The other night, I was performing a boolean-based attack. I realised that
iterating from a-zA-Z0-9 as bytes to compare on the SQL server could be
optimized, but only for Latin/English languages, so not sure how useful
this would be.
During boolean-based blind attacks, would it be useful to use a character
frequency map as opposed to iterating over each potential char serially?
For instance:
https://en.wikipedia.org/wiki/Letter_frequency#Relative_frequencies_of_letters_in_the_English_language
Note that the top 5 letters in the English language are e, t, a, o, and i.
Statistically speaking, bruteforcing in the order of the character
frequency could greatly decrease the number of HTTP requests required to
determine a given character.
However, this might be too complex/out of scope for sqlmap. Was just a
thought I had. Thoughts?
--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
------------------------------------------------------------------------------
Presto, an open source distributed SQL query engine for big data, initially
developed by Facebook, enables you to easily query your data on Hadoop in a
more interactive manner. Teradata is also now providing full enterprise
support for Presto. Download a free open source copy now.
http://pubads.g.doubleclick.net/gampad/clk?id=250295911&iu=/4140
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
