Bypassing Web Application Firewalls with SQLMap Tamper Scripts


Web Application Firewalls have become the new security solution for several businesses. Many companies often ignore the actual vulnerabilities and merely rely on the firewall for protection. Regrettably, most, if not all firewalls can be bypassed. In saying this, my post will demonstrate how to use some of SQLMap's new features to bypass WAFs/IDSs.

I have recently had the pleasure of working on a few tamper scripts for SQLMap, which can be found in the latest development version from the subversion repository.

svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev

The focus of the tamper scripts is to modify the request in a way that will evade the detection of the WAF (Web Application Firewall) rules. In some cases, you might need to combine a few tamper scripts together in order to fool the WAF. For a complete list of the tamper scripts, you can refer to https://svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/