SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web application.

SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may bypass authentication and allow attackers to access and/or modify data attached to a web application.

Which of the following SQLi types leverages a database server’s ability to make DNS requests to pass data to an attacker?

• In-band SQLi
• Union-based SQLi
• Out-of-band SQLi
• Time-based blind SQLi