一、自帶幫助信息
1.1 基本幫助(譯)
python sqlmap.py -h
Options:【選項】
-h, --help Show basic help message and exit(顯示基本幫助信息並退出)
-hh Show advanced help message and exit(顯示高級幫助信息並退出)
--version Show program's version number and exit(顯示程序版本並退出)
-v VERBOSE Verbosity level: 0-6 (default 1)(冗餘級別:0-6,(默認1))
Target:【目標】
At least one of these options has to be provided to define the target(s)(必須提供其中至少一個選項來定義)
-u URL, --url=URL Target URL (e.g. "http://www.site.com/vuln.php?id=1")(目標地址)
-g GOOGLEDORK Process Google dork results as target URLs
Request:【請求】
These options can be used to specify how to connect to the target URL(這些選項可用於指定如何連接到目標URL)
--data=DATA Data string to be sent through POST (e.g. "id=1")(數據通過POST發送的數據字符串)
--cookie=COOKIE HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")(HTTP cookie頭值)
--random-agent Use randomly selected HTTP User-Agent header value(使用隨機選擇的HTTP User-Agent 頭值)
--proxy=PROXY Use a proxy to connect to the target URL(使用代理連接到目標URL)
--tor Use Tor anonymity network(使用洋蔥匿名網絡)
--check-tor Check to see if Tor is used properly(檢查洋蔥是否正確使用)
Injection:【注入】
These options can be used to specify which parameters to test for,provide custom injection payloads and optional tampering scripts(這些選項可用於指定要測試的參數,提供自定義注入有效載荷和可選的篡改腳本)
-p TESTPARAMETER Testable parameter(s)(測試參數)
--dbms=DBMS Force back-end DBMS to provided value(強制後端DBMS提供值)
Detection:【偵查/檢測】
These options can be used to customize the detection phase(這些選項可用於自定義檢測階段)
--level=LEVEL Level of tests to perform (1-5, default 1)(要執行的測試級別(1-5,默認爲1))
--risk=RISK Risk of tests to perform (1-3, default 1)(要執行的測試風險(1-3,默認爲1))
Techniques:【技術】
These options can be used to tweak testing of specific SQL injection techniques(這些選項可用於調整特定SQL注入的測試)
--technique=TECH.. SQL injection techniques to use (default "BEUSTQ")(要使用的SQL注入技術(默認"BEUSTQ"))
Enumeration:【枚舉】
These options can be used to enumerate the back-end database management system information, structure and data contained in the tables(這些選項可用於枚舉後端數據庫,管理系統中包含的信息、結構和數據表)
-a, --all Retrieve everything(檢索一切)
-b, --banner Retrieve DBMS banner(檢索DBMS banner)
--current-user Retrieve DBMS current user(檢索DBMS當前用戶)
--current-db Retrieve DBMS current database(檢索DBMS當前數據庫)
--passwords Enumerate DBMS users password hashes(枚舉DBMS用戶的密碼散列)
--tables Enumerate DBMS database tables(枚舉DBMS數據庫中的表)
--columns Enumerate DBMS database table columns(枚舉DBMS數據表列)
--schema Enumerate DBMS schema(枚舉SBMS schema下所有表的列)
--dump Dump DBMS database table entries(dump DBMS表項)
--dump-all Dump all DBMS databases tables entries(轉儲所有DBMS數據庫的表條目)
-D DB DBMS database to enumerate(DBMS數據庫庫枚舉)
-T TBL DBMS database table(s) to enumerate(DBMS數據庫表枚舉)
-C COL DBMS database table column(s) to enumerate(DBMS數據庫表列枚舉)
Operating system access:【操作系統訪問】
These options can be used to access the back-end database management system underlying operating system(這些選項可用於訪問後端數據庫管理)
--os-shell Prompt for an interactive operating system shell(交互式操作系統shell)
--os-pwn Prompt for an OOB shell, Meterpreter or VNC(提示一個OOB shell,Meterpreter / VNC)
General:【通用】
These options can be used to set some general working parameters(選項可用來設置一些通用的工作參數)
--batch Never ask for user input, use the default behavior(從不請求用戶輸入,使用默認操作)
--flush-session Flush session files for current target(刷新當前目標會話文件 / 清除歷史掃描)
Miscellaneous:【多方面】
These options do not fit into any other category(這些選項不適合任何其它類別)
--sqlmap-shell Prompt for an interactive sqlmap shell(提示一個交互式的sqlmap shell)
--wizard Simple wizard interface for beginner users(爲初學者提供簡單的嚮導界面)
1.2 高級幫助(譯)
python sqlmap.py -hh
Target:【目標】
At least one of these options has to be provided to define the target(s)(必須提供其中至少一個選項來定義)
-u URL, --url=URL Target URL (e.g. "http://www.site.com/vuln.php?id=1")(目標URL)
-d DIRECT Connection string for direct database connection(連接字符串,用於直接數據庫連接)
-l LOGFILE Parse target(s) from Burp or WebScarab proxy log file(分析目標/多個目標,從Burp或WebScarab代理日誌文件)
-m BULKFILE Scan multiple targets given in a textual file(掃描文本文件中給出的多個目標)
-r REQUESTFILE Load HTTP request from a file(從一個文件中加載HTTP請求)
-g GOOGLEDORK Process Google dork results as target URLs(處理谷歌dork作爲目標網址的結果)
-c CONFIGFILE Load options from a configuration INI file(從配置INI文件中加載選項)
Request:【請求】
These options can be used to specify how to connect to the target URL(這些選項可用於指定如何連接到目標URL)
-A AGENT, --user.. HTTP User-Agent header value(HTTP User-Agent 代理頭值)
-H HEADER, --hea.. Extra header (e.g. "X-Forwarded-For: 127.0.0.1")(額外的報頭)
--method=METHOD Force usage of given HTTP method (e.g. PUT)(強制使用給定的HTTP方法)
--data=DATA Data string to be sent through POST (e.g. "id=1")(通過POST發送的數據字符串)
--param-del=PARA.. Character used for splitting parameter values (e.g. &)(用於分割參數值的字符)
--cookie=COOKIE HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")(HTTP Cookie頭值)
--cookie-del=COO.. Character used for splitting cookie values (e.g. ;)(用於分割cookie值字符)
--load-cookies=L.. File containing cookies in Netscape/wget format(包含Netscape/Wget格式的cookie文件)
--drop-set-cookie Ignore Set-Cookie header from response(忽略響應中的Set-Cookie標頭)
--mobile Imitate smartphone through HTTP User-Agent header(模擬智能手機通過HTTP User-Agent代理報頭)
--random-agent Use randomly selected HTTP User-Agent header value(使用隨機選擇的HTTP用戶代理頭值)
--host=HOST HTTP Host header value(Host HTTP標頭值)
--referer=REFERER HTTP Referer header value(Referer HTTP標頭值)
--headers=HEADERS Extra headers (e.g. "Accept-Language: fr\nETag: 123")(額外的標頭)
--auth-type=AUTH.. HTTP authentication type (Basic, Digest, NTLM or PKI)(HTTP認證類型(Basic/Digest/HTLM/PK))
--auth-cred=AUTH.. HTTP authentication credentials (name:password)(HTTP身份驗證憑據)
--auth-file=AUTH.. HTTP authentication PEM cert/private key file(HTTP認證PEM證書/私鑰文件)
--ignore-code=IG.. Ignore (problematic) HTTP error code (e.g. 401)(忽略(有問題的)HTTP錯誤代碼)
--ignore-proxy Ignore system default proxy settings(忽略系統默認的代理設置)
--ignore-redirects Ignore redirection attempts(忽略重定向嘗試)
--ignore-timeouts Ignore connection timeouts(忽略連接超時)
--proxy=PROXY Use a proxy to connect to the target URL(使用代理連接到目標URL)
--proxy-cred=PRO.. Proxy authentication credentials (name:password)(代理身份驗證憑據)
--proxy-file=PRO.. Load proxy list from a file(從文件中加載代理列表)
--tor Use Tor anonymity network(使用洋蔥匿名網絡)
--tor-port=TORPORT Set Tor proxy port other than default(設置洋蔥代理端口而不是默認端口)
--tor-type=TORTYPE Set Tor proxy type (HTTP, SOCKS4 or SOCKS5 (default))(設置洋蔥代理類型)
--check-tor Check to see if Tor is used properly(檢查洋蔥是否能正確使用)
--delay=DELAY Delay in seconds between each HTTP request(每個HTTP請求之間的延遲)
--timeout=TIMEOUT Seconds to wait before timeout connection (default 30)(超時連接前等待的超時秒數(默認30))
--retries=RETRIES Retries when the connection timeouts (default 3)(連接超時時重試(默認3))
--randomize=RPARAM Randomly change value for given parameter(s)(隨機改變給定參數的值)
--safe-url=SAFEURL URL address to visit frequently during testing(在測試期間要頻繁訪問的URL地址)
--safe-post=SAFE.. POST data to send to a safe URL(將POST數據發送到安全的URL)
--safe-req=SAFER.. Load safe HTTP request from a file(從文件中加載安全的HTTP請求)
--safe-freq=SAFE.. Regular requests between visits to a safe URL(定期請求訪問之間的一個安全URL)
--skip-urlencode Skip URL encoding of payload data(跳過有效載荷數據的URL編碼)
--csrf-token=CSR.. Parameter used to hold anti-CSRF token(用於持有反csrf令牌的參數)
--csrf-url=CSRFURL URL address to visit for extraction of anti-CSRF token(用於提取反csrf令牌)
--csrf-method=CS.. HTTP method to use during anti-CSRF token page visit(在反csrf令牌頁訪問期間使用的HTTP方法)
--force-ssl Force usage of SSL/HTTPS(強制使用SSL/HTTPS)
--chunked Use HTTP chunked transfer encoded (POST) requests(使用HTTP塊傳輸編碼(POST)請求)
--hpp Use HTTP parameter pollution method(使用HTTP參數污染方法)
--eval=EVALCODE Evaluate provided Python code before the request (e.g.
"import hashlib;id2=hashlib.md5(id).hexdigest()")(在請求之前提供的Python代碼)
Optimization:【優化】
These options can be used to optimize the performance of sqlmap(這些選項可用於優化sqlmap的性能)
-o Turn on all optimization switches(打開所有優化開關)
--predict-output Predict common queries output(預測常見的查詢輸出)
--keep-alive Use persistent HTTP(s) connections(使用持久的HTTP(s)連接)
--null-connection Retrieve page length without actual HTTP response body(檢索沒有實際HTTP響應主體的頁面長度)
--threads=THREADS Max number of concurrent HTTP(s) requests (default 1)(線程最大併發HTTP(s)請求數(默認1))
Injection:【注入】
These options can be used to specify which parameters to test for, provide custom injection payloads and optional tampering scripts(這些選項可用於指定要測試的參數,提供自定義注入有效負載和可選的篡改腳本)
-p TESTPARAMETER Testable parameter(s)(測試參數)
--skip=SKIP Skip testing for given parameter(s)(跳過對給定參數)
--skip-static Skip testing parameters that not appear to be dynamic(跳過測試參數不顯示爲動態)
--param-exclude=.. Regexp to exclude parameters from testing (e.g. "ses")(從測試中排除參數)
--param-filter=P.. Select testable parameter(s) by place (e.g. "POST")(按位置選擇可測試參數)
--dbms=DBMS Force back-end DBMS to provided value(強制後端DBMS提供值)
--dbms-cred=DBMS.. DBMS authentication credentials (user:password)(DBMS認證憑證)
--os=OS Force back-end DBMS operating system to provided value(強制後端DBMS操作系統提供值)
--invalid-bignum Use big numbers for invalidating values(使用大數字表示無效值)
--invalid-logical Use logical operations for invalidating values(使用邏輯操作來失效值)
--invalid-string Use random strings for invalidating values(使用隨機字符串來表示無效值)
--no-cast Turn off payload casting mechanism(關閉有效載荷)
--no-escape Turn off string escaping mechanism(關閉字符串轉義機制)
--prefix=PREFIX Injection payload prefix string(注入有效載荷前綴字符串)
--suffix=SUFFIX Injection payload suffix string(注入有效載荷後綴字符串)
--tamper=TAMPER Use given script(s) for tampering injection data(使用給定的腳本(s)篡改注入數據)
Detection:【檢測方法】
These options can be used to customize the detection phase(這些選項可用於自定義檢測階段)
--level=LEVEL Level of tests to perform (1-5, default 1)(要執行的測試級別(1-5,默認1))
--risk=RISK Risk of tests to perform (1-3, default 1)(要執行的測試風險(1-3,默認1))
--string=STRING String to match when query is evaluated to True(當查詢被賦值爲True時要匹配的字符串)
--not-string=NOT.. String to match when query is evaluated to False(當查詢被賦值爲False時要匹配的字符串)
--regexp=REGEXP Regexp to match when query is evaluated to True(在查詢被賦值爲True時進行匹配)
--code=CODE HTTP code to match when query is evaluated to True(HTTP代碼匹配時,查詢唄評估爲真)
--smart Perform thorough tests only if positive heuristic(s)(只有在採用積極的啓發式方法時,才進行徹底的測試)
--text-only Compare pages based only on the textual content(比較頁面僅基於文本內容)
--titles Compare pages based only on their titles(只根據標題來比較頁面)
Techniques:【技術】
These options can be used to tweak testing of specific SQL injection techniques(這些選項可用於調整特定SQL注入的測試)
--technique=TECH.. SQL injection techniques to use (default "BEUSTQ")(要使用的SQL注入技術(默認"BEUSTQ"))
--time-sec=TIMESEC Seconds to delay the DBMS response (default 5)(以延遲DBMS響應(默認5))
--union-cols=UCOLS Range of columns to test for UNION query SQL injection(用於測試UNION查詢SQL注入的列的範圍)
--union-char=UCHAR Character to use for bruteforcing number of columns(用於強制列數)
--union-from=UFROM Table to use in FROM part of UNION query SQL injection(用於部分UNION查詢SQL注入)
--dns-domain=DNS.. Domain name used for DNS exfiltration attack(用於DNS過濾攻擊的域名)
--second-url=SEC.. Resulting page URL searched for second-order response(結果頁面URL搜索二級響應)
--second-req=SEC.. Load second-order HTTP request from file(從文件中加載二級HTTP響應)
Fingerprint:【指紋】
-f, --fingerprint Perform an extensive DBMS version fingerprint(執行一個擴展DBMS版本的指紋)
Enumeration:【枚舉】
These options can be used to enumerate the back-end database management system information, structure and data contained in the tables(這些選項可用於枚舉後端數據庫,管理系統中包含的信息、機構和數據表)
-a, --all Retrieve everything(檢索一切)
-b, --banner Retrieve DBMS banner(檢索DBMS banner)
--current-user Retrieve DBMS current user(檢索DBMS當前用戶)
--current-db Retrieve DBMS current database(檢索DBMS當前數據庫)
--hostname Retrieve DBMS server hostname(檢索DBMS服務器主機名)
--is-dba Detect if the DBMS current user is DBA(檢測DBMS當前用戶是否爲DBA)
--users Enumerate DBMS users(枚舉DBMS用戶)
--passwords Enumerate DBMS users password hashes(枚舉DBMS用戶的密碼散列)
--privileges Enumerate DBMS users privileges(枚舉DBMS用戶權限)
--roles Enumerate DBMS users roles(枚舉DBMS用戶角色)
--dbs Enumerate DBMS databases(枚舉DBMS數據庫)
--tables Enumerate DBMS database tables(枚舉DBMS數據庫表)
--columns Enumerate DBMS database table columns(枚舉DBMS數據庫表列)
--schema Enumerate DBMS schema(枚舉DBMS schema各表列)
--count Retrieve number of entries for table(s)(檢索表的條目數)
--dump Dump DBMS database table entries(dump DBMS數據庫的表項)
--dump-all Dump all DBMS databases tables entries(轉儲所有DBMS數據庫表條目)
--search Search column(s), table(s) and/or database name(s)(搜索列,表和或數據庫名)
--comments Check for DBMS comments during enumeration(在枚舉期間檢查DBMS註釋)
--statements Retrieve SQL statements being run on DBMS(在DBMS上運行的SQL語句)
-D DB DBMS database to enumerate(DBMS數據庫的枚舉)
-T TBL DBMS database table(s) to enumerate(DBMS數據庫表的枚舉)
-C COL DBMS database table column(s) to enumerate(DBMS數據庫表列的枚舉)
-X EXCLUDE DBMS database identifier(s) to not enumerate(DBMS數據庫數據庫標識符不枚舉)
-U USER DBMS user to enumerate(DBMS用戶枚舉)
--exclude-sysdbs Exclude DBMS system databases when enumerating tables(在枚舉表時將DBMS系統數據庫排除在外)
--pivot-column=P.. Pivot column name(主列名稱)
--where=DUMPWHERE Use WHERE condition while table dumping(在錶轉儲時使用where條件)
--start=LIMITSTART First dump table entry to retrieve(要檢索的第一個轉儲表條目)
--stop=LIMITSTOP Last dump table entry to retrieve(要檢索的最後一個轉儲表條目)
--first=FIRSTCHAR First query output word character to retrieve(第一個要檢索的查詢輸出字字符)
--last=LASTCHAR Last query output word character to retrieve(最後一次查詢輸出要就愛你所得字字符)
--sql-query=SQLQ.. SQL statement to be executed(執行的SQL語句)
--sql-shell Prompt for an interactive SQL shell(用於交互式SQL shell)
--sql-file=SQLFILE Execute SQL statements from given file(s)(從給定文件執行SQL語句)
Brute force:【暴力破解】
These options can be used to run brute force checks(這些選項用於運行暴力檢查)
--common-tables Check existence of common tables(檢查公用表的存在 )
--common-columns Check existence of common columns(檢查公用列存在)
--common-files Check existence of common files(檢查普通文件的存在)
User-defined function injection:【用戶定義函數注入】
These options can be used to create custom user-defined functions(這些選項可用於創建自定義用戶定義函數)
--udf-inject Inject custom user-defined functions(自定義的用戶定義函數)
--shared-lib=SHLIB Local path of the shared library(共享庫的本地路徑)
File system access:【文件系統訪問】
These options can be used to access the back-end database management system underlying file system(這些選項可用於訪問後端數據庫,管理系統基礎文件系統)
--file-read=FILE.. Read a file from the back-end DBMS file system(從後端DBMS文件系統讀取一個文件)
--file-write=FIL.. Write a local file on the back-end DBMS file system(在後端DBMS文件系統上寫一個本地文件)
--file-dest=FILE.. Back-end DBMS absolute filepath to write to(要寫入的後端DBMS絕對文件路徑)
Operating system access:【操作系統訪問】
These options can be used to access the back-end database management system underlying operating system(這些選項可用於訪問後端數據庫,管理底層操作系統)
--os-cmd=OSCMD Execute an operating system command(執行操作系統命令)
--os-shell Prompt for an interactive operating system shell(交互式操作系統shell的os-shell提示符)
--os-pwn Prompt for an OOB shell, Meterpreter or VNC(提示一個OOB shell,Meterpreter或VNC)
--os-smbrelay One click prompt for an OOB shell, Meterpreter or VNC(單擊提示符,選擇OOB shell、Meterpreter或VNC)
--os-bof Stored procedure buffer overflow exploitation(存儲過程緩衝區溢出利用)
--priv-esc Database process user privilege escalation(數據庫處理用戶權限升級)
--msf-path=MSFPATH Local path where Metasploit Framework is installed(安裝Metasploit框架的本地路徑)
--tmp-path=TMPPATH Remote absolute path of temporary files directory(臨時文件目錄的TMPPATH遠程絕對路徑)
Windows registry access:【Windows 註冊表訪問】
These options can be used to access the back-end database management system Windows registry(這些選項可用於訪問後端數據庫管理)
--reg-read Read a Windows registry key value(讀取一個Windows註冊表項值)
--reg-add Write a Windows registry key value data(寫一個Windows註冊表項值數據)
--reg-del Delete a Windows registry key value(刪除一個Windows註冊表項值)
--reg-key=REGKEY Windows registry key(Windows註冊表項)
--reg-value=REGVAL Windows registry key value(Windows註冊表項值)
--reg-data=REGDATA Windows registry key value data(註冊表項值數據)
--reg-type=REGTYPE Windows registry key value type(註冊表項值類型)
General:【通用】
These options can be used to set some general working parameters(這些選項可用來設置一些通用工作參數)
-s SESSIONFILE Load session from a stored (.sqlite) file(從存儲的(.sqlite)文件加載會話)
-t TRAFFICFILE Log all HTTP traffic into a textual file(將所有HTTP流量記錄到一個文本文件中)
--answers=ANSWERS Set predefined answers (e.g. "quit=N,follow=N")(設置預定義的答案)
--base64=BASE64P.. Parameter(s) containing Base64 encoded data(包含Base64編碼數據的參數)
--batch Never ask for user input, use the default behavior(從不請求用戶數據,使用默認行爲)
--binary-fields=.. Result fields having binary values (e.g. "digest")(具有二進制的結果字段)
--check-internet Check Internet connection before assessing the target(在評估目標之前檢查網絡連接)
--cleanup Clean up the DBMS from sqlmap specific UDF and tables(清理sqlmap特定的UDF和表中的DBMS)
--crawl=CRAWLDEPTH Crawl the website starting from the target URL(抓取從目標URL開始的網站)
--crawl-exclude=.. Regexp to exclude pages from crawling (e.g. "logout")(從爬行中排除頁面的Regexp)
--csv-del=CSVDEL Delimiting character used in CSV output (default ",")(CSV輸出中使用的定界字符)
--charset=CHARSET Blind SQL injection charset (e.g. "0123456789abcdef")(盲SQL注入字符集)
--dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE)(轉儲數據格式(CSV(默認)、HTML或SQLite))
--encoding=ENCOD.. Character encoding used for data retrieval (e.g. GBK)(用於數據檢索的字符編碼)
--eta Display for each output the estimated time of arrival(顯示每個輸出的估計到達時間)
--flush-session Flush session files for current target(刷新當前目標的會話文件)
--forms Parse and test forms on target URL(分析和測試目標URL上的表單)
--fresh-queries Ignore query results stored in session file(忽略存儲在會話文件中的查詢結果)
--gpage=GOOGLEPAGE Use Google dork results from specified page number(使用來自指定頁碼的谷歌dork結果)
--har=HARFILE Log all HTTP traffic into a HAR file(將所有HTTP通信記錄到一個har文件中)
--hex Use hex conversion during data retrieval(在數據檢索期間使用十六進制轉換)
--output-dir=OUT.. Custom output directory path(自定義輸出目錄路徑)
--parse-errors Parse and display DBMS error messages from responses(解析和顯示來自響應的DBMS錯誤消息)
--preprocess=PRE.. Use given script(s) for preprocessing of response data(使用給定的腳本對響應數據進行預處理)
--repair Redump entries having unknown character marker (?)(具有未知字符標記的Redump項)
--save=SAVECONFIG Save options to a configuration INI file(保存到配置INI文件的選項)
--scope=SCOPE Regexp for filtering targets(過濾目標的作用域Regexp)
--skip-waf Skip heuristic detection of WAF/IPS protection(跳過WAF/IPS保護的啓發式檢測)
--table-prefix=T.. Prefix used for temporary tables (default: "sqlmap")(用於臨時表的前綴(默認爲"sqlmap"))
--test-filter=TE.. Select tests by payloads and/or titles (e.g. ROW)(根據有效載荷和/或標題選擇測試)
--test-skip=TEST.. Skip tests by payloads and/or titles (e.g. BENCHMARK)(跳過有效載荷和/或標題的測試)
--web-root=WEBROOT Web server document root directory (e.g. "/var/www")(Web服務器文檔根目錄)
Miscellaneous:【雜項】
These options do not fit into any other category(這些選項不適合任何其它類別)
-z MNEMONICS Use short mnemonics (e.g. "flu,bat,ban,tec=EU")(使用簡短的助記符)
--alert=ALERT Run host OS command(s) when SQL injection is found(當發現SQL注入時運行主機OS命令)
--beep Beep on question and/or when SQL injection is found(Beep的問題和/或當SQL注入被發現)
--dependencies Check for missing (optional) sqlmap dependencies(檢查是否缺少(可選)sqlmap依賴項)
--disable-coloring Disable console output coloring(禁用控制檯輸出着色)
--list-tampers Display list of available tamper scripts(顯示列表的可用篡改腳本)
--offline Work in offline mode (only use session data)(離線模式下離線工作(僅使用會話數據))
--purge Safely remove all content from sqlmap data directory(從sqlmap數據目錄中安全地刪除所有內容)
--results-file=R.. Location of CSV results file in multiple targets mode(CSV結果文件在多目標模式中的位置)
--sqlmap-shell Prompt for an interactive sqlmap shell(提示一個交互式sqlmap shell)
--tmp-dir=TMPDIR Local directory for storing temporary files(用於存儲臨時文件的TMPDIR本地目錄)
--unstable Adjust options for unstable connections(調整不穩定連接的選項)
--update Update sqlmap(更新sqlmap)
--wizard Simple wizard interface for beginner users(爲初學者提供簡單的嚮導頁面)