Exploit Title :
------------------
Beheshti Univercity Of Iran HTTP Authentication over Unencrypted
Vulnerability


Exploit Author :
--------------------
4TT4CK3R


Tested on :
--------------
Windows , Kali linux


Date :
--------
2016/03/2


Risk :
--------
High


HomePage :
---------------
http://www.sbu.ac.ir


Resource :
-------------
/_catalogs/masterpage


Request :
------------
GET /_catalogs/masterpage


Description :
--------------
We discovered a resource requiring HTTP authentication.
This resource was available over HTTP.
If a user were to authenticate to this resource over HTTP,
the supplied credentials would be sent in cleatrtext and be vulnerable to
eavesdropping.
HTTPS will prevent unauthorized disclosure of HTTP authentication
credentials.