Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c198fd7

Browse files
stamparmstamparm
committed
Update for an Issue #13 
1 parent 1e092c4 commit c198fd7

3 files changed

Lines changed: 43 additions & 2 deletions

File tree

lib/core/settings.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
from lib.core.enums import OS
2020

2121
# sqlmap version (<major>.<minor>.<month>.<monthly commit>)
22-
VERSION = "1.1.4.18"
22+
VERSION = "1.1.4.19"
2323
TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
2424
TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
2525
VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

tamper/commentbeforeparentheses.py

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/)
5+
See the file 'doc/COPYING' for copying permission
6+
"""
7+
8+
import re
9+
10+
from lib.core.enums import PRIORITY
11+
12+
__priority__ = PRIORITY.LOW
13+
14+
def dependencies():
15+
pass
16+
17+
def tamper(payload, **kwargs):
18+
"""
19+
Prepends (inline) comment before parentheses
20+
21+
Tested against:
22+
* Microsoft SQL Server
23+
* MySQL
24+
* Oracle
25+
* PostgreSQL
26+
27+
Notes:
28+
* Useful to bypass web application firewalls that block usage
29+
of function calls
30+
31+
>>> tamper('SELECT ABS(1)')
32+
'SELECT ABS/**/(1)'
33+
"""
34+
35+
retVal = payload
36+
37+
if payload:
38+
retVal = re.sub(r"\b(\w+)\(", "\g<1>/**/(", retVal)
39+
40+
return retVal

txt/checksum.md5

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ dd19b4d930d418f8aef498941346ab2d lib/core/option.py
4545
d8e9250f3775119df07e9070eddccd16 lib/core/replication.py
4646
785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py
4747
40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py
48-
78ce748dd65ba204321cb74c53ec55e3 lib/core/settings.py
48+
a69ceaa3f1d3c59bc4678777218ae334 lib/core/settings.py
4949
d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py
5050
2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py
5151
afd0636d2e93c23f4f0a5c9b6023ea17 lib/core/target.py
@@ -236,6 +236,7 @@ e6e3ae32bc3c3d5acb4b93289e3fe698 tamper/bluecoat.py
236236
893e7d907bcd370394b70a30d502be2b tamper/charunicodeencode.py
237237
596883203fbdd81ee760e4a00071bf39 tamper/commalesslimit.py
238238
f341a48112354a50347546fa73f4f531 tamper/commalessmid.py
239+
1a368a32530c04a11a531cd21d587682 tamper/commentbeforeparentheses.py
239240
28c21fd9c9801d398698c646bb894260 tamper/concat2concatws.py
240241
d496b8abd40ea1a86c771d9d20174f61 tamper/equaltolike.py
241242
fb3c31b72675f6ef27fa420a4e974a55 tamper/escapequotes.py

0 commit comments

Comments
 (0)