# sqli blind
Blind SQL injection occurs when the application does not display error messages, making it challenging to directly extract data. In such cases, a technique called "blind" exploitation is used, where an attacker sends crafted queries to the application and observes its behavior to infer information about the underlying database.
To successfully log in once again, we will need an overall `true` query. This can be achieved by injecting an `OR` condition into the password field, so it will always return `true`. Let us try `something' or '1'='1` as the password.
The additional `OR` condition resulted in a `true` query overall, as the `WHERE` clause returns everything in the table, and the user present in the first row is logged in. In this case, as both conditions will return `true`, we do not have to provide a test username and password and can directly start with the `'` injection and log in with just `' or '1' = '1`.
This works since the query evaluate to `true` irrespective of the username or password.
subverting query logic
{% embed url="" %}
{% embed url="" %}
\
time based
