4

I'm using sqlmap with --crawl option. Whenever a URL is found, it asks me whether to scan it

GET http://127.0.0.1:80/demo/sqli.php?id=1
do you want to test this URL? [Y/n/q]

How should I ask sqlmap to test all URLs without asking?

P.S SQLmap also asks the following questions, I'd like to answer them automatically as well:

  • please enter number of threads? [Enter for 1 (current)]
  • do you want to check for the existence of site's sitemap(.xml) [y/N]
Improve this question

1 Answer 1

Reset to default
6

Try this out:

 --answers="follow=Y" --batch

From SQLmap wiki:

Act in non-interactive mode Switch: --batch

If you want sqlmap to run as a batch tool, without any user's interaction when sqlmap requires it, you can force that by using switch --batch. This will leave sqlmap to go with a default behaviour whenever user's input would be required.

Set answers for questions Option: --answers

In case that user wants to automatically set up answers for questions, even if --batch is used, using this option he can do it by providing any part of question together with answer after an equal sign. Also, answers for different question can be split with delimiter character ,.

Everything is here

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .