#[non_exhaustive]pub struct SqlmapOptions {Show 51 fields
pub url: Option<String>,
pub test_parameter: Option<String>,
pub dbms: Option<String>,
pub tech: Option<String>,
pub level: Option<i32>,
pub risk: Option<i32>,
pub string: Option<String>,
pub not_string: Option<String>,
pub regexp: Option<String>,
pub code: Option<i32>,
pub text_only: Option<bool>,
pub titles: Option<bool>,
pub cookie: Option<String>,
pub headers: Option<String>,
pub method: Option<String>,
pub data: Option<String>,
pub random_agent: Option<bool>,
pub proxy: Option<String>,
pub prefix: Option<String>,
pub suffix: Option<String>,
pub tamper: Option<String>,
pub skip: Option<String>,
pub skip_static: Option<bool>,
pub threads: Option<i32>,
pub verbose: Option<i32>,
pub batch: Option<bool>,
pub retries: Option<i32>,
pub get_dbs: Option<bool>,
pub get_tables: Option<bool>,
pub get_columns: Option<bool>,
pub get_users: Option<bool>,
pub get_passwords: Option<bool>,
pub get_privileges: Option<bool>,
pub is_dba: Option<bool>,
pub current_user: Option<bool>,
pub current_db: Option<bool>,
pub dump_all: Option<bool>,
pub dump_table: Option<bool>,
pub search: Option<bool>,
pub os_shell: Option<bool>,
pub sql_shell: Option<bool>,
pub file_read: Option<String>,
pub file_write: Option<String>,
pub file_dest: Option<String>,
pub tor: Option<bool>,
pub tor_port: Option<i32>,
pub tor_type: Option<String>,
pub crawl_depth: Option<i32>,
pub scope: Option<String>,
pub forms: Option<bool>,
pub second_url: Option<String>,
}Expand description
Configuration payload mapped directly to SQLMap CLI arguments.
All fields are optional and use skip_serializing_if so only
explicitly set values are sent to the REST API.
§Examples
use sqlmap_rs::SqlmapOptions;
let opts = SqlmapOptions::builder()
.url("http://example.com/api?id=1")
.level(3)
.risk(2)
.batch(true)
.threads(4)
.build();Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.url: Option<String>The target URL.
test_parameter: Option<String>Target specific parameter(s), e.g. “id”.
dbms: Option<String>Specific DBMS backend, e.g. “MySQL”.
tech: Option<String>Payload techniques to test (B=Boolean, E=Error, U=UNION, S=Stacked, T=Time, Q=Inline query).
level: Option<i32>Level of tests to perform (1-5, default 1).
risk: Option<i32>Payload risk (1-3, default 1).
string: Option<String>String to match for True on boolean-based blind injection.
not_string: Option<String>String to match for False on boolean-based blind injection.
regexp: Option<String>Regex to match for True on boolean-based blind injection.
code: Option<i32>HTTP code to match for True query.
text_only: Option<bool>Compare responses using text only.
titles: Option<bool>Compare responses using titles only.
HTTP Cookie header value.
headers: Option<String>HTTP headers string.
method: Option<String>Force specific HTTP method.
data: Option<String>POST data string.
random_agent: Option<bool>Use randomly selected User-Agent.
proxy: Option<String>HTTP proxy URL.
prefix: Option<String>Injection payload prefix string.
suffix: Option<String>Injection payload suffix string.
tamper: Option<String>Tamper script(s) for WAF evasion.
skip: Option<String>Skip testing specific parameters.
skip_static: Option<bool>Skip testing parameters that appear static.
threads: Option<i32>Number of concurrent threads (default 1).
verbose: Option<i32>Output verbosity level (1-6).
batch: Option<bool>Do not ask for user input (must be true for automation).
retries: Option<i32>Number of retries on connection timeout.
get_dbs: Option<bool>Enumerate DBMS databases.
get_tables: Option<bool>Enumerate DBMS database tables.
get_columns: Option<bool>Enumerate DBMS database columns.
get_users: Option<bool>Enumerate DBMS users.
get_passwords: Option<bool>Enumerate DBMS users password hashes.
get_privileges: Option<bool>Enumerate DBMS users privileges.
is_dba: Option<bool>Check if the DBMS user is DBA.
current_user: Option<bool>Retrieve the current DBMS user.
current_db: Option<bool>Retrieve the current DBMS database.
dump_all: Option<bool>Dump all DBMS databases tables entries.
dump_table: Option<bool>Dump DBMS database table entries.
search: Option<bool>Search for database/table/column names.
os_shell: Option<bool>Prompt for an interactive OS shell.
sql_shell: Option<bool>Prompt for an interactive SQL shell.
file_read: Option<String>Read a file from the DBMS file system.
file_write: Option<String>Write a file to the DBMS file system.
file_dest: Option<String>Destination path for file write on the DBMS.
tor: Option<bool>Use Tor for anonymity.
tor_port: Option<i32>Tor proxy port.
tor_type: Option<String>Tor proxy type (HTTP, SOCKS4, SOCKS5).
crawl_depth: Option<i32>Crawl the website from the target URL to given depth.
scope: Option<String>Regex to filter target URLs during crawling.
forms: Option<bool>Parse and test forms on target pages.
second_url: Option<String>URL for second-order injection verification.
Implementations§
Source§impl SqlmapOptions
impl SqlmapOptions
Sourcepub fn builder() -> SqlmapOptionsBuilder
pub fn builder() -> SqlmapOptionsBuilder
Create a new options builder.
Trait Implementations§
Source§impl Clone for SqlmapOptions
impl Clone for SqlmapOptions
Source§fn clone(&self) -> SqlmapOptions
fn clone(&self) -> SqlmapOptions
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read more