Bug 曝光台 Sohu News RESTful API Bug | 搜狐新闻 RESTful API Bug

LawisChen · 2020年05月17日 · 904 次阅读

Recently, we found RESTful API bugs in some popular mobile applications by a fuzzing test tool:

Sohu News - version: 6.1.8


近期,我们利用某模糊测试工具发现了几家大厂 App 接口存在如下 bug:

搜狐新闻 - 版本: 6.1.8

Appendix 附录

  • Bug ID 6

    {
      "appName": "Sohu News",
      "method": "GET",
      "url": "http://accwww25c1.53kf.com/sendacc.jsp",
      "status_code": 502,
      "request": {
        "method": "GET",
        "url": "http://accwww25c1.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72141072&guest_id=10867914892009&status=0&guest_name=&guest_ip=218.193.184.197&guest_ip_info=%E4%B8%8A%E6%B5%B7%E5%B8%82%5B%E6%95%99%E8%82%B2%E7%BD%91%5D&area=%E4%B8%8A%E6%B5%B7%2D&from_page=&talk_page=http%3A%2F%2Fshhs-coco36.yjrmss.cn%2Fcoco-nc-wap%2F%3F%3D7.18-APP-tw&kf_time=1573281168&bto_id6d=-99&time=1573281168893&ucust_id=&style=3&is_mobile=y&visitor_type=new&is_uv=1&browser=chrome&os=android&is_revisit=0&page_title=coco%E5%A5%B6%E8%8C%B6%E5%AE%98%E7%BD%91",
        "httpVersion": "HTTP/1.1",
        "cookies": [],
        "headers": [
          {
            "name": "Host",
            "value": "accwww25c1.53kf.com"
          },
          {
            "name": "Proxy-Connection",
            "value": "keep-alive"
          },
          {
            "name": "Accept",
            "value": "*/*"
          },
          {
            "name": "User-Agent",
            "value": "Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android) Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android)/SohuNews/6.1.8 BuildCode/604"
          },
          {
            "name": "Referer",
            "value": "http://shhs-coco36.yjrmss.cn/coco-nc-wap/?=7.18-APP-tw"
          },
          {
            "name": "Accept-Encoding",
            "value": "gzip, deflate"
          },
          {
            "name": "Accept-Language",
            "value": "zh-CN,en-US;q=0.8"
          },
          {
            "name": "X-Requested-With",
            "value": "com.sohu.newsclient"
          }
        ],
        "queryString": [
          {
            "name": "cmd",
            "value": "ACC"
          },
          {
            "name": "did",
            "value": "0"
          },
          {
            "name": "sid",
            "value": "12"
          },
          {
            "name": "company_id",
            "value": "72141072"
          },
          {
            "name": "guest_id",
            "value": "10867914892009"
          },
          {
            "name": "status",
            "value": "0"
          },
          {
            "name": "guest_name",
            "value": ""
          },
          {
            "name": "guest_ip",
            "value": "218.193.184.197"
          },
          {
            "name": "guest_ip_info",
            "value": "上海市[教育网]"
          },
          {
            "name": "area",
            "value": "上海-"
          },
          {
            "name": "from_page",
            "value": ""
          },
          {
            "name": "talk_page",
            "value": "http://shhs-coco36.yjrmss.cn/coco-nc-wap/?=7.18-APP-tw"
          },
          {
            "name": "kf_time",
            "value": "1573281168"
          },
          {
            "name": "bto_id6d",
            "value": "-99"
          },
          {
            "name": "time",
            "value": "1573281168893"
          },
          {
            "name": "ucust_id",
            "value": ""
          },
          {
            "name": "style",
            "value": "3"
          },
          {
            "name": "is_mobile",
            "value": "y"
          },
          {
            "name": "visitor_type",
            "value": "new"
          },
          {
            "name": "is_uv",
            "value": "1"
          },
          {
            "name": "browser",
            "value": "chrome"
          },
          {
            "name": "os",
            "value": "android"
          },
          {
            "name": "is_revisit",
            "value": "0"
          },
          {
            "name": "page_title",
            "value": "coco奶茶官网"
          }
        ],
        "headersSize": 731,
        "bodySize": 0
      },
      "response_data": {
        "status": 502,
        "statusText": "Bad Gateway",
        "httpVersion": "HTTP/1.1",
        "cookies": [],
        "headers": [
          {
            "name": "Server",
            "value": "nginx"
          },
          {
            "name": "Date",
            "value": "Sat, 09 Nov 2019 06:32:49 GMT"
          },
          {
            "name": "Content-Type",
            "value": "text/html"
          },
          {
            "name": "Content-Length",
            "value": "568"
          },
          {
            "name": "Connection",
            "value": "keep-alive"
          }
        ],
        "content": {
          "size": 568,
          "compression": 0,
          "mimeType": "text/html",
          "text": "<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n"
        },
        "redirectURL": "",
        "headersSize": 169,
        "bodySize": 568
      }
    }
    
  • Bug ID 7

    {
      "appName": "Sohu News",
      "method": "GET",
      "url": "http://accwww5c1.53kf.com/sendacc.jsp",
      "status_code": 502,
      "request": {
        "method": "GET",
        "url": "http://accwww5c1.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72093637&guest_id=10867915190009&status=0&guest_name=&guest_ip=218.193.184.197&guest_ip_info=%E4%B8%8A%E6%B5%B7%E5%B8%82%5B%E6%95%99%E8%82%B2%E7%BD%91%5D&area=%E4%B8%8A%E6%B5%B7%2D&from_page=&talk_page=http%3A%2F%2Fshhs-ydd45x1.fmeibao.com%2Fydd-yp-wap%2F%3F%3Dxt1&kf_time=1573281184&bto_id6d=-99&time=1573281184787&ucust_id=&style=8&is_mobile=y&visitor_type=new&is_uv=1&browser=chrome&os=android&is_revisit=0&page_title=%E5%8F%B0%E5%BC%8F%E7%BD%91%E7%BA%A2%E5%A5%B6%E8%8C%B6%E5%8A%A0%E7%9B%9F%E5%AE%98%E7%BD%91",
        "httpVersion": "HTTP/1.1",
        "cookies": [],
        "headers": [
          {
            "name": "Host",
            "value": "accwww5c1.53kf.com"
          },
          {
            "name": "Proxy-Connection",
            "value": "keep-alive"
          },
          {
            "name": "Accept",
            "value": "*/*"
          },
          {
            "name": "User-Agent",
            "value": "Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android) Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android)/SohuNews/6.1.8 BuildCode/604"
          },
          {
            "name": "Referer",
            "value": "http://shhs-ydd45x1.fmeibao.com/ydd-yp-wap/?=xt1"
          },
          {
            "name": "Accept-Encoding",
            "value": "gzip, deflate"
          },
          {
            "name": "Accept-Language",
            "value": "zh-CN,en-US;q=0.8"
          },
          {
            "name": "X-Requested-With",
            "value": "com.sohu.newsclient"
          }
        ],
        "queryString": [
          {
            "name": "cmd",
            "value": "ACC"
          },
          {
            "name": "did",
            "value": "0"
          },
          {
            "name": "sid",
            "value": "12"
          },
          {
            "name": "company_id",
            "value": "72093637"
          },
          {
            "name": "guest_id",
            "value": "10867915190009"
          },
          {
            "name": "status",
            "value": "0"
          },
          {
            "name": "guest_name",
            "value": ""
          },
          {
            "name": "guest_ip",
            "value": "218.193.184.197"
          },
          {
            "name": "guest_ip_info",
            "value": "上海市[教育网]"
          },
          {
            "name": "area",
            "value": "上海-"
          },
          {
            "name": "from_page",
            "value": ""
          },
          {
            "name": "talk_page",
            "value": "http://shhs-ydd45x1.fmeibao.com/ydd-yp-wap/?=xt1"
          },
          {
            "name": "kf_time",
            "value": "1573281184"
          },
          {
            "name": "bto_id6d",
            "value": "-99"
          },
          {
            "name": "time",
            "value": "1573281184787"
          },
          {
            "name": "ucust_id",
            "value": ""
          },
          {
            "name": "style",
            "value": "8"
          },
          {
            "name": "is_mobile",
            "value": "y"
          },
          {
            "name": "visitor_type",
            "value": "new"
          },
          {
            "name": "is_uv",
            "value": "1"
          },
          {
            "name": "browser",
            "value": "chrome"
          },
          {
            "name": "os",
            "value": "android"
          },
          {
            "name": "is_revisit",
            "value": "0"
          },
          {
            "name": "page_title",
            "value": "台式网红奶茶加盟官网"
          }
        ],
        "headersSize": 724,
        "bodySize": 0
      },
      "response_data": {
        "status": 502,
        "statusText": "Bad Gateway",
        "httpVersion": "HTTP/1.1",
        "cookies": [],
        "headers": [
          {
            "name": "Server",
            "value": "openresty"
          },
          {
            "name": "Date",
            "value": "Sat, 09 Nov 2019 06:33:05 GMT"
          },
          {
            "name": "Content-Type",
            "value": "text/html"
          },
          {
            "name": "Content-Length",
            "value": "572"
          },
          {
            "name": "Connection",
            "value": "keep-alive"
          }
        ],
        "content": {
          "size": 572,
          "compression": 0,
          "mimeType": "text/html",
          "text": "<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n"
        },
        "redirectURL": "",
        "headersSize": 173,
        "bodySize": 572
      }
    }
    
暂无回复。
需要 登录 后方可回复, 如果你还没有账号请点击这里 注册