263 using enterprise mail and personal mail to kill arbitrary User Logon

263 using enterprise mail and personal mail to kill arbitrary User Logon

Enterprise mail and personal email can be killed.
Suffixes of affected mailboxes include: All enterprise mailboxes, net263.com, 263.net, 263.com, 263.net.cn, and x263.net.


263 personal cloud Communication Center:

Http://uc.263.net/ma/web/jsp/usc/index.jsp
 

Go to the mailbox and capture packets:
 

http://uc.263.net/ma/web//usc/action/app/webMailUrl.d

Generate a quick logon link based on my email address and use the link to log on.

In normal cases, the logon verification should be performed here. You can only log on to your mailbox.


With a try, pcode passed in: [email protected]
 

Url:
 

Https://mm.263.com/sadLogin.do? Usr = [email protected] & sessionkey = [email protected] [email protected] p; bindid = 000000 use this link (the link can only be used once). A miraculous logon is successful:

[Email protected]:
 

[Email protected]:
 

Find a few domain names that use 263 enterprise mail, and directly use "admin @ Enterprise Domain Name ":

#1:
 

#2:
 

After logging on to your mailbox, you can directly log on to the address book, cloud calendar, and synchronization disk by single point:
 

Synchronization disk background management:
 

The preceding email addresses are only used for Logon tests to prove the hazards. Click here.
 

Solution:

Verify sensitive interfaces.