def modify_request(self, request): ''' Mangles the request :param request: HTTPRequest instance that is going to be modified by the evasion plugin :return: The modified request ''' # Mangle the postdata data = str(request.get_data()) if data: try: # Only mangle the postdata if it is a url encoded string parse_qs(data) except: pass else: data = '\x00' + data headers_copy = copy.deepcopy(request.headers) headers_copy['content-length'] = str(len(data)) request = HTTPRequest(request.url_object, data, headers_copy, request.get_origin_req_host()) return request
def modifyRequest(self, request ): ''' Mangles the request @parameter request: HTTPRequest instance that is going to be modified by the evasion plugin @return: The modified request >>> from core.data.parsers.urlParser import url_object >>> modsec = modsecurity() >>> u = url_object('http://www.google.com/') >>> r = HTTPRequest( u ) >>> modsec.modifyRequest( r ).url_object.url_string 'http://www.google.com/' >>> u = url_object('http://www.google.com/') >>> r = HTTPRequest( u, data='' ) >>> modsec.modifyRequest( r ).get_data() '' >>> u = url_object('http://www.google.com/') >>> r = HTTPRequest( u, data='a=b' ) >>> modsec.modifyRequest( r ).get_data() '\\x00a=b' ''' # Mangle the postdata data = str(request.get_data()) if data: try: # Only mangle the postdata if it is a url encoded string parse_qs( data ) except: pass else: data = '\x00' + data headers_copy = copy.deepcopy(request.headers) headers_copy['content-length'] = str(len(data)) request = HTTPRequest( request.url_object, data, headers_copy, request.get_origin_req_host() ) return request