It's the dumbest article on SQL injection ever. There's nothing that deserve a read in there. Unfortunately, I lost those 10 minutes of life. Reasons?
1. The technique is non deterministic. It's not new. It takes way longer than a proper bisection algorithm. 2. A bisection algorithm worked on the ASCII() representation of the SUBSTR() of the query is way better than an heuristic regexp "guess". 3. The examples in the paper are actually weak and refer to very outdated techniques to do time-based - They explain BENCHMARK() for MySQL where since 5.0.12 there's builtin SLEEP() and do the time-based on MSSQL with heavy queries, where since MSSQL 7.0 or 2000 we have waitfor delay. Bernardo On 13 June 2011 19:37, Andres Riancho <andres.rian...@gmail.com> wrote: > FYI. Would be a nice to have in sqlmap :) > > > ---------- Forwarded message ---------- > From: R00T_ATI <r00t_...@ihteam.net> > Date: Sun, Jun 12, 2011 at 2:45 PM > Subject: [Full-disclosure] Blind Sql Injection With Regular Expression > To: full-disclos...@lists.grok.org.uk > > > New and fast attack for blind sql injection. > > http://www.ihteam.net/papers/blind-sqli-regexp-attack.pdf > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > -- > Andrés Riancho > Director of Web Security at Rapid7 LLC > Founder at Bonsai Information Security > Project Leader at w3af > > ------------------------------------------------------------------------------ > EditLive Enterprise is the world's most technically advanced content > authoring tool. Experience the power of Track Changes, Inline Image > Editing and ensure content is compliant with Accessibility Checking. > http://p.sf.net/sfu/ephox-dev2dev > _______________________________________________ > sqlmap-users mailing list > sqlmap-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sqlmap-users > -- Bernardo Damele A. G. E-mail / Jabber: bernardo.damele (at) gmail.com Mobile: +447788962949 (UK 07788962949) PGP Key ID: Unavailable ------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev _______________________________________________ sqlmap-users mailing list sqlmap-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sqlmap-users
