mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
implemented first usable tamper module
This commit is contained in:
parent
562df9c107
commit
2dc297530a
|
@ -1,11 +1,34 @@
|
|||
import re
|
||||
|
||||
#not finished (watch for number of parenthesis)
|
||||
#IFNULL(A,B) -> IF(ISNULL(A),B,A)
|
||||
from lib.core.convert import urldecode
|
||||
from lib.core.convert import urlencode
|
||||
|
||||
"""
|
||||
Tampering IFNULL(A,B) -> IF(ISNULL(A),B,A)
|
||||
"""
|
||||
def tamper(place, value):
|
||||
if value:
|
||||
if value.find("IFNULL") > -1:
|
||||
import pdb
|
||||
pdb.set_trace()
|
||||
value = re.sub(r"IFNULL(\(|%28)(?P<A>.+?)(,|%2C)(?P<B>.+?)(\)|%29)", lambda match: "IF%%28ISNULL%%28%s%%29%%2C%s%%2C%s%%29" % ("A="+match.group("A"), "B="+match.group("B"), "A="+match.group("A")), value)
|
||||
if value and value.find("IFNULL") > -1:
|
||||
if place != "URI":
|
||||
value = urldecode(value)
|
||||
#value = re.sub(r"IFNULL\(\({%d}(?P<A>.+?)\){%d},(?P<B>.+?)\)" % (num, num), lambda match: "IF(ISNULL(%s),%s,%s)" % (match.group("A"), match.group("B"), match.group("A")), value)
|
||||
while value.find("IFNULL(") > -1:
|
||||
index = value.find("IFNULL(")
|
||||
deepness = 1
|
||||
comma, end = None, None
|
||||
for i in xrange(index + len("IFNULL("), len(value)):
|
||||
if deepness == 1 and value[i] == ',':
|
||||
comma = i
|
||||
elif deepness == 1 and value[i] == ')':
|
||||
end = i
|
||||
break
|
||||
elif value[i] == '(':
|
||||
deepness += 1
|
||||
elif value[i] == ')':
|
||||
deepness -= 1
|
||||
A = value[index + len("IFNULL("):comma]
|
||||
B = value[comma + 1:end]
|
||||
newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A)
|
||||
value = value[:index] + newVal + value[end+1:]
|
||||
if place != "URI":
|
||||
value = urlencode(value)
|
||||
return value
|
||||
|
|
Loading…
Reference in New Issue
Block a user