Noam Rathaus

How about we add: ``` print("slice: #{slice}\r") ``` To the `truncated_query` function? Or similar? It will display the slices pulled from the SQLi (not decode them) make it immune to...

Referring to this code: ``` def truncated_query(query) result = [ ] offset = 1 loop do slice = run_sql(query.sub(/\^OFFSET\^/, offset.to_s)) offset += @truncation_length # should be same as @truncation_length for...

BTW: there seems to be duplicate code here, not sure why there isn't a base class that has `def` that are shared and overrides where necessary

Example of duplicate code: ``` def truncated_query(query) def test_vulnerable ``` Actually... seems like there aren't that much duplicate code

I don't see how `truncated_query` which is where the loop happens, knows anything about the progress, it knows of the `offset` but not of the maximum value of this `offset`

@h00die I looked more into this, there is no way to show progress - as we don't know the `amount out of a total` we have collected My only idea...

Works for me as well.. I am using default setup of metasploit on Debian 12

I booted a fresh Kali (a VDI image from their site) under VirtualBox and had no issue calling `use dos/http/slowloris` It loads and I can use it

It seems that if you add to the above function `rpc_info` a simple call for: `res['PAYLOAD'] = m.datastore['PAYLOAD']` To cause the `PAYLOAD` to show up in the `info` of the...

Maybe an option is to add to `lib/msf/core/exploit.rb`: ``` if info.key? 'DefaultOptions' print "DefaultOptions found in info\n" self.default_options = info['DefaultOptions'] end ``` Inside the `def initialize` - and then we...