Re: [sqlmap-users] "Bit-Banging" (Speeding up time-based blind SQL injections)

[Miroslav S. <mir...@gm...>]

Hi Ryan.

Only differences between what sqlmap uses and this are:
A) they call it bit banging, we call bit inferencing through bisection
B) they use boolean AND we use arithmetic greater than

Both algorithms have Log2n complexity, so there is no breakthrough here

Kind regards,
Miroslav Stampar
On Jan 23, 2012 8:58 PM, "Ryan Sears" <rd...@mt...> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Hi all,
>
> Long time no talk, I just came across this:
> http://console-cowboys.blogspot.com/2012/01/bit-banging-your-database.html
>
> Which looks quite promising, basically it uses the binary representation
> and some boolean calculations to determine the length of fields and
> other information as opposed to doing it character by character. It
> basically narrows everything down to about 8 requests to find the length
> of the data.
>
> I'm not sure if SQLMap uses a technique similar, but it may be worth
> looking into, as it could drastically lower the time it takes to mine
> out info from time-based blind injection!
>
> The sample code can be found here:
> http://consolecowboys.org/scripts/vm_own.py
>
> Thanks!
> Ryan
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> iF4EAREIAAYFAk8du7UACgkQt/95fIeU+XaLCAD/VCNgKVG1BqZO97VF+aSKKrQo
> kzbcmxJOKTgLJkl6rWMA/jH7Ax5z5zrjvDxJuw6aaJLh6Yubj+2Ee8mzZ9WiFdGC
> =6ngJ
> -----END PGP SIGNATURE-----
>
>
> ------------------------------------------------------------------------------
> Try before you buy = See our experts in action!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-dev2
> _______________________________________________
> sqlmap-users mailing list
> sql...@li...
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>