Loads tampering functions from given script(s)
()
| 760 | dataToStdout("* %s - %s\n" % (setColor(os.path.basename(script), "yellow"), re.sub(r" *\n *", " ", comment.split("\n\n")[0].strip()))) |
| 761 | |
| 762 | def _setTamperingFunctions(): |
| 763 | """ |
| 764 | Loads tampering functions from given script(s) |
| 765 | """ |
| 766 | |
| 767 | if conf.tamper: |
| 768 | last_priority = PRIORITY.HIGHEST |
| 769 | check_priority = True |
| 770 | resolve_priorities = False |
| 771 | priorities = [] |
| 772 | |
| 773 | for script in re.split(PARAMETER_SPLITTING_REGEX, conf.tamper): |
| 774 | found = False |
| 775 | |
| 776 | path = safeFilepathEncode(paths.SQLMAP_TAMPER_PATH) |
| 777 | script = safeFilepathEncode(script.strip()) |
| 778 | |
| 779 | try: |
| 780 | if not script: |
| 781 | continue |
| 782 | |
| 783 | elif os.path.exists(os.path.join(path, script if script.endswith(".py") else "%s.py" % script)): |
| 784 | script = os.path.join(path, script if script.endswith(".py") else "%s.py" % script) |
| 785 | |
| 786 | elif not os.path.exists(script): |
| 787 | errMsg = "tamper script '%s' does not exist" % script |
| 788 | raise SqlmapFilePathException(errMsg) |
| 789 | |
| 790 | elif not script.endswith(".py"): |
| 791 | errMsg = "tamper script '%s' should have an extension '.py'" % script |
| 792 | raise SqlmapSyntaxException(errMsg) |
| 793 | except UnicodeDecodeError: |
| 794 | errMsg = "invalid character provided in option '--tamper'" |
| 795 | raise SqlmapSyntaxException(errMsg) |
| 796 | |
| 797 | dirname, filename = os.path.split(script) |
| 798 | dirname = os.path.abspath(dirname) |
| 799 | |
| 800 | infoMsg = "loading tamper module '%s'" % filename[:-3] |
| 801 | logger.info(infoMsg) |
| 802 | |
| 803 | if not os.path.exists(os.path.join(dirname, "__init__.py")): |
| 804 | errMsg = "make sure that there is an empty file '__init__.py' " |
| 805 | errMsg += "inside of tamper scripts directory '%s'" % dirname |
| 806 | raise SqlmapGenericException(errMsg) |
| 807 | |
| 808 | if dirname not in sys.path: |
| 809 | sys.path.insert(0, dirname) |
| 810 | |
| 811 | try: |
| 812 | module = __import__(safeFilepathEncode(filename[:-3])) |
| 813 | except Exception as ex: |
| 814 | raise SqlmapSyntaxException("cannot import tamper module '%s' (%s)" % (getUnicode(filename[:-3]), getSafeExString(ex))) |
| 815 | |
| 816 | priority = PRIORITY.NORMAL if not hasattr(module, "__priority__") else module.__priority__ |
| 817 | priority = priority if priority is not None else PRIORITY.LOWEST |
| 818 | |
| 819 | for name, function in inspect.getmembers(module, inspect.isfunction): |
no test coverage detected
searching dependent graphs…