Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 00ac4f83a3
Fetching contributors…

Cannot retrieve contributors at this time

60 lines (42 sloc) 1.588 kb
#set ansi=on to see the ansi-coded status bar
ansi=on
#method is one of 'post' or 'get'
method=post
#the query string should have X_X_X_X_X inserted at the injection point
querystring=search_field=X_X_X_X_X_X
#sql injection string prefix and postfix
sql_prefix= ';
sql_postfix=#
#debug = 0 : no non-error output (default)
#debug = 1 : some non-error output
#debug = 2 : much in the way of non-error output
#debug=2
#the variable that stores the target url
url=/path/to/url.file
#target host and port. Headers and ssl are optional
host=hostname
port=80
#headers[]=Cookie: somecookievalue
#headers[]=User-Agent: SP Squeeza
#ssl=on
#HTTP response codes we consider indicative of success. Sometime this is merely a 200 (default), sometimes you need to add 500 (especially for http channel)
http_resp_ok=200,500
#if the target host can send udp 53 to your squeeza box,
#uncomment and set the following line
#dns_server=192.168.80.128
#squeeza ships with the 'mssql' module at the moment
module=mysql
#default mode is 'cmd', can also use 'copy' or 'sql'
mysql_mode=sql
#default output channel is 'dns'
#other channels include 'time' and 'http'
mysql_channel=http
#instruct the dns channel to use xp_cmdshell+nslookup to create dns requests
#set to 'medium' to use xp_getfiledetails()
dns_privs=high
#specify the number of rows to attempt to extract via dns per http request
lines_per_request=1
#rather don't fiddle with the time_prics variable, its value is chosen automagically
#time_privs=low
#generic kinda timeout for a bunch of operations, in seconds
request_timeout=20
Jump to Line
Something went wrong with that request. Please try again.