Major security vulnerabilities on Sina Weibo may cause easy theft of Weibo accounts

Source: Internet
Author: User
Tags subdomain name

The 36kr team accidentally discovered a major security vulnerability when using the iPhone client of Sina Weibo, which may cause serious problems of Weibo account theft.

There is an additional function (as shown in the red box) to use the mobile client version to browse Weibo. You can share a microblog with others via email:

 

After you select "share email to a friend", the email client of the iPhone will be displayed. The content of Weibo will be used as the body of the email, and all relevant links will be saved. The problem lies in the link with @ pointing to the user. For example, in the mail shown in the 36 KR link address: http://t.sina.cn/n/36%E6%B0%AA? Gsid = 3_58ac12a3f316799befd32266401081ecafb8ada0

Any user who obtains this link can go to the page shown in the second image below after clicking it. You can try it (either in a desktop browser, but because it is a mobile address, the mobile page is displayed ). This page is actually associated with the account used to forward emails to Weibo. That is to say, if you continue to click "my homepage ", what we see is the main interface we applied for to test this defect after logging on to Weibo account @ Weibo bot. Then, you can do anything except change the password: release a new Weibo account, change the user name, and modify other user settings and information. To some extent, this is equivalent to the theft of Weibo accounts.

Update1: Because @ 36 KR Weibo account was banned, the above link can not continue to access, you can try Lee Kai Fu's microblogging link: http://t.sina.cn/n/%E6%9D%8E%E5%BC%80%E5%A4%8D? Gsid = 3_58ac12a3f316799befd32266401081ecafb8ada0

Update2: at present, @ 36kr's Weibo account has been unblocked, but the @ Weibo account used for testing has been banned, so the above links are unavailable. However, this vulnerability persists. If you are interested, you can use the mobile client to forward @ Weibo to your mailbox for verification. @ 36 KR reminds you to pay attention to security.

 

Obviously, t.sina.cn is a subdomain name used by Sina for Weibo on mobile web pages and mobile clients. It is different from t.sina.com.cn on the desktop. The preceding demonstration shows that mobile Weibo does not use cookies to confirm the identity of users when providing gsid links (although cookie security is low, in a non-encrypted Wifi environment, anyone who uses Firefox's Firesheep plug-in can easily obtain cookies that are not encrypted by others ). For example, if instructor Li Kaifu sends a Weibo message to me using the email sharing Function of the mobile client, then I can get his gsid, it is terrible to use this security vulnerability to publish any content that I want to publish to the fans of kaijie more than 4 million.

Here, @ 36kr reminds Sina Weibo users not to use the "email sharing" function of the mobile client before the security vulnerability is fixed.


Reprinted Please note: "Reprinted from @ 36 KR" Thank you :)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.