In a blind SQL injection attack, the attackers do not see the direct result of an injected SQL query. Instead, they need to try and infer it based on how the application might respond.