当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0131974

漏洞标题:酷我音乐某接口设计不当可撞库

相关厂商:酷我音乐

漏洞作者: 路人甲

提交时间:2015-08-06 10:24

修复时间:2015-09-20 10:28

公开时间:2015-09-20 10:28

漏洞类型:设计缺陷/逻辑错误

危害等级:低

自评Rank:5

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-06: 细节已通知厂商并且等待厂商处理中
2015-08-06: 厂商已经确认,细节仅向厂商公开
2015-08-16: 细节向核心白帽子及相关领域专家公开
2015-08-26: 细节向普通白帽子公开
2015-09-05: 细节向实习白帽子公开
2015-09-20: 细节向公众公开

简要描述:

酷我音乐某接口涉及不当可撞库

详细说明:

http://www.kuwo.cn/US/login.htm
这个接口是酷我空间那里的一个登陆接口,可以看到是有验证码限制的,本来以为在主站目录下应该验证码做的很好,结果发现验证码输入正确一次以后一直正确,直接可以绕过的那种

1.png


然后验证码问题解决后再抓包看一下,发现用户名和密码都是明文传输的

2.png


撞库一下看看,看一下回显证明撞库成功

3.png


4.png


大量账号证明:

xsgl	618823023	1776
zpf856	8625827	1776
iyay	123456	1777
wx5538	wxhs520	1777
chivin	2359214	1777
adsf	123456	1777
cziq	123456	1778
yeyuer	1987120	1778
lgjj	lgjj0308	1778
jyjzqz	3124058	1778
guji21	262524	1778
y2kk	liang1813	1778
SDFDG	123456	1778
fancia	qiqi77521	1778
openzs	123456	1778
fhisd	71258691	1778
asllg	Bin880930	1779
fyswt	1989320	1779
roque	123456	1779
z2hero	142857	1779
fly306insky3	kw316497	1779
dwad	123456	1779
wx5538	wxhs520	1779
musicmh	511323	1779
epie	1qaz2wsx	1779
kyonnd	5234182649	1779
swwol	2080255	1779
dage1973	87794941	1779
nbzxc	63918644	1779
wilds	101010	1779
axjlf	aaaaaa	1779
fdkkx	19841216	1779
lhmj666	xiaoqing	1779
zod1221	8530157	1779
ssxjl	19880325	1779
ftpc	atgqlzj	1779
sogel	xingmeng	1779
gsjxg	123456a	1779
a3220cs	2373868	1780
kofcs	30122248	1780
zhxccc	zhxvvv	1780
v21xjn	8433389	1780
honor521	honorren521	1780
js34	2250866	1780
zwg115	7788414	1780
lxmwww	lxmlxm	1780
lzf0	lzf0lzfo	1780
yf83528	yf19830708	1780
benief	335812999	1780
rxw824	rxw710824	1780
zgame	46144800	1780
tarkey	SHMILY	1780
ztchhh	ztc1976	1780
vilanno	angeler	1780
panyunhe	64067517	1780
cwisme	cwisme	1780
sy1119	19851119	1780
lyssb	123456	1780
zm2355	111111	1780
aiutef	5290430	1780
wwbkk	871170	1780
jzhone	lx199012	1780
harlen	melody	1780
hbsfkj	klaumqvtf	1780
liulj06	lz870913	1780
dxw35	98224825	1780
xfy143	19850223	1780
imkf	820611	1780
cayxz	asdasd	1780
vip3668	ztj1234	1780
wh7353	8318937	1781
tqying	tqying	1781
lucass	13019112423	1781
wlc8245	88297613	1781
lionfoo	19840716	1781
kaysmile	8608702	1781
cxbszsd	617815	1781
topheno	19890809	1781
vv168	csn740	1781
bt2043	wxhzjj	1781
lxhuiok	lxhuiok	1781
ctuli	8870530	1781
haibo72	1294468	1781
basinsz	929623	1781
52013	52013	1781
fdiskbao	tiankong	1781
zc358	zc3588	1781
lyhf2001	1983515	1781
stdays	yangtianqi	1781
zsp6126	48776126	1781
yslwpl	5499180	1781
hxmlyl	deyddeyd	1781
iayb	jianhu	1781
zzt2003	bnmmnb2003	1781
wg8211	57836157	1781
lojken	635425	1781
x86516	shijia	1781
wucf101	6227008	1781
rozar	a7dc03w6	1781
ttlxxj	19830918	1781
longnog	2667539	1781
ltyashl	13478134615	1781
jy0tzj	87787377	1781
jeffow	456123	1781
xinyi067	liuqin	1781
zjglrf	lrf265282	1781
ljm104	123456	1781
jingygr	jingygr	1781
ync127	711128	1781
dou454	86530787	1781
zzzno11	115121	1781
cscwq	chinaren	1781
sbpyud	6102171	1781
wdtxwsls	zhanquan	1781
123456q	123456	1781
cupid80s	77648533	1781
gzzhc5	36201808	1781
kaozhj	111111	1781
ksfpjx	qinghai	1781
irenechou	13967550836	1781
simon63	111111	1781
anjingtao	840310	1781
aaapop	23222312	1781
cqsazx	1998424	1781
wanyukan	5201314	1782
gjianbo	1983424	1782
tsf626	6263150906	1782
tyty91	84662256	1782
renjiaye	19841210	1782
pan604	3702286	1782
tiaren	5203344	1782
mnz1230	xuweiwei	1782
tsf626	6263150906	1782
baoliqi	891026	1782
kingxd	lixiaodong	1782
yun0451	79042744	1782
fylirong	19851013	1782
idwsljq	ssugesad	1782
huhuan1742	7612746	1782
samyadone	1990827	1782
alina0920	5203344	1782
tk7903294	7903294	1782
lichun925	990196	1782
hao36636	hao36636	1782
zhh868	1496690	1782
lhplee	lhp875484	1782
q6235053	q6235053	1782
wu7610890	cong528	1782
h2ooh	z0z0z0	1782
kk1431	10160214	1782
jshan34	22201590	1782
marenbuku	123456	1782
gzwenzi	160192779	1782
hlj0520	26545493	1782
hugoyy	86349582	1782
tianye011	4950443	1782
raymond83	1983129	1782
ljh0618	123456	1782
zhspecial	23021233	1782
tyyk1984	578284	1782
alexning	alex1015alex	1782
mtv5002	858168672	1782
myskyfoot	19860603	1782
sha0913	19850913	1782
chch1990	chch199023	1782
tewytyl	213288848	1782
windosw4	3536762	1782
xcwwxj	19841215	1782
ryanlee5	19910904	1782
yhlinjun	276951439	1782
h8516238	8516238	1782
nedved16	123456	1782
hymy2008	1302245asd	1782
yuli581	5813780	1782
hqysjz	110110	1782
let5see	xuyuanjian	1782
gzc0015	123456	1782
scutljq	200524	1782
ksfpjx	qinghai	1782
36912092	111111	1782
yzl0414	withoutname	1782
zhjj415	1986411	1782
123456786	123456	1782
nbdbx	50057188	1782
xjtomb	ww52681	1782
jshalsgq	19820126	1782
leveexie	8216508	1782
lmt229	19880229	1782
kby8270	5035632	1782
weishuia	7758521	1782
duyong13	19890220	1782
liypch	592369	1782
yangakang	3628117	1782
yunhe0126	8973928	1782
anjingtao	840310	1782
yeben9	9890414	1782
lzc820629	201314	1782
fivedeng	2331561	1782
wendy806	7721041	1782
wmvsxy	wangming	1782
hxd168	336471888	1782
kuhooid	admin123456	1783
zeradona	411310	1783
526077082	526077082	1783
aiyulidi	aiyulidi	1783
tangrenwu	309682531	1783
jgy1987	123456	1783
fanzhai	fanzhai	1783
cfc1984	5556326	1783
hoyixi	kenking727	1783
xiaoj8bai	521880227	1783
baidu0619	409870203	1783
kissoul	zhuanglu	1783
chxd168	19891104	1783
gz1098d	gz1098d902	1783
lyjbenny	7512231	1783
qiongyusg	wangyufeng	1783
lilove183	li19840102	1783
fhdszx69	147208649	1783
xz6926249	cn95588021	1783
lmhzj56	5606526	1783
smssmsa	dj3328138	1783
cleariver	21454153	1783
417380068	123456	1783
chen94000	bardfdtj	1783
zjunovelty	liuxinqi	1783
181164433	709119	1783
jenn1986	jen1986	1783
frydog	181123	1783
janeran	198311	1783
marenbuku	123456	1783
fujing0124	19831119	1783
lrby186	139536	1783
a306981140	58624482	1783
thyyeer	jiangtao89	1783
aa261315	261315	1783
dive2002	898788	1783
aoutrun	13613252313	1783
xinyasky	56272895	1783
baby20yu	870204	1783
hxf0106	19760106331	1783
lr5212998	998118	1783
raoletian	aihang99	1783
chu211124	71067605	1783
fangjiasi	5763856	1783
79187089	6230139	1783
diudiuant	fengyi233	1783
joan7668	woaiwojia22	1783
woshi5357	8336778	1783
z89d03w19	890319	1783
a6899794	6899794	1783
lljs067966	1614931	1783
duyong13	19890220	1783
anfenger	54742475	1783
hing410	123456	1783
asdfg0663	11651829	1783
wufandra	343526539	1783
sayahati	800913	1783
yanghe2008	123456	1783
topheno	19890809	1783
diyddy	320304336	1783
liux7813	37077813	1783
muyang5555	6414111	1783
wintell	751215	1783
mosayu	yu234776	1783
yw080202	laopo544921	1783
lencolwm	lencolwm	1783
generalhe	hyk1020	1783
arsuka	101010	1783
zhaoqiheng	526268256	1783
wenle6970	584520	1784
xtreecho	xiaoqiang	1784
a363504364	123456	1784
305538386	lixiang	1784
cxp198810	63308590	1784
seraphcool	1987322	1784
janesheng	jane880812	1784
fansong6	14091409	1784
heshiubo	474038163	1784
luoxiao94	19861004	1784
lovecys99	6262603	1784
llong999	518797	1784
psufool	psugmfv	1784
erniu0351	erniu0351	1784
82084456	82084456	1784
caokangli	841127	1784
yuquanjd	yuquanjd	1784
zhongjizhi	zhongjizhi	1784
jerryl60	825031liu	1784
jushengl	js558a6	1784
flyxiyue	woaini	1784
s63879771	63879306	1784
q269648163	269648163	1784
fanzhai	fanzhai	1784
hyzhouj089	7758521	1784
ycylyan	198566	1784
lixun1066	350204	1784
xx421292057	xx007007	1784
dalong720	long551527	1784
amwjebukn	6844466	1784
laiyoo	laiyoubiao	1784
taishanrou	routaishan	1784
fujianjyx	619322	1784
739474555	123456	1784
hejiang303	303303	1784
t82870650	28199310	1784
329291379	185766121	1784
puzhikenan	6711278	1784
wxmwxm941	1212121	1784
peiroger	826527	1784
wyjie1988	349822606	1784
yellow5250	13150018923	1784
syy1990818	505186032	1784
princequn	910414	1784
fish34567	8521336	1784
popo8816812	19921118	1784
jiakuan998	9823965	1784
meisongyu	123456	1784
yescj365	yescj365	1784
chilitao	814117	1784
xinge0131	ldj0131	1784
winwuliu	123456	1784
liby0107	200107	1784
phoenixof405	370784	1784
36912092	111111	1784
sbt880401	SBT880401	1784
q7182302	7182302	1784
gsb6768	771202	1784
liming414	1986414	1784
bksatan	bk921017	1784
zwwenzi	33201411	1784
lb5105542	lb5105542	1784
cash0167	1314521ding	1784
landycl	8652350	1784
fengnicy	2132121321	1784
baskerle	123654	1784
ricetall	791382465	1784
kelian1977	19770923	1784
jiankuniii	1314520	1784
hj48603658	huangjie	1784
rex901226	19901226	1784
lidan0215	s40mru	1784
yimao5111	466198506	1784
lijiemss	6475086731	1784
qinyexiong	19881025	1784
seven71014	leilei520	1784
shengaogao	gdmwanybz	1784
snakeblood	hanbin88	1784
tottima10	maning245	1785
gonghuikang	haoren	1785
sun198757	198757	1785
mathewshow	304349	1785
yucongge	8980670	1785
384040200	1360123	1785
yuangbohui	13141685	1785
yangminyuyu	woaideyun	1785
yangyi5200	5503178	1785
moller1999	7758520	1785
haiou3738	haiouhaiou	1785
jsdynixin	6889680	1785
xnjhappy	secretxnj	1785
lindxxxx	966646	1785
chao584520	584520	1785
zhuqianye	zqy000	1785
xq289499769	yjitxxkj	1785
afive1231	hbdanda5	1785
ablat379	379520	1785
fhzx5168	fhzx5168	1785
jk200jkjK	3416528	1785
youyuan8666	25372605	1785
wangzepen	890513	1785
fenghaowgs	2610620	1785
wang890215	wang890215	1785
wuyek1000	770880	1785
zheng7057	87281365	1785
yezi857335	123000	1785
lixing1412	40606239	1785
zzj1979918	44121819	1785
zdw85785711	22755020	1785
raymond83	1983129	1785
az4411712	5204411712	1785
chenyu829	chenyu	1785
maoguoqing	19036852	1785
530235258	154066	1785
iredghost	123321	1785
qingmubense	PC9527	1785
kw564191039	3095063	1785
ugirl5211	gaotian	1785
mahuanbiao	781386	1785
lizumingshuai	lizuming	1785
hengdao886	868265a	1785
nanochina	19900423	1785
jy02546162	88990551	1785
chenyushen	13553753082	1785
efeelwolf	yifeilang	1785
402338490	5986275	1785
zb61186651	zb1987zb	1785
wanglelove	123456	1785
gaofei137	gaofei	1785
justosayhi	132555	1785
lhkxuyao	19901024	1785
meinvqinqin	caolizhe	1785
thinker1000	19871008	1786
fangqijun520	1989716000	1786
shijiaxin13	3401582	1786
baccahatis	4inlove	1786
maplesailer	49915001	1786
prince9519	pressonce	1786
a6233579	6233579	1786
307945103	891026	1786
davidwangyj	wang1986	1786
yaosijiaysj	ysjysj	1786
liangyu2ying	313851491	1786
feifei5512	7682129	1786
lj490152204	5477278	1786
juncheng1209	jaychou	1786
wo271253607	woaiyanyan1314	1786
lxy198812	4212377	1786
yuzhang3520	19861218	1786
yonggang100	2288861	1786
15617612692	123456	1786
lujiataizi	226226	1786
lelelovely	157350122	1786
lixiao1012	277909480	1786
zhchlei2008	850926	1786
ryuyoungsi	n2m7g5e2	1786
a414332144	49879800	1786
xiaonuo870	nnnihaoma	1786
412586695	jiajia	1786
yangfan8944	19890404	1786
nanhe20077	421501033	1786
zhuang40269210	40269210	1786
x339767421	881022	1786
longnan1129	1879105268	1786
a384353825	qscfthm03	1786
zhangzhev1	80945116	1786
weiyuanhot	wei3036429	1787
hw312264045	hw8621263	1787
linshihanghao	woaini	1787
jinchong0905	1989104	1787
wenshengsong	wenshengsong	1787
shandiandidi	didi930723	1787
arsenaloyzp	1986624	1787
mikelanyang	yanyu631	1787
xiandonghai	870602	1787
qq215302824	1234576	1787
aiwosuoai2527	830519	1787
anheiguinu	322985	1787
shayuzhuiyi	521521241	1787
xiaohui94wo	zhangjinhui	1788
wzwt641952727	19920430	1788
lmt849856391	qqqqqqq9999999	1788
zww236728783	6746256	1788
ll276523586	l0408l	1788
lz13593839313	lyy20050308	1788
chenjiexxxx	j780114	1788
sunny3366866	19840314	1788
wangshuhao721	408925547	1788
hanyanbing1120	19841120	1788
lixiuxian666	461226	1788
zhengwei8762	zhengwei8762	1788
liushuangliu	liushuangliu	1788
longlinxinshen	yanleixin0608	1788
guoyanchen520	woaiwozijiq1	1788
shuaihong617	137566	1788
lichengyi7260	lichengyi	1788
huping199008	13635997174	1788
huashujian	9018437250	1788
shelleyzhou831	459580367	1789
huhangcheng4545	1234trew	1789
caiyouwei203	caiyouwei	1789
xiaocaicai300	88554200	1789
jidewoainiwrp	2290006	1789
lianhenry001	62372558	1789
guanjing033646	6410262205	1790
fantasy1988811	1988811	1790
fengyangvslucky	woaimama	1790
foreverforgetme	wuzijian	1791
zhaobiming0103	13250463031	1792


酷我这种大网站又是主站目录下这种问题实在不应该,希望及时修复一下,毕竟大规模撞库出来一下会员账号之类的还是蛮简单的~比如说~
账号:fly306insky3,密码:kw316497

5.png


帐号15617612692,密码123456

7.png

漏洞证明:

http://www.kuwo.cn/US/login.htm
这个接口是酷我空间那里的一个登陆接口,可以看到是有验证码限制的,本来以为在主站目录下应该验证码做的很好,结果发现验证码输入正确一次以后一直正确,直接可以绕过的那种

1.png


然后验证码问题解决后再抓包看一下,发现用户名和密码都是明文传输的

2.png


撞库一下看看,看一下回显证明撞库成功

3.png


4.png


大量账号证明:

xsgl	618823023	1776
zpf856	8625827	1776
iyay	123456	1777
wx5538	wxhs520	1777
chivin	2359214	1777
adsf	123456	1777
cziq	123456	1778
yeyuer	1987120	1778
lgjj	lgjj0308	1778
jyjzqz	3124058	1778
guji21	262524	1778
y2kk	liang1813	1778
SDFDG	123456	1778
fancia	qiqi77521	1778
openzs	123456	1778
fhisd	71258691	1778
asllg	Bin880930	1779
fyswt	1989320	1779
roque	123456	1779
z2hero	142857	1779
fly306insky3	kw316497	1779
dwad	123456	1779
wx5538	wxhs520	1779
musicmh	511323	1779
epie	1qaz2wsx	1779
kyonnd	5234182649	1779
swwol	2080255	1779
dage1973	87794941	1779
nbzxc	63918644	1779
wilds	101010	1779
axjlf	aaaaaa	1779
fdkkx	19841216	1779
lhmj666	xiaoqing	1779
zod1221	8530157	1779
ssxjl	19880325	1779
ftpc	atgqlzj	1779
sogel	xingmeng	1779
gsjxg	123456a	1779
a3220cs	2373868	1780
kofcs	30122248	1780
zhxccc	zhxvvv	1780
v21xjn	8433389	1780
honor521	honorren521	1780
js34	2250866	1780
zwg115	7788414	1780
lxmwww	lxmlxm	1780
lzf0	lzf0lzfo	1780
yf83528	yf19830708	1780
benief	335812999	1780
rxw824	rxw710824	1780
zgame	46144800	1780
tarkey	SHMILY	1780
ztchhh	ztc1976	1780
vilanno	angeler	1780
panyunhe	64067517	1780
cwisme	cwisme	1780
sy1119	19851119	1780
lyssb	123456	1780
zm2355	111111	1780
aiutef	5290430	1780
wwbkk	871170	1780
jzhone	lx199012	1780
harlen	melody	1780
hbsfkj	klaumqvtf	1780
liulj06	lz870913	1780
dxw35	98224825	1780
xfy143	19850223	1780
imkf	820611	1780
cayxz	asdasd	1780
vip3668	ztj1234	1780
wh7353	8318937	1781
tqying	tqying	1781
lucass	13019112423	1781
wlc8245	88297613	1781
lionfoo	19840716	1781
kaysmile	8608702	1781
cxbszsd	617815	1781
topheno	19890809	1781
vv168	csn740	1781
bt2043	wxhzjj	1781
lxhuiok	lxhuiok	1781
ctuli	8870530	1781
haibo72	1294468	1781
basinsz	929623	1781
52013	52013	1781
fdiskbao	tiankong	1781
zc358	zc3588	1781
lyhf2001	1983515	1781
stdays	yangtianqi	1781
zsp6126	48776126	1781
yslwpl	5499180	1781
hxmlyl	deyddeyd	1781
iayb	jianhu	1781
zzt2003	bnmmnb2003	1781
wg8211	57836157	1781
lojken	635425	1781
x86516	shijia	1781
wucf101	6227008	1781
rozar	a7dc03w6	1781
ttlxxj	19830918	1781
longnog	2667539	1781
ltyashl	13478134615	1781
jy0tzj	87787377	1781
jeffow	456123	1781
xinyi067	liuqin	1781
zjglrf	lrf265282	1781
ljm104	123456	1781
jingygr	jingygr	1781
ync127	711128	1781
dou454	86530787	1781
zzzno11	115121	1781
cscwq	chinaren	1781
sbpyud	6102171	1781
wdtxwsls	zhanquan	1781
123456q	123456	1781
cupid80s	77648533	1781
gzzhc5	36201808	1781
kaozhj	111111	1781
ksfpjx	qinghai	1781
irenechou	13967550836	1781
simon63	111111	1781
anjingtao	840310	1781
aaapop	23222312	1781
cqsazx	1998424	1781
wanyukan	5201314	1782
gjianbo	1983424	1782
tsf626	6263150906	1782
tyty91	84662256	1782
renjiaye	19841210	1782
pan604	3702286	1782
tiaren	5203344	1782
mnz1230	xuweiwei	1782
tsf626	6263150906	1782
baoliqi	891026	1782
kingxd	lixiaodong	1782
yun0451	79042744	1782
fylirong	19851013	1782
idwsljq	ssugesad	1782
huhuan1742	7612746	1782
samyadone	1990827	1782
alina0920	5203344	1782
tk7903294	7903294	1782
lichun925	990196	1782
hao36636	hao36636	1782
zhh868	1496690	1782
lhplee	lhp875484	1782
q6235053	q6235053	1782
wu7610890	cong528	1782
h2ooh	z0z0z0	1782
kk1431	10160214	1782
jshan34	22201590	1782
marenbuku	123456	1782
gzwenzi	160192779	1782
hlj0520	26545493	1782
hugoyy	86349582	1782
tianye011	4950443	1782
raymond83	1983129	1782
ljh0618	123456	1782
zhspecial	23021233	1782
tyyk1984	578284	1782
alexning	alex1015alex	1782
mtv5002	858168672	1782
myskyfoot	19860603	1782
sha0913	19850913	1782
chch1990	chch199023	1782
tewytyl	213288848	1782
windosw4	3536762	1782
xcwwxj	19841215	1782
ryanlee5	19910904	1782
yhlinjun	276951439	1782
h8516238	8516238	1782
nedved16	123456	1782
hymy2008	1302245asd	1782
yuli581	5813780	1782
hqysjz	110110	1782
let5see	xuyuanjian	1782
gzc0015	123456	1782
scutljq	200524	1782
ksfpjx	qinghai	1782
36912092	111111	1782
yzl0414	withoutname	1782
zhjj415	1986411	1782
123456786	123456	1782
nbdbx	50057188	1782
xjtomb	ww52681	1782
jshalsgq	19820126	1782
leveexie	8216508	1782
lmt229	19880229	1782
kby8270	5035632	1782
weishuia	7758521	1782
duyong13	19890220	1782
liypch	592369	1782
yangakang	3628117	1782
yunhe0126	8973928	1782
anjingtao	840310	1782
yeben9	9890414	1782
lzc820629	201314	1782
fivedeng	2331561	1782
wendy806	7721041	1782
wmvsxy	wangming	1782
hxd168	336471888	1782
kuhooid	admin123456	1783
zeradona	411310	1783
526077082	526077082	1783
aiyulidi	aiyulidi	1783
tangrenwu	309682531	1783
jgy1987	123456	1783
fanzhai	fanzhai	1783
cfc1984	5556326	1783
hoyixi	kenking727	1783
xiaoj8bai	521880227	1783
baidu0619	409870203	1783
kissoul	zhuanglu	1783
chxd168	19891104	1783
gz1098d	gz1098d902	1783
lyjbenny	7512231	1783
qiongyusg	wangyufeng	1783
lilove183	li19840102	1783
fhdszx69	147208649	1783
xz6926249	cn95588021	1783
lmhzj56	5606526	1783
smssmsa	dj3328138	1783
cleariver	21454153	1783
417380068	123456	1783
chen94000	bardfdtj	1783
zjunovelty	liuxinqi	1783
181164433	709119	1783
jenn1986	jen1986	1783
frydog	181123	1783
janeran	198311	1783
marenbuku	123456	1783
fujing0124	19831119	1783
lrby186	139536	1783
a306981140	58624482	1783
thyyeer	jiangtao89	1783
aa261315	261315	1783
dive2002	898788	1783
aoutrun	13613252313	1783
xinyasky	56272895	1783
baby20yu	870204	1783
hxf0106	19760106331	1783
lr5212998	998118	1783
raoletian	aihang99	1783
chu211124	71067605	1783
fangjiasi	5763856	1783
79187089	6230139	1783
diudiuant	fengyi233	1783
joan7668	woaiwojia22	1783
woshi5357	8336778	1783
z89d03w19	890319	1783
a6899794	6899794	1783
lljs067966	1614931	1783
duyong13	19890220	1783
anfenger	54742475	1783
hing410	123456	1783
asdfg0663	11651829	1783
wufandra	343526539	1783
sayahati	800913	1783
yanghe2008	123456	1783
topheno	19890809	1783
diyddy	320304336	1783
liux7813	37077813	1783
muyang5555	6414111	1783
wintell	751215	1783
mosayu	yu234776	1783
yw080202	laopo544921	1783
lencolwm	lencolwm	1783
generalhe	hyk1020	1783
arsuka	101010	1783
zhaoqiheng	526268256	1783
wenle6970	584520	1784
xtreecho	xiaoqiang	1784
a363504364	123456	1784
305538386	lixiang	1784
cxp198810	63308590	1784
seraphcool	1987322	1784
janesheng	jane880812	1784
fansong6	14091409	1784
heshiubo	474038163	1784
luoxiao94	19861004	1784
lovecys99	6262603	1784
llong999	518797	1784
psufool	psugmfv	1784
erniu0351	erniu0351	1784
82084456	82084456	1784
caokangli	841127	1784
yuquanjd	yuquanjd	1784
zhongjizhi	zhongjizhi	1784
jerryl60	825031liu	1784
jushengl	js558a6	1784
flyxiyue	woaini	1784
s63879771	63879306	1784
q269648163	269648163	1784
fanzhai	fanzhai	1784
hyzhouj089	7758521	1784
ycylyan	198566	1784
lixun1066	350204	1784
xx421292057	xx007007	1784
dalong720	long551527	1784
amwjebukn	6844466	1784
laiyoo	laiyoubiao	1784
taishanrou	routaishan	1784
fujianjyx	619322	1784
739474555	123456	1784
hejiang303	303303	1784
t82870650	28199310	1784
329291379	185766121	1784
puzhikenan	6711278	1784
wxmwxm941	1212121	1784
peiroger	826527	1784
wyjie1988	349822606	1784
yellow5250	13150018923	1784
syy1990818	505186032	1784
princequn	910414	1784
fish34567	8521336	1784
popo8816812	19921118	1784
jiakuan998	9823965	1784
meisongyu	123456	1784
yescj365	yescj365	1784
chilitao	814117	1784
xinge0131	ldj0131	1784
winwuliu	123456	1784
liby0107	200107	1784
phoenixof405	370784	1784
36912092	111111	1784
sbt880401	SBT880401	1784
q7182302	7182302	1784
gsb6768	771202	1784
liming414	1986414	1784
bksatan	bk921017	1784
zwwenzi	33201411	1784
lb5105542	lb5105542	1784
cash0167	1314521ding	1784
landycl	8652350	1784
fengnicy	2132121321	1784
baskerle	123654	1784
ricetall	791382465	1784
kelian1977	19770923	1784
jiankuniii	1314520	1784
hj48603658	huangjie	1784
rex901226	19901226	1784
lidan0215	s40mru	1784
yimao5111	466198506	1784
lijiemss	6475086731	1784
qinyexiong	19881025	1784
seven71014	leilei520	1784
shengaogao	gdmwanybz	1784
snakeblood	hanbin88	1784
tottima10	maning245	1785
gonghuikang	haoren	1785
sun198757	198757	1785
mathewshow	304349	1785
yucongge	8980670	1785
384040200	1360123	1785
yuangbohui	13141685	1785
yangminyuyu	woaideyun	1785
yangyi5200	5503178	1785
moller1999	7758520	1785
haiou3738	haiouhaiou	1785
jsdynixin	6889680	1785
xnjhappy	secretxnj	1785
lindxxxx	966646	1785
chao584520	584520	1785
zhuqianye	zqy000	1785
xq289499769	yjitxxkj	1785
afive1231	hbdanda5	1785
ablat379	379520	1785
fhzx5168	fhzx5168	1785
jk200jkjK	3416528	1785
youyuan8666	25372605	1785
wangzepen	890513	1785
fenghaowgs	2610620	1785
wang890215	wang890215	1785
wuyek1000	770880	1785
zheng7057	87281365	1785
yezi857335	123000	1785
lixing1412	40606239	1785
zzj1979918	44121819	1785
zdw85785711	22755020	1785
raymond83	1983129	1785
az4411712	5204411712	1785
chenyu829	chenyu	1785
maoguoqing	19036852	1785
530235258	154066	1785
iredghost	123321	1785
qingmubense	PC9527	1785
kw564191039	3095063	1785
ugirl5211	gaotian	1785
mahuanbiao	781386	1785
lizumingshuai	lizuming	1785
hengdao886	868265a	1785
nanochina	19900423	1785
jy02546162	88990551	1785
chenyushen	13553753082	1785
efeelwolf	yifeilang	1785
402338490	5986275	1785
zb61186651	zb1987zb	1785
wanglelove	123456	1785
gaofei137	gaofei	1785
justosayhi	132555	1785
lhkxuyao	19901024	1785
meinvqinqin	caolizhe	1785
thinker1000	19871008	1786
fangqijun520	1989716000	1786
shijiaxin13	3401582	1786
baccahatis	4inlove	1786
maplesailer	49915001	1786
prince9519	pressonce	1786
a6233579	6233579	1786
307945103	891026	1786
davidwangyj	wang1986	1786
yaosijiaysj	ysjysj	1786
liangyu2ying	313851491	1786
feifei5512	7682129	1786
lj490152204	5477278	1786
juncheng1209	jaychou	1786
wo271253607	woaiyanyan1314	1786
lxy198812	4212377	1786
yuzhang3520	19861218	1786
yonggang100	2288861	1786
15617612692	123456	1786
lujiataizi	226226	1786
lelelovely	157350122	1786
lixiao1012	277909480	1786
zhchlei2008	850926	1786
ryuyoungsi	n2m7g5e2	1786
a414332144	49879800	1786
xiaonuo870	nnnihaoma	1786
412586695	jiajia	1786
yangfan8944	19890404	1786
nanhe20077	421501033	1786
zhuang40269210	40269210	1786
x339767421	881022	1786
longnan1129	1879105268	1786
a384353825	qscfthm03	1786
zhangzhev1	80945116	1786
weiyuanhot	wei3036429	1787
hw312264045	hw8621263	1787
linshihanghao	woaini	1787
jinchong0905	1989104	1787
wenshengsong	wenshengsong	1787
shandiandidi	didi930723	1787
arsenaloyzp	1986624	1787
mikelanyang	yanyu631	1787
xiandonghai	870602	1787
qq215302824	1234576	1787
aiwosuoai2527	830519	1787
anheiguinu	322985	1787
shayuzhuiyi	521521241	1787
xiaohui94wo	zhangjinhui	1788
wzwt641952727	19920430	1788
lmt849856391	qqqqqqq9999999	1788
zww236728783	6746256	1788
ll276523586	l0408l	1788
lz13593839313	lyy20050308	1788
chenjiexxxx	j780114	1788
sunny3366866	19840314	1788
wangshuhao721	408925547	1788
hanyanbing1120	19841120	1788
lixiuxian666	461226	1788
zhengwei8762	zhengwei8762	1788
liushuangliu	liushuangliu	1788
longlinxinshen	yanleixin0608	1788
guoyanchen520	woaiwozijiq1	1788
shuaihong617	137566	1788
lichengyi7260	lichengyi	1788
huping199008	13635997174	1788
huashujian	9018437250	1788
shelleyzhou831	459580367	1789
huhangcheng4545	1234trew	1789
caiyouwei203	caiyouwei	1789
xiaocaicai300	88554200	1789
jidewoainiwrp	2290006	1789
lianhenry001	62372558	1789
guanjing033646	6410262205	1790
fantasy1988811	1988811	1790
fengyangvslucky	woaimama	1790
foreverforgetme	wuzijian	1791
zhaobiming0103	13250463031	1792


酷我这种大网站又是主站目录下这种问题实在不应该,希望及时修复一下,毕竟大规模撞库出来一下会员账号之类的还是蛮简单的~比如说~
账号:fly306insky3,密码:kw316497

5.png


帐号15617612692,密码123456

7.png

修复方案:

验证码

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:5

确认时间:2015-08-06 10:26

厂商回复:

感谢对我支持

最新状态:

暂无

漏洞评价:

评论