Sqli error regexps cut off
You might not agree this since is far from the idea of simplicity but i thought ill give it a try, why not. I thought how could we cut off the length of sqli regexps so this came into my mind, if we create another list of regexps but those much shorter, those will fire first, if match is found the second list of regexps (actual one) will be run against that specific result
as example let's take sqlite, those are the actual regexps:
"Warning.*sqlite_.* Warning.*SQLite3::
SQLite/JDBCDriver
SQLite.Exception
System.Data.SQLite.SQLiteException"
would become something like :
"Warning
SQLite
System"
per total, much shorter, much faster, less resources used to compare, what u think?xD
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 26 Sep, 2013 05:49 PM
Was thinking of the same thing. Though I don't have to maintain a shorter list, I can optimize it as is.
I can just pick a word from each regexp and then only match regexps whose word appears in the response body.
I had benchmarked something similar in the past but the results weren't beneficial enough to be worth the extra complexity, although I have a few new ideas which may increase performance.
Support Staff 2 Posted by Tasos Laskos on 26 Sep, 2013 06:07 PM
Just out of curiosity, how much of a difference does this make?
https://github.com/Arachni/arachni/commit/ce57be3cb34d9595488b1ecb9...
Support Staff 3 Posted by Tasos Laskos on 26 Sep, 2013 06:56 PM
Our idea didn't work...all things considered, it only shaved off a few miliseconds and made the code much more complex.
Tasos Laskos closed this discussion on 26 Sep, 2013 06:56 PM.
user021 re-opened this discussion on 26 Sep, 2013 07:37 PM
4 Posted by user021 on 26 Sep, 2013 07:37 PM
Yeah, doesn't seem any difference with that fix, but is not the same thing like i said above, right ? we could compress the regexps data down to idk....20% ? since there's alot of "Warning" and such and it won't make any sense not to be much faster.
Support Staff 5 Posted by Tasos Laskos on 26 Sep, 2013 07:56 PM
The regexp engine does a lot of those optimizations itself, it didn't matter much when I tried it.
6 Posted by user021 on 26 Sep, 2013 08:01 PM
Well then, idk, i guess worthed trying
user021 closed this discussion on 26 Sep, 2013 08:01 PM.
Tasos Laskos re-opened this discussion on 27 Sep, 2013 01:56 AM
Support Staff 7 Posted by Tasos Laskos on 27 Sep, 2013 01:56 AM
Nope, I was wrong, sorry about that, it's actually working quite nicely. :)
The difference becomes more apparent when analyzing large response bodies.
https://github.com/Arachni/arachni/commit/73bd3be2410509279416b9350...
You'll still see 100% CPU usage but analysis will be faster overall.
8 Posted by user021 on 27 Sep, 2013 10:06 AM
Oyes this feels much better, on average my CPU went down from 100%+ to ~50%, nice work : )
user021 closed this discussion on 27 Sep, 2013 10:07 AM.