当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0135949

漏洞标题:酷我某接口设计不当撞库(大量账号证明)

相关厂商:酷我音乐

漏洞作者: 路人甲

提交时间:2015-08-22 15:55

修复时间:2015-10-08 10:20

公开时间:2015-10-08 10:20

漏洞类型:设计缺陷/逻辑错误

危害等级:低

自评Rank:3

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-22: 细节已通知厂商并且等待厂商处理中
2015-08-24: 厂商已经确认,细节仅向厂商公开
2015-09-03: 细节向核心白帽子及相关领域专家公开
2015-09-13: 细节向普通白帽子公开
2015-09-23: 细节向实习白帽子公开
2015-10-08: 细节向公众公开

简要描述:

酷我某接口设计不当撞库(大量账号证明)

详细说明:

http://i.kuwo.cn/US/login.htm?status=4这个接口额,可以看到这个接口的登陆位置是有验证码限制的,但是这个验证码可以绕过,只要输入正确一次抓包之后,就会一直正确

111.png


抓包数据中的用户名和密码都是明文传输的,然后挂到服务器去撞库的

222.png


查看回显看到应该是可以成功撞库的

333.png


444.png


大量撞库成功账号证明:

shijiaxin13	3401582	1790
zww236728783	6746256	1790
jinchong0905	1989104	1790
wenshengsong	wenshengsong	1790
wangshuhao721	408925547	1790
qingmubense	PC9527	1790
lixiuxian666	461226	1790
shandiandidi	didi930723	1790
wo271253607	woaiyanyan1314	1790
yuzhang3520	19861218	1790
lujiataizi	226226	1790
liushuangliu	liushuangliu	1790
mikelanyang	yanyu631	1790
guoyanchen520	woaiwozijiq1	1790
qq215302824	1234576	1790
yangfan8944	19890404	1790
huashujian	9018437250	1790
liujianmin666	liujianmin666	1790
zhangming723	880728	1790
wangbiao137	56953448	1790
mantan1983	mantan	1790
chengangjita	19831127	1790
madongshuai	22221221	1790
liuyajin1112	20061112520	1790
hai2006long	225851	1790
zj362464366	zj9898520	1790
mirage2618	33455432	1790
yetaosteven	102734	1790
hopetogether	caonimage	1790
cyndiandjj	cyndiandjj	1790
iamyaowang	332211	1790
superfox8118	123456	1790
wangguan304	wangguan	1790
hancongshuo	huiqing	1790
dongxuwang12	6624720120	1790
waxlrose112	47362547	1790
zhaoyun1020	1.414002	1790
sufei918918	yaoyuan	1790
babywuming	69446633	1790
liwei1987929	1987929	1790
shandian187	wangxin	1790
shanhangke	3681535	1790
caicai8872	19820909	1790
jiaweiwei168	13994930189	1790
dkf125634897	dkf125634897	1790
sueiyueran	670105	1790
tb245987446	6540491	1790
luolong88888	6204884	1790
yonghongcom	801002	1790
anheiguinu	322985	1790
junyong1986	5211314	1790
huanglili812	1985812	1790
zhaofeng009	84809595	1790
paopaopao007	1985412	1790
dangyaoqiang	16103059	1790
ilovehy2008	ilovehy	1790
wujialing1986	123456	1790
zhang510515	zhang962502	1790
wangpeng198798	421700	1790
zyz596140389	zyz1213141516	1790
zhr197421231	zhanghaoran	1790
xiongjie1981	76681801	1790
mozhiguizu	1987123	1790
michelle7227	9573466399	1790
dingdaodao	3657572	1790
valentino0086	3338434313	1790
lsld0192008	3251693449	1790
woojianwei	wjw19870321	1790
jiyuhong963	jiyuhong963	1790
winterhwang	3360673	1790
decadent2008	woaini1314	1790
wanliang20	888236	1790
nanguaxiake	19860416	1790
jinyue0319	yueyue	1790
happy58421	328829350	1790
simonwilliams	1234567	1790
james2006wang	654321	1790
a605103360	6051033600	1790
kavencomet	8201262	1790
guhaiyan0316	8198303168	1790
lcz200802084	200802084	1790
lanweitao678	7562251	1790
linxin198899	198899123	1790
mengjie1218	19861218	1790
wujingjing888	1986510	1790
renjingpeng	13241983296	1790
zhangdaye168	775168	1790
zhzj1597530	199353	1790
qianming5234	sd0001230	1790
chujianxin	278298861	1790
mo409843409	mo01080325	1790
lovelxm520	woaishui	1790
xiaolong4521	20050824	1790
piaoxueqingren	19831021	1790
henryandlia	123521	1790
wanshendaxia	xiebin520	1790
a123450261175	277101264	1790
aspirine1023	33221145	1790
guguoqing110	65353845	1790
hacker52019	520520	1790
hanlei2007	2352913	1790
bai2139439	2139439	1790
lixin328952752	429102	1790
liuzhongyuan87	19870325	1790
chenchao1991	chenchao	1790
ouyangyi124	ouyangyi4444	1790
wfa890325	890325	1790
qinnaidaguai	zhangkun	1790
danshen1ren	8441080	1790
xiaolei5375	19850126	1790
zhanhanker	woaini	1790
shijinlonga	154851955	1790
yinguo1989	891114	1790
yangleizhuying	52168095	1790
xuzhiguo2008	19780127	1790
pengzeqing	5305240	1790
jiajv5805669	19890204	1790
liutao82922	19820922	1790
tandandan1	19881220	1790
liushui7235036	7235036	1790
lihui2004529	123456	1790
da13081658755	800718	1790
fengyueyiyi	820122	1790
kingleejun	52scguf	1790
dw19921102	82412510	1790
qdangel1989	bugaosuni	1790
zoushuqiao	dangerous	1790
xingkaimoe	a2228761	1790
superpandacc	cc19871020cc	1790
fallenyangxu	0012yangxu	1790
doublehua234	liyuehua20	1790
lidapeng110	lidapeng	1790
hubeiliukun	19831025	1790
easternwang	123456781	1790
nlh645007156	645007156	1790
zhang449268828	19870902	1790
milanliwupu	274329260	1790
yuyi261564680	20020102	1790
shandiandidi	didi930723	1790
dingzhiwei01	286897030	1790
Loginheart	liangliang	1790
shanglianshan	630153	1790
zj852150707	7768070ji	1790
chinabaishan	19881008	1790
xrl851071006	15283086741	1790
lihui2004529	123456	1790
feifei890123	19890123	1790
chenxiaochi89	78910847	1790
yaojian6538	yaojian5520	1790
lspaklipeng	3225239	1790
dengzhiyucheng	d198948	1790
shaoloveshao	230302	1790
yonghongcom	801002	1790
lihuanan1985	198564	1790
seven7heaven	7777777	1790
wangscorpio	wang86	1790
hebojiadian	13219149818	1790
xulichen0318	19850318xu	1790
zhouandchao	zhouchao	1790
jasonpan0419	jason52mm	1790
fengxiaochong	xiaoxiao	1790
wangjin9081	86687874	1790
shimaosong	102060059	1790
zhushengquan1	83145741	1790
zhangxian03	5066998	1790
chenhouqian	123456	1790
guguoqing110	65353845	1790
a306567281	a7311620	1790
zhangyi7410	my7410709	1790
happy2008kid	happy2008kid	1790
adzx86191866	604713	1790
myfeifei521	112311	1790
realraul520	19840329	1790
zhengwei4175	123456	1790
myfeifei521	112311	1790
wzwt641952727	19920430	1791
shelleyzhou831	459580367	1791
xiaocaicai300	88554200	1791
maplesailer	49915001	1791
jidewoainiwrp	2290006	1791
lz13593839313	lyy20050308	1791
chenjiexxxx	j780114	1791
hanyanbing1120	19841120	1791
zhengwei8762	zhengwei8762	1791
lizumingshuai	lizuming	1791
lianhenry001	62372558	1791
huping199008	13635997174	1791
goodchenting	3513346	1791
chromosomegg	woaini	1791
shayuzhuiyi	521521241	1791
chengyifanhunter	hunter	1791
lookafteryou	15830080820	1791
yuanding23202	gxhgxj1314	1791
zeng75297252	102030zeng	1791
uranusshin	19840822	1791
vipwangchuan	wangchuan	1791
yangyang8234	198234	1791
longerbaobao	46982173	1791
xuanyanjian	78184845	1791
yxp19910821	318815	1791
ilovelva1314	520avril	1791
chenzhong0399	chenzj1017	1791
laishunchen	woaiwanglin	1791
zhb19810701	19810701	1791
jzh452331017	jzh199195	1791
liuyikun1017	5689052kun	1791
huanhuanwqp	huanhuanwqp	1791
rainyinthesky	520zouwang	1791
fei245379384	413083668	1791
sangsang633	633633	1791
zhengliang115	7229572	1791
ronniemcmahon	88888888	1791
watsonzhang	6681132	1791
wujingxiaomei	1236987	1791
halflifecougar	halflife	1791
yuanzhongyuer	235520	1791
wangjjmiao	xiaobudian	1791
maxiaogang54	10012254	1791
hewei111000	qq123456	1791
angy805487999	hye870826	1791
wangxin00320	1431225260	1791
amiaoamiaoamiao	8322306	1791
gary328081577	83864700	1791
jason388188	98388188	1791
happyhecatd	895623	1791
changcheng2008c	574871	1791
nikkihayashi	shuai0829	1791
libo1221love	19901221	1791
zhengfeng928	800928	1791
huangzhizong	amwfnpfi	1791
dahai975315x	975315x	1791
myzonehulin	hulin53521	1791
shimindong168	woaini168	1791
yuxiaowu2008	12345678	1791
lihuaxing1221	880907	1791
menglixianjing	mengjing	1791
xiaoming871223	aaaaaa	1791
haidong1170	3346790	1791
ljw19870904	woaini1314	1791
jasontw2008	19870718	1791
leeonjohnson	leeonjohnson0	1791
wangfeijiekd	feijiekd	1791
huzehui1990	5841201314	1791
yanhaili1981	3895337	1791
huangjing888	123456	1791
sqjiafeimao	suqiang	1791
luoxiaohu520	huxiaoluo	1791
wangchao5059	820901	1791
cc99895158	52238665	1791
xiaopengge21	19870130	1791
songtao520139	songtao123	1791
zhao3968573	248140	1791
chenfly1991	20710080420	1791
xuxiang0731	19920731	1791
yongwang1977	wangyong1977	1791
ynlpqf78116	ynlpqf78116	1791
weixiangzhang	108619	1791
huangxuelong520	8868564	1791
vipwangchuan	wangchuan	1791
chenhouqian	123456	1791
zcjiangfeng	19791229	1791
langlang6657	yang6657	1791
hezhixian001	850916	1791
luweihua12345	1987092121	1791
jian32772094	841018520	1791
blackangelhh	huanhuan	1791
xianglingzi007	121480cx0452	1791
yuzhounvwang	19890425	1791
lengrijingqi	zhanglei	1791
caiyouwei203	caiyouwei	1792
linshihanghao	woaini	1792
sunny3366866	19840314	1792
shuaihong617	137566	1792
lichengyi7260	lichengyi	1792
aiwosuoai2527	830519	1792
zhuang40269210	40269210	1792
scorpiuscurry	811030	1792
yunxiaoshenchu	122984	1792
jianglizhi1314	7758521	1792
caomingaini068	86868068	1792
yanghuan8965	198965	1792
fengaiting999	19880102	1792
bawvfpccj106	53517230	1792
tianlesoftware	woshidmm	1792
tianlanweixuan	123456	1792
yangdanfengai	13834889888	1792
youyidiyi1314	5201314	1792
yaobin25344316	52726228	1792
metallica1234	123456789	1792
xiaohang0926	jayhang926	1792
baisexiaoxiao	woaini	1792
hui648573047	13358733181	1792
chengjinwu008	7242012	1792
gloryanddream	76446260	1792
wangwentao330	330183	1792
woshishiqiwei	376552148	1792
lindongbo1988	19880812	1792
sang372335905	123456	1792
kingwangak47	1990717ak47	1792
zhangyi123tt	123456789	1792
liugang861214	82552341	1792
wangdapeng0126	19850126	1792
tingbotongzhi	5640220	1792
girlandbinhao	binhao951	1792
mali107877128	88523455	1792
xingjianglong	294860414	1792
woai76467778	76467778	1792
arthurkingcn	840721	1792
mimiyuan1985	mimiyuan1985	1792
jinhuliuchao	650815	1792
yiqiekanqian	552030	1792
luweihua12345	1987092121	1792
jiangshun1991	jiangshun	1792
chentao789123	4062681	1792
twilightangel	lfz001	1792
feng234768998	5632006	1792
zhupeng19851122	6561404	1792
libo1221love	19901221	1792
huhangcheng4545	1234trew	1793
guanjing033646	6410262205	1793
fantasy1988811	1988811	1793
longlinxinshen	yanleixin0608	1793
famousliuluxin	6983129	1793
houjunliang666	871117	1793
xuzhen441509068	xu111111	1793
gaoshuang091	19890901	1793
xiaoyaochengzhan	kiki2002885	1793
happyshuai1231	a5032239	1793
yuanshuo1234567	351999	1793
xiaoxigua1485	woxiangni1	1793
chenyongjun0907	494024315	1793
xufen45565773	520187	1793
xiaoweixiaoweix	785646663	1793
foreverlovebobo	716728	1793
yuxiaoqing1001	yxq841001	1793
zhuangjiawei18	2553524000	1793
fengshengwuying	801010	1793
wangxuezhi1122	ty175027	1793
zhuihunshashou	10101818	1793
lovexiaobao163	418036466	1793
chenjing19881005	19881005	1793
jingjiefeiyang	806829	1794
gujun1005466468	841384883	1794
chimingleishangren	19890913	1794
abc13774664577	13774664577	1794
sunjian372391309	372391309	1794
zhang773207762	773207762	1794
fenglei595331105	595331105	1794
lixiang258068175	123456	1794
zhangwenjie6780	zhangwenjie8866	1794
shenhuachong521	851125521	1794
guozhaojun2008	19820618	1794
zhaoyuqing1986	525733	1794


登陆几个看看:

555.png


666.png


777.png

漏洞证明:

http://i.kuwo.cn/US/login.htm?status=4这个接口额,可以看到这个接口的登陆位置是有验证码限制的,但是这个验证码可以绕过,只要输入正确一次抓包之后,就会一直正确

111.png


抓包数据中的用户名和密码都是明文传输的,然后挂到服务器去撞库的

222.png


查看回显看到应该是可以成功撞库的

333.png


444.png


大量撞库成功账号证明:

shijiaxin13	3401582	1790
zww236728783	6746256	1790
jinchong0905	1989104	1790
wenshengsong	wenshengsong	1790
wangshuhao721	408925547	1790
qingmubense	PC9527	1790
lixiuxian666	461226	1790
shandiandidi	didi930723	1790
wo271253607	woaiyanyan1314	1790
yuzhang3520	19861218	1790
lujiataizi	226226	1790
liushuangliu	liushuangliu	1790
mikelanyang	yanyu631	1790
guoyanchen520	woaiwozijiq1	1790
qq215302824	1234576	1790
yangfan8944	19890404	1790
huashujian	9018437250	1790
liujianmin666	liujianmin666	1790
zhangming723	880728	1790
wangbiao137	56953448	1790
mantan1983	mantan	1790
chengangjita	19831127	1790
madongshuai	22221221	1790
liuyajin1112	20061112520	1790
hai2006long	225851	1790
zj362464366	zj9898520	1790
mirage2618	33455432	1790
yetaosteven	102734	1790
hopetogether	caonimage	1790
cyndiandjj	cyndiandjj	1790
iamyaowang	332211	1790
superfox8118	123456	1790
wangguan304	wangguan	1790
hancongshuo	huiqing	1790
dongxuwang12	6624720120	1790
waxlrose112	47362547	1790
zhaoyun1020	1.414002	1790
sufei918918	yaoyuan	1790
babywuming	69446633	1790
liwei1987929	1987929	1790
shandian187	wangxin	1790
shanhangke	3681535	1790
caicai8872	19820909	1790
jiaweiwei168	13994930189	1790
dkf125634897	dkf125634897	1790
sueiyueran	670105	1790
tb245987446	6540491	1790
luolong88888	6204884	1790
yonghongcom	801002	1790
anheiguinu	322985	1790
junyong1986	5211314	1790
huanglili812	1985812	1790
zhaofeng009	84809595	1790
paopaopao007	1985412	1790
dangyaoqiang	16103059	1790
ilovehy2008	ilovehy	1790
wujialing1986	123456	1790
zhang510515	zhang962502	1790
wangpeng198798	421700	1790
zyz596140389	zyz1213141516	1790
zhr197421231	zhanghaoran	1790
xiongjie1981	76681801	1790
mozhiguizu	1987123	1790
michelle7227	9573466399	1790
dingdaodao	3657572	1790
valentino0086	3338434313	1790
lsld0192008	3251693449	1790
woojianwei	wjw19870321	1790
jiyuhong963	jiyuhong963	1790
winterhwang	3360673	1790
decadent2008	woaini1314	1790
wanliang20	888236	1790
nanguaxiake	19860416	1790
jinyue0319	yueyue	1790
happy58421	328829350	1790
simonwilliams	1234567	1790
james2006wang	654321	1790
a605103360	6051033600	1790
kavencomet	8201262	1790
guhaiyan0316	8198303168	1790
lcz200802084	200802084	1790
lanweitao678	7562251	1790
linxin198899	198899123	1790
mengjie1218	19861218	1790
wujingjing888	1986510	1790
renjingpeng	13241983296	1790
zhangdaye168	775168	1790
zhzj1597530	199353	1790
qianming5234	sd0001230	1790
chujianxin	278298861	1790
mo409843409	mo01080325	1790
lovelxm520	woaishui	1790
xiaolong4521	20050824	1790
piaoxueqingren	19831021	1790
henryandlia	123521	1790
wanshendaxia	xiebin520	1790
a123450261175	277101264	1790
aspirine1023	33221145	1790
guguoqing110	65353845	1790
hacker52019	520520	1790
hanlei2007	2352913	1790
bai2139439	2139439	1790
lixin328952752	429102	1790
liuzhongyuan87	19870325	1790
chenchao1991	chenchao	1790
ouyangyi124	ouyangyi4444	1790
wfa890325	890325	1790
qinnaidaguai	zhangkun	1790
danshen1ren	8441080	1790
xiaolei5375	19850126	1790
zhanhanker	woaini	1790
shijinlonga	154851955	1790
yinguo1989	891114	1790
yangleizhuying	52168095	1790
xuzhiguo2008	19780127	1790
pengzeqing	5305240	1790
jiajv5805669	19890204	1790
liutao82922	19820922	1790
tandandan1	19881220	1790
liushui7235036	7235036	1790
lihui2004529	123456	1790
da13081658755	800718	1790
fengyueyiyi	820122	1790
kingleejun	52scguf	1790
dw19921102	82412510	1790
qdangel1989	bugaosuni	1790
zoushuqiao	dangerous	1790
xingkaimoe	a2228761	1790
superpandacc	cc19871020cc	1790
fallenyangxu	0012yangxu	1790
doublehua234	liyuehua20	1790
lidapeng110	lidapeng	1790
hubeiliukun	19831025	1790
easternwang	123456781	1790
nlh645007156	645007156	1790
zhang449268828	19870902	1790
milanliwupu	274329260	1790
yuyi261564680	20020102	1790
shandiandidi	didi930723	1790
dingzhiwei01	286897030	1790
Loginheart	liangliang	1790
shanglianshan	630153	1790
zj852150707	7768070ji	1790
chinabaishan	19881008	1790
xrl851071006	15283086741	1790
lihui2004529	123456	1790
feifei890123	19890123	1790
chenxiaochi89	78910847	1790
yaojian6538	yaojian5520	1790
lspaklipeng	3225239	1790
dengzhiyucheng	d198948	1790
shaoloveshao	230302	1790
yonghongcom	801002	1790
lihuanan1985	198564	1790
seven7heaven	7777777	1790
wangscorpio	wang86	1790
hebojiadian	13219149818	1790
xulichen0318	19850318xu	1790
zhouandchao	zhouchao	1790
jasonpan0419	jason52mm	1790
fengxiaochong	xiaoxiao	1790
wangjin9081	86687874	1790
shimaosong	102060059	1790
zhushengquan1	83145741	1790
zhangxian03	5066998	1790
chenhouqian	123456	1790
guguoqing110	65353845	1790
a306567281	a7311620	1790
zhangyi7410	my7410709	1790
happy2008kid	happy2008kid	1790
adzx86191866	604713	1790
myfeifei521	112311	1790
realraul520	19840329	1790
zhengwei4175	123456	1790
myfeifei521	112311	1790
wzwt641952727	19920430	1791
shelleyzhou831	459580367	1791
xiaocaicai300	88554200	1791
maplesailer	49915001	1791
jidewoainiwrp	2290006	1791
lz13593839313	lyy20050308	1791
chenjiexxxx	j780114	1791
hanyanbing1120	19841120	1791
zhengwei8762	zhengwei8762	1791
lizumingshuai	lizuming	1791
lianhenry001	62372558	1791
huping199008	13635997174	1791
goodchenting	3513346	1791
chromosomegg	woaini	1791
shayuzhuiyi	521521241	1791
chengyifanhunter	hunter	1791
lookafteryou	15830080820	1791
yuanding23202	gxhgxj1314	1791
zeng75297252	102030zeng	1791
uranusshin	19840822	1791
vipwangchuan	wangchuan	1791
yangyang8234	198234	1791
longerbaobao	46982173	1791
xuanyanjian	78184845	1791
yxp19910821	318815	1791
ilovelva1314	520avril	1791
chenzhong0399	chenzj1017	1791
laishunchen	woaiwanglin	1791
zhb19810701	19810701	1791
jzh452331017	jzh199195	1791
liuyikun1017	5689052kun	1791
huanhuanwqp	huanhuanwqp	1791
rainyinthesky	520zouwang	1791
fei245379384	413083668	1791
sangsang633	633633	1791
zhengliang115	7229572	1791
ronniemcmahon	88888888	1791
watsonzhang	6681132	1791
wujingxiaomei	1236987	1791
halflifecougar	halflife	1791
yuanzhongyuer	235520	1791
wangjjmiao	xiaobudian	1791
maxiaogang54	10012254	1791
hewei111000	qq123456	1791
angy805487999	hye870826	1791
wangxin00320	1431225260	1791
amiaoamiaoamiao	8322306	1791
gary328081577	83864700	1791
jason388188	98388188	1791
happyhecatd	895623	1791
changcheng2008c	574871	1791
nikkihayashi	shuai0829	1791
libo1221love	19901221	1791
zhengfeng928	800928	1791
huangzhizong	amwfnpfi	1791
dahai975315x	975315x	1791
myzonehulin	hulin53521	1791
shimindong168	woaini168	1791
yuxiaowu2008	12345678	1791
lihuaxing1221	880907	1791
menglixianjing	mengjing	1791
xiaoming871223	aaaaaa	1791
haidong1170	3346790	1791
ljw19870904	woaini1314	1791
jasontw2008	19870718	1791
leeonjohnson	leeonjohnson0	1791
wangfeijiekd	feijiekd	1791
huzehui1990	5841201314	1791
yanhaili1981	3895337	1791
huangjing888	123456	1791
sqjiafeimao	suqiang	1791
luoxiaohu520	huxiaoluo	1791
wangchao5059	820901	1791
cc99895158	52238665	1791
xiaopengge21	19870130	1791
songtao520139	songtao123	1791
zhao3968573	248140	1791
chenfly1991	20710080420	1791
xuxiang0731	19920731	1791
yongwang1977	wangyong1977	1791
ynlpqf78116	ynlpqf78116	1791
weixiangzhang	108619	1791
huangxuelong520	8868564	1791
vipwangchuan	wangchuan	1791
chenhouqian	123456	1791
zcjiangfeng	19791229	1791
langlang6657	yang6657	1791
hezhixian001	850916	1791
luweihua12345	1987092121	1791
jian32772094	841018520	1791
blackangelhh	huanhuan	1791
xianglingzi007	121480cx0452	1791
yuzhounvwang	19890425	1791
lengrijingqi	zhanglei	1791
caiyouwei203	caiyouwei	1792
linshihanghao	woaini	1792
sunny3366866	19840314	1792
shuaihong617	137566	1792
lichengyi7260	lichengyi	1792
aiwosuoai2527	830519	1792
zhuang40269210	40269210	1792
scorpiuscurry	811030	1792
yunxiaoshenchu	122984	1792
jianglizhi1314	7758521	1792
caomingaini068	86868068	1792
yanghuan8965	198965	1792
fengaiting999	19880102	1792
bawvfpccj106	53517230	1792
tianlesoftware	woshidmm	1792
tianlanweixuan	123456	1792
yangdanfengai	13834889888	1792
youyidiyi1314	5201314	1792
yaobin25344316	52726228	1792
metallica1234	123456789	1792
xiaohang0926	jayhang926	1792
baisexiaoxiao	woaini	1792
hui648573047	13358733181	1792
chengjinwu008	7242012	1792
gloryanddream	76446260	1792
wangwentao330	330183	1792
woshishiqiwei	376552148	1792
lindongbo1988	19880812	1792
sang372335905	123456	1792
kingwangak47	1990717ak47	1792
zhangyi123tt	123456789	1792
liugang861214	82552341	1792
wangdapeng0126	19850126	1792
tingbotongzhi	5640220	1792
girlandbinhao	binhao951	1792
mali107877128	88523455	1792
xingjianglong	294860414	1792
woai76467778	76467778	1792
arthurkingcn	840721	1792
mimiyuan1985	mimiyuan1985	1792
jinhuliuchao	650815	1792
yiqiekanqian	552030	1792
luweihua12345	1987092121	1792
jiangshun1991	jiangshun	1792
chentao789123	4062681	1792
twilightangel	lfz001	1792
feng234768998	5632006	1792
zhupeng19851122	6561404	1792
libo1221love	19901221	1792
huhangcheng4545	1234trew	1793
guanjing033646	6410262205	1793
fantasy1988811	1988811	1793
longlinxinshen	yanleixin0608	1793
famousliuluxin	6983129	1793
houjunliang666	871117	1793
xuzhen441509068	xu111111	1793
gaoshuang091	19890901	1793
xiaoyaochengzhan	kiki2002885	1793
happyshuai1231	a5032239	1793
yuanshuo1234567	351999	1793
xiaoxigua1485	woxiangni1	1793
chenyongjun0907	494024315	1793
xufen45565773	520187	1793
xiaoweixiaoweix	785646663	1793
foreverlovebobo	716728	1793
yuxiaoqing1001	yxq841001	1793
zhuangjiawei18	2553524000	1793
fengshengwuying	801010	1793
wangxuezhi1122	ty175027	1793
zhuihunshashou	10101818	1793
lovexiaobao163	418036466	1793
chenjing19881005	19881005	1793
jingjiefeiyang	806829	1794
gujun1005466468	841384883	1794
chimingleishangren	19890913	1794
abc13774664577	13774664577	1794
sunjian372391309	372391309	1794
zhang773207762	773207762	1794
fenglei595331105	595331105	1794
lixiang258068175	123456	1794
zhangwenjie6780	zhangwenjie8866	1794
shenhuachong521	851125521	1794
guozhaojun2008	19820618	1794
zhaoyuqing1986	525733	1794


登陆几个看看:

555.png


666.png


777.png

修复方案:

验证码修复一下

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:低

漏洞Rank:1

确认时间:2015-08-24 10:18

厂商回复:

此漏洞已经有其他白帽子提交

最新状态:

暂无

漏洞评价:

评论