Skip to content
cross-platform sqlmap GUI aimed to mobile devices
Python Shell
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
chik_res
icons
ioslibs
screens
spashscreens
.gitignore
LICENSE
README.md
android.txt
android_build.sh
android_build_debug.sh
buildozer.spec
chik_hook.py
chik_init_settings.py
fake_profiling.py
icon.png
main.py
sqlmapchik.kv
yesnopopup.py

README.md

sqlmapchik

sqlmapchik is a cross-platform sqlmap GUI for popular sqlmap tool. It is primarily aimed to be used on mobile devices (currently Android is supported).

Screenshots

main menu target mainlog settings

Installation (easy)

The easiest way to install sqlmapchik on Android device is to download it from Google Play. Note that Google Play version may not include the latest available sqlmap version.

Installation (hacky)

To run sqlmapchik on desktop machine or to build a cutting-edge version of APK:

  1. git-clone sqlmapchik repository
  2. cd to sqlmapchik directory
  3. git-clone sqlmap (make sure that sqlmap containing folder is called sqlmap)
  4. install kivy (1.8.0 is OK)
  5. you should be able to run sqlmapchik with python main.py

To run sqlmapchik on Android you have two options:

  1. build an APK using these instructions. There is a script android_build.sh that may help. Don't forget to comment the following lines in blacklist.txt in your python-for-android distribution folder:

    # unittest/*
    # sqlite3/*
    # lib-dynload/_sqlite3.so
    # lib-dynload/_lsprof.so
    # lib-dynload/future_builtins.so
    
  2. use a nice Kivy Launcher. In this case you just need to copy the project directory to /sdcard/kivy/ on your mobile device.

Unsupported features

Project is currently in beta (I suppose it will always be as sqlmap is constantly evolving :). At this point, not all of sqlmap features are supported. Here is what doesn't work for sure:

  • sqlmap API
  • profiling
  • log colorizing
  • beeping :)
  • user-defined function injection
  • updating
  • metasploit integration

Other features should work. If you find an issue (I bet you will:), don't hesitate to report it on Github, by email, Twitter, pidgin mail etc.

Links

You can’t perform that action at this time.