Another update for an Issue #352 and couple of fixes

2025-12-10 09:49:06 +00:00 · 2013-03-13 21:57:09 +01:00
parent b35122a42c
commit 4cb378ce3e
38 changed files with 127 additions and 146 deletions
--- a/tamper/space2comment.py
+++ b/tamper/space2comment.py
@@ -16,10 +16,6 @@ def tamper(payload, **kwargs):
    """
    Replaces space character (' ') with comments '/**/'

-    Example:
-        * Input: SELECT id FROM users
-        * Output: SELECT/**/id/**/FROM/**/users
-
    Tested against:
        * Microsoft SQL Server 2005
        * MySQL 4, 5.0 and 5.5
@@ -28,6 +24,9 @@ def tamper(payload, **kwargs):

    Notes:
        * Useful to bypass weak and bespoke web application firewalls
+
+    >>> tamper('SELECT id FROM users')
+    'SELECT/**/id/**/FROM/**/users'
    """

    retVal = payload