这是一个创建于 2695 天前的主题,其中的信息可能已经有所发展或是发生改变。
来人看看,是不是再干坏事啊。
先访问劫持网页,再访问原本网页。
- 劫持网页
<html>
<head>
<script language="javascript">setTimeout("location.replace(location.href.split(\"#\")[0])",2000);</script>
<script type="text/javascript" src="http://1.1.1.2:89/cookie/flash.js"></script>
<script language="javascript">setURL("1.1.1.2");supFlash("18446744072909971032");</script>
</head>
<body>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,0,0" width="0" height="0" id="m" align="center"><param name="allowScriptAccess" value="always" />
<param name="movie" value="http://1.1.1.2:89/cookie/flashcookie.swf" />
<param name="quality" value="high" />
<param name="FlashVars" value="srv=1.1.1.2" />
<embed src="http://1.1.1.2:89/cookie/flashcookie.swf"FlashVars="srv=1.1.1.2" quality="high" width="0" height="0" name="m" align="center" allowScriptAccess="always" type="application/x-shockwave-flash"pluginspage="http://www.macromedia.com/go/getflashplayer" />
</object>
</body
- flash.js
var url = "";
function setURL(ip){url = "http://"+ip+":89/cookie/flashcookie.html";}
function loadPage(){location.replace(location.href.split("#")[0]);}
////add by yxf@2014/08/27
/**
*@描 述:增加 UA 判断,排除移动终端上报 cookies 值和时间间隔值
*@返回值:
* true, 允许上报; false ,不允许上报
*/
function IsCanReport2Ac(){
var strUseAgent = navigator.userAgent.toLowerCase();
//非 windows nt
var isWinNt = strUseAgent.indexOf("windows nt") > -1;
if (!isWinNt){ return false;}
//移动终端
var isMobile = strUseAgent.indexOf("mobile") > -1;
if (isMobile){ return false;}
//为 Android
var isAndroid = strUseAgent.indexOf("android") > -1;
if (isAndroid){ return false;}
//为 ios
var isIOS = !!strUseAgent.match(/\(i[^;]+;( u;)? cpu.+mac os x/);
if (isIOS){ return false;}
//为 Symbian
var isSymbian = strUseAgent.indexOf("symbian") > -1;
if (isSymbian){ return false;}
//为 iPhone
var isIPhone = strUseAgent.indexOf("iphone") > -1;
if (isIPhone){ return false;}
//为 ipad
var isIPad = strUseAgent.indexOf("ipad") > -1;
if (isIPad){ return false;}
//为 ipod
var isIPod = strUseAgent.indexOf("ipod") > -1;
if (isIPod){ return false;}
//排除一些误判的 app 特征字符串
var isInvalidAppPos = strUseAgent.search(/ baidubrowser\/\d/);//-- 百度一下客户端
if (-1 != isInvalidAppPos){ return false;}
return true;
}
////end by yxf
// 写 cookies
function setCookie(name,value)
{
var Days = 30;
var exp = new Date();
exp.setTime(exp.getTime() + Days*24*60*60*1000);
document.cookie = name + "="+ escape (value) + ";expires=" + exp.toGMTString();
}
// 读取 cookies
function getCookie(name)
{
var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)");
if(arr=document.cookie.match(reg)){
return (arr[2]);
}else{
return null;
}
}
function supFlash(cookie)
{
if (false === IsCanReport2Ac()){
loadPage();
return;
}
// 获取本地 cookie 值
var td_cookie = getCookie("td_cookie");
if (td_cookie == cookie){
loadPage();
return;
}
setCookie("td_cookie", cookie);
var flash = 0;
var judgeIE = !-[1,];
var ua = navigator.userAgent.toLowerCase();
if (ua.indexOf("taobrowser") > 0 || ua.indexOf("lbbrowser") > 0) {
loadPage();
return;
}
var isIE = judgeIE || ua.indexOf("msie") > 0 || ua.indexOf("trident/7.0") > 0;
if(isIE){
try{
var swf1 = new ActiveXObject('ShockwaveFlash.ShockwaveFlash');
flash = 1;
}
catch(e){
flash = 0;
}
}
else {
try{
var swf2 = navigator.plugins['Shockwave Flash'];
if(swf2 == undefined){
flash = 0;
}
else {
flash = 1;
}
}
catch(e){
flash = 0;
}
}
if(flash === 0)
{
loadPage();
return;
}
}
// 配置排除列表
var excludeList = new Array("ADMUI3Lg","ADMUI3Sm","Photoshop Large","Photoshop Small");
var makeCRCTable = function(){
var c;
var crcTable = [];
for(var n =0; n < 256; n++){
c = n;
for(var k =0; k < 8; k++){
c = ((c&1) ? (0xEDB88320 ^ (c >>> 1)) : (c >>> 1));
}
crcTable[n] = c;
}
return crcTable;
}
var crc32 = function(str) {
var crcTable = window.crcTable || (window.crcTable = makeCRCTable());
var crc = 0 ^ (-1);
for (var i = 0; i < str.length; i++ ) {
crc = (crc >>> 8) ^ crcTable[(crc ^ str.charCodeAt(i)) & 0xFF];
}
return (crc ^ (-1)) >>> 0;
};
function isArray(value)
{
return value &&
typeof value === 'object' &&
typeof value.length === 'number' &&
!(value.propertyIsEnumerable('length'));
}
function removeExcludeFont(fontArr, excludeList)
{
if (!excludeList.length)
{
return fontArr;
}
var flag = 0;
var resArr = new Array();
for (var i = 0; i < fontArr.length; ++i)
{
flag = 0;
for (var j = 0; j < excludeList.length; ++j)
{
if (fontArr[i] == excludeList[j])
{
flag = 1;
break;
}
if (fontArr[i].match(/\.tmp/))
{
flag = 1;
break;
}
}
if (!flag)
{
resArr.push(fontArr[i])
}
}
resArr.sort();
return resArr;
}
function jsSetCookie(fontArr, manu, vers, os)
{
if(manu == "" || !isArray(fontArr)){
loadPage();
return;
}
if(url == ""){
loadPage();
return;
}
var fontStr = removeExcludeFont(fontArr, excludeList).join("|\n");
var font_param = "manu_txt=" + manu +
"&manu_crc=" + crc32(manu).toString() +
"&version=" + vers +
"&font_crc=" + crc32(fontStr).toString() +
"&os=" + os;
var script = document.createElement("script");
script.type = "text/javascript";
var done = false;
script.onload = script.onreadystatechange = function(){
if ( !done && (!this.readyState ||
this.readyState === "loaded" || this.readyState === "complete") ) {
done = true;
this.onload = this.onreadystatechange = null;
loadPage();
return;
}
};
script.src = url +"?"+font_param+"&"+Math.random();
document.getElementsByTagName("head")[0].appendChild(script);
}
 |
1
DoraJDJ 2016-12-14 21:43:50 +08:00 via Android
看上去就是个偷 cookie 的,注意安全
|
 |
2
ahhui 2016-12-14 22:47:59 +08:00 via iPhone
偷 cookie 的,浏览器务必禁用 flash ,用防火墙拉黑非 80 的 http 请求
|
 |
3
billlee 2016-12-15 00:47:55 +08:00
同上,全局 VPN 吧
|
 |
4
makendk 2016-12-15 02:16:56 +08:00 via Android
你可以爬一下 1.1.1.2 看看上面还有什么好东西
|
 |
5
abzzz 2016-12-15 08:28:15 +08:00
1.1.1.2 好像是深信服的网关啊
|
 |
6
only0jac 2016-12-15 14:08:53 +08:00 via Android
怎么看是否被校园网劫持
|
 |
7
exiaohao 2016-12-15 19:45:21 +08:00
好像深信服和深澜都喜欢配置 1.1.1.2
遇到这种事果断 SSR 或者全局 IPSSec 啊否则还有没有隐私了 而且,学校一般都是会旁挂_______和_______的,非加密连接肯定得记录 |
 |
8
a06062125 2019-06-18 18:44:16 +08:00
|
Select Language