mirror of
				https://github.com/sqlmapproject/sqlmap.git
				synced 2025-10-25 13:11:00 +03:00 
			
		
		
		
	Minor bug fix: the --tamper scripts have to be provided from the highest to the lowest priority, if not, sqlmap will reverse-sort them automatically as per user's choice. Tested, works now
This commit is contained in:
		
							parent
							
								
									4d81da6bc8
								
							
						
					
					
						commit
						73e85bfc75
					
				|  | @ -525,7 +525,7 @@ def __setTamperingFunctions(): | ||||||
|     """ |     """ | ||||||
| 
 | 
 | ||||||
|     if conf.tamper: |     if conf.tamper: | ||||||
|         last_priority = PRIORITY.LOWEST |         last_priority = PRIORITY.HIGHEST | ||||||
|         check_priority = True |         check_priority = True | ||||||
|         resolve_priorities = False |         resolve_priorities = False | ||||||
|         priorities = [] |         priorities = [] | ||||||
|  | @ -569,13 +569,13 @@ def __setTamperingFunctions(): | ||||||
| 
 | 
 | ||||||
|             for name, function in inspect.getmembers(module, inspect.isfunction): |             for name, function in inspect.getmembers(module, inspect.isfunction): | ||||||
|                 if name == "tamper" and function.func_code.co_argcount == 1: |                 if name == "tamper" and function.func_code.co_argcount == 1: | ||||||
|                     kb.tamperFunctions.append(function) |  | ||||||
|                     found = True |                     found = True | ||||||
|  |                     kb.tamperFunctions.append(function) | ||||||
| 
 | 
 | ||||||
|                     if check_priority and priority < last_priority: |                     if check_priority and priority > last_priority: | ||||||
|                         message  = "it seems that you've probably " |                         message  = "it seems that you might have mixed " | ||||||
|                         message += "mixed order of tamper scripts.\n" |                         message += "the order of tamper scripts.\n" | ||||||
|                         message += "do you want to auto resolve this? [Y/n/q]" |                         message += "Do you want to auto resolve this? [Y/n/q]" | ||||||
|                         test = readInput(message, default="Y") |                         test = readInput(message, default="Y") | ||||||
| 
 | 
 | ||||||
|                         if not test or test[0] in ("y", "Y"): |                         if not test or test[0] in ("y", "Y"): | ||||||
|  | @ -589,14 +589,16 @@ def __setTamperingFunctions(): | ||||||
| 
 | 
 | ||||||
|                     priorities.append((priority, function)) |                     priorities.append((priority, function)) | ||||||
|                     last_priority = priority |                     last_priority = priority | ||||||
|  | 
 | ||||||
|                     break |                     break | ||||||
| 
 | 
 | ||||||
|             if not found: |             if not found: | ||||||
|                 raise sqlmapGenericException, "missing function 'tamper(value)' in tamper script '%s'" % tfile |                 raise sqlmapGenericException, "missing function 'tamper(value)' in tamper script '%s'" % tfile | ||||||
| 
 | 
 | ||||||
|         if resolve_priorities and priorities: |         if resolve_priorities and priorities: | ||||||
|             priorities.sort() |             priorities.sort(reverse=True) | ||||||
|             kb.tamperFunctions = [] |             kb.tamperFunctions = [] | ||||||
|  | 
 | ||||||
|             for _, function in priorities: |             for _, function in priorities: | ||||||
|                 kb.tamperFunctions.append(function) |                 kb.tamperFunctions.append(function) | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	Block a user