Hi Andres, i just look inside: core/controllers/sql_tools/blind_sqli_response_diff.py. I don't know w3af code, but i've seen the following vectors: OR rndNum = rndNum AND rndNum = rndNum
Ok these looks good, but i think is not enough for blind sql injection. What about appending the comment string ( -- / # )? Another suggestion: i think it would be fine to move each fuzz vectors from .py source code (such as the above plugin for testing Blind SQL Injection) to a text file to let w3af user customize it. regards. On Sat, Nov 15, 2008 at 2:29 AM, Andres Riancho <[EMAIL PROTECTED]> wrote: > List, > > I just committed some changes to the SVN that add the detection of > blind SQL injections using time delays. For those who didn't know, the > detection was previously done by comparing true (1 OR 1=1) and false > (1 AND 1=2) pages. At this moment the delay technique works with > MSSQL, MYSQL and POSTGRES. I would be thankful if anyone can test the > blindSqli script with some of those databases to confirm that they > work as expected outside my lab, and that they don't generate false > positives over the Internet. > > The whole logic for the vulnerability detection is in > "core/controllers/sql_tools/blind_sqli_time_delay.py", but many other > files have been changed, so don't be afraid if you get a 30+ file > modification on your "svn up" to revision 2015. > > Also, if someone knows how to generate time delays in Oracle (I > need a generic thing that works with oracle 8 to 11) or some other > databases (DB2? Informix?) please send it to me! I've been googling > but nothing interesting came up ([0] is not interesting). > > All your feedback is welcome, happy testing! =) > > [0] http://pentestmonkey.net/blog/oracle-sql-injection-cheat-sheet/ > > Cheers, > -- > Andres Riancho > http://w3af.sourceforge.net/ > Web Application Attack and Audit Framework > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > W3af-develop mailing list > W3af-develop@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-develop > ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
