Commit2c24a86

committed

Beta release

Implemented new switches:--abort-code--ignore-code--ignore-redirects--ignore-timeouts--retries--retry-on--randomize--safe-url--safe-post--safe-req--safe-freq--skip-urlencode--csrf-data--chunked--hpp--eval

1 parentfa992c0 commit2c24a86Copy full SHA for 2c24a86

File tree

3 files changed

+400

-140

lines changed

3 files changed

+400

-140

lines changed

`‎app.js‎`

Lines changed: 67 additions & 20 deletions

Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,7 @@ class SQLMapGenerator {`
`31`	`31`	`'--method':'method',`
`32`	`32`	`'--param-del':'paramDel',`
`33`	`33`	`'-r':'requestFile',`
	`34`	`+'--eval':'eval',`
`34`	`35`	`'--data':'data',`
`35`	`36`
`36`	`37`	`'--host':'host',`
`@@ -49,26 +50,40 @@ class SQLMapGenerator {`
`49`	`50`	`'--auth-cred':'authCred',`
`50`	`51`	`'--auth-file':'authFile',`
`51`	`52`
`52`		`-'--csrf-token':'csrfToken',`
`53`		`-'--csrf-method':'csrfMethod',`
`54`	`53`	`'--csrf-url':'csrfUrl',`
	`54`	`+'--csrf-method':'csrfMethod',`
	`55`	`+'--csrf-data':'csrfData',`
	`56`	`+'--csrf-token':'csrfToken',`
`55`	`57`	`'--csrf-retries':'csrfRetries',`
	`58`	`+`
	`59`	`+'--safe-url':'safeUrl',`
	`60`	`+'--safe-post':'safePost',`
	`61`	`+'--safe-req':'safeReq',`
	`62`	`+'--safe-freq':'safeFreq',`
	`63`	`+`
`56`	`64`
`57`	`65`	`'-p':'paramTest',`
`58`	`66`	`'--skip':'paramSkip',`
`59`	`67`	`'--param-exclude':'paramExclude',`
`60`	`68`	`'--param-filter':'paramFilter',`
`61`	`69`	`'--prefix':'prefix',`
`62`	`70`	`'--suffix':'suffix',`
	`71`	`+'--randomize':'randomize',`
`63`	`72`
	`73`	`+'--titles':'titles',`
	`74`	`+'--text-only':'textOnly',`
	`75`	`+'--ignore-redirects':'ignoreRedirects',`
	`76`	`+'--ignore-timeouts':'ignoreTimeouts',`
`64`	`77`	`'--string':'string',`
`65`	`78`	`'--regexp':'regexp',`
`66`	`79`	`'--not-string':'notString',`
`67`	`80`	`'--code':'code',`
`68`		`-'--titles':'titles',`
`69`		`-'--text-only':'textOnly',`
`70`		`-'--level':'level',`
	`81`	`+'--abort-code':'abortCode',`
	`82`	`+'--ignore-code':'ignoreCode',`
	`83`	`+'--retries':'retries',`
	`84`	`+'--retry-on':'retryOn',`
`71`	`85`
	`86`	`+'--level':'level',`
`72`	`87`	`'--risk':'risk',`
`73`	`88`	`'--dbms':'dbms',`
`74`	`89`	`'--os':'os',`
`@@ -81,6 +96,9 @@ class SQLMapGenerator {`
`81`	`96`	`'--no-cast':'noCast',`
`82`	`97`	`'--no-escape':'noEscape',`
`83`	`98`	`'--predict-output':'predictOutput',`
	`99`	`+'--skip-urlencode':'skipUrlencode',`
	`100`	`+'--chunked':'chunked',`
	`101`	`+'--hpp':'hpp',`
`84`	`102`
`85`	`103`	`'--all':'all',`
`86`	`104`	`'--banner':'banner',`
`@@ -215,18 +233,25 @@ class SQLMapGenerator {`
`215`	`233`	`varid=this.paramMapping[confkey];`
`216`	`234`	`varelem=document.getElementById(id);`
`217`	`235`	`varvalue=null;`
`218`		`-if(elem.type==='checkbox'){`
`219`		`-value=elem.checked;`
`220`		`-}`
`221`		`-elseif(elem.type==='text'\|\|elem.type==='number'\|\|elem.type==='url'\|\|elem.type==='select-one'){`
`222`		`-value=elem.value.trim();`
`223`		`-}`
`224`		`-elseif(elem.type==='textarea'){`
`225`		`-value=elem.value.trim().replaceAll("\n","\\\n");`
`226`		`-}`
	`236`	`+try{`
`227`	`237`
`228`		`-if(value){`
`229`		`-config[confkey]=value;`
	`238`	`+`
	`239`	`+if(elem.type==='checkbox'){`
	`240`	`+value=elem.checked;`
	`241`	`+}`
	`242`	`+elseif(elem.type==='text'\|\|elem.type==='number'\|\|elem.type==='url'\|\|elem.type==='select-one'){`
	`243`	`+value=elem.value.trim();`
	`244`	`+}`
	`245`	`+elseif(elem.type==='textarea'){`
	`246`	`+value=elem.value.trim().replaceAll("\n","\\\n");`
	`247`	`+}`
	`248`	`+`
	`249`	`+if(value){`
	`250`	`+config[confkey]=value;`
	`251`	`+}`
	`252`	`+`
	`253`	`+}catch(e){`
	`254`	`+console.log(confkey,e);`
`230`	`255`	`}`
`231`	`256`	`}`
`232`	`257`
`@@ -291,6 +316,7 @@ class SQLMapGenerator {`
`291`	`316`	`if(paramDel&&paramDel!=="&")config['--param-del']=paramDel;`
`292`	`317`
`293`	`318`	`this.setStandardConfigItem(config,'-r');`
	`319`	`+this.setStandardConfigItem(config,'--eval');`
`294`	`320`	`this.setStandardConfigItem(config,'--data');`
`295`	`321`
`296`	`322`	`// ## Request Headers`
`@@ -332,9 +358,8 @@ class SQLMapGenerator {`
`332`	`358`	`this.setStandardConfigItem(config,'--auth-file');`
`333`	`359`
`334`	`360`	`// ## CSRF Tokens Control`
`335`		`-this.setStandardConfigItem(config,'--csrf-token');`
`336`	`361`	`this.setStandardConfigItem(config,'--csrf-url');`
`337`		`-`
	`362`	`+`
`338`	`363`	`constcsrfMethod=document.getElementById('csrfMethod').value;`
`339`	`364`	`if(csrfMethod&&csrfMethod!=='custom'){`
`340`	`365`	`config['--csrf-method']=csrfMethod;`
`@@ -343,9 +368,18 @@ class SQLMapGenerator {`
`343`	`368`	`if(customCsrfMethod)config['--csrf-method']=customCsrfMethod;`
`344`	`369`	`}`
`345`	`370`
	`371`	`+this.setStandardConfigItem(config,'--csrf-data');`
	`372`	`+this.setStandardConfigItem(config,'--csrf-token');`
	`373`	`+`
`346`	`374`	`constcsrfRetries=document.getElementById('csrfRetries').value.trim();`
`347`	`375`	`if(csrfRetries&&csrfRetries>0)config['--csrf-retries']=csrfRetries;`
`348`	`376`
	`377`	`+// ## Safe Requests`
	`378`	`+this.setStandardConfigItem(config,'--safe-url');`
	`379`	`+this.setStandardConfigItem(config,'--safe-post');`
	`380`	`+this.setStandardConfigItem(config,'--safe-req');`
	`381`	`+this.setStandardConfigItem(config,'--safe-freq');`
	`382`	`+`
`349`	`383`	`// # INJECTION TAB`
`350`	`384`	`// ## Parameters`
`351`	`385`	`this.setStandardConfigItem(config,'-p');`
`@@ -354,17 +388,27 @@ class SQLMapGenerator {`
`354`	`388`	`this.setStandardConfigItem(config,'--param-filter');`
`355`	`389`	`this.setStandardConfigItem(config,'--prefix');`
`356`	`390`	`this.setStandardConfigItem(config,'--suffix');`
	`391`	`+this.setStandardConfigItem(config,'--randomize');`
`357`	`392`
`358`	`393`	`// ## Detection`
	`394`	`+this.setStandardConfigItem(config,'--text-only');`
	`395`	`+this.setStandardConfigItem(config,'--titles');`
	`396`	`+this.setStandardConfigItem(config,'--ignore-redirects');`
	`397`	`+this.setStandardConfigItem(config,'--ignore-timeouts');`
`359`	`398`	`this.setStandardConfigItem(config,'--string');`
`360`	`399`	`this.setStandardConfigItem(config,'--regexp');`
`361`	`400`	`this.setStandardConfigItem(config,'--not-string');`
`362`	`401`
`363`	`402`	`constcode=document.getElementById('code').value.trim();`
`364`	`403`	`if(code&&code>=100&&code<=599)config['--code']=code;`
	`404`	`+`
	`405`	`+this.setStandardConfigItem(config,'--abort-code');`
	`406`	`+this.setStandardConfigItem(config,'--ignore-code');`
`365`	`407`
`366`		`-this.setStandardConfigItem(config,'--text-only');`
`367`		`-this.setStandardConfigItem(config,'--titles');`
	`408`	`+constretries=document.getElementById('retries').value.trim();`
	`409`	`+if(retries&&retries>=0)config['--retries']=csrfRetries;`
	`410`	`+`
	`411`	`+this.setStandardConfigItem(config,'--retry-on');`
`368`	`412`
`369`	`413`	`// ## Attack Optimalization`
`370`	`414`	`constlevel=document.getElementById('level').value;`
`@@ -393,6 +437,9 @@ class SQLMapGenerator {`
`393`	`437`	`this.setStandardConfigItem(config,'--no-cast');`
`394`	`438`	`this.setStandardConfigItem(config,'--no-escape');`
`395`	`439`	`this.setStandardConfigItem(config,'--predict-output');`
	`440`	`+this.setStandardConfigItem(config,'--skip-urlencode');`
	`441`	`+this.setStandardConfigItem(config,'--chunked');`
	`442`	`+this.setStandardConfigItem(config,'--hpp');`
`396`	`443`
`397`	`444`	`// # EXPLOITATION TAB`
`398`	`445`	`// ## Enumeration and Data Exfiltraion`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit2c24a86

File tree

3 files changed

3 files changed

`‎app.js‎`

0 commit comments