What is Blind SQL Injection?

Question

Accepted Answer

Blind SQL Injection is a type of SQL Injection attack where the attacker does not receive any output from the application.

The attacker sends SQL queries to the application and observes the behavior of the application to determine if the query was successful or not.
Blind SQL Injection can be time-based or boolean-based.
Time-based Blind SQL Injection involves sending a query that will cause a delay in the application's response if successful.
Boolean-based Blind SQL Injection involves sending a query that will result in a true or false response from the application if successful.
Blind SQL Injection can be prevented by using parameterized queries and input validation.

Accepted Answer

The error for the wrong inputs submitted by the user are not displayed.

Can be of 2 types Boolean and Time based

Interview Questions from Popular Companies