You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Replace the verification code with the password input box to authenticate the account
Pop up verification code:
/account/risky/api/check
{"retcode":0,"message":"OK","data":{"id":"","action":"ACTION_GEETEST","geetest":{"challenge":"","gt":"","new_captcha":1,"success":1}}}
Change action to action_ Geetest and new_ Change CAPTCHA to 1
Modify the content of the request and replace the JS address in it
I think we can hijack the verification code page through the above methods and change the verification code page to the password input box to provide account authentication
The text was updated successfully, but these errors were encountered:
Replace the verification code with the password input box to authenticate the account
Pop up verification code:
/account/risky/api/check
{"retcode":0,"message":"OK","data":{"id":"","action":"ACTION_GEETEST","geetest":{"challenge":"","gt":"","new_captcha":1,"success":1}}}
Change action to action_ Geetest and new_ Change CAPTCHA to 1
Hijacking verification code:
https://api-na.geetest.com/gettype.php
geetest_********({"status": "success", "data": {"type": "fullpage", "static_servers": ["static.geetest.com/", "dn-staticdown.qbox.me/"], "click": "/static/js/click.3.0.4.js", "pencil": "/static/js/pencil.1.0.3.js", "voice": "/static/js/voice.1.2.0.js", "fullpage": "/static/js/fullpage.9.0.9.js", "beeline": "/static/js/beeline.1.0.1.js", "slide": "/static/js/slide.7.8.6.js", "geetest": "/static/js/geetest.6.0.9.js", "aspect_radio": {"slide": 103, "click": 128, "voice": 128, "pencil": 128, "beeline": 50}}})
Modify the content of the request and replace the JS address in it
I think we can hijack the verification code page through the above methods and change the verification code page to the password input box to provide account authentication
The text was updated successfully, but these errors were encountered: