GreenTree Inn SMS Verification Vulnerability and order query without permission Control

Source: Internet
Author: User

GreenTree Inn SMS Verification Vulnerability and order query without permission Control

GreenTree Inn mobile website http://m.998.com/

1. SMS Verification Vulnerability

Registration page http://m.998.com/Api/Account/SendMobileCheckMsg.ashx

The text message verification code is directly included in the returned results of the request for sending the verification code. The result is that you can use another person's mobile phone number to register an account. Similarly, in the login page of the non-member order query http://m.998.com/phone_order.html, the verification code is similar. This is done to allow the front-end to verify the text message verification code. The front-end verification is still very easy to eliminate, and the text message verification code is useless.

2. You have no permission to query orders.

Non-member order query page logon is useless at all, because the query interface has no permission control at all. Http://m.998.com/Api/User/GetOrderList.ashx? CardNo = 0 & phone = 18000000000 & orderListType = 1 & page = 1 & pageSize = 10

The member's order query interface page does not have permission control. You can query the page by passing a card number.

Http://m.998.com/Api/User/GetOrderList.ashx? CardNo = 100001450000 & phone = & orderListType = 2 & page = 1 & pageSize = 10

I tried a few non-member order queries for the captured mobile phone verification code, but I was too lazy to try again.


Several member order queries are found:

There are mobile phone and bank fields, but the account found is empty. It seems that no sensitive information is sent directly.
 


Solution:

Call the IT department.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.