Merge b9f8d29f67 into 28eca2116f

lib/core/option.py

@@ -842,7 +842,8 @@ def _setTamperingFunctions():
         last_priority = PRIORITY.HIGHEST
         check_priority = True
         resolve_priorities = False
-        priorities = []
+        tamper_priorities = []
+        decode_priorities = []
 
         for tfile in re.split(PARAMETER_SPLITTING_REGEX, conf.tamper):
             found = False
@@ -885,9 +886,17 @@ def _setTamperingFunctions():
             priority = PRIORITY.NORMAL if not hasattr(module, '__priority__') else module.__priority__
 
             for name, function in inspect.getmembers(module, inspect.isfunction):
-                if name == "tamper":
+                if name == "tamper" or name == "decode":
                     found = True
-                    kb.tamperFunctions.append(function)
+
+                    if name == "tamper":
+                        function_list = kb.tamperFunctions
+                        priorities = tamper_priorities
+                    elif name == "decode":
+                        function_list = kb.decodeFunctions
+                        priorities = decode_priorities
+
+                    function_list.append(function)
                     function.func_name = module.__name__
 
                     if check_priority and priority > last_priority:
@@ -913,17 +922,24 @@ def _setTamperingFunctions():
                     function()
 
             if not found:
-                errMsg = "missing function 'tamper(payload, headers)' "
+                errMsg = "missing function 'tamper(payload, headers)' or 'decode(page, headers, code)'"
                 errMsg += "in tamper script '%s'" % tfile
                 raise SqlmapGenericException(errMsg)
 
-        if resolve_priorities and priorities:
-            priorities.sort(reverse=True)
+        if resolve_priorities:
+            tamper_priorities.sort(reverse=True)
             kb.tamperFunctions = []
 
-            for _, function in priorities:
+            for _, function in tamper_priorities:
                 kb.tamperFunctions.append(function)
 
+            decode_priorities.sort(reverse=True)
+            kb.decodeFunctions = []
+
+            for _, function in decode_priorities:
+                kb.decodeFunctions.append(function)
+
+
 def _setWafFunctions():
     """
     Loads WAF/IDS/IPS detecting functions from script(s)
@@ -1698,6 +1714,7 @@ def _setKnowledgeBaseAttributes(flushAll=True):
         kb.keywords = set(getFileItems(paths.SQL_KEYWORDS))
         kb.passwordMgr = None
         kb.tamperFunctions = []
+        kb.decodeFunctions = []
         kb.targets = oset()
         kb.testedParams = set()
         kb.userAgents = None

lib/parse/cmdline.py

@@ -253,7 +253,7 @@ def cmdLineParser():
                              help="Injection payload suffix string")
 
         injection.add_option("--tamper", dest="tamper",
-                             help="Use given script(s) for tampering injection data")
+                             help="Use given script(s) for tampering injection data and/or responses")
 
         # Detection options
         detection = OptionGroup(parser, "Detection", "These options can be "

lib/request/connect.py

@@ -182,6 +182,13 @@ class Connect(object):
 
         return retVal
 
+    @staticmethod
+    def _decode(page, headers = None, code = None):
+        if kb.decodeFunctions:
+            for function in kb.decodeFunctions:
+                page, headers, code= function(page, headers, code)
+        return page, headers, code
+
     @staticmethod
     def getPage(**kwargs):
         """
@@ -282,7 +289,7 @@ class Connect(object):
                 responseHeaders[URI_HTTP_HEADER] = conn.geturl()
                 page = decodePage(page, responseHeaders.get(HTTP_HEADER.CONTENT_ENCODING), responseHeaders.get(HTTP_HEADER.CONTENT_TYPE))
 
-                return page
+                return Connect._decode(page) # FIXME other return statements return triplet, this did not?!
 
             elif any((refreshing, crawling)):
                 pass
@@ -390,7 +397,7 @@ class Connect(object):
 
             # Return response object
             if response:
-                return conn, None, None
+                return conn, None, None # FIXME dead code?
 
             # Get HTTP response
             if hasattr(conn, 'redurl'):
@@ -590,7 +597,7 @@ class Connect(object):
 
         logger.log(CUSTOM_LOGGING.TRAFFIC_IN, responseMsg)
 
-        return page, responseHeaders, code
+        return Connect._decode(page, responseHeaders, code)
 
     @staticmethod
     def queryPage(value=None, place=None, content=False, getRatioValue=False, silent=False, method=None, timeBasedCompare=False, noteResponseTime=True, auxHeaders=None, response=False, raise404=None, removeReflection=True):

tamper/base64decode.py

@@ -0,0 +1,27 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import base64
+
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.LOWEST
+
+def dependencies():
+    pass
+
+def decode(page, headers, code, **kwargs):
+    """
+    Base64 decode a response
+    """
+
+    try:
+        retval = base64.b64decode(page)
+    except TypeError: # Decode error
+        retval = page
+
+    return retval, headers, code