sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-07-22 05:59:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge dcc9d3c62a into 2ffaaca3d0

Browse Source
This commit is contained in:
Anonymous ethc4 2025-07-14 16:06:53 +00:00 committed by GitHub
commit 17e4c9e694
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
tamper/or2logicaloroperator.py Normal file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env python3
"""
Tamper script to replace logical OR with double pipe (||)
Useful for evading weak filters that blacklist 'OR'
Author: relunsec
"""
from lib.core.enums import PRIORITY
__priority__ = PRIORITY.LOW
def tamper(payload, **kwargs):
"""
Replaces instances of logical OR with || operator
Example:
Input: 1 OR 1=1
Output: 1 || 1=1
Requirement:
* MySQL
>>> tamper("0' OR SLEEP(5)")
"0' || SLEEP(5)"
"""
if payload:
# Replace only ' OR ' (with spaces) to avoid breaking string literals
return payload.replace(" OR ", " || ")