Update for an Issue sqlmapproject#12

stamparm · stamparm · commit 42a8234c6fad · 2012-12-03T14:27:01.000+01:00
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -835,7 +835,7 @@ def __setTamperingFunctions():
             priority = PRIORITY.NORMAL if not hasattr(module, '__priority__') else module.__priority__
 
             for name, function in inspect.getmembers(module, inspect.isfunction):
-                if name == "tamper" and function.func_code.co_argcount == 2:
+                if name == "tamper":
                     found = True
                     kb.tamperFunctions.append(function)
                     function.func_name = module.__name__
diff --git a/tamper/apostrophemask.py b/tamper/apostrophemask.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces apostrophe character with its UTF-8 full width counterpart
 
diff --git a/tamper/apostrophenullencode.py b/tamper/apostrophenullencode.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces apostrophe character with its illegal double unicode counterpart
 
diff --git a/tamper/appendnullbyte.py b/tamper/appendnullbyte.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Appends encoded NULL byte character at the end of payload
 
diff --git a/tamper/base64encode.py b/tamper/base64encode.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Base64 all characters in a given payload
 
diff --git a/tamper/between.py b/tamper/between.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces greater than operator ('>') with 'NOT BETWEEN 0 AND #'
 
diff --git a/tamper/bluecoat.py b/tamper/bluecoat.py
@@ -17,7 +17,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character after SQL statement with a valid random blank character.
     Afterwards replace character = with LIKE operator
diff --git a/tamper/chardoubleencode.py b/tamper/chardoubleencode.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Double url-encodes all characters in a given payload (not processing
     already encoded)
diff --git a/tamper/charencode.py b/tamper/charencode.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Url-encodes all characters in a given payload (not processing already
     encoded)
diff --git a/tamper/charunicodeencode.py b/tamper/charunicodeencode.py
@@ -16,7 +16,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP or ASP.NET web applications" % os.path.basename(__file__).split(".")[0])
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Unicode-url-encodes non-encoded characters in a given payload (not
     processing already encoded)
diff --git a/tamper/equaltolike.py b/tamper/equaltolike.py
@@ -17,7 +17,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is unlikely to work against %s" % (os.path.basename(__file__).split(".")[0], DBMS.PGSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces all occurances of operator equal ('=') with operator 'LIKE'
 
diff --git a/tamper/halfversionedmorekeywords.py b/tamper/halfversionedmorekeywords.py
@@ -19,7 +19,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s < 5.1" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Adds versioned MySQL comment before each keyword
 
diff --git a/tamper/ifnull2ifisnull.py b/tamper/ifnull2ifisnull.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces instances like 'IFNULL(A, B)' with 'IF(ISNULL(A), B, A)'
 
diff --git a/tamper/modsecurityversioned.py b/tamper/modsecurityversioned.py
@@ -13,7 +13,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Embraces complete query with versioned comment
 
diff --git a/tamper/modsecurityzeroversioned.py b/tamper/modsecurityzeroversioned.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Embraces complete query with zero-versioned comment
 
diff --git a/tamper/multiplespaces.py b/tamper/multiplespaces.py
@@ -16,7 +16,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Adds multiple spaces around SQL keywords
 
diff --git a/tamper/nonrecursivereplacement.py b/tamper/nonrecursivereplacement.py
@@ -13,7 +13,7 @@
 
 __priority__ = PRIORITY.NORMAL
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces predefined SQL keywords with representations
     suitable for replacement (e.g. .replace("SELECT", "")) filters
diff --git a/tamper/percentage.py b/tamper/percentage.py
@@ -16,7 +16,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against ASP web applications" % os.path.basename(__file__).split(".")[0])
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Adds a percentage sign ('%') infront of each character
 
diff --git a/tamper/randomcase.py b/tamper/randomcase.py
@@ -16,7 +16,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces each keyword character with random case value
 
diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py
@@ -13,7 +13,7 @@
 
 __priority__ = PRIORITY.LOW
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Add random comments to SQL keywords
     Example: 'INSERT' becomes 'IN/**/S/**/ERT'
diff --git a/tamper/securesphere.py b/tamper/securesphere.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Appends special crafted string
 
diff --git a/tamper/sp_password.py b/tamper/sp_password.py
@@ -9,7 +9,7 @@
 
 __priority__ = PRIORITY.HIGH
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Appends 'sp_password' to the end of the payload for automatic obfuscation from DBMS logs
 
diff --git a/tamper/space2comment.py b/tamper/space2comment.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with comments '/**/'
 
diff --git a/tamper/space2dash.py b/tamper/space2dash.py
@@ -12,7 +12,7 @@
 
 __priority__ = PRIORITY.LOW
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a dash comment ('--') followed by
     a random string and a new line ('\n')
diff --git a/tamper/space2hash.py b/tamper/space2hash.py
@@ -18,7 +18,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a pound character ('#') followed by
     a random string and a new line ('\n')
diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py
@@ -21,7 +21,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s > 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a pound character ('#') followed by
     a random string and a new line ('\n')
diff --git a/tamper/space2mssqlblank.py b/tamper/space2mssqlblank.py
@@ -17,7 +17,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MSSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a random blank character from a
     valid set of alternate characters
diff --git a/tamper/space2mssqlhash.py b/tamper/space2mssqlhash.py
@@ -9,7 +9,7 @@
 
 __priority__ = PRIORITY.LOW
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a pound character ('#') followed by
     a new line ('\n')
diff --git a/tamper/space2mysqlblank.py b/tamper/space2mysqlblank.py
@@ -17,7 +17,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a random blank character from a
     valid set of alternate characters
diff --git a/tamper/space2mysqldash.py b/tamper/space2mysqldash.py
@@ -16,7 +16,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a dash comment ('--') followed by
     a new line ('\n')
diff --git a/tamper/space2plus.py b/tamper/space2plus.py
@@ -12,7 +12,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with plus ('+')
 
diff --git a/tamper/space2randomblank.py b/tamper/space2randomblank.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces space character (' ') with a random blank character from a
     valid set of alternate characters
diff --git a/tamper/unionalltounion.py b/tamper/unionalltounion.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces UNION ALL SELECT with UNION SELECT
 
diff --git a/tamper/unmagicquotes.py b/tamper/unmagicquotes.py
@@ -14,7 +14,7 @@
 def dependencies():
     pass
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Replaces quote character (') with a multi-byte combo %bf%27 together with
     generic comment at the end (to make it work)
diff --git a/tamper/versionedkeywords.py b/tamper/versionedkeywords.py
@@ -18,7 +18,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Encloses each non-function keyword with versioned MySQL comment
 
diff --git a/tamper/versionedmorekeywords.py b/tamper/versionedmorekeywords.py
@@ -19,7 +19,7 @@
 def dependencies():
     singleTimeWarnMessage("tamper script '%s' is only meant to be run against %s >= 5.1.13" % (os.path.basename(__file__).split(".")[0], DBMS.MYSQL))
 
-def tamper(payload, headers=None):
+def tamper(payload, **kwargs):
     """
     Encloses each keyword with versioned MySQL comment
 
