Comments on: Blind SQL Haxoring http://dcortesi.com/2005/09/03/blind-sql-haxoring/ Coding, Security, and maybe a little bit about Damon Cortesi Thu, 20 Nov 2008 11:47:23 +0000 http://wordpress.org/?v=2.6.2 By: Damon http://dcortesi.com/2005/09/03/blind-sql-haxoring/#comment-2482 Damon Tue, 06 Sep 2005 23:32:19 +0000 http://dcortesi.com/2005/09/03/blind-sql-haxoring/#comment-2482 I should clarify for the ID query process - there were 343 tables and Absinthe was actually going through two proxies as well as over HTTPS. Thus, there were several contributing factors that made that process slower than normal. I should clarify for the ID query process - there were 343 tables and Absinthe was actually going through two proxies as well as over HTTPS. Thus, there were several contributing factors that made that process slower than normal.

]]> By: nummish http://dcortesi.com/2005/09/03/blind-sql-haxoring/#comment-2481 nummish Tue, 06 Sep 2005 18:58:15 +0000 http://dcortesi.com/2005/09/03/blind-sql-haxoring/#comment-2481 To be honest, nobody has ever suggested that before, and it was probably overlooked when I first wrote it. They are sorted as it's pulled out, so it shouldn't be too big a deal to add to the next release. As for the 24 hours and still querying IDs.. how many tables were in that schema? That seems excessively long.. send me an email about it and I can try to figure out what might be going wrong. To be honest, nobody has ever suggested that before, and it was probably overlooked when I first wrote it. They are sorted as it’s pulled out, so it shouldn’t be too big a deal to add to the next release.

As for the 24 hours and still querying IDs.. how many tables were in that schema? That seems excessively long.. send me an email about it and I can try to figure out what might be going wrong.

]]>