📒
Rafi’s Public Notes/
♠️
sqlmap tampers
Search
♠️

sqlmap tampers

Tags
Reference
Date
Feb 28, 2023
Tamper-Script
Description
0eunion
Replaces instances of UNION with e0UNION
base64encode
Base64-encodes all characters in a given payload
between
Replaces greater than operator (>) with NOT BETWEEN 0 AND # and equals operator (=) with BETWEEN # AND #
commalesslimit
Replaces (MySQL) instances like LIMIT M, N with LIMIT N OFFSET M counterpart
equaltolike
Replaces all occurrences of operator equal (=) with LIKE counterpart
halfversionedmorekeywords
Adds (MySQL) versioned comment before each keyword
modsecurityversioned
Embraces complete query with (MySQL) versioned comment
modsecurityzeroversioned
Embraces complete query with (MySQL) zero-versioned comment
percentage
Adds a percentage sign (%) in front of each character (e.g. SELECT -> %S%E%L%E%C%T)
plus2concat
Replaces plus operator (+) with (MsSQL) function CONCAT() counterpart
randomcase
Replaces each keyword character with random case value (e.g. SELECT -> SEleCt)
space2comment
Replaces space character ( ) with comments `/
space2dash
Replaces space character ( ) with a dash comment (--) followed by a random string and a new line (\n)
space2hash
Replaces (MySQL) instances of space character ( ) with a pound character (#) followed by a random string and a new line (\n)
space2mssqlblank
Replaces (MsSQL) instances of space character ( ) with a random blank character from a valid set of alternate characters
space2plus
Replaces space character ( ) with plus (+)
space2randomblank
Replaces space character ( ) with a random blank character from a valid set of alternate characters
symboliclogical
Replaces AND and OR logical operators with their symbolic counterparts (&& and ||)
versionedkeywords
Encloses each non-function keyword with (MySQL) versioned comment
versionedmorekeywords
Encloses each keyword with (MySQL) versioned comment
To get a whole list of implemented tamper scripts, along with the description as above, switch --list-tampers can be used. We can also develop custom Tamper scripts for any custom type of attack, like a second-order SQLi.