The Golden Disk book query terminal has a defect in page input and return restrictions. As a result, it can execute arbitrary JS Code on the terminal and access all terminal resources. (In fact, it is not clear that this calculation is not XSS ...)
For details, visit the "Expiration announcement" page on the Gold Disk book query terminal and enter the student ID or ID to query the corresponding records. If no record is displayed, the alert window prompts the user. Because the system does not limit the input content, it is easy to construct special content so that the terminal can execute our JS Code and access any other pages.
For example, input
2 '); alert ('hahaha ');//
You can also call up the resource manager by downloading the web page...
The terminal of the gold disk can still be used. The pop-up download interface is only available for an instant and requires reverse stress.
Make yourself an Internet Trojan to facilitate terminal infection.
Proof of vulnerability:
Terminal interface
Pop-up window
2 '); alert ('hahaha ');//
Access URL
Solution:
Just filter it out.