mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2025-10-22 19:54:55 +03:00
28 lines
605 B
Python
28 lines
605 B
Python
#!/usr/bin/env python3
|
|
"""
|
|
Tamper script to replace '=' with '<=>'
|
|
MySQL-only NULL-safe equality operator.
|
|
Useful for bypassing filters that block '='.
|
|
|
|
Author: relunsec
|
|
"""
|
|
|
|
from lib.core.enums import PRIORITY
|
|
import re
|
|
|
|
__priority__ = PRIORITY.LOW
|
|
|
|
def tamper(payload, **kwargs):
|
|
"""
|
|
Replaces equal signs (=) with MySQL null-safe equal operator (<=>) Sometime bypass Weak WAF/Filters filter (=) sign
|
|
|
|
Requirement:
|
|
* MySQL
|
|
|
|
>>> tamper("OR 1=1 #")
|
|
'OR 1<=>1 #'
|
|
"""
|
|
if payload:
|
|
# Replace '=' with '<=>'
|
|
return re.sub(r'(?<![><!])=(?!=)', '<=>', payload)
|