Source SQL Injection String Encoder Tool

Hi Guest!

I've been learning Python for a few days and eventually I release my first tool coded in it. I hope you like it Smile

This tool takes a string as an argument and encode it in a way that will fit in a SQL query.

Code:
Test --> concat(CHAR((20 | 64)),CHAR((68 | 33)),CHAR((82 | 33)),CHAR((80 | 36)),0x00)

The encoding algorithm made by me. Anyway, here it is;

Usage:
Code:
SSE.py [string here]

Screenshot:


[img][You must be registered and logged in to see this link.][/img]


*Drumroll*


CODE:

# -*- coding: cp1254 -*-
import sys

def f(y,z):
"""This function generates a list of numbers.
Those numbers will be equal to 'z' when you 'bitwise or' them with 'y'"""
my_list = range(256)
return filter(lambda x: x | y == z, my_list)

def g(z):
"""This function generates a matrix of f(y,z)"""
my_matrix = list()

for y in range(33,126):

if y != z:
result = f(y,z)

if len(result) > 0:

result.append(y)
my_matrix.append(result)

return my_matrix

def enc(t):
"""Encoding"""
result = "concat("
my_matrix = list()

for c in t:
my_list = g(ord(c))

for i in my_list:
for item in i:
if item != ord(c):
result += "CHAR((" + str(item) + " | " + str(i[-1]) + ")),"
break
break
result += "0x00)"

return result

print '''
Coded by
____ ____ ____ ___ ___ _ _ ____ ____ _ _ ____ ___ ____ _ _
|__/ | | | | | | |__| |___ [__ \_/ [__ | |___ |\/|
| \ |__| |__| | | | | |___ ___] | ___] | |___ | |

||SQL Injection String Encoder||


'''

print enc(sys.argv[1])