MlgmXyysd
commented
2 years ago As I said, why don't you give it a try before question?
This requires a lot of work on the proxy (client side), dispatch server cannot be done alone.
Closed 66hh closed 2 years ago
MlgmXyysd
commented
2 years ago As I said, why don't you give it a try before question?
This requires a lot of work on the proxy (client side), dispatch server cannot be done alone.
alt3ri
commented
2 years ago Please try it yourself first, then come here later.
Replace the verification code with the password input box to authenticate the account
Pop up verification code: /account/risky/api/check
{"retcode":0,"message":"OK","data":{"id":"","action":"ACTION_GEETEST","geetest":{"challenge":"","gt":"","newcaptcha":1,"success":1}}} Change action to action Geetest and new_ Change CAPTCHA to 1
Hijacking verification code:
https://api-na.geetest.com/gettype.php
geetest_****({"status": "success", "data": {"type": "fullpage", "static_servers": ["static.geetest.com/", "dn-staticdown.qbox.me/"], "click": "/static/js/click.3.0.4.js", "pencil": "/static/js/pencil.1.0.3.js", "voice": "/static/js/voice.1.2.0.js", "fullpage": "/static/js/fullpage.9.0.9.js", "beeline": "/static/js/beeline.1.0.1.js", "slide": "/static/js/slide.7.8.6.js", "geetest": "/static/js/geetest.6.0.9.js", "aspect_radio": {"slide": 103, "click": 128, "voice": 128, "pencil": 128, "beeline": 50}}})
Modify the content of the request and replace the JS address in it
I think we can hijack the verification code page through the above methods and change the verification code page to the password input box to provide account authentication