Update for 08-03-22 14:15

tech/sqli.wiki

@@ -66,6 +66,29 @@ This would disable the password check, and return all rows to the application.
 Attacker can send another query after the intended query, allowing them to
 extract more information.
 
+== Inferential attack ==
+
+Inferential attacks occour when there is no actual transfer of data, but the
+attack is able to reconstruct the information by sending particular requests
+and observing the resulting behavior of the websites/database.
+
+=== Illegal or incorrect queries ===
+
+A reconsiance step for attackers. By intenionally creating errors, attacker is
+able to gather info from very verbose error pages
+
+=== Blind SQL injection ===
+
+Attacker infer the data present in a database system even when the system is
+secure enough to not show verbose error messages. The attacker asks server T/F
+questions. If the query is true, the site functions like normal.
+
+== Solutions ==
+
+* Defensive coding
+* Paramterized query insertion
+* Use Typesafe SQL DOM
+
 == Also see ==
 
 * [[sql]]