From 351c70b3906f12e1a15d191fe8de07049cdbd956 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Sat, 1 Jun 2013 14:06:58 +0200 Subject: [PATCH] Locale module screws string.letters, etc. in some cases (e.g. IDLE run) --- lib/core/common.py | 4 ++-- lib/core/purge.py | 4 ++-- lib/core/settings.py | 4 ++-- tamper/space2dash.py | 2 +- tamper/space2hash.py | 2 +- tamper/space2morehash.py | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/core/common.py b/lib/core/common.py index 987c6aa55..25d174d27 100644 --- a/lib/core/common.py +++ b/lib/core/common.py @@ -931,9 +931,9 @@ def randomStr(length=4, lowercase=False, alphabet=None): if alphabet: retVal = "".join(random.choice(alphabet) for _ in xrange(0, length)) elif lowercase: - retVal = "".join(random.choice(string.lowercase) for _ in xrange(0, length)) + retVal = "".join(random.choice(string.ascii_lowercase) for _ in xrange(0, length)) else: - retVal = "".join(random.choice(string.letters) for _ in xrange(0, length)) + retVal = "".join(random.choice(string.ascii_letters) for _ in xrange(0, length)) return retVal diff --git a/lib/core/purge.py b/lib/core/purge.py index a2e39e47c..345655032 100644 --- a/lib/core/purge.py +++ b/lib/core/purge.py @@ -60,7 +60,7 @@ def purge(directory): logger.debug("renaming filenames to random values") for filepath in filepaths: try: - os.rename(filepath, os.path.join(os.path.dirname(filepath), "".join(random.sample(string.letters, random.randint(4, 8))))) + os.rename(filepath, os.path.join(os.path.dirname(filepath), "".join(random.sample(string.ascii_letters, random.randint(4, 8))))) except: pass @@ -69,7 +69,7 @@ def purge(directory): logger.debug("renaming directory names to random values") for dirpath in dirpaths: try: - os.rename(dirpath, os.path.join(os.path.dirname(dirpath), "".join(random.sample(string.letters, random.randint(4, 8))))) + os.rename(dirpath, os.path.join(os.path.dirname(dirpath), "".join(random.sample(string.ascii_letters, random.randint(4, 8))))) except: pass diff --git a/lib/core/settings.py b/lib/core/settings.py index 949ce3b47..f3fc34af3 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -447,7 +447,7 @@ HASHDB_FLUSH_THRESHOLD = 32 HASHDB_FLUSH_RETRIES = 3 # Unique milestone value used for forced deprecation of old HashDB values (e.g. when changing hash/pickle mechanism) -HASHDB_MILESTONE_VALUE = "cAWxkLYCQT" # r5129 "".join(random.sample(string.letters, 10)) +HASHDB_MILESTONE_VALUE = "cAWxkLYCQT" # r5129 "".join(random.sample(string.ascii_letters, 10)) # Warn user of possible delay due to large page dump in full UNION query injections LARGE_OUTPUT_THRESHOLD = 1024 ** 2 @@ -468,7 +468,7 @@ MAX_TOTAL_REDIRECTIONS = 10 MAX_DNS_LABEL = 63 # Alphabet used for prefix and suffix strings of name resolution requests in DNS technique (excluding hexadecimal chars for not mixing with inner content) -DNS_BOUNDARIES_ALPHABET = re.sub("[a-fA-F]", "", string.letters) +DNS_BOUNDARIES_ALPHABET = re.sub("[a-fA-F]", "", string.ascii_letters) # Alphabet used for heuristic checks HEURISTIC_CHECK_ALPHABET = ('"', '\'', ')', '(', '[', ']', ',', '.') diff --git a/tamper/space2dash.py b/tamper/space2dash.py index 0b0fe69dd..dc06a37f2 100644 --- a/tamper/space2dash.py +++ b/tamper/space2dash.py @@ -36,7 +36,7 @@ def tamper(payload, **kwargs): if payload: for i in xrange(len(payload)): if payload[i].isspace(): - randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12))) + randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12))) retVal += "--%s%%0A" % randomStr elif payload[i] == '#' or payload[i:i + 3] == '-- ': retVal += payload[i:] diff --git a/tamper/space2hash.py b/tamper/space2hash.py index c126ba38d..e62f82f50 100644 --- a/tamper/space2hash.py +++ b/tamper/space2hash.py @@ -44,7 +44,7 @@ def tamper(payload, **kwargs): if payload: for i in xrange(len(payload)): if payload[i].isspace(): - randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12))) + randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12))) retVal += "%%23%s%%0A" % randomStr elif payload[i] == '#' or payload[i:i + 3] == '-- ': retVal += payload[i:] diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py index 0ebc76abd..49309a596 100644 --- a/tamper/space2morehash.py +++ b/tamper/space2morehash.py @@ -44,7 +44,7 @@ def tamper(payload, **kwargs): def process(match): word = match.group('word') - randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12))) + randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12))) if word.upper() in kb.keywords and word.upper() not in IGNORE_SPACE_AFFECTED_KEYWORDS: return match.group().replace(word, "%s%%23%s%%0A" % (word, randomStr)) @@ -58,7 +58,7 @@ def tamper(payload, **kwargs): for i in xrange(len(payload)): if payload[i].isspace(): - randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12))) + randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12))) retVal += "%%23%s%%0A" % randomStr elif payload[i] == '#' or payload[i:i + 3] == '-- ': retVal += payload[i:]