From 6fd3c27f70913117db723823afd84e17f9a1f213 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Tue, 22 Apr 2014 08:48:12 +0200 Subject: [PATCH] Update for an Issue #672 --- doc/THANKS.md | 3 +++ tamper/lowercase.py | 46 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 tamper/lowercase.py diff --git a/doc/THANKS.md b/doc/THANKS.md index b275c5ef2..b1eb320d5 100644 --- a/doc/THANKS.md +++ b/doc/THANKS.md @@ -238,6 +238,9 @@ Dirk Jagdmann, Luke Jahnke, * for reporting a bug when running against MySQL < 5.0 +Andrew Kitis +* for contributing a tamper script lowercase.py + David Klein, * for reporting a minor code improvement diff --git a/tamper/lowercase.py b/tamper/lowercase.py new file mode 100644 index 000000000..fae01a3e3 --- /dev/null +++ b/tamper/lowercase.py @@ -0,0 +1,46 @@ +#!/usr/bin/env python + +""" +Copyright (c) 2006-2014 sqlmap developers (http://sqlmap.org/) +See the file 'doc/COPYING' for copying permission +""" + +import re + +from lib.core.data import kb +from lib.core.enums import PRIORITY + +__priority__ = PRIORITY.NORMAL + +def dependencies(): + pass + +def tamper(payload, **kwargs): + """ + Replaces each keyword character with lower case value + + Tested against: + * Microsoft SQL Server 2005 + * MySQL 4, 5.0 and 5.5 + * Oracle 10g + * PostgreSQL 8.3, 8.4, 9.0 + + Notes: + * Useful to bypass very weak and bespoke web application firewalls + that has poorly written permissive regular expressions + * This tamper script should work against all (?) databases + + >>> tamper('INSERT') + 'insert' + """ + + retVal = payload + + if payload: + for match in re.finditer(r"[A-Za-z_]+", retVal): + word = match.group() + + if word.upper() in kb.keywords: + retVal = retVal.replace(word, word.lower()) + + return retVal