Next we need to spin up a new scan task id, then we can send configuration
Then we run scan
Monitor Scan Status until finished
Scan logs and display in textarea for user viewing
Make info available for downloading on completion
Destroy everything on end of session
##########################################################################
*/
// For DEBUGGING:
// View sqlmap requests in proxy:
// $options_to_enable['proxy'] = 'http://127.0.0.1:8080';
// This will allow all DB Error messages in reponses to display in our log view
// $options_to_enable['parseErrors'] = 'true';
$sqlmap = new SQLMAPClientAPI();
$sqlmap->task_id = $sqlmap->generateNewTaskID();
$scanID = trim($sqlmap->task_id);
// Check to make sure the API communication is working, otherwise bail
if (isset($scanID) && trim($scanID) != "") {
if (isset($_POST['level']) && (int) $_POST['level'] > 0 && (int) $_POST['level'] < 6) {
$sqlmap->setOptionValue($scanID, 'level', (int) $_POST['level'], true);
}
if (isset($_POST['risk']) && (int) $_POST['risk'] > 0 && (int) $_POST['risk'] < 4) {
$sqlmap->setOptionValue($scanID, 'risk', (int) $_POST['risk'], true);
}
foreach ($options_to_enable as $key => $value) {
$sqlmap->setOptionValue($scanID, $key, $value);
}
$sqlmap->startScan($scanID);
// Launch Scan
$status = $sqlmap->checkScanStatus($scanID);
