From a4227e8333c8e6d9f7415baa8642d319e39a83e9 Mon Sep 17 00:00:00 2001 From: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> Date: Tue, 6 Apr 2021 14:03:16 +0200 Subject: [PATCH] unmagicquotes: add ref --- tamper/unmagicquotes.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tamper/unmagicquotes.py b/tamper/unmagicquotes.py index 1170174ed..5bb9e3b5b 100644 --- a/tamper/unmagicquotes.py +++ b/tamper/unmagicquotes.py @@ -24,6 +24,7 @@ def tamper(payload, **kwargs): Reference: * http://shiflett.org/blog/2006/jan/addslashes-versus-mysql-real-escape-string + * https://lonewolfzero.wordpress.com/2017/07/03/addslashes-multibyte-sql-injection-mysql-and-php-case-study/ >>> tamper("1' AND 1=1") '1%bf%27-- -'