From b3b5bd267d5068c814047c086723a70b286bda07 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Thu, 15 Sep 2016 17:58:37 +0200
Subject: [PATCH] Adding new tamper script (on request from @MilanGabor)

---
 lib/core/settings.py |  2 +-
 tamper/htmlencode.py | 25 +++++++++++++++++++++++++
 txt/checksum.md5     |  3 ++-
 3 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 tamper/htmlencode.py

diff --git a/lib/core/settings.py b/lib/core/settings.py
index fdd451e2f..6faacb262 100644
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@@ -19,7 +19,7 @@ from lib.core.enums import OS
 from lib.core.revision import getRevisionNumber
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.0.9.13"
+VERSION = "1.0.9.14"
 REVISION = getRevisionNumber()
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
diff --git a/tamper/htmlencode.py b/tamper/htmlencode.py
new file mode 100644
index 000000000..f09afd416
--- /dev/null
+++ b/tamper/htmlencode.py
@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import re
+
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.LOW
+
+def dependencies():
+    pass
+
+def tamper(payload, **kwargs):
+    """
+    HTML encode (using code points) all non-alphanumeric characters
+
+    >>> tamper("1' AND SLEEP(5)#")
+    '1&#39;&#32;AND&#32;SLEEP&#40;5&#41;&#35;'
+    """
+
+    return re.sub(r"[^\w]", lambda match: "&#%d;" % ord(match.group(0)), payload) if payload else payload
diff --git a/txt/checksum.md5 b/txt/checksum.md5
index 0c863dc6b..a94685492 100644
--- a/txt/checksum.md5
+++ b/txt/checksum.md5
@@ -45,7 +45,7 @@ e60456db5380840a586654344003d4e6  lib/core/readlineng.py
 5ef56abb8671c2ca6ceecb208258e360  lib/core/replication.py
 99a2b496b9d5b546b335653ca801153f  lib/core/revision.py
 7c15dd2777af4dac2c89cab6df17462e  lib/core/session.py
-7bf39beeda908ad06081385433db8567  lib/core/settings.py
+32b9841850e40a039b5ae467197ce9e1  lib/core/settings.py
 7af83e4f18cab6dff5e67840eb65be80  lib/core/shell.py
 23657cd7d924e3c6d225719865855827  lib/core/subprocessng.py
 0bc2fae1dec18cdd11954b22358293f2  lib/core/target.py
@@ -235,6 +235,7 @@ e2aca0ea57afc24dd154472034dc9c8c  tamper/commalessmid.py
 11bb0652668bb6624494567fd92933b3  tamper/escapequotes.py
 731c25dd33fca28514930d4409daaaa3  tamper/greatest.py
 1becabc90d81c70fd24b54cae03a3702  tamper/halfversionedmorekeywords.py
+61add9dce3c0c9035901db87fa969c89  tamper/htmlencode.py
 17313c5a68aa44325616e0e38869b98e  tamper/ifnull2ifisnull.py
 dd71bbc7f76ef55a2c9c16645347ead8  tamper/informationschemacomment.py
 cc9c82cfffd8ee9b25ba3af6284f057e  tamper/__init__.py