Bo library network-the most varieties of Chinese online bookstore, and the presence of any user of the password reset vulnerability, or non-mainstream.
Don’t burp suite, no violence, just gently change you can reset any user password.
To predict the details, please see the detailed description.
=====The first use of the bypass for password reset=====
1, in the Bo library network to find any one user, copy his username.
2, in the Retrieve login password phone password.
3, then the first step is completed, the Send verification code and verify that after the second step, where the modified url directly into the second step.
4, modified after the password directly after the take this user name and new password for successful login.
Don’t know tick on how to upload a video, you must be. swf file, the first place to YouTube.
Video address: http://v.youku.com/v_show/id_XNTA5ODQxMjU2.html
Video password: 1 2 3 4 5 6 1 2 3 4 5 6
=====The second is a conventional brute force=====
1, send verification code after begin to crack the code.
2, where the verification code is a 4-bit random number, using burp suite for blasting.
3, according to the return information or return the Content Length to determine the correct code.
4, the CAPTCHA is correct return{“flag”:“1 0 0”,“msg”:“\u8bf7\u7ee7\u7eed\u64cd\u4f5c!”}= {“flag”:“1 0 0”,“msg”:“continue the operation!”}, and Length 4 0 of 4.
CAPTCHA error return{“flag”:“1 0 1”,“msg”:“\u6821\u68c0\u7801\u586b\u5199\u9519\u8bef!”}= {“flag”:“1 0 1”,“msg”:“school inspection code fill error!”}, and Length 4 1 6 in.
5, according to the information violence 4-bit random number to crack, soon out, here not do a screenshot of the demo.
See a detailed description.
1, Direct bypass can be restricted access or can not directly enter the next step or the other.
2, The number of restrictions or the other.
3, the other.