full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Deep Blind SQL Injecti

Re: [Full-disclosure] Deep Blind SQL Injection Whitepaper

From: Sir Mordred <sir.mordred.lists_at_nospam>
Date: Wed Aug 20 2008 - 10:30:18 GMT
To: "Ferruh Mavituna" <ferruh@mavituna.com>, Full Disclosure <full-disclosure@lists.grok.org.uk>


Great (and simple) idea!

Further optimization of the side-channel transfer rate could be possible (depending on the victim response times and other factors), so limiting it to 4 bits per query is unnecessary.

Details: http://www.logris.org/security/deep-blind-sql-injection

Cheers,
Mordred



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/