PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Implementation for an Issue #3108

Browse Source
This commit is contained in:
Miroslav Stampar
2018-07-31 02:18:33 +02:00
parent f0e4c20004
commit 1f9bf587b5
42 changed files with 113 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tamper/chardoubleencode.py
View File

@@ -16,7 +16,7 @@ def dependencies():
def tamper(payload, **kwargs):
"""
Double URL-encodes all characters in a given payload (not processing already encoded)
Double URL-encodes all characters in a given payload (not processing already encoded) (e.g. SELECT -> %2553%2545%254C%2545%2543%2554)
Notes:
* Useful to bypass some weak web application firewalls that do not double URL-decode the request before processing it through their ruleset