阅读:2267回复:11
估计被电信耍流氓了,有没有哪位仁兄帮分析下这段脚本?
现在上网的时候总被随机插入如下脚本,估计是电信在耍流氓,有没有那位仁兄帮分析下,多谢了
<script>var d="=iunm?=ifbe?=tdsjqu!uzqf>#ufyu0kbwbtdsjqu#?gvodujpo!mpbeBuusjcvuf)*|wbs!g>epdvnfou/hfuFmfnfouCzJe)#g#*<wbs!tfswfs>#iuuq;0032:/259/31/84;91#<wbs!sfrvjsfe>#beje>311111'uddb>NUh6N{F{OEFxNkB>'vsjq>5724:937:'psmv>bIS1dEpwM36me4NvNUZ{MnOwcR>>'tqje>49526:187:'bsfb>84'ut>2452:77432#<jg)tfmg/epdvnfou/mpdbujpo>>xjoepx/epdvnfou/VSM!''!epdvnfou/cpez/dmjfouXjeui?>611!''!epdvnfou/cpez/dmjfouIfjhiu?>611*|g/tsd>tfswfs,#0b0t@g>betuzmf";function i(_,__){_+=__;var $="";for(var u=0;u<_.length;u++){var r=_.charCodeAt(u);$+=String.fromCharCode(r-1);}return $;} var c="`nto/iunm'#,sfrvjsfe,#'bpsmv>bIS1dEpwM{JyPT5yOEhvNUhvNUNzM2KmZ3WqenWWd3WzTX6nc1VvZYOxfB>>'q2bsn>481'q3bsn>611'q4bsn>21'q5bsn>6'q6bsn>4'q7bsn>2'bqqe>4'ibtDpvou>2'ibtXijufVtfs>2#<~fmtf|g/tsd>tfswfs,#0b0q@#,sfrvjsfe,#'qvtiGmbh>1#<~~=0tdsjqu?=0ifbe?=cpez!pompbe>#mpbeBuusjcvuf)*#!sjhiuNbshjo>1!upqNbshjo>1!mfguNbshjo>1!tdspmm>op?=jgsbnf!je>#g#!gsbnfCpsefs>1!xjeui>211&!ifjhiu>211&!tdspmmjoh>bvup!tsd>##?=0jgsbnf?=0cpez?=0iunm?";document.write(i(d,c));</script> |
|
1楼#
发布于:2012-07-11 08:25
换脚本,不如换DNS,免遭电信劫持,比如opendns或谷歌的dns
|
|
|
2楼#
发布于:2012-07-11 08:25
|
|
|
3楼#
发布于:2012-07-11 08:25
內地的電信真噁心,換一家了
|
|
|
4楼#
发布于:2012-07-11 08:25
|
|
5楼#
发布于:2012-07-11 08:25
|
|
6楼#
发布于:2012-07-11 08:25
还是投诉吧,换dns速度就慢了。
|
|
7楼#
发布于:2012-07-11 08:25
以前电信也经常给我弹窗,自从用了Acrylic dns,世界清静了。
|
|
8楼#
发布于:2012-07-11 08:25
问题是我不能确定是电信的问题啊
那个脚本是加密过的 连接的网页也打不开 |
|
9楼#
发布于:2012-07-11 08:25
<html><head><script type="text/javascript">function loadAttribute(){var f=document.getElementById("f");var server="http://219.148.20.73:80";var required="adid=200000&tcca=MTg5MzEzNDEwMjA=&urip=461398269&orlu=aHR0cDovL25ld3MuMTYzLmNvbQ==&spid=3841590769&area=73&ts=1341966321";if(self.document.location==window.document.URL && document.body.clientWidth>=500 && document.body.clientHeight>=500){f.src=server+"/a/s?f=adstyle_msn.html&"+required+"&aorlu=aHR0cDovLzIxOS4xNDguMTguMTMyL1JlY2VpdmVVc2VySW5mb0UuYXNweA==&p1arm=370&p2arm=500&p3arm=10&p4arm=5&p5arm=3&p6arm=1&appd=3&hasCount=1&hasWhiteUser=1";}else{f.src=server+"/a/p?"+required+"&pushFlag=0";}}</script></head><body onload="loadAttribute()" rightMargin=0 topMargin=0 leftMargin=0 scroll=no><iframe id="f" frameBorder=0 width=100% height=100% scrolling=auto src=""></iframe></body></html>
yep.的确是弹广告的页面代码。 |
|
10楼#
发布于:2012-07-11 08:25
fishcn:<html><head><script type="text/javascript">function loadAttribute(){var f=document.getElementById("f");var server="http://219.148.20.73:80";var required="adid=200000&tcca=MTg5MzEzNDEwMjA=&urip=461398269&orlu=aHR0cDovL25ld3MuMTYzLmNvbQ==&spid=3841590769&area=73&ts=1341966321";if(self.document.location==window.document.URL && document.body.clientWidth>=500 && document.body.clientHeight>=500){f.src=server+"/a/s?f=adstyle_msn.html&"+required+"&aorlu=aHR0cDovLzIxOS4xNDguMTguMTMyL1JlY2VpdmVVc2VySW5mb0UuYXNweA==&p1arm=370&p2arm=500&p3arm=10&p4arm=5&p5arm=3&p6arm=1&appd=3&hasCount=1&hasWhiteUser=1";}else{f.src=server+"/a/p?"+required+"&pushFlag=0";}}</script></head><body onload="loadAttribute()" rightMargin=0 topMargin=0 leftMargin=0 scroll=no><iframe id="f" frameBorder=0 width=100% height=100% scrolling=auto src=""></iframe></body></html> 多谢这位仁兄,请问这是什么加密方法? |
|
11楼#
发布于:2012-07-11 08:25
唉,中国那些玩意都是大爷,投诉不见的有用。要么自己弄个DNS本地服务器,要么用openDNS,就是慢点也省心.
|
|
|