Now, we have looked into error-based techniques, let's focus SQLMap usage on the Boolean blind technique and time-based techniques.

The major problem that we face when performing blind and time-based exploitations is the fact that there is no verbose database error, and if the query result is successful (true) then the appropriate result is displayed on the page, or a blank area is displayed in the case that the result is false.

Regardless of this, the process of extracting the data remains similar to the one I explained earlier, and there are various optimization facilities in SQLMap which we will utilize here.

The scenario will be a classic blind/time-based injection with no error to facilitate ...