Hello everyone
I thought of 2 small modifications to the source:
1) If the selected query came out only one record in this case:
*[12:16:30] [INFO] the SQL query provided has more than one field. sqlmap
will now unpack it into distinct queries to be able to retrieve the output
even if we are going blind[12:16:30] [INFO] retrieved: 1the SQL query
provided can return 1 entries. How many entries do you want to retrieve?[a]
All (default)[#] Specific number[q] Quit*
is superfluous to the choices
2) Especially in cases of brute force attacks as "based blind" would be
appropriate for speedy extraction follow the following rules:
- In the case of an account after the '@' if the letter after is a 'l' try
with the next 'ocalhost'.
- In the case of an email after an '@' and 'h' try with the next 'otmail.',
Or '@ g' try 'mail.com', all this to gain time and not slaughter the server
requests . (you should have a file with the main domains so that the program
verification).
- If a field is a hash (and that you might as noticing only after 1 or 2
extractions of the field), you can restrict only the hexadecimal digits
I hope I was helpful
Best regards
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users