Is there a way to steal traffic for free?

Is there a way to steal traffic for free?

Yesterday, the major vulnerabilities of White Hat hackers "very white" were announced on the red/Black Alliance's vulnerability platform. Hackers can use the operator's traffic without limits in a simple way. what's even worse is that mobile, Unicom, and telecom can all use this method.

In the vulnerability details, the author analyzes the causes of the vulnerability:
To provide convenience to customers, the operator provides preferential policies, such as receiving MMS messages, logging on to the office to exempt users from traffic fees, and other services without traffic fees.
The carrier's billing system adds these stream-free service URLs to the White List in order to distinguish whether the user is using a traffic-free service or accessing the internet normally, when the billing system detects that a user accesses a URL in the whitelist or receives MMS messages, no fee is charged.
At the same time, the author also published the principle of exploits:
When a user accesses the Internet, an http request header is sent to the server. The request header contains the URL, UA, network protocol, and host), Cookie, source address, file type, and other information. The billing system detects the request header to identify whether a user accesses a URL in the whitelist or receives MMS messages. However, the billing system detects the request information sent by the user. This information comes from the user, and you can customize this information to achieve the purpose of fraudulent billing detection and traffic-free Internet access.
The vulnerability details have been submitted to CNCERT (national Internet emergency center ). In addition, according to the introduction of the red/Black alliance, the vulnerability details have been provided to the carrier, waiting for the vendor to handle the vulnerability.
Interestingly, this vulnerability caused a split in the comment area.
A white hat left a message:
Everyone here needs to know this for 90 percent. You submit it to let us live.
Someone else directly said:
Of course, the operator knows (this vulnerability), but the full upgrade of billing will cause greater losses.


[Replies to vulnerabilities posted on the red/Black Alliance]
From the comment, this method may have existed for a long time, and it has gained a certain popularity in the circle and become the default hidden rule in the hacker circle. Up to now, the three major operations have not responded. Did the first kids who heard about the incident feel that they have missed hundreds of millions?