \
47+
'(-o)'-o'[Turn on all optimization switches]' \
48+
'(--predict-output)'--predict-output'[Predict common queries output]' \
49+
'(--keep-alive)'--keep-alive'[Use persistent HTTP(s) connections]' \
50+
'(--null-connection)'--null-connection'[Retrieve page length without actual HTTP response body]' \
51+
'(--threads)'--threads=-'[Max number of concurrent HTTP(s) requests (default 1)]:THREADS' \
52+
'(-p)'-p+'[Testable parameter(s)]:TESTPARAMETER' \
53+
'(--dbms)'--dbms=-'[Force back-end DBMS to this value]:DBMS:->list-dbms' \
54+
'(--os)'--os=-'[Force back-end DBMS operating system to this value]:OS:->list-os' \
55+
'(--invalid-bignum)'--invalid-bignum'[Use big numbers for invalidating values]' \
56+
'(--invalid-logical)'--invalid-logical'[Use logical operations for invalidating values]' \
57+
'(--no-cast)'--no-cast'[Turn off payload casting mechanism]' \
58+
'(--no-unescape)'--no-unescape'[Turn off string unescaping mechanism]' \
59+
'(--prefix)'--prefix=-'[Injection payload prefix string]:PREFIX' \
60+
'(--suffix)'--suffix=-'[Injection payload suffix string]:SUFFIX' \
61+
'(--skip)'--skip=-'[Skip testing for given parameter(s)]:SKIP' \
62+
'(--tamper)'--tamper=-'[Use given script(s) for tampering injection data]:TAMPER' \
63+
'(--level)'--level=-'[Level of tests to perform (1-5, default 1)]:LEVEL (1-5), default 1' \
64+
'(--risk)'--risk=-'[Risk of tests to perform (0-3, default 1)]:RISK (0-3), default 1' \
65+
'(--string)'--string=-'[String to match when query is evaluated to True]:STRING' \
66+
'(--not-string)'--not-string=-'[String to match when query is evaluated to False]:NOTSTRING' \
67+
'(--regexp)'--regexp=-'[Regexp to match when query is evaluated to True]:REGEXP' \
68+
'(--code)'--code=-'[HTTP code to match when query is evaluated to True]' \
69+
'(--text-only)'--text-only'[Compare pages based only on the textual content]' \
70+
'(--titles)'--titles'[Compare pages based only on their titles]' \
71+
'(--technique)'--technique=-'[SQL injection techniques to test for (default "BEUST")]:TECH:->list-techniques' \
72+
'(--time-sec)'--time-sec=-'[Seconds to delay the DBMS response (default 5)]:TIMESEC' \
73+
'(--union-cols)'--union-cols=-'[Range of columns to test for UNION query SQL injection]:UCOLS' \
74+
'(--union-char)'--union-char=-'[Character to use for bruteforcing number of columns]:UCHAR' \
75+
'(--dns-domain)'--dns-domain=-'[Domain name used for DNS exfiltration attack]:DNSDOMAIN' \
76+
'(--second-order)'--second-order=-'[Resulting page url searched for second-order response]:SECONDORDER' \
77+
'(-f,--fingerprint)'{-f,--fingerprint}'[Perform an extensive DBMS version fingerprint]' \
78+
'(-a,--all)'{-a,--all}'[Retrieve everything]' \
79+
'(-b,--banner)'{-b,--banner}'[Retrieve DBMS banner]' \
80+
'(--current-user)'--current-user'[Retrieve DBMS current user]' \
81+
'(--current-db)'--current-db'[Retrieve DBMS current database]' \
82+
'(--hostname)'--hostname'[Retrieve DBMS server hostname]' \
83+
'(--is-dba)'--is-dba'[Detect if the DBMS current user is DBA]' \
84+
'(--users)'--users'[Enumerate DBMS users]' \
85+
'(--passwords)'--passwords'[Enumerate DBMS users password hashes]' \
86+
'(--privileges)'--privileges'[Enumerate DBMS users privileges]' \
87+
'(--roles)'--roles'[Enumerate DBMS users roles]' \
88+
'(--dbs)'--dbs'[Enumerate DBMS databases]' \
89+
'(--tables)'--tables'[Enumerate DBMS database tables]' \
90+
'(--columns)'--columns'[Enumerate DBMS database table columns]' \
91+
'(--schema)'--schema'[Enumerate DBMS schema]' \
92+
'(--count)'--count'[Retrieve number of entries for table(s)]' \
93+
'(--dump)'--dump'[Dump DBMS database table entries]' \
94+
'(--dump-all)'--dump-all'[Dump all DBMS databases tables entries]' \
95+
'(--search)'--search'[Search column(s), table(s) and/or database name(s)]' \
96+
'(-D)'-D+'[DBMS database to enumerate]:DB' \
97+
'(-T)'-T+'[DBMS database table to enumerate]:TBL' \
98+
'(-C)'-C+'[DBMS database table column to enumerate]:COL' \
99+
'(-U)'-U+'[DBMS user to enumerate]:USER' \
100+
'(--exclude-sysdbs)'--exclude-sysdbs'[Exclude DBMS system databases when enumerating tables]' \
101+
'(--start)'--start=-'[First query output entry to retrieve]:LIMITSTART' \
102+
'(--stop)'--stop=-'[Last query output entry to retrieve]:LIMITSTOP' \
103+
'(--first)'--first=-'[First query output word character to retrieve]:FIRSTCHAR' \
104+
'(--last)'--last=-'[Last query output word character to retrieve]:LASTCHAR' \
105+
'(--sql-query)'--sql-query=-'[SQL statement to be executed]:QUERY' \
106+
'(--sql-shell)'--sql-shell'[Prompt for an interactive SQL shell]' \
107+
'(--sql-file)'--sql-file=-'[Execute SQL statements from given file(s)]:SQLFILE:_files' \
108+
'(--common-tables)'--common-tables'[Check existence of common tables]' \
109+
'(--common-columns)'--common-columns'[Check existence of common columns]' \
110+
'(--udf-inject)'--udf-inject'[Inject custom user-defined functions]' \
111+
'(--shared-lib)'--shared-lib=-'[Local path of the shared library]:SHLIB' \
112+
'(--file-read)'--file-read=-'[Read a file from the back-end DBMS file system]:RFILE' \
113+
'(--file-write)'--file-write=-'[Write a local file on the back-end DBMS file system]:WFILE' \
114+
'(--file-dest)'--file-dest=-'[Back-end DBMS absolute filepath to write to]:DFILE' \
115+
'(--os-cmd)'--os-cmd=-'[Execute an operating system command]:OSCMD' \
116+
'(--os-shell)'--os-shell'[Prompt for an interactive operating system shell]' \
117+
'(--os-pwn)'--os-pwn'[Prompt for an out-of-band shell, meterpreter or VNC]' \
118+
'(--os-smbrelay)'--os-smbrelay'[One click prompt for an OOB shell, meterpreter or VNC]' \
119+
'(--os-bof)'--os-bof'[Stored procedure buffer overflow exploitation]' \
120+
'(--priv-esc)'--priv-esc'[Database process user privilege escalation]' \
121+
'(--msf-path)'--msf-path=-'[Local path where Metasploit Framework is installed]:MSFPATH' \
122+
'(--tmp-path)'--tmp-path=-'[Remote absolute path of temporary files directory]:TMPPATH' \
123+
'(--reg-read)'--reg-read'[Read a Windows registry key value]' \
124+
'(--reg-add)'--reg-add'[Write a Windows registry key value data]' \
125+
'(--reg-del)'--reg-del'[Delete a Windows registry key value]' \
126+
'(--reg-key)'--reg-key=-'[Windows registry key]:REGKEY' \
127+
'(--reg-value)'--reg-value=-'[Windows registry key value]:REGVAL' \
128+
'(--reg-data)'--reg-data=-'[Windows registry key value data]:REGDATA' \
129+
'(--reg-type)'--reg-type=-'[Windows registry key value type]:REGTYPE' \
130+
'(-t)'-t+'[Log all HTTP traffic into a textual file]:TRAFFICFILE' \
131+
'(--batch)'--batch'[Never ask for user input, use the default behaviour]' \
132+
'(--charset)'--charset=-'[Force character encoding used for data retrieval]:CHARSET' \
133+
'(--check-tor)'--check-tor'[Check to see if Tor is used properly]' \
134+
'(--crawl)'--crawl=-'[Crawl the website starting from the target url]:CRAWLDEPTH' \
135+
'(--csv-del)'--csv-del=-'[Delimiting character used in CSV output (default is ,)]:CSVDEL' \
136+
'(--dbms-cred)'--dbms-cred=-'[DBMS authentication credentials (user:password)]:DBMS authentication credentials' \
137+
'(--eta)'--eta'[Display for each output the estimated time of arrival]' \
138+
'(--flush-session)'--flush-session'[Flush session files for current target]' \
139+
'(--forms)'--forms'[Parse and test forms on target url]' \
140+
'(--fresh-queries)'--fresh-queries'[Ignores query results stored in session file]' \
141+
'(--hex)'--hex'[Uses DBMS hex function(s) for data retrieval]' \
142+
'(--output-dir)'--output-dir=-'[Custom output directory path]:ODIR' \
143+
'(--parse-errors)'--parse-errors'[Parse and display DBMS error messages from responses]' \
144+
'(--replicate)'--replicate'[Replicate dumped data into a sqlite3 database]' \
145+
'(--save)'--save'[Save options to a configuration INI file]' \
146+
'(--tor)'--tor'[Use Tor anonymity network]' \
147+
'(--tor-port)'--tor-port=-'[Set Tor proxy port other than default]:TORPORT' \
148+
'(--tor-type)'--tor-type=-'[Set Tor proxy type (HTTP - default, SOCKS4 or SOCKS5)]:TORTYPE' \
149+
'(--update)'--update'[Update sqlmap]' \
150+
'(-z)'-z+'[Use short mnemonics (e.g. flu,bat,ban,tec=EU)]:MNEMONICS' \
151+
'(--check-payload)'--check-payload'[Offline WAF/IPS/IDS payload detection testing]' \
152+
'(--check-waf)'--check-waf'[Check for existence of WAF/IPS/IDS protection]' \
153+
'(--cleanup)'--cleanup'[Clean up the DBMS by sqlmap specific UDF and tables]' \
154+
'(--dependencies)'--dependencies'[Check for missing (non-core) sqlmap dependencies]' \
155+
'(--disable-coloring)'--disable-coloring'[Disable console output coloring]' \
156+
'(--gpage)'--gpage=-'[Use Google dork results from specified page number]:GOOGLEPAGE' \
157+
'(--mobile)'--mobile'[Imitate smartphone through HTTP User-Agent header]' \
158+
'(--page-rank)'--page-rank'[Display page rank (PR) for Google dork results]' \
159+
'(--purge-output)'--purge-output'[Safely remove all content from output directory]' \
160+
'(--smart)'--smart'[Conduct through tests only if positive heuristic(s)]' \
161+
'(--test-filter)'--test-filter=-'[Select tests by payloads and/or titles (e.g. ROW)]:test-filter' \
162+
'(--wizard)'--wizard'[Simple wizard interface for beginner users]' && return 0
163+
164+
case "$state" in
165+
list-dbms)
166+
_values -S : 'DBMS' 'access' 'db2' 'firebird' 'maxdb' 'mssqlserver' 'mysql' 'oracle' 'postgresql' \
167+
'sqlite' 'sybase'
168+
;;
169+
list-os)
170+
_values -S : 'os' 'Linux' 'Windows'
171+
;;
172+
list-techniques)
173+
_values -S : 'technique' \
174+
'B[Boolean]' 'E[Error]' 'U[Union]' 'S[Stacked]' 'T[Time]'
175+
;;
176+
esac
177+
178+
return 0

0 commit comments

Comments
 (0)