A third-party vulnerability allows you to view fund changes (including balance, salary, fund details, and transfer verification code) with only one mobile phone number)

Source: Internet
Author: User

A third-party vulnerability allows you to view fund changes (including balance, salary, fund details, and transfer verification code) with only one mobile phone number)

The affected content includes but is not limited:
Bank card balance, salary record, loan information, fund details, consumption record, transfer verification code

This vulnerability will be identified by Wang Sicong (only dare to interact with her husband ).

Security is a whole. to ensure security, it is not how powerful a powerful place is, but where a really weak place is.

Security risks that can be seen everywhere, any small defect can lead to the collapse of Enterprise Security.

#0 vulnerability statement

Only security tests were conducted on the system, without causing any damage to the system, and no data record was obtained and saved.

#1 affected services

Http ://**. **. **. **/. The linkage advantage is the joint venture between China Mobile and China UnionPay. China UnionPay and China Mobile jointly launch the bank notification service. banks directly use the specified information system to push each text message of a bank to users.
 


 

As an "Instant Financial Messaging System", the System is a Financial data communication platform developed based on China Mobile Short Message Platform and bank Financial database, and make full use of Internet and GSM network resources, so that individual and enterprise customers of banks and banks can enjoy financial services anytime and anywhere.

 



#2 business functions
 

1. The silver communication system automatically sends text messages to users' mobile phones to notify users of the change of accounts in real time. 2. Notification Services such as loan expiration, time deposit expiration, credit card expiration and card replacement, credit card overdraft, credit card payment, new banking services, and bank interest rate changes. 3. Professional Services A. Information Notification Services such as notification of return on the transaction of securities information, successful withdrawal of tickets, entrusted acceptance, stock changes, and securities market information. B. Information Notification Services such as closing price of foreign exchange information, fund status of foreign exchange accounts, return on transactions, short comments of foreign exchange analysis, daily financial data report notifications, and exchange rate changes.



#3 Vulnerability Technical Description

Due to vulnerabilities in the banking and communications business system, the text message records sent by banks to users can be found online.

#4 online banking and communications applications with the struts2 Remote Command Execution Vulnerability (a five-year vulnerability)

Http: // **. **: 8899/fiscmcmstest/struts/login. action
 



#5 all subsystems in the business system use tomcat middleware, and the user passwords configured are consistent

In this way, the Business Support System of yinxintong will be directly affected: http: // **. **/bis/login. jsp
 


 

 

#6 the business system provides the message record query function of MAS (the server that sends SMS messages specially) to query the information pushed by the Bank to each mobile phone user and the information sent by the user to the bank.
 



#7 find hidden amount information and decompile the internal data query API
 



#8 request redefinition

 
  
*****?? & Bk = bank service number & *****
 

Original JSON text message returned
 


 

 

Solution:

Filter

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.