Major enhancement to directly connect to the dbms without passing via a sql injection: adapted code accordingly - see #158. This feature relies on python third-party libraries to be able to connect to the database. For the moment it has been implemented for MySQL (with python-mysqldb module) and PostgreSQL (with python-psycopg2 module).

Minor layout adjustments.
2026-01-21 13:49:04 +00:00 · 2010-03-26 23:23:25 +00:00
parent 4ca1adba2c
commit 1416cd0d86
32 changed files with 791 additions and 122 deletions
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -2,6 +2,10 @@
 # get target urls from.
 [Target]

+# Direct connection to the database.
+# Example: mysql://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_NAME
+direct = 
+
 # Target URL.
 # Example: http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&cat=2
 url =