Baiku net modifies any user password (including the repair solution)

Baiku net modified any user password, the technical content of meters, the great god Mo spray, now the manufacturer seems to have fixed, so when you see this vulnerability, it is almost no longer effective, thanks. 90. All rights reserved for the blog. For more information, see.

Vulnerability description:

Baiku network requires a mobile phone number to register, and then the password retrieval mechanism is to send a verification code to the mobile phone number, the problem arises. Because a six-digit random number is sent without limiting the number of verifications and the authentication IP address, the verification code can be cracked to change the user's password. Because mobile phone numbers are involved, it is not difficult to obtain a large number of mobile phone numbers, and RMB is involved, so the harm is also relatively large.

Vulnerability process:

First retrieve the password, and then send a 6-digit random number verification code to the mobile phone number to submit the packet capture.

It's just a simple digital verification, so it can be cracked by brute force, 100 threads, and it won't take much time to crack.

Enter the correct verification code to change the password.

Vulnerability repair:

1. Restrict the number of verifications and IP addresses
2. The verification code is not a pure number.