SQLmap-GUI

Target Tab - Target Specification and Connection Details

The Target tab is the foundation of any SQL injection test. It handles all aspects of target specification, from simple URLs to complex direct database connections and custom HTTP configurations.

📋 Overview

The Target tab contains three main sections:

1. Target Specification - Define what to test
2. Request Options - Configure HTTP request details
3. Connection Options - Set up proxies and authentication

🎯 Target Specification Options

Target URL

Parameter: -u URL, --url=URL Description: The main target URL for SQL injection testing Example: http://example.com/product.php?id=1 Notes:

• Must include protocol (http:// or https://)
• Can include query parameters
• Supports both GET and POST parameters

Direct Database Connection

Parameter: -d CONNECTION, --direct=CONNECTION Description: Direct connection to database without HTTP Format: DBMS://USER:PASSWORD@DBMSIP:DBMSPORT/DBMSDB Examples:

• mysql://root:password@192.168.1.100:3306/testdb
• postgresql://user:pass@localhost:5432/myapp
• mssql://sa:Password123@10.0.0.50:1433/master

Log File Parsing

Parameter: -l LOGFILE, --logfile=LOGFILE Description: Parse targets from Burp Suite or WebScarab proxy logs Supported Formats:

• Burp Suite XML format
• WebScarab text format
• Custom log formats

Bulk Target Scanning

Parameter: -m BULKFILE, --bulkfile=BULKFILE Description: Scan multiple targets from a text file File Format: One URL per line

http://site1.com/page.php?id=1
http://site2.com/search.php?q=test
http://site3.com/user.php?id=5

HTTP Request File

Parameter: -r REQUESTFILE, --request=REQUESTFILE Description: Load complete HTTP request from file File Format:

POST /login.php HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 35

username=admin&password=test&submit=Login

🌐 Request Options

HTTP Method

Parameter: --method=METHOD Description: HTTP method to use for requests Options:

• GET (default) - Standard GET requests
• POST - Form submissions and data posting
• PUT - Resource updates
• DELETE - Resource deletion
• PATCH - Partial resource updates
• HEAD - Headers only (no body)
• OPTIONS - CORS preflight requests

POST Data

Parameter: --data=DATA Description: Data to send in POST body Format: URL-encoded key-value pairs Examples:

username=admin&password=secret&submit=Login
id=1&action=delete&token=abc123

HTTP Cookie

Parameter: --cookie=COOKIE Description: HTTP Cookie header value Format: name1=value1; name2=value2 Examples:

PHPSESSID=abc123def456; security=low
session_id=xyz789; user_id=12345

Cookie File Loading

Parameter: --load-cookies=COOKIEFILE Description: Load cookies from file (Netscape format) File Format:

# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by SQLmap GUI

.example.com	TRUE	/	FALSE	1640995200	session_id	abc123def456
.example.com	TRUE	/	FALSE	1640995200	user_pref	theme_dark

Random User-Agent

Parameter: --random-agent Description: Use randomly selected HTTP User-Agent header Purpose: Avoid detection by varying User-Agent strings Note: Overrides custom User-Agent if set

Custom User-Agent

Parameter: --user-agent=AGENT Description: Custom HTTP User-Agent header Examples:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
sqlmap/1.9.9.1#dev (https://sqlmap.org)
Custom Security Scanner v1.0

HTTP Host Header

Parameter: --host=HOST Description: HTTP Host header value Use Cases:

• Virtual hosting bypass
• Host header injection testing
• Load balancer testing Example: internal.example.com

HTTP Referer Header

Parameter: --referer=REFERER Description: HTTP Referer header value Examples:

http://example.com/login.php
http://google.com/search?q=sql+injection

🔗 Connection Options

Extra HTTP Headers

Parameter: --headers=HEADERS Description: Additional HTTP headers Format: Header1: Value1\nHeader2: Value2 Examples:

X-Forwarded-For: 192.168.1.100
X-Real-IP: 10.0.0.1
X-Custom-Header: test-value
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...

HTTP Authentication

Parameter: --auth-type=TYPE --auth-cred=CREDS Description: HTTP authentication configuration

Authentication Types:

• Basic: Base64 encoded username:password
• Digest: Challenge-response authentication
• NTLM: Windows NTLM authentication
• PKI: Certificate-based authentication

Credential Format:

username:password
domain\\username:password

HTTP Proxy

Parameter: --proxy=PROXY Description: HTTP/SOCKS proxy server Formats:

http://proxy.example.com:8080
https://secure-proxy.com:8443
socks4://socks.example.com:1080
socks5://socks.example.com:1080

🔍 Usage Examples

Basic URL Testing

Target URL: http://example.com/product.php?id=1
Method: GET

Generated Command:

sqlmap -u "http://example.com/product.php?id=1"

POST Form Testing

Target URL: http://example.com/login.php
Method: POST
Data: username=admin&password=test
Cookie: PHPSESSID=abc123

Generated Command:

sqlmap -u "http://example.com/login.php" --method=POST --data="username=admin&password=test" --cookie="PHPSESSID=abc123"

Direct Database Connection

Direct Connection: mysql://root:password@192.168.1.100:3306/testdb

Generated Command:

sqlmap -d "mysql://root:password@192.168.1.100:3306/testdb"

Advanced Configuration with Proxy

Target URL: https://secure.example.com/api.php
Method: POST
Data: {"user":"admin","pass":"test"}
Headers: Content-Type: application/json
         Authorization: Bearer token123
Proxy: http://127.0.0.1:8080

Generated Command:

sqlmap -u "https://secure.example.com/api.php" --method=POST --data="{\"user\":\"admin\",\"pass\":\"test\"}" --headers="Content-Type: application/json\nAuthorization: Bearer token123" --proxy="http://127.0.0.1:8080"

⚠️ Important Notes

URL Requirements

• Always include protocol (http:// or https://)
• URLs must be properly encoded
• Query parameters should be included in the URL

Direct Connection Security

• Direct connections bypass HTTP layer
• Ensure database credentials are correct
• Use appropriate network security (VPN, SSH tunnel)

Authentication Considerations

• Test authentication thoroughly before scanning
• Some auth types may require additional setup
• Consider session management implications

Proxy Configuration

• HTTP proxies intercept and can modify requests
• SOCKS proxies provide lower-level tunneling
• Test proxy connectivity before scanning

🔧 Troubleshooting

Connection Issues

• Problem: Cannot connect to target
• Solutions:
  • Check URL format and protocol
  • Verify network connectivity
  • Test with simple curl/wget command
  • Check firewall/proxy settings

Authentication Problems

• Problem: Authentication not working
• Solutions:
  • Verify credentials format
  • Test with curl: curl -u user:pass http://example.com
  • Check authentication type compatibility
  • Review server authentication requirements

Proxy Errors

• Problem: Proxy connection failed
• Solutions:
  • Verify proxy server is running
  • Check proxy credentials if required
  • Test proxy with: curl --proxy http://proxy:8080 http://example.com
  • Ensure proxy supports required protocols

📚 Related Tabs

• Request Tab: Additional HTTP configuration options
• Detection Tab: SQL injection detection settings
• Techniques Tab: Injection technique selection
• Enumeration Tab: Database enumeration options</content>

/home/devil/Desktop/SQLmap-GUI-Advanced-SQL-Injection-Testing-Interface/docs/tabs/target.md

This site is open source. Improve this page.