【笔记】通过API操作SQLMap

发表于 更新于 阅读次数:

前言

通过API操作SQLMap

启动SQLMap的API服务

  • 默认端口号为8775
1
sqlmapapi -s

对任务的操作

新建任务

request
1
2
GET http://<ip>:8775/task/new
Content-Type: application/json
1
2
3
4
{
    "success": True,
    "taskid": xxxxxxxxxxxxxxxx,
}

删除任务

<taskid>:任务编号

request
1
2
GET http://<ip>:8775/task/<taskid>/delete
Content-Type: application/json

修改任务

设置目标

request
1
2
3
4
5
6
POST http://<ip>:8775/option/<taskid>/set
Content-Type: application/json

{
    "url": "<url>",
}
1
2
3
{
    "success": True,
}

对扫描的操作

开始扫描

request
1
2
POST http://<ip>:8775/scan/<taskid>/start
Content-Type: application/json
1
2
3
4
{
    "success": True,
    "engineid": 00000,
}

停止扫描

request
1
2
POST http://<ip>:8775/scan/<taskid>/stop
Content-Type: application/json

查看扫描列表

request
1
2
GET http://<ip>:8775/scan/<taskid>/list
Content-Type: application/json

查看扫描状态

request
1
2
GET http://<ip>:8775/scan/<taskid>/status
Content-Type: application/json
1
2
3
4
5
{
    "success": True,
    "status": "running",
    "returncode": None,
}
1
2
3
4
5
{
    "success": True,
    "status": "terminated",
    "returncode": 0,
}

查看扫描结果

request
1
2
GET http://<ip>:8775/scan/<taskid>/data
Content-Type: application/json

完成