312-50V13 Question #524: Real Exam Question with Answer & Explanation

Question

While performing a security audit of a web application, an ethical hacker discovers a potential vulnerability. The application responds to logically incorrect queries with detailed error messages that divulge the underlying database's structure. The ethical hacker decides to exploit this vulnerability further. Which type of SQL Injection attack is the ethical hacker likely to use?

Options

• AUNION SQL Injection
• BBlind/inferential SQL Injection
• CIn-band SQL Injection
• DError-based SOL Injection

Explanation

Error-Based SQL Injection Explained

Option D is correct because error-based SQL injection deliberately crafts malformed or logically incorrect queries to trigger verbose database error messages, which inadvertently reveal sensitive information about the database structure (table names, column names, data types) - exactly what the scenario describes.

Why the distractors are wrong:

• Option A (UNION SQL Injection) uses the UNION operator to append additional SELECT queries to retrieve data directly, and does not rely on error messages
• Option B (Blind/Inferential SQL Injection) is used when the application gives no visible error messages, forcing the attacker to infer database structure through true/false responses or time delays
• Option C (In-band SQL Injection) is actually a category (umbrella term) that includes both UNION-based and error-based attacks - making it too broad to be the specific answer here

Memory Tip: Think "Error = Errors tell secrets" - if the application is spilling the beans through error messages, that's Error-Based. If the app is silent, think Blind. The key trigger word in the question is "detailed error messages" - that maps directly to Error-Based SQL Injection.

No community discussion yet for this question.