The
author of this article I--Rose
QQ2230353371 Reprint Please keep the article source
- How to use--tamper xxx.py
- apostrophemask.py replacing single-quote characters with UTF-8 full-width characters
- apostrophenullencode.py replacing single quote characters with illegal double-byte Unicode characters
- appendnullbyte.py add an empty character encoding at the end of payload
- base64encode.py use BASE64 encoding for a given payload all characters
- between.py with "not between 0 and #" to replace the greater than sign ">", "Between # and #" replace the equals sign "="
- bluecoat.py replace the whitespace with a valid random space character after the SQL statement, followed by "like" with the equals sign "="
- chardoubleencode.py uses double URL encoding for all characters given payload (does not process encoded characters)
- charencode.py uses URL encoding for all characters given payload (does not process encoded characters)
- charunicodeencode.py uses Unicode URL encoding for a given payload non-encoded character (does not process encoded characters)
- Concat2concatws.py replacing instances like "CONCAT (A, B)" with "Concat_ws (MID (CHAR (0), 0, 0), A, b)"
- equaltolike.py Replace all equals sign "=" with "like" operator
- greatest.py replace the greater than sign ">" With the "greatest" function
- halfversionedmorekeywords.py add a MySQL comment before each keyword
- Ifnull2ifisnull.py replacing instances like "Ifnull (A, B)" with "IF (ISNULL (a), B, a)"
- lowercase.py replace each keyword character with a lowercase value
- modsecurityversioned.py enclosing a complete query with annotations
- modsecurityzeroversioned.py to enclose a complete query with a comment with a number zero
- multiplespaces.py adding multiple spaces around the SQL keyword
- nonrecursivereplacement.py replacing predefined SQL keywords with representations for filters
- Overlongutf8.py converts all characters in a given payload
- percentage.py add a percent semicolon before each character
- Randomcase.py randomly converts the case of each keyword character
- randomcomments.py inserting a random comment into the SQL keyword
- securesphere.py adding a specially constructed string
- sp_password.py Add "sp_password" for automatic obfuscation the from DBMS logs to the end of payload
- space2comment.py replacing whitespace with "/**/"
- space2dash.py with dash notation "--" followed by a random string and a newline character to replace the whitespace.
- space2hash.py with the pound notation "#" followed by a random string and a newline character to replace the whitespace.
- space2morehash.py with the pound notation "#" followed by a random string and a newline character to replace the whitespace.
- space2mssqlblank.py replacing whitespace with random whitespace characters in a valid set of alternate character sets
- space2mssqlhash.py with the pound notation "#" followed by a newline character to replace the whitespace.
- space2mysqlblank.py replacing whitespace with random whitespace characters in a valid set of alternate character sets
- space2mysqldash.py with dash notation "--" followed by a newline character replacing whitespace
- space2plus.py replacing whitespace with the plus sign "+"
- space2randomblank.py replacing whitespace with random whitespace characters in a valid set of alternate character sets
- unionalltounion.py Replace "union ALL Select" with "union select"
- unmagicquotes.py replacing whitespace with a multibyte combination%bf%27 and the end-of-general comment
- varnish.py Add an HTTP Header "X-originating-ip" to bypass the WAF
- versionedkeywords.py surround each non-function keyword with mysql annotations
- versionedmorekeywords.py surround each keyword with MySQL annotations
- xforwardedfor.py add a forged HTTP header "X-forwarded-for" to bypass the WAF
Sqlmap injected tamper bypasses the list of WAF scripts