adding very useful tampering script

This commit is contained in:
Miroslav Stampar 2011-05-28 15:42:47 +00:00
parent 95dea1fbf9
commit 39f131162f
3 changed files with 232 additions and 2 deletions

View File

@ -17,7 +17,7 @@ __priority__ = PRIORITY.NORMAL
def tamper(payload): def tamper(payload):
""" """
Replaces each character with random case value Replaces each keyword character with random case value
Example: 'INSERT' might become 'InsERt' Example: 'INSERT' might become 'InsERt'
""" """

View File

@ -0,0 +1,37 @@
#!/usr/bin/env python
"""
$Id$
Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
See the file 'doc/COPYING' for copying permission
"""
import re
from lib.core.common import randomRange
from lib.core.data import kb
from lib.core.enums import PRIORITY
__priority__ = PRIORITY.NORMAL
def tamper(payload):
"""
Encloses each keyword with versioned comment
Example: 'INSERT' will become '/*!INSERT*/'
"""
def process(match):
word = match.group('word')
if word.upper() in kb.keywords and word.upper() not in ["CAST"]: # CAST can't be commented out
return match.group().replace(word, "/*!%s*/" % word)
else:
return match.group()
retVal = payload
if payload:
retVal = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=\W|\Z)", lambda match: process(match), retVal)
retVal = retVal.replace(" /*!", "/*!").replace("*/ ", "*/")
return retVal

View File

@ -1,7 +1,7 @@
# Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/) # Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
# See the file 'doc/COPYING' for copying permission # See the file 'doc/COPYING' for copying permission
#SQL-92 keywords (reference: http://developer.mimer.com/validator/sql-reserved-words.tml) # SQL-92 keywords (reference: http://developer.mimer.com/validator/sql-reserved-words.tml)
ABSOLUTE ABSOLUTE
ACTION ACTION
@ -258,3 +258,196 @@ WORK
WRITE WRITE
YEAR YEAR
ZONE ZONE
# MySQL 5.0 keywords (reference: http://dev.mysql.com/doc/refman/5.0/en/reserved-words.html)
ADD
ALL
ALTER
ANALYZE
AND
ASASC
ASENSITIVE
BEFORE
BETWEEN
BIGINT
BINARYBLOB
BOTH
BY
CALL
CASCADE
CASECHANGE
CAST
CHAR
CHARACTER
CHECK
COLLATE
COLUMN
CONCAT
CONDITIONCONSTRAINT
CONTINUE
CONVERT
CREATE
CROSS
CURRENT_DATE
CURRENT_TIMECURRENT_TIMESTAMP
CURRENT_USER
CURSOR
DATABASE
DATABASES
DAY_HOUR
DAY_MICROSECONDDAY_MINUTE
DAY_SECOND
DEC
DECIMAL
DECLARE
DEFAULTDELAYED
DELETE
DESC
DESCRIBE
DETERMINISTIC
DISTINCTDISTINCTROW
DIV
DOUBLE
DROP
DUAL
EACH
ELSEELSEIF
ENCLOSED
ESCAPED
EXISTS
EXIT
EXPLAIN
FALSEFETCH
FLOAT
FLOAT4
FLOAT8
FOR
FORCE
FOREIGNFROM
FULLTEXT
GRANT
GROUP
HAVING
HIGH_PRIORITYHOUR_MICROSECOND
HOUR_MINUTE
HOUR_SECOND
IF
IFNULL
IGNORE
ININDEX
INFILE
INNER
INOUT
INSENSITIVE
INSERT
INTINT1
INT2
INT3
INT4
INT8
INTEGER
INTERVALINTO
IS
ISNULL
ITERATE
JOIN
KEY
KEYS
KILLLEADING
LEAVE
LEFT
LIKE
LIMIT
LINESLOAD
LOCALTIME
LOCALTIMESTAMP
LOCK
LONG
LONGBLOBLONGTEXT
LOOP
LOW_PRIORITY
MATCH
MEDIUMBLOB
MEDIUMINT
MEDIUMTEXTMIDDLEINT
MINUTE_MICROSECOND
MINUTE_SECOND
MOD
MODIFIES
NATURAL
NOTNO_WRITE_TO_BINLOG
NULL
NUMERIC
ON
OPTIMIZE
OPTION
OPTIONALLYOR
ORDER
OUT
OUTER
OUTFILE
PRECISIONPRIMARY
PROCEDURE
PURGE
READ
READS
REALREFERENCES
REGEXP
RELEASE
RENAME
REPEAT
REPLACE
REQUIRERESTRICT
RETURN
REVOKE
RIGHT
RLIKE
SCHEMA
SCHEMASSECOND_MICROSECOND
SELECT
SENSITIVE
SEPARATOR
SET
SHOW
SMALLINTSONAME
SPATIAL
SPECIFIC
SQL
SQLEXCEPTION
SQLSTATESQLWARNING
SQL_BIG_RESULT
SQL_CALC_FOUND_ROWS
SQL_SMALL_RESULT
SSL
STARTINGSTRAIGHT_JOIN
TABLE
TERMINATED
THEN
TINYBLOB
TINYINT
TINYTEXTTO
TRAILING
TRIGGER
TRUE
UNDO
UNION
UNIQUEUNLOCK
UNSIGNED
UPDATE
USAGE
USE
USING
UTC_DATEUTC_TIME
UTC_TIMESTAMP
VALUES
VARBINARY
VARCHAR
VARCHARACTERVARYING
VERSION
WHEN
WHERE
WHILE
WITH
WRITEXOR
YEAR_MONTH
ZEROFILL