miladkhoshdel / burp-to-sqlmap Goto Github PK
View Code? Open in Web Editor NEWPerforming SQLInjection test on Burp Suite Bulk Requests using SQLMap
Home Page: https://regux.com
Performing SQLInjection test on Burp Suite Bulk Requests using SQLMap
Home Page: https://regux.com
Hi,
how to add '--level'/'--risk' and '--tamper'
I experienced this during concsecutive runs. Currently the script does not clear the output directory before starting a fresh run so all the old files are still there and are read in as request files. The symbols you are seeing are the banner for sqlmap, one line at a time due to old testresult files being processed as new request files.
Originally posted by @jacampb in #1 (comment)
Great Work Mr Milad
I followed all steps as you explain when the script start and export packect completed
this error is coming to my cmd screen:
`632 Packets Exported Successfully.
[+] Testing SQL Injection on packets ... (Based on your network connection Test can take up to 5 minutes.)
[-] Performing SQL Injection on packet number 1. Please Wait ...
Traceback (most recent call last):
File "C:\Users\WhatUpTime.com\Downloads\Telegram Desktop\burp-to-sqlmap-master\burp-to-sqlmap-master\burp-to-sqlmap.py", line 191, in
main()
File "C:\Users\WhatUpTime.com\Downloads\Telegram Desktop\burp-to-sqlmap-master\burp-to-sqlmap-master\burp-to-sqlmap.py", line 95, in main
runWindows(filename, directory, sqlmappath, proxyvalue, vulnerablefiles, risk_value, level_value, tamper_value)
File "C:\Users\WhatUpTime.com\Downloads\Telegram Desktop\burp-to-sqlmap-master\burp-to-sqlmap-master\burp-to-sqlmap.py", line 121, in runWindows
if 'is vulnerable' in open(directory + "\testresult" + file).read() or "Payload:" in open(
FileNotFoundError: [Errno 2] No such file or directory: 'mm\testresult1.txt'
`
My OS: Windows 10
Can it be developed into a burp plugin?Thanks.
Hi there!
I really appreciate this work, i noticed this error while I'm testing burp-to-sqlmap.py:
root@PenTesTer:~/burp-to-sqlmap# python burp-to-sqlmap.py -f sqli.txt -o rus -s /usr/share/sqlmap/
#######################################################################
#######################################################################
[+] Exporting Packets ...
[-] Packet 1 Exported.
[-] Packet 2 Exported.
[-] Packet 3 Exported.
[-] Packet 4 Exported.
[-] Packet 5 Exported.
[-] Packet 6 Exported.
[-] Packet 7 Exported.
[-] Packet 8 Exported.
[-] Packet 9 Exported.
[-] Packet 10 Exported.
[-] Packet 11 Exported.
[-] Packet 12 Exported.
[-] Packet 13 Exported.
[-] Packet 14 Exported.
[-] Packet 15 Exported.
[-] Packet 16 Exported.
[-] Packet 17 Exported.
[-] Packet 18 Exported.
[-] Packet 19 Exported.
[-] Packet 20 Exported.
[-] Packet 21 Exported.
[-] Packet 22 Exported.
[-] Packet 23 Exported.
[-] Packet 24 Exported.
[-] Packet 25 Exported.
25 Packets Exported Successfully.
[+] Testing SQL Injection on packets ... (Based on your network connection Test can take up to 5 minutes.)
[-] Performing SQL Injection on packet number 4. Please Wait ...
Traceback (most recent call last):
File "burp-to-sqlmap.py", line 90, in
if 'is vulnerable' in open(directory + "\testresult" + file).read() or "Payload:" in open(
IOError: [Errno 2] No such file or directory: 'rus\testresult4.txt'
root@PenTesTer:~/burp-to-sqlmap#uname -a
Linux PenTesTer 4.9.0-kali3-amd64 #1 SMP Debian 4.9.18-1kali1 (2017-04-04) x86_64 GNU/Linux
I also create a file with testresult4.txt in rus directory, didn't fix the iusse.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.