##########################
# Exploit Title: High Level SQL Injection
# Google Dork: intext:"طراحی و تولید: " ایران سامانه " " intitle:آرشیو
# Date: 2017-04-06
# Author: Mr.0&1 ( IR Independent Hacker )
# Software : None
# Version: all
# CVE : -
##########################
Description:
-----------------
Proof of concept :
The developers of those websites and their team must've forgotten to check out the security level of each code !
As I just mentioned earlier , this type of attack is sorta High and the whole database can be dumped just by using some bypass methods . Here I provided some websites which are all vulnerable to SQL Injection . youcan dump the whole database of each website easily and if truth be known , username and password can be shown less than a second ... ( Hashes might be in SHA1 format ) so check that out ..
----------------------------------------
Demo :
http://hadiesazan.ir/?category=14'
http://hadiesazan.ir/product_view.php?product_id=-7'
http://farsbtc.ir/language_news.php?news_id=3'
----------------------------------------
***************************************************************
Mr.0&1 IR Independent Hacker & security Researcher )
Wanna chit-chat ? o.O
# My Telegram :
https://t.me/GodBlessTheUnitedStatesOfAmerica
09367242182
****************************************************************