sqlmap/tamper/charencode.py

#!/usr/bin/env python

"""
$Id$

Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""

import string

from lib.core.exception import sqlmapUnsupportedFeatureException

def tamper(value):
    """
    Replaces value with urlencode of non-encoded chars in value
    Example: 'SELECT%20FIELD%20FROM%20TABLE' becomes '%53%45%4c%45%43%54%20%46%49%45%4c%44%20%46%52%4f%4d%20%54%41%42%4c%45'
    """

    retVal = value

    if value:
        retVal = ""
        i = 0

        while i < len(value):
            if value[i] == '%' and (i < len(value) - 2) and value[i+1] in string.hexdigits and value[i+2] in string.hexdigits:
                retVal += value[i:i+3]
                i += 3
            else:
                retVal += '%%%X' % ord(value[i])
                i += 1

    return retVal
forgot to put "#!/usr/bin/env python" 2010-10-14 18:05:05 +04:00			`#!/usr/bin/env python`

large commit with copyright header modifications 2010-10-14 18:41:14 +04:00			`"""`
			$Id$

			`Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/)`
sorry, cosmetics 2010-10-15 03:18:29 +04:00			`See the file 'doc/COPYING' for copying permission`
large commit with copyright header modifications 2010-10-14 18:41:14 +04:00			`"""`
introducing new style for copyright header 2010-10-14 18:02:43 +04:00
update of tampering modules 2010-10-13 23:51:10 +04:00			`import string`

			`from lib.core.exception import sqlmapUnsupportedFeatureException`

important update regarding (Bug #209) - probably more will be needed 2010-10-29 20:11:50 +04:00			`def tamper(value):`
Minor bug fixes, code refactoring and enhanced --tamper functionality 2010-10-17 01:33:15 +04:00			`"""`
			`Replaces value with urlencode of non-encoded chars in value`
			`Example: 'SELECT%20FIELD%20FROM%20TABLE' becomes '%53%45%4c%45%43%54%20%46%49%45%4c%44%20%46%52%4f%4d%20%54%41%42%4c%45'`
			`"""`

update of tampering modules 2010-10-13 23:51:10 +04:00			`retVal = value`
introducing new style for copyright header 2010-10-14 18:02:43 +04:00
update of tampering modules 2010-10-13 23:51:10 +04:00			`if value:`
important update regarding (Bug #209) - probably more will be needed 2010-10-29 20:11:50 +04:00			`retVal = ""`
			`i = 0`

			`while i < len(value):`
			`if value[i] == '%' and (i < len(value) - 2) and value[i+1] in string.hexdigits and value[i+2] in string.hexdigits:`
			`retVal += value[i:i+3]`
			`i += 3`
			`else:`
			`retVal += '%%%X' % ord(value[i])`
			`i += 1`
introducing new style for copyright header 2010-10-14 18:02:43 +04:00
update of tampering modules 2010-10-13 23:51:10 +04:00			`return retVal`