DOKK / manpages / debian 11 / sqlmap / sqlmap.1.en
SQLMAP(1) User Commands SQLMAP(1)

sqlmap - automatic SQL injection tool

python3 sqlmap [options]

___
__H__
___ ___[)]_____ ___ ___
{1.4.8#stable}

|_ -| . ["] | .'| . | |___|_ [(]_|_|_|__,| _|

|_|V...
|_| http://sqlmap.org

Show basic help message and exit
Show advanced help message and exit
Show program's version number and exit
Verbosity level: 0-6 (default 1)
Target:
At least one of these options has to be provided to define the target(s)
Target URL (e.g. "http://www.site.com/vuln.php?id=1")
Process Google dork results as target URLs
Request:
These options can be used to specify how to connect to the target URL
Data string to be sent through POST (e.g. "id=1")
HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
Use randomly selected HTTP User-Agent header value
Use a proxy to connect to the target URL
Use Tor anonymity network
Check to see if Tor is used properly
Injection:
These options can be used to specify which parameters to test for, provide custom injection payloads and optional tampering scripts
Testable parameter(s)
Force back-end DBMS to provided value
Detection:
These options can be used to customize the detection phase
Level of tests to perform (1-5, default 1)
Risk of tests to perform (1-3, default 1)
Techniques:
These options can be used to tweak testing of specific SQL injection techniques
SQL injection techniques to use (default "BEUSTQ")
Enumeration:
These options can be used to enumerate the back-end database management system information, structure and data contained in the tables
Retrieve everything
Retrieve DBMS banner
Retrieve DBMS current user
Retrieve DBMS current database
Enumerate DBMS users password hashes
Enumerate DBMS database tables
Enumerate DBMS database table columns
Enumerate DBMS schema
Dump DBMS database table entries
Dump all DBMS databases tables entries
DBMS database to enumerate
DBMS database table(s) to enumerate
DBMS database table column(s) to enumerate
Operating system access:
These options can be used to access the back-end database management system underlying operating system
Prompt for an interactive operating system shell
Prompt for an OOB shell, Meterpreter or VNC
General:
These options can be used to set some general working parameters
Never ask for user input, use the default behavior
Flush session files for current target
Miscellaneous:
These options do not fit into any other category
Prompt for an interactive sqlmap shell
Simple wizard interface for beginner users
August 2020 sqlmap v1.4.8