Ah, that's great to know. I will have to look at this more deeply. Thanks
for the quick response.
On Mon, Nov 16, 2015 at 12:59 PM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> Also, please don't run with -o to see what sqlmap does, as I know that you
> like to use that switch. -o turn
Also, please don't run with -o to see what sqlmap does, as I know that you
like to use that switch. -o turns on character prediction which
statistically predicts which could be the current character based on
previous responses. In those cases sqlmap compares to most likely chars at
the beginning wh
Please run with -v 3 to see what sqlmap does. It doesn't iterate serially
for all characters. It uses binary search. On average it requires cca. 5-6
requests per char.
Bye
On Nov 16, 2015 7:28 PM, "Brandon Perry" wrote:
> The other night, I was performing a boolean-based attack. I realised that
Also, obviously password hashes and the like are not english, so this would
mostly be useful potentially for table/column name enumeration.
On Mon, Nov 16, 2015 at 12:28 PM, Brandon Perry
wrote:
> The other night, I was performing a boolean-based attack. I realised that
> iterating from a-zA-Z0-
The other night, I was performing a boolean-based attack. I realised that
iterating from a-zA-Z0-9 as bytes to compare on the SQL server could be
optimized, but only for Latin/English languages, so not sure how useful
this would be.
During boolean-based blind attacks, would it be useful to use a c
