PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-06 12:41:30 +00:00
Code Issues Projects Releases Wiki Activity

Bug fix for tamper script equaltolike (has been doing problems when used with MsSQL)

Browse Source
This commit is contained in:
Miroslav Stampar
2015-09-22 14:32:52 +02:00
parent 058f63a050
commit 158ae501c1
1 changed files with 2 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tamper/equaltolike.py
View File

@@ -35,15 +35,10 @@ def tamper(payload, **kwargs):
'SELECT * FROM users WHERE id LIKE 1' 'SELECT * FROM users WHERE id LIKE 1'
""" """
def process(match):
word = match.group()
word = "%sLIKE%s" % (" " if word[0] != " " else "", " " if word[-1] != " " else "")
return word
retVal = payload retVal = payload
if payload: if payload:
retVal = re.sub(r"\s*=\s*", lambda match: process(match), retVal) for regex, subst in ((r"\s+=\s+", " LIKE "), (r"\s+=", " LIKE"), (r"=\s+", "LIKE ")):
retVal = re.sub(regex, subst, retVal)
return retVal return retVal