From 72038e7744b546736cf68ff65da9229920d29360 Mon Sep 17 00:00:00 2001
From: Hakan <hbostann@users.noreply.github.com>
Date: Wed, 24 Oct 2018 08:18:16 +0300
Subject: [PATCH] sqlmap: add page (#2412)

---
 pages/common/sqlmap.md | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 pages/common/sqlmap.md

diff --git a/pages/common/sqlmap.md b/pages/common/sqlmap.md
new file mode 100644
index 0000000000..aaaa489525
--- /dev/null
+++ b/pages/common/sqlmap.md
@@ -0,0 +1,23 @@
+# sqlmap
+
+> Detect and exploit SQL injection flaws.
+
+- Run sqlmap against a single target URL:
+
+`python sqlmap.py -u {{"http://www.target.com/vuln.php?id=1"}}`
+
+- Send data in a POST request (`--data` implies POST request):
+
+`python sqlmap.py -u {{"http://www.target.com/vuln.php" --data={{"id=1"}}`
+
+- Change the parameter delimiter (& is the default):
+
+`python sqlmap.py -u {{"http://www.target.com/vuln.php"}} --data={{"query=foobar;id=1"}} --param-del={{";"}}`
+
+- Select a random `User-Agent` from `./txt/user-agents.txt` and use it:
+
+`python sqlmap.py -u {{"http://www.target.com/vuln.php"}} --random-agent`
+
+- Provide user credentials for HTTP protocol authentication:
+
+`python sqlmap.py -u {{"http://www.target.com/vuln.php"}} --auth-type {{Basic}} --auth-cred {{"testuser:testpass"}}`