PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-01-21 21:59:20 +00:00
Code Issues Projects Releases Wiki Activity

Stabilizing DREI

Browse Source
This commit is contained in:
Miroslav Stampar
2019-05-03 13:20:15 +02:00
parent d8c62e0beb
commit f6f6844a0d
52 changed files with 347 additions and 334 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tamper/multiplespaces.py
View File

@@ -10,6 +10,7 @@ import re
from lib.core.data import kb
from lib.core.enums import PRIORITY
from lib.core.datatype import OrderedSet
__priority__ = PRIORITY.NORMAL
@@ -28,13 +29,13 @@ def tamper(payload, **kwargs):
>>> random.seed(0)
>>> tamper('1 UNION SELECT foobar')
'1 UNION SELECT foobar'
'1 UNION SELECT foobar'
"""
retVal = payload
if payload:
words = set()
words = OrderedSet()
for match in re.finditer(r"\b[A-Za-z_]+\b", payload):
word = match.group()
@@ -43,7 +44,7 @@ def tamper(payload, **kwargs):
words.add(word)
for word in words:
retVal = re.sub(r"(?<=\W)%s(?=[^A-Za-z_(]|\Z)" % word, "%s%s%s" % (' ' * random.randrange(1, 4), word, ' ' * random.randrange(1, 4)), retVal)
retVal = re.sub(r"(?<=\W)%s(?=[(])" % word, "%s%s" % (' ' * random.randrange(1, 4), word), retVal)
retVal = re.sub(r"(?<=\W)%s(?=[^A-Za-z_(]|\Z)" % word, "%s%s%s" % (' ' * random.randint(1, 4), word, ' ' * random.randint(1, 4)), retVal)
retVal = re.sub(r"(?<=\W)%s(?=[(])" % word, "%s%s" % (' ' * random.randint(1, 4), word), retVal)
return retVal