A system vulnerability in a taxi in Xiamen allows you to view the driver information (Remote Control of the playing device in the car \ acquisition of Xiamen taxi driver photo ID card number, etc)
Information of 2000 out 130 drivers cracked
Http://www.xm968890.com: 8008/
Multimedia Electronic Program Dispatch System for taxis in Xiamen
Unauthorized access
Information can be pushed to empty vehicles or heavy duty vehicles
Add or delete content
There is an option to get driver information on the left. If you do not know the name and post service ID, use the most common name, Wang Lei.
The driver's ID card number is displayed in the driver's photo.
This time, with the Post Service Certificate number, I threw it into the burp and ran it.
Match and capture the information to be extracted
The main residential area is the driver's name, organization, and photo url, which can be generated. The information of the 2000 drivers is found from the 133 numbers. I don't know how to combine the garbled characters.
Solution:
How about driver information? Fix it.