pub struct SqlAdjacentStringConcatTamper;Expand description
SQL adjacent-string-literal concatenation tamper — rewrites every
'string' literal of length ≥ 2 as a sequence of single-character
adjacent literals ('admin' → 'a' 'd' 'm' 'i' 'n'). The ANSI
SQL-92 §5.3 specification requires the parser to concatenate
adjacent string literals separated only by whitespace; MySQL,
Postgres, SQLite, Oracle, DB2 all implement it. WAFs matching the
LITERAL substring of well-known credentials/paths ('admin',
'/etc/passwd', 'root') see N unrelated single-character strings
instead. Pure SQL semantics — no comments, no CONCAT(), no special
functions.
Trait Implementations§
Source§impl TamperStrategy for SqlAdjacentStringConcatTamper
impl TamperStrategy for SqlAdjacentStringConcatTamper
Source§fn description(&self) -> &'static str
fn description(&self) -> &'static str
Returns a description of what this strategy does.
Source§fn tamper(&self, payload: &str, _context: Option<&str>) -> String
fn tamper(&self, payload: &str, _context: Option<&str>) -> String
Transforms the input payload. Read more
Source§fn aggressiveness(&self) -> f64
fn aggressiveness(&self) -> f64
Returns the aggressiveness score (0.0 = mild, 1.0 = extreme).
Auto Trait Implementations§
impl Freeze for SqlAdjacentStringConcatTamper
impl RefUnwindSafe for SqlAdjacentStringConcatTamper
impl Send for SqlAdjacentStringConcatTamper
impl Sync for SqlAdjacentStringConcatTamper
impl Unpin for SqlAdjacentStringConcatTamper
impl UnsafeUnpin for SqlAdjacentStringConcatTamper
impl UnwindSafe for SqlAdjacentStringConcatTamper
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more