Hi Jerome.
Could you explain how "regexp attacks" are different than blind-based
inference (in terms of "faster")?
Could you explain how "regexp attacks" could be used in time-based attacks
(in terms of "faster") in real life situations where network lags are
non-deterministic?
My 2-cents. That paper is known to me from the time it got out. Personally
I don't like it because here and there I need to explain what's wrong with
it. It's an example what "far fetched" means. Last couple of graphs are
doing a comparison between "normal" and "regex", while that what is called
"normal" is not used anywhere. What they are calling a "normal" is nothing
else than a sequential lookup for a character value. Anyone normal is
using at least some kind of O(Log2n) binary search in their tools/scripts.
In short, "regexp attack" is the same thing as any other binary search
method. We use in sqlmap an approach that is graphically described at [1].
Also, you are welcome to watch for all the payloads that are coming out
from sqlmap in `--technique=B` mode by using `-v 3`. Count them down per
each character and freely compare to their results.
Kind regards,
Miroslav Stampar
[1] Slide 35,
http://www.slideshare.net/stamparm/euro-python-2011miroslavstamparsqlmapsecuritydevelopmentinpython
On Wed, Sep 26, 2012 at 8:13 PM, Jerome Athias <athiasjer...@gmail.com>wrote:
> Hi,
>
> I am currently trying to add the support of the regexp technique (
> http://www.ihteam.net/papers/blind-sqli-regexp-attack.pdf ) for blind
> sqli.
> It is faster than Time-based blind SQL injection.
> I have some problems to define the correct queries and payloads in the
> xml files.
> Did someone already worked on it?
>
> Regards
> /JA
>
>
> ------------------------------------------------------------------------------
> How fast is your code?
> 3 out of 4 devs don\\\'t know how their code performs in production.
> Find out how slow your code is with AppDynamics Lite.
> http://ad.doubleclick.net/clk;262219672;13503038;z?
> http://info.appdynamics.com/FreeJavaPerformanceDownload.html
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://ad.doubleclick.net/clk;258768047;13503038;j?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
