Next we need to spin up a new scan task id, then we can send configuration Then we run scan Monitor Scan Status until finished Scan logs and display in textarea for user viewing Make info available for downloading on completion Destroy everything on end of session ########################################################################## */ // For DEBUGGING: // View sqlmap requests in proxy: // $options_to_enable['proxy'] = 'http://127.0.0.1:8080'; // This will allow all DB Error messages in reponses to display in our log view // $options_to_enable['parseErrors'] = 'true'; $sqlmap = new SQLMAPClientAPI(); $sqlmap->task_id = $sqlmap->generateNewTaskID(); $scanID = trim($sqlmap->task_id); // Check to make sure the API communication is working, otherwise bail if (isset($scanID) && trim($scanID) != "") { if (isset($_POST['level']) && (int) $_POST['level'] > 0 && (int) $_POST['level'] < 6) { $sqlmap->setOptionValue($scanID, 'level', (int) $_POST['level'], true); } if (isset($_POST['risk']) && (int) $_POST['risk'] > 0 && (int) $_POST['risk'] < 4) { $sqlmap->setOptionValue($scanID, 'risk', (int) $_POST['risk'], true); } foreach ($options_to_enable as $key => $value) { $sqlmap->setOptionValue($scanID, $key, $value); } $sqlmap->startScan($scanID); // Launch Scan $status = $sqlmap->checkScanStatus($scanID);