Updated docstring

This commit is contained in:
Bernardo Damele 2011-07-11 10:39:30 +00:00
parent 86d28947aa
commit 4ae71fd5f4

View File

@ -7,14 +7,16 @@ Copyright (c) 2006-2011 sqlmap developers (http://www.sqlmap.org/)
See the file 'doc/COPYING' for copying permission See the file 'doc/COPYING' for copying permission
""" """
import os
import string import string
from lib.core.enums import PRIORITY from lib.core.enums import PRIORITY
from lib.core.common import singleTimeWarnMessage
__priority__ = PRIORITY.LOWEST __priority__ = PRIORITY.LOWEST
def dependencies(): def dependencies():
pass singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP or ASP.NET web applications" % os.path.basename(__file__).split(".")[0])
def tamper(payload): def tamper(payload):
""" """
@ -25,9 +27,15 @@ def tamper(payload):
* Input: SELECT FIELD%20FROM TABLE * Input: SELECT FIELD%20FROM TABLE
* Output: %u0053%u0045%u004c%u0045%u0043%u0054%u0020%u0046%u0049%u0045%u004c%u0044%u0020%u0046%u0052%u004f%u004d%u0020%u0054%u0041%u0042%u004c%u0045' * Output: %u0053%u0045%u004c%u0045%u0043%u0054%u0020%u0046%u0049%u0045%u004c%u0044%u0020%u0046%u0052%u004f%u004d%u0020%u0054%u0041%u0042%u004c%u0045'
Requirement:
* ASP
* ASP.NET
Tested against: Tested against:
* Microsoft SQL Server 2000 * Microsoft SQL Server 2000
* Microsoft SQL Server 2005 * Microsoft SQL Server 2005
* MySQL 5.1.56
* PostgreSQL 9.0.3
Notes: Notes:
* Useful to bypass weak web application firewalls that do not * Useful to bypass weak web application firewalls that do not