tainting. String transformations   [3.4.5]


^reflection:tainting[string]
^reflection:tainting[
transformation type;string]

This method allows you to find out what conversions a string needs. The result is a string in which each character of the source string is matched by a character with a transformation code.
When the
transformation type is specified, the characters to be transformed with the specified transformation type are highlighted with +. In addition to the transformation name, you can specify the value 'tainted' to display tainted characters and 'optimized' to display the characters that are to be optimized during output.

Transformation codes
clean

0

as-is

A

tainted

T

file-spec

F

uri

U

http-header

h

mail-header

m

sql

Q

js

J

json

S

parser-code

p

regex

R

xml

X

html

H

cookie

C




Example

$s[clean ^taint[<tainted>] ^taint[uri;&] ^taint[json;"json"]]

^taint[as-is;$s]
^reflection:tainting[$s]
^reflection:tainting[tainted;$s]

Applied: $s

Outputs:

clean <tainted> & "json"
000000TTTTTTTTT0U0SSSSSS
------+++++++++---------

Applied: clean &lt;tainted&gt; %26 \"json\"




Copyright © 1997–2017 Art. Lebedev Studio | http://www.artlebedev.com Last updated: 27.04.2017