Hi.
This and similar techniques are of no practical value in real life.
"Network latency" as the author has mentioned is something undeterministic
and in real life you can't just use some fixed predetermined calculated
value for it.
In real life either something is delayed or is not delayed. "Indexing" or
similar time-based techniques that are brought to life once in a month can
be implemented and tested on local, or some non-distant remote computer,
but anything than that is pure science fiction.
I'll repeat, network latency can't be calculated, it's undeterministic and
because of those hard facts the optimal and only real-life scenario for
time-based payloads is: A) something is delayed or B) something is not
delayed (<- this is also a very problematic to "distinguish", so everything
than that, I'll repeat, is pure SciFi)
Kind regards,
Miroslav Stampar
On Sat, Dec 3, 2011 at 6:40 PM, Adi Mutu <adi_mut...@yahoo.com> wrote:
> Hi guys,
>
> I haven't watched very closely sqlmap lately, but i wanted to show you
> this technique:
> http://seclists.org/fulldisclosure/2011/Dec/71
>
> What do you think? I don't think it's already in sqlmap, is it?
>
> Cheers,
> A.
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
