Hi,

how to add '--level'/'--risk' and '--tamper'

I experienced this during concsecutive runs. Currently the script does not clear the output directory before starting a fresh run so all the old files are still there and are read in as request files. The symbols you are seeing are the banner for sqlmap, one line at a time due to old testresult files being processed as new request files.

Originally posted by @jacampb in #1 (comment)

Great Work Mr Milad

I followed all steps as you explain when the script start and export packect completed
this error is coming to my cmd screen:
`632 Packets Exported Successfully.

[+] Testing SQL Injection on packets ... (Based on your network connection Test can take up to 5 minutes.)
[-] Performing SQL Injection on packet number 1. Please Wait ...
Traceback (most recent call last):
File "C:\Users\WhatUpTime.com\Downloads\Telegram Desktop\burp-to-sqlmap-master\burp-to-sqlmap-master\burp-to-sqlmap.py", line 191, in
main()
File "C:\Users\WhatUpTime.com\Downloads\Telegram Desktop\burp-to-sqlmap-master\burp-to-sqlmap-master\burp-to-sqlmap.py", line 95, in main
runWindows(filename, directory, sqlmappath, proxyvalue, vulnerablefiles, risk_value, level_value, tamper_value)
File "C:\Users\WhatUpTime.com\Downloads\Telegram Desktop\burp-to-sqlmap-master\burp-to-sqlmap-master\burp-to-sqlmap.py", line 121, in runWindows
if 'is vulnerable' in open(directory + "\testresult" + file).read() or "Payload:" in open(
FileNotFoundError: [Errno 2] No such file or directory: 'mm\testresult1.txt'
`
My OS: Windows 10

Can it be developed into a burp plugin?Thanks.

Hi there!

I really appreciate this work, i noticed this error while I'm testing burp-to-sqlmap.py:

root@PenTesTer:~/burp-to-sqlmap# python burp-to-sqlmap.py -f sqli.txt -o rus -s /usr/share/sqlmap/

#######################################################################

______ \ | ______ ______ \ __ /__ \

| | _/ | /| _/| ___/ | | / | \

| | \ | / | | | | | | / | \

|______ // || /|| || ______ /

/ / /

_________________ .____ _____ _____ __________

/ /_ \ | | / \ / _ \_____ \

_____ \ / / \ | | / \ / \ / /_\ | ___/

/ / _/. \ |___/ Y / | \ |

/_______ /_\ _/___ _| /_| /____|

/ __> / / /

Created By: Milad Khoshdel Blog: https://blog.regux.com

E-Mail: [email protected]

#######################################################################

[+] Exporting Packets ...
[-] Packet 1 Exported.
[-] Packet 2 Exported.
[-] Packet 3 Exported.
[-] Packet 4 Exported.
[-] Packet 5 Exported.
[-] Packet 6 Exported.
[-] Packet 7 Exported.
[-] Packet 8 Exported.
[-] Packet 9 Exported.
[-] Packet 10 Exported.
[-] Packet 11 Exported.
[-] Packet 12 Exported.
[-] Packet 13 Exported.
[-] Packet 14 Exported.
[-] Packet 15 Exported.
[-] Packet 16 Exported.
[-] Packet 17 Exported.
[-] Packet 18 Exported.
[-] Packet 19 Exported.
[-] Packet 20 Exported.
[-] Packet 21 Exported.
[-] Packet 22 Exported.
[-] Packet 23 Exported.
[-] Packet 24 Exported.
[-] Packet 25 Exported.

25 Packets Exported Successfully.

[+] Testing SQL Injection on packets ... (Based on your network connection Test can take up to 5 minutes.)
[-] Performing SQL Injection on packet number 4. Please Wait ...
Traceback (most recent call last):
File "burp-to-sqlmap.py", line 90, in
if 'is vulnerable' in open(directory + "\testresult" + file).read() or "Payload:" in open(
IOError: [Errno 2] No such file or directory: 'rus\testresult4.txt'
root@PenTesTer:~/burp-to-sqlmap#uname -a
Linux PenTesTer 4.9.0-kali3-amd64 #1 SMP Debian 4.9.18-1kali1 (2017-04-04) x86_64 GNU/Linux

I also create a file with testresult4.txt in rus directory, didn't fix the iusse.