A service defect in Chongqing Mobile may be caused by Intranet

A service defect in Chongqing Mobile may be caused by Intranet

There are traces of intrusion. Security means that you do not know that what you are using has been hacked. Security means security.
I will not go deep into it. After all, I am using my own business.

Detailed description:

The reason is that the traffic activity found that this Chongqing City app offers a lot of discounts.

On Monday, the traffic could not be grabbed, and it felt a bit pitfall. So we started with this article.

Download this app first

A packet is captured.

Contains a background

Then let's take a look.

Yes

Then receive the SMS verification code to log on.

Which of the following are the attachments? Company photos?

The file cannot be found after the upload.
 

The connection is downloaded, and nothing is read.

Return to the bag to view the data.

After all, the picture and other estimates are made together, because it is convenient.

Mask Region

  
   
1.: // **. **. **/smeResource // upload/bizTerminalFolds/ap5001_00000011274/1436408588532_tt.png? * ********* Of the horse? * ***** 2. ://**. **. **/sme/sp/myInfo/sp/spInfoManage/download. actionfileName = upload/SpUploadFile/1446208817017. jsp? * ***** 3.: // **. **. **/smeResource/upload/SpUploadFile/1446208817017.jsp
  

IP address human bypass.

Sure enough.

Then there is the database connection or something.

Proof of vulnerability:

Intranet

Point to end.

Then a trojan is found on the homepage of the mobile phone download page.

Check the Intranet and servers.

Solution:

Fix it quickly.