Skip to content
This repository has been archived by the owner on Apr 17, 2021. It is now read-only.

tampers white-list; use sqlmap tampers #12

Open
clouedoc opened this issue May 18, 2018 · 1 comment
Open

tampers white-list; use sqlmap tampers #12

clouedoc opened this issue May 18, 2018 · 1 comment
Labels
priority:high

Comments

@clouedoc
Copy link
Owner

clouedoc commented May 18, 2018
edited

Hola, currently a lot of tampers are used.
The problem is that some tampers only works with some db and some are not needed in our case ( like the base64encode one )

If you've a suggestion of tamper to blacklist, I would be glad you post it here.

I'm thinking that AutoSQLI should adopt a white-list way of getting tampers.
And I may get rid of the custom WhatWaf tampers (even if they are proven to be effective), because they don't have a priority level assigned to them
@clouedoc
Copy link
Owner Author

To do this, I created a tampers directory in the root of the project, which in there is a WhatWaf_tampers, a sqlmap_tampers, and a whitelisted_tampers dir.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
priority:high
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@clouedoc