From df294412ef2cfe24ff468679646dfc109433cc61 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 15 Jun 2026 15:39:20 +0200 Subject: [PATCH] Updated REST API (markdown) --- REST-API.md | 37 +++++++++++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/REST-API.md b/REST-API.md index 50db11c..ce73447 100644 --- a/REST-API.md +++ b/REST-API.md @@ -126,7 +126,9 @@ Some API-level errors are returned with HTTP status `200` and `success: false`, ### `GET /version` -Returns the sqlmap version exposed by the API server. +Returns the sqlmap version and the API contract version exposed by the server. + +`api_version` is the MAJOR version of the REST API contract (semantic versioning), independent of the sqlmap version. Only the major is exposed at runtime because only a major bump breaks clients; use it to check compatibility (e.g. `api_version == 2`). Example: @@ -139,7 +141,8 @@ Response: ```json { "success": true, - "version": "1.9.12.1#dev" + "version": "1.9.12.1#dev", + "api_version": 2 } ``` @@ -477,15 +480,37 @@ Response: "data": [ { "status": 1, - "type": 0, - "value": "example output" + "type": 2, + "type_name": "DBMS_FINGERPRINT", + "value": "back-end DBMS: MySQL >= 5.1" + }, + { + "status": 1, + "type": 4, + "type_name": "CURRENT_USER", + "value": "root@%" } ], "error": [] } ``` -The shape of `value` depends on the scan result type. It can be a string, number, boolean, array, object or `null`. +Each item has a numeric `type`, its readable `type_name` (e.g. `TARGET`, `TECHNIQUES`, `DBMS_FINGERPRINT`, `BANNER`, `CURRENT_USER`, `DBS`, `TABLES`, `COLUMNS`, `DUMP_TABLE`), a `status` (`0` = in progress, `1` = complete) and a `value`. `type_name` is `null` for any unmapped type. + +The shape of `value` depends on the type (string, number, boolean, array, object or `null`). Internal detection/plumbing fields are not exposed and SQL identifiers are unquoted. Notable shapes: + +- `TECHNIQUES` — a list of injection points; each point's `data` is a list of techniques, each named via a `technique` field: + + ```json + { + "place": "GET", "parameter": "id", "dbms": "MySQL", "dbms_version": [">= 5.1"], "os": null, "notes": [], + "data": [ + {"technique": "boolean-based blind", "title": "AND boolean-based blind - WHERE or HAVING clause", "payload": "id=1 AND 7997=7997", "vector": "AND [INFERENCE]", "comment": ""} + ] + } + ``` + +- `DUMP_TABLE` — `{"db": ..., "table": ..., "count": N, "columns": {"": [values, ...]}}`. A database `NULL` value is reported as JSON `null`. ## Downloading output files @@ -643,7 +668,7 @@ Useful client commands include: | `kill` | Kill the current task | | `list` | Display visible tasks | | `flush` | Flush visible tasks | -| `version` | Fetch server version | +| `version` | Fetch server and API version | | `exit` | Exit the client | Example: