Minor correction of quote mechanism in tamper scripts

data/txt/sha256sums.txt

@@ -188,7 +188,7 @@ c65ce3cd38ee85c443c6619cfea84920390bad171f2999b95149485c0d1bc4a2  lib/core/patch
 48797d6c34dd9bb8a53f7f3794c85f4288d82a9a1d6be7fcf317d388cb20d4b3  lib/core/replication.py
 0b8c38a01bb01f843d94a6c5f2075ee47520d0c4aa799cecea9c3e2c5a4a23a6  lib/core/revision.py
 888daba83fd4a34e9503fe21f01fef4cc730e5cde871b1d40e15d4cbc847d56c  lib/core/session.py
-e7fedad87e6ac1d64f55236136ad6c316f107b1497921871a96337e3ab31a8d0  lib/core/settings.py
+78e313a1ce6abe320486d241d03577083a3e68af0c51f99f2eff8c43ba600bf4  lib/core/settings.py
 cd5a66deee8963ba8e7e9af3dd36eb5e8127d4d68698811c29e789655f507f82  lib/core/shell.py
 bcb5d8090d5e3e0ef2a586ba09ba80eef0c6d51feb0f611ed25299fbb254f725  lib/core/subprocessng.py
 70ea3768f1b3062b22d20644df41c86238157ec80dd43da40545c620714273c6  lib/core/target.py
@@ -543,17 +543,17 @@ f5e2cccbe669b732c0b8aaa56c16522fd579168ff61a92d31f94c6970070dfe0  tamper/randomc
 e11f10ab09c2a7f44ca2a42b35f9db30d1d3715981bd830ea4e00968be51931b  tamper/schemasplit.py
 21fae428f0393ab287503cc99997fba33c9a001a19f6dd203bbcc420a62a4b90  tamper/scientific.py
 7a71736657ca2b27a01f5f988a5c938d67a0f7e9558caba9041bd17b2cef9813  tamper/sleep2getlock.py
-856de1573ba9b08f6f33e28ca5a96341697762afa163835dcd4772ba6e1dadc6  tamper/space2comment.py
+7e23241588e21e17e2d167f696ebaa82b441338370e654357bbf29ee5393cb87  tamper/space2comment.py
 715b56e60e8f7bf0a1198b356a32374797a8c2e1ba1f888794626205d63c63d5  tamper/space2dash.py
 21c43aafe994e798335e6756fbed15f430629beb49042b56d47f232022044a65  tamper/space2hash.py
-329fa6e9bb27e1770ccc1c42c3b3ddc8e57a970959d8482ff102d7bfee546a49  tamper/space2morecomment.py
+e390a99ea7c8de562a489c11c245c8b778b58090f636d231ce06a22829eaddb5  tamper/space2morecomment.py
 ffa3e0e2b7b0d6461f4c38bd2314d33f7bbefa2cd4e78c4858551bcfa24b3b33  tamper/space2morehash.py
-f823e5afbd5ab8e3fb478d984528c7f675561cf2b4eb6634a5bc11756097a01f  tamper/space2mssqlblank.py
+45994faf85d0329efae3a6d34cc978dde5802f5f34614c52575e38e36c98b7d2  tamper/space2mssqlblank.py
 0d3b1336a5ca15de0ce5617c153f91ff8715c34cf886a71cb8df5ae887df301d  tamper/space2mssqlhash.py
-528723c9cea1d91dac22cb44cab6f8f0174f98c3c547b42017589d9a19a314e1  tamper/space2mysqlblank.py
+05ea031d1de1073cf0efd336ec70814403169e4123709447854129a0d4032e24  tamper/space2mysqlblank.py
 466bb10955155a042fe4ec3b3df6b98193fba1187a376179e0d4dbc068215d91  tamper/space2mysqldash.py
-4ea418f8b226b0ab369f3a8e726b7df0bc4701a2d93585de70e13febe5f438b7  tamper/space2plus.py
-b3b79bbcf48ba943af57978e32b928d567f28ed4e45651f15f9fe898e00c0331  tamper/space2randomblank.py
+ef090bed1c71b5d6cd6422748799236dbdadbc70593a7b8ccb26ad07c7a76946  tamper/space2plus.py
+93d1cf1f6fb977356c4c8dc2d7784d4564b8da3d9f16e8253f957f80af2491f3  tamper/space2randomblank.py
 6769cbe7b42265ff257a49e17e894bc19ff805802e19f27d57c07a212de70a11  tamper/sp_password.py
 8e52309b893770bce57215fd3bf42d53d7f0d164690b4121b598126cbaaf6bc3  tamper/substring2leftright.py
 d4b29c9a47961430dd0a24c22f8fe2968374ca5b0611e8b2837481c8d77672bf  tamper/symboliclogical.py

lib/core/settings.py

@@ -20,7 +20,7 @@ from lib.core.enums import OS
 from thirdparty import six
 
 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.10.6.15"
+VERSION = "1.10.6.16"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)

tamper/space2comment.py

@@ -43,10 +43,10 @@ def tamper(payload, **kwargs):
                     retVal += "/**/"
                     continue
 
-            elif payload[i] == '\'':
+            elif payload[i] == '\'' and (i == 0 or payload[i - 1] != '\\'):
                 quote = not quote
 
-            elif payload[i] == '"':
+            elif payload[i] == '"' and (i == 0 or payload[i - 1] != '\\'):
                 doublequote = not doublequote
 
             elif payload[i] == " " and not doublequote and not quote:

tamper/space2morecomment.py

@@ -40,10 +40,10 @@ def tamper(payload, **kwargs):
                     retVal += "/**_**/"
                     continue
 
-            elif payload[i] == '\'':
+            elif payload[i] == '\'' and (i == 0 or payload[i - 1] != '\\'):
                 quote = not quote
 
-            elif payload[i] == '"':
+            elif payload[i] == '"' and (i == 0 or payload[i - 1] != '\\'):
                 doublequote = not doublequote
 
             elif payload[i] == " " and not doublequote and not quote:

tamper/space2mssqlblank.py

@@ -67,10 +67,10 @@ def tamper(payload, **kwargs):
                     retVal += random.choice(blanks)
                     continue
 
-            elif payload[i] == '\'':
+            elif payload[i] == '\'' and (i == 0 or payload[i - 1] != '\\'):
                 quote = not quote
 
-            elif payload[i] == '"':
+            elif payload[i] == '"' and (i == 0 or payload[i - 1] != '\\'):
                 doublequote = not doublequote
 
             elif payload[i] == '#' or payload[i:i + 3] == '-- ':

tamper/space2mysqlblank.py

@@ -57,10 +57,10 @@ def tamper(payload, **kwargs):
                     retVal += random.choice(blanks)
                     continue
 
-            elif payload[i] == '\'':
+            elif payload[i] == '\'' and (i == 0 or payload[i - 1] != '\\'):
                 quote = not quote
 
-            elif payload[i] == '"':
+            elif payload[i] == '"' and (i == 0 or payload[i - 1] != '\\'):
                 doublequote = not doublequote
 
             elif payload[i] == " " and not doublequote and not quote:

tamper/space2plus.py

@@ -38,10 +38,10 @@ def tamper(payload, **kwargs):
                     retVal += "+"
                     continue
 
-            elif payload[i] == '\'':
+            elif payload[i] == '\'' and (i == 0 or payload[i - 1] != '\\'):
                 quote = not quote
 
-            elif payload[i] == '"':
+            elif payload[i] == '"' and (i == 0 or payload[i - 1] != '\\'):
                 doublequote = not doublequote
 
             elif payload[i] == " " and not doublequote and not quote:

tamper/space2randomblank.py

@@ -52,10 +52,10 @@ def tamper(payload, **kwargs):
                     retVal += random.choice(blanks)
                     continue
 
-            elif payload[i] == '\'':
+            elif payload[i] == '\'' and (i == 0 or payload[i - 1] != '\\'):
                 quote = not quote
 
-            elif payload[i] == '"':
+            elif payload[i] == '"' and (i == 0 or payload[i - 1] != '\\'):
                 doublequote = not doublequote
 
             elif payload[i] == ' ' and not doublequote and not quote: