Update for Issue #163

2025-10-30 23:47:45 +03:00 · 2012-09-06 13:14:20 +02:00 · 2012-09-06 13:14:20 +02:00 · 9451bfccaf
commit 9451bfccaf
parent dbce417cdd
1 changed files with 41 additions and 0 deletions
--- a/tamper/nonrecursivereplacement.py
+++ b/tamper/nonrecursivereplacement.py
@ -0,0 +1,41 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2012 sqlmap developers (http://sqlmap.org/)
+See the file 'doc/COPYING' for copying permission
+"""
+
+import random
+import re
+
+from lib.core.common import singleTimeWarnMessage
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.NORMAL
+
+def tamper(payload, headers):
+    """
+    Replaces predefined SQL keywords with representations
+    suitable for replacement (e.g. .replace("SELECT", "")) filters
+
+    Example:
+        * Input: 1 UNION SELECT 2--
+        * Output: 1 UNUNIONION SELSELECTECT 2--
+
+    Notes:
+        * Useful to bypass very weak custom filters
+    """
+
+    keywords = ("UNION", "SELECT", "INSERT", "UPDATE", "FROM", "WHERE")
+    retVal = payload
+
+    warnMsg = "currently only couple of keywords are being processed %s. " % str(keywords)
+    warnMsg += "You can set it manually according to your needs"
+    singleTimeWarnMessage(warnMsg)
+
+    if payload:
+        for keyword in keywords:
+            _ = random.randint(1, len(keyword) - 1)
+            retVal = re.sub(r"(?i)\b%s\b" % keyword, "%s%s%s" % (keyword[:_], keyword, keyword[_:]), retVal)
+
+    return retVal, headers