sqlmap is an automatic SQL injection tool entirely developed in Python. It is

capable to perform an extensive database management system back-end
fingerprint, retrieve remote DBMS databases, usernames, tables, columns,
enumerate entire DBMS, read system files and much more taking advantage of web
application programming security flaws that lead to SQL injection
vulnerabilities.

WWW:	http://sqlmap.sourceforge.net/

PR:		ports/123851
Submitted by:	Tomoyuki Sakurai <cherry at trombik.org>

6 files changed, 120 insertions, 0 deletions

diff --git a/security/Makefile b/security/Makefile
index 11afff36813..98c59a6792c 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -713,6 +713,7 @@
     SUBDIR += snortsms
     SUBDIR += snortsnarf
     SUBDIR += spike-proxy
+    SUBDIR += sqlmap
     SUBDIR += sqlninja
     SUBDIR += squidclam
     SUBDIR += srm
diff --git a/security/sqlmap/Makefile b/security/sqlmap/Makefile
new file mode 100644
index 00000000000..2996b367385
--- /dev/null
+++ b/security/sqlmap/Makefile
@@ -0,0 +1,55 @@
+# New ports collection makefile for:	sqlmap
+# Date created:		2008-05-21
+# Whom:			Tomoyuki Sakurai <cherry@trombik.org>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	sqlmap
+PORTVERSION=	0.5
+CATEGORIES=	security python
+MASTER_SITES=	SF
+
+MAINTAINER=	cherry@trombik.org
+COMMENT=	An automatic SQL injection tool
+
+USE_PYTHON=	yes
+NO_BUILD=	yes
+# XXX report to upstream
+WRKSRC=		${WRKDIR}/${PORTNAME}
+SQLMAP_TXT_FILES=	fuzz_vectors.txt user-agents.txt
+SQLMAP_DOC_FILES=	AUTHORS ChangeLog README.html THANKS TODO
+
+post-patch:
+# XXX report to upstream
+	${REINPLACE_CMD} -e 's|%%PYTHON_SITELIBDIR%%|${PYTHON_SITELIBDIR}|g' \
+		-e 's|%%PORTNAME%%|${PORTNAME}|g' ${WRKSRC}/sqlmap.py
+	${REINPLACE_CMD} -e 's|from lib\.|from ${PORTNAME}.|' \
+		-e 's|from plugins\.|from ${PORTNAME}.plugins.|' ${WRKSRC}/lib/*
+	${REINPLACE_CMD} -e 's|from lib\.|from ${PORTNAME}.|' \
+		-e 's|from plugins\.|from ${PORTNAME}.plugins.|' ${WRKSRC}/plugins/*
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/sqlmap.py ${PREFIX}/bin/sqlmap
+	${RM} -rf ${WRKSRC}/lib/.svn
+	${RM} -rf ${WRKSRC}/lib/*.bak
+	${MKDIR} ${PYTHONPREFIX_SITELIBDIR}/sqlmap
+	( cd ${WRKSRC}/lib && ${COPYTREE_SHARE} . ${PYTHONPREFIX_SITELIBDIR}/sqlmap )
+	${RM} -rf ${WRKSRC}/plugins/.svn
+	${RM} -rf ${WRKSRC}/plugins/*.bak
+	${MKDIR} ${PYTHONPREFIX_SITELIBDIR:}/sqlmap/plugins
+	( cd ${WRKSRC}/plugins && ${COPYTREE_SHARE} . ${PYTHONPREFIX_SITELIBDIR}/sqlmap/plugins )
+.if !defined(NOPORTDATA)
+	${MKDIR} ${DATADIR}/txt
+.for F in ${SQLMAP_TXT_FILES}
+	${INSTALL_DATA} ${WRKSRC}/txt/${F} ${DATADIR}/txt/
+.endfor
+.endif
+.if !defined(NOPORTDOCS)
+	${MKDIR} ${DOCSDIR}
+.for F in ${SQLMAP_DOC_FILES}
+	${INSTALL_DATA} ${WRKSRC}/doc/${F} ${DOCSDIR}/
+.endfor
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/sqlmap/distinfo b/security/sqlmap/distinfo
new file mode 100644
index 00000000000..3eb7f0dc60d
--- /dev/null
+++ b/security/sqlmap/distinfo
@@ -0,0 +1,3 @@
+MD5 (sqlmap-0.5.tar.gz) = 74ceaecd24f830b9b23ec27c90e25f5b
+SHA256 (sqlmap-0.5.tar.gz) = 4c1c491de3c1ba151bbb4e0d7c5b72b4445beca08eab802281cc7bcc7be7555e
+SIZE (sqlmap-0.5.tar.gz) = 463059
diff --git a/security/sqlmap/files/patch-sqlmap b/security/sqlmap/files/patch-sqlmap
new file mode 100644
index 00000000000..084c7eec0b1
--- /dev/null
+++ b/security/sqlmap/files/patch-sqlmap
@@ -0,0 +1,19 @@
+--- sqlmap.py.orig	2007-11-05 06:01:41.000000000 +0900
++++ sqlmap.py	2008-05-21 12:01:04.000000000 +0900
+@@ -7,11 +7,11 @@
+ from optparse import OptionParser
+ from optparse import OptionError
+ 
+-from lib import settings
+-from lib.option import Option
+-from lib.injection import Injection
+-from lib.settings import VERSION
+-from lib.smdict import sqlmapDict
++from sqlmap import settings
++from sqlmap.option import Option
++from sqlmap.injection import Injection
++from sqlmap.settings import VERSION
++from sqlmap.smdict import sqlmapDict
+ 
+ 
+ def showBanner():
diff --git a/security/sqlmap/pkg-descr b/security/sqlmap/pkg-descr
new file mode 100644
index 00000000000..3a2c6f9a082
--- /dev/null
+++ b/security/sqlmap/pkg-descr
@@ -0,0 +1,8 @@
+sqlmap is an automatic SQL injection tool entirely developed in Python. It is
+capable to perform an extensive database management system back-end
+fingerprint, retrieve remote DBMS databases, usernames, tables, columns,
+enumerate entire DBMS, read system files and much more taking advantage of web
+application programming security flaws that lead to SQL injection
+vulnerabilities.
+
+WWW:	http://sqlmap.sourceforge.net/
diff --git a/security/sqlmap/pkg-plist b/security/sqlmap/pkg-plist
new file mode 100644
index 00000000000..aea76623f1e
--- /dev/null
+++ b/security/sqlmap/pkg-plist
@@ -0,0 +1,34 @@
+@comment $FreeBSD$
+bin/sqlmap
+%%PYTHON_SITELIBDIR%%/sqlmap/option.py
+%%PYTHON_SITELIBDIR%%/sqlmap/google.py
+%%PYTHON_SITELIBDIR%%/sqlmap/resume.py
+%%PYTHON_SITELIBDIR%%/sqlmap/settings.py
+%%PYTHON_SITELIBDIR%%/sqlmap/injection.py
+%%PYTHON_SITELIBDIR%%/sqlmap/query.py
+%%PYTHON_SITELIBDIR%%/sqlmap/request.py
+%%PYTHON_SITELIBDIR%%/sqlmap/blind.py
+%%PYTHON_SITELIBDIR%%/sqlmap/__init__.py
+%%PYTHON_SITELIBDIR%%/sqlmap/dump.py
+%%PYTHON_SITELIBDIR%%/sqlmap/progress.py
+%%PYTHON_SITELIBDIR%%/sqlmap/smdict.py
+%%PYTHON_SITELIBDIR%%/sqlmap/common.py
+%%PYTHON_SITELIBDIR%%/sqlmap/union.py
+%%PYTHON_SITELIBDIR%%/sqlmap/parser.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/mysql.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/postgresql.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/__init__.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/oracle.py
+%%PYTHON_SITELIBDIR%%/sqlmap/plugins/mssqlserver.py
+@dirrm %%PYTHON_SITELIBDIR%%/sqlmap/plugins
+@dirrm %%PYTHON_SITELIBDIR%%/sqlmap
+%%PORTDOCS%%%%DOCSDIR%%/AUTHORS
+%%PORTDOCS%%%%DOCSDIR%%/ChangeLog
+%%PORTDOCS%%%%DOCSDIR%%/README.html
+%%PORTDOCS%%%%DOCSDIR%%/THANKS
+%%PORTDOCS%%%%DOCSDIR%%/TODO
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
+%%PORTDATA%%%%DATADIR%%/txt/fuzz_vectors.txt
+%%PORTDATA%%%%DATADIR%%/txt/user-agents.txt
+%%PORTDATA%%@dirrm %%DATADIR%%/txt
+%%PORTDATA%%@dirrm %%DATADIR%%