Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit d970e26

Browse files
stamparmstamparm
committed
introducing new style for copyright header
1 parent f07608e commit d970e26

7 files changed

Lines changed: 44 additions & 1 deletion

File tree

tamper/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.

tamper/charencode.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.
3+
14
import re
25
import string
36

@@ -8,10 +11,12 @@
811
"""
912
def tamper(place, value):
1013
retVal = value
14+
1115
if value:
1216
if place != "URI":
1317
retVal = ""
1418
i = 0
19+
1520
while i < len(value):
1621
if value[i] == '%' and (i < len(value) - 2) and value[i+1] in string.hexdigits and value[i+2] in string.hexdigits:
1722
retVal += value[i:i+3]
@@ -21,4 +26,5 @@ def tamper(place, value):
2126
i += 1
2227
else:
2328
raise sqlmapUnsupportedFeatureException, "can't use tampering module '%s' with 'URI' type injections" % __name__
29+
2430
return retVal

tamper/doubleencode.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.
3+
14
import re
25

36
from lib.core.convert import urlencode
@@ -12,4 +15,5 @@ def tamper(place, value):
1215
value = urlencode(value)
1316
else:
1417
raise sqlmapUnsupportedFeatureException, "can't use tampering module '%s' with 'URI' type injections" % __name__
18+
1519
return value

tamper/ifnull2ifisnull.py

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.
3+
14
import re
25

36
from lib.core.convert import urldecode
@@ -7,14 +10,16 @@
710
IFNULL(A,B) -> IF(ISNULL(A),B,A) (e.g., IFNULL(1,2) -> IF(ISNULL(1),2,1))
811
"""
912
def tamper(place, value):
13+
1014
if value and value.find("IFNULL") > -1:
1115
if place != "URI":
1216
value = urldecode(value)
13-
#value = re.sub(r"IFNULL\(\({%d}(?P<A>.+?)\){%d},(?P<B>.+?)\)" % (num, num), lambda match: "IF(ISNULL(%s),%s,%s)" % (match.group("A"), match.group("B"), match.group("A")), value)
17+
1418
while value.find("IFNULL(") > -1:
1519
index = value.find("IFNULL(")
1620
deepness = 1
1721
comma, end = None, None
22+
1823
for i in xrange(index + len("IFNULL("), len(value)):
1924
if deepness == 1 and value[i] == ',':
2025
comma = i
@@ -25,13 +30,16 @@ def tamper(place, value):
2530
deepness += 1
2631
elif value[i] == ')':
2732
deepness -= 1
33+
2834
if comma and end:
2935
A = value[index + len("IFNULL("):comma]
3036
B = value[comma + 1:end]
3137
newVal = "IF(ISNULL(%s),%s,%s)" % (A, B, A)
3238
value = value[:index] + newVal + value[end+1:]
3339
else:
3440
break
41+
3542
if place != "URI":
3643
value = urlencode(value)
44+
3745
return value

tamper/randomblanks.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.
3+
14
import re
25
import string
36

@@ -11,6 +14,7 @@
1114
"""
1215
def tamper(place, value):
1316
retVal = value
17+
1418
if value:
1519
if place != "URI":
1620
retVal = urldecode(retVal)
@@ -23,11 +27,14 @@ def tamper(place, value):
2327

2428
if word.upper() in kb.keywords:
2529
newWord = word[0]
30+
2631
for i in xrange(1, len(word) - 1):
2732
newWord += "%s%s" % ("/**/" if randomRange(0,1) else "", word[i])
33+
2834
newWord += word[-1]
2935
retVal = retVal.replace(word, newWord)
3036

3137
if place != "URI":
3238
retVal = urlencode(retVal)
39+
3340
return retVal

tamper/randomcase.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.
3+
14
import re
25
import string
36

@@ -11,16 +14,20 @@
1114
"""
1215
def tamper(place, value):
1316
retVal = value
17+
1418
if value:
1519
if place != "URI":
1620
retVal = urldecode(retVal)
1721

1822
for match in re.finditer(r"[A-Za-z_]+", retVal):
1923
word = match.group()
24+
2025
if word.upper() in kb.keywords:
2126
newWord = str()
27+
2228
for i in xrange(len(word)):
2329
newWord += word[i].upper() if randomRange(0,1) else word[i].lower()
30+
2431
retVal = retVal.replace(word, newWord)
2532

2633
if place != "URI":

tamper/space2comment.py

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Copyright (c) 2006-2010 sqlmap project (http://sqlmap.sourceforge.net/)
2+
# See the file doc/COPYING for copying permission.
3+
14
import re
25

36
from lib.core.convert import urldecode
@@ -8,6 +11,7 @@
811
"""
912
def tamper(place, value):
1013
retVal = value
14+
1115
if value:
1216
if place != "URI":
1317
value = urldecode(value)
@@ -21,16 +25,21 @@ def tamper(place, value):
2125
firstspace = True
2226
retVal += "/**/"
2327
continue
28+
2429
elif value[i] == '\'':
2530
qoute = not qoute
31+
2632
elif value[i] == '"':
2733
doublequote = not doublequote
34+
2835
elif value[i]==" " and not doublequote and not qoute:
2936
retVal += "/**/"
3037
continue
38+
3139
retVal += value[i]
3240

3341
if place != "URI":
3442
retVal = urlencode(retVal)
43+
3544
return retVal
3645

0 commit comments

Comments
 (0)