当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0148946

漏洞标题:美图网某处设计不当可导致撞库用户(可查看用户地址手机号交易订单等)

相关厂商:美图秀秀

漏洞作者: 路人甲

提交时间:2015-10-23 17:39

修复时间:2015-12-07 17:52

公开时间:2015-12-07 17:52

漏洞类型:设计缺陷/逻辑错误

危害等级:低

自评Rank:3

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-10-23: 细节已通知厂商并且等待厂商处理中
2015-10-23: 厂商已经确认,细节仅向厂商公开
2015-11-02: 细节向核心白帽子及相关领域专家公开
2015-11-12: 细节向普通白帽子公开
2015-11-22: 细节向实习白帽子公开
2015-12-07: 细节向公众公开

简要描述:

美图网某处设计不当可导致撞库用户(可查看用户地址手机号交易订单等)

详细说明:

http://login.meitu.com/这个好像就是主站的登录位置哦,发现没有登录限制,然后抓包用户名和密码都是明文传输的

1.png


2.png


然后测试撞库用户,这里直接给出部分成功帐号证明:
[email protected] long359620 374
[email protected] 5312900 374
[email protected] xialiu 374
[email protected] 871124 374
[email protected] 7788250 374
[email protected] 8223358520 374
[email protected] wwwwww 374
[email protected] 11998866 374
[email protected] tony1219 374
[email protected] 15991251438 374
[email protected] 3183545 374
[email protected] hahahaha 374
[email protected] 445811257 374
[email protected] 553862222 374
[email protected] 19820909 374
[email protected] 54088d11 374
[email protected] 521124 374
[email protected] cc890923 374
[email protected] fanfan1986 374
[email protected] 123456 374
[email protected] ivan1987 374
[email protected] 80994547 374
[email protected] zhouyuan 374
[email protected] 7127759 374
[email protected] 139603399 374
[email protected] 13282873856 374
[email protected] benjiaming 374
[email protected] 543541998 374
[email protected] 491712201 374
[email protected] 53837370 374
[email protected] 7440017 374
[email protected] fhqswcdx 374
[email protected] 6171679 374
[email protected] 30122248 374
[email protected] 21110011 374
[email protected] wwdk584520 374
[email protected] 549517231 374
[email protected] 264059476 374
[email protected] 65723511 374
[email protected] fsq1988 374
[email protected] 75342837 374
[email protected] 2494321 374
[email protected] 3612119 374
[email protected] 8103285 374
[email protected] 64776627 374
[email protected] SHADOW 374
[email protected] 5211314ws 374
[email protected] 129500bee 374
[email protected] 1987731 374
[email protected] 200432 374
[email protected] wxy891028 374
[email protected] wh16435287 374
[email protected] woshilvxin 374
[email protected] 198212 374
[email protected] lianyan 374
[email protected] wangjing 374
[email protected] 198649 374
[email protected] 19861115 374
[email protected] 131417 374
[email protected] 7121962 374
[email protected] 2930868 374
[email protected] jiaoxuan 374
[email protected] 3987219 374
[email protected] 364623042 374
[email protected] 9612355623 374
[email protected] 901211 374
[email protected] 12131212 374
[email protected] 276673267 374
[email protected] 104030 374
[email protected] zxcv123 374
[email protected] 330196436 374
[email protected] whynotbaby 374
[email protected] 22377201 374
[email protected] 3326419 374
[email protected] chao1209 374
[email protected] cl123456 374
[email protected] 23232323 374
[email protected] 211314 374
[email protected] 123321 374
[email protected] 121517199 374
[email protected] shyshy 374
[email protected] 19950607 374
[email protected] 881017 374
[email protected] 1234560 374
[email protected] 19890205 374
[email protected] 65206838 374
[email protected] 1091090202 374
[email protected] zxj198378 374
[email protected] 3316588 374
[email protected] 6719903 374
[email protected] 19910513 374
[email protected] 210614 374
[email protected] yefei19891117 374
[email protected] 9992385260 374
[email protected] 75525705 374
[email protected] 118926 374
[email protected] 258258 374
[email protected] woaiwojia77 374
[email protected] 87513214 374
[email protected] 900915 374
[email protected] fsy379999 374
[email protected] 1029384756 374
[email protected] 2125843789 374
[email protected] 456421 374
[email protected] 861020 374
[email protected] 233633 374
[email protected] 19910821 374
[email protected] 8992408 374
[email protected] 123456 374
[email protected] qw8125733 374
[email protected] a12345 374
[email protected] 13812513872 374
[email protected] 870519 374
[email protected] 411829537 374
[email protected] 7758521 374
[email protected] 13530387765 374
[email protected] 101419 374
[email protected] 7758521 374
[email protected] 3514926945 374
[email protected] 758521 374
[email protected] 198589 374
[email protected] haoya860206 374
[email protected] 19930921 375
[email protected] weiqingy 375
[email protected] 65660250520 375
[email protected] 1989922 415
[email protected] a123456 903
[email protected] asahina 905
主站登录证明(有的可能是没绑定手机号的原因登录之后就会让绑定手机号,但是可以证明成功撞库,因为如果用户名和密码错误的话就会提示帐号或密码错误,如果正确的话没有绑定的就会让绑定,绑定了的就会进去了):

3.png


5.png


6.png

漏洞证明:

3.png


5.png


6.png

修复方案:

加密

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:低

漏洞Rank:5

确认时间:2015-10-23 17:50

厂商回复:

感谢白帽子的提醒!

最新状态:

暂无