diff --git a/lib/core/settings.py b/lib/core/settings.py index 6bc308c59..527c2d224 100755 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -19,7 +19,7 @@ from lib.core.enums import DBMS_DIRECTORY_NAME from lib.core.enums import OS # sqlmap version (...) -VERSION = "1.1.9.8" +VERSION = "1.1.9.9" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/tamper/least.py b/tamper/least.py new file mode 100644 index 000000000..862599f14 --- /dev/null +++ b/tamper/least.py @@ -0,0 +1,45 @@ +#!/usr/bin/env python + +""" +Copyright (c) 2006-2017 sqlmap developers (http://sqlmap.org/) +See the file 'doc/COPYING' for copying permission +""" + +import re + +from lib.core.enums import PRIORITY + +__priority__ = PRIORITY.HIGHEST + +def dependencies(): + pass + +def tamper(payload, **kwargs): + """ + Replaces greater than operator ('>') with 'LEAST' counterpart + + Tested against: + * MySQL 4, 5.0 and 5.5 + * Oracle 10g + * PostgreSQL 8.3, 8.4, 9.0 + + Notes: + * Useful to bypass weak and bespoke web application firewalls that + filter the greater than character + * The LEAST clause is a widespread SQL command. Hence, this + tamper script should work against majority of databases + + >>> tamper('1 AND A > B') + '1 AND LEAST(A,B+1)=B+1' + """ + + retVal = payload + + if payload: + match = re.search(r"(?i)(\b(AND|OR)\b\s+)([^>]+?)\s*>\s*(\w+|'[^']+')", payload) + + if match: + _ = "%sLEAST(%s,%s+1)=%s+1" % (match.group(1), match.group(3), match.group(4), match.group(4)) + retVal = retVal.replace(match.group(0), _) + + return retVal diff --git a/txt/checksum.md5 b/txt/checksum.md5 index bddc503bb..ecaa5aa60 100644 --- a/txt/checksum.md5 +++ b/txt/checksum.md5 @@ -46,7 +46,7 @@ c5f09788ee8ff9c9d12a052986875bc6 lib/core/option.py d8e9250f3775119df07e9070eddccd16 lib/core/replication.py 785f86e3f963fa3798f84286a4e83ff2 lib/core/revision.py 40c80b28b3a5819b737a5a17d4565ae9 lib/core/session.py -0462adcff8d2d98318bbcaf29e9c9ca9 lib/core/settings.py +9abee47afec6feac53642cc460bee926 lib/core/settings.py d91291997d2bd2f6028aaf371bf1d3b6 lib/core/shell.py 2ad85c130cc5f2b3701ea85c2f6bbf20 lib/core/subprocessng.py 1576b63db3261e2afd5459189abf967b lib/core/target.py @@ -246,6 +246,7 @@ a3a0e76922b4f40f422a0daca4e71af3 tamper/htmlencode.py 6fa2d48bf8a1020a07d1cb95a14688a8 tamper/ifnull2ifisnull.py 8f1626a68b060162023e67b4a4cd9295 tamper/informationschemacomment.py 310efc965c862cfbd7b0da5150a5ad36 tamper/__init__.py +bff6c89873a75248f6bd68b62a6d86cf tamper/least.py 8b9ed7d7d9c8197f34b9d8e36323b60e tamper/lowercase.py 377bffa19f0b7ca0616fcea2681db827 tamper/modsecurityversioned.py 14a2c4ea49661056a7a6077f91fbc2ed tamper/modsecurityzeroversioned.py