Another update for an Issue #352 and couple of fixes

2026-01-21 21:59:20 +00:00 · 2013-03-13 21:57:09 +01:00
parent b35122a42c
commit 4cb378ce3e
38 changed files with 127 additions and 146 deletions
--- a/tamper/multiplespaces.py
+++ b/tamper/multiplespaces.py
@@ -20,15 +20,15 @@ def tamper(payload, **kwargs):
    """
    Adds multiple spaces around SQL keywords

-    Example:
-        * Input: UNION SELECT
-        * Output:  UNION   SELECT
-
    Notes:
        * Useful to bypass very weak and bespoke web application firewalls
          that has poorly written permissive regular expressions

    Reference: https://www.owasp.org/images/7/74/Advanced_SQL_Injection.ppt
+
+    >>> random.seed(0)
+    >>> tamper('1 UNION SELECT foobar')
+    '1    UNION     SELECT   foobar'
    """

    retVal = payload