A vulnerability in the site Cool Network allows tens of thousands of users to log on to the site at will (see how I log on to the accounts of a large number of gold medal designers)

A vulnerability in the site Cool Network allows tens of thousands of users to log on to the site at will (see how I log on to the accounts of a large number of gold medal designers)

The problem parameter is here: theoretically, only the details of his QQ number can be changed, and his mailbox can be changed.

Automatically complete logon Verification

Http://passport.zcool.com.cn/verifyEmail.do? Name = "" & appId = 1006
 

appId=1006

This appID test is almost universal ~~~ 1006 the default value is 1006. There is no other mechanism to limit it. It's speechless.



We only need to pay attention to the name parameter here.



How can I change his password?



First, find 1 member



Zcool.com.cn/


 

For example:



Http://www.zcool.com.cn/special/gogoup4/ pay attention to the following comments:



Example:

Let's find several popular designers to change their passwords.



Expand his details





For example: http://fangkuaiashou.zcool.com.cn/



Square monster
 

Pay attention to his QQ:

[Email protected]



The problem parameters are also set up.

If his email address exists, it will succeed.







Access: http://passport.zcool.com.cn/verifyEmail.do? Name = [email protected] & amp; appId = 1006




 

Next, we only need to change his email address to change his password.



We replaced his email address ~~



It should be noted that because the email entered his pants is verified once, the mailbox cannot be used again after the second repeat



Then we can register a few more.



Change once, register one, and then register the other.



If I have registered a mailbox that has not been used 163



[Email protected] feng163



Next:



First enter 163 wait


 

Then we will be there



Click Modify email


 

Change the current email address to the registered 163 email address.

[email protected]

Then submit it.


 

At this time, 163 will receive the registration information


 

At this time, an activation message will be sent. We only need to click to activate the code automatically.


 

At this time, the designer's mailbox was changed.



Let's see.


 

At this time, pay attention to the mailbox. It's our mailbox.



The user is the gold medal designer we have changed.



Everything has


 

========================================================== ======================================



Let's change it to another ordinary member.



Let's look



Prepare our unused 163 mailbox



[Email protected] 19971030



I'm ready



Next



Find a member


 

These designers only need QQ details.



I found 1 member



Http://www.zcool.com.cn/u/1975332





Design fans:

Pay attention to his QQ



451204869



Combination



For [email protected]



Setup problem parameters:



Http://passport.zcool.com.cn/verifyEmail.do? Name = [email protected] & amp; appId = 1006

Access


 

Good luck. Sure enough. If this mailbox is not used, it will certainly prompt that it does not exist.



Next, let's change the email address.



Change this to an email address we have never used.



[Email protected]




 

Then submit ~~

In the same way, our mailbox contains our contents.
 

Access



Http://passport.zcool.com.cn/verfy.do? Name = [email protected] & code = 17f287028bfb1f8b9b887846d05f7a70 & appId = 1006


 

In this way, this so-called design enthusiast, we just got in.
 

The email here is our previous [email protected ].
 

http://passport.zcool.com.cn/verifyEmail.do?name=“”&appId=1006

Contact the member ID for details ~ Then register a new mailbox, change the mailbox, enter the mailbox, and automatically activate logon ~~~~

Solution:

Filter