首頁

2014年3月10日 星期一

"哇靠~"這一篇怎能不轉載給-'貪婪'的"愚弱不思想的哪些人們"看個明白!!*引用來自*高階黑客者*[不可說的秘密(身份/名字)]一篇精彩描述--"被黑產蹂躪​​的團購網站"!!=真的是近期最優之文章='黑客者'中也有的是''伸張正[卍]道義的大人物''~!!-USA(en)-*" Holy crap ..." How can we not be reproduced for this article - ' greed ' of ' stupid weak without thinking of what people "look into that * Quoted from * high-level hackers who * [ can not say that the secret ( identity / name ) ! ! ] a wonderful description - ! ! " was torn black Nissan buy site " = really is the best of the recent article = ' hackers who ' has also done some '' positive [ swastika ] moral Don ''~!!

*"哇靠~"這一篇怎能不轉載給-'貪婪'的"愚弱不思想的哪些人們"看個明白!!*引用來自*高階黑客者*[不可說的秘密(身份/名字)]=  
*一篇精彩描述--"被黑產蹂躪​​的團購網站"!!=真的是近期最優之文章=  
'黑客者'中也有的是''伸張正[卍]道義的大人物''~!!   
-USA(en)-*" Holy crap ..." How can we not be reproduced for this article - ' greed ' of ' stupid weak without thinking of what people "look into that * Quoted from * high-level hackers who  
 * [ can not say that the secret ( identity / name ) ! ! ]   
a wonderful description - ! ! " was torn black Nissan buy site " = really is the best of the recent article = ' hackers who '  
 has also done some '' positive [ swastika ] moral Don ''~!!*  

*精彩描述--2014-03-05 16:14 [Roy li ][自媒體人生如戲]--->
 用第一人親身來描出之=誰能及得上''他''看透這個世界真實現像!!!=佩服~
本引用文''不修改''其中內容由偉大的作者以''嘲諷形式換替真實的机構/名字''--
所以看得懂的人們便看懂得了-->其中精彩之處=讚~!!!
轉載如下--

聽聞嘀嗒團團購業務月底就結束了,
相比之前的24券, 
這確實不算一件值得惋惜的事情, 
畢竟創始團隊套現了,金主又不差錢。
按照江湖規矩,還是要'八'一下嘀嗒團的事情。

嘀嗒團成立的時候,
創始團隊是谷歌出來的一批人,
剛開始也沒引起黑客的注意,
因為用的並不是最常見的模板(當時85%以上的--
--團購網站都在用一款叫“最土”的開源軟件,
該軟件創始人戴書文也是我朋友,
後來被美團收購)。
我大概是在2010年夏天拋出了最土的一個--
--盲注漏洞的技術細節
(後來得知之前有一個黑客發表過同樣的漏洞,
但是並未引起注意),
 隨後經各種渠道流出,
被一幫無腦的入侵流利用起來,
引起了大批量網站管理員密碼被改, 
當時這個軟件又沒有快速恢復管理員密碼的好辦法, 
當時猛買, 24券等等全數中招,
在這個情況下戴書文立刻上了一個補丁,
並且讓各站長下載了一個密碼恢復腳本。

對於這波衝擊,這些網站是不吃​​虧的,
因為漏洞一旦公開,
就會帶來大面積的修復,
對於這些創業者來說,
損失其實不大, 
只不過大多網站都沒有做好安全善後工作,
不僅有大量存留的後門(webshel​​l),
漏洞還沒有被完全修復。
這裡做得最好的是猛買網, 
第一次被黑後立刻醒悟,
直接從源頭制止了盲注。
然而沒過多久, 嘀嗒團換了模板,
就如同"趙傳"那首歌的歌詞一樣——
立刻成為了獵人的目標。{真是貼切...}哈哈

這個漏洞該利用一個magic_quote被迫--
--被關閉的情況,做了一個sql截斷。
攻擊者可以用盲注獲得用戶表的內容,
包括管理員的郵箱,用戶名,
和加密後的密碼。
密碼是salt + md5,
 固定鹽,跑表也能破, 
但是還有更簡單的方法, 
就是偽造cookie直接進入後台, 
即便進不了也沒事,
可以使用密碼找回功能,
構建一個修改密碼的url,
這個url裡面的加密參數也可以被盲注出來。
光是有後台還沒用, 
後台有一個通過修改模板拿shell的辦法,
shell拿到基本都能提權(提不了權也不影響拖庫等),
一套組合拳下來服務器就整個被端了。

不過有很多玩黑產的(號稱黑客)並不徹底用技術,
而是直接選擇去社工管理員郵箱, 
這裡又是八仙過海,
什麼齷齪的辦法都能想得出來。
我記得24券'杜一楠'郵箱被人貼出來是--
--aarxx.xx@gmail.com
(xx代替了缺失的字母,不過很好猜),
 嘀嗒團的超級管理員則是一個姓段的員工, 
也是gmail ,估計也被社工了不少,
 如果當事人有幸能看到這篇文章的話,
應該能補充一下當時收了多少密碼取回郵件, 
都是那一幫低端黑客弄的。

而我呢?我在“呵呵”。
呵呵的原因是那個漏洞修復的方式實在太歡樂了,
 竟然只過濾了空格,
 要知道過濾攻防可是黑客的基本功啊,
 於是select * from user 不能用了,
但是select(*)from(user) 就用得好好的,
 即便括號被封了還可以用/**/ 這樣的註釋插入。
據說後來like團偷偷過濾了幾個關鍵字
,但是依然被繞過, 
差點把我八塊腹肌都笑出來
——你知道問題出在這還不修復地干脆點?
 跟入侵者過家家嗎?
 雖然我身在異國他鄉,
但是可以很明顯感受到華麗地暴風雨就要來了。

到了2011年,
團購進入了一個爆發年,
京東團購也用了最土的模板,
 結果自然不說了(好在後來改了也換了), 
去哪兒的團購也是最土,
不過貌似很快就改了登陸方式,
我沒有仔細研究,
"驢媽媽"也是類似的情況。
不過2011年做得稍微有點規模
(日訂單1萬多)的團購網站都在拼命融資, 
這下黑產的人笑得開心啊。
很多做名鞋庫等公司飛單的黑產--
--外圍從業者也加入了這場大洗劫,
 還有一些更為狗血的"八卦"如阿丫團事件,
細節就不說了。
我記得走秀網幾次宣布融資還是跟ebay--
--苟且的新聞出來的時候,
 很多江湖傳言一個做黑產代發貨的--
--老闆豪門夜宴感謝美帝送錢來了。
米奇網宣布融資的時候,
估計黑產業者比公司員工還要興奮。

2011年下半年還有一件事,
讓我很沒面子的,
就是最土又暴露了一個大漏洞,
這個漏洞的利用很簡單,
就是用火狐或者chrome,
在input name = username的時候--
--改成username[ =1 or true#],
這樣成了一個數組,
在build query的時候直接貼後面,
就按照超級管理員的身份判定登錄了。
這招好強大啊, 好犀利啊, 好炫麗啊
!" 尼瑪我"在那裡要死要活搗鼓什麼盲注啊,
弱爆了有木[沒]有?
這個技術細節的洩露下導致更大規模的黑產,
但是也為後來雙輸埋下了伏筆。[哇...靠!!...又一精彩點...]

這個漏洞被大規模公開還是在360, 
直接給出了修復手法,
讓眾多站長禁止該表單提交的變量為數組。
好處就是解決了很多低端小玩家,
拖延了大家的存活時間。
壞處則很明顯,
 盲注流被保存了下來。

黑產由於良莠不齊, 
像24券這樣的容易忽視的, 
以及嘀嗒團這樣的只是簡單對付一下的
(嘀嗒團在烏雲被爆過幾次漏洞,但是廠家直接忽視,偷偷修復),
自然就被大魔王和小鬼一起進來了, 
由於小鬼不太懂遊戲規則,
不尊重生態, 太貪婪,
 導致最後大家都沒飯吃, 
後來24券倒下的時候,
整個電商黑產從業者依然興致勃勃的搞其他網站,
沒有哪怕一丁點的反思。
而整個團購網站覆蓋多少用戶呢?
 去重可以有幾千萬之多,
 也就是黑產早已經擁有了幾千萬俱有付費能力的用戶, 
電話詐騙的直接一個電話過去:
 "您好,請問是xxx嗎? 我是xx團的,
 請問您在上個月10號消費了xxx, 對嗎? 
之後就開始各類詐騙,
這樣的玩法基本上覆蓋了整個女性消費b2c
和團購(我還沒聽說過哪家化妝品倖免的)。

2012年到了這個行業最瘋狂的時候, 
因為洗牌了​​。
洗牌的結果就是老闆要開始捲款跑路, 
小兵也在A公司的錢(公司不發工資了,
我自己想辦法黑錢),
於是這幫吸血鬼都在最後時刻把--
--還沒用掉的熱​​錢榨取乾淨, 
通常這些公司現金流都不錯,
因為從用戶手上收錢是即時到帳,
但是跟商家結款是有一個回款期的,
結果就是等商家上門的時候很可能已經人去樓空了。

這佔據了大半個行業的悲劇,
根源還是在於互聯網創業公司安全意識過於薄弱,
整個就是一個宿主, 
最後垮掉是因為寄生蟲太多, 
而垮掉後,這些寄生蟲也就消停了, 
所以我前面說了是一個雙輸。
但是寄生蟲並沒有死掉,
 他們還在別的地方潛伏著,
繼續等著下一個機會。
--->>>這個機會也許就是最近熱門的互聯網金融,
---->>>Mt. gox就是一個很好的案例。
[精彩的完結點....怎么會有哪清晰度透明度理解道如此的高人喔=一絕也]

'誰不愛金光華麗,拋卻人性之本
化作一身是難逆,何得滿足之能
人為善不甘苦困無名往
人為惡珠財俗氣结空心
還是知足能常樂~
*謝謝這位''黑客者''一篇''高明''[貼切]之現代實況文章
我們確確實實有所"頓悟"了~
"哇靠~"這一篇怎能不轉載給-'貪婪'的"愚弱不思想的哪些人們"看個明白!!*引用來自*高階黑客者*[不可說的秘密(2)(身份/名字)]一篇精彩描述--"被黑產蹂躪​​的團購網站"!!=真的是近期最優之文章='黑客者'中也有的是''伸張正[卍]道義的大人物''~!!
=Melody.blog敬上=THE   END===>/  
------------------------------------------------------------------------*USA(en)-*
*Wonderful description - 2014-03-05 16:14 [Roy li] [ from the media life is like drama ] --- >
 Used to delineate the first person to person as much as '' he '' = who see through this world like a really achieve ! ! ! = Admire ~
The reference to the text '' '' which does not modify the content by the great author '' for real change in the form of ridicule agency / name '' -
So we can understand that people got to understand - > Where wonderful place = praise ~ ! ! !
Reproduced below -

Heard tick group buy business end of the month is over,
Compared to the previous 24 coupons,
This really is not something to be sorry thing,
After all, the founding team cash , gold master not bad money .
In accordance with the rules of the political arena , or to things ' eight ' about ticking group.

Ticking time incorporation of
Google founding team is out of the group of people,
Beginning did not cause the attention of hackers ,
Because it is not the most common template above ( 85% of the time -
- Customers are using a website called "the most earth" open source software,
The software founder Daishu Wen also my friend ,
Later acquired by U.S. group ) .
I was probably thrown in the summer of 2010 one of the most soil -
- The technical details of the vulnerability of the blind
( Later learned that a hacker has previously published the same vulnerabilities ,
But did not attract attention ) ,
 Then through various channels outflow
Is a bunch of non- invasive brain flow utilized,
Caused in large quantities site administrator password has been changed ,
At that time the software has no good way to quickly recover the administrator password ,
Meng then buy 24 tickets and so full of strokes,
In this case戴书文immediately on a patch ,
And allow each station to download a password recovery script.

For this wave of shock, loss of these sites do not eat ,
Because the vulnerability Once open,
It will bring a large area of ​​the repair ,
For these entrepreneurs,
Losses will be negligible ,
Most sites are not only safe to do remedial work ,
Not only a large retention backdoor (webshel ​​l),
Vulnerability has not been fully repaired.
Here is fierce doing the best to buy nets,
The first wake up immediately after being black ,
Directly from the source to stop the blind .
Before long , however , for a template tick group ,
Like " Chuan " That song's lyrics , like -
Immediately became a hunter's goal. Haha really apt { ...}

The advantage of this loophole a magic_quote forced -
- The case is closed , do a sql truncated.
An attacker can use blind users access to the content of the table,
Including the administrator 's mailbox , user name,
And the encrypted password .
Password is salt + md5,
 Fixed salt, stopwatch can break ,
But there is an easier way ,
Cookie is forged directly into the background,
Even not get into it all right ,
You can use the password recovery function ,
Build a modified url password
Inside the url parameter can also be encrypted blinds out .
Just have not used the background ,
Background There is a way to modify the template to get through the shell ,
can mention the right to get the basic shell ( not to mention the right to not affect the drag library , etc.)
A combination of boxing down the server end of the whole being .

However, there is a lot to play black production ( known as a hacker ) is not complete with the technology,
But choose to go directly to workers administrator mailbox,
Here again is the Eight Immortals ,
What a nasty way can be absurd .
I remember 24 vouchers ' Du Yinan ' mailboxes being posted are -
-. aarxx xx@gmail.com
(xx to replace the missing letters, but a good guess ) ,
 Super Administrator tick group is an employee surnamed segment ,
Also gmail, is estimated to be a lot of social workers ,
 If the parties had the opportunity to see this article , then,
Should be able to add that back then received a number of e-mail passwords ,
Which are low-end hackers get help .

And me? My " Oh ."
The reason is that the bug fixes Oh way too happy , and
 Has only filtered spaces,
 But hackers to know the basic skills of offensive and defensive filtration , ah,
 Then select * from user can not be used ,
However, select (*) from (user) on the use of properly,
 Even brackets can also be sealed with the / ** / comment this insert .
Later it was said like a few groups secretly keyword filter
, But still be bypassed ,
Almost put me laugh out eight abs
- Do you know the problem is not repaired in this way simply to point ?
 Play house with an intruder it?
 While I was in a foreign country ,
But you can clearly feel the storm coming gorgeously .

To 2011 ,
Buy into a outbreak ,
Jingdong buy it with the most earth template
 The results naturally do not say ( Fortunately, later changed have been changed ) ,
Where to buy the most earth,
But seemingly changed quickly landing approach ,
I have not studied carefully ,
"Donkey Mom" is a similar situation.
But 2011 has done little scale
( Day orders over 10,000 ) are desperate to buy site financing,
This produced under a black person and smile ah.
Many companies make the library name shoes black fly single production -
- Peripheral practitioners have joined this great looting ,
 There are some more the idea of " gossip " as Ah Ah group events,
Details will not say.
I remember several catwalks network announced financing or with ebay -
- Struggling news came out,
 Do a lot of rumors a black Nissan behalf of the consignor 's -
- Boss Banquet sense Xiemei Di give money came.
Mitch network announced financing when
Industry estimates were more excited than black employees .

The second half of 2011 and one more thing ,
Let me lose face ,
The best soil and exposed a big loophole
Exploiting this vulnerability is very simple,
Is to use Firefox or chrome,
In the input name = username when -
- Change the username [= 1 or true #],
This became an array,
In the build query when directly attached to the back,
On the decision in accordance with super administrator login.
This move is good strong ah, good sharp ah , well dazzling ah
! " Nima me" in there dying to live fiddle what blinds , ah,
Weak burst with wood [ not ] have ?
Result in the disclosure of the technical details of the larger black production,
But also foreshadowed later lose-lose . [ Wow ... by ! ! ... Another wonderful point ... ]

This vulnerability is a large-scale public or in the 360 ,
Given directly repair techniques,
For many owners to prohibit this form to submit a variable is an array .
Benefit is to solve a lot of low-end small players ,
Delaying everyone's survival time.
The downside is obvious ,
 Blinds stream is preserved.

Because black production varies greatly,
24 coupons such as easy to overlook ,
And this simply tick group deal with what 's
( Tick group is in the clouds burst over a few loopholes, but ignore the manufacturers directly , secretly repair ) ,
Came together naturally was big devil and the devil ,
As the devil do not understand the game rules ,
Do not respect the ecological , too greedy ,
 Resulting in the end, we did not eat,
Later, when fallen 24 coupons ,
Black produced throughout the electricity supplier is still enthusiastic practitioners engage in other sites,
No even a little bit of reflection.
How much cover the entire buy site users?
 De-emphasis can have tens of millions ,
 That is, a black Nissan already has tens of millions of users all have the ability to pay ,
Directly to a telephone phone fraud in the past :
 " Hello , what is xxx it? Xx group I ,
 Do you consume xxx last month on the 10th , right?
After the start of various types of fraud,
Such games are played basically covers the entire female consumer b2c
And buy ( Which I have not heard of cosmetics spared ) .

2012 to the industry 's most crazy time ,
Because the shuffle .
The result is the boss to start shuffling escaped on foot ,
A soldier is also the company's money ( the company does not wages, and
I think for myself black money ) ,
So a bunch of vampires at the last moment to -
- Not hot money spent squeeze clean,
Often these companies are good cash flow ,
Because the money from the user's hand is immediately arrived,
But with the business end models have a back section of the ,
The result is that when other businesses are likely to have come up empty .

It occupies more than half of the industry 's tragedy,
Internet start-ups lies the root of safety awareness is too weak,
Is a whole host
Finally Beat is because too many parasites ,
And after the collapse , these parasites also corpuscles,
So I said earlier, is a lose-lose .
But the parasite does not die,
 They are still lurking somewhere else ,
Continue to wait for the next opportunity.
--- >>> This opportunity is perhaps the most recent popular Internet banking ,
---- >>> Mt. Gox is a good case .
[ End point .... how wonderful clarity of transparency which have an expert understanding of road so oh = one must also ]

' Who does not love a gorgeous golden , discard the humanity
Is turned into a hard reverse , where it can get to meet
Good people do not stand by the storm nameless Wang
Human evil hollow beads fiscal cheesy knot
Or contentment can often music ~
* The '' Thank you, '' a clever hacker who live modern relevance of the article
We indeed have " epiphany " of the ~
" Holy crap ..." How can we not be reproduced for this article - ' greed ' of ' stupid weak without thinking of what people "look into that * Quoted from * high-level hackers who * [ can not say that the secret ( identity / name ) ! ! ] a wonderful description - ! ! " was torn black Nissan buy site " = really is the best of the recent article = ' hackers who ' has also done some '' positive [ swastika ] moral Don '' ~ ! !
= Melody.blog Sincerely = THE END ===>/

=================================================================


沒有留言:

張貼留言


if you like make fds, wellcome you here~~anytime***

my free place for everyones who want the good software,

come & download them~ wellcome!!