sql injection – Can sqlmap be used to extract data if the attack is blind?

I’m solving this challenge/lab where SQLi is inside the cookie parameter. After solving it manually, I thought to check if it can extract data. I used sqlmap with --cookie=COOKIE* (Notice * that’s the marker to tell sqlmap about the injection point) and --level=2 (Level 2 means look for flaws in cookie parameters along with GET and POST para)

python3 sqlmap.py -u {URL} --cookie=COOKIE* --level=2

It detects the vulnerability. However, if I use --dbs it tells me the back-end DBMS is PostgreSQL and --dbs: command not found

--dbs is a valid option to look for database, I don’t understand why its not working.

My assumption is it’s because of one of the two reasons

  1. You can’t use sqlmap to extract data if the attack is blind or
  2. There is another option to extract data in the case of blind attack and you can’t use --dbs

Could someone point me to right direction, where am I going wrong?