Adding new tamper script

2024-11-21 17:16:35 +03:00 · 2020-08-12 09:50:04 +02:00 · 2020-08-12 09:50:04 +02:00 · cec65f3a27
commit cec65f3a27
parent cc79ae69aa
2 changed files with 38 additions and 1 deletions
--- a/lib/core/settings.py
+++ b/lib/core/settings.py
@ -18,7 +18,7 @@ from lib.core.enums import OS
 from thirdparty.six import unichr as _unichr

 # sqlmap version (<major>.<minor>.<month>.<monthly commit>)
-VERSION = "1.4.8.8"
+VERSION = "1.4.8.9"
 TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable"
 TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34}
 VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE)
--- a/tamper/equaltorlike.py
+++ b/tamper/equaltorlike.py
@ -0,0 +1,37 @@
+#!/usr/bin/env python
+
+"""
+Copyright (c) 2006-2020 sqlmap developers (http://sqlmap.org/)
+See the file 'LICENSE' for copying permission
+"""
+
+import re
+
+from lib.core.enums import PRIORITY
+
+__priority__ = PRIORITY.HIGHEST
+
+def dependencies():
+    pass
+
+def tamper(payload, **kwargs):
+    """
+    Replaces all occurrences of operator equal ('=') with 'RLIKE' counterpart
+
+    Tested against:
+        * MySQL 4, 5.0 and 5.5
+
+    Notes:
+        * Useful to bypass weak and bespoke web application firewalls that
+          filter the equal character ('=')
+
+    >>> tamper('SELECT * FROM users WHERE id=1')
+    'SELECT * FROM users WHERE id RLIKE 1'
+    """
+
+    retVal = payload
+
+    if payload:
+        retVal = re.sub(r"\s*=\s*", " RLIKE ", retVal)
+
+    return retVal