当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0137348

漏洞标题:酷我vip某接口设计不当可撞库用户(大量账号证明)

相关厂商:酷我音乐

漏洞作者: 路人甲

提交时间:2015-08-27 15:06

修复时间:2015-10-11 15:10

公开时间:2015-10-11 15:10

漏洞类型:设计缺陷/逻辑错误

危害等级:低

自评Rank:3

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-27: 细节已通知厂商并且等待厂商处理中
2015-08-27: 厂商已经确认,细节仅向厂商公开
2015-09-06: 细节向核心白帽子及相关领域专家公开
2015-09-16: 细节向普通白帽子公开
2015-09-26: 细节向实习白帽子公开
2015-10-11: 细节向公众公开

简要描述:

酷我vip某接口设计不当可撞库用户,大量账号证明

详细说明:

http://vip.kuwo.cn/vip/jsp/login.jsp?status=4这个接口是酷我vip的一个登陆接口,登陆位置未做登陆验证机制

1.png


抓包之后查看用户名和密码又是明文传输

2.png


之后测试撞库用户,判断应该是可以成功撞库的:

3.png


4.png


大量撞库成功账号证明:

tyty91	84662256	1719
xiaoj8bai	521880227	1719
haibo72	1294468	1719
huhuan1742	7612746	1719
qiongyusg	wangyufeng	1719
xz6926249	cn95588021	1719
q6235053	q6235053	1719
tewytyl	213288848	1719
yhlinjun	276951439	1719
dou454	86530787	1719
zod1221	8530157	1719
nbdbx	50057188	1719
liux7813	37077813	1719
wdtxwsls	zhanquan	1719
kby8270	5035632	1719
landycl	8652350	1719
mbzhuyee	263012148	1719
zltzj	3303160	1719
xjzhangzz	5205206688	1719
kisslandi	19850227	1719
smasherlzw	7533282	1719
yy1319	36919985	1719
xgw8899	123456	1719
chrgame	game2019812	1719
tidus1982	ls820714	1719
shjm521	5551328	1719
xmc1988	636458	1719
kaozhj	111111	1719
chedaquan	123456	1719
fjlouie	3993162	1719
wjm2123	www2123	1719
zgmgcy	86856644	1719
haohao409	7758521	1719
kabul06	123+456+789+zz	1719
nan112	123456	1719
rockboy900	821129	1719
aixian6	123369987	1719
qazfw	fw165366	1719
ggzmy	119119	1719
biin919	biin999	1719
alin52	wgefnss	1719
wzt4822	854822	1719
heseri	1q2w3e4r	1719
jlc314	800314	1719
wwwk100	123qaz	1719
sd1026	235689	1719
ryudo9013	19900913	1719
tititt	111111	1719
wangzhehui	wanghui	1719
w366311969	80542022	1719
totosha	4840027	1719
markxwa	19891217	1719
lp701618	1982621lp	1719
wangsu29	5041105702	1719
hellonly	1291912919	1719
udavid	3324252	1719
depgfbj	198771	1719
yinanzi	qinglong	1719
zj306cs	shenlufang	1719
kzyz007	860624	1719
w2660968	2660968	1719
zdczsw	zdclcxzsw	1719
wanyukan	5201314	1720
mathewshow	304349	1720
305538386	lixiang	1720
jgy1987	123456	1720
fansong6	14091409	1720
xnjhappy	secretxnj	1720
lindxxxx	966646	1720
lmhzj56	5606526	1720
chen94000	bardfdtj	1720
ycylyan	198566	1720
raymond83	1983129	1720
taishanrou	routaishan	1720
wucf101	6227008	1720
raoletian	aihang99	1720
feifei5512	7682129	1720
wxmwxm941	1212121	1720
peiroger	826527	1720
xinyi067	liuqin	1720
yuli581	5813780	1720
asdfg0663	11651829	1720
chilitao	814117	1720
ugirl5211	gaotian	1720
sayahati	800913	1720
winwuliu	123456	1720
liming414	1986414	1720
leveexie	8216508	1720
gzzhc5	36201808	1720
liypch	592369	1720
rex901226	19901226	1720
lencolwm	lencolwm	1720
lzc820629	201314	1720
wzz31111	19791022	1720
wannzdmpy	340205	1720
dhlkele	75978502	1720
xixi2205	86880237	1720
wulucky	wuwenhua	1720
gaosuper	gaosuper00	1720
se7en97	shanghai	1720
westlorn	123156	1720
bhqz1229	bhqz1229	1720
zhaoruiyx	zhaorui	1720
sexlessboy	ilylss1314	1720
pocrioc	9801411015	1720
wsliys	19891018	1720
jacy520777	425115046	1720
panshuai0	2963170	1720
fuhouan	gameover	1720
hgc1027	8180178	1720
go2003yes	1023456	1720
tangzee	5643572	1720
klein714	271778580	1720
caohui1015	2311639	1720
hanshaky	5394189	1720
dnnlucd	19831012	1720
sjl890319	890319	1720
yqw7654321	3820511	1720
xinqi520	18527005	1720
sadfafas	123456	1720
ling1min	358183438	1720
quincy888	3696127	1720
cjy981	315191	1720
uoucool	wtu5164	1720
syd521006	s19900305	1720
newhacke	123123	1720
zhangheyue	94344720	1720
bb2292423	88888888	1720
zjh5920	59206523	1720
daidanao	dda789	1720
x3235020	3235020	1720
yr19910104	5208814yr	1720
gllandlhr	407444586	1720
zslxtw	813813	1720
haoweiwell	870522	1720
dyw689	5525689	1720
slx1219	woaini	1720
wc66684	634829071	1720
xueweishi	19881124	1720
rfqyuan	5968128	1720
hilanlang	198979520	1720
zpa1798	828203	1720
arabictao	buzhidao0531	1720
lzf715	112233	1720
ndl0820	123456	1720
zolf110	5167998	1720
motowolf	motowolf	1720
xulie168	gdxulie	1720
cllovemxt	19850616	1720
8213810	13599515770	1720
jianbo03	19851015	1720
xiaochyu	thankadminn	1720
janytang	5201314	1720
40669126	521696	1720
baidu0619	409870203	1721
kissoul	zhuanglu	1721
lyjbenny	7512231	1721
lilove183	li19840102	1721
alina0920	5203344	1721
lichun925	990196	1721
hao36636	hao36636	1721
flyxiyue	woaini	1721
hyzhouj089	7758521	1721
dalong720	long551527	1721
wenshengsong	wenshengsong	1721
aoutrun	13613252313	1721
fenghaowgs	2610620	1721
baby20yu	870204	1721
chu211124	71067605	1721
joan7668	woaiwojia22	1721
iredghost	123321	1721
yellow5250	13150018923	1721
a6899794	6899794	1721
anfenger	54742475	1721
popo8816812	19921118	1721
xinge0131	ldj0131	1721
q7182302	7182302	1721
chenyushen	13553753082	1721
anjingtao	840310	1721
yimao5111	466198506	1721
jying1199	33881314	1721
yihongmr	yihong	1721
huangkui99	hhhhhhh	1721
lu517462300	329958	1721
keqin5959	6123628	1721
280325920	19850605	1721
wenwei1221	8788846	1721
nbzhu119	66733999	1721
g19860720	147542184	1721
jacy0166	89705204	1721
discosz	nike5055	1721
edisongzj	52135213	1721
chenwu005	28786025	1721
elfinmali	198287	1721
hanxiwei1	123456	1721
chenbin8212	639146cb	1721
ljm8935	89350252	1721
kimgz1001	5046139	1721
eva2015	2015012	1721
candy2277	13159522277	1721
xuruanjie	88385541	1721
704202095	546254613	1721
zxc3332096	3332096	1721
astrophel	123456	1721
377414691	24130624	1721
chenw502	19860817	1721
weilin439	xingchen2006	1721
genius60	19850411	1721
tongjia19	920109	1721
twwyyyy	5226666	1721
sjl890319	890319	1721
a429299930	8928762	1721
51106568	3322897	1721
q3622165	3622165	1721
ctbuhero	545033	1721
kannan422	z000000	1721
haida520	95671588	1721
a920415	zhumin123	1721
70147878	70147878	1721
mengtao5168	19810409001	1721
lukun158	198619	1721
topjeff	910102	1721
yntm1985	176305am	1721
send365	89930910	1721
mengtao5168	19810409001	1721
hepei1981	271855705	1721
Leowhuang	19860728	1721
x5603816	4417463	1721
ddxy2008	120447655	1721
duming866	123456789	1721
wudidehao	123456	1721
paiguhua	34402476	1721
wwg2121	winner	1721
liu1030bo	19881030	1721
cmy1990628	363784518	1721
huan337	156988	1721
qingzi133	qingzi	1721
dark1203	521886217	1721


登陆用户账号证明:

5.png


6.png

漏洞证明:

http://vip.kuwo.cn/vip/jsp/login.jsp?status=4这个接口是酷我vip的一个登陆接口,登陆位置未做登陆验证机制

1.png


抓包之后查看用户名和密码又是明文传输

2.png


之后测试撞库用户,判断应该是可以成功撞库的:

3.png


4.png


大量撞库成功账号证明:

tyty91	84662256	1719
xiaoj8bai	521880227	1719
haibo72	1294468	1719
huhuan1742	7612746	1719
qiongyusg	wangyufeng	1719
xz6926249	cn95588021	1719
q6235053	q6235053	1719
tewytyl	213288848	1719
yhlinjun	276951439	1719
dou454	86530787	1719
zod1221	8530157	1719
nbdbx	50057188	1719
liux7813	37077813	1719
wdtxwsls	zhanquan	1719
kby8270	5035632	1719
landycl	8652350	1719
mbzhuyee	263012148	1719
zltzj	3303160	1719
xjzhangzz	5205206688	1719
kisslandi	19850227	1719
smasherlzw	7533282	1719
yy1319	36919985	1719
xgw8899	123456	1719
chrgame	game2019812	1719
tidus1982	ls820714	1719
shjm521	5551328	1719
xmc1988	636458	1719
kaozhj	111111	1719
chedaquan	123456	1719
fjlouie	3993162	1719
wjm2123	www2123	1719
zgmgcy	86856644	1719
haohao409	7758521	1719
kabul06	123+456+789+zz	1719
nan112	123456	1719
rockboy900	821129	1719
aixian6	123369987	1719
qazfw	fw165366	1719
ggzmy	119119	1719
biin919	biin999	1719
alin52	wgefnss	1719
wzt4822	854822	1719
heseri	1q2w3e4r	1719
jlc314	800314	1719
wwwk100	123qaz	1719
sd1026	235689	1719
ryudo9013	19900913	1719
tititt	111111	1719
wangzhehui	wanghui	1719
w366311969	80542022	1719
totosha	4840027	1719
markxwa	19891217	1719
lp701618	1982621lp	1719
wangsu29	5041105702	1719
hellonly	1291912919	1719
udavid	3324252	1719
depgfbj	198771	1719
yinanzi	qinglong	1719
zj306cs	shenlufang	1719
kzyz007	860624	1719
w2660968	2660968	1719
zdczsw	zdclcxzsw	1719
wanyukan	5201314	1720
mathewshow	304349	1720
305538386	lixiang	1720
jgy1987	123456	1720
fansong6	14091409	1720
xnjhappy	secretxnj	1720
lindxxxx	966646	1720
lmhzj56	5606526	1720
chen94000	bardfdtj	1720
ycylyan	198566	1720
raymond83	1983129	1720
taishanrou	routaishan	1720
wucf101	6227008	1720
raoletian	aihang99	1720
feifei5512	7682129	1720
wxmwxm941	1212121	1720
peiroger	826527	1720
xinyi067	liuqin	1720
yuli581	5813780	1720
asdfg0663	11651829	1720
chilitao	814117	1720
ugirl5211	gaotian	1720
sayahati	800913	1720
winwuliu	123456	1720
liming414	1986414	1720
leveexie	8216508	1720
gzzhc5	36201808	1720
liypch	592369	1720
rex901226	19901226	1720
lencolwm	lencolwm	1720
lzc820629	201314	1720
wzz31111	19791022	1720
wannzdmpy	340205	1720
dhlkele	75978502	1720
xixi2205	86880237	1720
wulucky	wuwenhua	1720
gaosuper	gaosuper00	1720
se7en97	shanghai	1720
westlorn	123156	1720
bhqz1229	bhqz1229	1720
zhaoruiyx	zhaorui	1720
sexlessboy	ilylss1314	1720
pocrioc	9801411015	1720
wsliys	19891018	1720
jacy520777	425115046	1720
panshuai0	2963170	1720
fuhouan	gameover	1720
hgc1027	8180178	1720
go2003yes	1023456	1720
tangzee	5643572	1720
klein714	271778580	1720
caohui1015	2311639	1720
hanshaky	5394189	1720
dnnlucd	19831012	1720
sjl890319	890319	1720
yqw7654321	3820511	1720
xinqi520	18527005	1720
sadfafas	123456	1720
ling1min	358183438	1720
quincy888	3696127	1720
cjy981	315191	1720
uoucool	wtu5164	1720
syd521006	s19900305	1720
newhacke	123123	1720
zhangheyue	94344720	1720
bb2292423	88888888	1720
zjh5920	59206523	1720
daidanao	dda789	1720
x3235020	3235020	1720
yr19910104	5208814yr	1720
gllandlhr	407444586	1720
zslxtw	813813	1720
haoweiwell	870522	1720
dyw689	5525689	1720
slx1219	woaini	1720
wc66684	634829071	1720
xueweishi	19881124	1720
rfqyuan	5968128	1720
hilanlang	198979520	1720
zpa1798	828203	1720
arabictao	buzhidao0531	1720
lzf715	112233	1720
ndl0820	123456	1720
zolf110	5167998	1720
motowolf	motowolf	1720
xulie168	gdxulie	1720
cllovemxt	19850616	1720
8213810	13599515770	1720
jianbo03	19851015	1720
xiaochyu	thankadminn	1720
janytang	5201314	1720
40669126	521696	1720
baidu0619	409870203	1721
kissoul	zhuanglu	1721
lyjbenny	7512231	1721
lilove183	li19840102	1721
alina0920	5203344	1721
lichun925	990196	1721
hao36636	hao36636	1721
flyxiyue	woaini	1721
hyzhouj089	7758521	1721
dalong720	long551527	1721
wenshengsong	wenshengsong	1721
aoutrun	13613252313	1721
fenghaowgs	2610620	1721
baby20yu	870204	1721
chu211124	71067605	1721
joan7668	woaiwojia22	1721
iredghost	123321	1721
yellow5250	13150018923	1721
a6899794	6899794	1721
anfenger	54742475	1721
popo8816812	19921118	1721
xinge0131	ldj0131	1721
q7182302	7182302	1721
chenyushen	13553753082	1721
anjingtao	840310	1721
yimao5111	466198506	1721
jying1199	33881314	1721
yihongmr	yihong	1721
huangkui99	hhhhhhh	1721
lu517462300	329958	1721
keqin5959	6123628	1721
280325920	19850605	1721
wenwei1221	8788846	1721
nbzhu119	66733999	1721
g19860720	147542184	1721
jacy0166	89705204	1721
discosz	nike5055	1721
edisongzj	52135213	1721
chenwu005	28786025	1721
elfinmali	198287	1721
hanxiwei1	123456	1721
chenbin8212	639146cb	1721
ljm8935	89350252	1721
kimgz1001	5046139	1721
eva2015	2015012	1721
candy2277	13159522277	1721
xuruanjie	88385541	1721
704202095	546254613	1721
zxc3332096	3332096	1721
astrophel	123456	1721
377414691	24130624	1721
chenw502	19860817	1721
weilin439	xingchen2006	1721
genius60	19850411	1721
tongjia19	920109	1721
twwyyyy	5226666	1721
sjl890319	890319	1721
a429299930	8928762	1721
51106568	3322897	1721
q3622165	3622165	1721
ctbuhero	545033	1721
kannan422	z000000	1721
haida520	95671588	1721
a920415	zhumin123	1721
70147878	70147878	1721
mengtao5168	19810409001	1721
lukun158	198619	1721
topjeff	910102	1721
yntm1985	176305am	1721
send365	89930910	1721
mengtao5168	19810409001	1721
hepei1981	271855705	1721
Leowhuang	19860728	1721
x5603816	4417463	1721
ddxy2008	120447655	1721
duming866	123456789	1721
wudidehao	123456	1721
paiguhua	34402476	1721
wwg2121	winner	1721
liu1030bo	19881030	1721
cmy1990628	363784518	1721
huan337	156988	1721
qingzi133	qingzi	1721
dark1203	521886217	1721


登陆用户账号证明:

5.png


6.png

修复方案:

加上验证码

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:低

漏洞Rank:1

确认时间:2015-08-27 15:08

厂商回复:

相同漏洞已经由其他白帽子提交

最新状态:

暂无

漏洞评价:

评论