Minor refactoring

stamparm · stamparm · commit 7f4fa7c27dcd · 2012-07-24T01:21:32.000+02:00
diff --git a/tamper/apostrophemask.py b/tamper/apostrophemask.py
@@ -27,4 +27,4 @@ def tamper(payload):
         * http://lukasz.pilorz.net/testy/full_width_utf/index.phps
     """
 
-    return payload.replace('\'', '%EF%BC%87') if payload else payload
+    return payload.replace('\'', "%EF%BC%87") if payload else payload
diff --git a/tamper/apostrophenullencode.py b/tamper/apostrophenullencode.py
@@ -21,4 +21,4 @@ def tamper(payload):
         * Output: AND %00%271%00%27=%00%271%00%27
     """
 
-    return payload.replace('\'', '%00%27') if payload else payload
+    return payload.replace('\'', "%00%27") if payload else payload
diff --git a/tamper/chardoubleencode.py b/tamper/chardoubleencode.py
@@ -40,7 +40,7 @@ def tamper(payload):
                 retVal += payload[i:i+3]
                 i += 3
             else:
-                retVal += '%%25%X' % ord(payload[i])
+                retVal += '%%25%.2X' % ord(payload[i])
                 i += 1
 
     return retVal
diff --git a/tamper/charencode.py b/tamper/charencode.py
@@ -47,7 +47,7 @@ def tamper(payload):
                 retVal += payload[i:i+3]
                 i += 3
             else:
-                retVal += '%%%X' % ord(payload[i])
+                retVal += '%%%.2X' % ord(payload[i])
                 i += 1
 
     return retVal
diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py
@@ -52,7 +52,7 @@ def tamper(payload):
                 retVal += "%%u00%s" % payload[i+1:i+3]
                 i += 3
             else:
-                retVal += '%%u00%X' % ord(payload[i])
+                retVal += '%%u%.4X' % ord(payload[i])
                 i += 1
 
     return retVal
diff --git a/tamper/equaltolike.py b/tamper/equaltolike.py
@@ -38,7 +38,7 @@ def tamper(payload):
 
     def process(match):
         word = match.group()
-        word = "%sLIKE%s" % (" " if word[0]!=" " else "", " " if word[-1]!=" " else "")
+        word = "%sLIKE%s" % (" " if word[0] != " " else "", " " if word[-1] != " " else "")
 
         return word
 
diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py
@@ -36,27 +36,27 @@ def tamper(payload):
     if payload and payload.find("IFNULL") > -1:
         while payload.find("IFNULL(") > -1:
             index = payload.find("IFNULL(")
-            deepness = 1
+            depth = 1
             comma, end = None, None
 
             for i in xrange(index + len("IFNULL("), len(payload)):
-                if deepness == 1 and payload[i] == ',':
+                if depth == 1 and payload[i] == ',':
                     comma = i
 
-                elif deepness == 1 and payload[i] == ')':
+                elif depth == 1 and payload[i] == ')':
                     end = i
                     break
 
                 elif payload[i] == '(':
-                    deepness += 1
+                    depth += 1
 
                 elif payload[i] == ')':
-                    deepness -= 1
+                    depth -= 1
 
             if comma and end:
-                A = payload[index + len("IFNULL("):comma]
-                B = payload[comma + 1:end]
-                newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A)
+                _ = payload[index + len("IFNULL("):comma]
+                __ = payload[comma + 1:end]
+                newVal = "IF(ISNULL(%s),%s,%s)" % (_, __, _)
                 payload = payload[:index] + newVal + payload[end+1:]
             else:
                 break
diff --git a/tamper/randomcase.py b/tamper/randomcase.py
@@ -43,11 +43,11 @@ def tamper(payload):
             word = match.group()
 
             if word.upper() in kb.keywords:
-                newWord = str()
+                _ = str()
 
                 for i in xrange(len(word)):
-                    newWord += word[i].upper() if randomRange(0, 1) else word[i].lower()
+                    _ += word[i].upper() if randomRange(0, 1) else word[i].lower()
 
-                retVal = retVal.replace(word, newWord)
+                retVal = retVal.replace(word, _)
 
     return retVal
diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py
@@ -29,12 +29,12 @@ def tamper(payload):
                 continue
 
             if word.upper() in kb.keywords:
-                newWord = word[0]
+                _ = word[0]
 
                 for i in xrange(1, len(word) - 1):
-                    newWord += "%s%s" % ("/**/" if randomRange(0, 1) else "", word[i])
+                    _ += "%s%s" % ("/**/" if randomRange(0, 1) else "", word[i])
 
-                newWord += word[-1]
-                retVal = retVal.replace(word, newWord)
+                _ += word[-1]
+                retVal = retVal.replace(word, _)
 
     return retVal
diff --git a/tamper/space2mssqlblank.py b/tamper/space2mssqlblank.py
@@ -53,7 +53,7 @@ def tamper(payload):
     #   CR      0D      carriage return                
     #   SO      0E      shift out 
     #   SI      0F      shift in
-    blanks = ['%01', '%02', '%03', '%04', '%05', '%06', '%07', '%08', '%09', '%0B', '%0C', '%0D', '%0E', '%0F', '%0A']
+    blanks = ('%01', '%02', '%03', '%04', '%05', '%06', '%07', '%08', '%09', '%0B', '%0C', '%0D', '%0E', '%0F', '%0A')
     retVal = payload
 
     if payload:
diff --git a/tamper/space2mysqlblank.py b/tamper/space2mysqlblank.py
@@ -43,7 +43,7 @@ def tamper(payload):
     #   CR      0D      carriage return
     #   VT      0B      vertical TAB        (MySQL and Microsoft SQL Server only)
     #   -       A0      -                   (MySQL only)
-    blanks = ['%09', '%0A', '%0C', '%0D', '%0B', '%A0']
+    blanks = ('%09', '%0A', '%0C', '%0D', '%0B', '%A0')
     retVal = payload
 
     if payload:
