当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0112472

漏洞标题: 世纪佳缘某接口撞库泄露用户登录凭据(有批量账号证明)

相关厂商:世纪佳缘

漏洞作者: 路人甲

提交时间:2015-05-07 10:44

修复时间:2015-05-12 10:46

公开时间:2015-05-12 10:46

漏洞类型:设计缺陷/逻辑错误

危害等级:高

自评Rank:18

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-05-07: 细节已通知厂商并且等待厂商处理中
2015-05-12: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

撞库扫号攻击已经是Top 10 Security Risks for 2014之一.撞库以大量的用户数据为基础,利用用户相同的注册习惯(相同的用户名和密码),尝试登陆其它的网站。2011年,互联网泄密事件引爆了整个信息安全界,导致传统的用户+密码认证的方式已无法满足现有安全需求。泄露数据包括:天涯:31,758,468条,CSDN:6,428,559条,微博:4,442,915条,人人网:4,445,047条,猫扑:2,644,726条,178:9,072,819条,嘟嘟牛:13,891,418条,7K7K:18,282,404条,共1.2亿条。不管你的网站密码保护的多好,但是面对已经泄露的账号密码,撞库扫号防御还是一个相当重要的环节。

详细说明:

主站登录接口没有防御撞库。对登录接口的调用没有进行限制。经过测试发现,使用某泄露数据库可以碰撞获得大量有效的登录账号。 登录接口抓包如下:

POST /dologin.php?host=www.jiayuan.com&new_header=1&channel=index HTTP/1.1
Host: passport.jiayuan.com
Connection: close
Content-Length: 71
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://www.jiayuan.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://www.jiayuan.com/
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: SESSION_HASH=98c2f6b415be09da362e41a503e51f1e58fe6e1f; REG_REF_URL=; user_access=1
RA-Ver: 2.10.0
RA-Sid: 7B9DD012-20150303-080129-82895f-fb68a9
AlexaToolbar-ALX_NS_PH: AlexaToolbar/alxg-3.3
channel=200&position=101&name=solitarykite@sohu%2ecom&password=24324346

漏洞证明:

经过测试发现,使用某泄露数据库可以碰撞获得大量有效的登录账号.
2W成功689

[email protected]	73366227
[email protected]	669805604
[email protected]	8081101381
[email protected]	6200192
[email protected]	86582417
[email protected]	19830828
[email protected]	2002195255
[email protected]	801801801
[email protected]	20151404
[email protected]	123456789
[email protected]	42842570
[email protected]	guo123456
[email protected]	85897159
[email protected]	20021580
[email protected]	88295972
[email protected]	0846289
[email protected]	19820915
[email protected]	19880818
[email protected]	19881101
[email protected]	19840514
[email protected]	jp19800219
[email protected]	qq8829241q
[email protected]	646890689
[email protected]	43925944
[email protected]	831128
[email protected]	01250220
[email protected]	84074525
[email protected]	19840220
[email protected]	freefree
[email protected]	44793355
[email protected]	sxlk070707
[email protected]	wjz44102108
[email protected]	19841022
[email protected]	wsq2868535
[email protected]	52199999
[email protected]	waggon831010
[email protected]	jsj061403143
[email protected]	19871223
[email protected]	woaisuqian
[email protected]	05040603
[email protected]	80713313
[email protected]	123456789
[email protected]	speediskwindows
[email protected]	19851207
[email protected]	kenfanx
[email protected]	199104187
[email protected]	82133994
[email protected]	87134686
[email protected]	66666635653235--
[email protected]	00000000
[email protected]	iloveyou
[email protected]	cheungwu
[email protected]	dc198078
[email protected]	317520510
[email protected]	677679
[email protected]	19741209
[email protected]	888888
[email protected]	111111
[email protected]	2006061421
[email protected]	15962192444
[email protected]	mingfreefly
[email protected]	111213lr
[email protected]	110119qq
[email protected]	cs510604
[email protected]	12261226
[email protected]	19811211
[email protected]	19850621
[email protected]	kkndkknd
[email protected]	555666677777
[email protected]	wj810516
[email protected]	88054280
[email protected]	zhouyaoyao
[email protected]	andygljg
[email protected]	wufeiyyz
[email protected]	lavender
[email protected]	loving
[email protected]	7653887
[email protected]	123456li
[email protected]	32255944
[email protected]	cy0921luck
[email protected]	845245001
[email protected]	xiongtao
[email protected]	13574832950
[email protected]	31514114
[email protected]	61568054
[email protected]	545102325
[email protected]	13555331537
[email protected]	swxswxswx
[email protected]	bustrain
[email protected]	config
[email protected]	15995882379
[email protected]	178007285
[email protected]	mynetpw15
[email protected]	julyflower
[email protected]	tianshi001
[email protected]	19861105
[email protected]	57805340
[email protected]	19750621
[email protected]	64065986
[email protected]	fighting2007
[email protected]	14414385
[email protected]	chenjing
[email protected]	19830528
[email protected]	303255723
[email protected]	jiajingwen1984
[email protected]	shaqarava
[email protected]	19861202
[email protected]	19860623
[email protected]	marseille
[email protected]	13161252188
[email protected]	12171217
[email protected]	05535913518
[email protected]	15963219840
[email protected]	kevinsmart
[email protected]	68552440213034
[email protected]	gq864200
[email protected]	830117
[email protected]	110120130
[email protected]	arsong
[email protected]	19851114
[email protected]	nieweinw
[email protected]	123456789
[email protected]	19830529
[email protected]	19840526
[email protected]	12344321
[email protected]	959001112
[email protected]	860125SHANDONG
[email protected]	longhorn
[email protected]	qingchengzhilian
[email protected]	502604123
[email protected]	114743256
[email protected]	51201234
[email protected]	thunderboy
[email protected]	1019936479
[email protected]	373851680
[email protected]	15152615
[email protected]	iamtoby
[email protected]	www562300
[email protected]	88200356
[email protected]	ramborambo
[email protected]	13420557873
[email protected]	44444447
[email protected]	781006
[email protected]	jack1983
[email protected]	lgmxxzhzh
[email protected]	12345678
[email protected]	22048682
[email protected]	zhanghan
[email protected]	2179892101
[email protected]	139528
[email protected]	380290023
[email protected]	80297112
[email protected]	226956454
[email protected]	roval880223
[email protected]	qiaolin911
[email protected]	hero1987hgk
[email protected]	xqbb9990
[email protected]	canni1314
[email protected]	cwlj12345
[email protected]	wn19900809
[email protected]	zxa7508318
[email protected]	ad19831130
[email protected]	zygy564335
[email protected]	rlt2880009
[email protected]	zls092233
[email protected]	lww20050108
[email protected]	dx198423
[email protected]	110120linliyun
[email protected]	shuaide007
[email protected]	lqugoym123
[email protected]	*#06yaqi
[email protected]	kamendeqing1984
[email protected]	power091
[email protected]	19840330
[email protected]	z1650232
[email protected]	hongyi137020
[email protected]	123123cba
[email protected]	luocan16816888
[email protected]	790523wn
[email protected]	1986lmn0401318
[email protected]	zwwczx060817
[email protected]	qin6567200
[email protected]	butja4803615
[email protected]	gao1989722
[email protected]	CHBwoaini74521
[email protected]	zb1988110
[email protected]	7758521sweet
[email protected]	19861004tanglin
[email protected]	amanita626387
[email protected]	800910ding
[email protected]	wangshuo
[email protected]	8c3r5f3p
[email protected]	plf929669
[email protected]	huang0016
[email protected]	tangbo918
[email protected]	cq3980745
[email protected]	qyanwen8786928
[email protected]	woaini5636327
[email protected]	19881015sun
[email protected]	gmcc12593
[email protected]	qq000000
[email protected]	zerro9999
[email protected]	seven521
[email protected]	aaa11111
[email protected]	19890206ja
[email protected]	li8431556
[email protected]	as6256948
[email protected]	lifang2113
[email protected]	xiaojie521
[email protected]	my7410709
[email protected]	zd791103
[email protected]	woshishui8
[email protected]	zhoushiyu1
[email protected]	y19779528
[email protected]	ying584116558
[email protected]	dark130320
[email protected]	burningma841128
[email protected]	redfox168
[email protected]	mxt583341
[email protected]	woshizhu888
[email protected]	msl19850404
[email protected]	bb18477095
[email protected]	zhangping123
[email protected]	wangyong0613
[email protected]	chen1234
[email protected]	lizhen19910717
[email protected]	1986164chen
[email protected]	AS123456
[email protected]	19880519rj
[email protected]	zrj19870130
[email protected]	ft824588
[email protected]	xjm2598282
[email protected]	dahai6565
[email protected]	heng1025
[email protected]	zn3358255
[email protected]	sandy1234
[email protected]	19831111nuan
[email protected]	tangkai3
[email protected]	kele0628
[email protected]	zqc890317
[email protected]	19870109zy
[email protected]	ucvef123
[email protected]	Password456
[email protected]	z19891110
[email protected]	pop1949101
[email protected]	cui9920311
[email protected]	ma2312251
[email protected]	cute1986415
[email protected]	tony5212129
[email protected]	travellerqu1982
[email protected]	820518qqq
[email protected]	CO8402589co
[email protected]	WQW198836
[email protected]	zzp19900919
[email protected]	zhl060909
[email protected]	shi123456
[email protected]	ocean1981
[email protected]	12131ymh
[email protected]	25071212
[email protected]	ksy374937
[email protected]	cx1982812


屏幕快照 2015-05-06 下午4.55.43.png


屏幕快照 2015-05-06 下午4.52.20.png


修复方案:

撞库防御参考资料:http://stayliv3.github.io/2015/04/15/%E6%92%9E%E5%BA%93%E6%94%BB%E5%87%BB%E9%98%B2%E5%BE%A1%E6%96%B9%E6%A1%88/

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-05-12 10:46

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无