Wechat red casual collar(fortune to become rich Ben well-off, daily rate million is not a dream)-vulnerability warning-the black bar safety net

2015-02-26T00:00:00
ID MYHACK58:62201559435
Type myhack58
Reporter only_guest@乌云
Modified 2015-02-26T00:00:00

Description

Team the little friends always make me red packets to them, sent thousands of block is also not satisfied with it! Find a loophole to give them red envelopes!

Their manual testing. A minute collar the 2 0 0 block of red envelopes, but also fairly good. Estimated write into the program a day a few hundred thousand not a problem! Get rich Ben well-off will rely on you! Fight! Wechat red envelopes it!

Detailed description:

Wechat red envelopes to collect the page URL: https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx6fa7e3bab7e15415&redirect_uri=https://wxapp. tenpay. com/v2/hybrid/www/weixin/hongbao/receive. shtml? showwxpaytitle=1&sendid=1 0 0 0 0 0 0 0 0 0 2 0 1 5 0 1 0 9 2 0 4 7 4 7 8 9 9 9&channelid=1&msgtype=1&from=singlemessage&isappinstalled=0&us=**&ver=1&sign=*&clientversion=2 6 0 0 0 2 3 8&devicetype=android-1 9&pass_ticket=****&timeguid=14207873040300.4459930493030697&response_type=code& scope=snsapi_base&state=STATE&connect_redirect=1#wechat_redirect

The above URL is that we receive envelopes of the URL. The address of the sendid is the corresponding envelopes ID Following the asterisk is my identity information, so I shield. sendid front 1 0 is fixed, the middle is the date, back 1 0-bit is red ID As long as to traverse the back of the 1 0-bit ID can feel free to pick up other people's envelopes! I traverse a 4 0 a ID, the following are some of the successful screenshots:

!

!

!

!

Accidentally picking up a brother to his friend's wedding a red envelope, it is。。。。 Tencent help me get the money back to him it!!! Then you may feel unfulfilling, We to bulk detection of red exists.

!

Now that you have can be reproduced, simply write a program to automatically collar!

!

[1] [2] next