Skip to content

Instantly share code, notes, and snippets.

@jackdalton
Created May 22, 2016 03:32
Show Gist options
  • Save jackdalton/571a51d82a71f8e595aad52de6b68f5b to your computer and use it in GitHub Desktop.
Save jackdalton/571a51d82a71f8e595aad52de6b68f5b to your computer and use it in GitHub Desktop.
An sqlmap simplification script
#!/usr/bin/env python
# coding=utf-8
from os import system
version = "v1.0.0"
config = {
"target": None,
"flags": ""
}
def gethelp():
return """sqlmap-easy %s
Commands:
help Display this text
exit Quit the script
set-url <url> Set the target URL
setflag <flag> Add a new command flag to the final command.
getcommand Dumps the current final command.
exec Execute command
Flags:
-a, --all Retrieve everything
-b, --banner Retrieve DBMS banner
--current-user Retrieve DBMS current user
--current-db Retrieve DBMS current database
--passwords Enumerate DBMS users password hashes
--tables Enumerate DBMS database tables
--columns Enumerate DBMS database table columns
--schema Enumerate DBMS schema
--dump Dump DBMS database table entries
--dump-all Dump all DBMS databases tables entries
-D DB DBMS database to enumerate
-T TBL DBMS database table(s) to enumerate
-C COL DBMS database table column(s) to enumerate
""" % (version)
def ensure_len(arr, length):
if len(arr) < length:
print("Error: %d argument(s) expected, but only %d supplied.\n" % (length - 1, len(arr) - 1))
def compile_cmd():
return "python sqlmap.py -u \"%s\" %s" % (config["target"], config["flags"])
def cmdloop(cmd):
args = cmd.split()
if args[0] == "nop":
pass
elif args[0] == "test":
print("You ran the test command.")
elif args[0] == "exit":
return
elif args[0] == "version":
print("sqlmap-easy %s" % (version))
elif args[0] == "help":
print(gethelp())
elif args[0] == "set-url":
ensure_len(args, 2)
url = args[1]
config["target"] = url
print("Target url set to %s." % (config["target"]))
elif args[0] == "setflag":
config["flags"] += args[1] + " "
print("Flag \"%s\" added." % (args[1]))
print("Flags: %s" % (config["flags"]))
elif args[0] == "getcommand":
print("Current command: %s" % (compile_cmd()))
elif args[0] == "exec":
print("Executing command...")
system(compile_cmd())
else:
print("%s is not a recognized command." % (cmd))
cmd = raw_input("\nsql-e ~> ")
cmdloop(cmd)
cmdloop("nop")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment