Wireless Communications and Mobile Computing / 2018 / Article / Figbox 1

Research Article

Resetting Your Password Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device

Box 1

Messages of the password reset for a home app.  App Request for a SMS authentication code.
GET /ci/user/getVerifyCode?uid=-1&phone=1383815
&imei= HTTP/1.1
Host: .house.com.cn
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: okhttp/3.3.1