sqlmap is an automatic SQL injection tool entirely developed in Python. It is

capable to perform an extensive database management system back-end fingerprint, retrieve remote DBMS databases, usernames, tables, columns, enumerate entire DBMS, read system files and much more taking advantage of web application programming security flaws that lead to SQL injection vulnerabilities. WWW: http://sqlmap.sourceforge.net/ PR: ports/123851 Submitted by: Tomoyuki Sakurai <cherry at trombik.org>
svn path=/head/; revision=213518
2008-05-22 10:24:56 +00:00 · 2008-05-22 10:24:56 +00:00 · a3fc1c77b5 · 2021-03-31 03:12:20 +00:00
commit a3fc1c77b5
parent af49d11845
6 changed files with 120 additions and 0 deletions
--- a/security/Makefile
+++ b/security/Makefile
@ -713,6 +713,7 @@
    SUBDIR += snortsms
    SUBDIR += snortsnarf
    SUBDIR += spike-proxy
+    SUBDIR += sqlmap
    SUBDIR += sqlninja
    SUBDIR += squidclam
    SUBDIR += srm
--- a/security/sqlmap/Makefile
+++ b/security/sqlmap/Makefile
@ -0,0 +1,55 @@
+# New ports collection makefile for:	sqlmap
+# Date created:		2008-05-21
+# Whom:			Tomoyuki Sakurai <cherry@trombik.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	sqlmap
+PORTVERSION=	0.5
+CATEGORIES=	security python
+MASTER_SITES=	SF
+
+MAINTAINER=	cherry@trombik.org
+COMMENT=	An automatic SQL injection tool
+
+USE_PYTHON=	yes
+NO_BUILD=	yes
+# XXX report to upstream
+WRKSRC=		${WRKDIR}/${PORTNAME}
+SQLMAP_TXT_FILES=	fuzz_vectors.txt user-agents.txt
+SQLMAP_DOC_FILES=	AUTHORS ChangeLog README.html THANKS TODO
+
+post-patch:
+# XXX report to upstream
+	${REINPLACE_CMD} -e 's|%%PYTHON_SITELIBDIR%%|${PYTHON_SITELIBDIR}|g' \
+		-e 's|%%PORTNAME%%|${PORTNAME}|g' ${WRKSRC}/sqlmap.py
+	${REINPLACE_CMD} -e 's|from lib\.|from ${PORTNAME}.|' \
+		-e 's|from plugins\.|from ${PORTNAME}.plugins.|' ${WRKSRC}/lib/*
+	${REINPLACE_CMD} -e 's|from lib\.|from ${PORTNAME}.|' \
+		-e 's|from plugins\.|from ${PORTNAME}.plugins.|' ${WRKSRC}/plugins/*
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/sqlmap.py ${PREFIX}/bin/sqlmap
+	${RM} -rf ${WRKSRC}/lib/.svn
+	${RM} -rf ${WRKSRC}/lib/*.bak
+	${MKDIR} ${PYTHONPREFIX_SITELIBDIR}/sqlmap
+	( cd ${WRKSRC}/lib && ${COPYTREE_SHARE} . ${PYTHONPREFIX_SITELIBDIR}/sqlmap )
+	${RM} -rf ${WRKSRC}/plugins/.svn
+	${RM} -rf ${WRKSRC}/plugins/*.bak
+	${MKDIR} ${PYTHONPREFIX_SITELIBDIR:}/sqlmap/plugins
+	( cd ${WRKSRC}/plugins && ${COPYTREE_SHARE} . ${PYTHONPREFIX_SITELIBDIR}/sqlmap/plugins )
+.if !defined(NOPORTDATA)
+	${MKDIR} ${DATADIR}/txt
+.for F in ${SQLMAP_TXT_FILES}
+	${INSTALL_DATA} ${WRKSRC}/txt/${F} ${DATADIR}/txt/
+.endfor
+.endif
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+.for F in ${SQLMAP_DOC_FILES}
+	${INSTALL_DATA} ${WRKSRC}/doc/${F} ${DOCSDIR}/
+.endfor
+.endif
+
+.include <bsd.port.mk>
--- a/security/sqlmap/distinfo
+++ b/security/sqlmap/distinfo
@ -0,0 +1,3 @@
+MD5 (sqlmap-0.5.tar.gz) = 74ceaecd24f830b9b23ec27c90e25f5b
+SHA256 (sqlmap-0.5.tar.gz) = 4c1c491de3c1ba151bbb4e0d7c5b72b4445beca08eab802281cc7bcc7be7555e
+SIZE (sqlmap-0.5.tar.gz) = 463059
--- a/security/sqlmap/files/patch-sqlmap
+++ b/security/sqlmap/files/patch-sqlmap
@ -0,0 +1,19 @@
+--- sqlmap.py.orig	2007-11-05 06:01:41.000000000 +0900
+++ sqlmap.py	2008-05-21 12:01:04.000000000 +0900
+@@ -7,11 +7,11 @@
+ from optparse import OptionParser
+ from optparse import OptionError
+ 
+-from lib import settings
+-from lib.option import Option
+-from lib.injection import Injection
+-from lib.settings import VERSION
+-from lib.smdict import sqlmapDict
+from sqlmap import settings
+from sqlmap.option import Option
+from sqlmap.injection import Injection
+from sqlmap.settings import VERSION
+from sqlmap.smdict import sqlmapDict
+ 
+ 
+ def showBanner():
--- a/security/sqlmap/pkg-descr
+++ b/security/sqlmap/pkg-descr
@ -0,0 +1,8 @@
+sqlmap is an automatic SQL injection tool entirely developed in Python. It is
+capable to perform an extensive database management system back-end
+fingerprint, retrieve remote DBMS databases, usernames, tables, columns,
+enumerate entire DBMS, read system files and much more taking advantage of web
+application programming security flaws that lead to SQL injection
+vulnerabilities.
+
+WWW:	http://sqlmap.sourceforge.net/
--- a/security/sqlmap/pkg-plist
+++ b/security/sqlmap/pkg-plist
@ -0,0 +1,34 @@
+@comment $FreeBSD$
+bin/sqlmap
+%%PYTHON_SITELIBDIR%%/sqlmap/option.py
+%%PYTHON_SITELIBDIR%%/sqlmap/google.py
+%%PYTHON_SITELIBDIR%%/sqlmap/resume.py
+%%PYTHON_SITELIBDIR%%/sqlmap/settings.py
+%%PYTHON_SITELIBDIR%%/sqlmap/injection.py
+%%PYTHON_SITELIBDIR%%/sqlmap/query.py
+%%PYTHON_SITELIBDIR%%/sqlmap/request.py
+%%PYTHON_SITELIBDIR%%/sqlmap/blind.py
+%%PYTHON_SITELIBDIR%%/sqlmap/__init__.py
+%%PYTHON_SITELIBDIR%%/sqlmap/dump.py
+%%PYTHON_SITELIBDIR%%/sqlmap/progress.py
+%%PYTHON_SITELIBDIR%%/sqlmap/smdict.py
+%%PYTHON_SITELIBDIR%%/sqlmap/common.py
+%%PYTHON_SITELIBDIR%%/sqlmap/union.py
+%%PYTHON_SITELIBDIR%%/sqlmap/parser.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/mysql.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/postgresql.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/__init__.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/oracle.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/mssqlserver.py
+@dirrm %%PYTHON_SITELIBDIR%%/sqlmap/plugins
+@dirrm %%PYTHON_SITELIBDIR%%/sqlmap
+%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
+%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
+%%PORTDOCS%%%%DOCSDIR%%/README.html
+%%PORTDOCS%%%%DOCSDIR%%/THANKS
+%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
+%%PORTDATA%%%%DATADIR%%/txt/fuzz_vectors.txt
+%%PORTDATA%%%%DATADIR%%/txt/user-agents.txt
+%%PORTDATA%%@dirrm %%DATADIR%%/txt
+%%PORTDATA%%@dirrm %%DATADIR%%