Rewrite from scratch the detection engine. Now it performs checks defined in payload.xml. User can specify its own.

All (hopefully) functionalities should still be working. Added two switches, --level and --risk to specify which injection tests and boundaries to use. The main advantage now is that sqlmap is able to identify initially which injection types are present so for instance if boolean-based blind is not supported, but error-based is, sqlmap will keep going and work!
2026-01-22 06:09:02 +00:00 · 2010-11-28 18:10:54 +00:00
parent a8b38ba76b
commit 7e3b24afe6
24 changed files with 1968 additions and 333 deletions
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -192,6 +192,20 @@ tamper =
 # content from HTTP responses when using blind SQL injection technique.
 [Detection]

+# Level of tests to perform
+# The higher the value is, the higher the number of HTTP(s) requests are
+# as well as the better chances to detect a tricky SQL injection.
+# Valid: Integer between 1 and 5
+# Default: 1
+level = 1
+
+# Risk of tests to perform
+# Note: boolean-based blind SQL injection tests with AND are considered
+# risk 1, with OR are considered risk 3.
+# Valid: Integer between 0 and 3
+# Default: 1
+risk = 1
+
 # String to match within the page content when the query is valid, only
 # needed if the page content dynamically changes at each refresh.
 # Refer to the user's manual for further details.