Saturday, April 13, 2013

Interacting with SQLMap from C#

I just checked in some basic bindings to the SQLMap RESTful API. Pretty simple, below is an example application. It creates a new task, sets the msfPath option (but stores a copy of the options from before), starts the task using a specific URL set in the options dictionary, watches the scan until it completes, then writes the logs messages to stdout. You can get the bindings on github.
using System;
using sqlmapsharp;
using System.Collections.Generic;

namespace Example
 class MainClass
  public static void Main (string[] args)
   using (SqlmapSession session = new SqlmapSession("", 8775))
    using (SqlmapManager manager = new SqlmapManager(session))
     string taskid = manager.NewTask();


     Dictionary options = manager.GetOptions(taskid);

     manager.SetOption(taskid, "msfPath", "/path/to/msf");

     Dictionary newoptions = manager.GetOptions(taskid);

     Console.WriteLine("Old msfpath: " + options["msfPath"].ToString());
     Console.WriteLine("New msfpath: " + newoptions["msfPath"].ToString());

     options["url"] = "";

     manager.StartTask(taskid, options);

     SqlmapStatus status = manager.GetScanStatus(taskid);

     while (status.Status != "terminated")
      System.Threading.Thread.Sleep(new TimeSpan(0,0,10));
      status = manager.GetScanStatus(taskid);

     List logItems = manager.GetLog(taskid);

     foreach (SqlmapLogItem item in logItems)


No comments:

Post a Comment