Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 694b5bb

Browse files
stamparmstamparm
committed
New tamper script (per user request)
1 parent eb498e6 commit 694b5bb

3 files changed

Lines changed: 45 additions & 2 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.2.5.23"
22+
VERSION = "1.2.5.24"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

tamper/0x2char.py

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2018 sqlmap developers (http://sqlmap.org/)
5+
See the file 'LICENSE' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.data import kb
11+
from lib.core.enums import PRIORITY
12+
13+
__priority__ = PRIORITY.NORMAL
14+
15+
def dependencies():
16+
pass
17+
18+
def tamper(payload, **kwargs):
19+
"""
20+
Replaces each (MySQL) 0x<hex> encoded string with equivalent CONCAT(CHAR(),...) counterpart
21+
22+
Tested against:
23+
* MySQL 4, 5.0 and 5.5
24+
25+
Notes:
26+
* Useful in cases when web application does the upper casing
27+
28+
>>> tamper('SELECT 0xdeadbeef')
29+
'SELECT CONCAT(CHAR(222),CHAR(173),CHAR(190),CHAR(239))'
30+
"""
31+
32+
retVal = payload
33+
34+
if payload:
35+
for match in re.finditer(r"\b0x([0-9a-f]+)\b", retVal):
36+
if len(match.group(1)) > 2:
37+
result = "CONCAT(%s)" % ','.join("CHAR(%d)" % ord(_) for _ in match.group(1).decode("hex"))
38+
else:
39+
result = "CHAR(%d)" % ord(match.group(1).decode("hex"))
40+
retVal = retVal.replace(match.group(0), result)
41+
42+
return retVal

txt/checksum.md5

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ c9a56e58984420a5abb7a3f7aadc196d lib/core/optiondict.py
4747
0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py
4848
a7db43859b61569b601b97f187dd31c5 lib/core/revision.py
4949
fcb74fcc9577523524659ec49e2e964b lib/core/session.py
50-
dbf72e4b82773ade88cc34a53f80abcb lib/core/settings.py
50+
dcdc0a7179010067fdbf8ad1fa9ab09e lib/core/settings.py
5151
0dfc2ed40adf72e302291f6ecd4406f6 lib/core/shell.py
5252
a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py
5353
6306284edcccc185b2df085438572b0d lib/core/target.py
@@ -226,6 +226,7 @@ ec2ba8c757ac96425dcd2b97970edd3a shell/stagers/stager.asp_
226226
2f9e459a4cf6a58680978cdce5ff7971 shell/stagers/stager.php_
227227
4eaeef94314956e4517e5310a28d579a sqlmapapi.py
228228
5c8583dd47f92935ceb41210a10eeebf sqlmap.py
229+
b2c2cc55ba4e31bea94494dcafe5d8cc tamper/0x2char.py
229230
4c3b8a7daa4bff52e01d4168be0eedbe tamper/apostrophemask.py
230231
4115a55b8aba464723d645b7d3156b6e tamper/apostrophenullencode.py
231232
d7e9a979eff4d7315d804a181e66fc93 tamper/appendnullbyte.py

0 commit comments

Comments
 (0)