sqlmap/tamper/percentage.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

import os
import string

from lib.core.common import singleTimeWarnMessage
from lib.core.enums import PRIORITY

__priority__ = PRIORITY.LOW

def dependencies():
    singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP web applications" % os.path.basename(__file__).split(".")[0])

def tamper(payload, **kwargs):
    """
    Adds a percentage sign ('%') infront of each character (e.g. SELECT -> %S%E%L%E%C%T)

    Requirement:
        * ASP

    Tested against:
        * Microsoft SQL Server 2000, 2005
        * MySQL 5.1.56, 5.5.11
        * PostgreSQL 9.0

    Notes:
        * Useful to bypass weak and bespoke web application firewalls

    >>> tamper('SELECT FIELD FROM TABLE')
    '%S%E%L%E%C%T %F%I%E%L%D %F%R%O%M %T%A%B%L%E'
    """

    if payload:
        retVal = ""
        i = 0

        while i < len(payload):
            if payload[i] == '%' and (i < len(payload) - 2) and payload[i + 1:i + 2] in string.hexdigits and payload[i + 2:i + 3] in string.hexdigits:
                retVal += payload[i:i + 3]
                i += 3
            elif payload[i] != ' ':
                retVal += '%%%s' % payload[i]
                i += 1
            else:
                retVal += payload[i]
                i += 1

    return retVal
Last preparations for DREI 2019-05-08 13:47:52 +03:00			`#!/usr/bin/env python`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00
			`"""`
Bumping copyright year 2024-01-04 01:11:52 +03:00			`Copyright (c) 2006-2024 sqlmap developers (https://sqlmap.org/)`
Replacing doc/COPYING to LICENSE 2017-10-11 15:50:46 +03:00			`See the file 'LICENSE' for copying permission`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00			`"""`

			`import os`
			`import string`

			`from lib.core.common import singleTimeWarnMessage`
Trivial update 2019-06-04 15:44:06 +03:00			`from lib.core.enums import PRIORITY`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00
			`__priority__ = PRIORITY.LOW`

			`def dependencies():`
			`singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP web applications" % os.path.basename(__file__).split(".")[0])`

Update for an Issue #12 2012-12-03 17:27:01 +04:00			`def tamper(payload, **kwargs):`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00			`"""`
Implementation for an Issue #3108 2018-07-31 03:18:33 +03:00			`Adds a percentage sign ('%') infront of each character (e.g. SELECT -> %S%E%L%E%C%T)`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00
			`Requirement:`
			`* ASP`

			`Tested against:`
			`* Microsoft SQL Server 2000, 2005`
			`* MySQL 5.1.56, 5.5.11`
			`* PostgreSQL 9.0`

			`Notes:`
			`* Useful to bypass weak and bespoke web application firewalls`
Another update for an Issue #352 and couple of fixes 2013-03-14 00:57:09 +04:00
			`>>> tamper('SELECT FIELD FROM TABLE')`
			`'%S%E%L%E%C%T %F%I%E%L%D %F%R%O%M %T%A%B%L%E'`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00			`"""`

			`if payload:`
			`retVal = ""`
			`i = 0`

			`while i < len(payload):`
Some PEP8 related style cleaning 2013-01-10 16:18:44 +04:00			`if payload[i] == '%' and (i < len(payload) - 2) and payload[i + 1:i + 2] in string.hexdigits and payload[i + 2:i + 3] in string.hexdigits:`
			`retVal += payload[i:i + 3]`
Added one more tamper script from Roberto Salgado and minor adjustment to others 2011-07-08 17:43:34 +04:00			`i += 3`
			`elif payload[i] != ' ':`
			`retVal += '%%%s' % payload[i]`
			`i += 1`
			`else:`
			`retVal += payload[i]`
			`i += 1`

Tamper function(s) refactoring (really no need for returning headers as they are passed by reference) 2012-10-25 12:10:23 +04:00			`return retVal`