adding one more tamper script

This commit is contained in:
Miroslav Stampar 2011-06-09 09:38:07 +00:00
parent 03d6031fe7
commit 0d0f2863af
2 changed files with 28 additions and 2 deletions

View File

@ -22,8 +22,6 @@ __author__ = ('Nicola Larosa <nico-NoSp@m-tekNico.net>,'
__docformat__ = "restructuredtext en"
__revision__ = '$Id$'
__version__ = '0.2.2'
__all__ = ['OrderedDict', 'SequenceOrderedDict']

28
tamper/appendnullbyte.py Normal file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env python
"""
$Id$
Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""
import string
from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOWEST
def tamper(payload):
"""
Appends encoded null byte character at the end of payload
Example: "AND 1=1" becomes "AND 1=1%00"
Reference: http://projects.webappsec.org/w/page/13246949/Null-Byte-Injection
"""
retVal = payload
if payload:
retVal = "%s%%00" % payload
return retVal