Another update for an Issue #352 and couple of fixes

2025-12-21 23:19:05 +00:00 · 2013-03-13 21:57:09 +01:00
parent b35122a42c
commit 4cb378ce3e
38 changed files with 127 additions and 146 deletions
--- a/tamper/space2hash.py
+++ b/tamper/space2hash.py
@@ -23,10 +23,6 @@ def tamper(payload, **kwargs):
    Replaces space character (' ') with a pound character ('#') followed by
    a random string and a new line ('\n')

-    Example:
-        * Input: 1 AND 9227=9227
-        * Output: 1%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227
-
    Requirement:
        * MySQL

@@ -37,6 +33,10 @@ def tamper(payload, **kwargs):
        * Useful to bypass several web application firewalls
        * Used during the ModSecurity SQL injection challenge,
          http://modsecurity.org/demo/challenge.html
+
+    >>> random.seed(0)
+    >>> tamper('1 AND 9227=9227')
+    '1%23nVNaVoPYeva%0AAND%23ngNvzqu%0A9227=9227'
    """

    retVal = ""