[sqlmap-users] --threads
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] --threads
|
From: Miroslav S. <mir...@gm...> - 2011-02-03 15:22:00
|
Hi all. I just wanted to drop a short message regarding "misuse" of --threads that I've noticed on lots of instances from various users. Well, best starting point should be the following error message: "HTTP 403.9 - Access Forbidden: Too many users are connected" --threads=20 --threads=40 and stuff like that doesn't make any sense. All of you who used it you've risked three things: A) lots of scanning noise B) potential DoS C) potential problems which result with message as the one from the beginning of this mail (leading to scanning results with lots of ????). Every site has it's bandwidth and using some crazy number for --threads won't help you much in lots of cases. It will just get worse. We've fixed an potential issue with --keep-alive and --threads (or -o) in the latest commit r3196, but still, to prevent misuse out of "i didn't know that this could cause any problems" number of threads is now limited to 10. But, if you know what you are doing and don't want this kind of restraining you can go to: lib/core/settings.py and there manually change the maximum number of threads given by line: MAX_NUMBER_OF_THREADS = 10 KR p.s. for plain old users who prefer -o switch it has been stabilized with r3196 -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com Alternate: miroslav.stampar (at) mail.ru PGP Key ID: 0xB5397B1B Location: Zagreb, Croatia |
