Improved --union-cols to accept a range to test for union SQL injection. By default it is 1-20.

2025-12-27 09:59:07 +00:00 · 2010-11-19 15:48:24 +00:00
parent ad17e9ed2a
commit c23126547e
4 changed files with 59 additions and 47 deletions
--- a/sqlmap.conf
+++ b/sqlmap.conf
@@ -256,14 +256,14 @@ unionTest = False
 # Technique to test for UNION query SQL injection
 # The possible techniques are by NULL bruteforcing (bf) or by ORDER BY
 # clause (ob)
-# Valid: NULL, OrderBy
-# Default: NULL
-uTech = NULL
+# Valid: char, OrderBy
+# Default: char
+uTech = char

-# Maximum number of columns to test for
-# Valid: integer
-# Default: 20
-uCols = 20
+# Range of columns to test for
+# Valid: range of integers
+# Default: 1-20
+uCols = 1-20

 # Character to use to bruteforce number of columns
 # Valid: string