Also, please don't run with -o to see what sqlmap does, as I know that you
like to use that switch. -o turns on character prediction which
statistically predicts which could be the current character based on
previous responses. In those cases sqlmap compares to most likely chars at
the beginning while using binary search in case of miss.
Bye
On Nov 16, 2015 7:53 PM, "Miroslav Stampar" <miroslav.stam...@gmail.com>
wrote:
> Please run with -v 3 to see what sqlmap does. It doesn't iterate serially
> for all characters. It uses binary search. On average it requires cca. 5-6
> requests per char.
>
> Bye
> On Nov 16, 2015 7:28 PM, "Brandon Perry" <bperry.volat...@gmail.com>
> wrote:
>
>> The other night, I was performing a boolean-based attack. I realised that
>> iterating from a-zA-Z0-9 as bytes to compare on the SQL server could be
>> optimized, but only for Latin/English languages, so not sure how useful
>> this would be.
>>
>> During boolean-based blind attacks, would it be useful to use a character
>> frequency map as opposed to iterating over each potential char serially?
>>
>> For instance:
>>
>>
>> https://en.wikipedia.org/wiki/Letter_frequency#Relative_frequencies_of_letters_in_the_English_language
>>
>> Note that the top 5 letters in the English language are e, t, a, o, and
>> i. Statistically speaking, bruteforcing in the order of the character
>> frequency could greatly decrease the number of HTTP requests required to
>> determine a given character.
>>
>>
>> However, this might be too complex/out of scope for sqlmap. Was just a
>> thought I had. Thoughts?
>>
>> --
>> http://volatile-minds.blogspot.com -- blog
>> http://www.volatileminds.net -- website
>>
>>
>> ------------------------------------------------------------------------------
>> Presto, an open source distributed SQL query engine for big data,
>> initially
>> developed by Facebook, enables you to easily query your data on Hadoop in
>> a
>> more interactive manner. Teradata is also now providing full enterprise
>> support for Presto. Download a free open source copy now.
>> http://pubads.g.doubleclick.net/gampad/clk?id=250295911&iu=/4140
>> _______________________________________________
>> sqlmap-users mailing list
>> sqlmap-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>
>>
------------------------------------------------------------------------------
Presto, an open source distributed SQL query engine for big data, initially
developed by Facebook, enables you to easily query your data on Hadoop in a
more interactive manner. Teradata is also now providing full enterprise
support for Presto. Download a free open source copy now.
http://pubads.g.doubleclick.net/gampad/clk?id=250295911&iu=/4140
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
