恶心的移动宽带,监控用户的HTTP访问,并在中间插入广告

meta168 · 发表于 2013-1-12 23:34:25

给狗日的移动宽带做个SEO

现在插入的是盛大的广告,以后万一狗日的没钱了,直接插网页木马可怎么办哦

PS: 多谢论坛里的404提醒,果然是FRAME嵌套,一开始没看到源代码还以为啥新技术

看看移动公司插的代码:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title> </title>
<style type="text/css">
*{
margin:0;
padding:0;
}
#message{POSITION: fixed;_position:absolute; z-index:100; bottom:0;right:0;no-repeat left top;width:317px;}
#dmsg_head{float:left; display:inline; font-size:12px;color:#FFFFFF;margin-left: 26px;margin-top: 6px;}
#downmsgBar .close{float:right;width:11px;height:11px;margin-top:6px;display:block;margin-right:5px;}
#downmsgBar{height:25px;}
#dmsg_content{height:295px;overflow:hidden;}
#dmsg_content p{position:absolute;left: 13px;top: 157px;}
#dmsg_content .lb{padding:10px; font-size:16px; text-align:center;}
#dmsg_content .lb a{color:#007cc1;font-weight:bold;}
</style>
<script type="text/javascript" src="http://211.140.10.212:3438/killrb.js"></script>
<script type="text/javascript" language="javascript">
//var location=document.location;
//var location="";
var $w = window;
var $d = document;
var $l = location;
function $i(s){return $d.getElementById(s);}
function $t(s){return $d.getElementsByTagName(s);}
function $n(s){return $d.getElementsByName(s);}
var js_div = {};
js_div.client = (function(){
var t = {};
var b = navigator.userAgent.toLowerCase();
t.isOpera = (b.indexOf('opera') > -1);
t.isIE = (!t.isOpera && b.indexOf('msie') > -1);
t.isFF = (!t.isOpera &&!t.isIE&&b.indexOf('firefox') > -1);
return t;
})();
js_div.util = (function(){
var t = {};
t.addEvent = function(o,c,h){
if(js_div.client.isIE){
o.attachEvent('on'+c,h);
}else{
o.addEventListener(c,h,false);
}
return true;
};
t.delEvent = function(o,c,h){
if(js_div.client.isIE){
o.detachEvent('on'+c,h);
}else{
o.removeEventListener(c,h,false);
}
return true;
};
t.ga = function(o,s){
return o.getAttribute(s);
};
t.sa = function(o,k,v){
return o.setAttribute(k,v);
};
t.s2d = function(s){
var sa = s.split('-');
var d = new Date(sa[0],(sa[1]-1),sa[2]);
return d;
};
t.d2s = function(d,b){
var ye = d.getFullYear();
var me = (parseInt(d.getMonth())+1).toString()
var de = d.getDate();
if(me.length==1&&b)me='0'+me;
if(de.length==1&&b)de='0'+de;
return ye+me+de;
};
return t;
})();
js_div.jscload = (function(){
var t = function(){
if(!js_div.quickload){
var cs = $t('label');
for(var i=0;i<cs.length;i++){
var ct = js_div.util.ga(cs[i],'c_type');
if(ct){
var pe = js_div.dom.gNxtSib(cs[i]);
if(pe){
eval("new "+ct+"(pe)");
}
}
}
}
if(typeof jsconload == 'function'){
jsconload();
}
js_div.loaded = true;
};
return t;
})();
js_div.jscunload = (function(){
var t = function(){
if(true){
try{
if(typeof jsconload == 'function'){
jsconunload();
}
}catch(e){}
}
};
return t;
})();
js_div.init = (function(){
js_div.util.addEvent(window,'load',js_div.jscload);
js_div.util.addEvent(window,'unload',js_div.jscunload);
return true;
})();
function goURL()
{
if(navigator.userAgent.indexOf("Opera")>=0)
{
var desturl="http://www.hostloc.com/?";
}
else
{
var desturl="http://www.hostloc.com/";
}
if (desturl.slice(desturl.length-1)=="/" ) desturl=desturl.slice(0,desturl.length-1);
return "<html></head><script>document.location.replace(""+desturl+"");<\/script><\/html>";
}
var downMsg=function(msgid,contentid,config){
this.msg = $i(msgid);
this.content = $i(contentid);
this.config = config ? config : {start_delay:3000, speed: 5, movepx:2,cookie:'downMsgcookie',expiresDay:0};
this.offsetHeight;
this.emsg_objTimer;
this.ie6Add =0;
var _this = this;
this.init = function(){
/*var ifcookie=js_div.cookies.getCookie(this.config.cookie);
/*if(ifcookie == "show")
return;*/
window.setTimeout(_this.start,parseInt(_this.config.start_delay,10));
}
this.start = function(){
_this.msg.style.display="block";
_this.content.style.display="block";
_this.offsetHeight = _this.content.offsetHeight;
_this.content.style.height ="0px";
_this.emsg_objTimer = setInterval(_this.moveUpDiv,parseInt(_this.config.speed,10));
}
this.moveUpDiv = function(){
if(_this.offsetHeight> parseInt(_this.content.style.height,10)){
_this.content.style.height = parseInt(_this.content.style.height,10)+parseInt(_this.config.movepx,10)+"px";
}
else{
window.clearInterval(_this.emsg_objTimer);
//js_div.cookies.setCookie(_this.config.cookie,"show",_this.config.expiresDay);
var isMSIE = !!(/*@cc_on!@*/0);
if(isMSIE &&!(window.XMLHttpRequest))
{
_this.content.style.height = parseInt(_this.content.style.height,10) +2+"px";
_this.autoMoveIe6();
}
}
}
this.autoMoveIe6 = function(){
if(_this.ie6Add ==0){
_this.content.style.height = parseInt(_this.content.style.height,10) + 1 +"px";
_this.msg.style.bottom="-2px";
_this.ie6Add =1;
}
else{
_this.content.style.height = parseInt(_this.content.style.height,10) - 1 +"px";
_this.msg.style.bottom="-1px";
_this.ie6Add =0;
}
setTimeout(_this.autoMoveIe6,100)
}
}
function closeDiv()
{
var downmsg = document.getElementById('message');
if(downmsg)
{
downmsg.style.display='none';
message.innerHTML ="<iframe src='./click_count.php?act=closead&agent=16777215&pushsn=1357742381&aduser=nbhsa57451302'></iframe>";
}
}
function showHideDiv()
{
var ct = document.getElementById('dmsg_content');
if(ct.style.display!="none"){
ct.style.display = "none"
}else{
ct.style.display="block";
}
}
var start=new Date();
start=Date.parse(start)/1000;
var counts=999999;
function CountDown(){
var now=new Date();
now=Date.parse(now)/1000;
var x=parseInt(counts-(now-start),10);
if(x>0){
window.setTimeout('CountDown()',300)
}else{
showHideDiv()
}
}
window.setTimeout('CountDown()',300);
js_div.util.addEvent(window,"load",function(){
var downmsg = new downMsg("message","dmsg_content",{start_delay:2000, speed: 5, movepx:7,cookie:'downMsgcookie',expiresDay:1});
downmsg.init();
})
document.write("<body style="margin:0px;overflow:hidden;">");
document.write("<div><iframe id="ifrName" width="100%" height="100%" frameborder="no" scrolling="yes" scrolling="auto" src="JavaScript:parent.goURL();"></iframe></div>");
document.write("<div id="message" style="display:none">");
document.write("<div id="dmsg_content">");
document.write("<div style="margin-left:287;border:0px #ff0000 solid;position:absolute;width:30px;height:23px;cursor:pointer;" onclick="closeDiv();"><img width="30px" height="23px" src='http://211.140.10.212:3438/images/space-1.gif' border="0"></div>");
document.write("<iframe height="100%" width="100%" scrolling="no" allowTransparency="true" frameborder="no" src="http://211.140.10.212:3438/130109223724.php?julyid=Nzc0MjM4MS0xMzU4MDA0NTk1LTE2Nzc3MjE1LW5iaHNhNTc0NTEzMDI=MTM1"></iframe>");
document.write("</div>");
document.write("</div>");
</script>
</body>
</html>

复制代码

ccloving · 发表于 2013-1-12 23:35:44

你那个算啥，我这个只要一访问大网站，就自动下载腾讯PC管家。。SB宽带通赚钱没良心

sdgl212 · 发表于 2013-1-12 23:37:54

我这移动联通都这样

农民工 · 发表于 2013-1-12 23:38:28

ccloving 发表于 2013-1-12 23:35
你那个算啥，我这个只要一访问大网站，就自动下载腾讯PC管家。。SB宽带通赚钱没良心 ...

好狠心。。。

ccloving · 发表于 2013-1-12 23:40:19

农民工发表于 2013-1-12 23:38
好狠心。。。

关键投诉无门，
而且路由器里禁止那个IP都不行。之前我在论坛发的那个代理服务器地址http://www.hostloc.com/thread-174198-1-1.html，就是他们广告下载机器，还是个nginx代理服务器。。

农民工 · 发表于 2013-1-12 23:40:59

ccloving 发表于 2013-1-12 23:40
关键投诉无门，路由器里禁止那个IP都不行。之前我在论坛发的那个代理服务器地址，就是他们广告下载机器， ...

找qzjdd他们去啊

ccloving · 发表于 2013-1-12 23:41:54

农民工发表于 2013-1-12 23:40
找qzjdd他们去啊

124.207.162.189
谁干D啊，谁D抓谁。。

meta168 · 发表于 2013-1-12 23:44:15

看了上面的回复偶顿时心理平衡了，原来是行业潜规则来的。。。

jianggau · 发表于 2013-1-12 23:46:20

提示: 作者被禁止或删除内容自动屏蔽

农民工 · 发表于 2013-1-12 23:48:02

ccloving 发表于 2013-1-12 23:41
124.207.162.189
谁干D啊，谁D抓谁。。

Beijing Zhongbangyatong Telecom Technology Co,Ltd

		自动登录	找回密码
密码			注册

jianggau jianggau 当前离线积分 1484	发表于 2013-1-12 23:46:20 \| 显示全部楼层提示: 作者被禁止或删除内容自动屏蔽
jianggau jianggau 当前离线积分 1484
	回复支持反对举报

[疑问] 恶心的移动宽带,监控用户的HTTP访问,并在中间插入广告

评分

相关帖子

评分

评分