SQLMap Command Generator is a web-based application designed to assist penetration testers and security enthusiasts in generating SQLMap commands with various options for testing SQL injection vulnerabilities. It provides an easy-to-use interface where users can configure various parameters, such as target URL, Google dork, POST data, connection options, detection levels, and techniques for SQL injection.
Features
- Target Configuration: Define target URL or Google dork.
- Connection Options: Configure proxy, random user-agent, and use Tor network.
- Detection Options: Set the test level, risk, and verbosity.
- Injection Techniques: Select from multiple SQL injection techniques, including boolean-based, error-based, union-based, and more.
- Enumeration Options: Choose data to extract from the database (e.g., tables, columns, passwords).
- Advanced Options: Configure additional attack options like OS shell, OS pwn, and batch mode.
Available Options
- Target URL: Input the target URL to be tested (e.g., http://example.com/vuln.php?id=1).
- Google Dork: Use a Google dork to find vulnerable pages (e.g., inurl:".php?id=1").
- POST Data: Provide any POST data parameters.
- Cookie: Provide any cookies needed for the session.
Troubleshooting
- Port Availability: The script will check if ports 8082-8085 are available. If none of them are free, it will prompt you to choose another port.
- Permissions: Ensure you have the required permissions to run the script and make the run.sh file executable.
- Dependencies: The script assumes that python3 and firefox are installed on your system.