Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sqlmapproject
GitHub Repository: sqlmapproject/sqlmap
 Path: blob/master/sqlmap.conf
3553 views
1
# At least one of these options has to be specified to set the source to

2
# get target URLs from.

3
[Target]

4


5
# Target URL.

6
# Example: http://192.168.1.121/sqlmap/mysql/get_int.php?id=1&cat=2

7
url =

8


9
# Direct connection to the database.

10
# Examples:

11
#   mysql://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_NAME

12
#   oracle://USER:PASSWORD@DBMS_IP:DBMS_PORT/DATABASE_SID

13
direct = 

14


15
# Parse targets from Burp or WebScarab logs

16
# Valid: Burp proxy (http://portswigger.net/suite/) requests log file path

17
# or WebScarab proxy (http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project)

18
# 'conversations/' folder path

19
logFile = 

20


21
# Scan multiple targets enlisted in a given textual file

22
bulkFile =

23


24
# Load HTTP request from a file

25
# Example (file content): POST /login.jsp HTTP/1.1\nHost: example.com\nUser-Agent: Mozilla/4.0\n\nuserid=joe&password=guessme

26
requestFile = 

27


28
# Rather than providing a target URL, let Google return target

29
# hosts as result of your Google dork expression. For a list of Google

30
# dorks see Google Hacking Database at

31
# https://www.exploit-db.com/google-hacking-database

32
# Example: +ext:php +inurl:"&id=" +intext:"powered by "

33
googleDork = 

34


35


36
# These options can be used to specify how to connect to the target URL.

37
[Request]

38


39
# Force usage of given HTTP method (e.g. PUT).

40
method = 

41


42
# Data string to be sent through POST (e.g. "id=1").

43
data = 

44


45
# Character used for splitting parameter values (e.g. &).

46
paramDel = 

47


48
# HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..").

49
cookie = 

50


51
# Character used for splitting cookie values (e.g. ;).

52
cookieDel = 

53


54
# Live cookies file used for loading up-to-date values.

55
liveCookies = 

56


57
# File containing cookies in Netscape/wget format.

58
loadCookies = 

59


60
# Ignore Set-Cookie header from response.

61
# Valid: True or False

62
dropSetCookie = False

63


64
# Use HTTP version 1.0 (old).

65
# Valid: True or False

66
http10 = False

67


68
# Use HTTP version 2 (experimental).

69
# Valid: True or False

70
http2 = False

71


72
# HTTP User-Agent header value. Useful to fake the HTTP User-Agent header value

73
# at each HTTP request.

74
# sqlmap will also test for SQL injection on the HTTP User-Agent value.

75
agent =

76


77
# Imitate smartphone through HTTP User-Agent header.

78
# Valid: True or False

79
mobile = False

80


81
# Use randomly selected HTTP User-Agent header value.

82
# Valid: True or False

83
randomAgent = False

84


85
# HTTP Host header value.

86
host = 

87


88
# HTTP Referer header. Useful to fake the HTTP Referer header value at

89
# each HTTP request.

90
referer = 

91


92
# Extra HTTP headers

93
headers = Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

94
 Accept-Language: en-us,en;q=0.5

95
 Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7

96


97
# HTTP Authentication type. Useful only if the target URL requires

98
# HTTP Basic, Digest, Bearer or NTLM authentication and you have such data.

99
# Valid: Basic, Digest, Bearer, NTLM or PKI

100
authType = 

101


102
# HTTP authentication credentials. Useful only if the target URL requires

103
# HTTP Basic, Digest, Token or NTLM authentication and you have such data.

104
# Syntax: username:password

105
authCred = 

106


107
# HTTP Authentication PEM private/cert key file. Useful only if the target URL requires

108
# PKI authentication and you have such data.

109
# Syntax: key_file

110
authFile = 

111


112
# Abort on (problematic) HTTP error code (e.g. 401).

113
# Valid: string

114
abortCode =

115


116
# Ignore (problematic) HTTP error code (e.g. 401).

117
# Valid: string

118
ignoreCode =

119


120
# Ignore system default proxy settings.

121
# Valid: True or False

122
ignoreProxy = False

123


124
# Ignore redirection attempts.

125
# Valid: True or False

126
ignoreRedirects = False

127


128
# Ignore connection timeouts.

129
# Valid: True or False

130
ignoreTimeouts = False

131


132
# Use a proxy to connect to the target URL.

133
# Syntax: (http|https|socks4|socks5)://address:port

134
proxy = 

135


136
# Proxy authentication credentials. Useful only if the proxy requires

137
# Basic or Digest authentication and you have such data.

138
# Syntax: username:password

139
proxyCred =

140


141
# Load proxy list from a file

142
proxyFile =

143


144
# Use Tor anonymity network.

145
# Valid: True or False

146
tor = False

147


148
# Set Tor proxy port other than default.

149
# Valid: integer

150
# torPort =

151


152
# Set Tor proxy type.

153
# Valid: HTTP, SOCKS4, SOCKS5

154
torType = SOCKS5

155


156
# Check to see if Tor is used properly.

157
# Valid: True or False

158
checkTor = False

159


160
# Delay in seconds between each HTTP request.

161
# Valid: float

162
# Default: 0

163
delay = 0

164


165
# Seconds to wait before timeout connection.

166
# Valid: float

167
# Default: 30

168
timeout = 30

169


170
# Maximum number of retries when the HTTP connection timeouts.

171
# Valid: integer

172
# Default: 3

173
retries = 3

174


175
# Retry request on regexp matching content.

176
retryOn =

177


178
# Randomly change value for the given parameter.

179
rParam = 

180


181
# URL address to visit frequently during testing.

182
# Example: http://192.168.1.121/index.html

183
safeUrl = 

184


185
# POST data to send to a safe URL.

186
# Example: username=admin&password=passw0rd!

187
safePost = 

188


189
# Load safe HTTP request from a file.

190
safeReqFile = 

191


192
# Regular requests between visits to a safe URL (default 0).

193
# Valid: integer

194
# Default: 0

195
safeFreq = 0

196


197
# Skip URL encoding of payload data.

198
# Valid: True or False

199
skipUrlEncode = False

200


201
# Skip safe (HTML) encoding of payload data for SOAP/XML.

202
# Valid: True or False

203
skipXmlEncode = False

204


205
# Parameter used to hold anti-CSRF token.

206
csrfToken = 

207


208
# URL address to visit to extract anti-CSRF token

209
csrfUrl = 

210


211
# HTTP method to use during anti-CSRF token page visit.

212
csrfMethod =

213


214
# POST data to send during anti-CSRF token page visit.

215
csrfData =

216


217
# Retries for anti-CSRF token retrieval.

218
csrfRetries =

219


220
# Force usage of SSL/HTTPS

221
# Valid: True or False

222
forceSSL = False

223


224
# Use HTTP chunked transfer encoded requests.

225
# Valid: True or False

226
chunked = False

227


228
# Use HTTP parameter pollution.

229
# Valid: True or False

230
hpp = False

231


232
# Evaluate provided Python code before the request.

233
# Example: import hashlib;id2=hashlib.md5(id).hexdigest()

234
evalCode = 

235


236
# These options can be used to optimize the performance of sqlmap.

237
[Optimization]

238


239
# Use all optimization options.

240
# Valid: True or False

241
optimize = False

242


243
# Predict common queries output.

244
# Valid: True or False

245
predictOutput = False

246


247
# Use persistent HTTP(s) connections.

248
keepAlive = False

249


250
# Retrieve page length without actual HTTP response body.

251
# Valid: True or False

252
nullConnection = False

253


254
# Maximum number of concurrent HTTP(s) requests (handled with Python threads)

255
# to be used in the inference SQL injection attack.

256
# Valid: integer

257
# Default: 1

258
threads = 1

259


260


261
# These options can be used to specify which parameters to test for,

262
# provide custom injection payloads and optional tampering scripts.

263
[Injection]

264


265
# Testable parameter(s) comma separated. By default all GET/POST/Cookie

266
# parameters and HTTP User-Agent are tested by sqlmap.

267
testParameter = 

268


269
# Skip testing for given parameter(s).

270
skip =

271


272
# Skip testing parameters that not appear to be dynamic.

273
# Valid: True or False

274
skipStatic = False

275


276
# Regexp to exclude parameters from testing (e.g. "ses").

277
paramExclude =

278


279
# Select testable parameter(s) by place (e.g. "POST").

280
paramFilter =

281


282
# Force back-end DBMS to provided value. If this option is set, the back-end

283
# DBMS identification process will be minimized as needed.

284
# If not set, sqlmap will detect back-end DBMS automatically by default.

285
# Valid: mssql, mysql, mysql 4, mysql 5, oracle, pgsql, sqlite, sqlite3,

286
# access, firebird, maxdb, sybase

287
dbms = 

288


289
# DBMS authentication credentials (user:password). Useful if you want to

290
# run SQL statements as another user, the back-end database management

291
# system is PostgreSQL or Microsoft SQL Server and the parameter is

292
# vulnerable by stacked queries SQL injection or you are connecting directly

293
# to the DBMS (-d switch).

294
# Syntax: username:password

295
dbmsCred = 

296


297
# Force back-end DBMS operating system to provided value. If this option is

298
# set, the back-end DBMS identification process will be minimized as

299
# needed.

300
# If not set, sqlmap will detect back-end DBMS operating system

301
# automatically by default.

302
# Valid: linux, windows

303
os = 

304


305
# Use big numbers for invalidating values.

306
# Valid: True or False

307
invalidBignum = False

308


309
# Use logical operations for invalidating values.

310
# Valid: True or False

311
invalidLogical = False

312


313
# Use random strings for invalidating values.

314
# Valid: True or False

315
invalidString = False

316


317
# Turn off payload casting mechanism

318
# Valid: True or False

319
noCast = False

320


321
# Turn off string escaping mechanism

322
# Valid: True or False

323
noEscape = False

324


325
# Injection payload prefix string.

326
prefix = 

327


328
# Injection payload suffix string.

329
suffix = 

330


331
# Use given script(s) for tampering injection data.

332
tamper = 

333


334


335
# These options can be used to specify how to parse and compare page

336
# content from HTTP responses when using blind SQL injection technique.

337
[Detection]

338


339
# Level of tests to perform.

340
# The higher the value is, the higher the number of HTTP(s) requests are

341
# as well as the better chances to detect a tricky SQL injection.

342
# Valid: Integer between 1 and 5

343
# Default: 1

344
level = 1

345


346
# Risk of tests to perform.

347
# Note: boolean-based blind SQL injection tests with AND are considered

348
# risk 1, with OR are considered risk 3.

349
# Valid: Integer between 1 and 3

350
# Default: 1

351
risk = 1

352


353
# String to match within the raw response when the query is evaluated to 

354
# True, only needed if the page content dynamically changes at each refresh.

355
# Refer to the user's manual for further details.

356
string = 

357


358
# String to match within the raw response when the query is evaluated to 

359
# False, only needed if the page content dynamically changes at each refresh.

360
# Refer to the user's manual for further details.

361
notString = 

362


363
# Regular expression to match within the raw response when the query is

364
# evaluated to True, only needed if the needed if the page content

365
# dynamically changes at each refresh.

366
# Refer to the user's manual for further details.

367
# Valid: regular expression with Python syntax

368
# (http://www.python.org/doc/2.5.2/lib/re-syntax.html)

369
regexp = 

370


371
# HTTP response code to match when the query is True.

372
# Valid: Integer

373
# Example: 200 (assuming any False statement returns a different response

374
# code)

375
# code = 

376


377
# Conduct thorough tests only if positive heuristic(s).

378
# Valid: True or False

379
smart = False

380


381
# Compare pages based only on the textual content.

382
# Valid: True or False

383
textOnly = False

384


385
# Compare pages based only on their titles.

386
# Valid: True or False

387
titles = False

388


389


390
# These options can be used to tweak testing of specific SQL injection

391
# techniques.

392
[Techniques]

393


394
# SQL injection techniques to use.

395
# Valid: a string composed by B, E, U, S, T and Q where:

396
# B: Boolean-based blind SQL injection

397
# E: Error-based SQL injection

398
# U: UNION query SQL injection

399
# S: Stacked queries SQL injection

400
# T: Time-based blind SQL injection

401
# Q: Inline SQL injection

402
# Example: ES (means test for error-based and stacked queries SQL

403
# injection types only)

404
# Default: BEUSTQ (means test for all SQL injection types - recommended)

405
technique = BEUSTQ

406


407
# Seconds to delay the response from the DBMS.

408
# Valid: integer

409
# Default: 5

410
timeSec = 5

411


412
# Disable the statistical model for detecting the delay.

413
# Valid: True or False

414
disableStats = False

415


416
# Range of columns to test for.

417
# Valid: range of integers

418
# Example: 1-10

419
uCols = 

420


421
# Character to use for bruteforcing number of columns.

422
# Valid: string

423
# Example: NULL

424
uChar = 

425


426
# Table to use in FROM part of UNION query SQL injection.

427
# Valid: string

428
# Example: INFORMATION_SCHEMA.COLLATIONS

429
uFrom = 

430


431
# Column values to use for UNION query SQL injection.

432
# Valid: string

433
# Example: NULL,1,*,NULL

434
uValues =

435


436
# Domain name used for DNS exfiltration attack.

437
# Valid: string

438
dnsDomain =

439


440
# Resulting page URL searched for second-order response.

441
# Valid: string

442
secondUrl =

443


444
# Load second-order HTTP request from file.

445
# Valid: string

446
secondReq =

447


448


449
[Fingerprint]

450


451
# Perform an extensive back-end database management system fingerprint

452
# based on various techniques.

453
# Valid: True or False

454
extensiveFp = False

455


456


457
# These options can be used to enumerate the back-end database

458
# management system information, structure and data contained in the

459
# tables. Moreover you can run your own SQL statements.

460
[Enumeration]

461


462
# Retrieve everything

463
# Valid: True or False

464
getAll = False

465


466
# Retrieve back-end database management system banner.

467
# Valid: True or False

468
getBanner = False

469


470
# Retrieve back-end database management system current user.

471
# Valid: True or False

472
getCurrentUser = False

473


474
# Retrieve back-end database management system current database.

475
# Valid: True or False

476
getCurrentDb = False

477


478
# Retrieve back-end database management system server hostname.

479
# Valid: True or False

480
getHostname = False

481


482
# Detect if the DBMS current user is DBA.

483
# Valid: True or False

484
isDba = False

485


486
# Enumerate back-end database management system users.

487
# Valid: True or False

488
getUsers = False

489


490
# Enumerate back-end database management system users password hashes.

491
# Valid: True or False

492
getPasswordHashes = False

493


494
# Enumerate back-end database management system users privileges.

495
# Valid: True or False

496
getPrivileges = False

497


498
# Enumerate back-end database management system users roles.

499
# Valid: True or False

500
getRoles = False

501


502
# Enumerate back-end database management system databases.

503
# Valid: True or False

504
getDbs = False

505


506
# Enumerate back-end database management system database tables.

507
# Optional: db

508
# Valid: True or False

509
getTables = False

510


511
# Enumerate back-end database management system database table columns.

512
# Optional: db, tbl, col

513
# Valid: True or False

514
getColumns = False

515


516
# Enumerate back-end database management system schema.

517
# Valid: True or False

518
getSchema = False

519


520
# Retrieve number of entries for table(s).

521
# Valid: True or False

522
getCount = False

523


524
# Dump back-end database management system database table entries.

525
# Requires: tbl and/or col

526
# Optional: db

527
# Valid: True or False

528
dumpTable = False

529


530
# Dump all back-end database management system databases tables entries.

531
# Valid: True or False

532
dumpAll = False

533


534
# Search column(s), table(s) and/or database name(s).

535
# Requires: db, tbl or col

536
# Valid: True or False

537
search = False

538


539
# Check for database management system database comments during enumeration.

540
# Valid: True or False

541
getComments = False

542


543
# Retrieve SQL statements being run on database management system.

544
# Valid: True or False

545
getStatements = False

546


547
# Back-end database management system database to enumerate.

548
db = 

549


550
# Back-end database management system database table(s) to enumerate.

551
tbl = 

552


553
# Back-end database management system database table column(s) to enumerate.

554
col = 

555


556
# Back-end database management system identifiers (database(s), table(s) and column(s)) to not enumerate.

557
exclude = 

558


559
# Pivot column name.

560
pivotColumn =

561


562
# Use WHERE condition while table dumping (e.g. "id=1").

563
dumpWhere = 

564


565
# Back-end database management system database user to enumerate.

566
user = 

567


568
# Exclude DBMS system databases when enumerating tables.

569
# Valid: True or False

570
excludeSysDbs = False

571


572
# First query output entry to retrieve

573
# Valid: integer

574
# Default: 0 (sqlmap will start to retrieve the table dump entries from

575
# first one)

576
limitStart = 0

577


578
# Last query output entry to retrieve

579
# Valid: integer

580
# Default: 0 (sqlmap will detect the number of table dump entries and

581
# retrieve them until the last)

582
limitStop = 0

583


584
# First query output word character to retrieve

585
# Valid: integer

586
# Default: 0 (sqlmap will enumerate the query output from the first

587
# character)

588
firstChar = 0

589


590
# Last query output word character to retrieve

591
# Valid: integer

592
# Default: 0 (sqlmap will enumerate the query output until the last

593
# character)

594
lastChar = 0

595


596
# SQL statement to be executed.

597
# Example: SELECT 'foo', 'bar'

598
sqlQuery = 

599


600
# Prompt for an interactive SQL shell.

601
# Valid: True or False

602
sqlShell = False

603


604
# Execute SQL statements from given file(s).

605
sqlFile = 

606


607


608
# These options can be used to run brute force checks.

609
[Brute force]

610


611
# Check existence of common tables.

612
# Valid: True or False

613
commonTables = False

614


615
# Check existence of common columns.

616
# Valid: True or False

617
commonColumns = False

618


619
# Check existence of common files.

620
# Valid: True or False

621
commonFiles = False

622


623


624
# These options can be used to create custom user-defined functions.

625
[User-defined function]

626


627
# Inject custom user-defined functions

628
# Valid: True or False

629
udfInject = False

630


631
# Local path of the shared library

632
shLib = 

633


634


635
# These options can be used to access the back-end database management

636
# system underlying file system.

637
[File system]

638


639
# Read a specific file from the back-end DBMS underlying file system.

640
# Examples: /etc/passwd or C:\boot.ini

641
fileRead = 

642


643
# Write a local file to a specific path on the back-end DBMS underlying

644
# file system.

645
# Example: /tmp/sqlmap.txt or C:\WINNT\Temp\sqlmap.txt

646
fileWrite = 

647


648
# Back-end DBMS absolute filepath to write the file to.

649
fileDest = 

650


651


652
# These options can be used to access the back-end database management

653
# system underlying operating system.

654
[Takeover]

655


656
# Execute an operating system command.

657
# Valid: operating system command

658
osCmd = 

659


660
# Prompt for an interactive operating system shell.

661
# Valid: True or False

662
osShell = False

663


664
# Prompt for an out-of-band shell, Meterpreter or VNC.

665
# Valid: True or False

666
osPwn = False

667


668
# One click prompt for an out-of-band shell, Meterpreter or VNC.

669
# Valid: True or False

670
osSmb = False

671


672
# Microsoft SQL Server 2000 and 2005 'sp_replwritetovarbin' stored

673
# procedure heap-based buffer overflow (MS09-004) exploitation.

674
# Valid: True or False

675
osBof = False

676


677
# Database process' user privilege escalation.

678
# Note: Use in conjunction with osPwn, osSmb or osBof. It will force the

679
# payload to be Meterpreter.

680
privEsc = False

681


682
# Local path where Metasploit Framework is installed.

683
# Valid: file system path

684
msfPath = 

685


686
# Remote absolute path of temporary files directory.

687
# Valid: absolute file system path

688
tmpPath = 

689


690


691
# These options can be used to access the back-end database management

692
# system Windows registry.

693
[Windows]

694


695
# Read a Windows registry key value.

696
# Valid: True or False

697
regRead = False

698


699
# Write a Windows registry key value data.

700
# Valid: True or False

701
regAdd = False

702


703
# Delete a Windows registry key value.

704
# Valid: True or False

705
regDel = False

706


707
# Windows registry key.

708
regKey = 

709


710
# Windows registry key value.

711
regVal = 

712


713
# Windows registry key value data.

714
regData = 

715


716
# Windows registry key value type.

717
regType = 

718


719


720
# These options can be used to set some general working parameters.

721
[General]

722


723
# Load session from a stored (.sqlite) file

724
# Example: output/www.target.com/session.sqlite

725
sessionFile = 

726


727
# Log all HTTP traffic into a textual file.

728
trafficFile = 

729


730
# Abort data retrieval on empty results.

731
abortOnEmpty = False

732


733
# Set predefined answers (e.g. "quit=N,follow=N").

734
answers =

735


736
# Parameter(s) containing Base64 encoded data

737
base64Parameter =

738


739
# Use URL and filename safe Base64 alphabet (Reference: https://en.wikipedia.org/wiki/Base64#URL_applications).

740
# Valid: True or False

741
base64Safe = False

742


743
# Never ask for user input, use the default behaviour.

744
# Valid: True or False

745
batch = False

746


747
# Result fields having binary values (e.g. "digest").

748
binaryFields =

749


750
# Check Internet connection before assessing the target.

751
checkInternet = False

752


753
# Clean up the DBMS from sqlmap specific UDF and tables.

754
# Valid: True or False

755
cleanup = False

756


757
# Crawl the website starting from the target URL.

758
# Valid: integer

759
# Default: 0

760
crawlDepth = 0

761


762
# Regexp to exclude pages from crawling (e.g. "logout").

763
crawlExclude =

764


765
# Delimiting character used in CSV output.

766
# Default: ,

767
csvDel = ,

768


769
# Store dumped data to a custom file.

770
dumpFile =

771


772
# Format of dumped data

773
# Valid: CSV, HTML or SQLITE

774
dumpFormat = CSV

775


776
# Force character encoding used for data retrieval.

777
encoding = 

778


779
# Retrieve each query output length and calculate the estimated time of

780
# arrival in real time.

781
# Valid: True or False

782
eta = False

783


784
# Flush session files for current target.

785
# Valid: True or False

786
flushSession = False

787


788
# Parse and test forms on target URL.

789
# Valid: True or False

790
forms = False

791


792
# Ignore query results stored in session file.

793
# Valid: True or False

794
freshQueries = False

795


796
# Use Google dork results from specified page number.

797
# Valid: integer

798
# Default: 1

799
googlePage = 1

800


801
# Use hex conversion during data retrieval.

802
# Valid: True or False

803
hexConvert = False

804


805
# Custom output directory path.

806
outputDir =

807


808
# Parse and display DBMS error messages from responses.

809
# Valid: True or False

810
parseErrors = False

811


812
# Use given script(s) for preprocessing of request.

813
preprocess =

814


815
# Use given script(s) for postprocessing of response data.

816
postprocess =

817


818
# Redump entries having unknown character marker (?).

819
# Valid: True or False

820
repair = False

821


822
# Regular expression for filtering targets from provided Burp.

823
# or WebScarab proxy log.

824
# Example: (google|yahoo)

825
scope = 

826


827
# Skip heuristic detection of SQLi/XSS vulnerabilities.

828
# Valid: True or False

829
skipHeuristics = False

830


831
# Skip heuristic detection of WAF/IPS protection.

832
# Valid: True or False

833
skipWaf = False

834


835
# Prefix used for temporary tables.

836
# Default: sqlmap

837
tablePrefix = sqlmap

838


839
# Select tests by payloads and/or titles (e.g. ROW).

840
testFilter =

841


842
# Skip tests by payloads and/or titles (e.g. BENCHMARK).

843
testSkip =

844


845
# Run with a time limit in seconds (e.g. 3600).

846
timeLimit =

847


848
# Disable escaping of DBMS identifiers (e.g. "user").

849
unsafeNaming = False

850


851
# Web server document root directory (e.g. "/var/www").

852
webRoot =

853


854


855
[Miscellaneous]

856


857
# Run host OS command(s) when SQL injection is found.

858
alert =

859


860
# Beep on question and/or when SQL injection is found.

861
# Valid: True or False

862
beep = False

863


864
# Offline WAF/IPS payload detection testing.

865
# Valid: True or False

866
checkPayload = False

867


868
# Check for missing (optional) sqlmap dependencies.

869
# Valid: True or False

870
dependencies = False

871


872
# Disable console output coloring.

873
# Valid: True or False

874
disableColoring = False

875


876
# Disable hash analysis on table dumps.

877
# Valid: True or False

878
disableHashing = False

879


880
# Display list of available tamper scripts.

881
# Valid: True or False

882
listTampers = False

883


884
# Disable logging to a file.

885
# Valid: True or False

886
noLogging = False

887


888
# Disable console output truncation.

889
# Valid: True or False

890
noTruncate = False

891


892
# Work in offline mode (only use session data)

893
# Valid: True or False

894
offline = False

895


896
# Location of CSV results file in multiple targets mode.

897
resultsFile =

898


899
# Local directory for storing temporary files.

900
tmpDir =

901


902
# Adjust options for unstable connections.

903
# Valid: True or False

904
unstable = False

905


906
# Update sqlmap.

907
# Valid: True or False

908
updateAll = False

909


910
# Simple wizard interface for beginner users.

911
# Valid: True or False

912
wizard = False

913


914
# Verbosity level.

915
# Valid: integer between 0 and 6

916
# 0: Show only error and critical messages

917
# 1: Show also warning and info messages

918
# 2: Show also debug messages

919
# 3: Show also payloads injected

920
# 4: Show also HTTP requests

921
# 5: Show also HTTP responses' headers

922
# 6: Show also HTTP responses' page content

923
# Default: 1

924
verbose = 1

925


926