You can drive sqlmap via the REST API. in the root of the project is a sqlmapapi.py file which starts a web server.
You can create any content you need, then pass the request which you want to fuzz to sqlmap via the API to get results. On Tue, Aug 11, 2015 at 9:13 AM, Vojtěch Polášek <krec...@gmail.com> wrote: > Greetings, > I am searching for help. I would like to test a part of application > which deletes something. Obviously I am searching for SQL injection > vulnerability. > So I need to send request to create object, retrieve response, derive > needed information and send a request for deletion which is probed for > possible SQL injection. > I suppose that this is not possible just through command line even > through --eval function. Am I right? > If yes, my next logical step would be to use sqlmap in some Python > program. Are there any information about importing sqlmap and invoking > it from my Python program? Or should I go just with doc strings? > Thanks, > Vojta > > > ------------------------------------------------------------------------------ > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website
------------------------------------------------------------------------------
_______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
