sqlmap oracle绕过,sqlmap的篡改绕过WAF

最新推荐文章于 2024-05-23 16:14:18 发布

weixin_39790738

最新推荐文章于 2024-05-23 16:14:18 发布

阅读量243

点赞数

文章标签： sqlmap oracle绕过

space2comment.py

Replaces space character (‘ ‘) with comments ‘/**/’

Example:

* Input: SELECT id FROM users

* Output: SELECT/**/id/**/FROM/**/users

Tested against:

* Microsoft SQL Server 2005

* MySQL 4, 5.0 and 5.5

* Oracle 10g

* PostgreSQL 8.3, 8.4, 9.0

Notes:

* Useful to bypass weak and bespoke web application firewalls

——————————————————————————-

charencode.py

url编码

Example:

* Input: SELECT FIELD FROM%20TABLE

* Output: %53%45%4c%45%43%54%20%46%49%45%4c%44%20%46%52%4f%4d%20%54%41%42%4c%45

Tested against:

* Microsoft SQL Server 2005

* MySQL 4, 5.0 and 5.5

* Oracle 10g

* PostgreSQL 8.3, 8.4, 9.0

Notes:

* Useful to bypass very weak web application firewalls that do not

url-decode the request before processing it through their ruleset

* The web server will anyway pass the url-decoded version behind,

hence it should work against any DBMS

—————————————————————————————

charunicodeencode.py

字符串 unicode 编码

Example:

* Input: SELECT FIELD%20FROM TABLE

* Output: %u0053%u0045%u004c%u0045%u0043%u0054%u0020%u0046%u0049%u0045%u004c%u0044%u0020%u0046%u0052%u004f%u004d%u0020%u0054%u0041%u0042%u004c%u0045′

Requirement:

* ASP

* ASP.NET

Tested against:

* Microsoft SQL Server 2000

* Microsoft SQL Server 2005

* MySQL 5.1.56

* PostgreSQL 9.0.3

Notes:

* Useful to bypass weak web application firewalls that do not

unicode url-decode the request before processing it through their

ruleset

——————————————————

space2hash.py

空格替换为#号随机字符串以及换行符

Replaces space character (‘ ‘) with a pound character (‘#’) followed by

a random string and a new line (‘\n’)

Example:

* Input: 1 AND 9227=9227

* Output: 1%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227

Requirement:

* MySQL

Tested against:

* MySQL 4.0, 5.0

———————————————–

space2morehash.py

空格替换为 #号以及更多随机字符串换行符

Replaces space character (‘ ‘) with a pound character (‘#’) followed by

a random string and a new line (‘\n’)

Example:

* Input: 1 AND 9227=9227

* Output: 1%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227

Requirement:

* MySQL >= 5.1.13

Tested against:

* MySQL 5.1.41

——————————————

space2mssqlblank.py(mssql)

空格替换为其它空符号

Example:

* Input: SELECT id FROM users

* Output: SELECT%08id%02FROM%0Fusers

Requirement:

* Microsoft SQL Server

Tested against:

* Microsoft SQL Server 2000

* Microsoft SQL Server 2005

# ASCII table:

# SOH 01 start of heading

# STX 02 start of text

# ETX 03 end of text

# EOT 04 end of transmission

# ENQ 05 enquiry

# ACK 06 acknowledge

# BEL 07 bell

# BS 08 backspace

# TAB 09 horizontal tab

# LF 0A new line

# VT 0B vertical TAB

# FF 0C new page

# CR 0D carriage return

# SO 0E shift out

# SI 0F shift in

————————————————-

space2mysqlblank.py

weixin_39790738

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
sqlmap oracle绕过,sqlmap的篡改绕过WAF

space2comment.pyReplaces space character (‘ ‘) with comments ‘/**/’Example:* Input: SELECT id FROM users* Output: SELECT/**/id/**/FROM/**/usersTested against:* Microsoft SQL Server 2005* MySQL 4, 5.0 ...
复制链接

扫一扫