乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-22: 细节已通知厂商并且等待厂商处理中 2015-10-23: 厂商已经确认,细节仅向厂商公开 2015-11-02: 细节向核心白帽子及相关领域专家公开 2015-11-12: 细节向普通白帽子公开 2015-11-22: 细节向实习白帽子公开 2015-12-07: 细节向公众公开
23333333333333
http://www.lvmama.com/lvyou/d-hongcun100477.html
主站正常登陆页面是做了限制,并且对频繁登陆的用户做了限制。但是,在这些地方却没有很好的限制恶意用户登录。(验证码重用、没有限制登录的频率)
GET /nsso/ajax/login.do?jsoncallback=jQuery17205270338193513453_1445430798671&mobileOrEMail=admin&password=123456&verifycode=8642&_=1445430850785 HTTP/1.1Host: login.lvmama.comProxy-Connection: keep-aliveAccept: */*User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36Referer: http://www.lvmama.com/lvyou/d-hongcun100477.htmlAccept-Encoding: gzip, deflate, sdchAccept-Language: zh-CN,zh;q=0.8Cookie: JSESSIONID=CCDA679176EFE4740D892DE833BB8B7B; lvsessionid=423a2c2b-2bca-47b0-98a7-3f4e4924ae58_18017271; uid=wKgKcFYnYfgFCi7EBrs9Ag==; cmTPSet=Y; CoreID6=17844795529714454215648&ci=90409730; _lvTrack_UUID=963A3870-BFF1-4869-AF3A-7D680E1303AA; oUC=017878065532; oUT=09210921; oIC=062835064447059324044151; oIT=0921092109210921; ticket=ST-3074-k007pfYw6ChmIn7dsEY6; cityName=%u5317%u4EAC; stationCode=BJ; stationId=13; stationPinyin=beijing; _lvTrack_sessionID=C879A2E2-5532-4B53-A7B0-0CC457FECE1D; __xsptplus443=443.2.1445425203.1445430790.31%231%7Cbaidu%7Czhuanqu%7Ccpt%7Clvmama%7C%23%23WKkjSfaw_FXpbhINgFke67KTqocGEJLA%23; __utma=30114658.905894039.1445421565.1445421565.1445425203.2; __utmb=30114658.99.9.1445429996675; __utmc=30114658; __utmz=30114658.1445425203.2.2.utmcsr=baidu|utmccn=cpt|utmcmd=zhuanqu|utmctr=lvmama; bfd_s=30114658.13344938.1445425204529; tmc=93.30114658.11965613.1445425204572.1445430790887.1445430804823; tma=30114658.79531041.1445421565456.1445421565456.1445421565456.1; tmd=95.30114658.79531041.1445421565456.; Hm_lvt_cb09ebb4692b521604e77f4bf0a61013=1445430657; Hm_lpvt_cb09ebb4692b521604e77f4bf0a61013=1445430807; bfd_g=b26decf4bbcd4bec0000629100026278562761fe; 90409730_clogin=v=1&l=1445425203&e=1445432617904
直接用常用的用户名配合弱口令测试一下,是可以登录的。
搜集工作人员的邮箱进行测试也可以。
[email protected]123456
如果配合某库碰撞出来的用户 里面的个人订单信息 和住址泄露 还是很危险的
危害等级:高
漏洞Rank:20
确认时间:2015-10-23 10:06
thx
暂无