What is blind
In some cases, an error message back using the masking method (for example @) shielding the error
is determined to be no longer matter according to the information given injection. Injection in this case, is the blind
according to the different forms of the blinds is divided based boolean (true or false based) and based time (time-based) two types.
Based boolean blinds main presenting symptoms
1. There is no error message
2. Whether the correct input, or the wrong input, display only two cases (we can think of is 0 or 1)
3. Under the correct input, input and 1 = 1 / and 1 = 2 based discovery.
based time blinds
If boolean-based blinds on the page can also see 0or1 echo the words of
then based on what time the blind can not see (whether you lose is consequently show the same kind of reply)
but there is one condition, that is, time, through a specific input, the background of the determination time to confirm injection.
We put the browser console opens, click on the network that one, reloading
and then construct payload: kobe 'and SLEEP (5) #
SLEEP This action will pause for five seconds in the implementation, we submit, found that the top three pages a point has been transferred
