During a web application assessment, you find that the value of the id parameter in the URL is inserted directly into a MySQL query as a numeric literal. Any single quotes you supply are stripped, and the application displays only generic error pages. You want to verify the vulnerability using a time-based technique that will not disclose data but will produce a measurable delay if the payload is executed. Which of the following inputs is the most suitable choice for confirming blind SQL injection in this situation?
Because the back-end database is MySQL and the parameter is treated strictly as a number, the payload cannot rely on quotation marks. Appending 7 AND SLEEP(5)-- (the space after the double dash begins a valid MySQL comment) adds a Boolean expression that causes the SLEEP function to pause execution for five seconds. The expression ultimately evaluates to FALSE (7 AND 0), so it does not alter query results, but the observable delay confirms code execution. The other options rely on database-specific delay functions for Microsoft SQL Server, Oracle, or PostgreSQL and would have no effect on a MySQL database.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is blind SQL injection?
Open an interactive chat with Bash
Why is the SLEEP function used to confirm SQL injection?
Open an interactive chat with Bash
Why don't the other options work for this MySQL-based query?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Web Application Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .