2017-10-31 18:17:33 +00:00
|
|
|
from lib.core.settings import (
|
|
|
|
|
logger,
|
|
|
|
|
set_color
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2017-10-10 22:59:01 +00:00
|
|
|
def tamper(payload, **kwargs):
|
2017-10-31 18:17:33 +00:00
|
|
|
warning = kwargs.get("warning", True)
|
|
|
|
|
if warning:
|
|
|
|
|
logger.warning(set_color(
|
|
|
|
|
"NULL encoding tamper scripts may increase the possibility of not finding vulnerabilities "
|
2017-12-07 13:27:20 +00:00
|
|
|
"in otherwise vulnerable sites", level=30
|
2017-10-31 18:17:33 +00:00
|
|
|
))
|
|
|
|
|
|
2017-10-10 22:59:01 +00:00
|
|
|
retval = ""
|
|
|
|
|
encoder = "%00"
|
|
|
|
|
for char in payload:
|
|
|
|
|
if char == " ":
|
|
|
|
|
char = encoder
|
|
|
|
|
retval += char
|
|
|
|
|
else:
|
|
|
|
|
retval += char
|
|
|
|
|
return retval
|