搜狐某站点设计不当可绕过加密密码撞库用户（大量账号证明）

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0135270

漏洞标题：搜狐某站点设计不当可绕过加密密码撞库用户（大量账号证明）

漏洞作者：路人甲

提交时间：2015-08-19 14:45

修复时间：2015-10-03 17:08

公开时间：2015-10-03 17:08

漏洞类型：设计缺陷/逻辑错误

危害等级：低

自评Rank：5

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-08-19：细节已通知厂商并且等待厂商处理中
2015-08-19：厂商已经确认，细节仅向厂商公开
2015-08-29：细节向核心白帽子及相关领域专家公开
2015-09-08：细节向普通白帽子公开
2015-09-18：细节向实习白帽子公开
2015-10-03：细节向公众公开

简要描述：

搜狐某站点设计不当可绕过加密密码撞库用户（大量账号证明）

详细说明：

http://quan.sohu.com/login?urlto=%2Fuserpost%2Flink这个是搜狐旗下的一个站点，登陆的地方没有做验证码限制

抓包发现用户名明文传输，但是密码是加密的，md5加密的，就不多说了，

可成功撞库

部分撞库成功账号证明：

328645827@qq.com	7a91ca26e1603f4b898e722dbdfab743	1699
624520743@qq.com	b28b05b5c8e602a4d4ebb9122842f249	1699
285037186@qq.com	8cfb6c0b20f17baa6c4fca78bfb3988b	1699
34413387@qq.com	0b6e5d0cd27fba3278d1739d67240d22	1699
663522715@qq.com	03b8a7937158d2b48362bb1807bc551e	1699
995464282@qq.com	03ee73a1fef671ce435b417bdf1d0527	1699
171821586@qq.com	25d687e2c7e715b2f1c9bc30a47b0863	1699
245614787@qq.com	8fb5954c805fa2e0b093f09cedfc7502	1699
120402892@qq.com	5d2e65bd49b2be362da3c73bec9390ca	1699
335184594@qq.com	bb2d91d0fbbebe8719509ed0f865c63f	1699
809648824@qq.com	9f0a18070738bbda0cfcffc6b713bb2d	1699
448077475@qq.com	fdc214704513f74e1ac0f3fd029003e7	1699
357896150@qq.com	b7a76b2e6879b4cc9cfde912d7821d60	1699
973267924@qq.com	597eaa6c5a653a5b3f7962cb79ce2df7	1699
331091935@qq.com	b2a274522869970eb2555b505056b463	1699
273809927@qq.com	8598fa67fd92f29ba6e517d4e3dbba25	1699
313224951@qq.com	f0971e7187cf92b461ce64958c426cd6	1699
56215431@qq.com	cc077e4074d58b5b3afe96921b220364	1699
282221794@qq.com	b6281c1a0457fe28766ed07b382e47a3	1699
411655775@qq.com	6244002d72b46d3ba1387a57145a711f	1699
411655775@qq.com	6244002d72b46d3ba1387a57145a711f	1699
298657563@qq.com	5ff3c35d455052a25691995ed31d69b2	1699
78408684@qq.com	c1d54956e64c55dfcb0c34ef9f254e17	1699
371949126@qq.com	49057254598c65e061972fb649b90ca7	1699
644931423@qq.com	3d971a7c39613efc67bbb30f4eef7607	1699
103495063@qq.com	733d7be2196ff70efaf6913fc8bdcabf	1699
107735163@qq.com	db6f1c5a53caa1578e062920566685ab	1699
470675153@qq.com	9c7cc2cde1939666d314378b18857721	1699
249816385@qq.com	3252de4506d42db54b22034b9e1b3b2c	1699
327182272@qq.com	a06a5ac09b0d308958957be3807efefa	1699
468916444@qq.com	661e42aa7d683823a7d9c7437f8707ff	1699
chen19841213@qq.com	ad5c5b046fab2d8e70825e923bf55142	1699
466827921@qq.com	675aa27d9f148f52c0bc29e8701fa23e	1699
277829943@qq.com	00fbf19f7cb95ebef29c8cea7b459115	1699
hjhzjhn@qq.com	9727cbb70f2d45bc625eb9277a92c389	1699
502885865@qq.com	03e6ac229a3d0d0102beb31f2f86b4a5	1699
397048126@qq.com	2f685364000c005b2413a1e0aae83d0e	1699
77412513@qq.com	f1d9a6fa5f5cccdc45335d80e9b0035d	1699
570352527@qq.com	1d7f16f0a21523899367fd9082173925	1699
317598311@qq.com	edc8587ffb2cf2061b1e5099f78cafc5	1699
392956701@qq.com	d605957ddd401b82d2bb5d74ffd3e0c6	1699
381486557@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
279761251@qq.com	1733476c23937f0c7729558671754e13	1699
304469545@qq.com	1015240ceb1fb486d243ee058a8d5ad7	1699
lg007007007@qq.com	b72cdba202001e89178788b9e83ed172	1699
511350266@qq.com	c8b2e57df53a119f5cbcb1328b411bab	1699
522411758@qq.com	58563bf69b9d8aba740f36f7bca27eab	1699
444858666@qq.com	0b2952b0d93576dd24b49dcb66a9c7d8	1699
635699523@qq.com	1f45d8d83e14de635cd86a6512f89ca1	1699
5730191@qq.com	17b53e23a85a577f33f8ad2b44ada7fa	1699
330743333@qq.com	80104e18fc3a9535a632de4afd583420	1699
307220463@qq.com	9628c75e7da0c50c2e18adc29c04e422	1699
474767687@qq.com	f31de923ea972e5ee7c2af34944d1c9c	1699
185866081@qq.com	ffd40caf3c42d2067fb2dc93dd6780f3	1699
287107234@qq.com	16dc5b9edc5700e9e2de43bbb43eebe6	1699
404587420@qq.com	c0ff7d33a80483809333973bc755885f	1699
316651031@qq.com	db08151ec251f5ffd0ad99606fe0126c	1699
351507790@qq.com	5d9b5f6f78f8050ed75ec6736a011f0f	1699
499019660@qq.com	25f507f7aab7d305a449af640733094f	1699
396971249@qq.com	eec3b1a11c4e2224ed930e830f11f5c4	1699
200031331@qq.com	2a602c6fd6b36f497fd1756bca7a9f08	1699
417361873@qq.com	e0a6c20903266d8457eb62504efc889c	1699
sb19901219@qq.com	59b87344b54f31977f7c3dd445ab13e1	1699
369396461@qq.com	c27b88d4c5f510882c63361843fa944e	1699
565254702@qq.com	ad8864f0e962dacb34a6f50fc08bd1b1	1699
369405167@qq.com	5cad664fc094c7f81fd3bdda689d9986	1699
563308392@qq.com	dff00a9289dec826ffff783e4b191048	1699
121615807@qq.com	1b1b8d986b01ffa086f9f100d400a271	1699
122480860@qq.com	1873d6cad09739cad10cf6c4dea464e5	1699
346542170@qq.com	e5ff69d789a0190f3af3c769ebded49f	1699
767031552@qq.com	f0815b5ec86f7cce2ea230a1dcc2fe93	1699
110248954@qq.com	b155c0618d7f9f46c3b49f357eb14df5	1699
121161610@qq.com	3b8def12a781eb002fee3aef060e79aa	1699
64223796@qq.com	d3d5fcd72275e3094fe90eb84d2f6c4a	1699
100442706@qq.com	fff0de6ede0cdf279cecddc52530d691	1699
835825791@qq.com	9f7ece12d9c139aa13c75b8a3d9df850	1699
330224667@qq.com	a0d08e6558a376610b2c4e1cffee64e8	1699
358509111@qq.com	124839afb1165cb4748bdcb0082cf3f1	1699
278025521@qq.com	c8837b23ff8aaa8a2dde915473ce0991	1699
330224667@qq.com	a0d08e6558a376610b2c4e1cffee64e8	1699
344917841@qq.com	0f58bda704fe528d7dd93cf31c7325f6	1699
188712166@qq.com	8f84d6aa35309bd263fd92d7ca0605c5	1699
282489855@qq.com	854406b9f4579bda51928647ed9160ba	1699
357575905@qq.com	8fdad87ae3f3c8eee150b46f067cb47d	1699
513239617@qq.com	e3f159ca71b94fe6dd1518e38afd5426	1699
102221818@qq.com	881da71027c093e763d25e15a4cf2c36	1699
236642232@qq.com	29ad6403086c8cc3f086d241051b1665	1699
278151971@qq.com	7fe2b10a66b75cff969f79e7d2e8de96	1699
285729055@qq.com	6a7715bdfb7e5caf2a39f038076ae7ea	1699
jayjunjing@qq.com	f903f02cca670bffc0e762407054b1a7	1699
756070783@qq.com	764a777555262c278e4c203f45075815	1699
411207885@qq.com	b1a3d120cfd8c3b216f4a69e39504383	1699
410489016@qq.com	48adfca2f49fe6e051bae9a44c957fee	1699
344917841@qq.com	0f58bda704fe528d7dd93cf31c7325f6	1699
546540112@qq.com	a61c4fecddd952ff980458e117d0a449	1699
306216614@qq.com	fd7a80a0a5637a9e98b8e8336416efc9	1699
348382316@qq.com	753f3dabba704c1e6e281efd065da846	1699
20783781@qq.com	aa97eba124ab0c029fb7d5c37a6141b0	1699
593149705@qq.com	87712bfdd0474529b7f0e56b7a4acaaa	1699
241591418@qq.com	8adfa5a878ef0521d8bf43b5b97711b1	1699
125601853@qq.com	6caa7d97ff44e5ecfbb090b8fd969a79	1699
342803145@qq.com	1152a6ac3ff9f6e4a6cd5381fd0e202a	1699
546036571@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
404659065@qq.com	66379836997ec297594f3c7a16058b82	1699
534097751@qq.com	10c9693c23676fa1693e0672f08ec1e2	1699
380782856@qq.com	87544fb2290c41395674e467b968e978	1699
250832171@qq.com	f5bb0c8de146c67b44babbf4e6584cc0	1699
328668264@qq.com	4607e782c4d86fd5364d7e4508bb10d9	1699
306381312@qq.com	833686dd50004dd5d547e9dfdd38e3a9	1699
415248691@qq.com	4d80223b9f329a8925b6359dd0d5d94c	1699
769649448@qq.com	4b8eacf359e237da3b3f40e0bd117664	1699
282944145@qq.com	e2ffda29b95e7892ec65acf3c8944611	1699
105693996@qq.com	4e969be97737a4e7305676b03bdcdb3b	1699
363882137@qq.com	f50d0a257fba97250e0a646e281ff6ed	1699
544029170@qq.com	f701a9f6f20837c43efaaf2e27ba159b	1699
150089590@qq.com	74368d7dedcda4133bf302e8086fa695	1699
549078036@qq.com	e44f8cf63970db5c2df0a18153bcdf49	1699
446745169@qq.com	890bd3e98dd548a42e66cac9c4a6b85f	1699
jknye@vip.qq.com	3ace6eb67b2c9650ffacb23e90865bc1	1699
176186872@qq.com	6792d0d8580287145e27d0a7946e6782	1699
185649197@qq.com	f824ea3cd7cea49116eda11b5d23f9b0	1699
565413363@qq.com	762c79f5a952bbb5feacfbd03850cb9e	1699
541548258@qq.com	256acadfca29911d72a152944ce9905c	1699
339549520@qq.com	ac94d88790bf57136e382233cb42954d	1699
348991255@qq.com	f2945ac98d4038a6ca42da1834f617f7	1699
jixinjie@vip.qq.com	56b01044ad894a20a19e4e8c8e0d3574	1699
290180695@qq.com	6b2cd827c41ab55dfd3bb08d359e9d99	1699
913953735@qq.com	dfa5709610b4e829f81d2b9a468af469	1699
634861078@qq.com	0d68f5250c1dec34e70b6a31381e5af1	1699
799686577@qq.com	08cbed0a5a231215af4745fe59412d90	1699
renyao4444@qq.com	e2775afbba35302f3f6bc98ccdf2beb3	1699
283187327@qq.com	f3e540aeb6699621f6ad0a4e66d26d78	1699
351507790@qq.com	5d9b5f6f78f8050ed75ec6736a011f0f	1699
799919005@qq.com	f70d029a21e5cca55a3ad5e1e9e60f7f	1699
121615807@qq.com	1b1b8d986b01ffa086f9f100d400a271	1699
234027509@qq.com	f13974f21712b100495f3c2ad4f0577d	1699
416217208@qq.com	c9414c0f3fabba1c57f80c0ff279d037	1699
2811201@qq.com	0cfd95ab704526a90f11ddf9c4a7a37d	1699
564001331@qq.com	bb68d2a5e52f4e435fd79f251cb436d0	1699
371433886@qq.com	8cd369dceb9c16484ad0eacdd7d4843b	1699
brq1221@qq.com	a3402ab911e045c313cf2ae65c63d76e	1699
63682274@qq.com	f7e6fe7a02f14b7243a58650106c8c60	1699
344567807@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
409045595@qq.com	9b7253eec277301b4733e12593b76205	1699
766632909@qq.com	13b7a90ef40015e17e60b1a887f6770d	1699
242302885@qq.com	6bef58381f63047879cb69606c480cda	1699
343604628@qq.com	d6e148d0d6b3c8b59cef8ea19168765c	1699
234669450@qq.com	63807054bdaae5ea19ec997be0f3ce7e	1699
380782856@qq.com	87544fb2290c41395674e467b968e978	1699
849864443@qq.com	d9f51cf296ea27a8789ddca9c8fd5f30	1699
410569365@qq.com	f6278d03b1cd50e912cd6a16d730f9ac	1699
343027694@qq.com	0ae0bb027a243925a2d8de950e4bc8a5	1699
502585777@qq.com	2fbee3be425c8aa775fa5257b57ccfef	1699
554641814@qq.com	7666a77d13cb4b149c8c6cc08d007e0e	1699
babyjess@vip.qq.com	0b43bf5f260d94fea73efc9705a1c0e0	1699
117351540@qq.com	bfbdb87bd5460094763e39972a9065c7	1699
466484512@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
396420324@qq.com	981dd5f45d28edbd0cf7d6959fd244ad	1699
813630725@qq.com	a77878e5cfdcfa475282de7f589d1446	1699
116112691@qq.com	cf22be365eb50b3a8a1c7730667a0bf3	1699
100659211@qq.com	442fc0afaf3f1a5bfdeef673cc4b74c1	1699
272879669@qq.com	a0bf037adba8d75e19dee284e120fd5a	1699
317379184@qq.com	ca37f237d1f98e574f809b182ce609e4	1699
15082589@qq.com	42343c05252181cb4a13ebc5f5fbfbb2	1699
306906854@qq.com	ec4f2aae7066b4a72effbd19f70db7c5	1699
175151894@qq.com	819cf1304065c4ae95f2babaf8a03fd7	1699
251996098@qq.com	83b6afacecfb3b86705faafa81e65b51	1699
397201283@qq.com	dc814fa3335a43963b29aa1c7d1632f2	1699
112896087@qq.com	6d16e64e908ae3cc375cadc2dcbe092f	1699
417361873@qq.com	e0a6c20903266d8457eb62504efc889c	1699
156611380@qq.com	0d8ee8c5cefed3af21df34dacc7c9102	1699
389203774@qq.com	1bf5440135b6a230855a78b84013f91f	1699
87689012@qq.com	460fffd3c07c780dc22b11b8124e098d	1699
878017077@qq.com	3f1dbc417664139dda097bcd516ceeed	1699
408113460@qq.com	6af2a0b26423fa5a6ab0da77d2be195c	1699
330488288@qq.com	b3a80cbf150222eb6fe7f6bf4c049f8e	1699
240884155@qq.com	ad17d277743d434c408bd29bded3a6a1	1699
413885580@qq.com	591fe37ded5d7e7eb5f92d588a6cbf3a	1699
317379184@qq.com	ca37f237d1f98e574f809b182ce609e4	1699
236110995@qq.com	c5432e601670ea9f756b1c7f5069d3da	1699
179180423@qq.com	237c4eb2652b1184cf02ad9659ddc54b	1699
619523376@qq.com	70b6d858da2bfa30ab1ab507b97a9488	1699
149834256@qq.com	81883eba5ca424de96263bab3e87a9eb	1699
990452243@qq.com	ebdbf856f28464cef9b7c1c4ad2d78c6	1699
282939003@qq.com	065dacb83e9c8b5463a984635354c467	1699
305320279@qq.com	17e5867556ac1f6fb8bbad87affaa458	1699
524252240@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
406997887@qq.com	00fb28f5b2e08a5771e42cc0a8dec91b	1699
397507675@qq.com	5eac3803f4ecffa873542747887e8c20	1699
632672857@qq.com	fa256150ce18206ce92d28a8876616ec	1699
815845258@qq.com	409963d5344f7db01bc5e5cbb7e601b6	1699
chenhuang163@qq.com	a8780e33d57f71937bf586b4fd1cecae	1699
lei394618367@qq.com	292df185df8626f8fb981719dfd0dfb6	1699
447910637@qq.com	2a7937f8a94ceda47a37f200b8c8fa7b	1699
1549818@qq.com	5ad37b865554779a2a6136508ebc64bf	1699
zhaoxu470533522@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
350658055@qq.com	24c689f50c2c020e897f1d81f11a292b	1699
229801655@qq.com	58ed8fc5dd3233bc43377fecbae7fab5	1699
123143321@qq.com	4a3daecbc85ba63661a9a3eee7354008	1699
2503288@qq.com	0ceb9c38cdab294c72cb4a1c2f96118b	1699
3244556@qq.com	a2a777603cae72bbd15a0bdbb399270c	1699
363102077@qq.com	0707d0577a799ea448c2f0e1604e1525	1699
328668264@qq.com	4607e782c4d86fd5364d7e4508bb10d9	1699
3244556@qq.com	a2a777603cae72bbd15a0bdbb399270c	1699
328973415@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
664530248@qq.com	ac9bad93e733c201851899f52bb704ae	1699
445816705@qq.com	e2c87c090f8eef7c102dd4b7e1db6a0d	1699
516726528@qq.com	d9578d33a8c4fc21663cc783e2122798	1699
282522518@qq.com	8cbe36fd60792e26bb06d3404a889f4b	1699
414063160@qq.com	25f9e794323b453885f5181f1b624d0b	1699
345198232@qq.com	371fde59bb5d3f0fb175a3417736f221	1699
676045150@qq.com	ec43fdfe4b3b1c42669162ce13ef5b46	1699
344270466@qq.com	96a7b9c1135e1af70d798ebc57675976	1699
315572207@qq.com	73c76c33139b9849c3ab5d1eb9c8ea5d	1699
394256336@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
232356235@qq.com	61a56ef6a71a03a99b138609a0e3d4d3	1699
645507074@qq.com	84979fc6bb5f7ffda1984a2ab9be6916	1699
466052086@qq.com	5476ff8277fbdbaab0e16f6877a4c180	1699
297451343@qq.com	2e1cc0cfabb16791fbbad7a0e73ac7a4	1699
549523045@qq.com	8fd92574c3117bac5250445bc7825ce8	1699
158804221@qq.com	6e0b82b98ef66b9178265e6912653594	1699
499019660@qq.com	25f507f7aab7d305a449af640733094f	1699
372548828@qq.com	fec603f079687dca4183735e238509da	1699
350658055@qq.com	24c689f50c2c020e897f1d81f11a292b	1699
314001384@qq.com	0f505aeeb1b85ccdfde3193729989e79	1699
851508810@qq.com	f2362d59503e161d121aab9d5248a3e0	1699
252764233@qq.com	acfc4f3814ad6218304f29371b65c9eb	1699
529571030@qq.com	61c7fcef8b45553779e282017840fd26	1699
1016728529@qq.com	128640892c2a10584c4794b79e162656	1699
160442410@qq.com	759935c3ee1d523134250de984c32b46	1699
343279535@qq.com	ac426f3e327576ebdf24cfba606d974c	1699
369656061@qq.com	8a1f75edb0cb178c6bc4b144da450930	1699
348475204@qq.com	5750367d8537daecece736dbfe501e22	1699
306178733@qq.com	da855ef70f55c92f3b0e70fa4efd4d7c	1699
762609014@qq.com	cdf1c5480055cb89e13c1403fd62aea4	1699
541656877@qq.com	3243abad8495079fed4de8bf1ccf3fad	1699
276591522@qq.com	423169d3f1a93cc0a62d4725b68ed5ac	1699
309131355@qq.com	a1d8be0cfd4fb6676b7f36b5136a5501	1699

登陆账号证明：

漏洞证明：

http://quan.sohu.com/login?urlto=%2Fuserpost%2Flink这个是搜狐旗下的一个站点，登陆的地方没有做验证码限制

抓包发现用户名明文传输，但是密码是加密的，md5加密的，就不多说了，

可成功撞库

部分撞库成功账号证明：

328645827@qq.com	7a91ca26e1603f4b898e722dbdfab743	1699
624520743@qq.com	b28b05b5c8e602a4d4ebb9122842f249	1699
285037186@qq.com	8cfb6c0b20f17baa6c4fca78bfb3988b	1699
34413387@qq.com	0b6e5d0cd27fba3278d1739d67240d22	1699
663522715@qq.com	03b8a7937158d2b48362bb1807bc551e	1699
995464282@qq.com	03ee73a1fef671ce435b417bdf1d0527	1699
171821586@qq.com	25d687e2c7e715b2f1c9bc30a47b0863	1699
245614787@qq.com	8fb5954c805fa2e0b093f09cedfc7502	1699
120402892@qq.com	5d2e65bd49b2be362da3c73bec9390ca	1699
335184594@qq.com	bb2d91d0fbbebe8719509ed0f865c63f	1699
809648824@qq.com	9f0a18070738bbda0cfcffc6b713bb2d	1699
448077475@qq.com	fdc214704513f74e1ac0f3fd029003e7	1699
357896150@qq.com	b7a76b2e6879b4cc9cfde912d7821d60	1699
973267924@qq.com	597eaa6c5a653a5b3f7962cb79ce2df7	1699
331091935@qq.com	b2a274522869970eb2555b505056b463	1699
273809927@qq.com	8598fa67fd92f29ba6e517d4e3dbba25	1699
313224951@qq.com	f0971e7187cf92b461ce64958c426cd6	1699
56215431@qq.com	cc077e4074d58b5b3afe96921b220364	1699
282221794@qq.com	b6281c1a0457fe28766ed07b382e47a3	1699
411655775@qq.com	6244002d72b46d3ba1387a57145a711f	1699
411655775@qq.com	6244002d72b46d3ba1387a57145a711f	1699
298657563@qq.com	5ff3c35d455052a25691995ed31d69b2	1699
78408684@qq.com	c1d54956e64c55dfcb0c34ef9f254e17	1699
371949126@qq.com	49057254598c65e061972fb649b90ca7	1699
644931423@qq.com	3d971a7c39613efc67bbb30f4eef7607	1699
103495063@qq.com	733d7be2196ff70efaf6913fc8bdcabf	1699
107735163@qq.com	db6f1c5a53caa1578e062920566685ab	1699
470675153@qq.com	9c7cc2cde1939666d314378b18857721	1699
249816385@qq.com	3252de4506d42db54b22034b9e1b3b2c	1699
327182272@qq.com	a06a5ac09b0d308958957be3807efefa	1699
468916444@qq.com	661e42aa7d683823a7d9c7437f8707ff	1699
chen19841213@qq.com	ad5c5b046fab2d8e70825e923bf55142	1699
466827921@qq.com	675aa27d9f148f52c0bc29e8701fa23e	1699
277829943@qq.com	00fbf19f7cb95ebef29c8cea7b459115	1699
hjhzjhn@qq.com	9727cbb70f2d45bc625eb9277a92c389	1699
502885865@qq.com	03e6ac229a3d0d0102beb31f2f86b4a5	1699
397048126@qq.com	2f685364000c005b2413a1e0aae83d0e	1699
77412513@qq.com	f1d9a6fa5f5cccdc45335d80e9b0035d	1699
570352527@qq.com	1d7f16f0a21523899367fd9082173925	1699
317598311@qq.com	edc8587ffb2cf2061b1e5099f78cafc5	1699
392956701@qq.com	d605957ddd401b82d2bb5d74ffd3e0c6	1699
381486557@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
279761251@qq.com	1733476c23937f0c7729558671754e13	1699
304469545@qq.com	1015240ceb1fb486d243ee058a8d5ad7	1699
lg007007007@qq.com	b72cdba202001e89178788b9e83ed172	1699
511350266@qq.com	c8b2e57df53a119f5cbcb1328b411bab	1699
522411758@qq.com	58563bf69b9d8aba740f36f7bca27eab	1699
444858666@qq.com	0b2952b0d93576dd24b49dcb66a9c7d8	1699
635699523@qq.com	1f45d8d83e14de635cd86a6512f89ca1	1699
5730191@qq.com	17b53e23a85a577f33f8ad2b44ada7fa	1699
330743333@qq.com	80104e18fc3a9535a632de4afd583420	1699
307220463@qq.com	9628c75e7da0c50c2e18adc29c04e422	1699
474767687@qq.com	f31de923ea972e5ee7c2af34944d1c9c	1699
185866081@qq.com	ffd40caf3c42d2067fb2dc93dd6780f3	1699
287107234@qq.com	16dc5b9edc5700e9e2de43bbb43eebe6	1699
404587420@qq.com	c0ff7d33a80483809333973bc755885f	1699
316651031@qq.com	db08151ec251f5ffd0ad99606fe0126c	1699
351507790@qq.com	5d9b5f6f78f8050ed75ec6736a011f0f	1699
499019660@qq.com	25f507f7aab7d305a449af640733094f	1699
396971249@qq.com	eec3b1a11c4e2224ed930e830f11f5c4	1699
200031331@qq.com	2a602c6fd6b36f497fd1756bca7a9f08	1699
417361873@qq.com	e0a6c20903266d8457eb62504efc889c	1699
sb19901219@qq.com	59b87344b54f31977f7c3dd445ab13e1	1699
369396461@qq.com	c27b88d4c5f510882c63361843fa944e	1699
565254702@qq.com	ad8864f0e962dacb34a6f50fc08bd1b1	1699
369405167@qq.com	5cad664fc094c7f81fd3bdda689d9986	1699
563308392@qq.com	dff00a9289dec826ffff783e4b191048	1699
121615807@qq.com	1b1b8d986b01ffa086f9f100d400a271	1699
122480860@qq.com	1873d6cad09739cad10cf6c4dea464e5	1699
346542170@qq.com	e5ff69d789a0190f3af3c769ebded49f	1699
767031552@qq.com	f0815b5ec86f7cce2ea230a1dcc2fe93	1699
110248954@qq.com	b155c0618d7f9f46c3b49f357eb14df5	1699
121161610@qq.com	3b8def12a781eb002fee3aef060e79aa	1699
64223796@qq.com	d3d5fcd72275e3094fe90eb84d2f6c4a	1699
100442706@qq.com	fff0de6ede0cdf279cecddc52530d691	1699
835825791@qq.com	9f7ece12d9c139aa13c75b8a3d9df850	1699
330224667@qq.com	a0d08e6558a376610b2c4e1cffee64e8	1699
358509111@qq.com	124839afb1165cb4748bdcb0082cf3f1	1699
278025521@qq.com	c8837b23ff8aaa8a2dde915473ce0991	1699
330224667@qq.com	a0d08e6558a376610b2c4e1cffee64e8	1699
344917841@qq.com	0f58bda704fe528d7dd93cf31c7325f6	1699
188712166@qq.com	8f84d6aa35309bd263fd92d7ca0605c5	1699
282489855@qq.com	854406b9f4579bda51928647ed9160ba	1699
357575905@qq.com	8fdad87ae3f3c8eee150b46f067cb47d	1699
513239617@qq.com	e3f159ca71b94fe6dd1518e38afd5426	1699
102221818@qq.com	881da71027c093e763d25e15a4cf2c36	1699
236642232@qq.com	29ad6403086c8cc3f086d241051b1665	1699
278151971@qq.com	7fe2b10a66b75cff969f79e7d2e8de96	1699
285729055@qq.com	6a7715bdfb7e5caf2a39f038076ae7ea	1699
jayjunjing@qq.com	f903f02cca670bffc0e762407054b1a7	1699
756070783@qq.com	764a777555262c278e4c203f45075815	1699
411207885@qq.com	b1a3d120cfd8c3b216f4a69e39504383	1699
410489016@qq.com	48adfca2f49fe6e051bae9a44c957fee	1699
344917841@qq.com	0f58bda704fe528d7dd93cf31c7325f6	1699
546540112@qq.com	a61c4fecddd952ff980458e117d0a449	1699
306216614@qq.com	fd7a80a0a5637a9e98b8e8336416efc9	1699
348382316@qq.com	753f3dabba704c1e6e281efd065da846	1699
20783781@qq.com	aa97eba124ab0c029fb7d5c37a6141b0	1699
593149705@qq.com	87712bfdd0474529b7f0e56b7a4acaaa	1699
241591418@qq.com	8adfa5a878ef0521d8bf43b5b97711b1	1699
125601853@qq.com	6caa7d97ff44e5ecfbb090b8fd969a79	1699
342803145@qq.com	1152a6ac3ff9f6e4a6cd5381fd0e202a	1699
546036571@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
404659065@qq.com	66379836997ec297594f3c7a16058b82	1699
534097751@qq.com	10c9693c23676fa1693e0672f08ec1e2	1699
380782856@qq.com	87544fb2290c41395674e467b968e978	1699
250832171@qq.com	f5bb0c8de146c67b44babbf4e6584cc0	1699
328668264@qq.com	4607e782c4d86fd5364d7e4508bb10d9	1699
306381312@qq.com	833686dd50004dd5d547e9dfdd38e3a9	1699
415248691@qq.com	4d80223b9f329a8925b6359dd0d5d94c	1699
769649448@qq.com	4b8eacf359e237da3b3f40e0bd117664	1699
282944145@qq.com	e2ffda29b95e7892ec65acf3c8944611	1699
105693996@qq.com	4e969be97737a4e7305676b03bdcdb3b	1699
363882137@qq.com	f50d0a257fba97250e0a646e281ff6ed	1699
544029170@qq.com	f701a9f6f20837c43efaaf2e27ba159b	1699
150089590@qq.com	74368d7dedcda4133bf302e8086fa695	1699
549078036@qq.com	e44f8cf63970db5c2df0a18153bcdf49	1699
446745169@qq.com	890bd3e98dd548a42e66cac9c4a6b85f	1699
jknye@vip.qq.com	3ace6eb67b2c9650ffacb23e90865bc1	1699
176186872@qq.com	6792d0d8580287145e27d0a7946e6782	1699
185649197@qq.com	f824ea3cd7cea49116eda11b5d23f9b0	1699
565413363@qq.com	762c79f5a952bbb5feacfbd03850cb9e	1699
541548258@qq.com	256acadfca29911d72a152944ce9905c	1699
339549520@qq.com	ac94d88790bf57136e382233cb42954d	1699
348991255@qq.com	f2945ac98d4038a6ca42da1834f617f7	1699
jixinjie@vip.qq.com	56b01044ad894a20a19e4e8c8e0d3574	1699
290180695@qq.com	6b2cd827c41ab55dfd3bb08d359e9d99	1699
913953735@qq.com	dfa5709610b4e829f81d2b9a468af469	1699
634861078@qq.com	0d68f5250c1dec34e70b6a31381e5af1	1699
799686577@qq.com	08cbed0a5a231215af4745fe59412d90	1699
renyao4444@qq.com	e2775afbba35302f3f6bc98ccdf2beb3	1699
283187327@qq.com	f3e540aeb6699621f6ad0a4e66d26d78	1699
351507790@qq.com	5d9b5f6f78f8050ed75ec6736a011f0f	1699
799919005@qq.com	f70d029a21e5cca55a3ad5e1e9e60f7f	1699
121615807@qq.com	1b1b8d986b01ffa086f9f100d400a271	1699
234027509@qq.com	f13974f21712b100495f3c2ad4f0577d	1699
416217208@qq.com	c9414c0f3fabba1c57f80c0ff279d037	1699
2811201@qq.com	0cfd95ab704526a90f11ddf9c4a7a37d	1699
564001331@qq.com	bb68d2a5e52f4e435fd79f251cb436d0	1699
371433886@qq.com	8cd369dceb9c16484ad0eacdd7d4843b	1699
brq1221@qq.com	a3402ab911e045c313cf2ae65c63d76e	1699
63682274@qq.com	f7e6fe7a02f14b7243a58650106c8c60	1699
344567807@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
409045595@qq.com	9b7253eec277301b4733e12593b76205	1699
766632909@qq.com	13b7a90ef40015e17e60b1a887f6770d	1699
242302885@qq.com	6bef58381f63047879cb69606c480cda	1699
343604628@qq.com	d6e148d0d6b3c8b59cef8ea19168765c	1699
234669450@qq.com	63807054bdaae5ea19ec997be0f3ce7e	1699
380782856@qq.com	87544fb2290c41395674e467b968e978	1699
849864443@qq.com	d9f51cf296ea27a8789ddca9c8fd5f30	1699
410569365@qq.com	f6278d03b1cd50e912cd6a16d730f9ac	1699
343027694@qq.com	0ae0bb027a243925a2d8de950e4bc8a5	1699
502585777@qq.com	2fbee3be425c8aa775fa5257b57ccfef	1699
554641814@qq.com	7666a77d13cb4b149c8c6cc08d007e0e	1699
babyjess@vip.qq.com	0b43bf5f260d94fea73efc9705a1c0e0	1699
117351540@qq.com	bfbdb87bd5460094763e39972a9065c7	1699
466484512@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
396420324@qq.com	981dd5f45d28edbd0cf7d6959fd244ad	1699
813630725@qq.com	a77878e5cfdcfa475282de7f589d1446	1699
116112691@qq.com	cf22be365eb50b3a8a1c7730667a0bf3	1699
100659211@qq.com	442fc0afaf3f1a5bfdeef673cc4b74c1	1699
272879669@qq.com	a0bf037adba8d75e19dee284e120fd5a	1699
317379184@qq.com	ca37f237d1f98e574f809b182ce609e4	1699
15082589@qq.com	42343c05252181cb4a13ebc5f5fbfbb2	1699
306906854@qq.com	ec4f2aae7066b4a72effbd19f70db7c5	1699
175151894@qq.com	819cf1304065c4ae95f2babaf8a03fd7	1699
251996098@qq.com	83b6afacecfb3b86705faafa81e65b51	1699
397201283@qq.com	dc814fa3335a43963b29aa1c7d1632f2	1699
112896087@qq.com	6d16e64e908ae3cc375cadc2dcbe092f	1699
417361873@qq.com	e0a6c20903266d8457eb62504efc889c	1699
156611380@qq.com	0d8ee8c5cefed3af21df34dacc7c9102	1699
389203774@qq.com	1bf5440135b6a230855a78b84013f91f	1699
87689012@qq.com	460fffd3c07c780dc22b11b8124e098d	1699
878017077@qq.com	3f1dbc417664139dda097bcd516ceeed	1699
408113460@qq.com	6af2a0b26423fa5a6ab0da77d2be195c	1699
330488288@qq.com	b3a80cbf150222eb6fe7f6bf4c049f8e	1699
240884155@qq.com	ad17d277743d434c408bd29bded3a6a1	1699
413885580@qq.com	591fe37ded5d7e7eb5f92d588a6cbf3a	1699
317379184@qq.com	ca37f237d1f98e574f809b182ce609e4	1699
236110995@qq.com	c5432e601670ea9f756b1c7f5069d3da	1699
179180423@qq.com	237c4eb2652b1184cf02ad9659ddc54b	1699
619523376@qq.com	70b6d858da2bfa30ab1ab507b97a9488	1699
149834256@qq.com	81883eba5ca424de96263bab3e87a9eb	1699
990452243@qq.com	ebdbf856f28464cef9b7c1c4ad2d78c6	1699
282939003@qq.com	065dacb83e9c8b5463a984635354c467	1699
305320279@qq.com	17e5867556ac1f6fb8bbad87affaa458	1699
524252240@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
406997887@qq.com	00fb28f5b2e08a5771e42cc0a8dec91b	1699
397507675@qq.com	5eac3803f4ecffa873542747887e8c20	1699
632672857@qq.com	fa256150ce18206ce92d28a8876616ec	1699
815845258@qq.com	409963d5344f7db01bc5e5cbb7e601b6	1699
chenhuang163@qq.com	a8780e33d57f71937bf586b4fd1cecae	1699
lei394618367@qq.com	292df185df8626f8fb981719dfd0dfb6	1699
447910637@qq.com	2a7937f8a94ceda47a37f200b8c8fa7b	1699
1549818@qq.com	5ad37b865554779a2a6136508ebc64bf	1699
zhaoxu470533522@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
350658055@qq.com	24c689f50c2c020e897f1d81f11a292b	1699
229801655@qq.com	58ed8fc5dd3233bc43377fecbae7fab5	1699
123143321@qq.com	4a3daecbc85ba63661a9a3eee7354008	1699
2503288@qq.com	0ceb9c38cdab294c72cb4a1c2f96118b	1699
3244556@qq.com	a2a777603cae72bbd15a0bdbb399270c	1699
363102077@qq.com	0707d0577a799ea448c2f0e1604e1525	1699
328668264@qq.com	4607e782c4d86fd5364d7e4508bb10d9	1699
3244556@qq.com	a2a777603cae72bbd15a0bdbb399270c	1699
328973415@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
664530248@qq.com	ac9bad93e733c201851899f52bb704ae	1699
445816705@qq.com	e2c87c090f8eef7c102dd4b7e1db6a0d	1699
516726528@qq.com	d9578d33a8c4fc21663cc783e2122798	1699
282522518@qq.com	8cbe36fd60792e26bb06d3404a889f4b	1699
414063160@qq.com	25f9e794323b453885f5181f1b624d0b	1699
345198232@qq.com	371fde59bb5d3f0fb175a3417736f221	1699
676045150@qq.com	ec43fdfe4b3b1c42669162ce13ef5b46	1699
344270466@qq.com	96a7b9c1135e1af70d798ebc57675976	1699
315572207@qq.com	73c76c33139b9849c3ab5d1eb9c8ea5d	1699
394256336@qq.com	e10adc3949ba59abbe56e057f20f883e	1699
232356235@qq.com	61a56ef6a71a03a99b138609a0e3d4d3	1699
645507074@qq.com	84979fc6bb5f7ffda1984a2ab9be6916	1699
466052086@qq.com	5476ff8277fbdbaab0e16f6877a4c180	1699
297451343@qq.com	2e1cc0cfabb16791fbbad7a0e73ac7a4	1699
549523045@qq.com	8fd92574c3117bac5250445bc7825ce8	1699
158804221@qq.com	6e0b82b98ef66b9178265e6912653594	1699
499019660@qq.com	25f507f7aab7d305a449af640733094f	1699
372548828@qq.com	fec603f079687dca4183735e238509da	1699
350658055@qq.com	24c689f50c2c020e897f1d81f11a292b	1699
314001384@qq.com	0f505aeeb1b85ccdfde3193729989e79	1699
851508810@qq.com	f2362d59503e161d121aab9d5248a3e0	1699
252764233@qq.com	acfc4f3814ad6218304f29371b65c9eb	1699
529571030@qq.com	61c7fcef8b45553779e282017840fd26	1699
1016728529@qq.com	128640892c2a10584c4794b79e162656	1699
160442410@qq.com	759935c3ee1d523134250de984c32b46	1699
343279535@qq.com	ac426f3e327576ebdf24cfba606d974c	1699
369656061@qq.com	8a1f75edb0cb178c6bc4b144da450930	1699
348475204@qq.com	5750367d8537daecece736dbfe501e22	1699
306178733@qq.com	da855ef70f55c92f3b0e70fa4efd4d7c	1699
762609014@qq.com	cdf1c5480055cb89e13c1403fd62aea4	1699
541656877@qq.com	3243abad8495079fed4de8bf1ccf3fad	1699
276591522@qq.com	423169d3f1a93cc0a62d4725b68ed5ac	1699
309131355@qq.com	a1d8be0cfd4fb6676b7f36b5136a5501	1699

登陆账号证明：

修复方案：

加上验证码

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

危害等级：中

漏洞Rank：10

确认时间：2015-08-19 17:06

厂商回复：

感谢多搜狐安全关注

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0135270

漏洞标题：搜狐某站点设计不当可绕过加密密码撞库用户（大量账号证明）

相关厂商：搜狐

漏洞作者：路人甲

提交时间：2015-08-19 14:45

修复时间：2015-10-03 17:08

公开时间：2015-10-03 17:08

漏洞类型：设计缺陷/逻辑错误

危害等级：低

自评Rank：5

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0135270

漏洞标题：搜狐某站点设计不当可绕过加密密码撞库用户（大量账号证明）

相关厂商：搜狐

漏洞作者： 路人甲

提交时间：2015-08-19 14:45

修复时间：2015-10-03 17:08

公开时间：2015-10-03 17:08

漏洞类型：设计缺陷/逻辑错误

危害等级：低

自评Rank：5

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0135270"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

漏洞概要关注数(24) 关注此漏洞

漏洞作者：路人甲

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源路人甲@乌云