Question

Which of the following attack type confirms the vulnerability by revealing database-specific exceptions or error messages to the end-user or attacker?

a)Time Based SQL Injection
b)Error Based SQL Injection
c)Blind SQL Injection
d)No SQL Injection

Answer 1

Error Based SQL Injection confirms vulnerability by revealing database-specific exceptions or error messages to the end-user or attacker.

Step-by-step explanation:

The attack type that confirms vulnerability by revealing database-specific exceptions or error messages to the end-user or attacker is Error Based SQL Injection.

In this type of attack, an attacker manipulates user input to generate SQL errors or exceptions which can then be displayed to gain information about the database structure.

For example, an attacker could input a malicious SQL statement that intentionally triggers an error, revealing sensitive information such as table names or column types.