Locale module screws string.letters, etc. in some cases (e.g. IDLE run)

stamparm · stamparm · commit 351c70b3906f · 2013-06-01T14:06:58.000+02:00
diff --git a/lib/core/common.py b/lib/core/common.py
@@ -931,9 +931,9 @@ def randomStr(length=4, lowercase=False, alphabet=None):
     if alphabet:
         retVal = "".join(random.choice(alphabet) for _ in xrange(0, length))
     elif lowercase:
-        retVal = "".join(random.choice(string.lowercase) for _ in xrange(0, length))
+        retVal = "".join(random.choice(string.ascii_lowercase) for _ in xrange(0, length))
     else:
-        retVal = "".join(random.choice(string.letters) for _ in xrange(0, length))
+        retVal = "".join(random.choice(string.ascii_letters) for _ in xrange(0, length))
 
     return retVal
 
diff --git a/lib/core/purge.py b/lib/core/purge.py
@@ -60,7 +60,7 @@ def purge(directory):
     logger.debug("renaming filenames to random values")
     for filepath in filepaths:
         try:
-            os.rename(filepath, os.path.join(os.path.dirname(filepath), "".join(random.sample(string.letters, random.randint(4, 8)))))
+            os.rename(filepath, os.path.join(os.path.dirname(filepath), "".join(random.sample(string.ascii_letters, random.randint(4, 8)))))
         except:
             pass
 
@@ -69,7 +69,7 @@ def purge(directory):
     logger.debug("renaming directory names to random values")
     for dirpath in dirpaths:
         try:
-            os.rename(dirpath, os.path.join(os.path.dirname(dirpath), "".join(random.sample(string.letters, random.randint(4, 8)))))
+            os.rename(dirpath, os.path.join(os.path.dirname(dirpath), "".join(random.sample(string.ascii_letters, random.randint(4, 8)))))
         except:
             pass
 
diff --git a/lib/core/settings.py b/lib/core/settings.py
@@ -447,7 +447,7 @@
 HASHDB_FLUSH_RETRIES = 3
 
 # Unique milestone value used for forced deprecation of old HashDB values (e.g. when changing hash/pickle mechanism)
-HASHDB_MILESTONE_VALUE = "cAWxkLYCQT"  # r5129 "".join(random.sample(string.letters, 10))
+HASHDB_MILESTONE_VALUE = "cAWxkLYCQT"  # r5129 "".join(random.sample(string.ascii_letters, 10))
 
 # Warn user of possible delay due to large page dump in full UNION query injections
 LARGE_OUTPUT_THRESHOLD = 1024 ** 2
@@ -468,7 +468,7 @@
 MAX_DNS_LABEL = 63
 
 # Alphabet used for prefix and suffix strings of name resolution requests in DNS technique (excluding hexadecimal chars for not mixing with inner content)
-DNS_BOUNDARIES_ALPHABET = re.sub("[a-fA-F]", "", string.letters)
+DNS_BOUNDARIES_ALPHABET = re.sub("[a-fA-F]", "", string.ascii_letters)
 
 # Alphabet used for heuristic checks
 HEURISTIC_CHECK_ALPHABET = ('"', '\'', ')', '(', '[', ']', ',', '.')
diff --git a/tamper/space2dash.py b/tamper/space2dash.py
@@ -36,7 +36,7 @@ def tamper(payload, **kwargs):
     if payload:
         for i in xrange(len(payload)):
             if payload[i].isspace():
-                randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12)))
+                randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12)))
                 retVal += "--%s%%0A" % randomStr
             elif payload[i] == '#' or payload[i:i + 3] == '-- ':
                 retVal += payload[i:]
diff --git a/tamper/space2hash.py b/tamper/space2hash.py
@@ -44,7 +44,7 @@ def tamper(payload, **kwargs):
     if payload:
         for i in xrange(len(payload)):
             if payload[i].isspace():
-                randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12)))
+                randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12)))
                 retVal += "%%23%s%%0A" % randomStr
             elif payload[i] == '#' or payload[i:i + 3] == '-- ':
                 retVal += payload[i:]
diff --git a/tamper/space2morehash.py b/tamper/space2morehash.py
@@ -44,7 +44,7 @@ def tamper(payload, **kwargs):
 
     def process(match):
         word = match.group('word')
-        randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12)))
+        randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12)))
 
         if word.upper() in kb.keywords and word.upper() not in IGNORE_SPACE_AFFECTED_KEYWORDS:
             return match.group().replace(word, "%s%%23%s%%0A" % (word, randomStr))
@@ -58,7 +58,7 @@ def process(match):
 
         for i in xrange(len(payload)):
             if payload[i].isspace():
-                randomStr = ''.join(random.choice(string.ascii_uppercase + string.lowercase) for _ in xrange(random.randint(6, 12)))
+                randomStr = ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase) for _ in xrange(random.randint(6, 12)))
                 retVal += "%%23%s%%0A" % randomStr
             elif payload[i] == '#' or payload[i:i + 3] == '-- ':
                 retVal += payload[i:]
