GithubHelp home page GithubHelp logo

hood3drob1n / sqlmap-web-gui Goto Github PK

View Code? Open in Web Editor NEW
327.0 327.0 166.0 409 KB

PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!

PHP 95.59% CSS 1.41% JavaScript 2.99%

sqlmap-web-gui's Introduction

SQLMAP-Web-GUI

Before anything, this project wouldn't even be possible without the awesome development team behind SQLMAP - hats off to them!

This is a PHP Frontend I made to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!

Here is a few quick videos I made to show that almost all of your usual SQLMAP command line functionality is still possible via this Web GUI.

Demo against: Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005

Demo against: Linux (CentOS), Apache, MySQL, PHP

Blog Write-Up: http://kaoticcreations.blogspot.com/

Requirements:

  • Linux, Apache, PHP (check your favorite distro's wiki or forum pages, or use google)
    • PHP 5.3+ is suggested, older versions not tests so mileage may vary
  • Python and any SQLMAP dependencies (refer to their wiki for any help there)
  • Clone this repo to your machine
    • Edit the sqlmap/inc/config.php file so the paths all point to the right locations on your system
    • Copy the entire sqlmap/ directory and contents to your web root directory (cd SQLMAP-Web-GUI && cp -R sqlmap/ /var/www/)
    • When you want to use, simply fire up the sqlmap API server (python /home/user/tools/sqlmap/sqlmapapi.py -s)
    • Then you can navigate to the Web GUI address in your Browser to begin (firefox http://127.0.0.1/sqlmap/index.php)

Enjoy!

sqlmap-web-gui's People

Contributors

hood3drob1n avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

findlakes ccavxx sechacking bupt007 kyxrecon githubt4st johnjohnsp1 qatarattack 123affe securityigi peterpt signedbytes tutorial0 flyawaytang heartpandora ttxx9999 miracleego taibaiyifeng peval nask0 drptbl grosdev gamehacker winsday shaolinint cplushua01 wooluo djmin uncia trevor3000 habibmasuro thechiefcoc bathock 2089764 sh1nu11bi key20 c0deh4xor scz2011 fengxuangit hellokuku qardeneden famous0123 kostyll qhwlpg thecao365 ppanphper yaoyi2008 kdzm theralfbrown t0data wangroot hsmw 78778443 altune tangowilliam qsnipp ykttn xiaofengtongxue ra0mb1er forbidden-ali srsman xianlimei psuedoelastic snollyg0st3r imoham3d chiheb-nexus securextools 4lph4 x1ng mydrone ning1022 jijicanyu tuhaolam 404soul jeffreys125 hyeveryone alexaum skskevin cyri1s antonio24 xuelu520 adonchan mjain61 brandonmreeves av1080p mgcfish cyn00b kasemaster djglenx cdprf 5up3rc npc7 nuadaandre re13orn moss1993 sharehappy11 aquila008 619851705 inc775 sinkdwty

sqlmap-web-gui's Issues

More Features

hey,

Love this project very nice! Could you add user registration and have things like recent targets, un successful, successful attacks etc. I think that would be pretty cool.

Enable TOR

The project is very good indeed, congratulations!
I would love to have an option to enable tor in the sqlmap scan.
In the command line I can use: "--tor"

Basic Auth not working

When enabling "HTTP Authentication" with type Basic I got 401 (Unauthorized)

[INFO] [04:43:33] testing connection to the target URL
[OTHER] [04:43:34] not authorized, try to provide right HTTP authentication type and valid credentials (401)
[WARNING] [04:43:34] HTTP error codes detected during run:
401 (Unauthorized) - 1 times

I had to add a Custom Authorization Header "Authorization: Basic XXXXXXXXXXXXX=" as a workaround to make it work

Web gui setup in osx

I have tried to put the files under /var/www/sqlmap. i can only see nothing here in webgui url created by sqlmapapi.py, that is http://127.0.0.1:8775/. how do i fix this? i am using OSX Sierra.

error in every scan

hi,

i love this project really

but i have an error in every scan but all result is correct:

`Notice: Constant GUI_VERSION already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 4

Notice: Constant API_URL already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 7

Notice: Constant SQLMAP_BIN_PATH already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 11

Notice: Constant SQLMAP_OUTPUT_PATH already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 14

Notice: Constant TMP_PATH already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 17

Notice: Constant MSF_PATH already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 22

Notice: Constant ADMIN_USER already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 26

Notice: Constant ADMIN_PASS already defined in /opt/lampp/htdocs/sqlmap/inc/config.php on line 27`

thanks alot bro

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.