Ah, that's great to know. I will have to look at this more deeply. Thanks
for the quick response.
On Mon, Nov 16, 2015 at 12:59 PM, Miroslav Stampar <
miroslav.stam...@gmail.com> wrote:
> Also, please don't run with -o to see what sqlmap does, as I know that you
> like to use that switch. -o turns on character prediction which
> statistically predicts which could be the current character based on
> previous responses. In those cases sqlmap compares to most likely chars at
> the beginning while using binary search in case of miss.
>
> Bye
> On Nov 16, 2015 7:53 PM, "Miroslav Stampar" <miroslav.stam...@gmail.com>
> wrote:
>
>> Please run with -v 3 to see what sqlmap does. It doesn't iterate serially
>> for all characters. It uses binary search. On average it requires cca. 5-6
>> requests per char.
>>
>> Bye
>> On Nov 16, 2015 7:28 PM, "Brandon Perry" <bperry.volat...@gmail.com>
>> wrote:
>>
>>> The other night, I was performing a boolean-based attack. I realised
>>> that iterating from a-zA-Z0-9 as bytes to compare on the SQL server could
>>> be optimized, but only for Latin/English languages, so not sure how useful
>>> this would be.
>>>
>>> During boolean-based blind attacks, would it be useful to use a
>>> character frequency map as opposed to iterating over each potential char
>>> serially?
>>>
>>> For instance:
>>>
>>>
>>> https://en.wikipedia.org/wiki/Letter_frequency#Relative_frequencies_of_letters_in_the_English_language
>>>
>>> Note that the top 5 letters in the English language are e, t, a, o, and
>>> i. Statistically speaking, bruteforcing in the order of the character
>>> frequency could greatly decrease the number of HTTP requests required to
>>> determine a given character.
>>>
>>>
>>> However, this might be too complex/out of scope for sqlmap. Was just a
>>> thought I had. Thoughts?
>>>
>>> --
>>> http://volatile-minds.blogspot.com -- blog
>>> http://www.volatileminds.net -- website
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Presto, an open source distributed SQL query engine for big data,
>>> initially
>>> developed by Facebook, enables you to easily query your data on Hadoop
>>> in a
>>> more interactive manner. Teradata is also now providing full enterprise
>>> support for Presto. Download a free open source copy now.
>>> http://pubads.g.doubleclick.net/gampad/clk?id=250295911&iu=/4140
>>> _______________________________________________
>>> sqlmap-users mailing list
>>> sqlmap-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>>>
>>>
--
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website
------------------------------------------------------------------------------
Presto, an open source distributed SQL query engine for big data, initially
developed by Facebook, enables you to easily query your data on Hadoop in a
more interactive manner. Teradata is also now providing full enterprise
support for Presto. Download a free open source copy now.
http://pubads.g.doubleclick.net/gampad/clk?id=250295911&iu=/4140
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
