PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 20:51:31 +00:00
Code Issues Projects Releases Wiki Activity

minor improvement for --tamper (now standard tamper scripts can be used like --tamper=randomcase)

Browse Source
This commit is contained in:
Miroslav Stampar
2011-05-18 21:47:40 +00:00
parent 3048e9f710
commit 9832fc42d4
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/core/common.py
View File

@@ -902,6 +902,7 @@ def setPaths():
# sqlmap paths
paths.SQLMAP_EXTRAS_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "extra")
paths.SQLMAP_SHELL_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "shell")
paths.SQLMAP_TAMPER_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "tamper")
paths.SQLMAP_TXT_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "txt")
paths.SQLMAP_UDF_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "udf")
paths.SQLMAP_XML_PATH = os.path.join(paths.SQLMAP_ROOT_PATH, "xml")

5
lib/core/option.py
View File

@@ -721,7 +721,7 @@ def __setTamperingFunctions():
resolve_priorities = False
priorities = []
for tfile in conf.tamper.split(','):
for tfile in re.split(r'[,|;]', conf.tamper):
found = False
tfile = tfile.strip()
@@ -729,6 +729,9 @@ def __setTamperingFunctions():
if not tfile:
continue
elif os.path.exists(os.path.join(paths.SQLMAP_TAMPER_PATH, tfile if tfile.endswith('.py') else "%s.py" % tfile)):
tfile = os.path.join(paths.SQLMAP_TAMPER_PATH, tfile if tfile.endswith('.py') else "%s.py" % tfile)
elif not os.path.exists(tfile):
errMsg = "tamper script '%s' does not exist" % tfile
raise sqlmapFilePathException, errMsg