In this kind attack there is no actual transfer of data, but the attacker is able to reconstruct
the information by sending particular requests and observing the resulting behaviour of the website / database server.
- Illegal / logicall incorrect queries — This attack lets an attacker gather important information about the type and structure of the backend database of a web application, and is considered a preliminary, information gathering step for other attacks.
- Blind SQL injection — Allows attackers to infer the data present in a database system, even when the system is sufficiently secure to not display any erroneous information back to the attacker, by injecting statements which are true or false. False terminates the query and reveals internal structure.
Inference detection can be done during the design of the database, by altering the design of the database and changing access control regimes to eliminate
inference channels, or at query time, if an inference channel is found in a query, it is either denied or altered.
