Skip to content

dikurdikur/asqlmap

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
asqlmap.sh
asqlmap.sh
 
 
screenshot.png
screenshot.png
 
 

Repository files navigation

asqlmap - Automated sqlmap

Asqlmap is a terminal interface to automate the famous SQL Injection tool sqlmap. It provides a very simple interface to quickly perform sqlmap tests on a specific target.

This version of asqlmap was tested on Parrot Security and Kali Linux.

Asqlmap is very simple to use: you only need to specify the target, then choose which test you want to perform.

Features

  • Vulnerability check and information research (Databases, tables)
  • Users, passwords and privileges research
  • Open SQL Shell
  • Open OS Shell
  • Dump single table (CSV)
  • Dump single table (HTML)
  • Dump single database (CSV)
  • Dump single database (HTML)
  • Dump all databases (CSV)
  • Dump all databases (HTML)
  • Retrieve everything (CSV) - can take a long time!
  • Retrieve everything (HTML) - can take a long time!

asqlmap is pre-configured to keep your anonymity safe using Tor for every operation and using a random User Agent for each test.

What is sqlmap?

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches including database fingerprinting, over data fetching from the database, accessing the underlying file system, and executing commands on the operating system via out-of-band connections.

For more information about sqlmap visit: https://github.com/sqlmapproject/sqlmap

Requirements

  • sqlmap
  • Tor (Start Tor on the system before running asqlmap)

Installation

git clone https://github.com/dikurdikur/asqlmap.git
cd asqlmap
chmod +x asqlmap.sh

Usage

Test a URL

./asqlmap.sh "URL" [OPTIONS]

Options after URL:

Option Description
-r <risk> Risk level (0-3, default 1)
-l <level> Test level (1-5, default 1)
-t <threads> Number of threads (1-10, default 1)

Options without URL:

Option Description
-g <dork> Search for Google Dorks
-purge Securely erase the sqlmap output directory
-h, -help Show help
-v Show version

Example:

./asqlmap.sh "http://www.example.com" -r 2 -l 3

NOTE: Don't forget to wrap the URL in quotes to support multiple GET parameters.

Search with Google Dork

./asqlmap.sh -g "inurl:index.php?id="

Scan a specific website:

./asqlmap.sh -g "site:http://www.example.com ext:php"

See sqlmap documentation for risk and level options:

Known Issues

None at the moment.

License

This project is licensed under the GNU General Public License v2.0 - see the LICENSE file for details.

Disclaimer

This tool is for educational and authorized security testing purposes only. Always obtain proper authorization before testing any system you do not own or have permission to test.

About

Asqlmap is a terminal interface to automatize the famous SQL Injection's tool sqlmap. It provides a very simple interface to quickly perform sqlmap's tests on a specific target.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

 
 
 

Contributors

Languages

  • Shell 100.0%