Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sqlmapproject
GitHub Repository: sqlmapproject/sqlmap
 Path: blob/master/tamper/greatest.py
2983 views
1
#!/usr/bin/env python

2


3
"""

4
Copyright (c) 2006-2025 sqlmap developers (https://sqlmap.org)

5
See the file 'LICENSE' for copying permission

6
"""

7


8
import re

9


10
from lib.core.enums import PRIORITY

11


12
__priority__ = PRIORITY.HIGHEST

13


14
def dependencies():

15
    pass

16


17
def tamper(payload, **kwargs):

18
    """

19
    Replaces greater than operator ('>') with 'GREATEST' counterpart

20


21
    Tested against:

22
        * MySQL 4, 5.0 and 5.5

23
        * Oracle 10g

24
        * PostgreSQL 8.3, 8.4, 9.0

25


26
    Notes:

27
        * Useful to bypass weak and bespoke web application firewalls that

28
          filter the greater than character

29
        * The GREATEST clause is a widespread SQL command. Hence, this

30
          tamper script should work against majority of databases

31


32
    >>> tamper('1 AND A > B')

33
    '1 AND GREATEST(A,B+1)=A'

34
    """

35


36
    retVal = payload

37


38
    if payload:

39
        match = re.search(r"(?i)(\b(AND|OR)\b\s+)([^>]+?)\s*>\s*(\w+|'[^']+')", payload)

40


41
        if match:

42
            _ = "%sGREATEST(%s,%s+1)=%s" % (match.group(1), match.group(3), match.group(4), match.group(3))

43
            retVal = retVal.replace(match.group(0), _)

44


45
    return retVal

46


47