Adding new tamper script (on request from @MilanGabor)

2025-12-06 12:41:30 +00:00 · 2016-09-15 17:58:37 +02:00
parent edcfffc279
commit b3b5bd267d
3 changed files with 28 additions and 2 deletions
--- a/tamper/htmlencode.py
+++ b/tamper/htmlencode.py
@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2016 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import re
+
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.LOW
+
+def dependencies():
+    pass
+
+def tamper(payload, **kwargs):
+    """
+    HTML encode (using code points) all non-alphanumeric characters
+
+    >>> tamper("1' AND SLEEP(5)#")
+    '1&#39;&#32;AND&#32;SLEEP&#40;5&#41;&#35;'
+    """
+
+    return re.sub(r"[^\w]", lambda match: "&#%d;" % ord(match.group(0)), payload) if payload else payload