diff --git a/lib/core/common.py b/lib/core/common.py index 8920ca854..885cdaac5 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -868,11 +868,11 @@ def boldifyMessage(message): retVal = message if any(_ in message for _ in BOLD_PATTERNS): - retVal = setColor(message, True) + retVal = setColor(message, bold=True) return retVal -def setColor(message, bold=False): +def setColor(message, color=None, bold=False): retVal = message level = extractRegexResult(r"\[(?P%s)\]" % '|'.join(_[0] for _ in getPublicTypeMembers(LOGGING_LEVELS)), message) or kb.get("stickyLevel") @@ -880,8 +880,8 @@ def setColor(message, bold=False): level = unicodeencode(level) if message and getattr(LOGGER_HANDLER, "is_tty", False): # colorizing handler - if bold: - retVal = colored(message, color=None, on_color=None, attrs=("bold",)) + if bold or color: + retVal = colored(message, color=color, on_color=None, attrs=("bold",) if bold else None) elif level: level = getattr(logging, level, None) if isinstance(level, basestring) else level retVal = LOGGER_HANDLER.colorize(message, level) @@ -925,7 +925,7 @@ def dataToStdout(data, forceOutput=False, bold=False, content_type=None, status= if conf.get("api"): sys.stdout.write(message, status, content_type) else: - sys.stdout.write(setColor(message, bold)) + sys.stdout.write(setColor(message, bold=bold)) sys.stdout.flush() except IOError: diff --git a/lib/core/option.py b/lib/core/option.py index ee2d64112..502a79101 100644 --- a/lib/core/option.py +++ b/lib/core/option.py @@ -54,6 +54,7 @@ from lib.core.common import resetCookieJar from lib.core.common import runningAsAdmin from lib.core.common import safeExpandUser from lib.core.common import saveConfig +from lib.core.common import setColor from lib.core.common import setOptimize from lib.core.common import setPaths from lib.core.common import singleTimeWarnMessage @@ -699,6 +700,22 @@ def _setDBMS(): break +def _listTamperingFunctions(): + """ + Lists available tamper functions + """ + + if conf.listTampers: + infoMsg = "listing available tamper scripts\n" + logger.info(infoMsg) + + for script in sorted(glob.glob(os.path.join(paths.SQLMAP_TAMPER_PATH, "*.py"))): + content = openFile(script, "rb").read() + match = re.search(r'(?s)__priority__.+"""(.+)"""', content) + if match: + comment = match.group(1).strip() + dataToStdout("* %s - %s\n" % (setColor(os.path.basename(script), "yellow"), re.sub(r" *\n *", " ", comment.split("\n\n")[0].strip()))) + def _setTamperingFunctions(): """ Loads tampering functions from given script(s) @@ -2459,6 +2476,7 @@ def init(): _setDNSServer() _adjustLoggingFormatter() _setMultipleTargets() + _listTamperingFunctions() _setTamperingFunctions() _setWafFunctions() _setTrafficOutputFP() diff --git a/lib/core/optiondict.py b/lib/core/optiondict.py index e8c25ac62..10c5b2c8e 100644 --- a/lib/core/optiondict.py +++ b/lib/core/optiondict.py @@ -227,6 +227,7 @@ optDict = { "disableColoring": "boolean", "googlePage": "integer", "identifyWaf": "boolean", + "listTampers": "boolean", "mobile": "boolean", "offline": "boolean", "purge": "boolean", diff --git a/lib/core/settings.py b/lib/core/settings.py index 85c54fbc2..93ae43a1f 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.2.7.27" +VERSION = "1.2.7.28" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/lib/parse/cmdline.py b/lib/parse/cmdline.py index ab2fbe8eb..b255b9da1 100644 --- a/lib/parse/cmdline.py +++ b/lib/parse/cmdline.py @@ -637,6 +637,9 @@ def cmdLineParser(argv=None): miscellaneous.add_option("--identify-waf", dest="identifyWaf", action="store_true", help="Make a thorough testing for a WAF/IPS/IDS protection") + miscellaneous.add_option("--list-tampers", dest="listTampers", action="store_true", + help="Display list of available tamper scripts") + miscellaneous.add_option("--mobile", dest="mobile", action="store_true", help="Imitate smartphone through HTTP User-Agent header") @@ -874,9 +877,9 @@ def cmdLineParser(argv=None): if args.dummy: args.url = args.url or DUMMY_URL - if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purge, args.sitemapUrl)): - errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --wizard, --update, --purge or --dependencies), " - errMsg += "use -h for basic or -hh for advanced help\n" + if not any((args.direct, args.url, args.logFile, args.bulkFile, args.googleDork, args.configFile, args.requestFile, args.updateAll, args.smokeTest, args.liveTest, args.wizard, args.dependencies, args.purge, args.sitemapUrl, args.listTampers)): + errMsg = "missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, -x, --list-tampers, --wizard, --update, --purge or --dependencies). " + errMsg += "Use -h for basic and -hh for advanced help\n" parser.error(errMsg) return args diff --git a/sqlmap.conf b/sqlmap.conf index 3d70d3383..962651c57 100644 --- a/sqlmap.conf +++ b/sqlmap.conf @@ -778,6 +778,10 @@ googlePage = 1 # Valid: True or False identifyWaf = False +# Display list of available tamper scripts +# Valid: True or False +listTampers = False + # Imitate smartphone through HTTP User-Agent header. # Valid: True or False mobile = False diff --git a/tamper/apostrophemask.py b/tamper/apostrophemask.py index cc01e3f71..231617ad6 100644 --- a/tamper/apostrophemask.py +++ b/tamper/apostrophemask.py @@ -14,7 +14,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces apostrophe character (') with its UTF-8 full width counterpart + Replaces apostrophe character (') with its UTF-8 full width counterpart (e.g. ' -> %EF%BC%87) References: * http://www.utf8-chartable.de/unicode-utf8-table.pl?start=65280&number=128 diff --git a/tamper/apostrophenullencode.py b/tamper/apostrophenullencode.py index a984d26d3..54fe9c802 100644 --- a/tamper/apostrophenullencode.py +++ b/tamper/apostrophenullencode.py @@ -14,7 +14,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces apostrophe character (') with its illegal double unicode counterpart + Replaces apostrophe character (') with its illegal double unicode counterpart (e.g. ' -> %00%27) >>> tamper("1 AND '1'='1") '1 AND %00%271%00%27=%00%271' diff --git a/tamper/appendnullbyte.py b/tamper/appendnullbyte.py index 662b57857..1eaca164f 100644 --- a/tamper/appendnullbyte.py +++ b/tamper/appendnullbyte.py @@ -18,7 +18,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Appends encoded NULL byte character (%00) at the end of payload + Appends (Access) NULL byte character (%00) at the end of payload Requirement: * Microsoft Access diff --git a/tamper/base64encode.py b/tamper/base64encode.py index d2057778b..21ae80233 100644 --- a/tamper/base64encode.py +++ b/tamper/base64encode.py @@ -17,7 +17,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Base64 all characters in a given payload + Base64-encodes all characters in a given payload >>> tamper("1' AND SLEEP(5)#") 'MScgQU5EIFNMRUVQKDUpIw==' diff --git a/tamper/bluecoat.py b/tamper/bluecoat.py index f0f034f39..5b17c0db6 100644 --- a/tamper/bluecoat.py +++ b/tamper/bluecoat.py @@ -17,8 +17,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character after SQL statement with a valid random blank character. - Afterwards replace character '=' with operator LIKE + Replaces space character after SQL statement with a valid random blank character. Afterwards replace character '=' with operator LIKE Requirement: * Blue Coat SGOS with WAF activated as documented in diff --git a/tamper/chardoubleencode.py b/tamper/chardoubleencode.py index 19a50bf5c..b1d0f8fe2 100644 --- a/tamper/chardoubleencode.py +++ b/tamper/chardoubleencode.py @@ -16,7 +16,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Double URL-encodes all characters in a given payload (not processing already encoded) + Double URL-encodes all characters in a given payload (not processing already encoded) (e.g. SELECT -> %2553%2545%254C%2545%2543%2554) Notes: * Useful to bypass some weak web application firewalls that do not double URL-decode the request before processing it through their ruleset diff --git a/tamper/charencode.py b/tamper/charencode.py index 37f5ff31c..324c4a90d 100644 --- a/tamper/charencode.py +++ b/tamper/charencode.py @@ -16,7 +16,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - URL-encodes all characters in a given payload (not processing already encoded) + URL-encodes all characters in a given payload (not processing already encoded) (e.g. SELECT -> %53%45%4C%45%43%54) Tested against: * Microsoft SQL Server 2005 diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py index 0c07a31fc..dc1a5dca3 100644 --- a/tamper/charunicodeencode.py +++ b/tamper/charunicodeencode.py @@ -18,7 +18,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Unicode-URL-encodes all characters in a given payload (not processing already encoded) + Unicode-URL-encodes all characters in a given payload (not processing already encoded) (e.g. SELECT -> %u0053%u0045%u004C%u0045%u0043%u0054) Requirement: * ASP diff --git a/tamper/charunicodeescape.py b/tamper/charunicodeescape.py index 380f0736b..28984164d 100644 --- a/tamper/charunicodeescape.py +++ b/tamper/charunicodeescape.py @@ -13,7 +13,7 @@ __priority__ = PRIORITY.NORMAL def tamper(payload, **kwargs): """ - Unicode-escapes non-encoded characters in a given payload (not processing already encoded) + Unicode-escapes non-encoded characters in a given payload (not processing already encoded) (e.g. SELECT -> \u0053\u0045\u004C\u0045\u0043\u0054) Notes: * Useful to bypass weak filtering and/or WAFs in JSON contexes diff --git a/tamper/ifnull2casewhenisnull.py b/tamper/ifnull2casewhenisnull.py index b049d8582..c9a8c0ee2 100644 --- a/tamper/ifnull2casewhenisnull.py +++ b/tamper/ifnull2casewhenisnull.py @@ -14,7 +14,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces instances like 'IFNULL(A, B)' with 'CASE WHEN ISNULL(A) THEN (B) ELSE (A) END' + Replaces instances like 'IFNULL(A, B)' with 'CASE WHEN ISNULL(A) THEN (B) ELSE (A) END' counterpart Requirement: * MySQL diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py index 956629296..9e2531941 100644 --- a/tamper/ifnull2ifisnull.py +++ b/tamper/ifnull2ifisnull.py @@ -14,7 +14,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces instances like 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)' + Replaces instances like 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)' counterpart Requirement: * MySQL diff --git a/tamper/informationschemacomment.py b/tamper/informationschemacomment.py index 63a2d9aa2..24fcc7b9b 100644 --- a/tamper/informationschemacomment.py +++ b/tamper/informationschemacomment.py @@ -13,7 +13,7 @@ __priority__ = PRIORITY.NORMAL def tamper(payload, **kwargs): """ - Add a comment to the end of all occurrences of (MySQL) "information_schema" identifier + Add an inline comment (/**/) to the end of all occurrences of (MySQL) "information_schema" identifier >>> tamper('SELECT table_name FROM INFORMATION_SCHEMA.TABLES') 'SELECT table_name FROM INFORMATION_SCHEMA/**/.TABLES' diff --git a/tamper/lowercase.py b/tamper/lowercase.py index 0723edbdd..51a86e335 100644 --- a/tamper/lowercase.py +++ b/tamper/lowercase.py @@ -17,7 +17,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces each keyword character with lower case value + Replaces each keyword character with lower case value (e.g. SELECT -> select) Tested against: * Microsoft SQL Server 2005 diff --git a/tamper/overlongutf8.py b/tamper/overlongutf8.py index c53213174..3e4346383 100644 --- a/tamper/overlongutf8.py +++ b/tamper/overlongutf8.py @@ -16,7 +16,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Converts all (non-alphanum) characters in a given payload (not processing already encoded) + Converts all (non-alphanum) characters in a given payload to overlong UTF8 (not processing already encoded) (e.g. ' -> %C0%A7) Reference: * https://www.acunetix.com/vulnerabilities/unicode-transformation-issues/ diff --git a/tamper/overlongutf8more.py b/tamper/overlongutf8more.py index 2a9ee4c14..a34b61929 100644 --- a/tamper/overlongutf8more.py +++ b/tamper/overlongutf8more.py @@ -16,7 +16,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Converts all characters in a given payload (not processing already encoded) + Converts all characters in a given payload to overlong UTF8 (not processing already encoded) (e.g. SELECT -> %C1%93%C1%85%C1%8C%C1%85%C1%83%C1%94) Reference: * https://www.acunetix.com/vulnerabilities/unicode-transformation-issues/ diff --git a/tamper/percentage.py b/tamper/percentage.py index 0a32661e5..182ddc52c 100644 --- a/tamper/percentage.py +++ b/tamper/percentage.py @@ -18,7 +18,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Adds a percentage sign ('%') infront of each character + Adds a percentage sign ('%') infront of each character (e.g. SELECT -> %S%E%L%E%C%T) Requirement: * ASP diff --git a/tamper/plus2concat.py b/tamper/plus2concat.py index fa238ae91..574a20828 100644 --- a/tamper/plus2concat.py +++ b/tamper/plus2concat.py @@ -20,7 +20,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces plus operator ('+') with (MsSQL) function CONCAT() + Replaces plus operator ('+') with (MsSQL) function CONCAT() counterpart Tested against: * Microsoft SQL Server 2012 diff --git a/tamper/plus2fnconcat.py b/tamper/plus2fnconcat.py index 273dd6462..86ceee621 100644 --- a/tamper/plus2fnconcat.py +++ b/tamper/plus2fnconcat.py @@ -20,7 +20,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces plus operator ('+') with (MsSQL) ODBC function {fn CONCAT()} + Replaces plus operator ('+') with (MsSQL) ODBC function {fn CONCAT()} counterpart Tested against: * Microsoft SQL Server 2008 diff --git a/tamper/randomcase.py b/tamper/randomcase.py index a5fcaf970..9d2843154 100644 --- a/tamper/randomcase.py +++ b/tamper/randomcase.py @@ -18,7 +18,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces each keyword character with random case value + Replaces each keyword character with random case value (e.g. SELECT -> SEleCt) Tested against: * Microsoft SQL Server 2005 diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py index 700413423..9890deed3 100644 --- a/tamper/randomcomments.py +++ b/tamper/randomcomments.py @@ -15,7 +15,7 @@ __priority__ = PRIORITY.LOW def tamper(payload, **kwargs): """ - Add random inline comments inside SQL keywords + Add random inline comments inside SQL keywords (e.g. SELECT -> S/**/E/**/LECT) >>> import random >>> random.seed(0) diff --git a/tamper/space2dash.py b/tamper/space2dash.py index 94cfc8d24..525e051a2 100644 --- a/tamper/space2dash.py +++ b/tamper/space2dash.py @@ -14,8 +14,7 @@ __priority__ = PRIORITY.LOW def tamper(payload, **kwargs): """ - Replaces space character (' ') with a dash comment ('--') followed by - a random string and a new line ('\n') + Replaces space character (' ') with a dash comment ('--') followed by a random string and a new line ('\n') Requirement: * MSSQL diff --git a/tamper/space2hash.py b/tamper/space2hash.py index c21e3f041..56d5e06e5 100644 --- a/tamper/space2hash.py +++ b/tamper/space2hash.py @@ -20,8 +20,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with a pound character ('#') followed by - a random string and a new line ('\n') + Replaces (MySQL) instances of space character (' ') with a pound character ('#') followed by a random string and a new line ('\n') Requirement: * MySQL diff --git a/tamper/space2morecomment.py b/tamper/space2morecomment.py index 0fa476d59..e3644b6d9 100644 --- a/tamper/space2morecomment.py +++ b/tamper/space2morecomment.py @@ -14,7 +14,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with comments '/**_**/' + Replaces (MySQL) instances of space character (' ') with comments '/**_**/' Tested against: * MySQL 5.0 and 5.5 diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py index aa5df6f1a..77169fb96 100644 --- a/tamper/space2morehash.py +++ b/tamper/space2morehash.py @@ -23,8 +23,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with a pound character ('#') followed by - a random string and a new line ('\n') + Replaces (MySQL) instances of space character (' ') with a pound character ('#') followed by a random string and a new line ('\n') Requirement: * MySQL >= 5.1.13 diff --git a/tamper/space2mssqlblank.py b/tamper/space2mssqlblank.py index 8a1ba82a4..8424ec1ca 100644 --- a/tamper/space2mssqlblank.py +++ b/tamper/space2mssqlblank.py @@ -19,8 +19,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with a random blank character from a - valid set of alternate characters + Replaces (MsSQL) instances of space character (' ') with a random blank character from a valid set of alternate characters Requirement: * Microsoft SQL Server diff --git a/tamper/space2mssqlhash.py b/tamper/space2mssqlhash.py index e50a560c6..0e489c8f2 100644 --- a/tamper/space2mssqlhash.py +++ b/tamper/space2mssqlhash.py @@ -11,8 +11,7 @@ __priority__ = PRIORITY.LOW def tamper(payload, **kwargs): """ - Replaces space character (' ') with a pound character ('#') followed by - a new line ('\n') + Replaces space character (' ') with a pound character ('#') followed by a new line ('\n') Requirement: * MSSQL diff --git a/tamper/space2mysqlblank.py b/tamper/space2mysqlblank.py index ed0242529..0216e2d6e 100644 --- a/tamper/space2mysqlblank.py +++ b/tamper/space2mysqlblank.py @@ -19,8 +19,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with a random blank character from a - valid set of alternate characters + Replaces (MySQL) instances of space character (' ') with a random blank character from a valid set of alternate characters Requirement: * MySQL diff --git a/tamper/space2mysqldash.py b/tamper/space2mysqldash.py index f35107902..67e72538b 100644 --- a/tamper/space2mysqldash.py +++ b/tamper/space2mysqldash.py @@ -18,15 +18,12 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with a dash comment ('--') followed by - a new line ('\n') + Replaces space character (' ') with a dash comment ('--') followed by a new line ('\n') Requirement: * MySQL * MSSQL - Tested against: - Notes: * Useful to bypass several web application firewalls. diff --git a/tamper/space2randomblank.py b/tamper/space2randomblank.py index c61a3a3f4..0234b65ca 100644 --- a/tamper/space2randomblank.py +++ b/tamper/space2randomblank.py @@ -16,8 +16,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces space character (' ') with a random blank character from a - valid set of alternate characters + Replaces space character (' ') with a random blank character from a valid set of alternate characters Tested against: * Microsoft SQL Server 2005 diff --git a/tamper/unionalltounion.py b/tamper/unionalltounion.py index f5d759412..46e00447e 100644 --- a/tamper/unionalltounion.py +++ b/tamper/unionalltounion.py @@ -14,7 +14,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces UNION ALL SELECT with UNION SELECT + Replaces instances of UNION ALL SELECT with UNION SELECT counterpart >>> tamper('-1 UNION ALL SELECT') '-1 UNION SELECT' diff --git a/tamper/uppercase.py b/tamper/uppercase.py index 64382c4e1..71aeba794 100644 --- a/tamper/uppercase.py +++ b/tamper/uppercase.py @@ -17,7 +17,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Replaces each keyword character with upper case value + Replaces each keyword character with upper case value (e.g. select -> SELECT) Tested against: * Microsoft SQL Server 2005 diff --git a/tamper/varnish.py b/tamper/varnish.py index fdc6fb09b..b0b020e7e 100644 --- a/tamper/varnish.py +++ b/tamper/varnish.py @@ -14,12 +14,12 @@ def dependencies(): def tamper(payload, **kwargs): """ - Append a HTTP header 'X-originating-IP' to bypass - WAF Protection of Varnish Firewall + Appends a HTTP header 'X-originating-IP' to bypass Varnish Firewall + + Reference: + * http://h30499.www3.hp.com/t5/Fortify-Application-Security/Bypassing-web-application-firewalls-using-HTTP-headers/ba-p/6418366 Notes: - Reference: http://h30499.www3.hp.com/t5/Fortify-Application-Security/Bypassing-web-application-firewalls-using-HTTP-headers/ba-p/6418366 - Examples: >> X-forwarded-for: TARGET_CACHESERVER_IP (184.189.250.X) >> X-remote-IP: TARGET_PROXY_IP (184.189.250.X) diff --git a/tamper/versionedkeywords.py b/tamper/versionedkeywords.py index 920d88d18..31524e608 100644 --- a/tamper/versionedkeywords.py +++ b/tamper/versionedkeywords.py @@ -20,7 +20,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Encloses each non-function keyword with versioned MySQL comment + Encloses each non-function keyword with (MySQL) versioned comment Requirement: * MySQL diff --git a/tamper/versionedmorekeywords.py b/tamper/versionedmorekeywords.py index 1fe5adf56..d84808147 100644 --- a/tamper/versionedmorekeywords.py +++ b/tamper/versionedmorekeywords.py @@ -21,7 +21,7 @@ def dependencies(): def tamper(payload, **kwargs): """ - Encloses each keyword with versioned MySQL comment + Encloses each keyword with (MySQL) versioned comment Requirement: * MySQL >= 5.1.13 diff --git a/tamper/xforwardedfor.py b/tamper/xforwardedfor.py index 4374a4862..6cd5c8113 100644 --- a/tamper/xforwardedfor.py +++ b/tamper/xforwardedfor.py @@ -20,8 +20,7 @@ def randomIP(): def tamper(payload, **kwargs): """ - Append a fake HTTP header 'X-Forwarded-For' to bypass - WAF (usually application based) protection + Append a fake HTTP header 'X-Forwarded-For' """ headers = kwargs.get("headers", {}) diff --git a/txt/checksum.md5 b/txt/checksum.md5 index 27f9d2297..65185f6f7 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -28,7 +28,7 @@ c7443613a0a2505b1faec931cee2a6ef lib/controller/handler.py 1e5532ede194ac9c083891c2f02bca93 lib/controller/__init__.py 0adf547455a76dc71e6a599e52da1ed9 lib/core/agent.py fd8f239e259afaf5f24bcf34a0ad187f lib/core/bigarray.py -af0c5caaa6328319a682073afa93ec84 lib/core/common.py +ee1b800e860263b877a2b292a3e4becd lib/core/common.py 0d082da16c388b3445e656e0760fb582 lib/core/convert.py 9f87391b6a3395f7f50830b391264f27 lib/core/data.py 72016ea5c994a711a262fd64572a0fcd lib/core/datatype.py @@ -40,15 +40,15 @@ ab3f4f3e3019add5f4a2e28f7e8748a4 lib/core/enums.py cada93357a7321655927fc9625b3bfec lib/core/exception.py 1e5532ede194ac9c083891c2f02bca93 lib/core/__init__.py 458a194764805cd8312c14ecd4be4d1e lib/core/log.py -13c0a490b5a928b64236b4a15e578267 lib/core/optiondict.py -c82dee0f62e729213b92f5ec85f74b70 lib/core/option.py +05f72baa2db4073bb0273d7fc1df13eb lib/core/optiondict.py +8e759d4c8711a5980d4bdc2d044a4fd4 lib/core/option.py c8c386d644d57c659d74542f5f57f632 lib/core/patch.py 6783160150b4711d02c56ee2beadffdb lib/core/profiling.py 6f654e1715571eff68a0f8af3d62dcf8 lib/core/readlineng.py 0c3eef46bdbf87e29a3f95f90240d192 lib/core/replication.py a7db43859b61569b601b97f187dd31c5 lib/core/revision.py fcb74fcc9577523524659ec49e2e964b lib/core/session.py -ec2adffae2982c11332c573fe4e68d6d lib/core/settings.py +b0c61c78049b4e342aeafd2fc85430fe lib/core/settings.py dd68a9d02fccb4fa1428b20e15b0db5d lib/core/shell.py a7edc9250d13af36ac0108f259859c19 lib/core/subprocessng.py 12bed9603b6fba3e5ffda11d584bc449 lib/core/target.py @@ -59,7 +59,7 @@ b35636650cfe721f5cc47fb91737c061 lib/core/update.py e772deb63270375e685fa5a7b775c382 lib/core/wordlist.py 1e5532ede194ac9c083891c2f02bca93 lib/__init__.py 7620f1f4b8791e13c7184c06b5421754 lib/parse/banner.py -bc34167c7accc61df07b2982cddd0338 lib/parse/cmdline.py +babf5c48bc6a3797fc459706af4465cd lib/parse/cmdline.py fb2e2f05dde98caeac6ccf3e67192177 lib/parse/configfile.py 3794ff139869f5ae8e81cfdbe5714f56 lib/parse/handler.py 6bab53ea9d75bc9bb8169d3e8f3f149f lib/parse/headers.py @@ -228,16 +228,16 @@ ec2ba8c757ac96425dcd2b97970edd3a shell/stagers/stager.asp_ 4eaeef94314956e4517e5310a28d579a sqlmapapi.py a35b5b83c12841fdf3925190c9d24299 sqlmap.py 523dab9e1093eb59264c6beb366b255a tamper/0x2char.py -4e6956958ef8135cd543d7a57f2e73ff tamper/apostrophemask.py -7c838eadd96b20800ba0bd394f5014f0 tamper/apostrophenullencode.py -0d7e8a3a0e17c92d51c49415884a47c9 tamper/appendnullbyte.py -0298d81e9dfac7ff18a5236c0f1d84b6 tamper/base64encode.py +3a1697585ae4e7bf315e9dda97d6f321 tamper/apostrophemask.py +d7a119a74be9b385ee3884fb5e6af041 tamper/apostrophenullencode.py +a14420ef43cdeb8fbc091116d31d31f1 tamper/appendnullbyte.py +cfe19908ec32e3f2e113e759705f986b tamper/base64encode.py e77a89b2af931a1820f6ba4b86d19cd4 tamper/between.py -e1d2329adc6ca89828a2eaec2951806c tamper/bluecoat.py -1807417f8a7fc0bb30c36ead458da0c8 tamper/chardoubleencode.py -043c97c7b214335838a6bb15eeedcba3 tamper/charencode.py -0c0d0e5d0caf4258a75112ab59fa3e75 tamper/charunicodeencode.py -18b2ca09390686f895c3bbd6460ac034 tamper/charunicodeescape.py +9df0a1810a27b92eec1375d19a95b7ef tamper/bluecoat.py +8c174b8925f4f075010b04d85c02a169 tamper/chardoubleencode.py +45174c61533f464806f4454be6a3f2d6 tamper/charencode.py +0aadf3e93dd72a9b94cb6532b3343dd1 tamper/charunicodeencode.py +014f352771f0c1fb9e0f5397c5a03dc3 tamper/charunicodeescape.py 6c618b9310ed5c8de93c927e920b1d31 tamper/commalesslimit.py 50f6532870d2e109bf46468e8d3ded49 tamper/commalessmid.py 4951fec0a1af043e4b9c0728882d3452 tamper/commentbeforeparentheses.py @@ -247,44 +247,44 @@ e1d2329adc6ca89828a2eaec2951806c tamper/bluecoat.py 4393cc5220d2e39c5c9c5a9af4e2635d tamper/greatest.py 6124bc647bfa04f2b16ff8cad98382d4 tamper/halfversionedmorekeywords.py ef0639557a79e57b06296c4bc223ebef tamper/htmlencode.py -3f79551baf811ff70b2ba8795a2064be tamper/ifnull2casewhenisnull.py -e2c2b6a67546b36983a72f129a817ec0 tamper/ifnull2ifisnull.py -4615cbeff722583e7ab3dbe774e38c93 tamper/informationschemacomment.py +42f232d776065e325e862867c522c523 tamper/ifnull2casewhenisnull.py +6e3ab1cf4ccf5524dcb60e390f920b60 tamper/ifnull2ifisnull.py +3ed2c6299c7c94776306535ff6090ab3 tamper/informationschemacomment.py 1e5532ede194ac9c083891c2f02bca93 tamper/__init__.py 2dc49bcd6c55f4e2322b07fa92685356 tamper/least.py -1834b5409c449d2ea1b70a5038fed9eb tamper/lowercase.py +40d1ea0796fd91cb3cdd602e36daed15 tamper/lowercase.py 1c4d622d1c2c77fc3db1f8b3849467ee tamper/modsecurityversioned.py f177a624c2cd3431c433769c6eb995e7 tamper/modsecurityzeroversioned.py 91b63afdb96b1d51c12a14cbd425d310 tamper/multiplespaces.py efd1917c6ccc632f044084a30e0e0f98 tamper/nonrecursivereplacement.py -95bf07047343c68a05658f5f11c6b413 tamper/overlongutf8more.py -db4687249dedddbe057c8b163923ef01 tamper/overlongutf8.py -bc0363e4fc04240c9f7b81e4ecce0714 tamper/percentage.py -db9cd6325d1814e5fe88323fe4add4e1 tamper/plus2concat.py -bcad55e2f7ce3e58a4cc7fcef77d4a4a tamper/plus2fnconcat.py -e94a1c7e4dc7450ac224436269d823bb tamper/randomcase.py -e50d9ed1c988638899cf82f18452e96c tamper/randomcomments.py +dcf3458f9010ca41bc4b56804f15792c tamper/overlongutf8more.py +a3a3cef042b864c4226b63f89548f939 tamper/overlongutf8.py +89f8753a0ef65d2bb860c8864e9e935a tamper/percentage.py +a47aafcbc1de2deb85160e29de46f748 tamper/plus2concat.py +759b86cf3bb1d7871dc6489538253f94 tamper/plus2fnconcat.py +078494e1217400b485ef653108d32699 tamper/randomcase.py +28626e4b8c673228dcfe4f1627a9e08b tamper/randomcomments.py 938bfac6e55a8823e4a66cd29166d980 tamper/securesphere.py cac8a56f8cc6c14524ee392daa5ae2fd tamper/space2comment.py -62d4d07b640d9d54d26ba33a77de9474 tamper/space2dash.py -ab91c20f71973b1a9a5fecfb9f2a1d1f tamper/space2hash.py -18f827afce8322adfa0c6dfbb4a59379 tamper/space2morecomment.py -59e61a9dd1f1e6b79fde026ed771cac4 tamper/space2morehash.py -ad45e799126d2d563b3958f714d2e7c6 tamper/space2mssqlblank.py -74334d72bffb99b0ac092f87f4da2675 tamper/space2mssqlhash.py -fd1bff6caefe5007444f7a0fabbc8ce9 tamper/space2mysqlblank.py -48a1f013657186e336d249adefbdbc7b tamper/space2mysqldash.py +4e6da2aca962b6110652e5f83dce5cd7 tamper/space2dash.py +7cdbae483262f66ef5d77521c59d9621 tamper/space2hash.py +f3fed47a4fccb2b482f1f01559b8f55a tamper/space2morecomment.py +fc3d9896cac8f4a97efd39673fadca7b tamper/space2morehash.py +b55ed15af74ffefc4dc303646c7c6482 tamper/space2mssqlblank.py +64e3d97e22f7e0870e88a87fd2f64243 tamper/space2mssqlhash.py +3ef95855a38bbc0f031ae3a992dcbf52 tamper/space2mysqlblank.py +8a4737f853354ac9c3788278589a772a tamper/space2mysqldash.py 72a547bc3bf32dba0d1c3093988df8af tamper/space2plus.py -6ce135f89259c379d84c85e538300091 tamper/space2randomblank.py +a74cd6375c5d5d253e2e7014b00ecd33 tamper/space2randomblank.py 93fc10b57586936cef05e88227c84ad0 tamper/sp_password.py 041cb567dff6bb6e7389e12ab3fb84c6 tamper/symboliclogical.py -6459c62914ae643799667de8bd283c97 tamper/unionalltounion.py +6679c4ffb7322315a738dcfa68c6fb7c tamper/unionalltounion.py 51d20b5cb5a50fc2e44d39087f865d23 tamper/unmagicquotes.py -371afb396f0bb18d97147c5db83354f4 tamper/uppercase.py -557ce5bf5ae9b7ab26f2c6b57312f41a tamper/varnish.py -929a2586dbb7b758a454eb09e13e5a73 tamper/versionedkeywords.py -3aff4d344ebd4f38e033e73b63f84447 tamper/versionedmorekeywords.py -ed1acafbac707bfa71c72f76b81c1bdd tamper/xforwardedfor.py +cc212839f55692d422beef3a8e22a8d4 tamper/uppercase.py +f2b9eac52d346315f5705f71beeda791 tamper/varnish.py +0e40966a51d1eb5d42a2159d2015a8a4 tamper/versionedkeywords.py +0fba004bf1be6edbefbda89f23f4e518 tamper/versionedmorekeywords.py +de532c4e3160039335010c499129d54f tamper/xforwardedfor.py b25b47ddeeb62e5857fd5ad17fd454b5 thirdparty/ansistrm/ansistrm.py d41d8cd98f00b204e9800998ecf8427e thirdparty/ansistrm/__init__.py 8e775c25bc9e84891ad6fcb4f0005c23 thirdparty/beautifulsoup/beautifulsoup.py