An attacker enters the string ‘John’ or ‘1=1’ on a web form that is connected to a back-end SQL server causing the server to display all records in the database table. Which type of SQL injection attack was used in this scenario?
- error-based SQL injection
- inferential SQL injection
- boolean SQL injection
- out-of-band SQL injection
Explanation: Since the string ‘1=1’ is always true, the search string serves as a Boolean value of TRUE, causing the database system to display all records.
Exam with this question: Ethical Hacker: Course Final Exam Answers
Please login or Register to submit your answer