Re: [sqlmap-users] DNS queries for every test?
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] DNS queries for every test?
|
From: Miroslav S. <mir...@gm...> - 2011-04-07 21:40:21
|
hi there again. find the DNS caching mechanism implemented with the latest commit r3582 (big thanks goes to Andres Riancho for suggesting a way to do it). kr On Thu, Apr 7, 2011 at 10:51 PM, Miroslav Stampar <mir...@gm...> wrote: > On Thu, Apr 7, 2011 at 10:36 PM, Ryan Sears <rd...@mt...> wrote: >> Hi there, >> >> First of all I have to say that I think this is one of, if not THE favorite penetration testing tool in my collection. It saves a ridiculous amount of time, and is remarkably stable. Great job, and I hope you keep up the amazing work! > > :) > >> >> It seems as though sqlmap (latest SVN revision) doesn't cache DNS information though, causing a fraction of latency on every request. Is anyone else noticing this? I may just have a mis-configuration somewhere, but I've scoured around the config files and documentation and can't seem to find anything about it. Even when I put the hostname in the /etc/hosts file to try to bypass this latency, it still makes the query. Is there any way to stop it from doing this? Obviously it's not that big a deal, but when you're making 1,000 requests to a web-app, hitting the DNS server first every time does put on significant overhead for something that could be cached after the first query. >> >> I'm not sure if this is something that python itself is doing, or something in the code that makes it happen (I'm guessing the former). Ideas? > > it's a python thing, but it would be a good idea to circumvent it > somehow. we'll do it (hopefully) and report back. > >> >> Also what do you guys think of possibly having the --dump option do something like --dump-all flag but with just a single database if you supply it with the -D argument? Just a thought (although maybe I'm missing something). > > good idea. we'll probably do it (after internal agreement). > >> >> Thanks! >> Ryan > > kr > >> >> ------------------------------------------------------------------------------ >> Xperia(TM) PLAY >> It's a major breakthrough. An authentic gaming >> smartphone on the nation's most reliable network. >> And it wants your games. >> http://p.sf.net/sfu/verizon-sfdev >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > > > -- > Miroslav Stampar > > E-mail: miroslav.stampar (at) gmail.com > PGP Key ID: 0xB5397B1B > -- Miroslav Stampar E-mail: miroslav.stampar (at) gmail.com PGP Key ID: 0xB5397B1B |
