China Mobile Network Payment Vulnerability

xiaoxiao2021-03-06  85

Everyone always believes that cyber security is to study between computers, and there are many people in 16 hackers worldwide to study telephone communication networks. For China's fixed call, you want to have a ID card, you don't dare to study (afraid of the police uncle to find me), so I have a mobile phone that doesn't have the ID card. The so-called "easily entry easily". After repeated look, I chose China Mobile's Shenzhouxing, Not named, do not consume, and not allow the balance to be negative, and will not terminate the service (this can be used), it is "full-featured" ~ First go to buy a Shenzhou line card, the less cheaper, maybe less than 100 yuan But I only found 100 yuan. Let's find a website, which one can pay both. I have selected 263 mailboxes, 163 homepage space and QQ users. Below, I started to lead the big house with 100 yuan to take advantage of it. The first step first put the money in the card, call others, desperately, like the advertisement in China Mobile, ask the other person to eat, ask He is annoying, then change one, come back, until a penny is not left, it can be (must not save, otherwise it may fail. There is less than 3 points left, and it is considered that the balance is insufficient, and a phone call, After the payment, you can pay it. In the second step, first look at the mailbox, I have always liked the big email, stable, tested, I think 263 is not bad, so I was selected (263 true unlucky ~). Came to 263 Homepage (Figure 1), look at the mailbox option, which is not good, let's come to DIY. Select DIY mailbox, register your username (Figure 2), start selecting it ~ The more expensive is, the more expensive (what is named when the registration is discovered, and the username is called Xiangyi.) Crazy choice, last helpless, The most 42 yuan (Figure 3), good, this is this. Then choose, start the payment (Figure 4), fill in the password and mobile phone number (of course, the empty card), determine, then receive the verification string, it is possible. Haha, simple ~ Let's find free space. Netease is good, there is a message, there is a photo album, and the website is not bad. Come, let's take a look at NetEase. Let's register a pass, then enter the mailbox, haha, there is an advertisement immediately (Figure 5), what are you waiting for? ? ? Register ~ So the mailbox has been upgraded from 25m a 33m, and it has anti-virus and virus SMS warning. It is really good ~ Of course, you can't stop, let's go to the SMS station. First bundle the phone, then start to make a text message (the photo ringtone can not download, I don't know why ...), all subscriptions, anyway free (as for why don't ask me, I am just for free, give you a certificate Binding, as for how much is your convenience). For the problem of charging space, you are now following the following.

Previously, GO.163.com service free, there were many users, and it was 100m, and later system upgrades, becomes www.nease.net and diy.163.com, and some time to upgrade to become a Nease user, but later Revoke. The mobile phone payment can be used in the upgrade function, fill in the mobile phone number, send it, and then receive the verification string, it is possible (my space is thus this, 30 yuan a month, too expensive, so I will find a loophole, just Discover the vulnerabilities paid by the mobile phone. Although the home spatial vulnerability is not found, it has carried forward in other ways). Later, when the SMS (called NetEase X Space) was also the same problem (I said that only global pass can be used, but the experiment proves that Shenzhouxue can also, so the vulnerability is exposed), but unfortunately, now the link is revoked, but everyone can not use it, but everyone You can see if there is any problem with other professional homepage space. For example, it is just to pay attention to it, and even NetEase has such a vulnerability ... Although space is not available, it can be, such as personal image and dating. (Why does Netease Mall cannot use ~~~). Last look at QQ. Tencent has no strength, but I like it because the vulnerability is too much too much, almost all mobile payment functions (although the function is not available ~). Please don't bundle it with the QQ number, because Tencent can only bundle it, but can not network unbinding. To release it, it is necessary to send text messages. In order to contact the phone to recharge, 50 yuan, not worth it. In addition, using the mobile phone can register the QQ line number, why not? The QQ line is higher than the standard QQ advanced (although not as a member), we must. On the home page, click the QQ line page, then select the phone registration (Figure 6), then fill in your own empty card number (Figure 7), register, wait for the verification string, then verify, haha, number to the hand ~ Did you do it below? Go to QQ Show Show. Enter the QQ show page, just buy Dongdong, then pay, choose mobile payment (Figure 8), will be buckled from bundled mobile phones (QQ line has automatically bundled your phone on the QQ number). Haha, then see what? Payment success ~ (Figure 9) also recommend SMS stand, because Tencent SMS can be used, download ringtone pictures can be used ~ The loopholes are used, go buy a second-hand Chinese mobile phone, enjoy the sky card, when the SMS receiver ~ If you think 50 yuan spent in the SIM card in 100 yuan (greed ~), you can download a ringtone crazy, download 50, enough ~ This vulnerability does not only exist in these three websites, he jeopardizes all mobile payment functions, it is It must be attached. What is the terrible vulnerability caused? There is only one irrelevant reason: no cooperation between all network operators. If a mobile phone using China Mobile Communication Sends text messages to another China Mobile's unhaly-friendly mobile phone, the sender will receive a notification of the other party's arrears sent by the information center, and the other party does not receive information. But using China Unicom's mobile phone, there will be no feedback report from China Mobile Information Center, and the other party receives information.

转载请注明原文地址:https://www.9cbs.com/read-121579.html

New Post(0)