Recently, we found RESTful API bugs in some popular mobile applications by a fuzzing test tool:
Sohu News - version: 6.1.8
-
Bug ID 6
API: GET http://accwww25c1.53kf.com/sendacc.jsp
we get the status code of 502
see detailed information in the appendix -> Bug ID 6
-
Bug ID 7
API: GET http://accwww5c1.53kf.com/sendacc.jsp
we get the status code of 502
see detailed information in the appendix -> Bug ID 7
近期,我们利用某模糊测试工具发现了几家大厂 App 接口存在如下 bug:
搜狐新闻 - 版本: 6.1.8
-
Bug ID 6
接口: GET http://accwww25c1.53kf.com/sendacc.jsp
报 502
具体报文见附录 -> Bug ID 6
-
Bug ID 7
接口: GET http://accwww5c1.53kf.com/sendacc.jsp
报 502
具体报文见附录 -> Bug ID 7
Appendix 附录
-
Bug ID 6
{ "appName": "Sohu News", "method": "GET", "url": "http://accwww25c1.53kf.com/sendacc.jsp", "status_code": 502, "request": { "method": "GET", "url": "http://accwww25c1.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72141072&guest_id=10867914892009&status=0&guest_name=&guest_ip=218.193.184.197&guest_ip_info=%E4%B8%8A%E6%B5%B7%E5%B8%82%5B%E6%95%99%E8%82%B2%E7%BD%91%5D&area=%E4%B8%8A%E6%B5%B7%2D&from_page=&talk_page=http%3A%2F%2Fshhs-coco36.yjrmss.cn%2Fcoco-nc-wap%2F%3F%3D7.18-APP-tw&kf_time=1573281168&bto_id6d=-99&time=1573281168893&ucust_id=&style=3&is_mobile=y&visitor_type=new&is_uv=1&browser=chrome&os=android&is_revisit=0&page_title=coco%E5%A5%B6%E8%8C%B6%E5%AE%98%E7%BD%91", "httpVersion": "HTTP/1.1", "cookies": [], "headers": [ { "name": "Host", "value": "accwww25c1.53kf.com" }, { "name": "Proxy-Connection", "value": "keep-alive" }, { "name": "Accept", "value": "*/*" }, { "name": "User-Agent", "value": "Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android) Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android)/SohuNews/6.1.8 BuildCode/604" }, { "name": "Referer", "value": "http://shhs-coco36.yjrmss.cn/coco-nc-wap/?=7.18-APP-tw" }, { "name": "Accept-Encoding", "value": "gzip, deflate" }, { "name": "Accept-Language", "value": "zh-CN,en-US;q=0.8" }, { "name": "X-Requested-With", "value": "com.sohu.newsclient" } ], "queryString": [ { "name": "cmd", "value": "ACC" }, { "name": "did", "value": "0" }, { "name": "sid", "value": "12" }, { "name": "company_id", "value": "72141072" }, { "name": "guest_id", "value": "10867914892009" }, { "name": "status", "value": "0" }, { "name": "guest_name", "value": "" }, { "name": "guest_ip", "value": "218.193.184.197" }, { "name": "guest_ip_info", "value": "上海市[教育网]" }, { "name": "area", "value": "上海-" }, { "name": "from_page", "value": "" }, { "name": "talk_page", "value": "http://shhs-coco36.yjrmss.cn/coco-nc-wap/?=7.18-APP-tw" }, { "name": "kf_time", "value": "1573281168" }, { "name": "bto_id6d", "value": "-99" }, { "name": "time", "value": "1573281168893" }, { "name": "ucust_id", "value": "" }, { "name": "style", "value": "3" }, { "name": "is_mobile", "value": "y" }, { "name": "visitor_type", "value": "new" }, { "name": "is_uv", "value": "1" }, { "name": "browser", "value": "chrome" }, { "name": "os", "value": "android" }, { "name": "is_revisit", "value": "0" }, { "name": "page_title", "value": "coco奶茶官网" } ], "headersSize": 731, "bodySize": 0 }, "response_data": { "status": 502, "statusText": "Bad Gateway", "httpVersion": "HTTP/1.1", "cookies": [], "headers": [ { "name": "Server", "value": "nginx" }, { "name": "Date", "value": "Sat, 09 Nov 2019 06:32:49 GMT" }, { "name": "Content-Type", "value": "text/html" }, { "name": "Content-Length", "value": "568" }, { "name": "Connection", "value": "keep-alive" } ], "content": { "size": 568, "compression": 0, "mimeType": "text/html", "text": "<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n" }, "redirectURL": "", "headersSize": 169, "bodySize": 568 } } -
Bug ID 7
{ "appName": "Sohu News", "method": "GET", "url": "http://accwww5c1.53kf.com/sendacc.jsp", "status_code": 502, "request": { "method": "GET", "url": "http://accwww5c1.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72093637&guest_id=10867915190009&status=0&guest_name=&guest_ip=218.193.184.197&guest_ip_info=%E4%B8%8A%E6%B5%B7%E5%B8%82%5B%E6%95%99%E8%82%B2%E7%BD%91%5D&area=%E4%B8%8A%E6%B5%B7%2D&from_page=&talk_page=http%3A%2F%2Fshhs-ydd45x1.fmeibao.com%2Fydd-yp-wap%2F%3F%3Dxt1&kf_time=1573281184&bto_id6d=-99&time=1573281184787&ucust_id=&style=8&is_mobile=y&visitor_type=new&is_uv=1&browser=chrome&os=android&is_revisit=0&page_title=%E5%8F%B0%E5%BC%8F%E7%BD%91%E7%BA%A2%E5%A5%B6%E8%8C%B6%E5%8A%A0%E7%9B%9F%E5%AE%98%E7%BD%91", "httpVersion": "HTTP/1.1", "cookies": [], "headers": [ { "name": "Host", "value": "accwww5c1.53kf.com" }, { "name": "Proxy-Connection", "value": "keep-alive" }, { "name": "Accept", "value": "*/*" }, { "name": "User-Agent", "value": "Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android) Mozilla/5.0 (Linux; Android 6.0; HUAWEI MT7-CL00 Build/HuaweiMT7-CL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/49.0.2623.105 Mobile Safari/537.36 JsKit/1.0 (Android)/SohuNews/6.1.8 BuildCode/604" }, { "name": "Referer", "value": "http://shhs-ydd45x1.fmeibao.com/ydd-yp-wap/?=xt1" }, { "name": "Accept-Encoding", "value": "gzip, deflate" }, { "name": "Accept-Language", "value": "zh-CN,en-US;q=0.8" }, { "name": "X-Requested-With", "value": "com.sohu.newsclient" } ], "queryString": [ { "name": "cmd", "value": "ACC" }, { "name": "did", "value": "0" }, { "name": "sid", "value": "12" }, { "name": "company_id", "value": "72093637" }, { "name": "guest_id", "value": "10867915190009" }, { "name": "status", "value": "0" }, { "name": "guest_name", "value": "" }, { "name": "guest_ip", "value": "218.193.184.197" }, { "name": "guest_ip_info", "value": "上海市[教育网]" }, { "name": "area", "value": "上海-" }, { "name": "from_page", "value": "" }, { "name": "talk_page", "value": "http://shhs-ydd45x1.fmeibao.com/ydd-yp-wap/?=xt1" }, { "name": "kf_time", "value": "1573281184" }, { "name": "bto_id6d", "value": "-99" }, { "name": "time", "value": "1573281184787" }, { "name": "ucust_id", "value": "" }, { "name": "style", "value": "8" }, { "name": "is_mobile", "value": "y" }, { "name": "visitor_type", "value": "new" }, { "name": "is_uv", "value": "1" }, { "name": "browser", "value": "chrome" }, { "name": "os", "value": "android" }, { "name": "is_revisit", "value": "0" }, { "name": "page_title", "value": "台式网红奶茶加盟官网" } ], "headersSize": 724, "bodySize": 0 }, "response_data": { "status": 502, "statusText": "Bad Gateway", "httpVersion": "HTTP/1.1", "cookies": [], "headers": [ { "name": "Server", "value": "openresty" }, { "name": "Date", "value": "Sat, 09 Nov 2019 06:33:05 GMT" }, { "name": "Content-Type", "value": "text/html" }, { "name": "Content-Length", "value": "572" }, { "name": "Connection", "value": "keep-alive" } ], "content": { "size": 572, "compression": 0, "mimeType": "text/html", "text": "<html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>openresty</center>\r\n</body>\r\n</html>\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n<!-- a padding to disable MSIE and Chrome friendly error page -->\r\n" }, "redirectURL": "", "headersSize": 173, "bodySize": 572 } }
No Reply at the moment.