|
漏洞信息:
2017/08/12
[具体方式因此漏洞或复发!现已隐藏!]
[具体方式因此漏洞或复发!现已隐藏!]
Get到一串返回过来的字符串,JSON格式,格式化以后(隐私数据已打*):
{
"success": true,
"resultObject": {
"studentNo": "052",
"workYear": 0,
"classInfo": {
"schoolId": "8a9969bc56cb285b0156f85fa6a011e6",
"brandId": "1",
"subjectId": "ff808081528b0ee201528b201da60003",
"classType": 0,
"classType1": "1",
"className": "XX黑马JavaEE就业X期(201703XX双元)",
"classPeriods": "7",
"headMaster": "8a9969bc58712a730158ae24c90d2cb3",
"seatStatus": false,
"startDate": "Mar 23, 2017 12:00:00 AM",
"endDate": "Apr 5, 2017 12:00:00 AM",
"ruleOn": 2,
"ruleOff": 1,
"ruleOn1": 2,
"ruleOff1": 1,
"examScore": 83.98,
"id": "8a99d62d5ab2307a015adba726b11685",
"isDelete": false,
"createPerson": "8a99d62d5850f48d0158520f9d0f0235",
"createTime": "Mar 17, 2017 5:44:09 PM"
},
"studentGroup": {
"groupName": "默认",
"id": "1",
"isDelete": false
},
"fee": 0,
"studentType": 0,
"isRight": 0,
"schoolStudentType": "系统升班",
"firstLoginSign": "1",
"studentStatus": 1,
"forbidStatus": 0,
"talkTimes": 0,
"education": "大X",
"name": "赵X",
"loginName": "1366XXXX358",
"password": "",
"sex": 1,
"mobile": "1366XXXX358",
"id": "8a9969bc5ae0b56a015aefa885d743a9",
"isDelete": false,
"createPerson": "8a9969bc58712a730158ae24c90d2cb3",
"createTime": "Mar 21, 2017 2:58:03 PM"
}
}
=====================
遍历手机号可以拿到更多数据,最后批量撞库筛选出有效可登入的号码,进而利用学员的学科下载就业班的视频.
|
)