mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-25 11:03:47 +03:00
Bug fix for tamper script equaltolike (has been doing problems when used with MsSQL)
This commit is contained in:
parent
058f63a050
commit
158ae501c1
|
@ -35,15 +35,10 @@ def tamper(payload, **kwargs):
|
||||||
'SELECT * FROM users WHERE id LIKE 1'
|
'SELECT * FROM users WHERE id LIKE 1'
|
||||||
"""
|
"""
|
||||||
|
|
||||||
def process(match):
|
|
||||||
word = match.group()
|
|
||||||
word = "%sLIKE%s" % (" " if word[0] != " " else "", " " if word[-1] != " " else "")
|
|
||||||
|
|
||||||
return word
|
|
||||||
|
|
||||||
retVal = payload
|
retVal = payload
|
||||||
|
|
||||||
if payload:
|
if payload:
|
||||||
retVal = re.sub(r"\s*=\s*", lambda match: process(match), retVal)
|
for regex, subst in ((r"\s+=\s+", " LIKE "), (r"\s+=", " LIKE"), (r"=\s+", "LIKE ")):
|
||||||
|
retVal = re.sub(regex, subst, retVal)
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
Loading…
Reference in New Issue
Block a user