From cec65f3a27c448315dabd17d4cac13d15cf78fc8 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 12 Aug 2020 09:50:04 +0200 Subject: [PATCH] Adding new tamper script --- lib/core/settings.py | 2 +- tamper/equaltorlike.py | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 tamper/equaltorlike.py diff --git a/lib/core/settings.py b/lib/core/settings.py index 2af5517c7..19d4a3b57 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -18,7 +18,7 @@ from lib.core.enums import OS from thirdparty.six import unichr as _unichr # sqlmap version (...) -VERSION = "1.4.8.8" +VERSION = "1.4.8.9" TYPE = "dev" if VERSION.count('.') > 2 and VERSION.split('.')[-1] != '0' else "stable" TYPE_COLORS = {"dev": 33, "stable": 90, "pip": 34} VERSION_STRING = "sqlmap/%s#%s" % ('.'.join(VERSION.split('.')[:-1]) if VERSION.count('.') > 2 and VERSION.split('.')[-1] == '0' else VERSION, TYPE) diff --git a/tamper/equaltorlike.py b/tamper/equaltorlike.py new file mode 100644 index 000000000..1ca8d1a4e --- /dev/null +++ b/tamper/equaltorlike.py @@ -0,0 +1,37 @@ +#!/usr/bin/env python + +""" +Copyright (c) 2006-2020 sqlmap developers (http://sqlmap.org/) +See the file 'LICENSE' for copying permission +""" + +import re + +from lib.core.enums import PRIORITY + +__priority__ = PRIORITY.HIGHEST + +def dependencies(): + pass + +def tamper(payload, **kwargs): + """ + Replaces all occurrences of operator equal ('=') with 'RLIKE' counterpart + + Tested against: + * MySQL 4, 5.0 and 5.5 + + Notes: + * Useful to bypass weak and bespoke web application firewalls that + filter the equal character ('=') + + >>> tamper('SELECT * FROM users WHERE id=1') + 'SELECT * FROM users WHERE id RLIKE 1' + """ + + retVal = payload + + if payload: + retVal = re.sub(r"\s*=\s*", " RLIKE ", retVal) + + return retVal