PenTest/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-12-07 13:11:29 +00:00
Code Issues Projects Releases Wiki Activity

minor update (changing form of payload[i+1] with payload[i+1:i+2] which is much safer for not crashing the script with invalid char index)

Browse Source
This commit is contained in:
Miroslav Stampar
2011-07-11 09:22:29 +00:00
parent 7a6bddf811
commit 5014475637
5 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tamper/chardoubleencode.py
View File

@@ -38,7 +38,7 @@ def tamper(payload):
i = 0
while i < len(payload):
if payload[i] == '%' and (i < len(payload) - 2) and payload[i+1] in string.hexdigits and payload[i+2] in string.hexdigits:
if payload[i] == '%' and (i < len(payload) - 2) and payload[i+1:i+2] in string.hexdigits and payload[i+2:i+3] in string.hexdigits:
retVal += payload[i:i+3]
i += 3
else: