icybear/alipay-deeplink-research
1
0
Fork 0
mirror of https://github.com/sgInnora/alipay-deeplink-research synced 2026-06-27 05:34:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
61b85c22efd57a7ccaed92c887afe6cec3eb564e
alipay-deeplink-research/.planning/notes_step1.md
feng cae3c54867 feat: global navigation bar + verification badge across all 9 pages 
- Unified nav bar with links to all research articles
- Verification badge: Docker 37/37, Zenodo DOI, IACR 2026/526, Packet Storm
- Mobile responsive hamburger menu
- PoC payloads and evidence screenshots added
- Draft articles and planning files included

Co-Authored-By: Claude <noreply@anthropic.com>
2026-03-25 05:31:19 +08:00

1.4 KiB
Raw Blame History

Step 1: 三向检索结果

本地

  • index.html: 2681行, 15个section, 中英双语
  • 已有sections: disclosure, summary, chain, poc, vulns, evidence, devices, ios, defense, vendor, global-response, recommendations, user-defense, community-faq, legal-response
  • PoC文件: poc/{chain,trigger,verify}.html
  • 评审文件: review_{sonnet,kimi}.md, gemini_review.md
  • GitHub: 167, 165 fork, 5 open issues

远程(GitHub)

  • Issue #4: 15评论最活跃讨论(rama291041610×5, cxxsheng×3)
  • Issue #5: 5评论iOS复现讨论 + meooxx CORS纠正
  • Issue #6: 新讨论gokuscraper质疑严重性
  • Issue #3: 问网站工具(已回复)
  • Issue #1: 支持性评论

互联网

  • 搜索引擎可发现: innora.ai/zfb + GitHub repo
  • Packet Storm #217089 已发布
  • MITRE CVE Ticket #2005801 待分配
  • NVD上无直接CVE-2026-*指向我们的漏洞(尚未分配)
  • Medium文章存在
  • cvedetails.com Alipay页面存在但无我们的CVE
  • LINUX DO / gm7.org 有讨论帖

差距识别(初步)

  • P0: CVE尚未正式分配搜索引擎无法通过CVE号找到
  • P0: Packet Storm advisory URL搜索排名不高
  • P1: 博客缺少结构化数据(Schema.org)增强SEO
  • P1: iOS攻击面文档不够清晰(复现失败反馈)
  • P1: 社区质疑未在博客中充分反映最新讨论(Issue #6新观点)
  • P2: 博客缺少独立复现指南section
  • P2: 缺少视频PoC演示
Reference in New Issue View Git Blame Copy Permalink