[sqlmap-users] DNS queries for every test?
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] DNS queries for every test?
|
From: Ryan S. <rd...@mt...> - 2011-04-07 20:36:50
|
Hi there, First of all I have to say that I think this is one of, if not THE favorite penetration testing tool in my collection. It saves a ridiculous amount of time, and is remarkably stable. Great job, and I hope you keep up the amazing work! It seems as though sqlmap (latest SVN revision) doesn't cache DNS information though, causing a fraction of latency on every request. Is anyone else noticing this? I may just have a mis-configuration somewhere, but I've scoured around the config files and documentation and can't seem to find anything about it. Even when I put the hostname in the /etc/hosts file to try to bypass this latency, it still makes the query. Is there any way to stop it from doing this? Obviously it's not that big a deal, but when you're making 1,000 requests to a web-app, hitting the DNS server first every time does put on significant overhead for something that could be cached after the first query. I'm not sure if this is something that python itself is doing, or something in the code that makes it happen (I'm guessing the former). Ideas? Also what do you guys think of possibly having the --dump option do something like --dump-all flag but with just a single database if you supply it with the -D argument? Just a thought (although maybe I'm missing something). Thanks! Ryan |
