乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-17: 细节已通知厂商并且等待厂商处理中 2015-01-18: 厂商已经确认,细节仅向厂商公开 2015-01-28: 细节向核心白帽子及相关领域专家公开 2015-02-07: 细节向普通白帽子公开 2015-02-17: 细节向实习白帽子公开 2015-03-03: 细节向公众公开
每个账号登陆的阀值20分钟可登录5次,验证码可识别,手机客户端无验证码
手机客户端无验证码https://kyfw.12306.cn/otn/login/init
POST /otn/login/loginAysnSuggest HTTP/1.1Host: kyfw.12306.cnContent-Length: 152Accept: */*Origin: https://kyfw.12306.cnX-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.99 Safari/537.36Content-Type: application/x-www-form-urlencoded; charset=UTF-8Referer: https://kyfw.12306.cn/otn/login/initAccept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8,en;q=0.6,zh-TW;q=0.4Cookie: JSESSIONID=91FA1614F112D5178E44705FDF85E4D1; BIGipServerotn=1725497610.24610.0000; current_captcha_type=CConnection: Keep-AliveloginUserDTO.user_name=10000%40qq.com&userDTO.password=123456&randCode=wh6e&randCode_validate=&MTQwOTA5=ZGY5Y2ZjYjEyMjI2MWJiMg%3D%3D&myversion=undefined
手机客户端无需验证码,密码在提交的时候,md5加密即可,阀值20分钟
POST /otsmobile/apps/services/api/MobileTicket/android/query HTTP/1.1Host: mobile.12306.cnContent-Length: 591Origin: file://Accept-Language: zh_CNAuthorization: {"morCustomRealm":"aDHgAUw92AQQCYjZyEX5TcAVgAncDZmQCAAUAewNzcgEoYAxMQjJrAEBBRWEWNX9AHnULd1w9cykTXj8xRxxxIlsxFUVPQmAfN0IlOi0iRRE7azdSPjVIIjVEGjIQNz46FVw8ZxZERQMeVSZoMF5nFU12Hk4xQ2ocGU4zYiJObDR3NSZPQCJJZEBtG2JBS3AyaF5EQgVGIU1IZ0VWBXdgTn1tCV89ajxgQDM5XyQ0PmVkVjRyBlc5Nm9oJEMSZnh2dkYcSjplfkd+NBx/GGhAWjFoFmEUZVNHLDFGKz5iaGtrYSVsEGZvdg=="}X-Requested-With: XMLHttpRequestx-wl-app-version: 2.0x-wl-platform-version: 6.0.0WL-Instance-Id: u76dbkg7kq364qrpfrp2oflm3fContent-type: application/x-www-form-urlencoded; charset=UTF-8Accept: text/javascript, text/html, application/xml, text/xml, */*User-Agent: Mozilla/5.0 (Linux; U; Android 4.2.2; zh-cn; GT-N7100 Build/JDQ39; CyanogenMod-0.9.9.7) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30/Worklight/6.0.0Accept-Encoding: gzip,deflateAccept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7Cookie: BIGipServerworklight=3705078026.16420.0000; AlteonP=0a02eb040a02ebc5284cfdfd2378; JSESSIONID=0000D6oVUcQ2f3Uw70wtfc73C9v:196iqvou7; BIGipServernginxformobile=32178698.50215.0000Connection: Keep-Aliveadapter=CARSMobileServiceAdapterV2&procedure=login&compressResponse=true¶meters=[{"baseDTO.os_type":"a","baseDTO.device_no":"53469c87548547e","baseDTO.mobile_no":"123444","baseDTO.time_str":"20150117212733","baseDTO.check_code":"170294cbd0ab3398d8ed39217170c9ad","baseDTO.version_no":"1.1","baseDTO.user_name":"[email protected]","password":"327bc4e22b649d47c4546a3ec93f376b"}]&__wl_deviceCtxVersion=-1&__wl_deviceCtxSession=30549131421501159027&isAjaxRequest=true&x=0.8806376396678388
识别
http://www.80vul.com/yzm/v.php?url=http://wimg.zone.ci/upload/201501/1720224632ac157f9dd635bd901105790c35853f.jpg
# 识别平台1
# 识别平台2
登录接口的验证码可以加强,真的
危害等级:中
漏洞Rank:5
确认时间:2015-01-18 01:30
可被绕过和可被自动识别应该是两个意思。
暂无