Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3ff01f5

Browse files
stamparmstamparm
committed
Adding new tamper script
1 parent 0a4512e commit 3ff01f5

1 file changed

Lines changed: 36 additions & 0 deletions

File tree

tamper/concat2concatws.py

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
#!/usr/bin/env python
2+
3+
"""
4+
Copyright (c) 2006-2013 sqlmap developers (http://sqlmap.org/)
5+
See the file 'doc/COPYING' for copying permission
6+
"""
7+
8+
from lib.core.enums import PRIORITY
9+
10+
__priority__ = PRIORITY.HIGHEST
11+
12+
def dependencies():
13+
pass
14+
15+
def tamper(payload, **kwargs):
16+
"""
17+
Replaces instances like 'CONCAT(A, B)' with 'CONCAT_WS(MID(CHAR(0), 0, 0), A, B)'
18+
19+
Requirement:
20+
* MySQL
21+
22+
Tested against:
23+
* MySQL 5.0
24+
25+
Notes:
26+
* Useful to bypass very weak and bespoke web application firewalls
27+
that filter the CONCAT() function
28+
29+
>>> tamper('CONCAT(1,2)')
30+
'CONCAT_WS(MID(CHAR(0),0,0),1,2)'
31+
"""
32+
33+
if payload:
34+
payload = payload.replace("CONCAT(", "CONCAT_WS(MID(CHAR(0),0,0),")
35+
36+
return payload

0 commit comments

Comments
 (0)