sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 01:26:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Bug fix for tamper script equaltolike (has been doing problems when used with MsSQL)

Browse Source
This commit is contained in:
Miroslav Stampar 2015-09-22 14:32:52 +02:00
parent 058f63a050
commit 158ae501c1
1 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tamper/equaltolike.py
View File

@ -35,15 +35,10 @@ def tamper(payload, **kwargs):
'SELECT * FROM users WHERE id LIKE 1'
"""
def process(match):
word = match.group()
word = "%sLIKE%s" % (" " if word[0] != " " else "", " " if word[-1] != " " else "")
return word
retVal = payload
if payload:
retVal = re.sub(r"\s*=\s*", lambda match: process(match), retVal)
for regex, subst in ((r"\s+=\s+", " LIKE "), (r"\s+=", " LIKE"), (r"=\s+", "LIKE ")):
retVal = re.sub(regex, subst, retVal)
return retVal