During a black-box assessment of an online store, every attempt to trigger verbose database errors fails. However, when you append "AND 1=1" to a product ID, the page returns the full item list, whereas "AND 1=2" causes the list to disappear. No noticeable delay or out-of-band interaction occurs. Which specific type of SQL injection does this observation most strongly suggest?
Because the application never reveals database error messages and does not noticeably slow down, the tester cannot rely on error-based or time-based techniques. Instead, the different application behavior that depends solely on the truth value of the injected Boolean condition (1=1 versus 1=2) indicates a Boolean-based blind SQL injection. Union-based attacks require the application to reflect query results, which is not happening here. Time-based blind attacks rely on measurable delays, and out-of-band attacks require external channels such as DNS or HTTP callbacks-neither of which are observed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does Boolean-based blind SQL injection work?
Open an interactive chat with Bash
Why do time-based and error-based SQL injection techniques not apply in this case?
Open an interactive chat with Bash
What differentiates union-based SQL injection from Boolean-based blind SQL injection?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Web Application Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .