Goal: Phoenix Bookstore app
Bookstore money can buy books to read, usually do the task can get points, points can be exchanged for books. (20 points -> 1 coin)
Vulnerability at the redemption point, capture the exchange when the exchange, and found that when the conversion points greater than there are points will be prompted to score points, so the points into negative numbers, you can find that you can continue to increase their points ~ ~ but there is a place for attention Is the conversion of each point can not be less than or equal to -20, otherwise it will lead to a corresponding reduction in book money.
Therefore, as long as the N through the contract, each conversion -19 points, you can make the integral points + 19 * N, and finally the integral conversion to books, you can make you the richest user
Payload: (points = -19, prompt redemption points successfully, successfully for yourself +19 points)
http://appapi.yc.ifeng.com/web/qy_user.php?a=points_for&auth=c30693d825&ct=iOS&output=json&points=-19&srcid=fenghuang&t=1464570813&token=2157421639&uid=5892933&v=1The proof is as follows, I currently have a score of 17 and a book currency of 88
So contracting ten times, add 10 * 19 points to their own, and ultimately 207 points, 88 books
Convert all the points into book money, eventually 7 points, 98 books
Only for testing, not for other purposes, please know, thank you.
solution:
Please advise ~
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
