sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-25 11:03:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

update of tampering modules

Browse Source
This commit is contained in:
Miroslav Stampar 2010-10-13 19:51:10 +00:00
parent f700692c74
commit 1b3b916587
4 changed files with 54 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
tamper/charencode.py Normal file
View File

@ -0,0 +1,25 @@
import re
import string
from lib.core.convert import urlencode
from lib.core.exception import sqlmapUnsupportedFeatureException
"""
value -> urlencode of nonencoded chars in value
"""
def tamper(place, value):
retVal = value
if value:
if place != "URI":
retVal = ""
i = 0
while i < len(value):
if value[i] == '%' and (i < len(value) - 2) and value[i+1] in string.hexdigits and value[i+2] in string.hexdigits:
retVal += value[i:i+3]
i += 3
else:
retVal += '%%%X' % ord(value[i])
i += 1
else:
raise sqlmapUnsupportedFeatureException, "can't use tampering module 'charencode.py' with 'URI' type injections"
return retVal

13
tamper/ifnull2ifisnull.py
View File

@ -4,7 +4,7 @@ from lib.core.convert import urldecode
from lib.core.convert import urlencode from lib.core.convert import urlencode
""" """
Tampering IFNULL(A,B) -> IF(ISNULL(A),B,A) IFNULL(A,B) -> IF(ISNULL(A),B,A)
""" """
def tamper(place, value): def tamper(place, value):
if value and value.find("IFNULL") > -1: if value and value.find("IFNULL") > -1:
@ -25,10 +25,13 @@ def tamper(place, value):
deepness += 1 deepness += 1
elif value[i] == ')': elif value[i] == ')':
deepness -= 1 deepness -= 1
A = value[index + len("IFNULL("):comma] if comma and end:
B = value[comma + 1:end] A = value[index + len("IFNULL("):comma]
newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A) B = value[comma + 1:end]
value = value[:index] + newVal + value[end+1:] newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A)
value = value[:index] + newVal + value[end+1:]
else:
break
if place != "URI": if place != "URI":
value = urlencode(value) value = urlencode(value)
return value return value

20
tamper/randomcase.py Normal file
View File

@ -0,0 +1,20 @@
import re
import string
from lib.core.convert import urlencode
from lib.core.common import randomRange
from lib.core.exception import sqlmapUnsupportedFeatureException
"""
value -> random case of chars in value
"""
def tamper(place, value):
retVal = value
if value:
retVal = ""
for i in xrange(len(value)):
if value[i].isalpha():
retVal += value[i].upper() if randomRange(0,1) else value[i].lower()
else:
retVal += value[i]
return retVal

2
tamper/space2comment.py
View File

@ -4,7 +4,7 @@ from lib.core.convert import urldecode
from lib.core.convert import urlencode from lib.core.convert import urlencode
""" """
Tampering ' ' -> /**/ ' ' -> /**/
""" """
def tamper(place, value): def tamper(place, value):
if value: if value: