| skipped 9 lines |
| 10 | 10 | | |
| 11 | 11 | | ## ***Module Installation*** |
| 12 | 12 | | |
| 13 | | - | pip install -r requirements.txt |
| | 13 | + | - cd to **ghauri** directory. |
| | 14 | + | - run: `python setup.py install` or `python -m pip install -e .` |
| | 15 | + | - you will be able to access and run the ghauri with simple `ghauri --help` command. |
| 14 | 16 | | |
| 15 | 17 | | ## ***Download Ghauri*** |
| 16 | 18 | | |
| skipped 2 lines |
| 19 | 21 | | git clone https://github.com/r0oth3x49/ghauri.git |
| 20 | 22 | | |
| 21 | 23 | | ## ***Features*** |
| 22 | | - | - Supports boolean/time/error based MySQL/PostgreSQL/MSSQL/Oracle injections. |
| 23 | | - | - Supports all types (HEADERS/COOKIE/POST/GET) for the listed dbms. |
| 24 | | - | - Added switch to support proxy option `--proxy`. |
| 25 | | - | - Added swicth to force SSL connection `--force-ssl`. |
| | 24 | + | - Supports following types of injection payloads: |
| | 25 | + | - Boolean based. |
| | 26 | + | - Error Based |
| | 27 | + | - Time Based |
| | 28 | + | - Stacked Queries |
| | 29 | + | - Support SQL injection for following DBMS. |
| | 30 | + | - MySQL |
| | 31 | + | - Microsoft SQL Server |
| | 32 | + | - Postgre |
| | 33 | + | - Oracle |
| | 34 | + | - Supports following injection types. |
| | 35 | + | - GET/POST Based injections |
| | 36 | + | - Headers Based injections |
| | 37 | + | - Cookies Based injections |
| | 38 | + | - Mulitipart Form data injections |
| | 39 | + | - JSON based injections |
| | 40 | + | - support proxy option `--proxy`. |
| | 41 | + | - supports parsing request from txt file: switch for that `-r file.txt` |
| | 42 | + | - supports limiting data extraction for dbs/tables/columns/dump: swicth `--start 1 --stop 2` |
| 26 | 43 | | |
| 27 | 44 | | |
| 28 | 45 | | ## **Advanced Usage** |
| skipped 47 lines |
| 76 | 93 | | Detection: |
| 77 | 94 | | These options can be used to customize the detection phase |
| 78 | 95 | | |
| 79 | | - | --level Level of tests to perform (1-3, default 1) |
| | 96 | + | --level LEVEL Level of tests to perform (1-3, default 1) |
| | 97 | + | --code CODE HTTP code to match when query is evaluated to True |
| | 98 | + | --string String to match when query is evaluated to True |
| | 99 | + | --not-string String to match when query is evaluated to False |
| | 100 | + | --text-only Compare pages based only on the textual content |
| 80 | 101 | | |
| 81 | 102 | | Techniques: |
| 82 | 103 | | These options can be used to tweak testing of specific SQL injection |
| 83 | 104 | | techniques |
| 84 | 105 | | |
| 85 | | - | --technique TECH SQL injection techniques to use (default "BTE") |
| | 106 | + | --technique TECH SQL injection techniques to use (default "BEST") |
| 86 | 107 | | --time-sec TIMESEC Seconds to delay the DBMS response (default 5) |
| 87 | 108 | | |
| 88 | 109 | | Enumeration: |
| skipped 26 lines |
| 115 | 136 | | It is the end user's responsibility to obey all applicable local,state and federal laws. |
| 116 | 137 | | Developer assume no liability and is not responsible for any misuse or damage caused by this program. |
| 117 | 138 | | |
| | 139 | + | ## **TODO** |
| | 140 | + | - Add support for inline queries. |
