2024.3.14日出現了易支付的漏洞,一個頻道推出了機器人用來提供測試,我注意到很多人都刷著網站的錢來套現,後來據説原理并不是sql注入而是僞造通訊地址。(On March 14, 2024, a vulnerability in YiPay emerged, and a channel launched a bot to provide testing. I noticed that many people were using the website's money to cash out. Later, it was said that the principle was not SQL injection but forged communication addresses.)我的理解:商城網站填寫通訊地址和易支付網站對接支付系統,儅通訊返回真,則支付成功。那麽通過bot一系列操作讀取了通訊地址並返回真,造成了商城網站誤以爲已經支付。(如果你知道更多信息可以留言給我。) (My understanding: When filling out the communicatio
雖然只有IPV6,但是月付1.1¥ 8G硬盤儅探針面板機真的很不錯。我用的是小埋VPS