sqlmap/tamper/htmlencode.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

import re

from lib.core.enums import PRIORITY

__priority__ = PRIORITY.LOW

def dependencies():
    pass

def tamper(payload, **kwargs):
    """
    HTML encode (using code points) all non-alphanumeric characters (e.g. ' -> &#39;)

    >>> tamper("1' AND SLEEP(5)#")
    '1&#39;&#32;AND&#32;SLEEP&#40;5&#41;&#35;'
    """

    return re.sub(r"[^\w]", lambda match: "&#%d;" % ord(match.group(0)), payload) if payload else payload
Last preparations for DREI 2019-05-08 13:47:52 +03:00			`#!/usr/bin/env python`
Adding new tamper script (on request from @MilanGabor) 2016-09-15 18:58:37 +03:00
			`"""`
update_copyright_year() 2019-01-05 23:38:52 +03:00			`Copyright (c) 2006-2019 sqlmap developers (http://sqlmap.org/)`
Replacing doc/COPYING to LICENSE 2017-10-11 15:50:46 +03:00			`See the file 'LICENSE' for copying permission`
Adding new tamper script (on request from @MilanGabor) 2016-09-15 18:58:37 +03:00			`"""`

			`import re`

			`from lib.core.enums import PRIORITY`

			`__priority__ = PRIORITY.LOW`

			`def dependencies():`
			`pass`

			`def tamper(payload, **kwargs):`
			`"""`
First commit related to the #3108 2018-07-31 02:17:11 +03:00			`HTML encode (using code points) all non-alphanumeric characters (e.g. ' -> ')`
Adding new tamper script (on request from @MilanGabor) 2016-09-15 18:58:37 +03:00
			`>>> tamper("1' AND SLEEP(5)#")`
			`'1' AND SLEEP(5)#'`
			`"""`

			`return re.sub(r"[^\w]", lambda match: "&#%d;" % ord(match.group(0)), payload) if payload else payload`