穷游网某接口奇葩验证码导致的可撞库封禁网站用户

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0151038

漏洞标题：穷游网某接口奇葩验证码导致的可撞库封禁网站用户

漏洞作者：路人甲

提交时间：2015-11-02 15:01

修复时间：2015-12-17 16:10

公开时间：2015-12-17 16:10

漏洞类型：设计缺陷/逻辑错误

危害等级：低

自评Rank：3

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-11-02：细节已通知厂商并且等待厂商处理中
2015-11-02：厂商已经确认，细节仅向厂商公开
2015-11-12：细节向核心白帽子及相关领域专家公开
2015-11-22：细节向普通白帽子公开
2015-12-02：细节向实习白帽子公开
2015-12-17：细节向公众公开

简要描述：

穷游网某接口奇葩验证码导致的可撞库封禁网站用户

详细说明：

http://m.qyer.com/login/login.php?refer=http://m.qyer.com/接口登录位置一开始貌似是没有验证码的，但是后来就出来验证码了

这个验证码比较奇葩。。为啥说它奇葩呢？因为这个验证码不会失效，不会失效就算了，一般有的验证吗不会失效是因为抓包的原因，这个不用抓包也不会失效，貌似只要你不刷新页面，这个验证码就一直正确的。。这验证码有啥用？抓包发现用户名密码明文传输的：

然后测试撞库用户，这里贴出成功帐号：

111111@qq.com	111111	180
214804531@qq.com	ruguo0716	180
550546824@qq.com	cl123456	180
weiwu_my@qq.com	12345zxcvb	180
amimoon@qq.com	630417	180
20901534@qq.com	1986716	180
937060660@qq.com	123.123.	180
111111@qq.com	111111	180
414282923@qq.com	881230	180
qq@qq.com	123456	180
19871230@qq.com	yangyuxin	180
93657@qq.com	5430520	180
545792488@qq.com	long8621415	180
qq@qq.com	123456	180
13045367@qq.com	8004080	180
644842512@qq.com	w2y1zh5	180
lionfoo@qq.com	19840716	180
guigui_teddy@qq.com	6249519	180
85229319@qq.com	marshallge	180
535708469@qq.com	xxisbest	180
hlh1982@qq.com	19820316	180
546340837@qq.com	jj198718	180
3233832@qq.com	6804654	180
332627796@qq.com	wcf7758258	180
304472438@qq.com	8596630	180
469502188@qq.com	175750654	180
278487802@qq.com	278487802	180
29308470@qq.com	29308470	180
157259369@qq.com	235431899	180
88108146@qq.com	1988528mn	180
304842686@qq.com	7474074	180
69446009@qq.com	880322	180
419059111@qq.com	baigeaaaaa	180
9312710@qq.com	7303116	180
souly@qq.com	13676385	180
bee_zz@qq.com	5252420	180
188830928@qq.com	123456	180
icy1510@qq.com	19860103	180
930684@qq.com	6625543	180
122777138@qq.com	19850904cs	180
3080775@qq.com	2402159	180
x.su@qq.com	528103	180
263133823@qq.com	19880103	180
5263350@qq.com	nn304304	180
13149542@qq.com	a468210z	180
359768178@qq.com	870822	180
sxb851208@qq.com	851208	180
402131830@qq.com	890618	180
287279310@qq.com	13961096393	180
402342363@qq.com	199011	180
56492416@qq.com	8211821	180
41336281@qq.com	100200	180
lyhf2001@qq.com	1983515	180
442882085@qq.com	863355	180
22490138@qq.com	xufei125	180
qq@qq.com	123456	180
85988794@qq.com	woshilele0806	180
278071802@qq.com	5227659	180
442785542@qq.com	131131	180
87686688@qq.com	111111	180
80258648@qq.com	chengrui	180
82090700@qq.com	shanfeng	180
41777116@qq.com	102027	180
183117393@qq.com	19871001	180
81516406@qq.com	19850118	180
5848146@qq.com	85221817	180
10000a@qq.com	123a456a	180
77455167@qq.com	ni167943	180
253838442@qq.com	121590	180
frydog@qq.com	181123	180
353376728@qq.com	19911214	180
158181742@qq.com	158181742	180
111111@qq.com	111111	180
27061300@qq.com	8887113	180
39076978@qq.com	330327	180
dayu8735@vip.qq.com	94098808	180
149740005@qq.com	168939	180
81677947@qq.com	girl198575	180
1124754@qq.com	2988700	180
411637660@qq.com	66369386	180
284393833@qq.com	823921	180
241341566@qq.com	chenlin	180
841094449@qq.com	40385672	180
31812503@qq.com	31812503	180
419319122@qq.com	15515564464	180
65323814@qq.com	261725	180
aa261315@qq.com	261315	180
95871044@qq.com	95871044	180
szsyct@qq.com	840629	180
283374387@qq.com	wangfei76	180
39710495@qq.com	54tcymhd	180
149428109@qq.com	850420	180
385838661@qq.com	385838	180
genie2046@qq.com	1215818	180
753512358@qq.com	123588	180
309995524@qq.com	jiangzhao1	180
95704977@qq.com	stefsun	180
75714153@qq.com	lvjiaming	180
634631741@qq.com	57036307	180
544747416@qq.com	15973632160	180
623052006@qq.com	1995824	180
cashlom@qq.com	Akan29	180
55358144@qq.com	19861215	180
gikinghk@qq.com	410521	180
274945111@qq.com	lxj930321	180
351640201@qq.com	19840127jm	180
sistian@qq.com	ss051212	180
502409617@qq.com	8422925	180
478515773@qq.com	19890324	180
6268627@qq.com	711021	180
19564484@qq.com	810909	180
81090740@qq.com	xiaolizi	180
284121301@qq.com	19860916	180
munto7@qq.com	1988620109	180
11118134@qq.com	11118134	180
815552664@qq.com	tr8268001	180
wjl440@qq.com	5312900	180
157940903@qq.com	198608133	180
119113502@qq.com	dugenghai	180
502409617@qq.com	8422925	180
120732165@qq.com	remix1786	180
111111@qq.com	111111	180
46038086@qq.com	snower	180
32804066@qq.com	cdlok0800	180
14750239@qq.com	20000424	180
511586093@qq.com	caojun	180
610423239@qq.com	chenkaikay	180
314232570@qq.com	826826	180
11@qq.com	123456	180
yida7@qq.com	88224466	180
470796501@qq.com	zx2885501	180
6575162@qq.com	88995656	180
178202274@qq.com	585858	180
469734434@qq.com	482290jj	180
424014892@qq.com	424242	180
asbozi@qq.com	167813120	180
11400672@qq.com	87211762	180
459921185@qq.com	226226	180
michaelhan8@qq.com	heyman	180
19454441@qq.com	123456	180
jj870528@qq.com	111111	180
851829818@qq.com	5879576	180
88509722@qq.com	19850223	180
551473@qq.com	6710301	180
403210331@qq.com	13811445171	180
51707196@qq.com	52zj1314	180
23366955@qq.com	yuuyuu	180
89983010@qq.com	512694	180
45621849@qq.com	564335	180
124599249@qq.com	860410	180
453760271@qq.com	sd4832715	180
511733719@qq.com	c1990719	180
397347212@qq.com	9119105	180
406455278@qq.com	george	180
33354771@qq.com	dqt5201314	180
376987348@qq.com	19861228	180
adanet@qq.com	198546	180
381628150@qq.com	baishikele	180
215160763@qq.com	198578	180
152220311@qq.com	jay525000	180
sunjie29@qq.com	believeME	180
714893335@qq.com	dff2178	180
jiawei23@vip.qq.com	jiawei23	180
150485233@qq.com	19890813	180
409090696@qq.com	1478963	180
staywjx@qq.com	weijixiang20	180
125475517@qq.com	hanhuiru	180
349919494@qq.com	jijiji4	180
707171991@qq.com	abby1991	180
85034143@qq.com	123321	180
294876472@qq.com	tfs4226313	180
michaelhan8@qq.com	heyman	180
36912092@qq.com	111111	180
672233658@qq.com	43420024	180
64664752@qq.com	64664752	180
33411988@qq.com	830126	180
36912092@qq.com	111111	180
diyddy@qq.com	320304336	180
12854908@qq.com	11221221	180
2597381@qq.com	781231	180
461863690@qq.com	dbdg1147	180
80230341@qq.com	712088	180
124379604@qq.com	chenming	180
24038394@qq.com	115638305	180
395992088@qq.com	ly19860525	180
344841401@qq.com	66205014	180
113839388@qq.com	pass99	180
111111@qq.com	111111	180
569751928@qq.com	a64181837	180
656077604@qq.com	19900313	180
215833154@qq.com	868280	180
381682894@qq.com	8532132	180
norly@qq.com	woosular	180
86020559@qq.com	iy19820723	180
297020523@qq.com	963258963	180
360619305@qq.com	12311231	180
523520977@qq.com	iloveyou	180
279244315@qq.com	65339580	180
8583384@qq.com	8973903521	180
798374@qq.com	19840614	180
61797241@qq.com	dear5558	180
landycl@qq.com	8652350	180
327596002@qq.com	6013606520	180
leowu726@qq.com	qi267jiu	180
kjkjkjkj@qq.com	78956699	180
liuboxin@vip.qq.com	woshizou88	180
714590956@qq.com	13751668255	180
61078916@qq.com	shoushou520	180
2545545@qq.com	88995656	180
332375889@qq.com	6841021	180
381628150@qq.com	baishikele	180
78731634@qq.com	118131325	180
465693168@qq.com	940808	180
584472177@qq.com	78269093	180
lzy7816@qq.com	846321	180
ydcz@qq.com	13095302	180
2545545@qq.com	88995656	180
471083078@qq.com	1233730553	180
jinhuifay@vip.qq.com	r7jinhui	180
563349568@qq.com	198646	180
150511403@qq.com	iverson3	180
szwmm@qq.com	sakura	180
woozj@qq.com	456852	180
tmzjc1943@qq.com	tmzjc1943	180
287395@qq.com	yh843100	180
934538592@qq.com	617923	180
37237861@qq.com	mimacuowu	180
neewinc@vip.qq.com	311217	180
6151001@qq.com	67583980	180
351951576@qq.com	9999999	180
lidan0215@qq.com	s40mru	180
496450760@qq.com	20061609	180
47602505@qq.com	h8dlajee	180
12011643@qq.com	36846815	180
xuesen@qq.com	26813794	180
735177273@qq.com	panzijie	180
786829990@qq.com	fir110	180
12006390@qq.com	3031679	180
16839743@qq.com	linxia	180
824116148@qq.com	13774777635	180
ezjoys@vip.qq.com	321458	180
402421096@qq.com	19830617	180
188883088@qq.com	feifeirun	180
cold1999@qq.com	flywsm123	180
xxl710@qq.com	alxsislove	180
568471972@qq.com	7710774	180
173678990@qq.com	354543512	180
158222178@qq.com	610104	180
sjr_onlyone@qq.com	2256485	180
385793539@qq.com	yz81335699	180
516571832@qq.com	66160427	180
changjia@vip.qq.com	6391054	180
133188614@qq.com	148601	180
andydm@qq.com	810409	180
133563366@qq.com	19801124	180
tomoe_baba@qq.com	aptx4869	180
645601600@qq.com	wode123456	180
66905844@qq.com	372151456	180
as365266753@qq.com	woshixgy	180
vulgarian@vip.qq.com	826927	180
moonstone522@qq.com	277256	180
522717045@qq.com	212518	180
63052533@qq.com	loveyou3344	180
bxbyw@vip.qq.com	198989	180
111111@qq.com	111111	180
15453183@qq.com	1699qqpp	180
676932309@qq.com	789456123	180
momoko1125@qq.com	1123581321	180
yusiliang777@qq.com	281029	180
34938782@qq.com	zhjshl1983	180
329562948@qq.com	999888	180
329990866@qq.com	lh871013	180
736677173@qq.com	kadingche	180
124823779@qq.com	124823779	180
www.57364642@qq.com	1987522	180
51423324@qq.com	keaiduo516	180
736677173@qq.com	kadingche	180
88084821@qq.com	926292622	180
raink@vip.qq.com	19870103	180
274015230@qq.com	2451763	180
164972754@qq.com	6946988	180
86422710@qq.com	762703	180
32482214@qq.com	20020101	180
545357379@qq.com	456123	180
512080373@qq.com	lanqiu	180
676743875@qq.com	159874	180
46599408@qq.com	46599408	180
81537763@qq.com	fnhmft	180
floralin@vip.qq.com	yuxiaoyy	180
370204060@qq.com	5875435	180
51928723@qq.com	sarah819913	180
158262616@qq.com	5656226	180
460919588@qq.com	171923	180
sean.chan@qq.com	cowherds	180
111111@qq.com	111111	180
5400121@qq.com	5233330	180
625080047@qq.com	buxiaode	180
234966943@qq.com	2581280	180
342889725@qq.com	maomao616263	180
690386000@qq.com	abcd123abcd	180
yixizhenghui@qq.com	zhenghui	180
471729@qq.com	8899121	180
bigfish_water@qq.com	19660430	180
48152548@qq.com	123456789	180
869917@qq.com	5131421	180
603811837@qq.com	112233	180
yu529030134@qq.com	349178329	180
704616628@qq.com	19890512	180
451035039@qq.com	198989	180
346055189@qq.com	3360187	180
463994592@qq.com	zmn970223	180
272752458@qq.com	123456	180
280353119@qq.com	5842669	180
786829990@qq.com	fir110	180
hrwx@qq.com	fairies	180
418085884@qq.com	johnny	180
65649706@qq.com	qloveyou	180
39274680@qq.com	19860630	180
262895010@qq.com	591010	180
524653989@qq.com	qqbbyygood	180
282164918@qq.com	891022	180
746662507@qq.com	6679593	180
edleung2076@qq.com	366582	180
49214491@qq.com	veshall	180
9450384@qq.com	8541630	180
100881121@qq.com	1881121	180
160100@qq.com	youchris	180
tienky@qq.com	wang0517	180
jiameng@qq.com	jiameng	180
524653989@qq.com	qqbbyygood	180
18600025@qq.com	198947	180
11360752@qq.com	3702547	180
369098273@qq.com	6281673	180
lizehong168@qq.com	459362684	180
575720013@qq.com	7412342948	180
bvboy@qq.com	853799	180
331615497@qq.com	280582817	180
111111@qq.com	111111	180
smiledi@qq.com	aaroncarter	180
cuibin890808@qq.com	cb890808	180
rain407616307@qq.com	zhangzz	180
rop2@qq.com	guoqiang	180
85988794@qq.com	woshilele0806	180
312850437@qq.com	wangying	180
tiantiandx_005@qq.com	2082458	180
beki@vip.qq.com	kennethshuai	180
32921537@qq.com	890612	180
7947168@qq.com	mm741963	180
675830548@qq.com	zl2262689	180
276853296@qq.com	410705414	180
543802186@qq.com	123456qwe	180
276020255@qq.com	1122sun	180
407386948@qq.com	19910714	180
786829990@qq.com	fir110	180
575720013@qq.com	7412342948	180
328641493@qq.com	328641493	180
229687444@qq.com	13602359761	180
417477353@qq.com	woai123lisha	180
654090875@qq.com	shukun76	180
280028617@qq.com	1988412000	180
137437317@qq.com	57483811	180
381387615@qq.com	5265811	180
413341345@qq.com	880820	180
120749291@qq.com	4836323	180
52682444@qq.com	831216	180
346013052@qq.com	billeva	180
474305546@qq.com	biyu19921003	180
82203424@qq.com	3529678	180
593930281@qq.com	19911215zlt	180
174312368@qq.com	a870103	180
258122148@qq.com	aoruidai123	180
287577793@qq.com	weiyahang	180
729734@qq.com	10244210	180
274784890@qq.com	123456	180
342863676@qq.com	1987421124	180
120087225@qq.com	120087225	180
sz_asong@qq.com	sarah526	180
11@qq.com	123456	180
24313055@qq.com	19822222	180
176581864@qq.com	4863648	180
273943546@qq.com	xiaolielie	180
173593915@qq.com	lengyang	180
331490618@qq.com	101010asd	180
272606600@qq.com	13675859688	180
58772924@qq.com	198455xml	180
22@qq.com	111111	180
115141218@qq.com	169426	180
gylhg@qq.com	gylhg001	180
unicorners@qq.com	f1o2o3l4	180
573157985@qq.com	3221212	180
304559665@qq.com	tan78952	180
360580444@qq.com	5428518	180
734884103@qq.com	11223lifu	180
235994163@qq.com	2313967	180
362177924@qq.com	iloveyou	180
281740685@qq.com	123456	180
414845809@qq.com	1212zz	180
43375755@qq.com	tomtian	180
hanven@vip.qq.com	19891226	180
490181262@qq.com	chongzi	180
35978607@qq.com	123456789	180
575720013@qq.com	7412342948	180
707991812@qq.com	5122080	180
85954280@qq.com	mm15542415	180
125752172@qq.com	5121314	180
guyueqian@qq.com	10250407	180
342859954@qq.com	1234123	180
licheng7475@qq.com	19891121	180
176536062@qq.com	1008a00h	180
252810943@qq.com	170634	180
248998454@qq.com	650324	180
fangyu1026@qq.com	860316	180
361160970@qq.com	3024405	180
45447491@qq.com	yuan369	180
newzxl@qq.com	5311671	180
22217293@qq.com	19871208	180
Mattus@vip.qq.com	7221213	180
180908623@qq.com	69835478	180
270451542@qq.com	19851105	180
rainyday808@qq.com	468008	180
xiaofeiwen1717@qq.com	zwzjjs	180
350668017@qq.com	200580331	180
172794571@qq.com	899065	180
249589035@qq.com	3330883	180
296843169@qq.com	426025	180
124422832@qq.com	2512880	180
ngwaiguang@qq.com	666666	180
412528962@qq.com	870123	180
51816575@qq.com	840406	180
499567761@qq.com	868757400	180
331451466@qq.com	w19911021	180
ikoudai@qq.com	ssxxssxx	180
286407971@qq.com	13351234	180
68596286@qq.com	ldh1989310	180
591019555@qq.com	5501221	180
304550047@qq.com	120120	180
49013@qq.com	21110011	180
516592163@qq.com	870713	180
407891553@qq.com	2232645	180
287422206@qq.com	515869a	180
564096064@qq.com	wangjing	180
289196429@qq.com	199119	180
1234567@qq.com	1234567	180
angeldrc@qq.com	85213868	180
95739237@qq.com	881225sx	180
527414670@qq.com	4447750	180
14366648@qq.com	870303	180
lxn1217@qq.com	999fbifbi	180
504711515@qq.com	1989121	180
382514135@qq.com	ciami5kgb	180
341445826@qq.com	910503	180
4741039@qq.com	yanghuan	180
39256959@qq.com	198247	180
616823913@qq.com	64204357	180
fengshanyin@vip.qq.com	fsy379999	180
654959133@qq.com	315081gu	180
522411758@qq.com	19910821	180
411829537@qq.com	411829537	180
327551047@qq.com	6352aa	180
463366161@qq.com	zp199323	180
878508562@qq.com	zaq1236	180
zhumijia@vip.qq.com	63668596	180
497886449@qq.com	881203	180
86263535@qq.com	163163	180
2951342@qq.com	88839632	180
5730191@qq.com	690907	180
20580205@qq.com	6480182	180
383511336@qq.com	87889327a	180
447806375@qq.com	19870117xx	180
76603220@qq.com	jingjing	180

登录用户帐号：

关于封禁帐号的话，上面有提示，然后你懂的。。。

漏洞证明：

http://m.qyer.com/login/login.php?refer=http://m.qyer.com/接口登录位置一开始貌似是没有验证码的，但是后来就出来验证码了

然后测试撞库用户，这里贴出成功帐号：

111111@qq.com	111111	180
214804531@qq.com	ruguo0716	180
550546824@qq.com	cl123456	180
weiwu_my@qq.com	12345zxcvb	180
amimoon@qq.com	630417	180
20901534@qq.com	1986716	180
937060660@qq.com	123.123.	180
111111@qq.com	111111	180
414282923@qq.com	881230	180
qq@qq.com	123456	180
19871230@qq.com	yangyuxin	180
93657@qq.com	5430520	180
545792488@qq.com	long8621415	180
qq@qq.com	123456	180
13045367@qq.com	8004080	180
644842512@qq.com	w2y1zh5	180
lionfoo@qq.com	19840716	180
guigui_teddy@qq.com	6249519	180
85229319@qq.com	marshallge	180
535708469@qq.com	xxisbest	180
hlh1982@qq.com	19820316	180
546340837@qq.com	jj198718	180
3233832@qq.com	6804654	180
332627796@qq.com	wcf7758258	180
304472438@qq.com	8596630	180
469502188@qq.com	175750654	180
278487802@qq.com	278487802	180
29308470@qq.com	29308470	180
157259369@qq.com	235431899	180
88108146@qq.com	1988528mn	180
304842686@qq.com	7474074	180
69446009@qq.com	880322	180
419059111@qq.com	baigeaaaaa	180
9312710@qq.com	7303116	180
souly@qq.com	13676385	180
bee_zz@qq.com	5252420	180
188830928@qq.com	123456	180
icy1510@qq.com	19860103	180
930684@qq.com	6625543	180
122777138@qq.com	19850904cs	180
3080775@qq.com	2402159	180
x.su@qq.com	528103	180
263133823@qq.com	19880103	180
5263350@qq.com	nn304304	180
13149542@qq.com	a468210z	180
359768178@qq.com	870822	180
sxb851208@qq.com	851208	180
402131830@qq.com	890618	180
287279310@qq.com	13961096393	180
402342363@qq.com	199011	180
56492416@qq.com	8211821	180
41336281@qq.com	100200	180
lyhf2001@qq.com	1983515	180
442882085@qq.com	863355	180
22490138@qq.com	xufei125	180
qq@qq.com	123456	180
85988794@qq.com	woshilele0806	180
278071802@qq.com	5227659	180
442785542@qq.com	131131	180
87686688@qq.com	111111	180
80258648@qq.com	chengrui	180
82090700@qq.com	shanfeng	180
41777116@qq.com	102027	180
183117393@qq.com	19871001	180
81516406@qq.com	19850118	180
5848146@qq.com	85221817	180
10000a@qq.com	123a456a	180
77455167@qq.com	ni167943	180
253838442@qq.com	121590	180
frydog@qq.com	181123	180
353376728@qq.com	19911214	180
158181742@qq.com	158181742	180
111111@qq.com	111111	180
27061300@qq.com	8887113	180
39076978@qq.com	330327	180
dayu8735@vip.qq.com	94098808	180
149740005@qq.com	168939	180
81677947@qq.com	girl198575	180
1124754@qq.com	2988700	180
411637660@qq.com	66369386	180
284393833@qq.com	823921	180
241341566@qq.com	chenlin	180
841094449@qq.com	40385672	180
31812503@qq.com	31812503	180
419319122@qq.com	15515564464	180
65323814@qq.com	261725	180
aa261315@qq.com	261315	180
95871044@qq.com	95871044	180
szsyct@qq.com	840629	180
283374387@qq.com	wangfei76	180
39710495@qq.com	54tcymhd	180
149428109@qq.com	850420	180
385838661@qq.com	385838	180
genie2046@qq.com	1215818	180
753512358@qq.com	123588	180
309995524@qq.com	jiangzhao1	180
95704977@qq.com	stefsun	180
75714153@qq.com	lvjiaming	180
634631741@qq.com	57036307	180
544747416@qq.com	15973632160	180
623052006@qq.com	1995824	180
cashlom@qq.com	Akan29	180
55358144@qq.com	19861215	180
gikinghk@qq.com	410521	180
274945111@qq.com	lxj930321	180
351640201@qq.com	19840127jm	180
sistian@qq.com	ss051212	180
502409617@qq.com	8422925	180
478515773@qq.com	19890324	180
6268627@qq.com	711021	180
19564484@qq.com	810909	180
81090740@qq.com	xiaolizi	180
284121301@qq.com	19860916	180
munto7@qq.com	1988620109	180
11118134@qq.com	11118134	180
815552664@qq.com	tr8268001	180
wjl440@qq.com	5312900	180
157940903@qq.com	198608133	180
119113502@qq.com	dugenghai	180
502409617@qq.com	8422925	180
120732165@qq.com	remix1786	180
111111@qq.com	111111	180
46038086@qq.com	snower	180
32804066@qq.com	cdlok0800	180
14750239@qq.com	20000424	180
511586093@qq.com	caojun	180
610423239@qq.com	chenkaikay	180
314232570@qq.com	826826	180
11@qq.com	123456	180
yida7@qq.com	88224466	180
470796501@qq.com	zx2885501	180
6575162@qq.com	88995656	180
178202274@qq.com	585858	180
469734434@qq.com	482290jj	180
424014892@qq.com	424242	180
asbozi@qq.com	167813120	180
11400672@qq.com	87211762	180
459921185@qq.com	226226	180
michaelhan8@qq.com	heyman	180
19454441@qq.com	123456	180
jj870528@qq.com	111111	180
851829818@qq.com	5879576	180
88509722@qq.com	19850223	180
551473@qq.com	6710301	180
403210331@qq.com	13811445171	180
51707196@qq.com	52zj1314	180
23366955@qq.com	yuuyuu	180
89983010@qq.com	512694	180
45621849@qq.com	564335	180
124599249@qq.com	860410	180
453760271@qq.com	sd4832715	180
511733719@qq.com	c1990719	180
397347212@qq.com	9119105	180
406455278@qq.com	george	180
33354771@qq.com	dqt5201314	180
376987348@qq.com	19861228	180
adanet@qq.com	198546	180
381628150@qq.com	baishikele	180
215160763@qq.com	198578	180
152220311@qq.com	jay525000	180
sunjie29@qq.com	believeME	180
714893335@qq.com	dff2178	180
jiawei23@vip.qq.com	jiawei23	180
150485233@qq.com	19890813	180
409090696@qq.com	1478963	180
staywjx@qq.com	weijixiang20	180
125475517@qq.com	hanhuiru	180
349919494@qq.com	jijiji4	180
707171991@qq.com	abby1991	180
85034143@qq.com	123321	180
294876472@qq.com	tfs4226313	180
michaelhan8@qq.com	heyman	180
36912092@qq.com	111111	180
672233658@qq.com	43420024	180
64664752@qq.com	64664752	180
33411988@qq.com	830126	180
36912092@qq.com	111111	180
diyddy@qq.com	320304336	180
12854908@qq.com	11221221	180
2597381@qq.com	781231	180
461863690@qq.com	dbdg1147	180
80230341@qq.com	712088	180
124379604@qq.com	chenming	180
24038394@qq.com	115638305	180
395992088@qq.com	ly19860525	180
344841401@qq.com	66205014	180
113839388@qq.com	pass99	180
111111@qq.com	111111	180
569751928@qq.com	a64181837	180
656077604@qq.com	19900313	180
215833154@qq.com	868280	180
381682894@qq.com	8532132	180
norly@qq.com	woosular	180
86020559@qq.com	iy19820723	180
297020523@qq.com	963258963	180
360619305@qq.com	12311231	180
523520977@qq.com	iloveyou	180
279244315@qq.com	65339580	180
8583384@qq.com	8973903521	180
798374@qq.com	19840614	180
61797241@qq.com	dear5558	180
landycl@qq.com	8652350	180
327596002@qq.com	6013606520	180
leowu726@qq.com	qi267jiu	180
kjkjkjkj@qq.com	78956699	180
liuboxin@vip.qq.com	woshizou88	180
714590956@qq.com	13751668255	180
61078916@qq.com	shoushou520	180
2545545@qq.com	88995656	180
332375889@qq.com	6841021	180
381628150@qq.com	baishikele	180
78731634@qq.com	118131325	180
465693168@qq.com	940808	180
584472177@qq.com	78269093	180
lzy7816@qq.com	846321	180
ydcz@qq.com	13095302	180
2545545@qq.com	88995656	180
471083078@qq.com	1233730553	180
jinhuifay@vip.qq.com	r7jinhui	180
563349568@qq.com	198646	180
150511403@qq.com	iverson3	180
szwmm@qq.com	sakura	180
woozj@qq.com	456852	180
tmzjc1943@qq.com	tmzjc1943	180
287395@qq.com	yh843100	180
934538592@qq.com	617923	180
37237861@qq.com	mimacuowu	180
neewinc@vip.qq.com	311217	180
6151001@qq.com	67583980	180
351951576@qq.com	9999999	180
lidan0215@qq.com	s40mru	180
496450760@qq.com	20061609	180
47602505@qq.com	h8dlajee	180
12011643@qq.com	36846815	180
xuesen@qq.com	26813794	180
735177273@qq.com	panzijie	180
786829990@qq.com	fir110	180
12006390@qq.com	3031679	180
16839743@qq.com	linxia	180
824116148@qq.com	13774777635	180
ezjoys@vip.qq.com	321458	180
402421096@qq.com	19830617	180
188883088@qq.com	feifeirun	180
cold1999@qq.com	flywsm123	180
xxl710@qq.com	alxsislove	180
568471972@qq.com	7710774	180
173678990@qq.com	354543512	180
158222178@qq.com	610104	180
sjr_onlyone@qq.com	2256485	180
385793539@qq.com	yz81335699	180
516571832@qq.com	66160427	180
changjia@vip.qq.com	6391054	180
133188614@qq.com	148601	180
andydm@qq.com	810409	180
133563366@qq.com	19801124	180
tomoe_baba@qq.com	aptx4869	180
645601600@qq.com	wode123456	180
66905844@qq.com	372151456	180
as365266753@qq.com	woshixgy	180
vulgarian@vip.qq.com	826927	180
moonstone522@qq.com	277256	180
522717045@qq.com	212518	180
63052533@qq.com	loveyou3344	180
bxbyw@vip.qq.com	198989	180
111111@qq.com	111111	180
15453183@qq.com	1699qqpp	180
676932309@qq.com	789456123	180
momoko1125@qq.com	1123581321	180
yusiliang777@qq.com	281029	180
34938782@qq.com	zhjshl1983	180
329562948@qq.com	999888	180
329990866@qq.com	lh871013	180
736677173@qq.com	kadingche	180
124823779@qq.com	124823779	180
www.57364642@qq.com	1987522	180
51423324@qq.com	keaiduo516	180
736677173@qq.com	kadingche	180
88084821@qq.com	926292622	180
raink@vip.qq.com	19870103	180
274015230@qq.com	2451763	180
164972754@qq.com	6946988	180
86422710@qq.com	762703	180
32482214@qq.com	20020101	180
545357379@qq.com	456123	180
512080373@qq.com	lanqiu	180
676743875@qq.com	159874	180
46599408@qq.com	46599408	180
81537763@qq.com	fnhmft	180
floralin@vip.qq.com	yuxiaoyy	180
370204060@qq.com	5875435	180
51928723@qq.com	sarah819913	180
158262616@qq.com	5656226	180
460919588@qq.com	171923	180
sean.chan@qq.com	cowherds	180
111111@qq.com	111111	180
5400121@qq.com	5233330	180
625080047@qq.com	buxiaode	180
234966943@qq.com	2581280	180
342889725@qq.com	maomao616263	180
690386000@qq.com	abcd123abcd	180
yixizhenghui@qq.com	zhenghui	180
471729@qq.com	8899121	180
bigfish_water@qq.com	19660430	180
48152548@qq.com	123456789	180
869917@qq.com	5131421	180
603811837@qq.com	112233	180
yu529030134@qq.com	349178329	180
704616628@qq.com	19890512	180
451035039@qq.com	198989	180
346055189@qq.com	3360187	180
463994592@qq.com	zmn970223	180
272752458@qq.com	123456	180
280353119@qq.com	5842669	180
786829990@qq.com	fir110	180
hrwx@qq.com	fairies	180
418085884@qq.com	johnny	180
65649706@qq.com	qloveyou	180
39274680@qq.com	19860630	180
262895010@qq.com	591010	180
524653989@qq.com	qqbbyygood	180
282164918@qq.com	891022	180
746662507@qq.com	6679593	180
edleung2076@qq.com	366582	180
49214491@qq.com	veshall	180
9450384@qq.com	8541630	180
100881121@qq.com	1881121	180
160100@qq.com	youchris	180
tienky@qq.com	wang0517	180
jiameng@qq.com	jiameng	180
524653989@qq.com	qqbbyygood	180
18600025@qq.com	198947	180
11360752@qq.com	3702547	180
369098273@qq.com	6281673	180
lizehong168@qq.com	459362684	180
575720013@qq.com	7412342948	180
bvboy@qq.com	853799	180
331615497@qq.com	280582817	180
111111@qq.com	111111	180
smiledi@qq.com	aaroncarter	180
cuibin890808@qq.com	cb890808	180
rain407616307@qq.com	zhangzz	180
rop2@qq.com	guoqiang	180
85988794@qq.com	woshilele0806	180
312850437@qq.com	wangying	180
tiantiandx_005@qq.com	2082458	180
beki@vip.qq.com	kennethshuai	180
32921537@qq.com	890612	180
7947168@qq.com	mm741963	180
675830548@qq.com	zl2262689	180
276853296@qq.com	410705414	180
543802186@qq.com	123456qwe	180
276020255@qq.com	1122sun	180
407386948@qq.com	19910714	180
786829990@qq.com	fir110	180
575720013@qq.com	7412342948	180
328641493@qq.com	328641493	180
229687444@qq.com	13602359761	180
417477353@qq.com	woai123lisha	180
654090875@qq.com	shukun76	180
280028617@qq.com	1988412000	180
137437317@qq.com	57483811	180
381387615@qq.com	5265811	180
413341345@qq.com	880820	180
120749291@qq.com	4836323	180
52682444@qq.com	831216	180
346013052@qq.com	billeva	180
474305546@qq.com	biyu19921003	180
82203424@qq.com	3529678	180
593930281@qq.com	19911215zlt	180
174312368@qq.com	a870103	180
258122148@qq.com	aoruidai123	180
287577793@qq.com	weiyahang	180
729734@qq.com	10244210	180
274784890@qq.com	123456	180
342863676@qq.com	1987421124	180
120087225@qq.com	120087225	180
sz_asong@qq.com	sarah526	180
11@qq.com	123456	180
24313055@qq.com	19822222	180
176581864@qq.com	4863648	180
273943546@qq.com	xiaolielie	180
173593915@qq.com	lengyang	180
331490618@qq.com	101010asd	180
272606600@qq.com	13675859688	180
58772924@qq.com	198455xml	180
22@qq.com	111111	180
115141218@qq.com	169426	180
gylhg@qq.com	gylhg001	180
unicorners@qq.com	f1o2o3l4	180
573157985@qq.com	3221212	180
304559665@qq.com	tan78952	180
360580444@qq.com	5428518	180
734884103@qq.com	11223lifu	180
235994163@qq.com	2313967	180
362177924@qq.com	iloveyou	180
281740685@qq.com	123456	180
414845809@qq.com	1212zz	180
43375755@qq.com	tomtian	180
hanven@vip.qq.com	19891226	180
490181262@qq.com	chongzi	180
35978607@qq.com	123456789	180
575720013@qq.com	7412342948	180
707991812@qq.com	5122080	180
85954280@qq.com	mm15542415	180
125752172@qq.com	5121314	180
guyueqian@qq.com	10250407	180
342859954@qq.com	1234123	180
licheng7475@qq.com	19891121	180
176536062@qq.com	1008a00h	180
252810943@qq.com	170634	180
248998454@qq.com	650324	180
fangyu1026@qq.com	860316	180
361160970@qq.com	3024405	180
45447491@qq.com	yuan369	180
newzxl@qq.com	5311671	180
22217293@qq.com	19871208	180
Mattus@vip.qq.com	7221213	180
180908623@qq.com	69835478	180
270451542@qq.com	19851105	180
rainyday808@qq.com	468008	180
xiaofeiwen1717@qq.com	zwzjjs	180
350668017@qq.com	200580331	180
172794571@qq.com	899065	180
249589035@qq.com	3330883	180
296843169@qq.com	426025	180
124422832@qq.com	2512880	180
ngwaiguang@qq.com	666666	180
412528962@qq.com	870123	180
51816575@qq.com	840406	180
499567761@qq.com	868757400	180
331451466@qq.com	w19911021	180
ikoudai@qq.com	ssxxssxx	180
286407971@qq.com	13351234	180
68596286@qq.com	ldh1989310	180
591019555@qq.com	5501221	180
304550047@qq.com	120120	180
49013@qq.com	21110011	180
516592163@qq.com	870713	180
407891553@qq.com	2232645	180
287422206@qq.com	515869a	180
564096064@qq.com	wangjing	180
289196429@qq.com	199119	180
1234567@qq.com	1234567	180
angeldrc@qq.com	85213868	180
95739237@qq.com	881225sx	180
527414670@qq.com	4447750	180
14366648@qq.com	870303	180
lxn1217@qq.com	999fbifbi	180
504711515@qq.com	1989121	180
382514135@qq.com	ciami5kgb	180
341445826@qq.com	910503	180
4741039@qq.com	yanghuan	180
39256959@qq.com	198247	180
616823913@qq.com	64204357	180
fengshanyin@vip.qq.com	fsy379999	180
654959133@qq.com	315081gu	180
522411758@qq.com	19910821	180
411829537@qq.com	411829537	180
327551047@qq.com	6352aa	180
463366161@qq.com	zp199323	180
878508562@qq.com	zaq1236	180
zhumijia@vip.qq.com	63668596	180
497886449@qq.com	881203	180
86263535@qq.com	163163	180
2951342@qq.com	88839632	180
5730191@qq.com	690907	180
20580205@qq.com	6480182	180
383511336@qq.com	87889327a	180
447806375@qq.com	19870117xx	180
76603220@qq.com	jingjing	180

登录用户帐号：

关于封禁帐号的话，上面有提示，然后你懂的。。。

修复方案：

验证码好好修复一下吧。。

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

危害等级：中

漏洞Rank：5

确认时间：2015-11-02 16:08

厂商回复：

谢谢对穷游网的关注。

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0151038

漏洞标题：穷游网某接口奇葩验证码导致的可撞库封禁网站用户

相关厂商：穷游网

漏洞作者：路人甲

提交时间：2015-11-02 15:01

修复时间：2015-12-17 16:10

公开时间：2015-12-17 16:10

漏洞类型：设计缺陷/逻辑错误

危害等级：低

自评Rank：3

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评价

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0151038

漏洞标题：穷游网某接口奇葩验证码导致的可撞库封禁网站用户

相关厂商：穷游网

漏洞作者： 路人甲

提交时间：2015-11-02 15:01

修复时间：2015-12-17 16:10

公开时间：2015-12-17 16:10

漏洞类型：设计缺陷/逻辑错误

危害等级：低

自评Rank：3

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0151038"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评价

漏洞概要关注数(24) 关注此漏洞

漏洞作者：路人甲

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源路人甲@乌云