search

sqlmapproject / sqlmap

Automatic SQL injection and database takeover tool
http://sqlmap.org
Other
32.72k stars 5.74k forks source link

About Tamper Script #3509

Closed SoulFunk69 closed 5 years ago

SoulFunk69 commented 5 years ago

Hello ! :)

[16:37:01] [INFO] loading tamper module 'aspvalidation' [16:37:01] [INFO] fetched random HTTP User-Agent header value 'Opera/9.63 (X11; Linux i686)' from file '/Users/Desktop/HackTools/sqlmap-master 30/txt/user-agents.txt' [16:37:03] [INFO] testing connection to the target URL [16:37:04] [INFO] testing if the target URL content is stable [16:37:04] [INFO] target URL content is stable [16:37:04] [INFO] testing if GET parameter 'groupID' is dynamic [16:37:05] [CRITICAL] error occurred while running tamper function 'aspvalidation' ('RuntimeError: maximum recursion depth exceeded')

How to resolve this error ? Thanks ! :) I found a tamper script but it won't start.

687766616e commented 5 years ago

can you show me the tamper script ?

stamparm commented 5 years ago 
def tamper(payload, **kwargs):
    payload = tamper(payload)

return payload

is overwriting the previous tamper definition. Hence, you are calling the function itself inside a recursion-bomb. When writing your own tamper scripts use the SAME approach as in all other tamper scripts.