sqlmap/tamper/hexentities.py

34 lines
715 B
Python
Raw Permalink Normal View History

2022-10-06 12:32:31 +03:00
#!/usr/bin/env python
"""
2023-01-03 01:24:59 +03:00
Copyright (c) 2006-2023 sqlmap developers (https://sqlmap.org/)
2022-10-06 12:32:31 +03:00
See the file 'LICENSE' for copying permission
"""
from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def dependencies():
pass
def tamper(payload, **kwargs):
"""
HTML encode in hexadecimal (using code points) all characters (e.g. ' -> 1)
>>> tamper("1' AND SLEEP(5)#")
'1' AND SLEEP(5)#'
"""
retVal = payload
if payload:
retVal = ""
i = 0
while i < len(payload):
retVal += "&#x%s;" % format(ord(payload[i]), "x")
i += 1
return retVal