diff --git a/tamper/randomcomments.py b/tamper/randomcomments.py index 3d40874e2..899567e04 100644 --- a/tamper/randomcomments.py +++ b/tamper/randomcomments.py @@ -14,7 +14,7 @@ from lib.core.data import kb def tamper(value): """ - Add random comments to value + Add random comments to SQL keywords in value Example: 'INSERT' becomes 'IN/**/S/**/ERT' """ diff --git a/tamper/space2comment.py b/tamper/space2comment.py index ba247de67..a339dbe46 100644 --- a/tamper/space2comment.py +++ b/tamper/space2comment.py @@ -10,7 +10,7 @@ See the file 'doc/COPYING' for copying permission def tamper(value): """ Replaces ' ' with '/**/' - Example: 'SELECT id FROM users' becomes 'SELECT/**/id/**/FROM users' + Example: 'SELECT id FROM users' becomes 'SELECT/**/id/**/FROM/**/users' """ retVal = value diff --git a/tamper/space2plus.py b/tamper/space2plus.py index 86a396b90..b778b0543 100644 --- a/tamper/space2plus.py +++ b/tamper/space2plus.py @@ -9,7 +9,7 @@ See the file 'doc/COPYING' for copying permission def tamper(value): """ - Replaces ' ' with '/**/' + Replaces ' ' with '+' Example: 'SELECT id FROM users' becomes 'SELECT+id+FROM+users' """ diff --git a/tamper/urlencode.py b/tamper/urlencode.py index 626a067fb..d0b621571 100644 --- a/tamper/urlencode.py +++ b/tamper/urlencode.py @@ -13,7 +13,7 @@ from lib.core.exception import sqlmapUnsupportedFeatureException def tamper(value): """ Replaces value with urlencode(value) - Example: 'SELECT%20FIELD%20FROM%20TABLE' becomes 'SELECT%25%20FIELD%25%20FROM%25%20TABLE' + Example: 'SELECT FIELD FROM TABLE' becomes 'SELECT%20FIELD%20FROM%20TABLE' """ if value: diff --git a/xml/queries.xml b/xml/queries.xml index 3920772a6..646c8d34f 100644 --- a/xml/queries.xml +++ b/xml/queries.xml @@ -416,6 +416,7 @@ +