YXJ2018
Any user password modification exists in the system
When a user logs in, you can get various information under the user's cookie, one of which is cid=20154084, which is the user's login ID
The data after logging in here is very important. Here I am entering the user password modification interface
Here, the password is modified directly, and the password modification package is captured using a tool. It is found that it uses the ID of the corresponding account to make a judgment. This results in any user entering this interface and then modifying the password of the corresponding account by modifying the ID.
Here we start to try
- First log in to an account and obtain his account ID (his original password here is 1234567)
2.Replace the ID in the package just obtained with the obtained user ID, and then release the data packet
- Try to log in with the modified password to complete the vulnerability reproduction
The vulnerability is reproduced here. This vulnerability is very harmful. At the same time, I found that by using administrator privileges to log in to this interface, the administrator user and teacher account passwords can be modified, which can easily cause a large amount of information leakage and security issues.
