From 18aea251b3e08f6146a3893697d0fc907ccd6b13 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Thu, 4 Nov 2010 10:29:40 +0000 Subject: [PATCH] added concept of tamper script priority --- lib/core/common.py | 1 - lib/core/option.py | 33 +++++++++++++++++++++++++++++++++ lib/core/priority.py | 17 +++++++++++++++++ tamper/between.py | 4 ++++ tamper/charencode.py | 3 +++ tamper/charunicodeencode.py | 3 +++ tamper/ifnull2ifisnull.py | 4 ++++ tamper/randomcase.py | 3 +++ tamper/randomcomments.py | 3 +++ tamper/space2comment.py | 4 ++++ tamper/space2plus.py | 4 ++++ tamper/space2randomblank.py | 4 ++++ tamper/urlencode.py | 3 +++ 13 files changed, 85 insertions(+), 1 deletion(-) create mode 100644 lib/core/priority.py diff --git a/lib/core/common.py b/lib/core/common.py index 855af322c..3e8603a4d 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -110,7 +110,6 @@ class DynamicContentItem: self.lineContentBefore = lineContentBefore self.lineContentAfter = lineContentAfter - def paramToDict(place, parameters=None): """ Split the parameters into names and values, check if these parameters diff --git a/lib/core/option.py b/lib/core/option.py index 1fc8705e2..808e2e805 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -31,6 +31,7 @@ from lib.core.common import parseTargetDirect from lib.core.common import parseTargetUrl from lib.core.common import paths from lib.core.common import randomRange +from lib.core.common import readInput from lib.core.common import runningAsAdmin from lib.core.common import sanitizeStr from lib.core.common import UnicodeRawConfigParser @@ -47,7 +48,9 @@ from lib.core.exception import sqlmapMissingMandatoryOptionException from lib.core.exception import sqlmapMissingPrivileges from lib.core.exception import sqlmapSyntaxException from lib.core.exception import sqlmapUnsupportedDBMSException +from lib.core.exception import sqlmapUserQuitException from lib.core.optiondict import optDict +from lib.core.priority import PRIORITY from lib.core.settings import IS_WIN from lib.core.settings import PLATFORM from lib.core.settings import PYVERSION @@ -521,6 +524,11 @@ def __setTamperingFunctions(): """ if conf.tamper: + last_priority = PRIORITY.LOWEST + check_priority = True + resolve_priorities = False + priorities = [] + for tfile in conf.tamper.split(','): found = False @@ -556,16 +564,41 @@ def __setTamperingFunctions(): except ImportError, msg: raise sqlmapSyntaxException, "can not import tamper script '%s' (%s)" % (filename[:-3], msg) + priority = PRIORITY.NORMAL if not hasattr(module, '__priority__') else module.__priority__ + for name, function in inspect.getmembers(module, inspect.isfunction): if name == "tamper" and function.func_code.co_argcount == 1: kb.tamperFunctions.append(function) found = True + if check_priority and priority < last_priority: + message = "it seems that you've probably " + message += "mixed order of tamper scripts.\n" + message += "do you want to auto resolve this? [Y/n/q]" + test = readInput(message, default="Y") + + if not test or test[0] in ("y", "Y"): + resolve_priorities = True + elif test[0] in ("n", "N"): + resolve_priorities = False + elif test[0] in ("q", "Q"): + raise sqlmapUserQuitException + + check_priority = False + + priorities.append((priority, function)) + last_priority = priority break if not found: raise sqlmapGenericException, "missing function 'tamper(value)' in tamper script '%s'" % tfile + if resolve_priorities and priorities: + priorities.sort() + kb.tamperFunctions = [] + for _, function in priorities: + kb.tamperFunctions.append(function) + def __setThreads(): if not isinstance(conf.threads, int) or conf.threads <= 0: conf.threads = 1 diff --git a/lib/core/priority.py b/lib/core/priority.py new file mode 100644 index 000000000..9685230b0 --- /dev/null +++ b/lib/core/priority.py @@ -0,0 +1,17 @@ +#!/usr/bin/env python + +""" +$Id$ + +Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) +See the file 'doc/COPYING' for copying permission +""" + +class PRIORITY: + LOWEST = -100 + LOWER = -50 + LOW = -10 + NORMAL = 0 + HIGH = 10 + HIGHER = 50 + HIGHEST = 100 diff --git a/tamper/between.py b/tamper/between.py index ed4faf8d3..bb910c631 100644 --- a/tamper/between.py +++ b/tamper/between.py @@ -7,6 +7,10 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.HIGHEST + def tamper(value): """ Replaces '>' with 'NOT BETWEEN 0 AND #' diff --git a/tamper/charencode.py b/tamper/charencode.py index 4eb5adacc..668a3b5df 100644 --- a/tamper/charencode.py +++ b/tamper/charencode.py @@ -10,6 +10,9 @@ See the file 'doc/COPYING' for copying permission import string from lib.core.exception import sqlmapUnsupportedFeatureException +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOWEST def tamper(value): """ diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py index baa8dd0b7..465099482 100644 --- a/tamper/charunicodeencode.py +++ b/tamper/charunicodeencode.py @@ -10,6 +10,9 @@ See the file 'doc/COPYING' for copying permission import string from lib.core.exception import sqlmapUnsupportedFeatureException +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOWEST def tamper(value): """ diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py index a55b5ce6f..c56b20f0d 100644 --- a/tamper/ifnull2ifisnull.py +++ b/tamper/ifnull2ifisnull.py @@ -7,6 +7,10 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.HIGHEST + def tamper(value): """ Replaces 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)' diff --git a/tamper/randomcase.py b/tamper/randomcase.py index 2e83824fd..ee4af2a19 100644 --- a/tamper/randomcase.py +++ b/tamper/randomcase.py @@ -11,6 +11,9 @@ import re from lib.core.common import randomRange from lib.core.data import kb +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.NORMAL def tamper(value): """ diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py index 899567e04..949cd93ce 100644 --- a/tamper/randomcomments.py +++ b/tamper/randomcomments.py @@ -11,6 +11,9 @@ import re from lib.core.common import randomRange from lib.core.data import kb +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOW def tamper(value): """ diff --git a/tamper/space2comment.py b/tamper/space2comment.py index a339dbe46..522b52e03 100644 --- a/tamper/space2comment.py +++ b/tamper/space2comment.py @@ -7,6 +7,10 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOW + def tamper(value): """ Replaces ' ' with '/**/' diff --git a/tamper/space2plus.py b/tamper/space2plus.py index b778b0543..1295d21d2 100644 --- a/tamper/space2plus.py +++ b/tamper/space2plus.py @@ -7,6 +7,10 @@ Copyright (c) 2006-2010 sqlmap developers (http://sqlmap.sourceforge.net/) See the file 'doc/COPYING' for copying permission """ +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOW + def tamper(value): """ Replaces ' ' with '+' diff --git a/tamper/space2randomblank.py b/tamper/space2randomblank.py index 079d3cbbb..76948916a 100644 --- a/tamper/space2randomblank.py +++ b/tamper/space2randomblank.py @@ -9,6 +9,10 @@ See the file 'doc/COPYING' for copying permission import random +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOW + def tamper(value): """ Replaces ' ' with a random blank char from a set ('\r', '\n', '\t') diff --git a/tamper/urlencode.py b/tamper/urlencode.py index d0b621571..6fe131d5a 100644 --- a/tamper/urlencode.py +++ b/tamper/urlencode.py @@ -9,6 +9,9 @@ See the file 'doc/COPYING' for copying permission from lib.core.convert import urlencode from lib.core.exception import sqlmapUnsupportedFeatureException +from lib.core.priority import PRIORITY + +__priority__ = PRIORITY.LOWER def tamper(value): """