# Exploit Title: Kurdistan Region Statistics Office RCE Vulnerable (Telerik)
# Date: 2021-04-09
# Exploit Author: Xale
# Tested on: Windows 10

----------------------------------------

"""
Site : http://krso.gov.krd/ - http://krso.net/
Vulnerable URL : http://krso.gov.krd/Telerik.Web.UI.WebResource.axd?type=rau - http://krso.net/Telerik.Web.UI.WebResource.axd?type=rau
Exploit : https://github.com/noperator/CVE-2019-18935 | https://labs.bishopfox.com/tech-blog/cve-2019-18935-remote-code-execution-in-telerik-ui

"""

---------------------------------------