Boolean-based SQL injection is a technique that relies on sending an SQL query to the database based on which the technique forces the application to return different results.
The result allows an attacker to judge whether the payload used returns true or false. Even though no data from the database are recovered, the results give the attacker valuable information.
Depending on the boolean result (TRUE or FALSE), the content within the HTTP response will change, or remain the same.
Also, it is a slow attack; this will help the attacker to enumerate the database.
A vulnerable data access layer of an application can build an SQL query as shown below from the above URL request.
If an application is vulnerable to SQL injection, it will not return anything, and the attacker will next inject a query with a true condition (1=1). If the content of the page is different than the page that returned during false condition, then the attacker can infer that SQL injection is working. Now the attacker can verify it he all set to use other SQL Injection methods.