-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathsqli_query_tampering.py
103 lines (81 loc) · 3.2 KB
/
sqli_query_tampering.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
from burp import (IBurpExtender, IIntruderPayloadGeneratorFactory, ITab,
IIntruderPayloadGenerator, IIntruderPayloadProcessor)
from tamper import SQLiTamper
from UI import PluginUI
try:
from exceptions_fix import FixBurpExceptions
import sys
except ImportError:
pass
class BurpExtender(IBurpExtender, IIntruderPayloadGeneratorFactory, IIntruderPayloadProcessor, ITab):
def __init__(self):
self.tamperedPayloads = []
self.PayloadList = []
self.tamper = SQLiTamper()
def registerExtenderCallbacks(self, callbacks):
self.callbacks = callbacks
self.helper = callbacks.getHelpers()
sys.stdout = callbacks.getStdout()
callbacks.setExtensionName('SQLi Query Tampering')
callbacks.registerIntruderPayloadGeneratorFactory(self)
callbacks.registerIntruderPayloadProcessor(self)
callbacks.addSuiteTab(self)
print('SQLi Query Tampering v 1.3\nCreated by Xer0Days')
print('Based on Sqlmap\'s Tampering Functions\n')
print('---------------------------------------------')
print('Github:\t\thttps://github.com/xer0days\nTwitter:\thttps://twitter.com/Xer0Days')
print('---------------------------------------------\n')
def getGeneratorName(self):
return 'SQLi Query Tampering'
def getProcessorName(self):
return 'SQLi Query Tampering'
def createNewInstance(self, attack):
return IntruderPayloadGenerator(self)
def getTabCaption(self):
return 'SQLi Tampering'
def getUiComponent(self):
self.ui = PluginUI(self)
return self.ui.mainPanel
def processPayload(self, currentPayload, originalPayload, baseValue):
tamperFuncName = self.ui.getProcessorTechName()
currPayload = self.helper.bytesToString(currentPayload)
result = getattr(self.tamper, tamperFuncName)(currPayload)
return self.helper.stringToBytes(result)
def getTamperFuncsName(self):
result = []
for func in self.tamper.techniques['All']:
result.append(func.__name__)
return sorted(result)
def tamperSinglePayload(self, tamperFuncName=None, payload=''):
if tamperFuncName is None: return
result = getattr(self.tamper, tamperFuncName)(payload)
return result
def generatePayloads(self):
self.tamperedPayloads[:] = []
self.tamperedPayloads = self.tamperedPayloads + self.PayloadList
techs = self.ui.getGeneratorTechsName()
if not len(techs): return
for tech in techs:
for func in self.tamper.techniques[tech]:
for payload in self.PayloadList:
tampered = func(payload)
self.tamperedPayloads.append(tampered)
# Remove duplicate payloads
self.tamperedPayloads = list(dict.fromkeys(self.tamperedPayloads))
class IntruderPayloadGenerator(IIntruderPayloadGenerator):
def __init__(self, extender):
self.extender = extender
self.payloadIndex = 0
self.extender.generatePayloads()
def hasMorePayloads(self):
return self.payloadIndex < len(self.extender.tamperedPayloads)
def getNextPayload(self, baseValue):
payload = self.extender.helper.stringToBytes(self.extender.tamperedPayloads[self.payloadIndex])
self.payloadIndex += 1
return payload
def reset(self):
self.payloadIndex = 0
try:
FixBurpExceptions()
except NameError:
pass