Exam 312-50v12 topic 1 question 275 discussion

Actual exam question from ECCouncil's 312-50v12

Question #: 275
Topic #: 1

This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or false response from the server. By observing the response, an attacker can extract sensitive information.

What type of attack is this?

A. Union SQL injection
B. Error-based SQL injection
C. Time-based SQL injection
D. Blind SQL injection

Show Suggested Answer

Suggested Answer: D 🗳️

by qtygbapjpesdayazko at Feb. 24, 2024, 12:59 p.m.

Comments

Submit Cancel

shaody

11 months ago

Selected Answer: D

No data is transmitted through the web application, and it is not possible for an attacker to retrieve the actual result of the injection; therefore, it is called blind SQL injection.

upvoted 1 times

...

LordXander

1 year, 3 months ago

Selected Answer: D

CEHv12 - 2225

upvoted 2 times

...

qwerty100

1 year, 4 months ago

Selected Answer: D

D. Blind SQL injection

upvoted 2 times

...

insaniunt

1 year, 4 months ago

Selected Answer: D

Blind SQL injection attacks, the attacker doesn't directly see the results of the injected SQL query but can infer information based on the application's response

upvoted 2 times

...