Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sqlmapproject
GitHub Repository: sqlmapproject/sqlmap
 Path: blob/master/sqlmap.conf
2983 views
1
# At least one of these options has to be specified to set the source to

2
# get target URLs from.

3
[Target]

4


5
# Target URL.

6
# Example: http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&cat=2

7
url =

8


9
# Direct connection to the database.

10
# Examples:

11
#   mysql://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_NAME

12
#   oracle://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_SID

13
direct = 

14


15
# Parse targets from Burp or WebScarab logs

16
# Valid: Burp proxy (http://portswigger.net/suite/) requests log file path

17
# or WebScarab proxy (http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project)

18
# 'conversations/' folder path

19
logFile = 

20


21
# Scan multiple targets enlisted in a given textual file

22
bulkFile =

23


24
# Load HTTP request from a file

25
# Example (file content): POST /login.jsp HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/4.0\n\nuserid=joe&password=guessme

26
requestFile = 

27


28
# Rather than providing a target URL, let Google return target

29
# hosts as result of your Google dork expression. For a list of Google

30
# dorks see Google Hacking Database at

31
# https://www.exploit-db.com/google-hacking-database

32
# Example: +ext:php +inurl:"&id=" +intext:"powered by "

33
googleDork = 

34


35


36
# These options can be used to specify how to connect to the target URL.

37
[Request]

38


39
# Force usage of given HTTP method (e.g. PUT).

40
method = 

41


42
# Data string to be sent through POST (e.g. "id=1").

43
data = 

44


45
# Character used for splitting parameter values (e.g. &).

46
paramDel = 

47


48
# HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..").

49
cookie = 

50


51
# Character used for splitting cookie values (e.g. ;).

52
cookieDel = 

53


54
# Live cookies file used for loading up-to-date values.

55
liveCookies = 

56


57
# File containing cookies in Netscape/wget format.

58
loadCookies = 

59


60
# Ignore Set-Cookie header from response.

61
# Valid: True or False

62
dropSetCookie = False

63


64
# Use HTTP version 1.0 (old).

65
# Valid: True or False

66
http10 = False

67


68
# Use HTTP version 2 (experimental).

69
# Valid: True or False

70
http2 = False

71


72
# HTTP User-Agent header value. Useful to fake the HTTP User-Agent header value

73
# at each HTTP request.

74
# sqlmap will also test for SQL injection on the HTTP User-Agent value.

75
agent =

76


77
# Imitate smartphone through HTTP User-Agent header.

78
# Valid: True or False

79
mobile = False

80


81
# Use randomly selected HTTP User-Agent header value.

82
# Valid: True or False

83
randomAgent = False

84


85
# HTTP Host header value.

86
host = 

87


88
# HTTP Referer header. Useful to fake the HTTP Referer header value at

89
# each HTTP request.

90
referer = 

91


92
# Extra HTTP headers

93
headers = Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

94
 Accept-Language: en-us,en;q=0.5

95
 Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7

96


97
# HTTP Authentication type. Useful only if the target URL requires

98
# HTTP Basic, Digest, Bearer or NTLM authentication and you have such data.

99
# Valid: Basic, Digest, Bearer, NTLM or PKI

100
authType = 

101


102
# HTTP authentication credentials. Useful only if the target URL requires

103
# HTTP Basic, Digest, Token or NTLM authentication and you have such data.

104
# Syntax: username:password

105
authCred = 

106


107
# HTTP Authentication PEM private/cert key file. Useful only if the target URL requires

108
# PKI authentication and you have such data.

109
# Syntax: key_file

110
authFile = 

111


112
# Abort on (problematic) HTTP error code (e.g. 401).

113
# Valid: string

114
abortCode =

115


116
# Ignore (problematic) HTTP error code (e.g. 401).

117
# Valid: string

118
ignoreCode =

119


120
# Ignore system default proxy settings.

121
# Valid: True or False

122
ignoreProxy = False

123


124
# Ignore redirection attempts.

125
# Valid: True or False

126
ignoreRedirects = False

127


128
# Ignore connection timeouts.

129
# Valid: True or False

130
ignoreTimeouts = False

131


132
# Use a proxy to connect to the target URL.

133
# Syntax: (http|https|socks4|socks5)://address:port

134
proxy = 

135


136
# Proxy authentication credentials. Useful only if the proxy requires

137
# Basic or Digest authentication and you have such data.

138
# Syntax: username:password

139
proxyCred =

140


141
# Load proxy list from a file

142
proxyFile =

143


144
# Use Tor anonymity network.

145
# Valid: True or False

146
tor = False

147


148
# Set Tor proxy port other than default.

149
# Valid: integer

150
# torPort =

151


152
# Set Tor proxy type.

153
# Valid: HTTP, SOCKS4, SOCKS5

154
torType = SOCKS5

155


156
# Check to see if Tor is used properly.

157
# Valid: True or False

158
checkTor = False

159


160
# Delay in seconds between each HTTP request.

161
# Valid: float

162
# Default: 0

163
delay = 0

164


165
# Seconds to wait before timeout connection.

166
# Valid: float

167
# Default: 30

168
timeout = 30

169


170
# Maximum number of retries when the HTTP connection timeouts.

171
# Valid: integer

172
# Default: 3

173
retries = 3

174


175
# Retry request on regexp matching content.

176
retryOn =

177


178
# Randomly change value for the given parameter.

179
rParam = 

180


181
# URL address to visit frequently during testing.

182
# Example: http://192.168.1.121/index.html

183
safeUrl = 

184


185
# POST data to send to a safe URL.

186
# Example: username=admin&password=passw0rd!

187
safePost = 

188


189
# Load safe HTTP request from a file.

190
safeReqFile = 

191


192
# Regular requests between visits to a safe URL (default 0).

193
# Valid: integer

194
# Default: 0

195
safeFreq = 0

196


197
# Skip URL encoding of payload data.

198
# Valid: True or False

199
skipUrlEncode = False

200


201
# Parameter used to hold anti-CSRF token.

202
csrfToken = 

203


204
# URL address to visit to extract anti-CSRF token

205
csrfUrl = 

206


207
# HTTP method to use during anti-CSRF token page visit.

208
csrfMethod =

209


210
# POST data to send during anti-CSRF token page visit.

211
csrfData =

212


213
# Retries for anti-CSRF token retrieval.

214
csrfRetries =

215


216
# Force usage of SSL/HTTPS

217
# Valid: True or False

218
forceSSL = False

219


220
# Use HTTP chunked transfer encoded requests.

221
# Valid: True or False

222
chunked = False

223


224
# Use HTTP parameter pollution.

225
# Valid: True or False

226
hpp = False

227


228
# Evaluate provided Python code before the request.

229
# Example: import hashlib;id2=hashlib.md5(id).hexdigest()

230
evalCode = 

231


232
# These options can be used to optimize the performance of sqlmap.

233
[Optimization]

234


235
# Use all optimization options.

236
# Valid: True or False

237
optimize = False

238


239
# Predict common queries output.

240
# Valid: True or False

241
predictOutput = False

242


243
# Use persistent HTTP(s) connections.

244
keepAlive = False

245


246
# Retrieve page length without actual HTTP response body.

247
# Valid: True or False

248
nullConnection = False

249


250
# Maximum number of concurrent HTTP(s) requests (handled with Python threads)

251
# to be used in the inference SQL injection attack.

252
# Valid: integer

253
# Default: 1

254
threads = 1

255


256


257
# These options can be used to specify which parameters to test for,

258
# provide custom injection payloads and optional tampering scripts.

259
[Injection]

260


261
# Testable parameter(s) comma separated. By default all GET/POST/Cookie

262
# parameters and HTTP User-Agent are tested by sqlmap.

263
testParameter = 

264


265
# Skip testing for given parameter(s).

266
skip =

267


268
# Skip testing parameters that not appear to be dynamic.

269
# Valid: True or False

270
skipStatic = False

271


272
# Regexp to exclude parameters from testing (e.g. "ses").

273
paramExclude =

274


275
# Select testable parameter(s) by place (e.g. "POST").

276
paramFilter =

277


278
# Force back-end DBMS to provided value. If this option is set, the back-end

279
# DBMS identification process will be minimized as needed.

280
# If not set, sqlmap will detect back-end DBMS automatically by default.

281
# Valid: mssql, mysql, mysql 4, mysql 5, oracle, pgsql, sqlite, sqlite3,

282
# access, firebird, maxdb, sybase

283
dbms = 

284


285
# DBMS authentication credentials (user:password). Useful if you want to

286
# run SQL statements as another user, the back-end database management

287
# system is PostgreSQL or Microsoft SQL Server and the parameter is

288
# vulnerable by stacked queries SQL injection or you are connecting directly

289
# to the DBMS (-d switch).

290
# Syntax: username:password

291
dbmsCred = 

292


293
# Force back-end DBMS operating system to provided value. If this option is

294
# set, the back-end DBMS identification process will be minimized as

295
# needed.

296
# If not set, sqlmap will detect back-end DBMS operating system

297
# automatically by default.

298
# Valid: linux, windows

299
os = 

300


301
# Use big numbers for invalidating values.

302
# Valid: True or False

303
invalidBignum = False

304


305
# Use logical operations for invalidating values.

306
# Valid: True or False

307
invalidLogical = False

308


309
# Use random strings for invalidating values.

310
# Valid: True or False

311
invalidString = False

312


313
# Turn off payload casting mechanism

314
# Valid: True or False

315
noCast = False

316


317
# Turn off string escaping mechanism

318
# Valid: True or False

319
noEscape = False

320


321
# Injection payload prefix string.

322
prefix = 

323


324
# Injection payload suffix string.

325
suffix = 

326


327
# Use given script(s) for tampering injection data.

328
tamper = 

329


330


331
# These options can be used to specify how to parse and compare page

332
# content from HTTP responses when using blind SQL injection technique.

333
[Detection]

334


335
# Level of tests to perform.

336
# The higher the value is, the higher the number of HTTP(s) requests are

337
# as well as the better chances to detect a tricky SQL injection.

338
# Valid: Integer between 1 and 5

339
# Default: 1

340
level = 1

341


342
# Risk of tests to perform.

343
# Note: boolean-based blind SQL injection tests with AND are considered

344
# risk 1, with OR are considered risk 3.

345
# Valid: Integer between 1 and 3

346
# Default: 1

347
risk = 1

348


349
# String to match within the raw response when the query is evaluated to 

350
# True, only needed if the page content dynamically changes at each refresh.

351
# Refer to the user's manual for further details.

352
string = 

353


354
# String to match within the raw response when the query is evaluated to 

355
# False, only needed if the page content dynamically changes at each refresh.

356
# Refer to the user's manual for further details.

357
notString = 

358


359
# Regular expression to match within the raw response when the query is

360
# evaluated to True, only needed if the needed if the page content

361
# dynamically changes at each refresh.

362
# Refer to the user's manual for further details.

363
# Valid: regular expression with Python syntax

364
# (http://www.python.org/doc/2.5.2/lib/re-syntax.html)

365
regexp = 

366


367
# HTTP response code to match when the query is True.

368
# Valid: Integer

369
# Example: 200 (assuming any False statement returns a different response

370
# code)

371
# code = 

372


373
# Conduct thorough tests only if positive heuristic(s).

374
# Valid: True or False

375
smart = False

376


377
# Compare pages based only on the textual content.

378
# Valid: True or False

379
textOnly = False

380


381
# Compare pages based only on their titles.

382
# Valid: True or False

383
titles = False

384


385


386
# These options can be used to tweak testing of specific SQL injection

387
# techniques.

388
[Techniques]

389


390
# SQL injection techniques to use.

391
# Valid: a string composed by B, E, U, S, T and Q where:

392
# B: Boolean-based blind SQL injection

393
# E: Error-based SQL injection

394
# U: UNION query SQL injection

395
# S: Stacked queries SQL injection

396
# T: Time-based blind SQL injection

397
# Q: Inline SQL injection

398
# Example: ES (means test for error-based and stacked queries SQL

399
# injection types only)

400
# Default: BEUSTQ (means test for all SQL injection types - recommended)

401
technique = BEUSTQ

402


403
# Seconds to delay the response from the DBMS.

404
# Valid: integer

405
# Default: 5

406
timeSec = 5

407


408
# Disable the statistical model for detecting the delay.

409
# Valid: True or False

410
disableStats = False

411


412
# Range of columns to test for.

413
# Valid: range of integers

414
# Example: 1-10

415
uCols = 

416


417
# Character to use for bruteforcing number of columns.

418
# Valid: string

419
# Example: NULL

420
uChar = 

421


422
# Table to use in FROM part of UNION query SQL injection.

423
# Valid: string

424
# Example: INFORMATION_SCHEMA.COLLATIONS

425
uFrom = 

426


427
# Column values to use for UNION query SQL injection.

428
# Valid: string

429
# Example: NULL,1,*,NULL

430
uValues =

431


432
# Domain name used for DNS exfiltration attack.

433
# Valid: string

434
dnsDomain =

435


436
# Resulting page URL searched for second-order response.

437
# Valid: string

438
secondUrl =

439


440
# Load second-order HTTP request from file.

441
# Valid: string

442
secondReq =

443


444


445
[Fingerprint]

446


447
# Perform an extensive back-end database management system fingerprint

448
# based on various techniques.

449
# Valid: True or False

450
extensiveFp = False

451


452


453
# These options can be used to enumerate the back-end database

454
# management system information, structure and data contained in the

455
# tables. Moreover you can run your own SQL statements.

456
[Enumeration]

457


458
# Retrieve everything

459
# Valid: True or False

460
getAll = False

461


462
# Retrieve back-end database management system banner.

463
# Valid: True or False

464
getBanner = False

465


466
# Retrieve back-end database management system current user.

467
# Valid: True or False

468
getCurrentUser = False

469


470
# Retrieve back-end database management system current database.

471
# Valid: True or False

472
getCurrentDb = False

473


474
# Retrieve back-end database management system server hostname.

475
# Valid: True or False

476
getHostname = False

477


478
# Detect if the DBMS current user is DBA.

479
# Valid: True or False

480
isDba = False

481


482
# Enumerate back-end database management system users.

483
# Valid: True or False

484
getUsers = False

485


486
# Enumerate back-end database management system users password hashes.

487
# Valid: True or False

488
getPasswordHashes = False

489


490
# Enumerate back-end database management system users privileges.

491
# Valid: True or False

492
getPrivileges = False

493


494
# Enumerate back-end database management system users roles.

495
# Valid: True or False

496
getRoles = False

497


498
# Enumerate back-end database management system databases.

499
# Valid: True or False

500
getDbs = False

501


502
# Enumerate back-end database management system database tables.

503
# Optional: db

504
# Valid: True or False

505
getTables = False

506


507
# Enumerate back-end database management system database table columns.

508
# Optional: db, tbl, col

509
# Valid: True or False

510
getColumns = False

511


512
# Enumerate back-end database management system schema.

513
# Valid: True or False

514
getSchema = False

515


516
# Retrieve number of entries for table(s).

517
# Valid: True or False

518
getCount = False

519


520
# Dump back-end database management system database table entries.

521
# Requires: tbl and/or col

522
# Optional: db

523
# Valid: True or False

524
dumpTable = False

525


526
# Dump all back-end database management system databases tables entries.

527
# Valid: True or False

528
dumpAll = False

529


530
# Search column(s), table(s) and/or database name(s).

531
# Requires: db, tbl or col

532
# Valid: True or False

533
search = False

534


535
# Check for database management system database comments during enumeration.

536
# Valid: True or False

537
getComments = False

538


539
# Retrieve SQL statements being run on database management system.

540
# Valid: True or False

541
getStatements = False

542


543
# Back-end database management system database to enumerate.

544
db = 

545


546
# Back-end database management system database table(s) to enumerate.

547
tbl = 

548


549
# Back-end database management system database table column(s) to enumerate.

550
col = 

551


552
# Back-end database management system identifiers (database(s), table(s) and column(s)) to not enumerate.

553
exclude = 

554


555
# Pivot column name.

556
pivotColumn =

557


558
# Use WHERE condition while table dumping (e.g. "id=1").

559
dumpWhere = 

560


561
# Back-end database management system database user to enumerate.

562
user = 

563


564
# Exclude DBMS system databases when enumerating tables.

565
# Valid: True or False

566
excludeSysDbs = False

567


568
# First query output entry to retrieve

569
# Valid: integer

570
# Default: 0 (sqlmap will start to retrieve the table dump entries from

571
# first one)

572
limitStart = 0

573


574
# Last query output entry to retrieve

575
# Valid: integer

576
# Default: 0 (sqlmap will detect the number of table dump entries and

577
# retrieve them until the last)

578
limitStop = 0

579


580
# First query output word character to retrieve

581
# Valid: integer

582
# Default: 0 (sqlmap will enumerate the query output from the first

583
# character)

584
firstChar = 0

585


586
# Last query output word character to retrieve

587
# Valid: integer

588
# Default: 0 (sqlmap will enumerate the query output until the last

589
# character)

590
lastChar = 0

591


592
# SQL statement to be executed.

593
# Example: SELECT 'foo', 'bar'

594
sqlQuery = 

595


596
# Prompt for an interactive SQL shell.

597
# Valid: True or False

598
sqlShell = False

599


600
# Execute SQL statements from given file(s).

601
sqlFile = 

602


603


604
# These options can be used to run brute force checks.

605
[Brute force]

606


607
# Check existence of common tables.

608
# Valid: True or False

609
commonTables = False

610


611
# Check existence of common columns.

612
# Valid: True or False

613
commonColumns = False

614


615
# Check existence of common files.

616
# Valid: True or False

617
commonFiles = False

618


619


620
# These options can be used to create custom user-defined functions.

621
[User-defined function]

622


623
# Inject custom user-defined functions

624
# Valid: True or False

625
udfInject = False

626


627
# Local path of the shared library

628
shLib = 

629


630


631
# These options can be used to access the back-end database management

632
# system underlying file system.

633
[File system]

634


635
# Read a specific file from the back-end DBMS underlying file system.

636
# Examples: /etc/passwd or C:\boot.ini

637
fileRead = 

638


639
# Write a local file to a specific path on the back-end DBMS underlying

640
# file system.

641
# Example: /tmp/sqlmap.txt or C:\WINNT\Temp\sqlmap.txt

642
fileWrite = 

643


644
# Back-end DBMS absolute filepath to write the file to.

645
fileDest = 

646


647


648
# These options can be used to access the back-end database management

649
# system underlying operating system.

650
[Takeover]

651


652
# Execute an operating system command.

653
# Valid: operating system command

654
osCmd = 

655


656
# Prompt for an interactive operating system shell.

657
# Valid: True or False

658
osShell = False

659


660
# Prompt for an out-of-band shell, Meterpreter or VNC.

661
# Valid: True or False

662
osPwn = False

663


664
# One click prompt for an out-of-band shell, Meterpreter or VNC.

665
# Valid: True or False

666
osSmb = False

667


668
# Microsoft SQL Server 2000 and 2005 'sp_replwritetovarbin' stored

669
# procedure heap-based buffer overflow (MS09-004) exploitation.

670
# Valid: True or False

671
osBof = False

672


673
# Database process' user privilege escalation.

674
# Note: Use in conjunction with osPwn, osSmb or osBof. It will force the

675
# payload to be Meterpreter.

676
privEsc = False

677


678
# Local path where Metasploit Framework is installed.

679
# Valid: file system path

680
msfPath = 

681


682
# Remote absolute path of temporary files directory.

683
# Valid: absolute file system path

684
tmpPath = 

685


686


687
# These options can be used to access the back-end database management

688
# system Windows registry.

689
[Windows]

690


691
# Read a Windows registry key value.

692
# Valid: True or False

693
regRead = False

694


695
# Write a Windows registry key value data.

696
# Valid: True or False

697
regAdd = False

698


699
# Delete a Windows registry key value.

700
# Valid: True or False

701
regDel = False

702


703
# Windows registry key.

704
regKey = 

705


706
# Windows registry key value.

707
regVal = 

708


709
# Windows registry key value data.

710
regData = 

711


712
# Windows registry key value type.

713
regType = 

714


715


716
# These options can be used to set some general working parameters.

717
[General]

718


719
# Load session from a stored (.sqlite) file

720
# Example: output/www.target.com/session.sqlite

721
sessionFile = 

722


723
# Log all HTTP traffic into a textual file.

724
trafficFile = 

725


726
# Abort data retrieval on empty results.

727
abortOnEmpty = False

728


729
# Set predefined answers (e.g. "quit=N,follow=N").

730
answers =

731


732
# Parameter(s) containing Base64 encoded data

733
base64Parameter =

734


735
# Use URL and filename safe Base64 alphabet (Reference: https://en.wikipedia.org/wiki/Base64#URL_applications).

736
# Valid: True or False

737
base64Safe = False

738


739
# Never ask for user input, use the default behaviour.

740
# Valid: True or False

741
batch = False

742


743
# Result fields having binary values (e.g. "digest").

744
binaryFields =

745


746
# Check Internet connection before assessing the target.

747
checkInternet = False

748


749
# Clean up the DBMS from sqlmap specific UDF and tables.

750
# Valid: True or False

751
cleanup = False

752


753
# Crawl the website starting from the target URL.

754
# Valid: integer

755
# Default: 0

756
crawlDepth = 0

757


758
# Regexp to exclude pages from crawling (e.g. "logout").

759
crawlExclude =

760


761
# Delimiting character used in CSV output.

762
# Default: ,

763
csvDel = ,

764


765
# Store dumped data to a custom file.

766
dumpFile =

767


768
# Format of dumped data

769
# Valid: CSV, HTML or SQLITE

770
dumpFormat = CSV

771


772
# Force character encoding used for data retrieval.

773
encoding = 

774


775
# Retrieve each query output length and calculate the estimated time of

776
# arrival in real time.

777
# Valid: True or False

778
eta = False

779


780
# Flush session files for current target.

781
# Valid: True or False

782
flushSession = False

783


784
# Parse and test forms on target URL.

785
# Valid: True or False

786
forms = False

787


788
# Ignore query results stored in session file.

789
# Valid: True or False

790
freshQueries = False

791


792
# Use Google dork results from specified page number.

793
# Valid: integer

794
# Default: 1

795
googlePage = 1

796


797
# Use hex conversion during data retrieval.

798
# Valid: True or False

799
hexConvert = False

800


801
# Custom output directory path.

802
outputDir =

803


804
# Parse and display DBMS error messages from responses.

805
# Valid: True or False

806
parseErrors = False

807


808
# Use given script(s) for preprocessing of request.

809
preprocess =

810


811
# Use given script(s) for postprocessing of response data.

812
postprocess =

813


814
# Redump entries having unknown character marker (?).

815
# Valid: True or False

816
repair = False

817


818
# Regular expression for filtering targets from provided Burp.

819
# or WebScarab proxy log.

820
# Example: (google|yahoo)

821
scope = 

822


823
# Skip heuristic detection of SQLi/XSS vulnerabilities.

824
# Valid: True or False

825
skipHeuristics = False

826


827
# Skip heuristic detection of WAF/IPS protection.

828
# Valid: True or False

829
skipWaf = False

830


831
# Prefix used for temporary tables.

832
# Default: sqlmap

833
tablePrefix = sqlmap

834


835
# Select tests by payloads and/or titles (e.g. ROW).

836
testFilter =

837


838
# Skip tests by payloads and/or titles (e.g. BENCHMARK).

839
testSkip =

840


841
# Run with a time limit in seconds (e.g. 3600).

842
timeLimit =

843


844
# Disable escaping of DBMS identifiers (e.g. "user").

845
unsafeNaming = False

846


847
# Web server document root directory (e.g. "/var/www").

848
webRoot =

849


850


851
[Miscellaneous]

852


853
# Run host OS command(s) when SQL injection is found.

854
alert =

855


856
# Beep on question and/or when SQL injection is found.

857
# Valid: True or False

858
beep = False

859


860
# Offline WAF/IPS payload detection testing.

861
# Valid: True or False

862
checkPayload = False

863


864
# Check for missing (optional) sqlmap dependencies.

865
# Valid: True or False

866
dependencies = False

867


868
# Disable console output coloring.

869
# Valid: True or False

870
disableColoring = False

871


872
# Disable hash analysis on table dumps.

873
# Valid: True or False

874
disableHashing = False

875


876
# Display list of available tamper scripts.

877
# Valid: True or False

878
listTampers = False

879


880
# Disable logging to a file.

881
# Valid: True or False

882
noLogging = False

883


884
# Disable console output truncation.

885
# Valid: True or False

886
noTruncate = False

887


888
# Work in offline mode (only use session data)

889
# Valid: True or False

890
offline = False

891


892
# Location of CSV results file in multiple targets mode.

893
resultsFile =

894


895
# Local directory for storing temporary files.

896
tmpDir =

897


898
# Adjust options for unstable connections.

899
# Valid: True or False

900
unstable = False

901


902
# Update sqlmap.

903
# Valid: True or False

904
updateAll = False

905


906
# Simple wizard interface for beginner users.

907
# Valid: True or False

908
wizard = False

909


910
# Verbosity level.

911
# Valid: integer between 0 and 6

912
# 0: Show only error and critical messages

913
# 1: Show also warning and info messages

914
# 2: Show also debug messages

915
# 3: Show also payloads injected

916
# 4: Show also HTTP requests

917
# 5: Show also HTTP responses' headers

918
# 6: Show also HTTP responses' page content

919
# Default: 1

920
verbose = 1

921


922