Fixing versioned tamper scripts

data/txt/sha256sums.txt

@@ -188,7 +188,7 @@ c65ce3cd38ee85c443c6619cfea84920390bad171f2999b95149485c0d1bc4a2  lib/core/patch
 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3  lib/core/replication.py
 0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6  lib/core/revision.py
 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c  lib/core/session.py
-d4b1e774a78d8b4f71701dbacc25ab78adfa4bed785588a1946ae6230685f4ae  lib/core/settings.py
+c584533e179c2286803f8fef0ac1272f6c33d3853a1bd2931183b98e0530f504  lib/core/settings.py
 cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82  lib/core/shell.py
 bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725  lib/core/subprocessng.py
 70ea3768f1b3062b22d20644df41c86238157ec80dd43da40545c620714273c6  lib/core/target.py
@@ -515,7 +515,7 @@ b5a5ba94a78cf83b35cdb0b08d9d69dbf1f33c07cc5152c560ae5aee54a4c066  tamper/decenti
 b3940e8d029150a81f17a2da1141928c31b6abb9ade3672d093051e310439995  tamper/equaltorlike.py
 d528e74ae7c9fc0cd45369046d835a8f1e6f9252eeef6d84d9978d7e329ab35f  tamper/escapequotes.py
 0694f202a4f57e0a5c4d5aa72eee121b6f344d4e03692d9e267e2212abed719c  tamper/greatest.py
-26e57bc7c118168f20a5fc80d2d2fdbef05c027328c5c55cbbe92047ee8123da  tamper/halfversionedmorekeywords.py
+89c2606da517d063f5a898a33d5bfd8737eef837552fc1127cea512ab82d0ea5  tamper/halfversionedmorekeywords.py
 f0a7b635061385a3bf399cc51faf4d5e10694266aaa21fba557ca655c00a09bc  tamper/hex2char.py
 9096cbf2283137d592408325347f46866fd139966c946f8ba1ea61826472d0bb  tamper/hexentities.py
 3e518ace6940d54e8844c83781756e85d5670c53dfac0a092c4ee36cd5111885  tamper/htmlencode.py
@@ -547,7 +547,7 @@ e11f10ab09c2a7f44ca2a42b35f9db30d1d3715981bd830ea4e00968be51931b  tamper/schemas
 715b56e60e8f7bf0a1198b356a32374797a8c2e1ba1f888794626205d63c63d5  tamper/space2dash.py
 21c43aafe994e798335e6756fbed15f430629beb49042b56d47f232022044a65  tamper/space2hash.py
 329fa6e9bb27e1770ccc1c42c3b3ddc8e57a970959d8482ff102d7bfee546a49  tamper/space2morecomment.py
-c088e7061a1a4676bc7714f64005ac275fae349f3dc665f2d565f56ecae7619f  tamper/space2morehash.py
+ffa3e0e2b7b0d6461f4c38bd2314d33f7bbefa2cd4e78c4858551bcfa24b3b33  tamper/space2morehash.py
 f823e5afbd5ab8e3fb478d984528c7f675561cf2b4eb6634a5bc11756097a01f  tamper/space2mssqlblank.py
 0d3b1336a5ca15de0ce5617c153f91ff8715c34cf886a71cb8df5ae887df301d  tamper/space2mssqlhash.py
 528723c9cea1d91dac22cb44cab6f8f0174f98c3c547b42017589d9a19a314e1  tamper/space2mysqlblank.py
@@ -561,8 +561,8 @@ c442ec7bb6676bdc58447fa54c719a9322b1728ba96c2358081a73fa8a4612ff  tamper/unional
 9ebf67b9ce10b338edc3e804111abe56158fa0a69e53aacdd0ffa0e0b6af1f70  tamper/unmagicquotes.py
 67a83f8b6e99e9bb3344ad6f403e1d784cf9d3f3b7e8e40053cf3181fabe47fa  tamper/uppercase.py
 3e54d7f98ca75181e6b16aa306d5a5f5f0dce857d5b3e6ce5a07d501f5d915aa  tamper/varnish.py
-7d469ee594390cbc10378f83af403bba249240eab00f0ad5a5fe0e3fa1fcbf0d  tamper/versionedkeywords.py
-dcb7a5584390f1604adff075c94139dd23711f2f516b68683ec4208dd0a00fda  tamper/versionedmorekeywords.py
+7afc4d262b97773e67dcfa3e253a9a060dc964750f01d739636d17ee069f1512  tamper/versionedkeywords.py
+0694e721b07b8242245688be5c7951a3a22f512ed73776a998885e4b1bc82bc7  tamper/versionedmorekeywords.py
 ce1b6bf8f296de27014d6f21aa8b3df9469d418740cd31c93d1f5e36d6c509cf  tamper/xforwardedfor.py
 55eaefc664bd8598329d535370612351ec8443c52465f0a37172ea46a97c458a  thirdparty/ansistrm/ansistrm.py
 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  thirdparty/ansistrm/__init__.py

lib/core/settings.py

@@ -20,7 +20,7 @@ from lib.core.enums import OS
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.6.13"
+VERSION = "1.10.6.14"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

tamper/halfversionedmorekeywords.py

@@ -35,8 +35,8 @@ def tamper(payload, **kwargs):
         * Used during the ModSecurity SQL injection challenge,
           http://modsecurity.org/demo/challenge.html
 
-    >>> tamper("value' UNION ALL SELECT CONCAT(CHAR(58,107,112,113,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,97,110,121,58)), NULL, NULL# AND 'QDWa'='QDWa")
-    "value'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)),/*!0NULL,/*!0NULL#/*!0AND 'QDWa'='QDWa"
+    >>> tamper("1' UNION ALL SELECT CONCAT(CHAR(58,107,112,113,58),IFNULL(CAST(CURRENT_USER() AS CHAR),CHAR(32)),CHAR(58,97,110,121,58)), NULL, NULL# AND 'QDWa'='QDWa")
+    "1'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)),/*!0NULL,/*!0NULL#/*!0AND 'QDWa'='QDWa"
     """
 
     def process(match):
@@ -49,7 +49,7 @@ def tamper(payload, **kwargs):
     retVal = payload
 
     if payload:
-        retVal = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=\W|\Z)", process, retVal)
+        retVal = re.sub(r"(?:^|(?<=\W))(?P<word>[A-Za-z_]+)(?=\W|\Z)", process, retVal)
         retVal = retVal.replace(" /*!0", "/*!0")
 
     return retVal

tamper/space2morehash.py

@@ -54,7 +54,7 @@ def tamper(payload, **kwargs):
     retVal = ""
 
     if payload:
-        payload = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=\W|\Z)", process, payload)
+        payload = re.sub(r"(?:^|(?<=\W))(?P<word>[A-Za-z_]+)(?=[^\w(]|\Z)", process, payload)
 
         for i in xrange(len(payload)):
             if payload[i].isspace():

tamper/versionedkeywords.py

@@ -46,7 +46,7 @@ def tamper(payload, **kwargs):
     retVal = payload
 
     if payload:
-        retVal = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=[^\w(]|\Z)", process, retVal)
+        retVal = re.sub(r"(?:^|(?<=\W))(?P<word>[A-Za-z_]+)(?=[^\w(]|\Z)", process, retVal)
         retVal = retVal.replace(" /*!", "/*!").replace("*/ ", "*/")
 
     return retVal

tamper/versionedmorekeywords.py

@@ -47,7 +47,7 @@ def tamper(payload, **kwargs):
     retVal = payload
 
     if payload:
-        retVal = re.sub(r"(?<=\W)(?P<word>[A-Za-z_]+)(?=\W|\Z)", process, retVal)
+        retVal = re.sub(r"(?:^|(?<=\W))(?P<word>[A-Za-z_]+)(?=\W|\Z)", process, retVal)
         retVal = retVal.replace(" /*!", "/*!").replace("*/ ", "*/")
 
     return retVal