Hi seth.
You can force usage of non-time based techniques by:
--technique=BEU
That will skip time/stacked injection tests.
Kind regards,
Miroslav Stampar
On Wed, Apr 18, 2012 at 4:12 AM, seth <xd.s...@gmail.com> wrote:
> There is a website which has some sort of (bad) web application firewall
> that calls sleep() with a high value every time it detects an attack.
> When running sqlmap agaist this website, it stops the probes after
> finding a url that triggers this behavior.
> Is there any way to tell sqlmap to treat a timeout as 'not vulnerable to
> this technique'?
>
>
> ------------------------------------------------------------------------------
> Better than sec? Nothing is better than sec when it comes to
> monitoring Big Data applications. Try Boundary one-second
> resolution app monitoring today. Free.
> http://p.sf.net/sfu/Boundary-dev2dev
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users