Improvement of a between.py tamper script

stamparm · stamparm · commit bdd819d7f201 · 2012-11-29T14:41:07.000+01:00
diff --git a/tamper/between.py b/tamper/between.py
@@ -5,6 +5,8 @@
 See the file 'doc/COPYING' for copying permission
 """
 
+import re
+
 from lib.core.enums import PRIORITY
 
 __priority__ = PRIORITY.HIGHEST
@@ -54,7 +56,7 @@ def tamper(payload, headers=None):
 
             elif payload[i] == ">" and not doublequote and not quote:
                 retVal += " " if i > 0 and not payload[i-1].isspace() else ""
-                retVal += "NOT BETWEEN 0 AND"
+                retVal += "NOT BETWEEN %s AND" % ('0' if re.search(r"\A[^\w]*\d", payload[i+1:]) else "NULL")
                 retVal += " " if i < len(payload) - 1 and not payload[i+1:i+2].isspace() else ""
 
                 continue
