From 2642e453b5ba7c93311cc2c5a0183b75f7a7ec73 Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Sat, 31 Oct 2015 16:24:32 +0100
Subject: [PATCH] New tamper script

---
 tamper/commalessmid.py | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 tamper/commalessmid.py

diff --git a/tamper/commalessmid.py b/tamper/commalessmid.py
new file mode 100644
index 000000000..ccbf7f30f
--- /dev/null
+++ b/tamper/commalessmid.py
@@ -0,0 +1,37 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import re
+
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.HIGH
+
+def dependencies():
+    pass
+
+def tamper(payload, **kwargs):
+    """
+    Replaces instances like 'MID(A, B, C)' with 'MID(A FROM B FOR C)'
+
+    Requirement:
+        * MySQL
+
+    Tested against:
+        * MySQL 5.0 and 5.5
+
+    >>> tamper('MID(VERSION(), 1, 1)')
+    'MID(VERSION() FROM 1 FOR 1)'
+    """
+
+    retVal = payload
+
+    match = re.search(r"(?i)MID\(([^,]+?)\s*,\s*(\d+)\s*\,\s*(\d+)\s*\)", payload or "")
+    if match:
+        retVal = retVal.replace(match.group(0), "MID(%s FROM %s FOR %s)" % (match.group(1), match.group(2), match.group(3)))
+
+    return retVal