sqlmap/tamper/escapequotes.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

from lib.core.enums import PRIORITY

__priority__ = PRIORITY.LOWEST

def dependencies():
    pass

def tamper(payload, **kwargs):
    """
    Slash escape quotes (' and ")

    >>> tamper('1" AND SLEEP(5)#')
    '1\\\\" AND SLEEP(5)#'
    """

    return payload.replace("'", "\\'").replace('"', '\\"')
Adding escapequotes.py (utility tamper script) 2016-02-05 14:00:57 +03:00			`#!/usr/bin/env python`

			`"""`
New version preparation 2017-01-02 16:19:18 +03:00			`Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/)`
Adding escapequotes.py (utility tamper script) 2016-02-05 14:00:57 +03:00			`See the file 'doc/COPYING' for copying permission`
			`"""`

			`from lib.core.enums import PRIORITY`

			`__priority__ = PRIORITY.LOWEST`

			`def dependencies():`
			`pass`

			`def tamper(payload, **kwargs):`
			`"""`
			`Slash escape quotes (' and ")`

Minor update 2016-02-27 17:41:15 +03:00			`>>> tamper('1" AND SLEEP(5)#')`
			`'1\\\\" AND SLEEP(5)#'`
Adding escapequotes.py (utility tamper script) 2016-02-05 14:00:57 +03:00			`"""`

			`return payload.replace("'", "\\'").replace('"', '\\"')`