MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / _randomizeParameter

Method _randomizeParameter

lib/request/connect.py:1316–1329  ·  view source on GitHub ↗
(paramString, randomParameter)

Source from the content-addressed store, hash-verified

1314
1315 if conf.rParam:
1316 def _randomizeParameter(paramString, randomParameter):
1317 retVal = paramString
1318 match = re.search(r"(\A|\b)%s=(?P<value>[^&;]*)" % re.escape(randomParameter), paramString)
1319 if match:
1320 origValue = match.group("value")
1321 newValue = randomizeParameterValue(origValue) if randomParameter not in kb.randomPool else random.sample(kb.randomPool[randomParameter], 1)[0]
1322 retVal = re.sub(r"(\A|\b)%s=[^&;]*" % re.escape(randomParameter), "%s=%s" % (randomParameter, newValue), paramString)
1323 else:
1324 match = re.search(r"(\A|\b)(%s\b[^\w]+)(?P<value>\w+)" % re.escape(randomParameter), paramString)
1325 if match:
1326 origValue = match.group("value")
1327 newValue = randomizeParameterValue(origValue) if randomParameter not in kb.randomPool else random.sample(kb.randomPool[randomParameter], 1)[0]
1328 retVal = paramString.replace(match.group(0), "%s%s" % (match.group(2), newValue))
1329 return retVal
1330
1331 for randomParameter in conf.rParam:
1332 for item in (PLACE.GET, PLACE.POST, PLACE.COOKIE, PLACE.URI, PLACE.CUSTOM_POST):

Callers

nothing calls this directly

Calls 4

randomizeParameterValueFunction · 0.90
searchMethod · 0.45
escapeMethod · 0.45
replaceMethod · 0.45

Tested by

no test coverage detected