CERBERUS/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-06-11 18:51:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Harden REST API option handling and require authentication credentials (#6073)

Browse source
This commit is contained in:
Miroslav Štampar 2026-06-10 18:37:46 +02:00
parent ecf8ccc72e
commit ab1efed0d5
4 changed files with 17 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

7
sqlmapapi.py
View file

@ -101,10 +101,13 @@ def main():
apiparser.add_argument("-p", "--port", help="Port of the REST-JSON API server (default %d)" % RESTAPI_DEFAULT_PORT, default=RESTAPI_DEFAULT_PORT, type=int)
apiparser.add_argument("--adapter", help="Server (bottle) adapter to use (default \"%s\")" % RESTAPI_DEFAULT_ADAPTER, default=RESTAPI_DEFAULT_ADAPTER)
apiparser.add_argument("--database", help="Set IPC database filepath (optional)")
apiparser.add_argument("--username", help="Basic authentication username (optional)")
apiparser.add_argument("--password", help="Basic authentication password (optional)")
apiparser.add_argument("--username", help="Basic authentication username")
apiparser.add_argument("--password", help="Basic authentication password")
(args, _) = apiparser.parse_known_args() if hasattr(apiparser, "parse_known_args") else apiparser.parse_args()
if (args.server or args.client) and not all((args.username, args.password)):
apiparser.error("--username and --password are mandatory for REST-JSON API server/client usage")
# Start the client or the server
if args.server:
server(args.host, args.port, adapter=args.adapter, username=args.username, password=args.password, database=args.database)