Heavily Needed Feature: Pipe mode / Own SQLI Parameter File Input

[N-N33]

I think this tool would be really great if it had a pipe mode or allowed the user to use their own sqli parameter files. Like a -L function where the user can either input a list of domains or a list of potentially vulnerable parameters.

[malvads]

i would take a look on it when i have some free time :)

[tomaquet18]

I created this script to run the tool from a targets file.

# Creates outputs folder if not exists
if [ ! -d outputs ]; 
then
    mkdir "outputs"
fi

# Iterates over urls
for url in $(cat urls.txt)
do
    # Extracts domain from url
    domain=$(echo $url | sed -e 's|^[^/]*//||' -e 's|/.*$||')

    # Runs sqlmc
    sqlmc -u $url -d 1 -o outputs/$domain.txt;
done;

[malvads]

Cool! But I think it's a better approach to do this in the program itself, like you said, for both params and URL. PRs are open; you can create a fork of the program and develop it yourself, or you can wait for me to fully integrate this :)

[tomaquet18]

Yeah, it's just a temporary fix until a version comes out with this feature, or maybe if I have a free moment I'll get into it :)

[malvads]

kkk, it would be great 👍🏻