PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Another update for an Issue #352 and couple of fixes

Browse Source
This commit is contained in:
Miroslav Stampar
2013-03-13 21:57:09 +01:00
parent b35122a42c
commit 4cb378ce3e
38 changed files with 127 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tamper/nonrecursivereplacement.py
View File

@@ -18,12 +18,12 @@ def tamper(payload, **kwargs):
Replaces predefined SQL keywords with representations
suitable for replacement (e.g. .replace("SELECT", "")) filters
Example:
* Input: 1 UNION SELECT 2--
* Output: 1 UNUNIONION SELSELECTECT 2--
Notes:
* Useful to bypass very weak custom filters
>>> random.seed(0)
>>> tamper('1 UNION SELECT 2--')
'1 UNIOUNIONN SELESELECTCT 2--'
"""
keywords = ("UNION", "SELECT", "INSERT", "UPDATE", "FROM", "WHERE")