sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update for an Issue #12

Browse Source
This commit is contained in:
Miroslav Stampar 2012-12-03 14:27:01 +01:00
parent 79fca8e9d5
commit 42a8234c6f
36 changed files with 36 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/option.py
View File

@ -835,7 +835,7 @@ def __setTamperingFunctions():
priority = PRIORITY.NORMAL if not hasattr(module, '__priority__') else module.__priority__
for name, function in inspect.getmembers(module, inspect.isfunction):
if name == "tamper" and function.func_code.co_argcount == 2:
if name == "tamper":
found = True
kb.tamperFunctions.append(function)
function.func_name = module.__name__

2
tamper/apostrophemask.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.LOWEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces apostrophe character with its UTF-8 full width counterpart

2
tamper/apostrophenullencode.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.LOWEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces apostrophe character with its illegal double unicode counterpart

2
tamper/appendnullbyte.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.LOWEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Appends encoded NULL byte character at the end of payload

2
tamper/base64encode.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.LOWEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Base64 all characters in a given payload

2
tamper/between.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.HIGHEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces greater than operator ('>') with 'NOT BETWEEN 0 AND #'

2
tamper/bluecoat.py
View File

@ -17,7 +17,7 @@ __priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character after SQL statement with a valid random blank character.
Afterwards replace character = with LIKE operator

2
tamper/chardoubleencode.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Double url-encodes all characters in a given payload (not processing
already encoded)

2
tamper/charencode.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.LOWEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Url-encodes all characters in a given payload (not processing already
encoded)

2
tamper/charunicodeencode.py
View File

@ -16,7 +16,7 @@ __priority__ = PRIORITY.LOWEST
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP or ASP.NET web applications" % os.path.basename(__file__).split(".")[0])
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Unicode-url-encodes non-encoded characters in a given payload (not
processing already encoded)

2
tamper/equaltolike.py
View File

@ -17,7 +17,7 @@ __priority__ = PRIORITY.HIGHEST
def dependencies():
singleTimeWarnMessage("tamper script '%s' is unlikely to work against %s" % (os.path.basename(__file__).split(".")[0], DBMS.PGSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces all occurances of operator equal ('=') with operator 'LIKE'

2
tamper/halfversionedmorekeywords.py
View File

@ -19,7 +19,7 @@ __priority__ = PRIORITY.HIGHER
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.1" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Adds versioned MySQL comment before each keyword

2
tamper/ifnull2ifisnull.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.HIGHEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces instances like 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)'

2
tamper/modsecurityversioned.py
View File

@ -13,7 +13,7 @@ __priority__ = PRIORITY.HIGHER
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Embraces complete query with versioned comment

2
tamper/modsecurityzeroversioned.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.HIGHER
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Embraces complete query with zero-versioned comment

2
tamper/multiplespaces.py
View File

@ -16,7 +16,7 @@ __priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Adds multiple spaces around SQL keywords

2
tamper/nonrecursivereplacement.py
View File

@ -13,7 +13,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.NORMAL
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces predefined SQL keywords with representations
suitable for replacement (e.g. .replace("SELECT", "")) filters

2
tamper/percentage.py
View File

@ -16,7 +16,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP web applications" % os.path.basename(__file__).split(".")[0])
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Adds a percentage sign ('%') infront of each character

2
tamper/randomcase.py
View File

@ -16,7 +16,7 @@ __priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces each keyword character with random case value

2
tamper/randomcomments.py
View File

@ -13,7 +13,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Add random comments to SQL keywords
Example: 'INSERT' becomes 'IN/**/S/**/ERT'

2
tamper/securesphere.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Appends special crafted string

2
tamper/sp_password.py
View File

@ -9,7 +9,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.HIGH
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Appends 'sp_password' to the end of the payload for automatic obfuscation from DBMS logs

2
tamper/space2comment.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with comments '/**/'

2
tamper/space2dash.py
View File

@ -12,7 +12,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a dash comment ('--') followed by
a random string and a new line ('\n')

2
tamper/space2hash.py
View File

@ -18,7 +18,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a pound character ('#') followed by
a random string and a new line ('\n')

2
tamper/space2morehash.py
View File

@ -21,7 +21,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s > 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a pound character ('#') followed by
a random string and a new line ('\n')

2
tamper/space2mssqlblank.py
View File

@ -17,7 +17,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MSSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a random blank character from a
valid set of alternate characters

2
tamper/space2mssqlhash.py
View File

@ -9,7 +9,7 @@ from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a pound character ('#') followed by
a new line ('\n')

2
tamper/space2mysqlblank.py
View File

@ -17,7 +17,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a random blank character from a
valid set of alternate characters

2
tamper/space2mysqldash.py
View File

@ -16,7 +16,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a dash comment ('--') followed by
a new line ('\n')

2
tamper/space2plus.py
View File

@ -12,7 +12,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with plus ('+')

2
tamper/space2randomblank.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.LOW
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces space character (' ') with a random blank character from a
valid set of alternate characters

2
tamper/unionalltounion.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.HIGHEST
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces UNION ALL SELECT with UNION SELECT

2
tamper/unmagicquotes.py
View File

@ -14,7 +14,7 @@ __priority__ = PRIORITY.NORMAL
def dependencies():
pass
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Replaces quote character (') with a multi-byte combo %bf%27 together with
generic comment at the end (to make it work)

2
tamper/versionedkeywords.py
View File

@ -18,7 +18,7 @@ __priority__ = PRIORITY.HIGHER
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Encloses each non-function keyword with versioned MySQL comment

2
tamper/versionedmorekeywords.py
View File

@ -19,7 +19,7 @@ __priority__ = PRIORITY.HIGHER
def dependencies():
singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
def tamper(payload, headers=None):
def tamper(payload, **kwargs):
"""
Encloses each keyword with versioned MySQL comment