Wireless Communications and Mobile Computing / 2018 / Article / Figbox 3

Research Article

Resetting Your Password Is Vulnerable: A Security Study of Common SMS-Based Authentication in IoT Device

Box 3

Messages of the password reset for a home app. App Request for password reset.
POST /ci/user/fgt/pwd?password=e10adc3949ba59abbe56
e057f20F883e&code=7496&phone=1383815&sign=d3db1
a89d68cd72cbd2 a3fcbf9822876 HTTP/1.1
Cookie: JSESSIONID=f7b53283-3c20-400d-b0ee-76a17103
6414
Content-Length: 0
Host: .house.com.cn
Connection: Keep-Alive
Accept-Encoding: gzip
User-Agent: okhttp/3.3.1