Skip to content

【SRC漏洞挖掘】逻辑漏洞挖掘-生日福利相关 #61

New issue
New issue
Open
Open
【SRC漏洞挖掘】逻辑漏洞挖掘-生日福利相关#61
@AI0TSec

Description

@AI0TSec
AI0TSec
opened on Jan 2, 2025

场景:某些APP/小程序应用要求会员填写生日,且仅允许修改保存一次(前后端做相关限制),生日当天可领取或推送相关福利优惠。
思路:抓取保存首次设置生日请求包,保存完毕后尝试修改。

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions