~Exploit : Sarzamin Download - Open Redirect Vulnerability ~Vendor : www.sarzamindownload.com ~my Home : http://iranonymous.org ~Email : Blackwolf@post.com ~Exploit Author : Blackwolf_Iran ================ [ Description ] sarzamin download is One of the famous sites in Iran with high ranking (alexa) in this site you can find any kind of apps - programs and Games and Education about anything . an attacker may successfully launch a phishing scam and steal user credentials. ================ [ prof of concept ] www.sarzamindownload.com/go.php?link=http://attacker-url Unvalidated redirect and forward attacks can also be used to maliciously craft a URL that would pass the application’s access control check and then forward the attacker to privileged functions that they would normally not be able to access. ================ [ Frnds ] Mr.Khatar - hacker khan - ormazd - mamade khodemoon and bache haye Bala .