Password Reset Vulnerability of any user in Boku Network, non-violent cracking

Boku network-the most popular Chinese online bookstore, which has the password reset vulnerability for any user. It is still a non-mainstream store. No burp suite, no brute force. You can reset the password of any user by changing the password. ===== The first method is to reset the password through bypass ===== 1. Find any user on the Boku network and copy the user name. 2. When you retrieve the logon password, select the phone to retrieve the password. 3. At this time, the first step is completed. After the verification code is sent and verified, go to the second step. Here, modify the url and go to the second step. 4. After the password is changed, log on with the user name and new password. Video address: http://v.youku.com/v_show/id_xnta5odqxmju2.htmlvideo password: 123456123456 ==== the second is the conventional brute-force cracking ==== 1. After the verification code is sent, the verification code is cracked. 2. The verification code here is a four-digit random number, which is cracked using the burp suite. 3. The correct verification code can be determined based on the returned information or the length of the returned content. 4. If the verification code is correct, {"flag": "100", "msg": "\ u8bf7 \ u7ee7 \ u7eed \ u64cd \ u4f5c is returned! "}={" Flag ":" 100 "," msg ":" continue! "}, Length: 404. {"Flag": "101", "msg": "\ u6821 \ u68c0 \ u7801 \ u586b \ u5199 \ u9519 \ u8bef! "}={" Flag ":" 101 "," msg ":" Incorrect verification code! "}, Length: 416. 5. According to the above information, the brute-force cracking of four random numbers will soon come out. We will not demonstrate it here.Solution:1. You can directly bypass the operation to restrict permissions or directly go to the next step or other steps. 2. limit the number of times or perform other operations. 3. Others.